Re: [radext] draft-ietf-radext-ip-port-radius-ext
Dean cheng <dean.cheng@huawei.com> Wed, 12 October 2016 03:56 UTC
Return-Path: <dean.cheng@huawei.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40E4D129465 for <radext@ietfa.amsl.com>; Tue, 11 Oct 2016 20:56:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.217
X-Spam-Level:
X-Spam-Status: No, score=-7.217 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I8mRpBjSlcFm for <radext@ietfa.amsl.com>; Tue, 11 Oct 2016 20:55:58 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDE78129409 for <radext@ietf.org>; Tue, 11 Oct 2016 20:55:57 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml703-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CSY11888; Wed, 12 Oct 2016 03:55:55 +0000 (GMT)
Received: from DFWEML703-CAH.china.huawei.com (10.193.5.177) by lhreml703-cah.china.huawei.com (10.201.5.104) with Microsoft SMTP Server (TLS) id 14.3.235.1; Wed, 12 Oct 2016 04:55:55 +0100
Received: from DFWEML501-MBB.china.huawei.com ([10.193.5.179]) by DFWEML703-CAH.china.huawei.com ([10.193.5.177]) with mapi id 14.03.0235.001; Tue, 11 Oct 2016 20:55:52 -0700
From: Dean cheng <dean.cheng@huawei.com>
To: Paul Aitken <paitken@brocade.com>, "draft-ietf-radext-ip-port-radius-ext@tools.ietf.org" <draft-ietf-radext-ip-port-radius-ext@tools.ietf.org>
Thread-Topic: [radext] draft-ietf-radext-ip-port-radius-ext
Thread-Index: AQHSJAAu16Wv/kgYX06Go4HR8UNZ/KCkEo+g
Date: Wed, 12 Oct 2016 03:55:51 +0000
Message-ID: <DC7880973D477648AC15A3BA66253F686F302C27@dfweml501-mbb>
References: <eeb529fc-4639-5c1f-f2a2-4fe9fd722d35@brocade.com> <2aa8a0ae-6974-f167-21f4-249a2bc0d69a@brocade.com>
In-Reply-To: <2aa8a0ae-6974-f167-21f4-249a2bc0d69a@brocade.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.212.246.190]
Content-Type: multipart/mixed; boundary="_002_DC7880973D477648AC15A3BA66253F686F302C27dfweml501mbb_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.57FDB44C.0054, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 2ee7c04c7b1e85de0f45f935457a6376
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/ZLVeJaRgZeT0qImOuDowZK5RwfY>
Cc: "bclaise@cisco.com" <bclaise@cisco.com>, "radext@ietf.org" <radext@ietf.org>, "Kathleen.Moriarty.ietf@gmail.com" <Kathleen.Moriarty.ietf@gmail.com>
Subject: Re: [radext] draft-ietf-radext-ip-port-radius-ext
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2016 03:56:02 -0000
Paul, We certainly missed this email of comments, but please see below. Regards Dean > -----Original Message----- > From: radext [mailto:radext-bounces@ietf.org] On Behalf Of Paul Aitken > Sent: Tuesday, October 11, 2016 1:43 PM > To: draft-ietf-radext-ip-port-radius-ext@tools.ietf.org > Cc: bclaise@cisco.com; radext@ietf.org; > Kathleen.Moriarty.ietf@gmail.com > Subject: Re: [radext] draft-ietf-radext-ip-port-radius-ext > > Authors I've been waiting 2 months, yet no reply? > > P. > > > On 08/11/16 17:24, Paul Aitken wrote: > > Dear Authors, some questions came to mind while reviewing section 3.2 > > of your draft: > > > > > > Q1: Why define a new TLV-Type 1..11 simply to encode an IPFIX > > Information Element? > > > > Since there's a 1:1 mapping between the TLV-Type and IPFIX Element ID, > > the scheme you propose would be more extensible if the IPFIX Element > > ID was used instead of the TLV-Type since it would require one less > > registry. True, one additional byte would be required in the encoding. > > However, the advantage is that in future anyone could encode a new > TLV > > by using the relevant IPFIX ID, without having to also define a new > > TLV-Type for it. The definition of the TLV-Type field (refer to Section 2.3 of RFC6929) is very different than that of IPFIX IE identifiers (refer to Section 4 of RFC5102), not just the size (8 bits vs. 16 bits) but also semantics, reserved values etc. > > > > > > Q2: In each TLV, the Length field is redundant since it can always be > > determined from the TLV-Type: it's always 6, with special cases for > > TLV-Types 5 (Length is 18) and 11 (Length could be determined by a > > NULL terminator on the string). This suggests that the length is not > > required in the protocol, so why not remove it entirely? The length field is the second required one in a TLV structure, refer to Section 2.3 of RFC6929. > > > > > > However, many of the descriptions say "contains the data ... right > > justified, and the unused bits in this field MUST be set to zero. " > > > > Q3: Wouldn't it be better to limit the length of the field to an > > appropriate size for the data, and encode that size in the Length? This question was also raised by Suresh Krishnan, which was already answered by Alan DeKok (see the attached). > > > > > > For example, the transportType in 3.2.1 is just one octet long > > (unsigned8) - so there's no reason to encode it in 32 bits. Why not > > encode it like so: > > > > 0 1 2 3 > > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > | TLV-Type = TBAx1 | Length | transportType | > > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > > > > > The natEvent in 3.2.8 is also an unsigned8, so it would be encoded > > similarly - except that the TLV-Type would be 230, which is the IE ID > > of the IPFIX natEvent. > > > > > > The natTransportLimit in 3.2.2 is an unsigned16 - so there's no need > > to encode it in 32 bits. Why not encode it like so: > > > > 0 1 2 3 > > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > | TLV-Type = TBAx2 | Length |natTransportLimit ... > > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > ... | > > +-+-+-+-+-+-+-+-+ > > > > 3.2.9 and 3.2.10 would be similar. The encoding of 3.2.3, 3.2.4, and > > 3.2.5 would all be as shown in the draft, except that the TLV-type > > would be two octets long and contain the IPFIX IE ID. The > > sourceTransportPort in 3.2.6 is an unsigned16 - so there's no need to > > encode it in 32 bits. Why not encode it like so: > > > > 0 1 2 3 > > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > | TLV-Type = sourceTransportPort| Length | > > sourceTransportPort ... > > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > ... | > > +-+-+-+-+-+-+-+-+ > > > > The encoding of 3.2.7 would be similar. > > _______________________________________________ > radext mailing list > radext@ietf.org > https://www.ietf.org/mailman/listinfo/radext
--- Begin Message ---On Aug 18, 2016, at 5:53 AM, Suresh Krishnan <suresh.krishnan@ericsson.com> wrote: > * Why are the the uint8 and unit16 based types getting stuffed into 32 > bit fields inside the TLVs? This feels like a complete waste. Is there > any specific reason this is required? The limited nature of RADIUS data types. This behaviour is mandated by RFC 6158 https://tools.ietf.org/html/rfc6158#appendix-A.2.1--- End Message ---
- [radext] draft-ietf-radext-ip-port-radius-ext Kathleen Moriarty
- Re: [radext] draft-ietf-radext-ip-port-radius-ext Paul Aitken
- Re: [radext] draft-ietf-radext-ip-port-radius-ext Dean cheng
- Re: [radext] draft-ietf-radext-ip-port-radius-ext Paul Aitken
- Re: [radext] draft-ietf-radext-ip-port-radius-ext Dean cheng