Re: [pcp] Comments on draft-ietf-pcp-dhcp-03
<mohamed.boucadair@orange.com> Tue, 07 August 2012 12:56 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5507421F8468 for <pcp@ietfa.amsl.com>; Tue, 7 Aug 2012 05:56:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.979
X-Spam-Level:
X-Spam-Status: No, score=-0.979 tagged_above=-999 required=5 tests=[AWL=-1.131, BAYES_00=-2.599, HELO_EQ_FR=0.35, J_CHICKENPOX_13=0.6, J_CHICKENPOX_15=0.6, J_CHICKENPOX_24=0.6, J_CHICKENPOX_25=0.6, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P9dySKPu4UPK for <pcp@ietfa.amsl.com>; Tue, 7 Aug 2012 05:56:07 -0700 (PDT)
Received: from relais-inet.francetelecom.com (relais-ias91.francetelecom.com [193.251.215.91]) by ietfa.amsl.com (Postfix) with ESMTP id AAA5A21F8609 for <pcp@ietf.org>; Tue, 7 Aug 2012 05:56:06 -0700 (PDT)
Received: from omfedm05.si.francetelecom.fr (unknown [xx.xx.xx.1]) by omfedm13.si.francetelecom.fr (ESMTP service) with ESMTP id 1300C3241D1; Tue, 7 Aug 2012 14:56:05 +0200 (CEST)
Received: from PUEXCH11.nanterre.francetelecom.fr (unknown [10.101.44.27]) by omfedm05.si.francetelecom.fr (ESMTP service) with ESMTP id EC87E35C045; Tue, 7 Aug 2012 14:56:04 +0200 (CEST)
Received: from PUEXCB1B.nanterre.francetelecom.fr ([10.101.44.11]) by PUEXCH11.nanterre.francetelecom.fr ([10.101.44.27]) with mapi; Tue, 7 Aug 2012 14:55:51 +0200
From: mohamed.boucadair@orange.com
To: "Tirumaleswar Reddy (tireddy)" <tireddy@cisco.com>, "pcp@ietf.org" <pcp@ietf.org>
Date: Tue, 07 Aug 2012 14:55:50 +0200
Thread-Topic: [pcp] Comments on draft-ietf-pcp-dhcp-03
Thread-Index: AQHNcnNckAHLzaHHt0W3VNgj76hdP5dLnPPQgAJLlQD//64KoIAAvAJQ
Message-ID: <94C682931C08B048B7A8645303FDC9F36E4CD30245@PUEXCB1B.nanterre.francetelecom.fr>
References: <9B57C850BB53634CACEC56EF4853FF653B7380B2@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <CC416268.88D8%repenno@cisco.com> <9B57C850BB53634CACEC56EF4853FF653B73881F@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <913383AAA69FF945B8F946018B75898A1477C15D@xmb-rcd-x10.cisco.com> <9B57C850BB53634CACEC56EF4853FF653B73D410@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <913383AAA69FF945B8F946018B75898A1477DD69@xmb-rcd-x10.cisco.com>
In-Reply-To: <913383AAA69FF945B8F946018B75898A1477DD69@xmb-rcd-x10.cisco.com>
Accept-Language: fr-FR
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: fr-FR
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2012.8.7.101815
Subject: Re: [pcp] Comments on draft-ietf-pcp-dhcp-03
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Aug 2012 12:56:08 -0000
Dear Tiru, I added this text to the draft to reflect your comment: Multiple Names may be configured to a PCP Client in some deployment contexts such as multi-homing. It is out of scope of this document to enumerate all deployment scenarios which require multiple Names to be configured. Cheers, Med >-----Message d'origine----- >De : pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] De la >part de Tirumaleswar Reddy (tireddy) >Envoyé : mardi 7 août 2012 04:10 >À : Dave Thaler; Reinaldo Penno (repenno); pcp@ietf.org >Objet : Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 > >> A small number of examples might be nice, but I don't think >it can ever >> be complete, >> and so we shouldn't try to enumerate all possible cases. > >Yes, we need some examples. > >--Tiru. > >> -----Original Message----- >> From: Dave Thaler [mailto:dthaler@microsoft.com] >> Sent: Tuesday, August 07, 2012 7:05 AM >> To: Tirumaleswar Reddy (tireddy); Reinaldo Penno (repenno); >> pcp@ietf.org >> Subject: RE: [pcp] Comments on draft-ietf-pcp-dhcp-03 >> >> > -----Original Message----- >> > From: Tirumaleswar Reddy (tireddy) [mailto:tireddy@cisco.com] >> > Sent: Sunday, August 5, 2012 2:46 PM >> > To: Dave Thaler; Reinaldo Penno (repenno); pcp@ietf.org >> > Subject: RE: [pcp] Comments on draft-ietf-pcp-dhcp-03 >> > >> > Hi - >> > >> > I think we need to clarify in the draft when multiple PCP server >> names/IP >> > addresses will be returned by the DHCP server, for example like >> multi-homing >> > case. >> >> A small number of examples might be nice, but I don't think >it can ever >> be complete, >> and so we shouldn't try to enumerate all possible cases. >> >> > Considering various other cases other than multi-homing >> > >> > [1]In High Availability mode of NAT/Firewall devices >(Active/Passive >> Mode), >> > PCP client still gets just one IP address. >> > >> > [2] For example in the draft http://tools.ietf.org/html/draft-rpcw- >> pcp-pmipv6- >> > serv-discovery-00 where selected traffic is offload at the local >> access network. >> > Mobile Node is provided only the PCP server address in the Local >> Access >> > Network and MAG decides if the PCP request will be handled by Home >> network >> > or Local Access Network. >> > >> > [3] In Enterprise use case there could be two to three different >> possibilities >> > >> > a)All the traffic from the branches tunneled back to the >head office >> where >> > there is a NAT/Firewall device. >> > >> > b)Split Tunneling - In this case branch site itself would have >> NAT/Firewall to >> > handle traffic to Internet. >> > How will the DHCP server be populated with the right >Firewall/NAT IP >> > addresses in this case ? >> > >> > [4] >> > Finally we will also need to solve the problem with just >IPv6 (NPTv6, >> Firewall) >> > where there is no DHCPv6 server. >> > From RFC6106 >> > "RA-based DNS configuration is a useful alternative in >networks where >> an IPv6 >> > host's address is auto-configured through IPv6 stateless address >> auto- >> > configuration and where there is either no DHCPv6 infrastructure at >> all or >> > some hosts do not have a DHCPv6 client" >> >> I (with no hats) disagree that a no-DHCPv6 server case needs to be >> solved by this WG. >> >> -Dave >> >> > --Tiru. >> > >> > > -----Original Message----- >> > > From: Dave Thaler [mailto:dthaler@microsoft.com] >> > > Sent: Friday, August 03, 2012 2:30 PM >> > > To: Reinaldo Penno (repenno); pcp@ietf.org >> > > Subject: Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 >> > > >> > > Responding on list for benefit of others, although we already >> talked >> > > in person... >> > > >> > > > -----Original Message----- >> > > > From: Reinaldo Penno (repenno) [mailto:repenno@cisco.com] >> > > > Sent: Friday, August 03, 2012 11:18 AM >> > > > To: Dave Thaler; pcp@ietf.org >> > > > Subject: Re: Comments on draft-ietf-pcp-dhcp-03 >> > > > >> > > > On 8/3/12 10:53 AM, "Dave Thaler" ><dthaler@microsoft.com> wrote: >> > > > >> > > > >> -----Original Message----- >> > > > >> From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On >> > > > >> Behalf >> > > Of >> > > > >> Reinaldo Penno (repenno) >> > > > >> Sent: Friday, August 03, 2012 10:45 AM >> > > > >> To: pcp@ietf.org >> > > > >> Subject: [pcp] Comments on draft-ietf-pcp-dhcp-03 >> > > > >> >> > > > >> After reviewing draft-ietf-pcp-dhcp-03 I believe there are >> some >> > > > >> things I believe we need to tie up. >> > > > > >> > > > >I agree. >> > > > > >> > > > >> When a PCP Client contacts PCP Servers in parallel, >say, IPx1, >> > > IPy1 >> > > > >> and >> > > > >> IPz1 as mentioned in draft and all respond then: >> > > > >> >> > > > >> 1 - What happens to the state in y1 and z1 if PCP Client >> chooses >> > > x1 >> > > > >> to communicate? Probably let it age out or delete mappings. >> > > > > >> > > > >What do you mean by "chooses x1"? >> > > > >> > > > That's what we find in section 6.2 >> > > >> > > Yes but the text is lacking, as this exchange shows. >> > > >> > > > >if we're talking about MAP (for a >> > > > >listening application) do you mean when x, y, and y >are all NATs >> > > rather >> > > > >than FWs, and the client app can only deal with one >external IP >> > > > >address? >> > > > >> > > > The draft says as soon as one PCP Server responds >successfully it >> > > sticks to it. >> > > > So, I'm assuming other PCP Server are not contacted further and >> > > mappings >> > > > will time out or need to be deleted. >> > > > >> > > > As a side effect why would an app get 3 external >IP:ports for the >> > > same >> > > > purpose and consume three times the state. It seems to >me a side >> > > effect of >> > > > the wording more than something the app really needs. >> > > >> > > Two reasons (cases): >> > > a) there's different networks it's providing the same service on, >> e.g. >> > > via the Internet and via some other network. >> > > b) for failover purposes. For example, if it uses SRV records, >> it'd >> > > have >> > > 3 SRV records. If one NAT goes down, the other end will >> > > automatically >> > > use a different IP:port pair (which might be via a different >> ISP). >> > > Otherwise >> > > the failover time is capped at the TTL of the SRV >record, and we >> > > know >> > > DNS TTLs below around 30 seconds aren't respected by many DNS >> > > servers. >> > > So having multiple records provides sub-30-second failover. >> > > >> > > > >If they're firewalls (so the external IP address/port isn't >> > > different), >> > > > >or if the client app can deal with multiple external IP/ports, >> then >> > > I >> > > > >don't think it would choose one. >> > > > >> > > > What's the use case for three? >> > > >> > > Answered above. Note I'm not saying three is appropriate in all >> > > cases. >> > > Only that there is a use case, and the choice is up to >the client, >> > > which is the only entity that knows the use case. >> > > >> > > > Anyway, this exchange is telling in light of >> > > > >> > > > "Once the PCP Client has successfully >> > > > received a response from a PCP Server on that interface, it >> sends >> > > > subsequent PCP requests to that same server until that PCP >> Server >> > > > becomes non-responsive," >> > > > >> > > > > >> > > > >> 2 - If there is a failure on x1 and PCP Client decides to >> > > communicate >> > > > >>with y1, there might be some 'leftover' mappings >for internal >> > > IP:port >> > > > >>(see 1). >> > > > >> PCP Client will need to delete or reuse existing >state in y1. >> > > > >>Important to notice that there is no way to >guarantee that PCP >> > > Server >> > > > >>will allocate same external IP:ports. >> > > > >> >> > > > >> 3 - I guess it is assumed that if PCP Server is co-located >> with >> > > NAT, >> > > > >>if >> > > > >>x1 fails, >> > > > >> traffic (PCP and data) will be diverted to y1. >> > > > > >> > > > >Unclear which model you're referring to (different external >> IP:port >> > > or >> > > > >same external IP:port), can you clarify your question? >> > > > >> > > > The app needs one external IP:port to announce on the external >> world >> > > > through, say, DynDDNS client. Why it would need three >> _different_? >> > > > If >> > > it >> > > > needs them, fine, not sure about use case. But if it >gets 3 as a >> > > collateral effect >> > > > of the bootstrap procedure there is no way to >guarantee they will >> be >> > > the >> > > > same. >> > > >> > > Answered above. >> > > >> > > -Dave >> > > >> > > > >> 4 - Related (2). The draft says that when a PCP Server is >> > > unreachable >> > > > >>(say, y1) PCP Client will continue to try to >communicate even >> > > though >> > > > >>other PCP Server are available. The only way to >'communicate' >> is >> > > > >>sending a request, which might create state. So, when y1 is >> back >> > > up. >> > > > >>y1 might allocate a different external IP:port than other >> server. >> > > > >> >> > > > >> Thanks, >> > > > >> >> > > > >> Reinaldo >> > > >> > > >> > >> > >_______________________________________________ >pcp mailing list >pcp@ietf.org >https://www.ietf.org/mailman/listinfo/pcp >
- [pcp] Comments on draft-ietf-pcp-dhcp-03 Reinaldo Penno (repenno)
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Dave Thaler
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Reinaldo Penno (repenno)
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Dave Thaler
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Tirumaleswar Reddy (tireddy)
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Dave Thaler
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Tirumaleswar Reddy (tireddy)
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 mohamed.boucadair
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 mohamed.boucadair
- Re: [pcp] Comments on draft-ietf-pcp-dhcp-03 Tirumaleswar Reddy (tireddy)