IETF Logo Mail Archive

[pcp] PCP MoM (THURSDAY, November 8, 2012)

"Reinaldo Penno (repenno)" <repenno@cisco.com> Mon, 26 November 2012 14:34 UTC

Return-Path: <repenno@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12C0121F84B6 for <pcp@ietfa.amsl.com>; Mon, 26 Nov 2012 06:34:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P-bbcnEXq+ti for <pcp@ietfa.amsl.com>; Mon, 26 Nov 2012 06:34:42 -0800 (PST)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id E85CB21F8594 for <pcp@ietf.org>; Mon, 26 Nov 2012 06:34:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8542; q=dns/txt; s=iport; t=1353940481; x=1355150081; h=from:to:subject:date:message-id:in-reply-to:content-id: content-transfer-encoding:mime-version; bh=HqZ12d19GiROmxHBFet2WNxvDlpEjRJQaS/PK2Q/gbI=; b=dnflDAhko4BZum6i+yaVbX52HuDlsN3TUwud8yHk/WvkB2xWV7yld6sG g/wu7ewVwHn29OVxuQ7QdKT0olJ/fk3DZH9GFk8qDIvbrDerher3W2Tdo XUKat2iPcDHGL3dL7E51iRdv6zEMF3C1khjSnK2EhSqzhA1zW0JV+rOpZ Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av4EAA59s1CtJV2a/2dsb2JhbABEwCMWc4IgAQQdHTQdARgSFEIlAgQbE4dynk+hC4w3FgaDRGEDpkWCb4FgAR4GGA
X-IronPort-AV: E=McAfee;i="5400,1158,6907"; a="145984032"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-1.cisco.com with ESMTP; 26 Nov 2012 14:34:40 +0000
Received: from xhc-rcd-x04.cisco.com (xhc-rcd-x04.cisco.com [173.37.183.78]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id qAQEYew4032688 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <pcp@ietf.org>; Mon, 26 Nov 2012 14:34:40 GMT
Received: from xmb-rcd-x04.cisco.com ([169.254.8.66]) by xhc-rcd-x04.cisco.com ([173.37.183.78]) with mapi id 14.02.0318.001; Mon, 26 Nov 2012 08:34:40 -0600
From: "Reinaldo Penno (repenno)" <repenno@cisco.com>
To: "pcp@ietf.org" <pcp@ietf.org>
Thread-Topic: PCP MoM (THURSDAY, November 8, 2012)
Thread-Index: AQHNy+MqY9qDbIAuGEiLsDm583scgw==
Date: Mon, 26 Nov 2012 14:34:39 +0000
Message-ID: <45A697A8FFD7CF48BCF2BE7E106F06041761DA@xmb-rcd-x04.cisco.com>
In-Reply-To: <45A697A8FFD7CF48BCF2BE7E106F06041388C2@xmb-rcd-x04.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.13.0.110805
x-originating-ip: [10.21.151.98]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <1239AE80A9230E45835F889682B0008D@cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [pcp] PCP MoM (THURSDAY, November 8, 2012)
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2012 14:34:44 -0000

PCP

THU 1510-1710 =============

Welcome, Agenda bashing                                 (5, Chairs)


Francis Dupont: Adopt DS-Lite document as WG document?  Dave Thaler: Will
post
question on mailing list


    WGLC Results                                        (30)
    draft-ietf-pcp-base                                 (Dan Wing)

Paul Selkirk: The restrictions about delete-all should only apply to the
simple
threat model, not the advanced threat model

Dan Wing: We don't have the text for advanced threat model written yet

Paul Selkirk: But the document still describes delete-all, and then says it
doesn't work

Dave Thaler: Document can reference what's allowed under advanced threat
model,
without specifying how advanced threat model will work

Paul Selkirk: Disallowing delete-all is a loss of functionality compared to
NAT-PMP

Stuart Cheshire: But we decided that functionality was not a good idea

Margaret Wasserman: Document should limit making educated guesses about
what
advanced threat model allows before we know how advanced threat model
works.

Dave Thaler: Document should explicitly state this explicitly, e.g. "If
simple
threat model, then nonce must match; advanced threat model is yet to be
defined"


    draft-ietf-pcp-upnp-igd-internetworking

Paul Selkirk: I have some minor editorial nits with this document, but
overall
it is complete, and has no wacky ideas.


    draft-ietf-pcp-dhcp                               (Mohamed Boucadair)


Stuart: Why name rather than IP address?

Ralph: Use RFC 1035 encoding for forward compatibility with changes to
DNS, e.g.
internationalization.  Dave: RFC 1035 restricts us to DNS names.  Strings
are
not DNS names, pass string to name resolver, not specifically DNS resolver.

Stuart: We should make a decision, should not accept non-fully qualified
domain
names (including trailing '.').

Stuart Cheshire: Should fit in with existing DHC conventions Mohamed
Boucadair:
This issue is closed; this WG and DHC have already approved this

Ralph Droms: Really? DHC discussed this only this morning.

Stuart Cheshire: Whatever it says, the document needs to be unambiguous

Pete Resnick: Is what the DHCP server hands out protocol, or is it
presentation
layer that gets translated into protocol? If it's protocol, define it
tightly.
If it's presentation layer, you have to deal with all kinds of translation
issues.

Dave: It's protocol.

Stuart: If we require the client to validate the name, we have to say how,
but
it's okay to remove the restriction in the first place.


Stuart: Happy to defer to DHC WG about how to convey multiple strings.
(e.g.
single option with null separators or space separators.)

Dan: Embedded nulls make me nervous, because poorly-written clients pass
strings
to things like strcpy().

Ralph: Multiple options or multiple sub-options are the norm in DHCP
(including
v6).

Dave Thaler: In DHCPv4, multiple options are concatenated, so even with
multiple
options a separator or length prefix is still necessary

Med to consult with Ted Lemon. If no objection, adopt Stuart's proposal for
length byte followed by string, optionally followed by more counted
strings?



Optimizing NAT and Firewall Keepalives Using PCP      (10, Markus Isomaki)
draft-reddy-pcp-optimize-keepalives

Keepalive Incentive Issues                            (10, Dave Thaler)
(draft-ietf-pcp-base, draft-reddy-pcp-optimize-keepalives)

Dave: Should we recommend that middleboxes give longer mapping timeout as a
result of using PCP than for connections without PCP?  If so, in which
doc?  If
not, what's the point of mentioning it in the spec?

Gang: Reducing keepalives beneficial not only to power, but to reducing
congestion on the air interface.

Stuart: Usefulness of timeout detection algorithms is unproven.  You're
assuming
the lifetime of two different mappings is the same.  You're assuming
there's a
stable lifetime in the first place.  PEER gives the client a defined,
committed
lifetime, so this gives you more reliability.

Markus: Timeout detection algorithms are known to fail. This may make them
more
reliable.

Reinaldo: This could give us a way to detect not just the first middlebox,
but
other on-path middleboxes as well.

Simon: We don't have any operational experience with this, so making a
recommendation may be premature.  Dave: There are documents in the IESG
that are
requiring use of PCP for power saving.

Q1: Should there be a statement in some document? Strong hum in favor, none
opposed.  

Q2: Should this statement be in pcp-base? Strong hum in favor, none
opposed.

Ask on list for objections.


Using PCP to control NAT and Firewalls in Multihoming (10, Tiru Reddy)
    draft-patil-pcp-multihoming-00

PCP Server Selection                                  (10, Mohamed
Boucadair)
    draft-boucadair-pcp-server-selection

Tiru Reddy: Propose merging the two documents

Dave: draft-boucadair-pcp-server-selection is a new non-WG document, but
all the
text is from a prior version of the dhcp document, which was accepted as a
WG
document, so the assumption is that this will be accepted as a WG document.

Dave: We could choose to combine these two documents, or say that server
selection stands on its own, and the multihoming draft just covers use
cases.
Prashanth: In favor of merging documents.

Will call on list for objection to adopting as WG document.


Retrieving the Capabilities of a PCP-controlled Device
draft-boucadair-pcp-capability                        (10, Tiru Reddy)

Dave Thaler: Yes, this is a valid problem. Clients may need to tailor
behavior
depending on whether server is NAT or Firewall

Margaret Wasserman: Question is not as simple as "NAT or Firewall?" Things
are
not strictly NATs or firewalls, and the lines can be blurred so much that
you
can't give a meaningful answer.  Very seldom in favor of any
capability-discovery mechanism because they cause unnecessary failures.

Stuart Cheshire: Problem is interesting, but we need to get some
operational
experience before we can say what is the right answer Dan Wing: Agree that
capability discovery is fragile. Taxonomy of NAT vs. Firewall is too
simplistic.


Learn NAT64 PREFIX64s using PCP                       (10, Mohamed
Boucadair)
    draft-boucadair-pcp-nat64-prefix64-option

Dave Thaler: BEHAVE WG has a heuristic for this, which may not work in all
cases

Dan Wing: Should we ask BEHAVE WG to reference this solution?

Dan Wing: Have you done a comparison of the BEHAVE heuristic compared to
the PCP
message?

Mohamed Boucadair: Haven't done a detailed comparison with heuristic.
People
agree PCP is better

Dave Thaler: If DHCP and PCP answers differ, then trust the PCP server --
it
ought to know

Tiru Reddy: PCP version also gives you the lifetime

Dave Thaler: Call for adoption: strong hums in favor, none against.



Analysis of PCP in Mobile Networks draft-chen-pcp-mobile-deployment
(10, Mohamed Boucadair)

Margaret Wasserman: Why would we run PCP differently in mobile networks?
What
makes mobile networks different?

Mohamed Boucadair: It's guidance for network operators Reinaldo: Server
discovery may be different, may not be your default gateway.  Gang Chen:
Mobile
networks are different Margaret Wasserman: What makes PCP server discovery
different

Stuart Cheshire: 3GPP does not use DHCPv4, so it's not that "mobile" is
different, it's that we have to define how to do PCP server discovery on
3GPP

Stuart Cheshire: Apple Airport will act on any PCP request it sees,
regardless
of destination addr/port. So the solution may be anycast.



Using PCP To Coordinate Between the CGN and Home Gateway Via Port
Allocation
draft-tsou-pcp-natcoord-08                            (10, Simon Perreault)


Alain Durand: Is this for PEER or only MAP?  Simon Perreault: Only MAP
Alain: I
don't buy the no-DHCP argument. Also, is this idempotent?  Simon: If you
retransmit the same request with the same nonce, you get the same port
set. If
you transmit a new request with a new nonce, you get a different port set.

Dave: Is this only for NAT44, or can it be extended to NAT64?  Simon: This
works
the same for NAT44, NAT64, NAT66, etc.

Call on list for adoption.

Dave: Thanks to Alain for his service.


=== END ===

v2.23.0 | Report a Bug | By Email