Re: [radext] draft-cheng-behave-cgn-cfg-radius-ext-07 feedback

Jouni Korhonen <jouni.nospam@gmail.com> Sat, 26 July 2014 00:49 UTC

Return-Path: <jouni.nospam@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96F081A0AF1 for <radext@ietfa.amsl.com>; Fri, 25 Jul 2014 17:49:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O-ZNHarumJbR for <radext@ietfa.amsl.com>; Fri, 25 Jul 2014 17:49:19 -0700 (PDT)
Received: from mail-wi0-x22b.google.com (mail-wi0-x22b.google.com [IPv6:2a00:1450:400c:c05::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 809B91A0AEF for <radext@ietf.org>; Fri, 25 Jul 2014 17:49:19 -0700 (PDT)
Received: by mail-wi0-f171.google.com with SMTP id hi2so1798076wib.4 for <radext@ietf.org>; Fri, 25 Jul 2014 17:49:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=VVvnz8cSZL2YgS7HVLsWAZoCpJvQoBEMEV8reSw1GDk=; b=bRLnGvRs6D5/Q+OQxzM1Cyo8Zq0mVv10I4zrGcl3JqwpUTYxzHZTlDcFCO2TfKregj 3juQXwBKM9PwZVt5GF8HanYhlCFKpnoX/eCHKPBCr0cLBZmtlyAjFdtmErTW1m+u5EdB ODXIV3dpqqsHHK3HBaNC+H0AgnZY80IsYhesrdU3xC/C9k281IDphup7zsVLXsmOq0+w rKxicV9pBHH8UomaXFNgIDvzVYmHi+or5ZUtkMpFIud1GQNpIjekZFNdExQLrm+83oPE 7fgSRzEZqrdlu/KeoEBpOH3zVhua7bVXG3V4EWseuph8DbAek2pEwTvwmAm9RSPvOeAm t4RA==
X-Received: by 10.194.216.163 with SMTP id or3mr25623039wjc.31.1406335758189; Fri, 25 Jul 2014 17:49:18 -0700 (PDT)
Received: from [10.203.136.160] ([209.226.201.240]) by mx.google.com with ESMTPSA id eh10sm1444186wic.0.2014.07.25.17.49.16 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 25 Jul 2014 17:49:17 -0700 (PDT)
Message-ID: <53D2FB0A.1050002@gmail.com>
Date: Sat, 26 Jul 2014 03:49:14 +0300
From: Jouni Korhonen <jouni.nospam@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Arran Cudbard-Bell <a.cudbardb@freeradius.org>, radext@ietf.org
References: <mailman.0.1406300368.3016.radext@ietf.org> <D1A82475-4CAA-49D8-A2E3-AC07F4879F15@freeradius.org>
In-Reply-To: <D1A82475-4CAA-49D8-A2E3-AC07F4879F15@freeradius.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/radext/oj84AMT5IjtVgrXyF2SQWM1LFs4
Subject: Re: [radext] draft-cheng-behave-cgn-cfg-radius-ext-07 feedback
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Jul 2014 00:49:24 -0000

Just for my clarification, we did not handle 
draft-cheng-behave-cgn-cfg-radius-ext during the meeting, thus which 
document is meant here then? I assume 
draft-ietf-radext-ip-port-radius-ext is meant here, right.

- Jouni

7/25/2014 9:33 PM, Arran Cudbard-Bell kirjoitti:
> Following up from the meeting at IETF90
>
> SCTP/UDP encapsulation
> ----------------------
> RFC6951 does allow SCTP to be encapsulated by UDP packets.
> The reasons stated in the RFC are for legacy NAT traversal, and to allow SCTP to be
> implemented on hosts which do not allow direct access to the IP layer.
>
> When tunnelling SCTP UDP/9899 is used, though this is not a requirement, and the RFC states
> that other ports can be used.
>
> Do people feel that it would be useful to be able to represent tunnelling with the attributes
> of cgn-cfg?
>
> Protocol enumeration
> --------------------
> Majority of NAT'd communications will likely be TCP/UDP ICMP, but there is no reason why
> SCTP and other more exotic protocols couldn't be NAT'd.
>
> To support arbitrary protocols, the extended IP-Port-Type attribute could reference the
> IANA protocol numbers registry, with the caveat that the protocol referenced used ports
> as connection identifiers.
>
> Multiple IP-Port-Type attributes could be included to represent a port mapping in multiple
> protocols (where enum values 1 and 2 are used currently).
>
> Explicit references to TCP/UDP/ICMP other than where used as examples would then be removed.
>
> Reporting for dynamic CGN sessions (PCP)
> ----------------------------------------
> ISPs are looking at NAT44 as a stopgap measure until v6 connectivity is sufficient to
> run v6 only on CPEs.
>
> UPnP to PCP gateways on the CPE allow legacy applications to work, by requesting specific
> public ports on the NAT44 device.
>
> Reporting for all N to 1 mappings required when used by ISPs for compliance reasons
> (in the UK at least). Law enforcement needs to be able to map Public IP/Port to private
> IP and subscriber.
>
> Just to check, in these cases would IP-Port-Forwarding-Map would be used to report these
> mappings, in a similar way as to how IP-Port-Range is used in Section 4.1.2?
>
> Clarification around IP Port Allocation/De-allocation
> -----------------------------------------------------
> Section 4.1.2 describes a method of reporting range allocation and range deallocation but
> does not describe how to differentiate between the two.
>
> Making an inference from other parts of the document, it seems that each Accounting-Request
> packet records information about a single IP-Port-Range or IP-Port-Forwarding-Map
> allocation/deallocation.
>
> Are separate RADIUS accounting sessions then, generated for each IP-Port-Range or
> IP-Port-Forwarding-Map? Should these sessions be linked to the subscriber's BNG session
> with Acct-Multi-Session-Id?
>
> Or alternatively are each of the Accounting-Requests just Interim-Updates, and if so how
> do we know when a port allocation is being reported as opposed to deallocation?
>
> -Arran
>
>
>
>
> _______________________________________________
> radext mailing list
> radext@ietf.org
> https://www.ietf.org/mailman/listinfo/radext
>