[Dime] Review of draft-ietf-dime-nat-control-01
jouni korhonen <jouni.nospam@gmail.com> Tue, 08 December 2009 22:31 UTC
Return-Path: <jouni.nospam@gmail.com>
X-Original-To: dime@core3.amsl.com
Delivered-To: dime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EDA4728C0FE for <dime@core3.amsl.com>; Tue, 8 Dec 2009 14:31:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K7P9Z0yOMvZO for <dime@core3.amsl.com>; Tue, 8 Dec 2009 14:31:44 -0800 (PST)
Received: from mail-fx0-f213.google.com (mail-fx0-f213.google.com [209.85.220.213]) by core3.amsl.com (Postfix) with ESMTP id 8B83D3A6999 for <dime@ietf.org>; Tue, 8 Dec 2009 14:31:43 -0800 (PST)
Received: by fxm5 with SMTP id 5so6822046fxm.28 for <dime@ietf.org>; Tue, 08 Dec 2009 14:31:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:content-type :content-transfer-encoding:subject:date:message-id:cc:to :mime-version:x-mailer; bh=dZA8Xw1OLg2VA0Rf5b/aPM2HREBq/ySKf5BVa2ZX5oY=; b=Ecp57rFdY6W5rJdem+u5hD7voJMasVtba065Arwk1dPlbkeaDuLftRJwlbQVR6LMvt XvzMpgp0X9edbi0r0sOjUbage58QB0IOmPcvjtXJxZ7LhJGyVkbNLM5MMn3BCTG2K6Pg w8LKynGUphXNHPXd/h7T1vrP0e3GSF+/riq8Q=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:content-type:content-transfer-encoding:subject:date:message-id :cc:to:mime-version:x-mailer; b=UTndBKmzBposOmIBDbAZb7pa3frpTM5xYTGGbLaCE4VjOFuqT1aRZllCCPrezTWAJy Ip4lNyTW+zI9CHJW5FwKITbp4KemKTs2XVKVWIxP3R1O7wYR3kCXQY5aC/fmC2PBcgnv zjmHQZatDnfywF9+CVNdpW8UtGl4aPkEyxOKQ=
Received: by 10.86.235.29 with SMTP id i29mr7765147fgh.57.1260311490024; Tue, 08 Dec 2009 14:31:30 -0800 (PST)
Received: from a83-245-213-231.elisa-laajakaista.fi (a83-245-213-231.elisa-laajakaista.fi [83.245.213.231]) by mx.google.com with ESMTPS id l12sm21535256fgb.15.2009.12.08.14.31.27 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 08 Dec 2009 14:31:29 -0800 (PST)
From: jouni korhonen <jouni.nospam@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 09 Dec 2009 00:31:26 +0200
Message-Id: <525ECBEE-A11B-41B9-BAAC-E1D7C72F1B58@gmail.com>
To: dime@ietf.org
Mime-Version: 1.0 (Apple Message framework v1077)
X-Mailer: Apple Mail (2.1077)
Cc: vaneeta@mavenir.com
Subject: [Dime] Review of draft-ietf-dime-nat-control-01
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Dec 2009 22:31:45 -0000
Hi,
In Hiroshima I volunteered to review this I-D. I would say the I-D is in rather good shape and my comments are not too technical. See my initial comments inline (after the first read of this draft). Comments are prefixed with [JiK].
-----
In Section 4.1.
The current version of the draft assumes that the NAT control
requesting entity is always the DNCA manager. Sessions will always
be initiated, updated, or terminated by the DNCA manager. This mode
of operation is sometimes also referred to as "push mode". Session
initiation by the DNCA agent (sometimes referred to as "pull mode")
will be covered in a future version of this draft.
[JiK] How is the push mode supposed to work when the manager is located in the AAA server? What trigger the AAA to send a NCR request to a LSN?
return a NCA with Result-Code set to Insufficient- Classifiers.
[JiK] extra space above.. and probably the Insufficient-Classifiers should be in uppercase like the other result codes in this draft are.
In Section 4.3 (and through out the draft):
[JiK] In general, when discussing of AVPs in the text, for example:
o In case Max-NAT-Binding and Nat-Control-Definition are included in
the NCR along with a reference to a binding rule (i.e. a ...
I would actually add the "AVP" acronym after the appropriate AVP has been mentioned:
o In case Max-NAT-Binding and Nat-Control-Definition AVPs are included in
the NCR along with a reference to a binding rule (i.e. a ...
In Section 4.5. and onwards
[JiK] .,$s/TERMINATE REQUEST/TERMINATE_REQUEST/g
[JiK] s/Terminate REQUEST/TERMINATE_REQUEST
In Section 4.6.
Disclaimer: This version of the draft does not cover details in case
DNCA manager and DNCA agent go out of sync, which could happen for
example due to DNCA manager or DNCA agent restart, (temporary) loss
of network connectivity etc. Future versions of this draft will
cover failure cases and corresponding behavior of DNCA manager and
DNCA agent in detail.
[JiK] Will there be a future version of this draft that covers this case?
o The DNCA manager is unreachable (as e.g. detected by Diameter
watchdog) or down and accounting requests from the DNCA agent fail
to get a response. The current version of the draft does not
specify procedures for DNCA agent session state clean up or
recovery. The mechanism to ensure that a DNCA manager no longer
has associated state for a session being cleared at the DNCA agent
is beyond the scope of this document.
[JiK] Same comment as above..
In Section 5.1.
[JiK] s/IPSec may be used/IPSec MAY be used
[JiK] s/The DNCA agent may verify/The DNCA agent MAY verify
In Section 5.4.
It is assumed that the DNCA manager knows the address/name of the
DNCA agent for a given endpoint. Both the Destination-Realm and
...
[JiK] I would rather say "knows the DiameterIdentity and the realm of the.."
In Section 6.2. (NCA)
[JiK] Is redirection supported?
In Section 7.3.
[JiK] How and what goes into Called/Calling-Station-Id ? I would not mind saying more specifically what identifier goes there and using what encoding.
In Section 7.7.*
[JiK] Have you thought of reusing the Classifier AVPs from draft-ietf-dime-qos-attributes e.g. within the NAT-Internal-Address and NAT-Control-Definition grouped AVPs? Or is the reference in Section 7.5 just wrong?
In Section 7.7.5.
NAT-Internal-Address ::= < AVP Header: TBD >
[ Framed-IP-Address ]
[ Port]
[ AVP ]
[JiK] s/[ AVP ]/* [ AVP ]
In Section 7.7.6.
[JiK] Same as above.
In Section 8.
[JiK] Which application id is used for accounting?
Is Section 13.1.
[JiK] I-D.ietf-dime-qos-attributes is not referenced.
I-D.ietf-dime-qos-parameters is not referenced.
TS32299 is not referenced (and is rather old version as well, latest being 9.1.0 from Oct 2009)
Cheers,
Jouni
- [Dime] Review of draft-ietf-dime-nat-control-01 jouni korhonen
- Re: [Dime] Review of draft-ietf-dime-nat-control-… Shwetha Bhandari (shwethab)