RE: v6 host load balancing
Changming Liu <cliu@netscreen.com> Thu, 04 March 2004 05:19 UTC
Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA29001 for <ipv6-archive@odin.ietf.org>; Thu, 4 Mar 2004 00:19:53 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AylGY-0002VA-Gk for ipv6-archive@odin.ietf.org; Thu, 04 Mar 2004 00:19:26 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i245JQtn009610 for ipv6-archive@odin.ietf.org; Thu, 4 Mar 2004 00:19:26 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AylGX-0002Uv-U7 for ipv6-web-archive@optimus.ietf.org; Thu, 04 Mar 2004 00:19:25 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA28920 for <ipv6-web-archive@ietf.org>; Thu, 4 Mar 2004 00:19:22 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AylGV-0005Kc-00 for ipv6-web-archive@ietf.org; Thu, 04 Mar 2004 00:19:23 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1AylFW-00055u-00 for ipv6-web-archive@ietf.org; Thu, 04 Mar 2004 00:18:22 -0500
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1AylES-0004la-00 for ipv6-web-archive@ietf.org; Thu, 04 Mar 2004 00:17:16 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AylED-0001wN-P2; Thu, 04 Mar 2004 00:17:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AylDP-0001vF-Fu for ipv6@optimus.ietf.org; Thu, 04 Mar 2004 00:16:11 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA28818 for <ipv6@ietf.org>; Thu, 4 Mar 2004 00:16:08 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AylDN-0004jR-00 for ipv6@ietf.org; Thu, 04 Mar 2004 00:16:09 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1AylCR-0004aB-00 for ipv6@ietf.org; Thu, 04 Mar 2004 00:15:11 -0500
Received: from [63.126.135.18] (helo=mail2.netscreen.com) by ietf-mx with esmtp (Exim 4.12) id 1AylC5-0004Qq-00 for ipv6@ietf.org; Thu, 04 Mar 2004 00:14:49 -0500
Received: from ns-ca.netscreen.com (ns-ca-local [10.100.3.35]) by mail2.netscreen.com (Switch-3.1.3/Switch-3.1.0) with ESMTP id i245EJ9u006267; Wed, 3 Mar 2004 21:14:19 -0800 (PST)
Received: by NS-CA with Internet Mail Service (5.5.2653.19) id <FV1JS07F>; Wed, 3 Mar 2004 21:14:19 -0800
Message-ID: <1B6D4CAFB8CA554EB1A0925685A07DFC0342C6AE@MONTEREY.netscreen.com>
From: Changming Liu <cliu@netscreen.com>
To: 'Dave Thaler ' <dthaler@windows.microsoft.com>, Changming Liu <cliu@netscreen.com>
Cc: "'ipv6@ietf.org '" <ipv6@ietf.org>
Subject: RE: v6 host load balancing
Date: Wed, 03 Mar 2004 21:14:19 -0800
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain; charset="iso-8859-1"
Sender: ipv6-admin@ietf.org
Errors-To: ipv6-admin@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Id: IP Version 6 Working Group (ipv6) <ipv6.ietf.org>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.60
Hi Dave, >If the server is telling the client who to use, then the client is >connecting out for both the data and the control channels. If they >go out different exit points on the client side, there's no problem >since both connections are initiated from the inside, right? >Can you elaborate more on what the problematic scenario is? Sure. In case of FTP data channel, the data connection was opened by the server by default! This is called active FTP. To get around this problem, RFC1579 Firewall-Friendly FTP, documents a passive open, in this case, the client initiates a connection. For more info, please see RFC 1579. No matter it is active or passive open, the modem stateful will need to open the "hole" by listening to the control channel for "port" and "pasv" comamnd. The hole is opened only on the firewall which is dealing the control channel. If the data channel goes to another file, apparently this will not work. FTP is just a classical example of this dynamic port problem that a firewall needs to deal with. For VoiP apps such H323 and SIP, similar problem exists as well and even severe. This is because the signalling channel and media channel are totally different and destination are usually completely different. As a firewall/NAT/IDP company we've been struggling with these issues all the time. It really adds lots of complexity to the system. I just don't want to get it worse in IPv6, if not better. Hope this makes sense to you. Changming -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- RE: v6 host load balancing Changming Liu
- RE: v6 host load balancing Pekka Savola
- Re: v6 host load balancing Tim Chown
- RE: v6 host load balancing Bob Hinden
- RE: v6 host load balancing Pekka Savola
- RE: v6 host load balancing Bob Hinden
- RE: v6 host load balancing Changming Liu
- RE: v6 host load balancing Dave Thaler
- RE: v6 host load balancing Changming Liu
- RE: v6 host load balancing Changming Liu
- RE: v6 host load balancing Changming Liu
- Re: v6 host load balancing Tim Chown
- RE: v6 host load balancing Pekka Savola
- RE: v6 host load balancing Dave Thaler
- RE: v6 host load balancing Bob Hinden
- RE: v6 host load balancing Suresh Satapati
- RE: v6 host load balancing Suresh Satapati
- RE: v6 host load balancing Suresh Satapati