RE: [dhcwg] DHCP Option for CableLabs Client Configuration
"Woundy, Richard" <RWoundy@broadband.att.com> Mon, 05 August 2002 05:38 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA22856 for <dhcwg-archive@odin.ietf.org>; Mon, 5 Aug 2002 01:38:02 -0400 (EDT)
Received: (from daemon@localhost) by optimus.ietf.org (8.9.1a/8.9.1) id BAA09939 for dhcwg-archive@odin.ietf.org; Mon, 5 Aug 2002 01:39:14 -0400 (EDT)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id BAA09897; Mon, 5 Aug 2002 01:37:10 -0400 (EDT)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id BAA09873 for <dhcwg@optimus.ietf.org>; Mon, 5 Aug 2002 01:37:08 -0400 (EDT)
Received: from snowmass.tci.com (coral.tci.com [198.178.8.81]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA22805 for <dhcwg@ietf.org>; Mon, 5 Aug 2002 01:35:55 -0400 (EDT)
Received: from mms01-relaya.tci.com (mms01-relaya.broadband.att.com [147.191.90.228]) by snowmass.tci.com (8.12.2/8.12.2) with ESMTP id g755axx5025733; Sun, 4 Aug 2002 23:36:59 -0600 (MDT)
Received: from 147.191.89.203 by mms01-relayb.tci.com with ESMTP ( Tumbleweed MMS SMTP Relay (MMS v5.0)); Sun, 04 Aug 2002 23:36:21 -0600
X-Server-Uuid: 4520D425-5A30-451F-8662-E5DDF307F3B1
Received: by entexchimc01.tci.com with Internet Mail Service ( 5.5.2653.19) id <PQ3N5JX8>; Sun, 4 Aug 2002 23:37:19 -0600
Message-ID: <6732623D2548D61193C90002A5C88DCC6666B7@entmaexch02.broadband.att.com>
From: "Woundy, Richard" <RWoundy@broadband.att.com>
To: 'Erik Nordmark' <Erik.Nordmark@Sun.COM>, Josh Littlefield <joshl@cisco.com>
cc: Paul Duffy <paduffy@cisco.com>, Thomas Narten <narten@us.ibm.com>, "Bernie Volz (EUD)" <Bernie.Volz@am1.ericsson.se>, 'Ralph Droms' <rdroms@cisco.com>, dhcwg@ietf.org, nrussell@cisco.com, pgrossma@cisco.com, Matt Osman <M.Osman@cablelabs.com>
Subject: RE: [dhcwg] DHCP Option for CableLabs Client Configuration
Date: Sun, 04 Aug 2002 23:36:51 -0600
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
X-WSS-ID: 1150D15F107579-01-01
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: <dhcwg.ietf.org>
X-BeenThere: dhcwg@ietf.org
Content-Transfer-Encoding: 7bit
Erik, A PacketCable MTA is an interesting Internet host, not quite the same as the computer on which I am composing this email. The MTA provides one or more RJ-11 jacks for standard phone sets to be plugged into. The MTA is (at least in this respect) functional from a subscriber point of view, if the attached phone set(s) can be used to call phone numbers anywhere in the world, typically to contact phone sets connected the global Public Switched Telephone Network (PSTN). In any Voice over IP architecture (including PacketCable), there is an assumption that not every telephony endpoint is reachable over the Internet. That means that the architecture must accommodate the case in which a VoIP endpoint needs to transmit IP datagrams to intermediate systems in order to signal/communicate with a legacy telephony endpoint in the PSTN. The primary intermediate systems in the PacketCable architecture are the "Call Management Server" (for signaling) and the "Media Gateway" (for bearer traffic). The PacketCable 1.0 specifications permit an MTA to communicate with another MTA within the same administrative domain. The specifications do not forbid MTA communication with an MTA in a different domain, but they do not specify the necessary technical infrastructure (e.g. maintaining QoS on a stream of voice traffic between the two backbone networks). The 1.2 specifications provide some of the infrastructure needed for an MTA to talk to another MTA in a different administrative domain, e.g. signaling between call management servers, and enabling interdomain QoS. But at this time, and for the next several years, most cable operators are just starting to deploy telephony services using IP over cable (e.g. DOCSIS), in place of dedicated copper circuits (such as from the local exchange carrier) or other technologies (proprietary circuit switched telephony over cable). That implies that most MTA signaling/communication will be mediated through call management servers and media gateways -- this is a consequence of what operators (and vendors) are ready to deploy today, rather than a limitation of the PacketCable architecture itself. If MTAs communicate at the IP layer only with other systems (MTAs, call management servers, media gateways, etc.) within the same domain, then it makes sense to consider using RFC 1918 private addresses for MTA rather than public addresses. Using private addresses for MTAs is significant in the case of AT&T Broadband, since this cable operator already has 1,200,000 telephony subscribers (over broadband cable) today. Note that CableLabs, in fact, would like cable operators to assign public addresses to MTAs for interdomain communications... but I'm not sure that ARIN would approve of that choice given our current generation of products, our (lack of) interdomain qos expertise, and the large consumption of public addresses that such a decision would entail. I suppose you might consider what I have described as a "walled garden" for MTAs. My first reaction is that the end-goal for the PacketCable architecture is a voice-over-Internet service, not merely a walled garden service. My second reaction is this -- why does the IETF care about whether a particular service deployment is a walled garden or not? Do the IETF standards only support certain business models, and not others? Do the IETF standards FORBID walled gardens? I thought the IETF was a technical standards organization, not a business policy standards body. If you agree that it is reasonable, at least for the next few years, to use private IP addresses for PacketCable MTAs, then the following paragraph from the summary of RFC 2826 applies: This does not preclude private networks from operating their own private name spaces, but if they wish to make use of names uniquely defined for the global Internet, they have to fetch that information from the global DNS naming hierarchy, and in particular from the coordinated root servers of the global DNS naming hierarchy. Further guidance is provided by RFC 1918 section 3: Moving a host from private to public or vice versa involves a change of IP address, changes to the appropriate DNS entries, and changes to configuration files on other hosts that reference the host by IP address. ... Indirect references to such addresses should be contained within the enterprise. Prominent examples of such references are DNS Resource Records and other information referring to internal private addresses. In particular, Internet service providers should take measures to prevent such leakage. It would seem rational that, should it makes sense to assign RFC 1918 private IP addresses to MTAs, and since MTAs require DNS fully qualified host names as VoIP endpoints in PacketCable (and in SGCP/MGCP, and in SIP), then RFC 1918 seems to endorse the operation of a parallel DNS infrastructure for the MTAs and VoIP components. And one way to run a parallel DNS infrastructure is to use different DNS port numbers for the VoIP service. This is particularly true for smaller operators, with more limited capital budgets and smaller VoIP subscriber bases. By the way, I agree with your point on "security through obscurity". Using different port numbers to "protect DNS" would not be a very compelling argument for me, either. -- Rich P.S. It wasn't originally my idea to put DNS port number configuration into the CableLabs Client Configuration option, by the way. For a substantial period of time, I thought it was a "hack". I have only been recently convinced that there were significant operational advantages to this configuration parameter. -----Original Message----- From: Erik Nordmark [mailto:Erik.Nordmark@Sun.COM] Sent: Friday, August 02, 2002 7:51 PM To: Josh Littlefield Cc: Erik Nordmark; Paul Duffy; Thomas Narten; Bernie Volz (EUD); 'Ralph Droms'; dhcwg@ietf.org; nrussell@cisco.com; pgrossma@cisco.com; Matt Osman Subject: Re: [dhcwg] DHCP Option for CableLabs Client Configuration > Couldn't this also be a reasonable operational feature? The use of DNS in > PacketCable (as specified by these sub-options) is quite restricted. Using > non-standard ports may, for example, allow deployment of a specific DNS > server for PacketCable on the same device as a general nameserver. Or it > might just allow extra confidence that the queried server is, in fact, not a > general purpose Internet DNS server, but a PacketCable specific one. How does this relate to RFC 2826 IAB Technical Comment on the Unique DNS Root. I could be wrong bit it seems like folks might be trying to build w alled gardens using this "dns on a different port number" as a tool. I think we in the IETF should focus on designing the right protocols for the Internet and not encourage walled gardens. So why should we add additional complexity for this DNS port number thing? I haven't seen an argument that is convincing to me. (And FWIW, the "security through obscurity" argument about using non-standard port numbers is actually a reason to not allow a mechanism for alternate port numbers; we need to get folks to think about real security.) > If CableLabs participants (including operators) have felt the desire to > deploy these DNS servers on non-standard ports, why shouldn't they be able > to do that? Why shouldn't the DHCP configuration info which is specific to > PakcetCable (or similar CableLabs standards) support that? I thought we were talking about an Internet standard, and not a CableLabs standard. Erik _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] DHCP Option for CableLabs Client Configur… Ralph Droms
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Bernie Volz (EUD)
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Thomas Narten
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Bernie Volz (EUD)
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Thomas Narten
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Bernie Volz (EUD)
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Thomas Narten
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Erik Nordmark
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Erik Nordmark
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Josh Littlefield
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Cosmo, Patrick
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Cosmo, Patrick
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Cosmo, Patrick
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Ralph Droms
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Ralph Droms
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Woundy, Richard
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Erik Nordmark
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Erik Nordmark
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Woundy, Richard
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Ralph Droms
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Paul Duffy
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Sumanth Channabasappa
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Erik Nordmark
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Erik Nordmark
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Erik Nordmark
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Woundy, Richard
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Erik Nordmark
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Woundy, Richard
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Cosmo, Patrick
- Re: [dhcwg] DHCP Option for CableLabs Client Conf… Ted Lemon
- RE: [dhcwg] DHCP Option for CableLabs Client Conf… Ryan Scripps
- Re: [dhcwg] draft-ietf-dhc-packetcable-03.txt Thomas Narten
- Re: [dhcwg] draft-ietf-dhc-packetcable-04.txt Thomas Narten
- Re: [dhcwg] draft-ietf-dhc-packetcable-04.txt Thomas Narten
- Re: [dhcwg] draft-ietf-dhc-packetcable-04.txt Thomas Narten
- Re: [dhcwg] draft-ietf-dhc-packetcable-04.txt Thomas Narten
- Re: [dhcwg] draft-ietf-dhc-packetcable-05.txt Thomas Narten
- Re: [dhcwg] draft-ietf-dhc-packetcable-05.txt Thomas Narten