Re: [Softwires] [Int-area] ISP CGN logging inc. Destination ??

Dave O'Reilly <rfc@daveor.com> Fri, 04 May 2018 11:25 UTC

Return-Path: <rfc@daveor.com>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FC55126B7E; Fri, 4 May 2018 04:25:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=daveor.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0q7RW7c3AMrd; Fri, 4 May 2018 04:25:06 -0700 (PDT)
Received: from vps.ftrsolutions.com (vps.ftrsolutions.com [5.77.39.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29DC01200A0; Fri, 4 May 2018 04:25:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=daveor.com; s=default; h=To:References:Message-Id:Content-Transfer-Encoding:Cc:Date: In-Reply-To:From:Subject:Mime-Version:Content-Type:Sender:Reply-To:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe :List-Post:List-Owner:List-Archive; bh=PxzRCfDF0IL0gR52/XYHBZGH8H2jcyR6In56VQW9ZXY=; b=pzpg7vk3anJZaURAZxtwbnWlqb zaOY+JjYv2GwPyJ7G5CfwqjBMuMfRm0x6pTz1J5lZZ92UjZIiVjqHow+TkuektEdUcE1rJCuhAopH ZPQkImbRRG4072RUsmzSsnuWfdnfHjSftunkavAYuh2DyYadRQe8kER8BPQiIEKMmX98=;
Received: from 86-44-56-31-dynamic.agg7.bsn.cld-dbn.eircom.net ([86.44.56.31]:56031 helo=[192.168.1.26]) by vps.ftrsolutions.com with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.89_1) (envelope-from <rfc@daveor.com>) id 1fEYpk-0005v2-BO; Fri, 04 May 2018 12:25:04 +0100
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Dave O'Reilly <rfc@daveor.com>
In-Reply-To: <7E84374E-B86E-4CB7-86A9-DAA6D75D6F05@cisco.com>
Date: Fri, 04 May 2018 12:25:03 +0100
Cc: Softwires-wg list <softwires@ietf.org>, "int-area@ietf.org" <int-area@ietf.org>, "Ramesh.R.Chandra@ril.com" <Ramesh.R.Chandra@ril.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <A41AE132-7526-426D-B1CD-F25F93EEEE4C@daveor.com>
References: <56C7D96E-182F-4584-B190-DCD17957C01F@cisco.com> <0CACF256-D50A-4D0D-BE63-B6A79016A966@daveor.com> <7E84374E-B86E-4CB7-86A9-DAA6D75D6F05@cisco.com>
To: "Rajiv Asati (rajiva)" <rajiva@cisco.com>
X-Mailer: Apple Mail (2.3124)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - vps.ftrsolutions.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - daveor.com
X-Get-Message-Sender-Via: vps.ftrsolutions.com: authenticated_id: dave@daveor.com
X-Authenticated-Sender: vps.ftrsolutions.com: dave@daveor.com
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/softwires/RFsV3UxmaBmq0Et-0bXjWg8gp90>
Subject: Re: [Softwires] [Int-area] ISP CGN logging inc. Destination ??
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 May 2018 11:25:13 -0000

Hi Rajiv,

> On 4 May 2018, at 11:36, Rajiv Asati (rajiva) <rajiva@cisco.com> wrote:
> 
>> For what it’s worth, my Internet draft also discourages connection/destination logging - draft-daveor-cgn-logging-04 (see section 3). 
> 
> Besides the size of the log data, the CGN implementations may take a performance hit if destination A+P also needs to be logged (e.g. connection log), resulting in increased CGN investment. 
> 

Good point. Will incorporate in next draft.
>  
>> outlined the regulatory alternatives that are the only options left for dealing with CGN crime attribution (if source port logging at internet facing servers does not become routine) - one of which was this form of connection logging. 
> 
> The need for connection logging may go beyond the concern of size of logging data - user privacy.  And this carries over to not only A+P techniques, but also IPv6. IOW, this concern may not be limited to address sharing techniques. 
> 

I completely agree with you. In fact, I have already started to investigate the IPv6 attribution issues. See https://datatracker.ietf.org/doc/draft-daveor-ipv6-crime-attribution/. This document is still preliminary so I would be very interested in any feedback you might have.

Best,
daveor