RE: v6 host load balancing
"Dave Thaler" <dthaler@windows.microsoft.com> Tue, 30 March 2004 22:41 UTC
Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA18919 for <ipv6-archive@odin.ietf.org>; Tue, 30 Mar 2004 17:41:02 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1B8Rjk-0006YH-Hj for ipv6-archive@odin.ietf.org; Tue, 30 Mar 2004 17:29:36 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i245l17F027374 for ipv6-archive@odin.ietf.org; Thu, 4 Mar 2004 00:47:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AylhF-00077R-Jb for ipv6-web-archive@optimus.ietf.org; Thu, 04 Mar 2004 00:47:01 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA01516 for <ipv6-web-archive@ietf.org>; Thu, 4 Mar 2004 00:46:58 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AylhC-0003dB-00 for ipv6-web-archive@ietf.org; Thu, 04 Mar 2004 00:46:58 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1Aylfe-0003C2-00 for ipv6-web-archive@ietf.org; Thu, 04 Mar 2004 00:45:23 -0500
Received: from [65.246.255.50] (helo=mx2.foretec.com) by ietf-mx with esmtp (Exim 4.12) id 1Ayle9-0002lv-00 for ipv6-web-archive@ietf.org; Thu, 04 Mar 2004 00:43:49 -0500
Received: from optimus.ietf.org ([132.151.1.19]) by mx2.foretec.com with esmtp (Exim 4.24) id 1Ayle9-0006rz-Ja for ipv6-web-archive@ietf.org; Thu, 04 Mar 2004 00:43:50 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AyldN-0005cJ-R6; Thu, 04 Mar 2004 00:43:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Ayld0-0005Yb-F7 for ipv6@optimus.ietf.org; Thu, 04 Mar 2004 00:42:38 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA00932 for <ipv6@ietf.org>; Thu, 4 Mar 2004 00:42:34 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1Aylcx-0002TR-00 for ipv6@ietf.org; Thu, 04 Mar 2004 00:42:35 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1Aylba-0002Dg-00 for ipv6@ietf.org; Thu, 04 Mar 2004 00:41:11 -0500
Received: from mail3.microsoft.com ([131.107.3.123]) by ietf-mx with esmtp (Exim 4.12) id 1AylaZ-0001vs-00 for ipv6@ietf.org; Thu, 04 Mar 2004 00:40:07 -0500
Received: from INET-VRS-03.redmond.corp.microsoft.com ([157.54.5.27]) by mail3.microsoft.com with Microsoft SMTPSVC(6.0.3790.0); Wed, 3 Mar 2004 21:40:02 -0800
Received: from 157.54.5.25 by INET-VRS-03.redmond.corp.microsoft.com (InterScan E-Mail VirusWall NT); Wed, 03 Mar 2004 21:39:45 -0800
Received: from red-imc-02.redmond.corp.microsoft.com ([157.54.9.107]) by inet-hub-03.redmond.corp.microsoft.com with Microsoft SMTPSVC(6.0.3790.0); Wed, 3 Mar 2004 21:39:43 -0800
Received: from win-imc-02.wingroup.windeploy.ntdev.microsoft.com ([157.54.0.84]) by red-imc-02.redmond.corp.microsoft.com with Microsoft SMTPSVC(6.0.3790.0); Wed, 3 Mar 2004 21:40:34 -0800
Received: from WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com ([157.54.12.81]) by win-imc-02.wingroup.windeploy.ntdev.microsoft.com with Microsoft SMTPSVC(6.0.3790.1069); Wed, 3 Mar 2004 21:39:41 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5.7165.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: v6 host load balancing
Date: Wed, 03 Mar 2004 21:39:29 -0800
Message-ID: <C9588551DE135A41AA2626CB6453093707BC9784@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com>
Thread-Topic: v6 host load balancing
thread-index: AcQBp6u9tjxkpQ1HT0+dLorR06S+1wAAmAvg
From: Dave Thaler <dthaler@windows.microsoft.com>
To: Changming Liu <cliu@netscreen.com>
Cc: ipv6@ietf.org
X-OriginalArrivalTime: 04 Mar 2004 05:39:41.0091 (UTC) FILETIME=[170BEF30:01C401AB]
Content-Transfer-Encoding: quoted-printable
Sender: ipv6-admin@ietf.org
Errors-To: ipv6-admin@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Id: IP Version 6 Working Group (ipv6) <ipv6.ietf.org>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.60
Content-Transfer-Encoding: quoted-printable
Content-Transfer-Encoding: quoted-printable
> -----Original Message----- > From: Changming Liu [mailto:cliu@netscreen.com] > Sent: Thursday, March 04, 2004 2:14 PM > To: Dave Thaler; Changming Liu > Cc: 'ipv6@ietf.org ' > Subject: RE: v6 host load balancing > > Hi Dave, > > >If the server is telling the client who to use, then the client is > >connecting out for both the data and the control channels. If they > >go out different exit points on the client side, there's no problem > >since both connections are initiated from the inside, right? > > >Can you elaborate more on what the problematic scenario is? > > Sure. In case of FTP data channel, the data connection was opened by the > server by default! This is called active FTP. To get around this problem, > RFC1579 Firewall-Friendly FTP, documents a passive open, in this case, the > client initiates a connection. For more info, please see RFC 1579. Yes I'm aware of both modes. Since you mentioned the server told the client what server to use, I assumed you were talking about passive mode, which is what I was responding to above. > No matter it is active or passive open, the modem stateful will need to > open > the "hole" by listening to the control channel for "port" and "pasv" > comamnd. You lost me here. Since the passive open has the connection initiated by the client, there is no need for the firewall around the client to open a port based on listening to the control channel, right? > The hole is opened only on the firewall which is dealing the > control channel. If the data channel goes to another file, apparently this > will not work. I don't see why not. It's just another outgoing TCP connection. > FTP is just a classical example of this dynamic port problem that a > firewall > needs to deal with. For VoiP apps such H323 and SIP, similar problem > exists > as well and even severe. This is because the signalling channel and media > channel are totally different and destination are usually completely > different. > > > As a firewall/NAT/IDP company we've been struggling with these issues all > the time. It really adds lots of complexity to the system. I just don't > want > to get it worse in IPv6, if not better. > > Hope this makes sense to you. Not particularly. I'm still at the same point I was before where elaborating on what the exact scenario that fails is would help. Thanks, -Dave > Changming -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- RE: v6 host load balancing Changming Liu
- RE: v6 host load balancing Pekka Savola
- Re: v6 host load balancing Tim Chown
- RE: v6 host load balancing Bob Hinden
- RE: v6 host load balancing Pekka Savola
- RE: v6 host load balancing Bob Hinden
- RE: v6 host load balancing Changming Liu
- RE: v6 host load balancing Dave Thaler
- RE: v6 host load balancing Changming Liu
- RE: v6 host load balancing Changming Liu
- RE: v6 host load balancing Changming Liu
- Re: v6 host load balancing Tim Chown
- RE: v6 host load balancing Pekka Savola
- RE: v6 host load balancing Dave Thaler
- RE: v6 host load balancing Bob Hinden
- RE: v6 host load balancing Suresh Satapati
- RE: v6 host load balancing Suresh Satapati
- RE: v6 host load balancing Suresh Satapati