IETF Logo Mail Archive

Re: [shara] port randomization (draft-ymbk-aplusp-03)

<mohamed.boucadair@orange-ftgroup.com> Tue, 17 March 2009 13:20 UTC

Return-Path: <mohamed.boucadair@orange-ftgroup.com>
X-Original-To: shara@core3.amsl.com
Delivered-To: shara@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6878C3A6897 for <shara@core3.amsl.com>; Tue, 17 Mar 2009 06:20:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.307
X-Spam-Level:
X-Spam-Status: No, score=-3.307 tagged_above=-999 required=5 tests=[AWL=-0.059, BAYES_00=-2.599, HELO_EQ_FR=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EA8p+bVxQ8lk for <shara@core3.amsl.com>; Tue, 17 Mar 2009 06:20:41 -0700 (PDT)
Received: from p-mail1.rd.francetelecom.com (p-mail1.rd.francetelecom.com [195.101.245.15]) by core3.amsl.com (Postfix) with ESMTP id 012193A6A4E for <shara@ietf.org>; Tue, 17 Mar 2009 06:20:40 -0700 (PDT)
Received: from ftrdmel3.rd.francetelecom.fr ([10.193.117.155]) by ftrdsmtp2.rd.francetelecom.fr with Microsoft SMTPSVC(6.0.3790.3959); Tue, 17 Mar 2009 14:21:23 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C9A703.44040670"
Date: Tue, 17 Mar 2009 14:21:22 +0100
Message-ID: <6CF039C5B32037498B02251E11CDE6B007DB7E50@ftrdmel3>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [shara] port randomization (draft-ymbk-aplusp-03)
Thread-Index: AcmnAktjBjx9qacjQoGe8iFCHMxJ4gAAHJ0Q
References: <022a01c9a2ab$fd5abf60$fd736b80@cisco.com><49B91C8B.5010906@go6.si><04a201c9a338$d5ce8f70$fd736b80@cisco.com><49B9752B.8030407@go6.si> <051901c9a64a$0256bf40$fd55150a@cisco.com><49BE9F0D.2080804@go6.si><06e601c9a697$e6c67c90$fd55150a@cisco.com><A99B171D26E1564B92D36826128CD66127EE106A92@NOK-EUMSG-01.mgdnok.nokia.com><000c01c9a69f$e7ab3da0$c2f0200a@cisco.com> <49BF8115.307@go6.si> <6CF039C5B32037498B02251E11CDE6B007DB7E13@ftrdmel3> <49BFA22B.9010303@go6.si>
From: <mohamed.boucadair@orange-ftgroup.com>
To: <jan@go6.si>
X-OriginalArrivalTime: 17 Mar 2009 13:21:23.0146 (UTC) FILETIME=[446C52A0:01C9A703]
Cc: Gabor.Bajko@nokia.com, shara@ietf.org
Subject: Re: [shara] port randomization (draft-ymbk-aplusp-03)
X-BeenThere: shara@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Sharing of an IPv4 Address discussion list <shara.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/shara>, <mailto:shara-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/shara>
List-Post: <mailto:shara@ietf.org>
List-Help: <mailto:shara-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shara>, <mailto:shara-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2009 13:20:42 -0000

 
Thanks.
 
What I missed in your initial answer is why you are referring to offloading the DNS resv to the **core (PRR)**.
 
 
Cheers,
Med


  _____  

De : Jan Zorz @ go6.si [mailto:jan@go6.si] 
Envoyé : mardi 17 mars 2009 14:14
À : BOUCADAIR Mohamed RD-CORE-CAE
Cc : Gabor.Bajko@nokia.com; shara@ietf.org; dwing@cisco.com
Objet : Re: [shara] port randomization (draft-ymbk-aplusp-03)


mohamed.boucadair@orange-ftgroup.com wrote: 

Dear Jan,
 
What does mean to offload the DNS resolving to the core?
 

Cheers,
Med 

Mohamed, hi. 

If I may, I would copy/paste Remi Despres's text from one of the emails on this list:

"In principle, running a DNS cache on the NAT/address-sharing box could solve 

this. DNS would be proxied at the application layer, and so port randomization 

could be achieved properly by the box. Unfortunately, some of "box" vendors 

probably do not want to have to provide a DNS cache."


This idea seems to be a fair trade... but it depends on vendors will to implement it. Personally I see no reason, why 
some vendor would refuse to do it, as it solves and answers to a lot more questions than creates.


Thank you, Jan Zorz

v2.8.7 | Report a Bug | By Email