Re: [Softwires] [EXTERNAL] Re: ISP CGN logging inc. Destination ??
<Ramesh.R.Chandra@ril.com> Wed, 09 May 2018 07:26 UTC
Return-Path: <prvs=6603c7698=Ramesh.R.Chandra@ril.com>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66B86126DCA; Wed, 9 May 2018 00:26:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); domainkeys=pass (1024-bit key) header.from=Ramesh.R.Chandra@ril.com header.d=ril.com; dkim=pass (1024-bit key) header.d=ril.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oEV1XAojrkRL; Wed, 9 May 2018 00:26:07 -0700 (PDT)
Received: from gwsmtp011.ril.com (gwsmtp011.ril.com [116.50.78.50]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4992A126C3D; Wed, 9 May 2018 00:26:00 -0700 (PDT)
DomainKey-Signature: s=ril; d=ril.com; c=nofws; q=dns; h=Authentication-Results:X-IronPort-AV:From:To:CC:Subject: Thread-Topic:Thread-Index:Date:Message-ID:References: In-Reply-To:Accept-Language:Content-Language: X-MS-Has-Attach:X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader:Content-Type: MIME-Version; b=XTGUODy0sTxi/T6e2BTIAHff/4vMqhgphv9PoYwjnEYNzNWiIT1JSNNG XA7vBhMgK8kcJjtAG5IoGwJFoHTlWS24D85lMlZQ32A+yQ7j8hIa5y/Cz c5P0gqcUZOEeQyhBj+eXvyk7uNZ9XH5rQ/7FL8O6lcNBHKxoafv1vVPMj 8=;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ril.com; i=@ril.com; q=dns/txt; s=ril; t=1525850765; x=1557386765; h=from:to:cc:subject:thread-topic:thread-index:date: message-id:references:in-reply-to:accept-language: content-language:x-ms-has-attach:x-ms-tnef-correlator: x-ms-exchange-transport-fromentityheader:content-type: mime-version:authentication-results:x-ironport-av; bh=Gjyu5SU2b/aYAh6ZPIUmCzetxWNCZnCNZsvZiPfyOhE=; b=bvdfdd2yq+DVozmT/maRj36RtBR9vcVgAXmzE0j+9to454ruvQgc4b9J aSxTEHhzfYipicmgrX5myA8cOXEkeThe9XL65bWWtTgPll6Mw0Ju7knfc hVzNDUIlcNTtIhUzoAabvjGUchFlnHNb2HRJqYd/20A9QCrQqQz8F535G c=;
Authentication-Results: gwsmtp011.ril.com; dkim=none (message not signed) header.i=none
X-IronPort-AV: E=Sophos;i="5.49,381,1520879400"; d="scan'208,217";a="463971889"
From: Ramesh.R.Chandra@ril.com
To: Yiu_Lee@comcast.com, rajiva@cisco.com
CC: ianfarrer@gmx.com, softwires@ietf.org, int-area@ietf.org
Thread-Topic: [EXTERNAL] Re: [Softwires] ISP CGN logging inc. Destination ??
Thread-Index: AQHT4yi6QsPwS4mEj0Wx5sa9RJtTQaQe3eyAgAAdZICAACCTAIAAfGTggAQuvoCAAYm2EIAAt88AgABaAQCAAKEWsA==
Date: Wed, 09 May 2018 07:25:50 +0000
Message-ID: <6f7513c5e94040fda9df53e3ca59cc90@SHYDEXMBX08.in.ril.com>
References: <56C7D96E-182F-4584-B190-DCD17957C01F@cisco.com> <95081DF2-FBE4-4B28-802E-13988B6DDF8D@gmx.com> <8433F1DD-3988-4DF6-B14D-3873B0F36CCB@cisco.com> <DE94262F-6C94-492A-B9F0-629160527B37@gmx.com> <ef2bbe951814477eae919a4abf9ae182@SHYDEXMBX08.in.ril.com> <77D9057C-0310-4D03-BCA9-DBFC17CE9055@Cable.Comcast.com> <6b552bbdcc4146aa97386eb609c70e27@SHYDEXMBX08.in.ril.com> <0041E033-2A33-40C8-AF67-B2FE050C4531@cisco.com> <0D9E2A70-B381-4AD1-9279-1C69B931D8EB@comcast.com>
In-Reply-To: <0D9E2A70-B381-4AD1-9279-1C69B931D8EB@comcast.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
Content-Type: multipart/alternative; boundary="_000_6f7513c5e94040fda9df53e3ca59cc90SHYDEXMBX08inrilcom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/softwires/K9Zy-gEphBuDmX9sJvX7E5b5Oyk>
X-Mailman-Approved-At: Thu, 10 May 2018 03:32:36 -0700
Subject: Re: [Softwires] [EXTERNAL] Re: ISP CGN logging inc. Destination ??
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2018 07:26:11 -0000
Hi Lee, good thought. If we enable 5 tuple on BR for IPv4, required DA+P shall meet DA+P requirement. Using SA+P from 5-tuple should help to correlate with user IP based on DHCP assignment. Key here is on BR to do 5-tuple after de-encapsulation of IPv6. Rajiv, pls check if we can do this on ASR9k as BNG. Regds Ramesh From: Lee, Yiu [mailto:Yiu_Lee@comcast.com] Sent: 09 May 2018 08:35 To: Rajiv Asati (rajiva); Ramesh R Chandra Cc: ianfarrer@gmx.com; softwires@ietf.org; int-area@ietf.org Subject: Re: [EXTERNAL] Re: [Softwires] ISP CGN logging inc. Destination ?? Let’s me be precise. This regulation must exist today. So there must exist a way to log the five-IPv4-tuple. If Ramesh combines the dhcpv6 logs with the current five-IPv4-tuple logs, will this be enough? From: "Rajiv Asati (rajiva)" <rajiva@cisco.com<mailto:rajiva@cisco.com>> Date: Tuesday, May 8, 2018 at 5:42 PM To: "Ramesh.R.Chandra@ril.com<mailto:Ramesh.R.Chandra@ril.com>" <Ramesh.R.Chandra@ril.com<mailto:Ramesh.R.Chandra@ril.com>>, "Lee, Yiu" <Yiu_Lee@Cable.Comcast.com<mailto:Yiu_Lee@Cable.Comcast.com>> Cc: "ianfarrer@gmx.com<mailto:ianfarrer@gmx.com>" <ianfarrer@gmx.com<mailto:ianfarrer@gmx.com>>, "softwires@ietf.org<mailto:softwires@ietf.org>" <softwires@ietf.org<mailto:softwires@ietf.org>>, "int-area@ietf.org<mailto:int-area@ietf.org>" <int-area@ietf.org<mailto:int-area@ietf.org>> Subject: Re: [EXTERNAL] Re: [Softwires] ISP CGN logging inc. Destination ?? Agree with Ramesh. DHCP(v6) helps with logging source IP assignment, but that’s it. The requirement here is about keeping track of not only source IP+port, but also destination IP+port per connection. DHCP(v6) doesn’t apply here. -- Cheers, Rajiv From: "Ramesh.R.Chandra@ril.com<mailto:Ramesh.R.Chandra@ril.com>" <Ramesh.R.Chandra@ril.com<mailto:Ramesh.R.Chandra@ril.com>> Date: Tuesday, May 8, 2018 at 1:15 AM To: "Yiu_Lee@comcast.com<mailto:Yiu_Lee@comcast.com>" <Yiu_Lee@comcast.com<mailto:Yiu_Lee@comcast.com>> Cc: "ianfarrer@gmx.com<mailto:ianfarrer@gmx.com>" <ianfarrer@gmx.com<mailto:ianfarrer@gmx.com>>, Rajiv Asati <rajiva@cisco.com<mailto:rajiva@cisco.com>>, Softwires-wg list <softwires@ietf.org<mailto:softwires@ietf.org>>, "int-area@ietf.org<mailto:int-area@ietf.org>" <int-area@ietf.org<mailto:int-area@ietf.org>> Subject: RE: [EXTERNAL] Re: [Softwires] ISP CGN logging inc. Destination ?? Not really. Need IPv4 because desitination IP is on IPv4. Regds ramesh chandra M#: +91 90829 61303 O#: +91 22 7965 9762 -----Original Message----- From: Lee, Yiu [mailto:Yiu_Lee@comcast.com] Sent: 07 May 2018 16:46 To: Ramesh R Chandra Cc: ianfarrer@gmx.com<mailto:ianfarrer@gmx.com>; rajiva@cisco.com<mailto:rajiva@cisco.com>; softwires@ietf.org<mailto:softwires@ietf.org>; int-area@ietf.org<mailto:int-area@ietf.org> Subject: Re: [EXTERNAL] Re: [Softwires] ISP CGN logging inc. Destination ?? Just a quick thought. Will the dhcpv6 logs help? Sent from mobile device, pardon possible typo. On May 7, 2018, at 7:06 AM, "Ramesh.R.Chandra@ril.com<mailto:Ramesh.R.Chandra@ril.com>" <Ramesh.R.Chandra@ril.com<mailto:Ramesh.R.Chandra@ril.com>> wrote: Dear Ian, thanks for clarifications. Regulator in India mandated to preserve the following details for each flow. 1. Source IP + Port (private for end subscriber device) 2. Destination IP + Port (public) 3. Translated IP + port (public) 4. Date and time There is no brainer and all this is available in NAT44. MAP being stateless, no such data available from MAP-BR. We are exploring alternate option on BR to create this data in MAP. Pls advise. Regds ramesh -----Original Message----- From: ianfarrer@gmx.com<mailto:ianfarrer@gmx.com> [mailto:ianfarrer@gmx.com] Sent: 04 May 2018 17:28 To: Rajiv Asati (rajiva) Cc: Softwires-wg list; int-area@ietf.org<mailto:int-area@ietf.org>; Ramesh R Chandra Subject: Re: [Softwires] ISP CGN logging inc. Destination ?? Hi Rajiv, Please see inline. Cheers, Ian On 4. May 2018, at 12:01, Rajiv Asati (rajiva) <rajiva@cisco.com<mailto:rajiva@cisco.com>> wrote: Ian, Thanks for sharing the URL. While not explicit, “all metadata” would include both source and destination A+P. Is that the right interpretation? [if - My understanding is that per-flow logging is necessary to meet the requirement, but I’m not familiar enough with the legislation to know what exactly needs to be stored.] If an ISP were to use “binding” mode on the BR, then without using net flow/IPFIX, How could the compliance be achieved ? [if - If there’s address sharing and the requirement is to provide an exact match to a data retention request (in some countries, a list of e.g. 16 users is OK), then AFAICS, you have to use IPFIX. The implementation problem for this is compounded by the lack of state table on most BR implementations (e.g. how do you know when a UDP session has completed without state for that flow?)] "Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s). are confidential and may be privileged. If you are not the intended recipient. you are hereby notified that any review. re-transmission. conversion to hard copy. copying. circulation or other use of this message and any attachments is strictly prohibited. If you are not the intended recipient. please notify the sender immediately by return email. and delete this message and any attachments from your system. Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email. The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment." _______________________________________________ Softwires mailing list Softwires@ietf.org<mailto:Softwires@ietf.org> https://www.ietf.org/mailman/listinfo/softwires "Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s). are confidential and may be privileged. If you are not the intended recipient. you are hereby notified that any review. re-transmission. conversion to hard copy. copying. circulation or other use of this message and any attachments is strictly prohibited. If you are not the intended recipient. please notify the sender immediately by return email. and delete this message and any attachments from your system. Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email. The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment." "Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s). are confidential and may be privileged. If you are not the intended recipient. you are hereby notified that any review. re-transmission. conversion to hard copy. copying. circulation or other use of this message and any attachments is strictly prohibited. If you are not the intended recipient. please notify the sender immediately by return email. and delete this message and any attachments from your system. Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email. The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment."
- [Softwires] ISP CGN logging inc. Destination ?? Rajiv Asati (rajiva)
- Re: [Softwires] [Int-area] ISP CGN logging inc. D… Dave O'Reilly
- Re: [Softwires] ISP CGN logging inc. Destination … ianfarrer
- Re: [Softwires] ISP CGN logging inc. Destination … Rajiv Asati (rajiva)
- Re: [Softwires] [Int-area] ISP CGN logging inc. D… Rajiv Asati (rajiva)
- Re: [Softwires] [Int-area] ISP CGN logging inc. D… Dave O'Reilly
- Re: [Softwires] ISP CGN logging inc. Destination … ianfarrer
- Re: [Softwires] ISP CGN logging inc. Destination … mohamed.boucadair
- Re: [Softwires] ISP CGN logging inc. Destination … Ramesh.R.Chandra
- Re: [Softwires] [EXTERNAL] Re: ISP CGN logging in… Lee, Yiu
- Re: [Softwires] ISP CGN logging inc. Destination … mohamed.boucadair
- Re: [Softwires] ISP CGN logging inc. Destination … mohamed.boucadair
- Re: [Softwires] [EXTERNAL] RE: Re: ISP CGN loggin… Lee, Yiu
- Re: [Softwires] ISP CGN logging inc. Destination … Rajiv Asati (rajiva)
- Re: [Softwires] [EXTERNAL] Re: ISP CGN logging in… Rajiv Asati (rajiva)
- Re: [Softwires] [EXTERNAL] Re: ISP CGN logging in… Lee, Yiu
- Re: [Softwires] ISP CGN logging inc. Destination … mohamed.boucadair
- Re: [Softwires] ISP CGN logging inc. Destination … Rajiv Asati (rajiva)
- Re: [Softwires] [EXTERNAL] Re: ISP CGN logging in… Ramesh.R.Chandra
- Re: [Softwires] [EXTERNAL] Re: ISP CGN logging in… Ramesh.R.Chandra
- Re: [Softwires] ISP CGN logging inc. Destination … Rajiv Asati (rajiva)
- Re: [Softwires] ISP CGN logging inc. Destination … Gottlieb, Jordan J
- Re: [Softwires] ISP CGN logging inc. Destination … ianfarrer
- Re: [Softwires] ISP CGN logging inc. Destination … Gottlieb, Jordan J