Re: [Softwires] ALG section in draft-ietf-softwire-dual-stack-lite-06
Mark Townsley <townsley@cisco.com> Wed, 23 February 2011 16:28 UTC
Return-Path: <townsley@cisco.com>
X-Original-To: softwires@core3.amsl.com
Delivered-To: softwires@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8578F3A6A2B for <softwires@core3.amsl.com>; Wed, 23 Feb 2011 08:28:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.299
X-Spam-Level:
X-Spam-Status: No, score=-10.299 tagged_above=-999 required=5 tests=[AWL=0.300, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v7ASzMnOxhAw for <softwires@core3.amsl.com>; Wed, 23 Feb 2011 08:28:45 -0800 (PST)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by core3.amsl.com (Postfix) with ESMTP id C11003A6A20 for <softwires@ietf.org>; Wed, 23 Feb 2011 08:28:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=townsley@cisco.com; l=2298; q=dns/txt; s=iport; t=1298478570; x=1299688170; h=subject:mime-version:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=2HUjy2YF/UFcojGu0/YErYDYySFOrQVYIztntJGzbbc=; b=ELx8IFlkxTtJdUb8IRyrOu0HlLRRw9gQ/KNrL1FA+fWjxnauYm95KV3H 3go+ubGIhmAy3hcF1Opd5HbPfoCIVdWyY/TgywegBchH0vQ63fVKMf8Mi IHPDNDWtv9eXe4oWlyJOm6gknRG+koHDTYgomS0pgFmyKces4qoeXN+iZ o=;
X-IronPort-AV: E=Sophos;i="4.62,212,1297036800"; d="scan'208";a="19935502"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-2.cisco.com with ESMTP; 23 Feb 2011 16:29:28 +0000
Received: from ams-townsley-8714.cisco.com (ams-townsley-8714.cisco.com [10.55.233.229]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id p1NGTTmu005326; Wed, 23 Feb 2011 16:29:29 GMT
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: text/plain; charset="us-ascii"
From: Mark Townsley <townsley@cisco.com>
In-Reply-To: <19e901cbd375$69d56c20$3d804460$@com>
Date: Wed, 23 Feb 2011 17:29:40 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <AFAC7900-C6F2-4DCA-9CD5-804A0D310294@cisco.com>
References: <19e901cbd375$69d56c20$3d804460$@com>
To: Dan Wing <dwing@cisco.com>
X-Mailer: Apple Mail (2.1082)
Cc: softwires@ietf.org, draft-ietf-softwire-dual-stack-lite@tools.ietf.org
Subject: Re: [Softwires] ALG section in draft-ietf-softwire-dual-stack-lite-06
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/softwires>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Feb 2011 16:28:47 -0000
I'd like to see all softwire documents be as silent as possible on specifics of NAT. The essential delta in ds-lite vs. a NAT44 CGN is that the tunnel is embedded within the NAT binding. I think the softwire documents should explain this, then point to behave for anything else that has to do with operating a CGN. We are the tunneling folks here, the translation folks are down the corridor. - Mark On Feb 23, 2011, at 5:19 PM, Dan Wing wrote: > http://tools.ietf.org/html/draft-ietf-softwire-dual-stack-lite-06 says: > > 8.3. Application Level Gateways (ALG) > > The AFTR should only perform a minimum number of ALG for the classic > applications such as FTP, RTSP/RTP, IPsec and PPTP VPN pass-through > and enable the users to use their own ALG on statically or > dynamically reserved ports instead. > > Comments: > > * To my knowledge, this would be the first time IETF suggests using an ALG > in a NAT44 in a standards-track document. > > * Both IPsec and PPTP are protocols, not applications. IPsec is 50 > (assuming you mean IPsec ESP, which I'm sure is what was intended) and PPTP > uses protocol 47 (GRE). Thus, these do not belong in the Application Level > Gateway section. Rather, IPsec and PPTP should be moved to the previous > section (NAT Conformance) which already mentions other protocols like TCP > and ICMP. > > * There aren't specifications describing an ALG for FTP, RTSP, RTP, IPsec, > or PPTP VPN. > > * What is "RTSP/RTP"? Is this trying to say "RTSP, when it is using RTP", > or is it trying to say "RTSP and other uses of RTP". Text needs to be > clarified. > > * IPsec Passthru is pretty common on residential NATs. However, in a CGN, > IPsec Passthru is difficult when multiple users connect to the same VPN > concentrator. When that concentrator re-keys a session, the incoming IPsec > SPI changes and there is no simple way to determine which user should > receive that packet. There are several workarounds to this problem, > including just ignoring it. > > -d > > > _______________________________________________ > Softwires mailing list > Softwires@ietf.org > https://www.ietf.org/mailman/listinfo/softwires
- [Softwires] ALG section in draft-ietf-softwire-du… Dan Wing
- Re: [Softwires] ALG section in draft-ietf-softwir… Mark Townsley
- Re: [Softwires] ALG section in draft-ietf-softwir… Lee, Yiu
- Re: [Softwires] ALG section in draft-ietf-softwir… Lee, Yiu
- Re: [Softwires] ALG section in draft-ietf-softwir… Daniel Roesen
- Re: [Softwires] ALG section in draft-ietf-softwir… Lee, Yiu