IETF Logo Mail Archive

Re: [BEHAVE] proprietary implementation v.s standardisedprotocols//re: draft-xu-behave-nat-state-sync-00

Simon Perreault <simon.perreault@viagenie.ca> Sat, 05 December 2009 11:50 UTC

Return-Path: <simon.perreault@viagenie.ca>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 07C4C3A6855 for <behave@core3.amsl.com>; Sat, 5 Dec 2009 03:50:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.506
X-Spam-Level:
X-Spam-Status: No, score=-2.506 tagged_above=-999 required=5 tests=[AWL=0.093, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0pia+MTHJIbv for <behave@core3.amsl.com>; Sat, 5 Dec 2009 03:50:46 -0800 (PST)
Received: from jazz.viagenie.ca (jazz.viagenie.ca [IPv6:2620:0:230:8000::2]) by core3.amsl.com (Postfix) with ESMTP id F2D3C3A659C for <behave@ietf.org>; Sat, 5 Dec 2009 03:50:45 -0800 (PST)
Received: from balaise.nomis80.org (modemcable245.152-21-96.mc.videotron.ca [96.21.152.245]) by jazz.viagenie.ca (Postfix) with ESMTPSA id 94C7921106; Sat, 5 Dec 2009 06:50:36 -0500 (EST)
Message-ID: <4B1A490C.7090104@viagenie.ca>
Date: Sat, 05 Dec 2009 06:50:36 -0500
From: Simon Perreault <simon.perreault@viagenie.ca>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.4pre) Gecko/20090922 Fedora/3.0-3.9.b4.fc12 Thunderbird/3.0b4
MIME-Version: 1.0
To: Reinaldo Penno <rpenno@juniper.net>
References: <C73F5975.B918%rpenno@juniper.net>
In-Reply-To: <C73F5975.B918%rpenno@juniper.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Cameron Byrne <cb.list6@gmail.com>, "behave@ietf.org" <behave@ietf.org>, 'Xu Xiaohu' <xuxh@huawei.com>, Dan Wing <dwing@cisco.com>
Subject: Re: [BEHAVE] proprietary implementation v.s standardisedprotocols//re: draft-xu-behave-nat-state-sync-00
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Dec 2009 11:50:47 -0000

On 12/05/2009 03:27 AM, Reinaldo Penno wrote:
> If a certain mapping on NAT64-A does not send ICMPv4 packets back
> for unsolicited sessions and another mapping does, this behavior must remain
> the same on the fail-over box.

This is arguable. IMHO, this behaviour could be different without 
negative impact in many situations.

But the point is that the state sync protocol is completely unconcerned 
with this.

> NAT state is the mapping state + ICMP behavior (discussed above) + filtering
> behavior + timer settings (discussed below for ICMP) + log behavior
> (yes/no/format) + others not discussed. Each of these can be different for
> different NAT entries.

We have different definitions of state it seems.

ICMP behaviour, filtering behaviour, timer settings, log behaviour, and 
others do not vary over time. (Or we could impose the constraint that 
the state sync connection be renegotiated when they do vary.)

The state sync protocol is only concerned with stuff that varies over 
time, i.e. bindings and sessions. That's it.

> Some people made the opposite case and it brings to some of the basics. NAT
> operational complexity is high and therefore brings special requirements to
> the table. Based on your statement it seems you think there are similar
> cases.

"NAT operational complexity is high" is a blanket statement. For 
example, nowadays most everyone has a NAT at home without even knowing it.

> Can you give an example that has the same characteristics as hot-standby for
> NATs based on the few things that were discussed? If there are we should
> look into how hot-standy across different devices&  vendors was achieved in
> that case.

I don't know. But are you saying we shouldn't do something because 
nobody has done it before?

Simon
-- 
DNS64 open-source   --> http://ecdysis.viagenie.ca
STUN/TURN server    --> http://numb.viagenie.ca
vCard 4.0           --> http://www.vcarddav.org

v2.8.7 | Report a Bug | By Email