[NSIS] Current Status of NATFW NSLP in 3GPP2
Martin Stiemerling <stiemerling@netlab.nec.de> Thu, 18 May 2006 12:29 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Fghd1-0000NE-Ou; Thu, 18 May 2006 08:29:19 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Fghd0-0000N9-Gm for nsis@ietf.org; Thu, 18 May 2006 08:29:18 -0400
Received: from kyoto.netlab.nec.de ([195.37.70.21]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Fghcv-000772-Vp for nsis@ietf.org; Thu, 18 May 2006 08:29:18 -0400
Received: from [10.1.1.109] (mito.netlab.nec.de [195.37.70.39]) by kyoto.netlab.nec.de (Postfix) with ESMTP id 213AB1BAC4D; Thu, 18 May 2006 14:21:22 +0200 (CEST)
Mime-Version: 1.0 (Apple Message framework v750)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <3E0A857A-5518-4200-9F23-1BE2372757A7@netlab.nec.de>
Content-Transfer-Encoding: 7bit
From: Martin Stiemerling <stiemerling@netlab.nec.de>
Date: Thu, 18 May 2006 14:29:09 +0200
To: nsis <nsis@ietf.org>
X-Mailer: Apple Mail (2.750)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 3002fc2e661cd7f114cb6bae92fe88f1
Cc: Lars Eggert <lars.eggert@netlab.nec.de>
Subject: [NSIS] Current Status of NATFW NSLP in 3GPP2
X-BeenThere: nsis@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Next Steps in Signaling <nsis.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:nsis@ietf.org>
List-Help: <mailto:nsis-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=subscribe>
Errors-To: nsis-bounces@ietf.org
Hi All, Here is a short update with respect to the NATFW NSLP involvement in 3GPP2 (see also email below). The NATFW NSLP has been been added to the "Network Firewall Configuration and Control (NFCC)" document. The 3GPP2 document names is X31-20060424-006 NFCC_Baseline.doc. So it is sure that the NATFW NSLP is used as the NFCC protocol. The working group (WG31, TSG-X) is currently discussing the architecture and the work on the integration of the NSLP is expected to start soon. I will keep the NSIS working group updated about further progress. Martin > Dear all, > > You still remember the draft "Requirements for Firewall > Configuration Protocol" (draft-bajko-nsis-FW-reqs-04.txt) on > 3GPP2's requirements wrt the NATFW NSLP. 3GPP2 is calling this > protocol NFCCP (Network Firewall Configuration and Control Protocol). > > Based on this draft and further discussions between 3GPP2 members > (mainly Gabor) and the NATFW NSLP authors, the NSIS WG has been > invited by the 3GPP2 TSG-X WG 31 (PSN, packet switched networks) to > present the NATFW NSLP protocol. This 3GPP2 WG is looking for > firewall signaling protocol, running mainly between the mobile > terminal and the 3GPP2 network firewalls. > > The NATFW NSLP authors and John have prepared a slide set and > finally John has presented the slides at the last 3GPP2 meeting in > Vancouver (Jan 17th). There has been second proposal for the NFCCP > by Qualcom (http://www.ietf.org/internet-drafts/draft-paddon- > pfcp-00.txt) which is client/server based. The WG had to decided > whether is goes for a client/server or path-coupled approach. > > The presentation worked out fine and almost all questions by 3GPP2 > have been answered. The WG is in favour of the path-coupled NSIS > approach, i.e., the NSIS NATFW NSLP will be the NFCCP. Only some > open issues remained in the end (see below for a list of them). > > The slide set is available here: > > http://www.stiemerling.org/ietf/nsis/ > 3gpp2/3gpp2_nsis_natfw_overview_final.ppt > > The open issues to clarify are: > > 1) port range parameter field > 2) ICMP support > 3) Query method for firewall capabilities > 4) Mobile IPv6 support (later, probably in draft 10) > 5) Wildcarding, i.e., one shot signaling message to teardown a > whole set of policy rules belonging to a specific IP address > 6) Roaming > > All issues are currently being discussed and will be posted issue > by issue to the mailing list soon. Issue 6 is subject to further > discussions with 3GPP2, since the exact technical background is not > yet fully understood by the NATFW authors. Issue 1) has been > discussed at the last IETF meeting and has been agreed to include > this feature. Issue 2) will have a separated email thread > > > With best regards, > > Martin Stiemerling > > NEC Europe Ltd. -- Network Laboratories stiemerling@netlab.nec.de > PGP Key at: http://www.stiemerling.org/stiemerling_nec.gpg > WWW: http://www.netlab.nec.de > > > _______________________________________________ > nsis mailing list > nsis@ietf.org > https://www1.ietf.org/mailman/listinfo/nsis _______________________________________________ nsis mailing list nsis@ietf.org https://www1.ietf.org/mailman/listinfo/nsis
- [NSIS] Current Status of NATFW NSLP in 3GPP2 Martin Stiemerling