IETF Logo Mail Archive

Re: [nat66] Comments on draft-mrw-nat66-12

Fred Baker <fred@cisco.com> Wed, 16 March 2011 01:32 UTC

Return-Path: <fred@cisco.com>
X-Original-To: nat66@core3.amsl.com
Delivered-To: nat66@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E9D563A6A6F for <nat66@core3.amsl.com>; Tue, 15 Mar 2011 18:32:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.433
X-Spam-Level:
X-Spam-Status: No, score=-110.433 tagged_above=-999 required=5 tests=[AWL=0.166, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rtR8WEv3ofND for <nat66@core3.amsl.com>; Tue, 15 Mar 2011 18:32:47 -0700 (PDT)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id A34603A6A6B for <nat66@ietf.org>; Tue, 15 Mar 2011 18:32:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=fred@cisco.com; l=1243; q=dns/txt; s=iport; t=1300239253; x=1301448853; h=subject:mime-version:from:in-reply-to:date:cc:message-id: references:to:content-transfer-encoding; bh=KRg6PnOQ/GP8lut9JHrDptnr1TO3ijVmq1qrnZdA+Fs=; b=WtOsgicL0I4Pc2Rgx4gRmEAJoib3AgOFwQRTGUDmdcy9cpfrLdu1fApD rWX9ChrJrGgFEvwgUzE2HtyE13IP4LmHespO5vFMgaoxdVsGE7HAcIm0k ZEVzb6LowKCh9jgxEnwnQgnMMZhq5AXfGPg9UPRW8gY7AprUxvixYbKUj A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEACywf02tJV2a/2dsb2JhbACmD3ekSpxnhWIEhTCHLYNP
X-IronPort-AV: E=Sophos;i="4.63,191,1299456000"; d="scan'208";a="276350430"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by sj-iport-4.cisco.com with ESMTP; 16 Mar 2011 01:34:12 +0000
Received: from stealth-10-32-244-221.cisco.com (stealth-10-32-244-221.cisco.com [10.32.244.221]) by rcdn-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id p2G1Y6V5028620; Wed, 16 Mar 2011 01:34:11 GMT
Received: from [127.0.0.1] by stealth-10-32-244-221.cisco.com (PGP Universal service); Tue, 15 Mar 2011 18:34:11 -0700
X-PGP-Universal: processed; by stealth-10-32-244-221.cisco.com on Tue, 15 Mar 2011 18:34:11 -0700
Mime-Version: 1.0 (Apple Message framework v1082)
From: Fred Baker <fred@cisco.com>
In-Reply-To: <3B1E3A80-B4A8-4DF0-B345-168BAD532C6E@apple.com>
Date: Tue, 15 Mar 2011 18:33:54 -0700
Message-Id: <4C14147C-03C5-48BC-A182-55DB298F2113@cisco.com>
References: <20110314063002.28048.29694.idtracker@localhost> <19F3A4CD-F39C-4F17-A6E9-7AA8AFBC6B3B@cisco.com> <CF8367A6-F303-43D7-99C6-D40D1DD5D5D9@free.fr> <125BC580-ED43-40EE-B6B9-FD88557C35B9@apple.com> <758DD037-9DC2-4A1E-BEAE-7E99CBED6D3A@cisco.com> <5E3E1015-9750-4ADA-91D9-F10FFFDB2BD0@apple.com> <B4FD874E-1AC2-49DF-A7C0-D1D48B940292@cisco.com> <3B1E3A80-B4A8-4DF0-B345-168BAD532C6E@apple.com>
To: james woodyatt <jhw@apple.com>
X-Mailer: Apple Mail (2.1082)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Cc: NAT66 HappyFunBall <nat66@ietf.org>
Subject: Re: [nat66] Comments on draft-mrw-nat66-12
X-BeenThere: nat66@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "List for discussion of IPv6-to-IPv6 NAT." <nat66.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/nat66>, <mailto:nat66-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nat66>
List-Post: <mailto:nat66@ietf.org>
List-Help: <mailto:nat66-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nat66>, <mailto:nat66-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2011 01:32:49 -0000

On Mar 15, 2011, at 6:12 PM, james woodyatt wrote:

> On Mar 15, 2011, at 4:37 PM, Fred Baker wrote:
>> 
>> The PCP conversation is with the firewall functionality, which is COMPLETELY AND 100% SEPARATE FROM THE NPTv6 TRANSLATOR FUNCTIONALITY.
> 
> Not true entirely true.
> 
> Using NPTv6 to facilitate site multi-homing as described in section 2.4 means that hosts may have multiple external addresses and PCP servers with which to communicate their port control needs to IPv6 firewalls (c.f. REC-48 in RFC 6092) for ports bound to their single locally prefixed interface identifiers.

  "Since there is significant detriment caused by modifying transport
   layer headers and very little, if any, benefit to the use of port
   mapping in IPv6, NPTv6 Translators that comply with this
   specification MUST NOT perform port mapping."

> Look, you don't have to design a PCP proxy server in this draft.  You just need to point out that PCP will need one.  Either that or you need to point out that site multi-homing with NPTv6 isn't compatible with PCP.  Pick one, but please don't just ignore the issue.

I'm sure that the community will be well informed by your draft when you file it.

v2.23.0 | Report a Bug | By Email