Re: [Int-area] IPv4 address sharing abuse [was RE: draft-boucadair-intarea-nat-reveal-analysis]
"Dan Wing" <dwing@cisco.com> Wed, 07 September 2011 19:03 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4896421F8D44 for <int-area@ietfa.amsl.com>; Wed, 7 Sep 2011 12:03:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.324
X-Spam-Level:
X-Spam-Status: No, score=-103.324 tagged_above=-999 required=5 tests=[AWL=-0.725, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EzD+8ji2Fgld for <int-area@ietfa.amsl.com>; Wed, 7 Sep 2011 12:03:33 -0700 (PDT)
Received: from mtv-iport-2.cisco.com (mtv-iport-2.cisco.com [173.36.130.13]) by ietfa.amsl.com (Postfix) with ESMTP id 3785A21F8D38 for <int-area@ietf.org>; Wed, 7 Sep 2011 12:03:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=dwing@cisco.com; l=4185; q=dns/txt; s=iport; t=1315422315; x=1316631915; h=from:to:cc:references:in-reply-to:subject:date: message-id:mime-version:content-transfer-encoding; bh=zL9QUKEFiNvTVEwfD4QhOlrG5845s0zmQi5hsjYeX0A=; b=nFNta8dKp7yjpeEMKNnxEpkqLEwHXPnRj/3VVVymyYI9zm/3R/nTnUD5 CAOCW7MdquHEa1jVj6qOFA2aoCNNGmpeIeBuVLsEO6sojOaRux6pXgmLt C/i3GrlnDLb3CwQR/xfzWxm0ms6NBxkS+GnVBdVGIss3yY5SeLwdX9Ekn M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AtEAAMy/Z06rRDoI/2dsb2JhbABDmGmBbI0ZeIFGAQEBAQIBAQEBBQoBFxAtBwsFBwEDAgkPAgQBASgHGQ4VCgMBBQgBAQQBEgsQB4dTBJk7AZ5AhmsEh2yVQ4c4
X-IronPort-AV: E=Sophos;i="4.68,346,1312156800"; d="scan'208";a="731689"
Received: from mtv-core-3.cisco.com ([171.68.58.8]) by mtv-iport-2.cisco.com with ESMTP; 07 Sep 2011 19:05:15 +0000
Received: from dwingWS (sjc-vpn7-714.cisco.com [10.21.146.202]) by mtv-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id p87J5Efg030392; Wed, 7 Sep 2011 19:05:15 GMT
From: Dan Wing <dwing@cisco.com>
To: 'Lee Howard' <lee@asgard.org>, int-area@ietf.org
References: <000001cc48b3$a9bca480$fd35ed80$@com> <06f201cc6ced$f0d14fc0$d273ef40$@com> <000001cc6d88$cd71aa20$6854fe60$@org>
In-Reply-To: <000001cc6d88$cd71aa20$6854fe60$@org>
Date: Wed, 07 Sep 2011 12:05:15 -0700
Message-ID: <0ad501cc6d91$13b471e0$3b1d55a0$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcxInBo+nFfsZ4vCQaWQg+QifJboCgkTpZWgACb/sWAAAor84A==
Content-Language: en-us
Cc: draft-boucadair-intarea-nat-reveal-analysis@tools.ietf.org
Subject: Re: [Int-area] IPv4 address sharing abuse [was RE: draft-boucadair-intarea-nat-reveal-analysis]
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/int-area>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2011 19:03:34 -0000
> -----Original Message----- > From: Lee Howard [mailto:lee@asgard.org] > Sent: Wednesday, September 07, 2011 11:06 AM > To: 'Dan Wing'; int-area@ietf.org > Cc: draft-boucadair-intarea-nat-reveal-analysis@tools.ietf.org > Subject: RE: [Int-area] IPv4 address sharing abuse [was RE: draft- > boucadair-intarea-nat-reveal-analysis] > > Is it true that the stacks/applications on the devices you name could > be updated as described, but could not be updated to support IPv6? The host stacks wouldn't be updated. The address-sharing device (NAT, A+P router, etc.) would add the additional data. > That section of rfc6269 says blacklisting and penalty boxes won't work. > For the solutions offered, the effort of draining the cesspool may be > greater than living with the stink (or moving to the new house with all > the extra bits). > > The draft nicely describes the solution space, though. -d > Lee > > > -----Original Message----- > > From: int-area-bounces@ietf.org [mailto:int-area-bounces@ietf.org] On > Behalf Of Dan > > Wing > > Sent: Tuesday, September 06, 2011 7:37 PM > > To: int-area@ietf.org > > Cc: draft-boucadair-intarea-nat-reveal-analysis@tools.ietf.org > > Subject: [Int-area] IPv4 address sharing abuse [was RE: > draft-boucadair-intarea-nat-reveal- > > analysis] > > > > Dearest Internet Area, > > > > The INTAREA document RFC6269 discussed the harm of IPv4 abuse in > > http://tools.ietf.org/html/rfc6269#section-13.1 and we're trying to > see if > > there is interest in solving the problem for IPv4 users -- some of > whom > > cannot or will not upgrade to IPv6 (IPv4-only television, Roku > streaming > > player, Grandma's Windows 95 box, etc.). If this isn't solved, IPv4 > will > > become a cesspool or very expensive to continue to operate for > content > > providers (who will have to terminate TCP and TLS sessions for > abusers and > > legitimate users, alike). > > > > -d > > > > > > > -----Original Message----- > > > From: int-area-bounces@ietf.org [mailto:int-area-bounces@ietf.org] > On > > > Behalf Of Dan Wing > > > Sent: Friday, July 22, 2011 2:10 PM > > > To: int-area@ietf.org > > > Cc: draft-boucadair-intarea-nat-reveal-analysis@tools.ietf.org > > > Subject: [Int-area] draft-boucadair-intarea-nat-reveal-analysis > > > > > > I realize INTAREA is not meeting at IETF81, but we would like to > bring > > > attention to the informational document > > > http://tools.ietf.org/html/draft-boucadair-intarea-nat-reveal- > analysis, > > > abstract: > > > "This document analyzes a set of solution candidates which have > been > > > proposed to mitigate some of the issues encountered when address > > > sharing is used. In particular, this document focuses on means > to > > > reveal a host identifier when a Carrier Grade NAT (CGN) is > involved > > > in the path. This host identifier must be unique to each host > under > > > the same shared IP address. > > > > > > The ultimate goal is to assess the viability of proposed > solutions > > > and hopefully to make a recommendation on the more suitable > > > solution(s)." > > > > > > This document seems to belong in INTAREA, considering the various > > > solutions > > > to the abuse problem described in that document is due to IPv4 > address > > > sharing, and INTAREA has already taken on documents related to IPv4 > > > address sharing: > > > draft-ietf-intarea-shared-addressing-issues (RFC6269) > > > draft-ietf-intarea-server-logging-recommendations (RFC6302) > > > > > > > > > Based on that analysis document, the most preferred solution is > > > draft-wing-nat-reveal-option (standards track). I expect we will > > > pursue draft-wing-nat-reveal-option in BEHAVE or perhaps TSVWG. > > > > > > -d > > > > > > > > > _______________________________________________ > > > Int-area mailing list > > > Int-area@ietf.org > > > https://www.ietf.org/mailman/listinfo/int-area > > > > _______________________________________________ > > Int-area mailing list > > Int-area@ietf.org > > https://www.ietf.org/mailman/listinfo/int-area
- [Int-area] draft-boucadair-intarea-nat-reveal-ana… Dan Wing
- Re: [Int-area] draft-boucadair-intarea-nat-reveal… mohamed.boucadair
- [Int-area] IPv4 address sharing abuse [was RE: dr… Dan Wing
- Re: [Int-area] IPv4 address sharing abuse [was RE… Lee Howard
- Re: [Int-area] IPv4 address sharing abuse [was RE… Dan Wing
- Re: [Int-area] IPv4 address sharing abuse [was RE… Francis Dupont
- Re: [Int-area] IPv4 address sharing abuse [was RE… Dan Wing
- Re: [Int-area] IPv4 address sharing abuse [was RE… Simon Perreault
- [Int-area] RE : IPv4 address sharing abuse [was R… mohamed.boucadair
- Re: [Int-area] IPv4 address sharing abuse [was RE… Lee Howard
- Re: [Int-area] RE : IPv4 address sharing abuse [w… Simon Perreault
- [Int-area] RE : IPv4 address sharing abuse [was R… mohamed.boucadair
- Re: [Int-area] IPv4 address sharing abuse [was RE… SM
- Re: [Int-area] IPv4 address sharing abuse [was RE… Francis Dupont
- Re: [Int-area] RE : IPv4 address sharing abuse [w… Francis Dupont
- Re: [Int-area] IPv4 address sharing abuse [was RE… Francis Dupont
- Re: [Int-area] IPv4 address sharing abuse [was RE… SM
- Re: [Int-area] RE : IPv4 address sharing abuse [w… mohamed.boucadair
- Re: [Int-area] IPv4 address sharing abuse [was RE… mohamed.boucadair
- Re: [Int-area] IPv4 address sharing abuse [was RE… mohamed.boucadair
- Re: [Int-area] IPv4 address sharing abuse [was RE… mohamed.boucadair
- Re: [Int-area] RE : IPv4 address sharing abuse [w… Francis Dupont
- Re: [Int-area] RE : IPv4 address sharing abuse [w… mohamed.boucadair
- Re: [Int-area] RE : IPv4 address sharing abuse [w… Francis Dupont
- Re: [Int-area] IPv4 address sharing abuse [was RE… SM
- Re: [Int-area] RE : IPv4 address sharing abuse [w… Maglione Roberta
- Re: [Int-area] RE : IPv4 address sharing abuse [w… Francis Dupont
- Re: [Int-area] RE : IPv4 address sharing abuse [w… George, Wesley