IETF Logo Mail Archive

Re: [pcp] WGLC: draft-ietf-pcp-base-12.txt

Tina Tsou <tena@huawei.com> Tue, 07 June 2011 18:17 UTC

Return-Path: <tena@huawei.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11AEA11E8131 for <pcp@ietfa.amsl.com>; Tue, 7 Jun 2011 11:17:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.299
X-Spam-Level:
X-Spam-Status: No, score=-104.299 tagged_above=-999 required=5 tests=[AWL=-1.700, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s0XwbswYM40f for <pcp@ietfa.amsl.com>; Tue, 7 Jun 2011 11:17:51 -0700 (PDT)
Received: from usaga01-in.huawei.com (usaga01-in.huawei.com [206.16.17.211]) by ietfa.amsl.com (Postfix) with ESMTP id 058C311E812E for <pcp@ietf.org>; Tue, 7 Jun 2011 11:17:51 -0700 (PDT)
Received: from huawei.com (usaml01-in [172.18.4.6]) by usaga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LMF0065TMTQGX@usaga01-in.huawei.com> for pcp@ietf.org; Tue, 07 Jun 2011 13:17:50 -0500 (CDT)
Received: from TingZousc1 ([12.133.183.34]) by usaga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0LMF008C1MTPBA@usaga01-in.huawei.com> for pcp@ietf.org; Tue, 07 Jun 2011 13:17:50 -0500 (CDT)
Date: Tue, 07 Jun 2011 11:17:14 -0700
From: Tina Tsou <tena@huawei.com>
In-reply-to: <04d801cc231a$6b2747c0$4175d740$@com>
To: 'Dan Wing' <dwing@cisco.com>, 'Dave Thaler' <dthaler@microsoft.com>, pcp@ietf.org
Message-id: <004001cc253f$3600ef20$a202cd60$@com>
MIME-version: 1.0
X-Mailer: Microsoft Office Outlook 12.0
Content-type: text/plain; charset="us-ascii"
Content-language: en-us
Content-transfer-encoding: 7bit
Thread-index: AcwXKk61FuyajK7hRbulosJtjQ9K5wK/sVTgABOocjAAKHAzUACJWLSw
References: <9B57C850BB53634CACEC56EF4853FF653B0BA0FD@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <9B57C850BB53634CACEC56EF4853FF653B0E7836@TK5EX14MBXW601.wingroup.windeploy.ntdev.microsoft.com> <01bb01cc2277$eb072b70$c1158250$@com> <04d801cc231a$6b2747c0$4175d740$@com>
Subject: Re: [pcp] WGLC: draft-ietf-pcp-base-12.txt
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2011 18:17:53 -0000

Dan,
Comments are in line beginning with [Tina: ...].


We keep our promises with one another - no matter what!

Best Regards,
Tina TSOU
http://tinatsou.weebly.com/contact.html


-----Original Message-----
From: Dan Wing [mailto:dwing@cisco.com] 
Sent: Saturday, June 04, 2011 5:49 PM
To: 'Tina Tsou'; 'Dave Thaler'; pcp@ietf.org
Subject: RE: [pcp] WGLC: draft-ietf-pcp-base-12.txt

> -----Original Message-----
> From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On Behalf Of
> Tina Tsou
> Sent: Friday, June 03, 2011 10:26 PM
> To: 'Dave Thaler'; pcp@ietf.org
> Subject: Re: [pcp] WGLC: draft-ietf-pcp-base-12.txt
> 
> Dear all,
> In section7, there is one description:
> "It is REQUIRED that the PCP-controlled device assign the same
>    external IP address to PCP-created explicit dynamic mappings and to
>    implicit dynamic mappings."
> It is only a requirement to CGN, but some existing CGN may not support
> this requirement as defined in RFC4787-[REQ1]:
> "Some NATs use the external IP address mapping in an arbitrary fashion
>    (i.e., randomly): one internal IP address could have multiple
>    external IP address mappings active at the same time for different
>    sessions"

You quoted non-normative text; later in that same section of RFC4787
it explains how random ("Arbitrary") assignment causes harm.  REQ-2
says that "paired" is RECOMMENDED.

> Therefore, I suggest the PCP client should also support this
> requirement which was actually defined in 00 version but deleted in
> later versions (maybe I missed the reason of the text change):
> If there is any existing PCP mapping, PCP client should only request
> the same external IP address as the one of those existing mappings. The
> reason is that it will allow applications that use multiple ports
> originating from the same internal IP address to also have the same
> external IP address.


We (the NAT and PCP server) can't know if, when there is an implicit
dynamic connection from a host's source port, that connection was
done by the same application as the explicit mapping, or if the OS
happened to assign that source port to some other (unrelated) 
application.
[Tina: If the connection was done by one application as the explicit
mapping, e.g., PCP mapping, the subsequent connection from the same internal
IP address will use the same external IP address according to the PCP
mapping. The implicit mapping will not match in this case. If the connection
was done by one application as the implicit mapping, the subsequent
connection can also use the same external IP address because the application
can make the PCP client to meet the same requirement.]

If the NAT is EIM, it will reuse the same mapping it already 
has.  Because that is the definition of being a EIM NAT.  
And it is important that all implicit dynamic mappings use the
same public IPv4 address (for all the reasons stated in the
existing UDP and TCP RFCs).  We don't want PCP to make that
situation worse because some other un-related application did
a MAP request.

If it is a non-EIM NAT, I suppose there is a way to use separate
pools, if the non-EIM NAT applies some sort of logic to the 
implicit sessions -- the logic described in #2 of 
http://tools.ietf.org/html/draft-ietf-pcp-base-12#section-11.1
If you want/need that, please provide text.
[Tina: The proposed texts are as below:
In non-EIM NAT case, PCP client should only request the same external IP
address as the one of those existing links for one application. The
reason is that it will allow application that use multiple ports originating
from the same internal IP address to also have the same
external IP address.]

But I fear the interaction that is created if non-EIM NAT
could create mappings on arbitrary IP addresses while EIM
NAT creates mappings on the same IP address.  For example,
if an application was tested with an EIM NAT (which always
assigns PCP-created mappings and implicit mappings to the
same external IP address), that application may well fail
when deployed behind a non-EIM NAT that (a) allocates different
IP addresses for different PCP mappings or (b) different IP
addresses for PCP mappings versus implicit dynamic mappings.

-d


> 
> Have a good weekend.
> 
> We keep our promises with one another - no matter what!
> 
> Best Regards,
> Tina TSOU
> http://tinatsou.weebly.com/contact.html
> 
> From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On Behalf Of
> Dave Thaler
> Sent: Friday, June 03, 2011 1:02 PM
> To: pcp@ietf.org
> Subject: Re: [pcp] WGLC: draft-ietf-pcp-base-12.txt
> 
> Some comments on -12 are in the marked up copy at
> http://research.microsoft.com/users/dthaler/draft-ietf-pcp-base-12.pdf
> 
> -Dave
> 
> From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On Behalf Of
> Dave Thaler
> Sent: Friday, May 20, 2011 1:18 PM
> To: pcp@ietf.org
> Subject: [pcp] WGLC: draft-ietf-pcp-base-12.txt
> 
> This message starts a two-week WGLC on
> http://www.ietf.org/internet-drafts/draft-ietf-pcp-base-12.txt
> 
> This last call will conclude on June 3rd at 5pm EST.
> 
> Please send your comments to the list.
> 
> We are scheduling a WebEx call shortly after the WGLC concludes,
> and will send out details in separate email.
> 
> Thanks,
> -Dave and Alain
> 
>

v2.23.0 | Report a Bug | By Email