IETF Logo Mail Archive

Re: [radext] draft-ietf-radext-ip-port-radius-ext

Dean cheng <dean.cheng@huawei.com> Wed, 12 October 2016 03:56 UTC

Return-Path: <dean.cheng@huawei.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40E4D129465 for <radext@ietfa.amsl.com>; Tue, 11 Oct 2016 20:56:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.217
X-Spam-Level:
X-Spam-Status: No, score=-7.217 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I8mRpBjSlcFm for <radext@ietfa.amsl.com>; Tue, 11 Oct 2016 20:55:58 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDE78129409 for <radext@ietf.org>; Tue, 11 Oct 2016 20:55:57 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml703-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CSY11888; Wed, 12 Oct 2016 03:55:55 +0000 (GMT)
Received: from DFWEML703-CAH.china.huawei.com (10.193.5.177) by lhreml703-cah.china.huawei.com (10.201.5.104) with Microsoft SMTP Server (TLS) id 14.3.235.1; Wed, 12 Oct 2016 04:55:55 +0100
Received: from DFWEML501-MBB.china.huawei.com ([10.193.5.179]) by DFWEML703-CAH.china.huawei.com ([10.193.5.177]) with mapi id 14.03.0235.001; Tue, 11 Oct 2016 20:55:52 -0700
From: Dean cheng <dean.cheng@huawei.com>
To: Paul Aitken <paitken@brocade.com>, "draft-ietf-radext-ip-port-radius-ext@tools.ietf.org" <draft-ietf-radext-ip-port-radius-ext@tools.ietf.org>
Thread-Topic: [radext] draft-ietf-radext-ip-port-radius-ext
Thread-Index: AQHSJAAu16Wv/kgYX06Go4HR8UNZ/KCkEo+g
Date: Wed, 12 Oct 2016 03:55:51 +0000
Message-ID: <DC7880973D477648AC15A3BA66253F686F302C27@dfweml501-mbb>
References: <eeb529fc-4639-5c1f-f2a2-4fe9fd722d35@brocade.com> <2aa8a0ae-6974-f167-21f4-249a2bc0d69a@brocade.com>
In-Reply-To: <2aa8a0ae-6974-f167-21f4-249a2bc0d69a@brocade.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.212.246.190]
Content-Type: multipart/mixed; boundary="_002_DC7880973D477648AC15A3BA66253F686F302C27dfweml501mbb_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020201.57FDB44C.0054, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 2ee7c04c7b1e85de0f45f935457a6376
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/ZLVeJaRgZeT0qImOuDowZK5RwfY>
Cc: "bclaise@cisco.com" <bclaise@cisco.com>, "radext@ietf.org" <radext@ietf.org>, "Kathleen.Moriarty.ietf@gmail.com" <Kathleen.Moriarty.ietf@gmail.com>
Subject: Re: [radext] draft-ietf-radext-ip-port-radius-ext
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2016 03:56:02 -0000

Paul,

We certainly missed this email of comments, but 
please see below.

Regards
Dean

> -----Original Message-----
> From: radext [mailto:radext-bounces@ietf.org] On Behalf Of Paul Aitken
> Sent: Tuesday, October 11, 2016 1:43 PM
> To: draft-ietf-radext-ip-port-radius-ext@tools.ietf.org
> Cc: bclaise@cisco.com; radext@ietf.org;
> Kathleen.Moriarty.ietf@gmail.com
> Subject: Re: [radext] draft-ietf-radext-ip-port-radius-ext
> 
> Authors I've been waiting 2 months, yet no reply?
> 
> P.
> 
> 
> On 08/11/16 17:24, Paul Aitken wrote:
> > Dear Authors, some questions came to mind while reviewing section 3.2
> > of your draft:
> >
> >
> > Q1: Why define a new TLV-Type 1..11 simply to encode an IPFIX
> > Information Element?
> >
> > Since there's a 1:1 mapping between the TLV-Type and IPFIX Element ID,
> > the scheme you propose would be more extensible if the IPFIX Element
> > ID was used instead of the TLV-Type since it would require one less
> > registry. True, one additional byte would be required in the encoding.
> > However, the advantage is that in future anyone could encode a new
> TLV
> > by using the relevant IPFIX ID, without having to also define a new
> > TLV-Type for it.

The definition of the TLV-Type field (refer to Section 2.3 of RFC6929)
is very different than that of IPFIX IE identifiers (refer to
Section 4 of RFC5102), not just the size (8 bits vs. 16 bits)
but also semantics, reserved values etc.  

> >
> >
> > Q2: In each TLV, the Length field is redundant since it can always be
> > determined from the TLV-Type: it's always 6, with special cases for
> > TLV-Types 5 (Length is 18) and 11 (Length could be determined by a
> > NULL terminator on the string). This suggests that the length is not
> > required in the protocol, so why not remove it entirely?

The length field is the second required one in a TLV structure, refer
to Section 2.3 of RFC6929.

> >
> >
> > However, many of the descriptions say "contains the data ... right
> > justified, and the unused bits in this field MUST be set to zero. "
> >
> > Q3: Wouldn't it be better to limit the length of the field to an
> > appropriate size for the data, and encode that size in the Length?

This question was also raised by Suresh Krishnan, which was 
already answered by Alan DeKok (see the attached).

> >
> >
> > For example, the transportType in 3.2.1 is just one octet long
> > (unsigned8) - so there's no reason to encode it in 32 bits. Why not
> > encode it like so:
> >
> >     0                   1 2                   3
> >     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >    |       TLV-Type = TBAx1        |    Length     | transportType |
> > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >
> >
> > The natEvent in 3.2.8 is also an unsigned8, so it would be encoded
> > similarly - except that the TLV-Type would be 230, which is the IE ID
> > of the IPFIX natEvent.
> >
> >
> > The natTransportLimit in 3.2.2 is an unsigned16 - so there's no need
> > to encode it in 32 bits. Why not encode it like so:
> >
> >     0                   1 2                   3
> >     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >    |       TLV-Type = TBAx2        |    Length |natTransportLimit ...
> > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >   ...              |
> >    +-+-+-+-+-+-+-+-+
> >
> > 3.2.9 and 3.2.10 would be similar. The encoding of 3.2.3, 3.2.4, and
> > 3.2.5 would all be as shown in the draft, except that the TLV-type
> > would be two octets long and contain the IPFIX IE ID. The
> > sourceTransportPort in 3.2.6 is an unsigned16 - so there's no need to
> > encode it in 32 bits. Why not encode it like so:
> >
> >     0                   1 2                   3
> >     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >    | TLV-Type = sourceTransportPort|    Length     |
> > sourceTransportPort ...
> > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >   ...              |
> >    +-+-+-+-+-+-+-+-+
> >
> > The encoding of 3.2.7 would be similar.
> 
> _______________________________________________
> radext mailing list
> radext@ietf.org
> https://www.ietf.org/mailman/listinfo/radext
--- Begin Message --- 
On Aug 18, 2016, at 5:53 AM, Suresh Krishnan <suresh.krishnan@ericsson.com> wrote:
> * Why are the the uint8 and unit16 based types getting stuffed into 32
> bit fields inside the TLVs? This feels like a complete waste. Is there
> any specific reason this is required?

  The limited nature of RADIUS data types.  This behaviour is mandated by RFC 6158

https://tools.ietf.org/html/rfc6158#appendix-A.2.1
--- End Message ---

v2.23.0 | Report a Bug | By Email