Re: [pcp] Official reviewers Request for Learn NAT64 PREFIX64s using PCP
"Reinaldo Penno (repenno)" <repenno@cisco.com> Fri, 17 May 2013 19:24 UTC
Return-Path: <repenno@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B362721F96FC for <pcp@ietfa.amsl.com>; Fri, 17 May 2013 12:24:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OuAYNxGdhnbI for <pcp@ietfa.amsl.com>; Fri, 17 May 2013 12:24:27 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id C1C0721F96EB for <pcp@ietf.org>; Fri, 17 May 2013 12:24:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3644; q=dns/txt; s=iport; t=1368818667; x=1370028267; h=from:to:cc:subject:date:message-id:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=ltyfL5QwV63umnJNXv3d3QnGX4NJJkeGuT9Mk1IDtnk=; b=C+54Z58V29Wm4T7so+kzM43AW1FWKNQ6zn1bj7hdgjYDXx6w8C7UqD/3 V3wxpeflOxRHW/z384JfD8fXsNsUbu+ZUm9BvXfmIs2AiyGShPzaeAYuM hdOtRroC7/gAvmAn/HfjPc7kkk1bA4AJvw27O43mZGAzp2d/uD6aFB5bK E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgsFANaCllGtJV2b/2dsb2JhbABbgwgwwU+BABZ0giEBBDo/EgEIIhRCJQIEDgUIiAQMvU6OcDEHgnNhA5NnhHqQF4MPgiY
X-IronPort-AV: E=Sophos;i="4.87,694,1363132800"; d="scan'208";a="211886298"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-7.cisco.com with ESMTP; 17 May 2013 19:24:27 +0000
Received: from xhc-rcd-x15.cisco.com (xhc-rcd-x15.cisco.com [173.37.183.89]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r4HJOQFm025647 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 17 May 2013 19:24:27 GMT
Received: from xmb-rcd-x04.cisco.com ([169.254.8.77]) by xhc-rcd-x15.cisco.com ([173.37.183.89]) with mapi id 14.02.0318.004; Fri, 17 May 2013 14:24:26 -0500
From: "Reinaldo Penno (repenno)" <repenno@cisco.com>
To: Iljitsch van Beijnum <iljitsch@muada.com>
Thread-Topic: Official reviewers Request for Learn NAT64 PREFIX64s using PCP
Thread-Index: AQHOUicr1T/AnXRP1ECkvJx9NBOsoJkJq9AAgAA5rwA=
Date: Fri, 17 May 2013 19:24:25 +0000
Message-ID: <45A697A8FFD7CF48BCF2BE7E106F06040908782B@xmb-rcd-x04.cisco.com>
In-Reply-To: <751A0C06-CDD7-4FCD-84D0-C0E5BFFE12A7@muada.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.13.0.110805
x-originating-ip: [10.86.254.187]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <C551ADD42AAFD3459EFB1E93867D2046@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "pcp@ietf.org" <pcp@ietf.org>, "draft-ietf-pcp-nat64-prefix64@tools.ietf.org" <draft-ietf-pcp-nat64-prefix64@tools.ietf.org>
Subject: Re: [pcp] Official reviewers Request for Learn NAT64 PREFIX64s using PCP
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 May 2013 19:24:32 -0000
Thanks for the review Iljitsch. I think you have a good point on the separation of what can be done with the discovery of Pref64 alone versus coupled with other mechanisms. The bitorrent use-case is certainly a good representation of that. Load-blancing is also something was discussed but never got into the draft. There were other initiatives around that, specially in BEHAVE WG and med was involved in that. This might be something that could be incorporated into the draft. Regards, Reinaldo On 5/17/13 9:57 AM, "Iljitsch van Beijnum" <iljitsch@muada.com> wrote: >On 16 mei 2013, at 13:19, Reinaldo Penno (repenno) <repenno@cisco.com> >wrote: > >>> Title : Learn NAT64 PREFIX64s using PCP >>> URL : http://tools.ietf.org/html/draft-ietf-pcp-nat64-prefix64-00 >>> Authors: M. Boucadair > >Ok, here is a brief review. Brief in the sense that I didn't >re-familiarize myself with the related RFCs. > >This is clearly useful. > >I found 3.2, and especially 3.2.2 very sparse, I was looking to learn >more about how this mechanism is useful in practice here. Some more >applications/protocols could be listed. However, a lot of information is >provided in 3.3. Unfortunately, there are two issues with this: > >1. SIP is a very complex protocol that not everyone may be familiar with > >2. Unless I misunderstood, a lot of what happens here is pure NAT64, and >unrelated to the knowledge of the Pref64: > >"the PCP Client issues a PCP MAP request with > PORT_RESERVATION_OPTION to reserve a pair of ports preserving parity > and contiguity [I-D.boucadair-pcp-rtp-rtcp]. A pair of ports and an > external IPv4 address are then returned by the PCP server to the > requesting PCP Client." > >It would be more useful to concentrate on the functionality that is only >possible when the Pref64 is known at this point. For instance, in the >case of BitTorrent, IPv4 addresses of prospective peers may be learned >from a tracker. In order for the client to connect to those peers, it >needs to synthesize IPv6 representations for those IPv4 addresses by >combining them with the Pref64. > >It would be useful to spell out that the ability to reserve ports and >learn the external IPv4 address used by the NAT64 (or any NAT) allows for >receiving incoming sessions. For this, the Pref64 is not needed. The >Pref64, on the other hand, allows for setting up outgoing connections to >systems for which only a literal IPv4 address (and not a fully qualified >domain name) is known. But for this, no other PCP functionality is >required. (Although in practice it gets more complex when ports are used >in both directions simultaneously.) > >The abstract starts with "This document defines a new PCP extension to >learn the IPv6 prefix(es) used by a PCP-controlled NAT64 device" but the >PREFIX64 option only allows for one Pref64 and the option may only appear >once, so the (es) part shouldn't be there. (Would the ability to learn >multiple Pref64s be useful?? I guess load balancing across NAT64s with >each a Pref64 of their own is possible.) > >In 4.1 a reference to section 7.3 of RFC 6887 would be useful. > >Although I was unhappy with the SIP example earlier, I think it's >appropriate in section 5 as it shows the full complexity of a real-world >system now that we've learned all the details of the mechanism. I think >the section title should have "SIP" in it, though. > >In the security considerations, I would expect a discussion about what >happens when a malicious third party impersonates a PCP server and >provides a fake Pref64. > >Iljitsch
- Re: [pcp] Official reviewers Request for Learn NA… Iljitsch van Beijnum
- Re: [pcp] Official reviewers Request for Learn NA… Reinaldo Penno (repenno)
- Re: [pcp] Official reviewers Request for Learn NA… Tirumaleswar Reddy (tireddy)
- Re: [pcp] Official reviewers Request for Learn NA… Iljitsch van Beijnum
- Re: [pcp] Official reviewers Request for Learn NA… Tirumaleswar Reddy (tireddy)
- Re: [pcp] Official reviewers Request for Learn NA… Simon Perreault
- Re: [pcp] Official reviewers Request for Learn NA… Tirumaleswar Reddy (tireddy)
- Re: [pcp] Official reviewers Request for Learn NA… Reinaldo Penno (repenno)
- Re: [pcp] Official reviewers Request for Learn NA… mohamed.boucadair