Re: [bmwg] WG Adoption Call: Stateful NATxy Gateways using RFC 4814
Gabor LENCSE <lencse@hit.bme.hu> Fri, 22 July 2022 09:18 UTC
Return-Path: <lencse@hit.bme.hu>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4D48C13193C for <bmwg@ietfa.amsl.com>; Fri, 22 Jul 2022 02:18:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O3VhxPUeffGp for <bmwg@ietfa.amsl.com>; Fri, 22 Jul 2022 02:18:22 -0700 (PDT)
Received: from frogstar.hit.bme.hu (frogstar.hit.bme.hu [IPv6:2001:738:2001:4020::2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46DF1C159481 for <bmwg@ietf.org>; Fri, 22 Jul 2022 02:18:21 -0700 (PDT)
Received: from [192.168.0.192] (host-88-132-252-9.hirsat.hu [88.132.252.9]) (authenticated bits=0) by frogstar.hit.bme.hu (8.15.2/8.15.2) with ESMTPSA id 26M9I3ES049075 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <bmwg@ietf.org>; Fri, 22 Jul 2022 11:18:08 +0200 (CEST) (envelope-from lencse@hit.bme.hu)
X-Authentication-Warning: frogstar.hit.bme.hu: Host host-88-132-252-9.hirsat.hu [88.132.252.9] claimed to be [192.168.0.192]
Content-Type: multipart/alternative; boundary="------------6LL8r8VP1DaRt8JBvKN3JpKx"
Message-ID: <60254ec1-3824-e184-992c-db3c62ea83d6@hit.bme.hu>
Date: Fri, 22 Jul 2022 11:17:58 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0
Content-Language: en-US
To: "bmwg@ietf.org" <bmwg@ietf.org>
References: <CH0PR02MB798001E3E9D0D9977474DFF3D3CF9@CH0PR02MB7980.namprd02.prod.outlook.com> <147F6665B1980A4496AE5D06F45C002A025698F66C@hold.ahol.co.hu> <cc1ddc52-6e3b-585a-711c-1f7c7aef05f5@hit.bme.hu> <CH0PR02MB7980AD83F6EC030548630D8AD38E9@CH0PR02MB7980.namprd02.prod.outlook.com>
From: Gabor LENCSE <lencse@hit.bme.hu>
In-Reply-To: <CH0PR02MB7980AD83F6EC030548630D8AD38E9@CH0PR02MB7980.namprd02.prod.outlook.com>
X-Virus-Scanned: clamav-milter 0.103.2 at frogstar.hit.bme.hu
X-Virus-Status: Clean
Received-SPF: pass (frogstar.hit.bme.hu: authenticated connection) receiver=frogstar.hit.bme.hu; client-ip=88.132.252.9; helo=[192.168.0.192]; envelope-from=lencse@hit.bme.hu; x-software=spfmilter 2.001 http://www.acme.com/software/spfmilter/ with libspf2-1.2.10;
X-DCC--Metrics: frogstar.hit.bme.hu; whitelist
X-Scanned-By: MIMEDefang 2.79 on 152.66.248.44
Archived-At: <https://mailarchive.ietf.org/arch/msg/bmwg/FNRcvFpVIoxe4mSE1RFPLmqW1j4>
Subject: Re: [bmwg] WG Adoption Call: Stateful NATxy Gateways using RFC 4814
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bmwg/>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jul 2022 09:18:26 -0000
Dear Al, Thank you very much for review and comments. Please see my answers inline. On 7/21/2022 1:50 AM, MORTON JR., AL wrote: [...] > > The current procedure intends to validate the connection table > capacity at the maximum establishment rate, R.That’s a good thing to > do.I think the procedure needs a section where you configure the idle > connection time-out to be sufficiently long that all the previously > established connections are still in the table. > Yes. We addressed the question of timeout in Section 4.4 https://datatracker.ietf.org/doc/html/draft-lencse-bmwg-benchmarking-stateful#section-4.4 As here the validation is performed in the real test phase, the relevant part if Section 4.4 is as follows: The second extreme situation can be achieved by * enumerating all the possible source port number destination port number combinations in the preliminary phase and * setting the UDP timeout of the NATxy gateway to a value higher than the length of the preliminary phase plus the gap between the two phases plus the length of the real test phase. Is it enough if we add a sentence to the "Notes" of Section 4.6 that refers to Section 4.4 regarding the timeout? I recommend this one: * Please refer toSection 4.4 <https://datatracker.ietf.org/doc/html/draft-lencse-bmwg-benchmarking-stateful#section-4.4> regarding the setting of the proper timeout value in the case of the "second extreme situation". It would go just before the one you cite below. > We need access to the idle time-out in the DUT, to be sure timers are > not expiring during a test when you are sending validation frames a > rate less than R, r=R*alpha (where alpha < 1). Or at least we need to > know the time-out value. We might have to test for it. > > *The order of four tuple selection is arbitrary provided that all > > four tuples MUST be used. > > This stipulation of arbitrary order means that the earliest connection > **might be tested last** in the validation phase. The connection > time-out duration MUST take this into account. > Yes, it is true. The above condition guarantees the high enough timeout for the worst case, if a connection is established at the very beginning of the preliminary phase and it is validated at the very end of the real test phase. As for your further comments, I will need to think about them a little bit more as some of them seem to be quite tricky. :-) I try to answer at least some of them before our meeting on Tuesday. Best regards, Gábor
- [bmwg] WG Adoption Call: Stateful NATxy Gateways … MORTON JR., AL
- Re: [bmwg] WG Adoption Call: Stateful NATxy Gatew… Sandor R. Repas Dr.
- Re: [bmwg] WG Adoption Call: Stateful NATxy Gatew… Gábor LENCSE
- Re: [bmwg] WG Adoption Call: Stateful NATxy Gatew… MORTON JR., AL
- Re: [bmwg] WG Adoption Call: Stateful NATxy Gatew… Vasilenko Eduard
- [bmwg] the potential falsifying effect of storing… Gabor LENCSE
- Re: [bmwg] WG Adoption Call: Stateful NATxy Gatew… Gabor LENCSE
- Re: [bmwg] WG Adoption Call: Stateful NATxy Gatew… Gabor LENCSE
- Re: [bmwg] WG Adoption Call: Stateful NATxy Gatew… Vasilenko Eduard