IETF Logo Mail Archive

Re: [homegate] HOMENET working group proposal

Cameron Byrne <cb.list6@gmail.com> Thu, 30 June 2011 02:38 UTC

Return-Path: <cb.list6@gmail.com>
X-Original-To: homegate@ietfa.amsl.com
Delivered-To: homegate@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4FE621F8641; Wed, 29 Jun 2011 19:38:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.844
X-Spam-Level:
X-Spam-Status: No, score=-0.844 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FRT_BELOW2=2.154, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HN8h2CLAetHB; Wed, 29 Jun 2011 19:38:39 -0700 (PDT)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by ietfa.amsl.com (Postfix) with ESMTP id 8F7A821F8640; Wed, 29 Jun 2011 19:38:38 -0700 (PDT)
Received: by wyj26 with SMTP id 26so1421862wyj.31 for <multiple recipients>; Wed, 29 Jun 2011 19:38:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=ph5hfhyPyWKmcFgm8+2CEinWBQnSXS+Q9rGdTtzOpRg=; b=yAqnlrRQRUpQ3/xbJ2sZtkSRLQWivyAd3N1uKZvPhFLbPNmWMPoHqjjWcx5Ox39FvL x6uNBb9gRMjn7ytYSaz4xpbVvbzJdZOYReN8gGVAGnwHr9w0Puh+PKim8KRHFwK42SYh OvCFtJXxHCA2WPQfb/o6MDKV6K2IPuqRVPDj4=
MIME-Version: 1.0
Received: by 10.216.158.198 with SMTP id q48mr1200283wek.94.1309401517597; Wed, 29 Jun 2011 19:38:37 -0700 (PDT)
Received: by 10.216.39.83 with HTTP; Wed, 29 Jun 2011 19:38:37 -0700 (PDT)
Received: by 10.216.39.83 with HTTP; Wed, 29 Jun 2011 19:38:37 -0700 (PDT)
In-Reply-To: <4E0BDCF3.1090003@gont.com.ar>
References: <4E0AE696.4020603@piuha.net> <4E0BDCF3.1090003@gont.com.ar>
Date: Wed, 29 Jun 2011 19:38:37 -0700
Message-ID: <BANLkTinuPcq2r85kzMctFCHDB3Ta=WgA4A@mail.gmail.com>
From: Cameron Byrne <cb.list6@gmail.com>
To: Fernando Gont <fernando@gont.com.ar>
Content-Type: multipart/alternative; boundary="0016367fb5f95324b804a6e4ccc1"
X-Mailman-Approved-At: Wed, 29 Jun 2011 20:39:36 -0700
Cc: IETF Discussion <ietf@ietf.org>, "homegate@ietf.org" <homegate@ietf.org>
Subject: Re: [homegate] HOMENET working group proposal
X-BeenThere: homegate@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Broadband Home Gateway Discussion <homegate.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homegate>, <mailto:homegate-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/homegate>
List-Post: <mailto:homegate@ietf.org>
List-Help: <mailto:homegate-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homegate>, <mailto:homegate-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jun 2011 02:38:40 -0000

On Jun 29, 2011 7:19 PM, "Fernando Gont" <fernando@gont.com.ar> wrote:
>
> Hi, Jari,
>
> My high level comment/question is: the proposed charter seems to stress
> that IPv6 is the driver behind this potential wg effort... however, I
> think that this deserves more discussion -- it's not clear to me why/how
> typical IPv6 home networks would be much different from their IPv4
> counterparts.
>
> Bellow you'll find some comments/questions about the proposed charter.
> They are not an argument against or in favour of the creation of the
> aforementioned wg, but rather comments and/or requests for
clarification...
>
> On 06/29/2011 05:47 AM, Jari Arkko wrote:
> [....]
> > o Service providers are deploying IPv6, and support for IPv6 is
> > increasingly available in home gateway devices. While IPv6 resembles
> > IPv4 in many ways, it changes address allocation principles and allows
> > direct IP addressability and routing to devices in the home from the
> > Internet. This is a promising area in IPv6 that has proved challenging
> > in IPv4 with the proliferation of NAT.
>
> NAT devices involve two related but different issues:
> * address translation
> * an implicit "allow only return traffic" firewall-like functionality
>
> One would hope/expect that the former will be gone with IPv6. However, I
> don't think the latter will. As a result, even when you could "address"
> nodes that belong to the "home network", you probably won't be able to
> get your packets to them, unless those nodes initiated the communication
> instance.
>
> For instance (and of the top of my head), this functionality is even
> proposed in the "simple security" requirements that had been produced by
> v6ops.
>
>
> > o End-to-end communication is both an opportunity and a concern as it
> > enables new applications but also exposes nodes in the internal
> > networks to receipt of unwanted traffic from the Internet. Firewalls
> > that restrict incoming connections may be used to prevent exposure,
> > however, this reduces the efficacy of end-to-end connectivity that
> > IPv6 has the potential to restore.
>
> I personally consider this property of "end-to-end connectivity" as
> "gone". -- among other reasons, because it would require a change of
> mindset. I'm more of the idea that people will replicate the
> architecture of their IPv4 networks with IPv6, in which end-systems are
> not reachable from the public Internet.
>

The opportunity for restoring e2e is one of the great opportunities of ipv6
and it is my hope this new WG will drive that with facts and take on fud.

The utility of network based spi firewalls is debatable. Likely a never
ending debate.

Cb
> Thanks!
> --
> Fernando Gont
> e-mail: fernando@gont.com.ar || fgont@acm.org
> PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
>
>
>
> _______________________________________________
> Ietf mailing list
> Ietf@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email