Re: [shara] [Fwd: Re: shared-addressing-issues-00 questions]
Gregory Lebovitz <gregory.ietf@gmail.com> Thu, 19 March 2009 01:59 UTC
Return-Path: <gregory.ietf@gmail.com>
X-Original-To: shara@core3.amsl.com
Delivered-To: shara@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 543E33A6768 for <shara@core3.amsl.com>;
Wed, 18 Mar 2009 18:59:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.573
X-Spam-Level:
X-Spam-Status: No, score=-2.573 tagged_above=-999 required=5 tests=[AWL=0.025,
BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VIO-ur0ZVldH for
<shara@core3.amsl.com>; Wed, 18 Mar 2009 18:59:09 -0700 (PDT)
Received: from rv-out-0506.google.com (rv-out-0506.google.com
[209.85.198.224]) by core3.amsl.com (Postfix) with ESMTP id A77263A6A7E for
<shara@ietf.org>; Wed, 18 Mar 2009 18:59:09 -0700 (PDT)
Received: by rv-out-0506.google.com with SMTP id k40so285058rvb.49 for
<shara@ietf.org>; Wed, 18 Mar 2009 18:59:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=domainkey-signature:mime-version:received:in-reply-to:references
:date:message-id:subject:from:to:cc:content-type;
bh=wUsc/x6T1pEIyfaw9Xm1Gl/xLYCKoUKqHv3mE7XEUh8=;
b=CLTh9W1D9UfNkqH99znZeGSSX9xANWDfA+hLcxIyF21qxJZfkLbInizftcAs0TNjqF
9jMLRDfQkceGUa/heZsQO0PBW3DgJKPM6NdcGn1ep/daF7dSLpPnnAgZEYefeI0W/iCy
z7K07ZG15BWR8KNgExkL0Nmllcnxs65gpTGps=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:cc:content-type;
b=DlNYerAbx9ILEo98Gwla0SaCC1UcQybZKQ1pX1wEzArLKSdpE1klzCrOVePObQfv8C
cQfyizM8pq0teXsw4rkQZYgiYRzIK8g+NAYB3ZsxbyCZC9xnj7LP4IUsEnIJ8AOMHOBa
ppfFdvP1KdG9ZOFVaSifD7qio/7fqGMHNajQQ=
MIME-Version: 1.0
Received: by 10.114.181.6 with SMTP id d6mr1217107waf.94.1237427994189;
Wed, 18 Mar 2009 18:59:54 -0700 (PDT)
In-Reply-To: <49C18FB1.8090106@isoc.org>
References: <49C18FB1.8090106@isoc.org>
Date: Wed, 18 Mar 2009 18:59:54 -0700
Message-ID: <f1548840903181859k51922b8di9903081c700684dc@mail.gmail.com>
From: Gregory Lebovitz <gregory.ietf@gmail.com>
To: Matthew Ford <ford@isoc.org>
Content-Type: multipart/alternative; boundary=00163646d98707615804656f287d
Cc: Alain Durand <alain_durand@cable.comcast.com>, shara@ietf.org,
Phil Roberts <roberts@isoc.org>
Subject: Re: [shara] [Fwd: Re: shared-addressing-issues-00 questions]
X-BeenThere: shara@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Sharing of an IPv4 Address discussion list <shara.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/shara>,
<mailto:shara-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/shara>
List-Post: <mailto:shara@ietf.org>
List-Help: <mailto:shara-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shara>,
<mailto:shara-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Mar 2009 01:59:11 -0000
On Wed, Mar 18, 2009 at 5:20 PM, Matthew Ford <ford@isoc.org> wrote: > Late cc > > > -------- Original Message -------- > Subject: Re: shared-addressing-issues-00 questions > Date: Wed, 18 Mar 2009 17:16:24 -0700 > From: Matthew Ford <ford@isoc.org> > To: Gregory Lebovitz <gregory.ietf@gmail.com> > References: <f1548840903171810t69d33ed7t55ea9c6da8c2ce15@mail.gmail.com> > > Gregory, > > Thanks for the review. Some responses inline: > > Gregory Lebovitz wrote: > >> Hey Mat. >> Just read this doc. Thanks for writing it. One question and a few comments >> are below. >> >> - I fancy myself a decent english speaker, but I couldn't quite make out >> this criteria: >> >> 1) The proximity of the end user to control over the impact >> of the solution on the end-to-end communication, >> Would you mind filling that out a bit? >> > > It's a little opaque isn't it? Sorry about that. What I'm saying is that > if there's going to be impacts of these mechanisms on end-to-end (and > there is) then mechanisms that put functions that offer control over > those impacts close to the end user are to be preferred over mechanisms > where control functions are either absent or remote from the end user. > In other words, I don't want to see end users having to make a helpdesk > call to get an inbound port opened up. > Your second explanation is much more clear, thx. I suggest you provide something closer to that in your next rev, if one occurs, especially for the non-english speakers. > > > - In 3.1 you say >> "But for incoming connections, the specific port numbers >> allocated to customers matter because they are part of external >> referrals (used by third parties to contact services run by the >> customers)." >> >> then you state: >> "the distribution is >> heavy-tailed, so there are typically a small number of subscribers >> who use a very high number of ports >> [CGN_Viability< >> http://tools.ietf.org/html/draft-ford-shared-addressing-issues-00#ref-CGN_Viability >> > >> ]." >> > > Yes, and here we're talking about outgoing ports. > > and you also state: >> "Early measurements also seem to indicate that, on average, only very >> few ports are used by customers for incoming connections. However, a >> majority of subscribers accept at least one inbound connection." >> >> I would agree that there are very few subscribers who actually need >> inbound connections. More might "accept" inbound connections, but it's not >> clear that these were actually needed/desired. I.e. most of the services >> that 99% of the Internet users/subscribers use are "brokered" through some >> meet-in-the-middle server/service to which they initiate an outgoing >> connection first. If another outside user needs to "contact" the >> subscriber, >> that contact is most often performed in a transaction through an already >> established 3rd party server/service connection. >> My point is that perhaps the need for incoming connections is similarly >> heavy-tailed, such that there will typically be a very very small number >> of >> subscribers running services needing/desiring un-brokered incoming >> connections. And perhaps this number is so few that we could distill the >> problem space into two: one for 99% of the users, and a separate for the >> 1% desiring un-brokered inbound connections. >> Thoughts? >> > > I'd rather not make sweeping assumptions about what users want or need > based on (necessarily subjective) observations of today's network. And > I'd even less want to make engineering trade-offs based on those > assumptions. > This is clearly a subjective matter, so I'll drop it after this last comment. Agreeing that it's best not to assume too much about users needs in the future, do we really want to unnecessarily fetter the possible solution space by the needs of what looks today to be a tiny minority? I think it might be a LOT easier, and e2e preserving, to solve the mass market problem first, and then tackle the much more difficult and complex problem of the tiny minority. > > > - After: >> "Such an infection >> could rapidly exhaust the shared resource of the single IPv4 address >> for all connected subscribers." >> ADD: >> "However, the simple inclusion of per-subscriber connection limiting >> would go a long way to mitigate this risk." >> >> WHY: Every customer ISP discussion we've seen on these topics comes with >> "per-user connection limit setting" in the "MUST HAVE" category of >> requirements. I doubt any products proposing to meet these requirements >> will >> ship without it. >> > > Yup. > > 3.2 >> Again, I think this is a tiny subset of the actual use cases, maybe 1%, >> maybe. ISPs could simply reserve these for users who had purchased the >> MONDO >> pack, which included service hosting. The rest of our grandmas, kids, >> uncles, and brothers would simply purchase the BASIC pack, with no service >> hosting, and would never get assigned well known ports, because they >> didn't >> need them. >> > > Again, I don't like these assumptions about what users need and want. > The potential for all Internet users to be service providers is > fundamental to the utility of the network. > > 3.4 >> perhaps change this: >> "widespread adoption of port-shared addresses >> by service providers will make these complications considerably more >> widespread and severe." >> to this new: >> "widespread adoption of port-shared addresses >> by service providers will require a modified operational model in order >> to better record network activity. Such a modified operational modify may >> require networking product modifications to provide operators with IP + >> Port >> for various logging and monitoring events." >> >> WHY: "complications widespread and severe" seems perhaps a bit overstated >> for what is actually needed. I.e. if consensus leads us all to an address >> sharing model, we'll need to make some ops changes in the products to go >> with it. Not the end of the world. >> > > Sell more product, increase opex, pass costs onto end-users. I see two > losers and one winner in this equation. > I guess some might look at it that way, but I sure didn't. The changes needed would be simple "next release" code updates, not "sell more product" types of changes. But I guess it depends on the message you are trying to spin as to how you want to represent those changes. Again, it's a subjective depiction... I won't block on it. Gregory. > > > Mat > > _______________________________________________ > shara mailing list > shara@ietf.org > https://www.ietf.org/mailman/listinfo/shara > -- ---- IETF related email from Gregory M. Lebovitz Juniper Networks
- [shara] shared-addressing-issues-00 questions Gregory Lebovitz
- [shara] [Fwd: Re: shared-addressing-issues-00 que… Matthew Ford
- Re: [shara] [Fwd: Re: shared-addressing-issues-00… Gregory Lebovitz