Re: [radext] draft-cheng-behave-cgn-cfg-radius-ext-07 feedback

Jouni Korhonen <> Sat, 26 July 2014 00:49 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 96F081A0AF1 for <>; Fri, 25 Jul 2014 17:49:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id O-ZNHarumJbR for <>; Fri, 25 Jul 2014 17:49:19 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:400c:c05::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 809B91A0AEF for <>; Fri, 25 Jul 2014 17:49:19 -0700 (PDT)
Received: by with SMTP id hi2so1798076wib.4 for <>; Fri, 25 Jul 2014 17:49:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=VVvnz8cSZL2YgS7HVLsWAZoCpJvQoBEMEV8reSw1GDk=; b=bRLnGvRs6D5/Q+OQxzM1Cyo8Zq0mVv10I4zrGcl3JqwpUTYxzHZTlDcFCO2TfKregj 3juQXwBKM9PwZVt5GF8HanYhlCFKpnoX/eCHKPBCr0cLBZmtlyAjFdtmErTW1m+u5EdB ODXIV3dpqqsHHK3HBaNC+H0AgnZY80IsYhesrdU3xC/C9k281IDphup7zsVLXsmOq0+w rKxicV9pBHH8UomaXFNgIDvzVYmHi+or5ZUtkMpFIud1GQNpIjekZFNdExQLrm+83oPE 7fgSRzEZqrdlu/KeoEBpOH3zVhua7bVXG3V4EWseuph8DbAek2pEwTvwmAm9RSPvOeAm t4RA==
X-Received: by with SMTP id or3mr25623039wjc.31.1406335758189; Fri, 25 Jul 2014 17:49:18 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id eh10sm1444186wic.0.2014. for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 25 Jul 2014 17:49:17 -0700 (PDT)
Message-ID: <>
Date: Sat, 26 Jul 2014 03:49:14 +0300
From: Jouni Korhonen <>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Arran Cudbard-Bell <>,
References: <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [radext] draft-cheng-behave-cgn-cfg-radius-ext-07 feedback
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 26 Jul 2014 00:49:24 -0000

Just for my clarification, we did not handle 
draft-cheng-behave-cgn-cfg-radius-ext during the meeting, thus which 
document is meant here then? I assume 
draft-ietf-radext-ip-port-radius-ext is meant here, right.

- Jouni

7/25/2014 9:33 PM, Arran Cudbard-Bell kirjoitti:
> Following up from the meeting at IETF90
> SCTP/UDP encapsulation
> ----------------------
> RFC6951 does allow SCTP to be encapsulated by UDP packets.
> The reasons stated in the RFC are for legacy NAT traversal, and to allow SCTP to be
> implemented on hosts which do not allow direct access to the IP layer.
> When tunnelling SCTP UDP/9899 is used, though this is not a requirement, and the RFC states
> that other ports can be used.
> Do people feel that it would be useful to be able to represent tunnelling with the attributes
> of cgn-cfg?
> Protocol enumeration
> --------------------
> Majority of NAT'd communications will likely be TCP/UDP ICMP, but there is no reason why
> SCTP and other more exotic protocols couldn't be NAT'd.
> To support arbitrary protocols, the extended IP-Port-Type attribute could reference the
> IANA protocol numbers registry, with the caveat that the protocol referenced used ports
> as connection identifiers.
> Multiple IP-Port-Type attributes could be included to represent a port mapping in multiple
> protocols (where enum values 1 and 2 are used currently).
> Explicit references to TCP/UDP/ICMP other than where used as examples would then be removed.
> Reporting for dynamic CGN sessions (PCP)
> ----------------------------------------
> ISPs are looking at NAT44 as a stopgap measure until v6 connectivity is sufficient to
> run v6 only on CPEs.
> UPnP to PCP gateways on the CPE allow legacy applications to work, by requesting specific
> public ports on the NAT44 device.
> Reporting for all N to 1 mappings required when used by ISPs for compliance reasons
> (in the UK at least). Law enforcement needs to be able to map Public IP/Port to private
> IP and subscriber.
> Just to check, in these cases would IP-Port-Forwarding-Map would be used to report these
> mappings, in a similar way as to how IP-Port-Range is used in Section 4.1.2?
> Clarification around IP Port Allocation/De-allocation
> -----------------------------------------------------
> Section 4.1.2 describes a method of reporting range allocation and range deallocation but
> does not describe how to differentiate between the two.
> Making an inference from other parts of the document, it seems that each Accounting-Request
> packet records information about a single IP-Port-Range or IP-Port-Forwarding-Map
> allocation/deallocation.
> Are separate RADIUS accounting sessions then, generated for each IP-Port-Range or
> IP-Port-Forwarding-Map? Should these sessions be linked to the subscriber's BNG session
> with Acct-Multi-Session-Id?
> Or alternatively are each of the Accounting-Requests just Interim-Updates, and if so how
> do we know when a port allocation is being reported as opposed to deallocation?
> -Arran
> _______________________________________________
> radext mailing list