IETF Logo Mail Archive

Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP

Ralph Loader <suckfish@ihug.co.nz> Mon, 24 September 2012 19:31 UTC

Return-Path: <suckfish@ihug.co.nz>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37CEA21F88B9 for <dime@ietfa.amsl.com>; Mon, 24 Sep 2012 12:31:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.605
X-Spam-Level:
X-Spam-Status: No, score=-1.605 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 05wd3f8MGyIy for <dime@ietfa.amsl.com>; Mon, 24 Sep 2012 12:31:53 -0700 (PDT)
Received: from mailfilter2.ihug.co.nz (mailfilter2.ihug.co.nz [203.109.136.2]) by ietfa.amsl.com (Postfix) with ESMTP id 75B8F21F88B8 for <dime@ietf.org>; Mon, 24 Sep 2012 12:31:52 -0700 (PDT)
X-Cloudmark-SP-Filtered: true
X-Cloudmark-SP-Result: v=1.1 cv=nmCe0FMyaKF/ge3QFJPfD13wzr301mOl5zN2rlwg0Sc= c=1 sm=2 a=MJAIyVhDqfoA:10 a=kj9zAlcOel0A:10 a=48vgC7mUAAAA:8 a=ZXppjb4CpoOqQLmYSaEA:9 a=CjuIK1q_8ugA:10 a=lZB815dzVvQA:10 a=c95RI8W7jIfAQZnE:21 a=CActkR_2ZhLkD3bi:21
X-IronPort-AV: E=Sophos;i="4.80,477,1344168000"; d="scan'208";a="11307652"
Received: from 203-173-201-7.nzwide.ihug.co.nz (HELO i.geek.nz) ([203.173.201.7]) by cust.filter2.content.vf.net.nz with SMTP; 25 Sep 2012 07:31:51 +1200
Date: Tue, 25 Sep 2012 07:31:50 +1200
From: Ralph Loader <suckfish@ihug.co.nz>
To: Glen Zorn <glenzorn@gmail.com>
Message-Id: <20120925073150.46e47860ae2f9db88035def0@ihug.co.nz>
In-Reply-To: <505C0F10.3020106@gmail.com>
References: <5F42DFF905CBA544A7BBB0909003E1A3148F14F7C6@FRMRSSXCHMBSC1.dc-m.alcatel-lucent.com> <50570410.9000708@gmail.com> <5F42DFF905CBA544A7BBB0909003E1A3148F14F987@FRMRSSXCHMBSC1.dc-m.alcatel-lucent.com> <E4A11012-4F89-455F-AC98-57F188456D91@gmail.com> <50585DBF.20502@gmail.com> <593C8CD1-DAAC-4E39-BE6F-0FA754C706B1@gmail.com> <8BAB668F-5B65-4FBE-B49B-833EAFE47D49@nostrum.com> <99463A4A-9840-43B2-B29F-D942FD7AB757@gmail.com> <B5943A55-6A2A-4977-A06C-B9DA9FDABF1E@nostrum.com> <505C0F10.3020106@gmail.com>
X-Mailer: Sylpheed 3.2.0beta9 (GTK+ 2.24.11; x86_64-redhat-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Cc: "dime@ietf.org" <dime@ietf.org>
Subject: Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Sep 2012 19:31:54 -0000

> The draft says:
> 
>     The Host-IP-Address AVP (AVP Code 257) is of type Address and is used
>     to inform a Diameter peer of the sender's IP address.
> 
> Suppose that I send, instead of one address, three (assuming the use of 
> TCP).  Which one do you use?  What if the list doesn't contain the 
> address from which the CEr/CEA command was sent?

There are other problems with using the AVP to obtain IP addresses:

1.  The set of IP addresses assigned to a machine can change.  Unlike proper protocols for distributing IP addresses, the capabilities exchange has no mechanism for handling that.

2.  There is no guarentee that a particular IP address of a machine is accessable from a peer (address scoping, firewalling, NAT...).

I don't see any reason for Diameter to reinvent the wheel in distributing IP addresses.

Just leave the field as advisory for logging / debugging purposes (ditto all the other underspecified fields in the capabilities exchange, for that matter).

Cheers,
Ralph.


>  If my solution to 
> transport failure is to send you three addresses assuming that you'll 
> try them sequentially and you don't understand that, my scheme fails and 
> since you only have one registered address for me, this could cause a 
> much longer outage than if my network admins just did their job and 
> registered all the available addresses in the DNS.
> 
> >>
>  >
>  > I don't have a specific error in mind. My intent was to point out
>  > that while there may be interesting things you can do with
>  > Host-IP-Address (like the example you gave), anything that requires a
>  > mutual understanding between the client and server aren't going to
>  > work unless the understanding exists. In you example, using
>  > Host-IP-Address to tell the peer about other available addresses to
>  > be used for load balancing and/or failover won't work across
>  > implementations unless it's documented somewhere.
>  >
>  > The original poster pointed out that they were seeing real IOT issues
>  > because different implementors interpreted the spec differently in
>  > regards to Host-IP-Address. Assuming that these differences were due
>  > to reasonable interpretations of the spec, rather than simple
>  > misunderstandings, that's a pretty big indicator that there's a
>  > problem.
> 
> I would be inclined to write a short draft clarifying that, in the case 
> of TCP, exactly one instance of the Host-IP-Address MUST be included in 
> the CER/CEA messages.
> 
> ...
> 
> _______________________________________________
> DiME mailing list
> DiME@ietf.org
> https://www.ietf.org/mailman/listinfo/dime

v2.23.0 | Report a Bug | By Email