Re: [pcp] PCP-base 02: Section 7.7
"Dan Wing" <dwing@cisco.com> Tue, 11 January 2011 17:32 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: pcp@core3.amsl.com
Delivered-To: pcp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E35D428C282 for <pcp@core3.amsl.com>; Tue, 11 Jan 2011 09:32:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.531
X-Spam-Level:
X-Spam-Status: No, score=-110.531 tagged_above=-999 required=5 tests=[AWL=0.068, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BAyEmUKnT7TJ for <pcp@core3.amsl.com>; Tue, 11 Jan 2011 09:32:45 -0800 (PST)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id A5B1828C273 for <pcp@ietf.org>; Tue, 11 Jan 2011 09:32:45 -0800 (PST)
Authentication-Results: sj-iport-4.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EAM8jLE2rR7H+/2dsb2JhbACXTYxsc6NhmHCFTASEaA
Received: from sj-core-2.cisco.com ([171.71.177.254]) by sj-iport-4.cisco.com with ESMTP; 11 Jan 2011 17:35:02 +0000
Received: from dwingWS ([10.32.240.194]) by sj-core-2.cisco.com (8.13.8/8.14.3) with ESMTP id p0BHZ2s8002248; Tue, 11 Jan 2011 17:35:02 GMT
From: Dan Wing <dwing@cisco.com>
To: mohamed.boucadair@orange-ftgroup.com, 'Francis Dupont' <Francis.Dupont@fdupont.fr>, 'Simon Perreault' <simon.perreault@viagenie.ca>
References: Your message of Mon, 10 Jan 2011 08:45:02 EST. <4D2B0D5E.5030302@viagenie.ca> <201101102301.p0AN1rcs084678@givry.fdupont.fr> <19ba01cbb122$f11dfd70$d359f850$@com> <837_1294728928_4D2BFEE0_837_116100_1_94C682931C08B048B7A8645303FDC9F33C3FD7B3C4@PUEXCB1B.nanterre.francetelecom.fr>
In-Reply-To: <837_1294728928_4D2BFEE0_837_116100_1_94C682931C08B048B7A8645303FDC9F33C3FD7B3C4@PUEXCB1B.nanterre.francetelecom.fr>
Date: Tue, 11 Jan 2011 09:35:02 -0800
Message-ID: <1d8901cbb1b5$e093ca50$a1bb5ef0$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcuxGnH/oFEq0BUFQIqUfjE7XufIxwABnQoQAA6BC4AAFMrhsA==
Content-Language: en-us
Cc: pcp@ietf.org
Subject: Re: [pcp] PCP-base 02: Section 7.7
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jan 2011 17:32:47 -0000
> -----Original Message----- > From: mohamed.boucadair@orange-ftgroup.com > [mailto:mohamed.boucadair@orange-ftgroup.com] > Sent: Monday, January 10, 2011 10:55 PM > To: Dan Wing; 'Francis Dupont'; 'Simon Perreault' > Cc: pcp@ietf.org > Subject: RE: [pcp] PCP-base 02: Section 7.7 > > Hi Dan, > > As a reminder, I have enumerated a set of advantages of implementing > what was called option 2 (http://www.ietf.org/mail- > archive/web/pcp/current/msg00483.html). > > In http://www.ietf.org/mail-archive/web/pcp/current/msg00487.html, I > tried to explain that implementing option 1 may not reduce keepalives > in some contexts since the refresh interval is forced by the server and > not by the client (see SIP example for instance). Thanks for the pointers. The first URL says: > I don't know how we can forbid applications to use option 2 > which is the obvious one to avoid overloading service > elements with keepalive messages! > > As a concrete example: In the current VoIP deployments SBC > or P-CSCF forces the SIP User Agent to send frequent > REGISTER messages (setting a small value of expire timer); > these messages are not forwarded to the core service > elements. The main purpose is to maintain the NAT binding > in case a NAT is traversed alive. Both the NAT and SBC are > overloaded with these keepalive messages. For the NAT side > this may not be an issue when the NAT is embedded in the > CPE but this may be become sensitive for the CGN case. > > If PCP is used to instruct a mapping before issuing the > REGISTER message: (1) the CGN is not overloaded, (2) > service contact point is not overloaded, (3) the client can > use the external IP address/port to build its application > messages (e.g., SIP) and thus no need to implement extra > function in the service side (e.g., SBC) or in the CGN > (e.g., SIP ALG), (4) the service elements can detect the > present of non-transparent NAT by comparing the content of > the message with the source IP/port information, (5) the > client is aware of the lifetime of the mapping in the CGN > which important to avoid sending aggressive keeplines > (e.g., 20s for Ipsec clients), etc. and the second URL reinforces that connect-then-lifetime does not have property (3). Here is how I see property (3) implemented when doing connect-then-lifetime, following the REGISTER procedure described at http://tools.ietf.org/html/draft-ietf-sipping-nat-scenarios-13#page-16 SIP UA PCP server SIP proxy | | | |--SIP REGISTER, rport------------------------->| |<-Ok, port=12345-------------------------------| | | | |-PIN44, REMOTE_PEER=<sip proxy>->| | |<--lifetime=3600, ext-port=12345-| | | | | What is the disadvantage of reducing SIP keepalives that way? For RTP, message flow would be like this, again doing connect-then-lifetime. The difference is we don't get anything like an "rport=NNN" from the remote peer. But, we don't need it anyway except to detect a rogue NAT on the path between the PCP-controlled NAT and the RTP peer. If the SIP UA wanted to detect such a rogue NAT, it would need to send ICE (STUN) messages to the RTP peer. SIP UA PCP server RTP peer | | | |--RTP message--------------------------------->| |--RTP message--------------------------------->| |--... more RTP messages ...------------------->| |--RTP message--------------------------------->| | | | |-PIN44, REMOTE_PEER=<rtp peer>=->| | |<--lifetime=3600, ext-port=12345-| | | | | As with SIP, the SIP UA does not need to be in a hurry to communicate with the PCP server. -d > Cheers, > Med > > -----Message d'origine----- > De : Dan Wing [mailto:dwing@cisco.com] > Envoyé : mardi 11 janvier 2011 01:03 > À : 'Francis Dupont'; 'Simon Perreault'; BOUCADAIR Mohamed OLNC/NAD/TIP > Cc : pcp@ietf.org > Objet : RE: [pcp] PCP-base 02: Section 7.7 > > > > > -----Original Message----- > > From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On Behalf Of > > Francis Dupont > > Sent: Monday, January 10, 2011 3:02 PM > > To: Simon Perreault > > Cc: pcp@ietf.org > > Subject: Re: [pcp] PCP-base 02: Section 7.7 > > > > > > In your previous mail you wrote: > > > > Note that this was discussed in the virtual interim meeting. I > seem > > to > > recall the consensus being that the advantage of easy deployment > > outweighed the disadvantages. > > > > => I am afraid this argument would not close the subject... > > and there was no consensus, just a 'go to next point'. > > > > (Were the minutes of the meeting posted?) > > > > => +1! > > > > Francis.Dupont@fdupont.fr > > > > PS: BTW the 'ease of deployment' is not a good argument as it applied > > only on hosts, not on NATs, when IMHO at least 50% of the deployed > > base won't support it. > > For reference, this is Issue #17, > http://trac.tools.ietf.org/wg/pcp/trac/ticket/17 > > In the post http://www.ietf.org/mail- > archive/web/pcp/current/msg00474.html, > Simon described the host implementation difficulty. This got agreement > from > Dave Thaler, http://www.ietf.org/mail- > archive/web/pcp/current/msg00475.html > and Lars Eggert, > http://www.ietf.org/mail-archive/web/pcp/current/msg00480.html. > > I do not find a post that describes the NAT implementation difficulty. > > I found posts that suggest NATs want to have different port ranges for > PCP-controlled ports than for dynamically-created connections. That's > makes > some sense when the user is operating a server. But I don't understand > how > separate NAT port ranges are helpful/necessary for the application > keepalives case. > > If this does help the NAT, it seems we will need to force (MUST) the > hosts > to allocate a source port in the non-ephemeral port range and follow > the > other steps described in > http://www.ietf.org/mail-archive/web/pcp/current/msg00474.html. > > -d > > > > > ********************************* > This message and any attachments (the "message") are confidential and > intended solely for the addressees. > Any unauthorised use or dissemination is prohibited. > Messages are susceptible to alteration. > France Telecom Group shall not be liable for the message if altered, > changed or falsified. > If you are not the intended addressee of this message, please cancel it > immediately and inform the sender. > ********************************
- [pcp] PCP-base 02: Section 7.7 mohamed.boucadair
- Re: [pcp] PCP-base 02: Section 7.7 Simon Perreault
- Re: [pcp] PCP-base 02: Section 7.7 mohamed.boucadair
- Re: [pcp] PCP-base 02: Section 7.7 Francis Dupont
- Re: [pcp] PCP-base 02: Section 7.7 Francis Dupont
- Re: [pcp] PCP-base 02: Section 7.7 Simon Perreault
- Re: [pcp] PCP-base 02: Section 7.7 Simon Perreault
- Re: [pcp] PCP-base 02: Section 7.7 Dan Wing
- Re: [pcp] PCP-base 02: Section 7.7 Francis Dupont
- Re: [pcp] PCP-base 02: Section 7.7 mohamed.boucadair
- Re: [pcp] PCP-base 02: Section 7.7 Dan Wing
- Re: [pcp] PCP-base 02: Section 7.7 mohamed.boucadair
- Re: [pcp] PCP-base 02: Section 7.7 Francis Dupont
- [pcp] client/server/symmetric [was RE: PCP-base 0… Dan Wing
- Re: [pcp] PCP-base 02: Section 7.7 Francis Dupont
- Re: [pcp] PCP-base 02: Section 7.7 Francis Dupont
- Re: [pcp] PCP-base 02: Section 7.7 Dan Wing
- Re: [pcp] PCP-base 02: Section 7.7 Dan Wing
- Re: [pcp] PCP-base 02: Section 7.7 Francis Dupont
- Re: [pcp] PCP-base 02: Section 7.7 Dan Wing
- Re: [pcp] PCP-base 02: Section 7.7 Simon Perreault
- Re: [pcp] PCP-base 02: Section 7.7 Simon Perreault
- Re: [pcp] PCP-base 02: Section 7.7 Francis Dupont
- Re: [pcp] PCP-base 02: Section 7.7 Simon Perreault
- Re: [pcp] client/server/symmetric [was RE: PCP-ba… Jacni Qin
- Re: [pcp] client/server/symmetric [was RE: PCP-ba… Dan Wing
- Re: [pcp] client/server/symmetric [was RE: PCP-ba… Jacni Qin
- Re: [pcp] client/server/symmetric [was RE: PCP-ba… Dan Wing
- Re: [pcp] client/server/symmetric [was RE: PCP-ba… mohamed.boucadair
- Re: [pcp] client/server/symmetric [was RE: PCP-ba… Dan Wing
- Re: [pcp] client/server/symmetric [was RE: PCP-ba… mohamed.boucadair
- Re: [pcp] client/server/symmetric [was RE: PCP-ba… Dan Wing
- [pcp] Review of pcp-base-3 Reinaldo Penno
- Re: [pcp] Review of pcp-base-3 Dan Wing
- Re: [pcp] Review of pcp-base-3 Francis Dupont
- Re: [pcp] Review of pcp-base-3 Francis Dupont
- Re: [pcp] Review of pcp-base-3 Francis Dupont
- Re: [pcp] Review of pcp-base-3 Francis Dupont
- Re: [pcp] Review of pcp-base-3 Dan Wing
- Re: [pcp] Review of pcp-base-3 Reinaldo Penno
- Re: [pcp] Review of pcp-base-3 Francis Dupont
- [pcp] PCP packet layout [was RE: Review of pcp-ba… Dan Wing
- Re: [pcp] PCP packet layout [was RE: Review of pc… Francis Dupont
- Re: [pcp] PCP packet layout [was RE: Review of pc… Dan Wing
- Re: [pcp] PCP packet layout [was RE: Review of pc… Francis Dupont
- Re: [pcp] PCP packet layout [was RE: Review of pc… Dan Wing