Re: [Int-area] AD evaluation: draft-ietf-intarea-nat-reveal-analysis
"Dan Wing" <dwing@cisco.com> Thu, 14 February 2013 22:06 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB5AB21F844E for <int-area@ietfa.amsl.com>; Thu, 14 Feb 2013 14:06:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.128
X-Spam-Level:
X-Spam-Status: No, score=-110.128 tagged_above=-999 required=5 tests=[AWL=0.471, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Et-0Bl+C1oRx for <int-area@ietfa.amsl.com>; Thu, 14 Feb 2013 14:06:16 -0800 (PST)
Received: from mtv-iport-4.cisco.com (mtv-iport-4.cisco.com [173.36.130.15]) by ietfa.amsl.com (Postfix) with ESMTP id C178E21F845A for <int-area@ietf.org>; Thu, 14 Feb 2013 14:06:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5028; q=dns/txt; s=iport; t=1360879576; x=1362089176; h=from:to:cc:references:in-reply-to:subject:date: message-id:mime-version:content-transfer-encoding; bh=BEee64UoOcA68J7Nk8IeqwLYAJPYUzRv3008LuBZXhg=; b=Dc6/oEZBqfBKAoOyKrUVZydDaeoAEBBNCW6l0SHwS0DEKUriGXWMb7Vs UBJjhEPgmYF4CZSAzKTl0eQZ+Og+YmILP45TuoMS0ophwqyLtSAN/mdAn UHCyN2TUwGkL2Aj+0KPHqhsrfmQZIIrCEMQ75rJv35tesQ1jAiTLiP65m A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgAFAApeHVGrRDoJ/2dsb2JhbABEwGsWc4IfAQEBAwEIAl0SBQcBAwIJEQQBAQEnBxkIJQkIAgQBEgsFC4dlAwkFDbM0DYlajDaBBIRKA4gwNoUhhkSBWYEdiiOFE4MogVE
X-IronPort-AV: E=Sophos;i="4.84,666,1355097600"; d="scan'208";a="72191321"
Received: from mtv-core-4.cisco.com ([171.68.58.9]) by mtv-iport-4.cisco.com with ESMTP; 14 Feb 2013 22:06:16 +0000
Received: from DWINGWS01 ([10.154.36.85]) by mtv-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r1EM6Gbp004725; Thu, 14 Feb 2013 22:06:16 GMT
From: Dan Wing <dwing@cisco.com>
To: sarikaya@ieee.org, mohamed.boucadair@orange.com
References: <51195E93.4090103@innovationslab.net> <51198814.1060809@ericsson.com> <CAC8QAcc_r3U5GqTp=yBp4K0JOvSh2i2fWxVm=5rQHc-gqxcwCw@mail.gmail.com> <511B393A.7080709@ericsson.com> <CAC8QAceQo5-8p7aBR=AuNKZeCaensP880qAbAmS86HO6eK8b5g@mail.gmail.com> <94C682931C08B048B7A8645303FDC9F36EAFB56426@PUEXCB1B.nanterre.francetelecom.fr> <CAC8QAceY0M2iv974zaj9_xBouFaN8q1wf+ecXy3zAZfG98EqnQ@mail.gmail.com> <94C682931C08B048B7A8645303FDC9F36EAFB56457@PUEXCB1B.nanterre.francetelecom.fr> <CAC8QAccj=_AhgLooNd+Cv4ogJ=h5FuNFJwmN01Q+ap8YyF9uCQ@mail.gmail.com> <94C682931C08B048B7A8645303FDC9F36EAFB564BB@PUEXCB1B.nanterre.francetelecom.fr> <CAC8QAcedk3QKaXzzY+e4y26WfP6J_K7dWonvSuwzUxst+_ow_g@mail.gmail.com>
In-Reply-To: <CAC8QAcedk3QKaXzzY+e4y26WfP6J_K7dWonvSuwzUxst+_ow_g@mail.gmail.com>
Date: Thu, 14 Feb 2013 14:06:15 -0800
Message-ID: <080201ce0aff$82722520$87566f60$@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQLZR+Xvji6rjU60kLkAtATIrjdb8gKjIFyWAjdQPCwCqEQ25AJ0twZnAh/s4ZoCtS1+9AEs/CXyAXAioZ8Cj1UU6gGdnkJClba4sHA=
Content-Language: en-us
Cc: draft-ietf-intarea-nat-reveal-analysis@tools.ietf.org, int-area@ietf.org
Subject: Re: [Int-area] AD evaluation: draft-ietf-intarea-nat-reveal-analysis
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/int-area>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2013 22:06:22 -0000
> -----Original Message----- > From: int-area-bounces@ietf.org [mailto:int-area-bounces@ietf.org] On > Behalf Of Behcet Sarikaya > Sent: Thursday, February 14, 2013 9:37 AM > To: mohamed.boucadair@orange.com > Cc: draft-ietf-intarea-nat-reveal-analysis@tools.ietf.org; int- > area@ietf.org > Subject: Re: [Int-area] AD evaluation: draft-ietf-intarea-nat-reveal- > analysis > > Hi Med, > > I realize that you published a revision with the A+P reference. However, > I believe A+P is a problem for address sharing with its own solution, > i.e. the port range is the host id. Except a remote server does not know the address is shared, nor what port range is assigned to a user. Lacking that, it does not have a solution. With that, I would hesitate to rely on the system too much, because changing number of ports per user would need to somehow be coordinated with server logs -- which seems unlikely/impossible. -d > I would favor removing Sec. 4.6. Anyway you have not been exhaustive on > the solution space. > > Regards, > > Behcet > > > On Thu, Feb 14, 2013 at 12:51 AM, <mohamed.boucadair@orange.com> wrote: > > > > Hi Behcet, > > I'm aware of that context but the problem is that I don't have a > good reference to cite for it. http://tools.ietf.org/id/draft-schott- > fmc-requirements-02.txt would be a good reference to cite but > unfortunately the port set section was removed in the last version > http://tools.ietf.org/html/draft-schott-fmc-requirements-04. > > Saying that, I really think having one example to cite is > sufficient. No need to have an exhaustive reference list. > > Thanks. > > Cheers, > Med > > > ________________________________ > > > De : Behcet Sarikaya [mailto:sarikaya2012@gmail.com] > > Envoyé : mercredi 13 février 2013 20:09 > > À : BOUCADAIR Mohamed OLNC/OLN > Cc : Suresh Krishnan; Brian Haberman; draft-ietf-intarea-nat- > reveal-analysis@tools.ietf.org; int-area@ietf.org > Objet : Re: [Int-area] AD evaluation: draft-ietf-intarea-nat- > reveal-analysis > > > Hi Med, > > I think that email discussions we had on this issue in fmc > list last year will provide good context in these discussions, please > remember them. > > See inline: > > > On Wed, Feb 13, 2013 at 11:16 AM, > <mohamed.boucadair@orange.com> wrote: > > > > Re-, > > Please see inline. > > Cheers, > Med > > > ________________________________ > > > De : Behcet Sarikaya > [mailto:sarikaya2012@gmail.com] > > Envoyé : mercredi 13 février 2013 18:01 > À : BOUCADAIR Mohamed OLNC/OLN > Cc : Suresh Krishnan; Brian Haberman; draft-ietf- > intarea-nat-reveal-analysis@tools.ietf.org; int-area@ietf.org > > Objet : Re: [Int-area] AD evaluation: draft-ietf- > intarea-nat-reveal-analysis > > > Hi Med, > > > On Wed, Feb 13, 2013 at 10:43 AM, > <mohamed.boucadair@orange.com> wrote: > > > > Hi Behcet, > > I have two comments: > > * Host identification issue is valid for any > address sharing mechanism. > > > I am not sure on A+P? > > [Med] both A+P and NAT-based address sharing > solutions are covered by rfc6269. host identifier is just a means to > distinguish hosts under the same IP address. It does not matter how > address sharing is implemented. > > A+P requires point-to-point link, right? > > > This is why the introduction mentions already > the following: > > As reported in [RFC6269 > <https://tools.ietf.org/html/rfc6269> ], several issues are encountered > when an IP > address is shared among several > subscribers. These issues are > encountered in various deployment > contexts: e.g., Carrier Grade NAT > (CGN), application proxies or A+P [RFC6346 > <https://tools.ietf.org/html/rfc6346> ]. > * RFC6346 is provided as an example of a > solution making use of port sets. You are right, other solutions (than > a+p) can be considered but having one pointer to a solution example is > just fair. No need to be exhaustive here. > > > > Again, I am not sure if Section 4.6 describes what > A+P says? > > [Med] That section says non overlapping port sets > are assigned to hosts sharing the same IP address. The text does not > describe if the shared address is also configured to those hosts or if > there is a NAT in the host, etc. These are implementation variants. > There is no value to provide such details in that section. Adding a ref > to A+P is just fair. This does not preclude other contexts. > > > > > If Section 4.6 applies to A+P, there is no need for such a > text, just say Use A+P and give the reference, right? > > Regards, > > Behcet > >
- [Int-area] AD evaluation: draft-ietf-intarea-nat-… Brian Haberman
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Suresh Krishnan
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Brian Haberman
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… mohamed.boucadair
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Behcet Sarikaya
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Suresh Krishnan
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Suresh Krishnan
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… mohamed.boucadair
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Brian Haberman
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Brian Haberman
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… mohamed.boucadair
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Behcet Sarikaya
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… mohamed.boucadair
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Brian Haberman
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Behcet Sarikaya
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… mohamed.boucadair
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Behcet Sarikaya
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Joe Touch
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… mohamed.boucadair
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Behcet Sarikaya
- Re: [Int-area] AD evaluation: draft-ietf-intarea-… Dan Wing