IETF Logo Mail Archive

Re: [BEHAVE] A New Draft on FTP64

liu dapeng <maxpassion@gmail.com> Wed, 26 August 2009 19:02 UTC

Return-Path: <maxpassion@gmail.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 11DA928C527 for <behave@core3.amsl.com>; Wed, 26 Aug 2009 12:02:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.279
X-Spam-Level:
X-Spam-Status: No, score=-0.279 tagged_above=-999 required=5 tests=[AWL=-1.464, BAYES_00=-2.599, FRT_BELOW2=2.154, SARE_PROLOSTOCK_SYM3=1.63]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pTkJ7GxIOrLw for <behave@core3.amsl.com>; Wed, 26 Aug 2009 12:02:43 -0700 (PDT)
Received: from mail-vw0-f177.google.com (mail-vw0-f177.google.com [209.85.212.177]) by core3.amsl.com (Postfix) with ESMTP id 7231C3A6D93 for <behave@ietf.org>; Wed, 26 Aug 2009 12:02:29 -0700 (PDT)
Received: by vws7 with SMTP id 7so322552vws.29 for <behave@ietf.org>; Wed, 26 Aug 2009 12:02:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=XDyMl/HBMTbIRfXNWHEYAr9o88vGB8ytzSvwqPhaq3I=; b=x6MqXv7Hg61aGtxpvHrHhiOz9K17LAe7zRdM/zLM0ZBKQ0KB78xPr1jtO8h51aCqrE Kc89VZIyaHRTwsVVvhe5VLq+3LF0clNwLwmWN0vyjtcSUZ9EVaLTxBIlrDeORZZhhYqb j+Ap6rs4APoPE65kzbjLv3HWDM68mPbm82p1A=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=cz4LOo/oJB4zkyR7lX3M1IQL3765Uog7T5nDofmz9XH9OrnF+DOefxFjhllgYEq50D 8YTNqU2A8qTTpGFlaLFdodHkideXifHptUh+txxp1RyyNM6tZnVTL9ga0JgLu2R73a60 PbwgDn5WnsFTS46dShNWTIsA+lSzKU6BE9xaw=
MIME-Version: 1.0
Received: by 10.220.89.205 with SMTP id f13mr11101238vcm.23.1251313353012; Wed, 26 Aug 2009 12:02:33 -0700 (PDT)
In-Reply-To: <59B59B7F-D8E3-4414-8FB3-4EFE8F8D30B8@muada.com>
References: <25e1aaa40908200659y629eb05eg5c2f269f11f07f57@mail.gmail.com> <25e1aaa40908241040kbf5cb50k904262a307f526f1@mail.gmail.com> <59B59B7F-D8E3-4414-8FB3-4EFE8F8D30B8@muada.com>
Date: Thu, 27 Aug 2009 03:02:31 +0800
Message-ID: <25e1aaa40908261202m371f6bf7hc912efd86c50d775@mail.gmail.com>
From: liu dapeng <maxpassion@gmail.com>
To: Iljitsch van Beijnum <iljitsch@muada.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: behave@ietf.org
Subject: Re: [BEHAVE] A New Draft on FTP64
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Aug 2009 19:02:44 -0000

2009/8/25, Iljitsch van Beijnum <iljitsch@muada.com>:
> On 24 aug 2009, at 19:40, liu dapeng wrote:
>
>> We upgrade the ftp64 draft, add some text considering the legacy FTP
>> implementation and other clarification as well. Any comments are
>> welcomed.
>
> Can you please send the new text to the list?

we upgrade setion 3 and 5, bellow is the text.

3. Client considerations

   It is required that all IPv6 FTP clients MUST support both EPSV and
   PASV command.

   When the client tries to connect to a server using IPv6 connection,
   it should use EPSV command first. If the server response that it does
   not support this command or encounters an error, it MUST retry with
   PASV command. The server will respond to PASV command with an message
   that contains an IPv4 address and port number that used for the
   client to connect to. The client MUST ignores the IPv4 address
   provided in the response; it should use the control connection's IP
   address to connect to the server to establish the data connection.

   This approach could not only simply the FTP client software's
   implementation but also can avoid the problems caused by using the
   IPv4 address that included in the response message. For example, if
   the FTP client has a private IPv4 connection and a public IPv6
   connection, if it tries to use the IPv4 connection to establish data
   connection with the server, it will never success.


5. FTP ALG considerations

5.1. FTP ALG limitations

   Implementing FTP ALG in the translation box may have some limitations,
   such as:

   1) FTP ALG may case to increase the complexity of translation box,
      since FTP ALG needs to understand FTP protocol and translate the
      application layer payload and update the header of FTP control
      packets.


Dapeng Liu            Expires February 27, 2010               [Page 4]

Internet-Draft  IPv6 IPv4 translation FTP considerations August 2009


   2) For most of current Network Processor based translation box, ALG
      processing may cause its performance decreased significantly. The
      reason is that FTP ALG processing can not take the advantage of
      Network Processor, which is designed and optimized for processing
      regular packets (such as header translation).

   3) From the evolution perspective, if the network continues to
      provide support of FTP ALG all the time, the users will have no
      motivation to upgrade their FTP client software. If things evolve
      toward this direction, the ALG function of the translation box
      will become more and more complex. In reality, upgrading FTP
      client software is a more easy way to solve the ALG issue
      compared with requiring that all the translation box to implement
      FTP ALG.

5.2. Solution to avoid FTP ALG

   This document suggests that the translation box which situated
   between the IPv6 network and IPv4 network should not implement FTP
   ALG. It is depend on the client and server that comply with this
   specification to avoid the FTP ALG issue.

   The reason that this document does not encourage translation box to
   implement FTP ALG is that since the FTP ALG problem can be totally
   avoid by defining the behavior of the client and server, it is not
   necessary to implement it at all. This approach can reduce the
   translation box's complexity. Also, the FTP client and server's
   communication without ALG will significantly improve its performance.

   For the legacy IPv6 FTP client, this document suggests that the
   legacy client should behave like RFC1579 recommendation which is that
   "vendors convert their FTP clients programs to use PASV instead of
   PORT". For IPv6 FTP client, this recommendation should be "the users
   or vendors should convert their FTP clients programs to use EPSV
   instead of EPRT". This can be done by configuration and do not
   require upgrading of the client software for most of current IPv6 FTP
   client. This solution may require that the FTP server should support
   EPSV command.


> A client that implements the client requirements and client
> recommendations listed in draft-van-beijnum-behave-ftp64-05 will be
> able to successfully interoperate with any server that implements EPSV
> or PASV through a stateful or stateless translator.

The solution in draft-van-beijnum-behave-ftp64-05 suggests that
"However, the server will respond to the PASV command with an IPv4
address that the client must use to connect to for the data
connection.  If the client has IPv4 reachability, it SHOULD set up a
data connection towards the IPv4 address." this may can not work in
some cases, as   draft-liu-behave-ftp64-02 mentioned:'" For example,
if the FTP client has a private IPv4 connection and a public IPv6
connection, if it tries to use the IPv4 connection to establish data
connection with the server, it will never success."


Since updating an
> FTP client is about the easiest possible upgrade that we could
> possibly require (an FTP client doesn't need special privileges and
> can run as a java applet in a browser) this provides a workable
> solution for most users.

aggree, this is what draft-liu-behave-ftp64-02 suggested.

> However, there is additional benefit in making FTP through a
> translator work for users with existing implementations, which can be
> accomplished by either server upgrades or an ALG.

Do not you think that server upgrading may be more reasonable from the
evolution perspective? if the network contitue to provide ALG all the
time, the server will never has motivation to upgrade, this will cause
the ALGs in the translation box become more and more complex, since
the translator will try to maintain ALGs for all the legacy
implementations; and the legacy implementation never think about
upgrading because they never aware the needs to upgrade. this approach
may be convenient for a little part of the users but is harmful for
the evolution of the network.

> Since at least one vendor has expressed interest in implementing such
> an ALG, having standard ALG functionality is better than undefined ALG
> functionality and we have the text now anyway, in my opinion it
> doesn't make sense to remove the ALG text, although I'm willing to
> make it (even) more clear that such an ALG is optional.

In my personal opioion, If the we do not recommend to implement FTP
ALG, maybe we should not include any text to describe how to implement
it for not misleading the reader. but maybe the text of ALG could be
adjusted as an appendix, then there will be no contradiction.
>

v2.23.0 | Report a Bug | By Email