IETF Logo Mail Archive

Re: [Softwires] WGLC review of draft-ietf-softwire-map

Simon Perreault <simon.perreault@viagenie.ca> Wed, 15 January 2014 13:54 UTC

Return-Path: <simon.perreault@viagenie.ca>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAC6F1AE0D3 for <softwires@ietfa.amsl.com>; Wed, 15 Jan 2014 05:54:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.439
X-Spam-Level:
X-Spam-Status: No, score=-2.439 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rNTlFMWq7Kxv for <softwires@ietfa.amsl.com>; Wed, 15 Jan 2014 05:54:51 -0800 (PST)
Received: from jazz.viagenie.ca (jazz.viagenie.ca [IPv6:2620:0:230:8000::2]) by ietfa.amsl.com (Postfix) with ESMTP id 6385E1AE0D2 for <softwires@ietf.org>; Wed, 15 Jan 2014 05:54:51 -0800 (PST)
Received: from porto.nomis80.org (ringo.viagenie.ca [IPv6:2620:0:230:c000:3e97:eff:fe0b:dd8a]) by jazz.viagenie.ca (Postfix) with ESMTPSA id 91B41403C8; Wed, 15 Jan 2014 08:54:39 -0500 (EST)
Message-ID: <52D6931F.9040101@viagenie.ca>
Date: Wed, 15 Jan 2014 08:54:39 -0500
From: Simon Perreault <simon.perreault@viagenie.ca>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Ole Troan <otroan@employees.org>
References: <52A88ACF.7000207@viagenie.ca> <F62C723F-6019-426E-99DA-4F7B4F983934@employees.org> <52CB26BF.4080209@viagenie.ca> <DCDDDE87-795B-41EE-9D81-C50DC3ECB2F4@employees.org> <52D68FA7.10107@viagenie.ca> <1A08CBF6-722F-41A6-B3CE-D885A7338C2C@employees.org>
In-Reply-To: <1A08CBF6-722F-41A6-B3CE-D885A7338C2C@employees.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: "softwires@ietf.org" <softwires@ietf.org>
Subject: Re: [Softwires] WGLC review of draft-ietf-softwire-map
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jan 2014 13:54:53 -0000

Le 2014-01-15 08:47, Ole Troan a écrit :
> Simon,
>>>>>>>    A MAP CE receiving an IPv6 packet to its MAP IPv6 address sends this
>>>>>>>    packet to the CE's MAP function where it is decapsulated.  All other
>>>>>>>    IPv6 traffic is forwarded as per the CE's IPv6 routing rules.  The
>>>>>>>    resulting IPv4 packet is then forwarded to the CE's NAT44 function
>>>>>>>    where the destination port number MUST be checked against the
>>>>>>>    stateful port mapping session table and the destination port number
>>>>>>>    MUST be mapped to its original value.
>>>>>>
>>>>>> The previous sentence should be reworded to allow static port forwarding.
>>>>>
>>>>> hmm, what do you mean by static port forwarding?
>>>>
>>>> For example, the user goes to the CPE's admin web interface and configures a mapping from external port 80 to internal host port 80. That's a static mapping that needs to be taken into account by the NAT function. The MUSTs above don't seem to allow the necessary wiggle room.
>>>
>>> correct. you cannot do that with A+P. the user looses control of the ports.
>>
>> I don't see why.
>>
>> Do we agree that PCP can be used with MAP to manipulate a CPE's mappings?
>>
>> The fact that the CPE only has access to a limited external port set is of no consequence. You still have a NAT, and we need to make sure its mappings can be manipulated by the user.
>
> yes, apologies being sloppy there. you can use PCP.
> it may be of limited use, e.g. if your web server is trying to use PCP to open port 80.

Yes of course. I'm more concerned about modern apps that don't rely on 
well-known ports.

My point, concretely, is that the MUSTs above seem to preclude user 
manipulation of the NAT mappings. I would suggest instead:

   A MAP CE receiving an IPv6 packet to its MAP IPv6 address sends this
   packet to the CE's MAP function where it is decapsulated.  All other
   IPv6 traffic is forwarded as per the CE's IPv6 routing rules.  The
   resulting IPv4 packet is then forwarded to the CE's NAT44 function,
   where it is handled according to the NAT's state.

Simon
-- 
DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source        --> http://ecdysis.viagenie.ca
STUN/TURN server               --> http://numb.viagenie.ca

v2.23.0 | Report a Bug | By Email