Re: [Softwires] I-D Action: draft-ietf-softwire-map-12.txt

Ole Troan <otroan@employees.org> Fri, 06 March 2015 19:31 UTC

Return-Path: <otroan@employees.org>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3E931A1BDA for <softwires@ietfa.amsl.com>; Fri, 6 Mar 2015 11:31:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.411
X-Spam-Level:
X-Spam-Status: No, score=-1.411 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_41=0.6, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cUoWWYfSCQIv for <softwires@ietfa.amsl.com>; Fri, 6 Mar 2015 11:31:23 -0800 (PST)
Received: from banjo.employees.org (banjo.employees.org [IPv6:2001:1868:205::19]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A0D91A1A59 for <softwires@ietf.org>; Fri, 6 Mar 2015 11:31:23 -0800 (PST)
Received: from banjo.employees.org (localhost [127.0.0.1]) by banjo.employees.org (Postfix) with ESMTP id DB88662AA; Fri, 6 Mar 2015 11:31:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=employees.org; h=subject :mime-version:content-type:from:in-reply-to:date:cc:message-id :references:to; s=selector1; bh=JIu8WYYfh3PAsnlaoS/6Awy1eqM=; b= Oz88WH2KxcoC54BbGFTd8konWVgbvqN0KUD7amI5dfmCs1lcp7qGzIj+Ufo9t5XV 0Te1Eg5H3WdtfSzUPei7Q9zouv/2LmiDV1nZwqJO5MK7INO8uaQ3Pa113LYXGQIW ElZyVhcskl/M4ylWkPn1ip8/sh6VM/KCjo44Bh1csWk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=employees.org; h=subject :mime-version:content-type:from:in-reply-to:date:cc:message-id :references:to; q=dns; s=selector1; b=J33UtmT+wfVa6ClkaO4Q/FLeRu lymb2uV25oJeKhtEF1raD08W7OwOtDe90EU5XuilQ/EqrkraiT7mgChgDLjEn10Z 4YXROelJ+50oPHygktEELhx9vt721dTuEYoHfIvWUPk3KThIoL+SwlPv0GOaqbTi Dw9TxsdoapbuzLpvA=
Received: from gomlefisk.localdomain (77.18.141.216.tmi.telenormobil.no [77.18.141.216]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: otroan) by banjo.employees.org (Postfix) with ESMTPSA id 2843C61E9; Fri, 6 Mar 2015 11:31:21 -0800 (PST)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by gomlefisk.localdomain (Postfix) with ESMTP id 9182A3FF6A55; Fri, 6 Mar 2015 20:31:19 +0100 (CET)
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2087\))
Content-Type: multipart/signed; boundary="Apple-Mail=_C1012706-96F1-4A41-B16E-233687D7358F"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.5b5
From: Ole Troan <otroan@employees.org>
In-Reply-To: <54f9d743.6f12320a.6cad.7b9c@mx.google.com>
Date: Fri, 06 Mar 2015 20:31:19 +0100
Message-Id: <BBD3C990-C6B2-4555-A2B0-5FB875A7D3A5@employees.org>
References: <20141124073912.16300.97956.idtracker@ietfa.amsl.com> <54e056b8.0d886b0a.535d.ffffcb06@mx.google.com> <E56786E3-FE1C-4961-A0A1-408B5BAF0854@employees.org> <54f9d743.6f12320a.6cad.7b9c@mx.google.com>
To: Leaf Yeh <leaf.yeh.sdo@gmail.com>
X-Mailer: Apple Mail (2.2087)
Archived-At: <http://mailarchive.ietf.org/arch/msg/softwires/8YehiVM532Sskh8mX8hsTuKmAw0>
Cc: softwires@ietf.org
Subject: Re: [Softwires] I-D Action: draft-ietf-softwire-map-12.txt
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Mar 2015 19:31:25 -0000

Leaf,

> #11. In Example 5 of Appendix A, page 27,
> " Basic Mapping Rule:   {2001:db8:0012:3400::/56 (Rule IPv6 prefix),
>                             192.0.2.18/32 (Rule IPv4 prefix),
>                             0 (Rule EA-bits length)}
>      PSID length:          8. (From DHCP. Sharing ratio of 256)
>      PSID offset:          6  (Default)
>      PSID       :          0x34 (From DHCP.)"
> 
> I guess we don’t need the above words of 'from DHCP', because all the parameters in BMR are got from DHCPv6 options. And all the above could be parameters in BMR. So it could be written as:
> 
> Basic Mapping Rule:   {2001:db8:0012:3400::/56  (Rule IPv6 prefix),
>                     192.0.2.18/32  (Rule IPv4 prefix),
>                     0 (Rule EA-bits length)
>                     6  (PSID offset, Default)
>                     8  (PSID length, Sharing ratio of 256)
>                     0x34  (PSID) }
> 
> per the definition of OPTION_S46_RULE & OPTION_S46_PORTPARAMS in draft-ietf-softwire-map-dhcp.

I see your point. if I remember correctly the “From DHCP” text was put there to emphasise that the PSID isn’t coming from the EA bits.

we could go either way here. since we are so late in the process I’ll take a conservative approach and suggest we keep the current text.

cheers,
Ole


> -----Original Message-----
> From: Leaf Yeh [mailto:leaf.yeh.sdo@gmail.com]
> Sent: Friday, March 06, 2015 4:30 PM
> To: 'Ole Troan'
> Cc: 'Suresh Krishnan'; 'Ted Lemon'; 'softwires@ietf.org'
> Subject: RE: [Softwires] I-D Action: draft-ietf-softwire-map-12.txt
> 
> Leaf - In sec. 11
>> “     They cannot
>>      exist with MAP because each BRs checks that the IPv6 source
>>      address of a received IPv6 packet is a CE address based on
>>      Forwarding Mapping Rule. ”
> Leaf - but my point was 'each BR (note that we don't need 's' here.) checks that whether the IPv6 source address of a received IPv6 packet is a CE address based on Basic Mapping Rule, not Forwarding Mapping Rule.', right?
> 
> I withdraw the above question, cause I suppose we don't have BMR (which is for CE) at BR after more times reading of sec.8.1 in the draft .
> 
> 
> But I might get more nits in the Appendix.
> 
> #8. In Example 4 of Appendix A, page 26,
> "      IPv6 address of MAP CE:  2001:db8:0012:3400:0000:c000:0201:0000
> " (the last line)
> 
> I suppose it should be “IPv6 address of MAP CE:  2001:db8:0012:3400:0000:c000:0212:0000”
> 
> 
> #9. In Example 4 of Appendix A, page 26,
> "     …
>    EA bits offset:       0
>      …
>      PSID start:           0
>      … ”
> I don’t think these offset is 0, cause it means the 1st bit of IPv6 address/prefix. I prefer to replace the above ‘0’ to be ‘n/a’.
> 
> 
> #10. In Example 5 of Appendix A, page 27,
> "     Note that the IPv4 address and PSID is not derived from the IPv6
>      prefix assigned to the CE, but provisioned separately using
>      e.g., DHCP. "
> 
> I guess we don't need this special note here, cause we use DHCPv6 options to provision the Rules, including OPTION_S46_RULE & OPTION_S46_PORTPARAMS as the same manner as example 1 & 4. OTOH, IPv4 address can be directly read from the Rules, and don't need the further calculation as the same as Example 4, but we need OPTION_S46_PORTPARAMS for PSID.
> 
> 
> #11. In Example 5 of Appendix A, page 27,
> " Basic Mapping Rule:   {2001:db8:0012:3400::/56 (Rule IPv6 prefix),
>                             192.0.2.18/32 (Rule IPv4 prefix),
>                             0 (Rule EA-bits length)}
>      PSID length:          8. (From DHCP. Sharing ratio of 256)
>      PSID offset:          6  (Default)
>      PSID       :          0x34 (From DHCP.)"
> 
> I guess we don’t the above words of 'from DHCP', cause all the parameters in BMR are got from DHCPv6 options.
> 
> 
> #12. In Example 5 of Appendix A, page 27,
> "      EA bits offset:        0"
> 
> Again, I prefer the above to be " EA bits offset:        n/a"
> 
> 
> #13.   In Appendix B,
> "  o  It SHOULD be possible to exclude subsets of the complete port
>      numbering space from assignment.  Most operators would exclude the
>      system ports (0-1023).  A conservative operator might exclude all
>      but the transient ports (49152-65535).
> ...
>   o  i ranges from ceil(N / (R * M)) to trunc(65536/(R * M)) - 1, where
>      ceil is the operation of rounding up to the nearest integer and N
>      is the number of ports (e.g., 1024) excluded from the lower end of
>      the range."
> 
> I guess we could use another parameter 'L' (which could be divisible by R*M) instead of 65536 to exclude the upper end of port-range, while keep to meet those requirement mentioned in Appendix B. Right?
> 
> 
> #14. Fig.9 in Appendix B looks the same as Fig. 2 in Sec. 5.1, could we replace 'A' in Fig.2 to be 'i', and replace 'M' in Fig.2 to be 'j'?
> 
> 
> Best Regards,
> Leaf
> 
> 
> 
> -----Original Message-----
> From: Leaf Yeh [mailto:leaf.yeh.sdo@gmail.com]
> Sent: Tuesday, March 03, 2015 4:48 PM
> To: 'Ole Troan'
> Cc: 'Suresh Krishnan'; 'Ted Lemon'; 'softwires@ietf.org'
> Subject: RE: [Softwires] I-D Action: draft-ietf-softwire-map-12.txt
> 
> I am aware your reply just now, and was back to work yesterday from Chinese Lunar New Year holiday.
> 
> Ole - no, it is e.g. the /56 delegated to the end-user.
> 
> I got it.
> 
> Leaf > #4. In sec.6,
>> “  The PSID field is left-padded to create a
>>   16 bit field.  For an IPv4 prefix or a complete IPv4 address, the
>>   PSID field is zero.”
>> Q. Does the about ‘zero’ means the value of the PSID=0x 00, or the length of the PSID is zero? I guess it means the former, right?
> Ole - correct.
> 
> I prefer we could replace the above 'zero' to be 'all 0s'.
> 
> Leaf > I think BR does not need to use the above IID. I prefer to replace the word ‘MAP node’ to be ‘MAP CE’. Right?
> Ole - correct, but that leads us back to the discussion if the BR should be part of the MAP domain or not. that is should it be possible to reach an address of the BR using IPv4. that's why it says MAP node instead of MAP CE.
> 
> Sec.6 is named as "The IPv6 Interface Identifier". BR is not necessary to be reachable through IPv4, thought 'MAP node' sounds not wrong.
> 
> 
> Leaf > #7. In sec. 11
>> “     They cannot
>>      exist with MAP because each BRs checks that the IPv6 source
>>      address of a received IPv6 packet is a CE address based on
>>      Forwarding Mapping Rule. ”
>> I think BRs check that the IPv6 source address of a received IPv6 packet is a CE address based on Basic Mapping Rule, and check that the IPv6 destination address of a received IPv6 packet is a CE address based on Forwarding Mapping Rule, right?
> Ole -no, the destination IPv6 address is the BR address, and there is no point checking that.
> 
> Right, but my point was 'each BR (note that we don't need 's' here.) checks that whether the IPv6 source address of a received IPv6 packet is a CE address based on Basic Mapping Rule, not Forwarding Mapping Rule.', right?
> 
> 
> Best Regards,
> Leaf
> 
> 
> 
> -----Original Message-----
> From: Ole Troan [mailto:otroan@employees.org]
> Sent: Friday, February 20, 2015 6:41 PM
> To: Leaf Yeh
> Cc: Suresh Krishnan; Ted Lemon; softwires@ietf.org
> Subject: Re: [Softwires] I-D Action: draft-ietf-softwire-map-12.txt
> 
> Leaf,
> 
>> I got a late read on this draft, and may find some editorial nits:
>> 
>> #1. In sec. 3,
>>   "  End-user IPv6 prefix:   The IPv6 prefix assigned to an End-user CE by
>>                           other means than MAP itself.  E.g.,
>>                           Provisioned using DHCPv6 PD [RFC3633],
>>                           assigned via SLAAC [RFC4862], or configured
>>                           manually.  It is unique for each CE. "
>> 
>> Q. Does the above means ' End-user IPv6 prefix ' includes 's bits' (the subnet ID) in Fig.3?
> 
> no, it is e.g. the /56 delegated to the end-user.
> 
>> But in sec. 5.2,
>> "  The MAP IPv6 address is created by concatenating the End-user IPv6
>>   prefix with the MAP subnet identifier (if the End-user IPv6 prefix is
>>   shorter than 64 bits) and the interface identifier as specified in
>>   Section 6.  "
>> 
>> Q. Does the above means ' End-user IPv6 prefix ' does not include 's bits' (the subnet ID) in Fig.3? I guess we could include 's bits' (the subnet ID= MAP subnet identifier) into ' End-user IPv6 prefix '.
> 
> correct, the subnet-id is not included in the End-user IPv6 prefix.
> the End-User IPv6 prefix is the "name" for the address block that the ISP gives to the subscriber.
> 
>> And in sec. 6,
>> "  If the End-user IPv6 prefix length is larger than 64, the most
>>   significant parts of the interface identifier is overwritten by the
>>   prefix.  "
>> 
>> Q. Does the above means ' End-user IPv6 prefix ' includes 's bits' (the subnet ID) in Fig.3?
> 
> still not.
> 
>> #2. In sec. 5.1,
>> "     For 'a' > 0, A MUST be
>>      larger than 0.  This ensures that the algorithm excludes the
>>      system ports.  For the default value of a (6), the system ports,
>>      are excluded by requiring that A be greater than 0.  Smaller
>>      values of a excludes a larger initial range.  E.g., a = 4, will
>>      exclude ports 0 - 4095.  The interval between initiaL port numbers
>>      of successive contiguous ranges assigned to the same user is
>>      2^(16-a).   "
>> 
>> I prefer the above sentence could be
>> "     For 'a' > 0, 'A' MUST be
>>      larger than 0.  This ensures that the algorithm excludes the
>>      system ports.  Smaller
>>      values of 'a' excludes a larger initial range; e.g. 'a' = 4, will
>>      exclude ports 0 - 4095.  The interval between initial port numbers
>>      of successive contiguous ranges assigned to the same user is
>>      2^(16-a).   "
> 
> I agree that we should tag 'a'. I'll add that.
> 
>> #3. In Fig.7 of sec. 5.3,
>> “                   +----------+         +------------+
>>                   |IPv4  sufx|         |Port-Set ID |
>>                   +----------+         +------------+  ”
>> I prefer the above ‘sufx’ could to be ‘suffix’.
> 
> ack.
> 
> 
>> 
>> #4. In sec.6,
>> “  The PSID field is left-padded to create a
>>   16 bit field.  For an IPv4 prefix or a complete IPv4 address, the
>>   PSID field is zero.”
>> 
>> Q. Does the about ‘zero’ means the value of the PSID=0x 00, or the length of the PSID is zero? I guess it means the former, right?
> 
> correct.
> 
>> #5. In Fig.8 of sec.6,
>> “The Interface identifier format of a MAP node is described below.
>>  |          128-n-o-s bits          |
>>   | 16 bits|    32 bits     | 16 bits|
>>   +--------+----------------+--------+
>>   |   0    |  IPv4 address  |  PSID  |
>>   +--------+----+-----------+--------+  ”
>> 
>> I think BR does not need to use the above IID. I prefer to replace the word ‘MAP node’ to be ‘MAP CE’. Right?
> 
> correct, but that leads us back to the discussion if the BR should be part of the MAP domain or not. that is should it be possible to reach an address of the BR using IPv4. that's why it says MAP node instead of MAP CE.
> 
>> The above format looks like ‘128-n-o-s =64, but that is not always true. I prefer the IID format of MAP CE could be:
>>  |          128-n-o-s bits          |
>>   | <=16 bits|    32 bits     | 16 bits|
>>   +--------+----------------+--------+
>>   |   all 0s    |  IPv4 address  |  PSID  |
>>   +--------+----+-----------+--------+  ”
> 
> whenever we speak about an IPv6 Internet ID it is 64 bits long. I'd rather not that we change that here.
> I do see what you are saying though.
> 
>> #6. In sec. 8.1,
>> “  Secondly, the node extracts the source IPv4
>>   address and port from the IPv4 packet embedded inside the IPv6
>>   packet.  If they are found to be outside the acceptable range, the
>>   packet MUST be silently discard and a counter incremented to indicate
>>   that a potential spoofing attack may be underway.”
>> 
>> I guess the better to substitute the above word ‘embedded’ could be ‘encapsulated’, right?
> 
> yes, thanks.
> 
>> 
>> #7. In sec. 11
>> “     They cannot
>>      exist with MAP because each BRs checks that the IPv6 source
>>      address of a received IPv6 packet is a CE address based on
>>      Forwarding Mapping Rule. ”
>> 
>> I think BRs check that the IPv6 source address of a received IPv6 packet is a CE address based on Basic Mapping Rule, and check that the IPv6 destination address of a received IPv6 packet is a CE address based on Forwarding Mapping Rule, right?
> 
> no, the destination IPv6 address is the BR address, and there is no point checking that.
> 
> cheers,
> Ole