Re: [pcp] Comments on draft-ietf-pcp-dhcp-03
"Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com> Wed, 08 August 2012 06:03 UTC
Return-Path: <tireddy@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 692DE11E8132 for <pcp@ietfa.amsl.com>; Tue, 7 Aug 2012 23:03:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.129
X-Spam-Level:
X-Spam-Status: No, score=-9.129 tagged_above=-999 required=5 tests=[AWL=-0.930, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, J_CHICKENPOX_15=0.6, J_CHICKENPOX_24=0.6, J_CHICKENPOX_25=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H1FVGvLvgX08 for <pcp@ietfa.amsl.com>; Tue, 7 Aug 2012 23:03:20 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id 759B011E812B for <pcp@ietf.org>; Tue, 7 Aug 2012 23:03:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=tireddy@cisco.com; l=10510; q=dns/txt; s=iport; t=1344405800; x=1345615400; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=OY1cz76b8SCb2oKgZYBUnFkDUvOvLgMAnRkwJJPhrkI=; b=KP7G/JjF2WHma5Zo+mSRMK31i5aq5djlF3Yli1zs7Xxlv/gZD6Rh4Qnf n/8ilC2yqk+jbMDwSY+xU/S6BYepvEoGZ2ssnYEyewXeyVHyC3uMBO73U tkRYehhKquwyJIVw4C44sjP8Ah2jtCFeXvy3Qnan5ASBHxls6gQwVcbi5 M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EABIAIlCtJXHB/2dsb2JhbABFuWyBB4IgAQEBAwEBAQEPAVsXBAIBCBEEAQEBCh0HJwsUCQgCBAESCBqHZQYLmlegQ4sPhgBgA4gYjkSNEoFmgl8
X-IronPort-AV: E=Sophos;i="4.77,730,1336348800"; d="scan'208";a="109248616"
Received: from rcdn-core2-6.cisco.com ([173.37.113.193]) by rcdn-iport-1.cisco.com with ESMTP; 08 Aug 2012 06:03:19 +0000
Received: from xhc-aln-x15.cisco.com (xhc-aln-x15.cisco.com [173.36.12.89]) by rcdn-core2-6.cisco.com (8.14.5/8.14.5) with ESMTP id q7863J2M027625 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 8 Aug 2012 06:03:19 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.216]) by xhc-aln-x15.cisco.com ([173.36.12.89]) with mapi id 14.02.0298.004; Wed, 8 Aug 2012 01:03:19 -0500
From: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, "pcp@ietf.org" <pcp@ietf.org>
Thread-Topic: [pcp] Comments on draft-ietf-pcp-dhcp-03
Thread-Index: AQHNcnNckAHLzaHHt0W3VNgj76hdP5dLnPPQgAJLlQD//64KoIAAvAJQgAEen5A=
Date: Wed, 08 Aug 2012 06:03:18 +0000
Message-ID: <913383AAA69FF945B8F946018B75898A1477ED49@xmb-rcd-x10.cisco.com>
References: <9B57C850BB53634CACEC56EF4853FF653B7380B2@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <CC416268.88D8%repenno@cisco.com> <9B57C850BB53634CACEC56EF4853FF653B73881F@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <913383AAA69FF945B8F946018B75898A1477C15D@xmb-rcd-x10.cisco.com> <9B57C850BB53634CACEC56EF4853FF653B73D410@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <913383AAA69FF945B8F946018B75898A1477DD69@xmb-rcd-x10.cisco.com> <94C682931C08B048B7A8645303FDC9F36E4CD30245@PUEXCB1B.nanterre.francetelecom.fr>
In-Reply-To: <94C682931C08B048B7A8645303FDC9F36E4CD30245@PUEXCB1B.nanterre.francetelecom.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.85.136]
x-tm-as-product-ver: SMEX-10.2.0.1135-7.000.1014-19092.004
x-tm-as-result: No--63.545800-8.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [pcp] Comments on draft-ietf-pcp-dhcp-03
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Aug 2012 06:03:22 -0000
> -----Original Message----- > From: mohamed.boucadair@orange.com > [mailto:mohamed.boucadair@orange.com] > Sent: Tuesday, August 07, 2012 6:26 PM > To: Tirumaleswar Reddy (tireddy); pcp@ietf.org > Subject: RE: [pcp] Comments on draft-ietf-pcp-dhcp-03 > > Dear Tiru, > > I added this text to the draft to reflect your comment: > > Multiple Names may be configured to a PCP Client in some deployment > contexts such as multi-homing. It is out of scope of this document > to enumerate all deployment scenarios which require multiple Names > to be configured. Hi Med - The text looks good. If you can highlight at least one use case of multi-homing you have in mind that would be great (An example in the Appendix would also work) --Tiru. > > Cheers, > Med > > >-----Message d'origine----- > >De : pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] De la > >part de Tirumaleswar Reddy (tireddy) > >Envoyé : mardi 7 août 2012 04:10 > >À : Dave Thaler; Reinaldo Penno (repenno); pcp@ietf.org > >Objet : Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 > > > >> A small number of examples might be nice, but I don't think > >it can ever > >> be complete, > >> and so we shouldn't try to enumerate all possible cases. > > > >Yes, we need some examples. > > > >--Tiru. > > > >> -----Original Message----- > >> From: Dave Thaler [mailto:dthaler@microsoft.com] > >> Sent: Tuesday, August 07, 2012 7:05 AM > >> To: Tirumaleswar Reddy (tireddy); Reinaldo Penno (repenno); > >> pcp@ietf.org > >> Subject: RE: [pcp] Comments on draft-ietf-pcp-dhcp-03 > >> > >> > -----Original Message----- > >> > From: Tirumaleswar Reddy (tireddy) [mailto:tireddy@cisco.com] > >> > Sent: Sunday, August 5, 2012 2:46 PM > >> > To: Dave Thaler; Reinaldo Penno (repenno); pcp@ietf.org > >> > Subject: RE: [pcp] Comments on draft-ietf-pcp-dhcp-03 > >> > > >> > Hi - > >> > > >> > I think we need to clarify in the draft when multiple PCP server > >> names/IP > >> > addresses will be returned by the DHCP server, for example like > >> multi-homing > >> > case. > >> > >> A small number of examples might be nice, but I don't think > >it can ever > >> be complete, > >> and so we shouldn't try to enumerate all possible cases. > >> > >> > Considering various other cases other than multi-homing > >> > > >> > [1]In High Availability mode of NAT/Firewall devices > >(Active/Passive > >> Mode), > >> > PCP client still gets just one IP address. > >> > > >> > [2] For example in the draft http://tools.ietf.org/html/draft- > rpcw- > >> pcp-pmipv6- > >> > serv-discovery-00 where selected traffic is offload at the local > >> access network. > >> > Mobile Node is provided only the PCP server address in the Local > >> Access > >> > Network and MAG decides if the PCP request will be handled by Home > >> network > >> > or Local Access Network. > >> > > >> > [3] In Enterprise use case there could be two to three different > >> possibilities > >> > > >> > a)All the traffic from the branches tunneled back to the > >head office > >> where > >> > there is a NAT/Firewall device. > >> > > >> > b)Split Tunneling - In this case branch site itself would have > >> NAT/Firewall to > >> > handle traffic to Internet. > >> > How will the DHCP server be populated with the right > >Firewall/NAT IP > >> > addresses in this case ? > >> > > >> > [4] > >> > Finally we will also need to solve the problem with just > >IPv6 (NPTv6, > >> Firewall) > >> > where there is no DHCPv6 server. > >> > From RFC6106 > >> > "RA-based DNS configuration is a useful alternative in > >networks where > >> an IPv6 > >> > host's address is auto-configured through IPv6 stateless address > >> auto- > >> > configuration and where there is either no DHCPv6 infrastructure > at > >> all or > >> > some hosts do not have a DHCPv6 client" > >> > >> I (with no hats) disagree that a no-DHCPv6 server case needs to be > >> solved by this WG. > >> > >> -Dave > >> > >> > --Tiru. > >> > > >> > > -----Original Message----- > >> > > From: Dave Thaler [mailto:dthaler@microsoft.com] > >> > > Sent: Friday, August 03, 2012 2:30 PM > >> > > To: Reinaldo Penno (repenno); pcp@ietf.org > >> > > Subject: Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 > >> > > > >> > > Responding on list for benefit of others, although we already > >> talked > >> > > in person... > >> > > > >> > > > -----Original Message----- > >> > > > From: Reinaldo Penno (repenno) [mailto:repenno@cisco.com] > >> > > > Sent: Friday, August 03, 2012 11:18 AM > >> > > > To: Dave Thaler; pcp@ietf.org > >> > > > Subject: Re: Comments on draft-ietf-pcp-dhcp-03 > >> > > > > >> > > > On 8/3/12 10:53 AM, "Dave Thaler" > ><dthaler@microsoft.com> wrote: > >> > > > > >> > > > >> -----Original Message----- > >> > > > >> From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On > >> > > > >> Behalf > >> > > Of > >> > > > >> Reinaldo Penno (repenno) > >> > > > >> Sent: Friday, August 03, 2012 10:45 AM > >> > > > >> To: pcp@ietf.org > >> > > > >> Subject: [pcp] Comments on draft-ietf-pcp-dhcp-03 > >> > > > >> > >> > > > >> After reviewing draft-ietf-pcp-dhcp-03 I believe there are > >> some > >> > > > >> things I believe we need to tie up. > >> > > > > > >> > > > >I agree. > >> > > > > > >> > > > >> When a PCP Client contacts PCP Servers in parallel, > >say, IPx1, > >> > > IPy1 > >> > > > >> and > >> > > > >> IPz1 as mentioned in draft and all respond then: > >> > > > >> > >> > > > >> 1 - What happens to the state in y1 and z1 if PCP Client > >> chooses > >> > > x1 > >> > > > >> to communicate? Probably let it age out or delete mappings. > >> > > > > > >> > > > >What do you mean by "chooses x1"? > >> > > > > >> > > > That's what we find in section 6.2 > >> > > > >> > > Yes but the text is lacking, as this exchange shows. > >> > > > >> > > > >if we're talking about MAP (for a > >> > > > >listening application) do you mean when x, y, and y > >are all NATs > >> > > rather > >> > > > >than FWs, and the client app can only deal with one > >external IP > >> > > > >address? > >> > > > > >> > > > The draft says as soon as one PCP Server responds > >successfully it > >> > > sticks to it. > >> > > > So, I'm assuming other PCP Server are not contacted further > and > >> > > mappings > >> > > > will time out or need to be deleted. > >> > > > > >> > > > As a side effect why would an app get 3 external > >IP:ports for the > >> > > same > >> > > > purpose and consume three times the state. It seems to > >me a side > >> > > effect of > >> > > > the wording more than something the app really needs. > >> > > > >> > > Two reasons (cases): > >> > > a) there's different networks it's providing the same service > on, > >> e.g. > >> > > via the Internet and via some other network. > >> > > b) for failover purposes. For example, if it uses SRV records, > >> it'd > >> > > have > >> > > 3 SRV records. If one NAT goes down, the other end will > >> > > automatically > >> > > use a different IP:port pair (which might be via a different > >> ISP). > >> > > Otherwise > >> > > the failover time is capped at the TTL of the SRV > >record, and we > >> > > know > >> > > DNS TTLs below around 30 seconds aren't respected by many DNS > >> > > servers. > >> > > So having multiple records provides sub-30-second failover. > >> > > > >> > > > >If they're firewalls (so the external IP address/port isn't > >> > > different), > >> > > > >or if the client app can deal with multiple external > IP/ports, > >> then > >> > > I > >> > > > >don't think it would choose one. > >> > > > > >> > > > What's the use case for three? > >> > > > >> > > Answered above. Note I'm not saying three is appropriate in > all > >> > > cases. > >> > > Only that there is a use case, and the choice is up to > >the client, > >> > > which is the only entity that knows the use case. > >> > > > >> > > > Anyway, this exchange is telling in light of > >> > > > > >> > > > "Once the PCP Client has successfully > >> > > > received a response from a PCP Server on that interface, it > >> sends > >> > > > subsequent PCP requests to that same server until that PCP > >> Server > >> > > > becomes non-responsive," > >> > > > > >> > > > > > >> > > > >> 2 - If there is a failure on x1 and PCP Client decides to > >> > > communicate > >> > > > >>with y1, there might be some 'leftover' mappings > >for internal > >> > > IP:port > >> > > > >>(see 1). > >> > > > >> PCP Client will need to delete or reuse existing > >state in y1. > >> > > > >>Important to notice that there is no way to > >guarantee that PCP > >> > > Server > >> > > > >>will allocate same external IP:ports. > >> > > > >> > >> > > > >> 3 - I guess it is assumed that if PCP Server is co-located > >> with > >> > > NAT, > >> > > > >>if > >> > > > >>x1 fails, > >> > > > >> traffic (PCP and data) will be diverted to y1. > >> > > > > > >> > > > >Unclear which model you're referring to (different external > >> IP:port > >> > > or > >> > > > >same external IP:port), can you clarify your question? > >> > > > > >> > > > The app needs one external IP:port to announce on the external > >> world > >> > > > through, say, DynDDNS client. Why it would need three > >> _different_? > >> > > > If > >> > > it > >> > > > needs them, fine, not sure about use case. But if it > >gets 3 as a > >> > > collateral effect > >> > > > of the bootstrap procedure there is no way to > >guarantee they will > >> be > >> > > the > >> > > > same. > >> > > > >> > > Answered above. > >> > > > >> > > -Dave > >> > > > >> > > > >> 4 - Related (2). The draft says that when a PCP Server is > >> > > unreachable > >> > > > >>(say, y1) PCP Client will continue to try to > >communicate even > >> > > though > >> > > > >>other PCP Server are available. The only way to > >'communicate' > >> is > >> > > > >>sending a request, which might create state. So, when y1 is > >> back > >> > > up. > >> > > > >>y1 might allocate a different external IP:port than other > >> server. > >> > > > >> > >> > > > >> Thanks, > >> > > > >> > >> > > > >> Reinaldo > >> > > > >> > > > >> > > >> > > > >_______________________________________________ > >pcp mailing list > >pcp@ietf.org > >https://www.ietf.org/mailman/listinfo/pcp > >
- [pcp] Comments on draft-ietf-pcp-dhcp-03 Reinaldo Penno (repenno)
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Dave Thaler
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Reinaldo Penno (repenno)
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Dave Thaler
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Tirumaleswar Reddy (tireddy)
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Dave Thaler
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Tirumaleswar Reddy (tireddy)
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 mohamed.boucadair
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 mohamed.boucadair
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Tirumaleswar Reddy (tireddy)