Re: [Softwires] WGLC for draft-ietf-softwire-map-mib-10
"Yu Fu" <fuyu@cnnic.cn> Wed, 25 October 2017 09:29 UTC
Return-Path: <fuyu@cnnic.cn>
X-Original-To: softwires@ietfa.amsl.com
Delivered-To: softwires@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB7EA139950; Wed, 25 Oct 2017 02:29:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.594
X-Spam-Level:
X-Spam-Status: No, score=-0.594 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, TRACKER_ID=1.306] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XkSu1UJs2F5K; Wed, 25 Oct 2017 02:29:15 -0700 (PDT)
Received: from cnnic.cn (smtp13.cnnic.cn [218.241.118.13]) by ietfa.amsl.com (Postfix) with ESMTP id E564A139680; Wed, 25 Oct 2017 02:29:13 -0700 (PDT)
Received: from LIUXD (unknown [218.241.103.248]) by ocmail02.zx.nicx.cn (Coremail) with SMTP id AQAAf0CZoOheWfBZa8kWAA--.46199S3; Wed, 25 Oct 2017 17:29:02 +0800 (CST)
From: Yu Fu <fuyu@cnnic.cn>
To: ianfarrer@gmx.com
Cc: softwires@ietf.org, draft-ietf-softwire-map-mib@ietf.org, 'Yong Cui' <cuiyong@tsinghua.edu.cn>
References: <FC7CD004-7CD5-474A-8A3A-CEFC8114B6EF@tsinghua.edu.cn> <D41D22DB-FBB2-4FB5-9FEB-28356B3B7252@gmx.com>
In-Reply-To: <D41D22DB-FBB2-4FB5-9FEB-28356B3B7252@gmx.com>
Date: Wed, 25 Oct 2017 17:28:59 +0800
Message-ID: <000f01d34d73$b0121830$10364890$@cn>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0010_01D34DB6.BE355830"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AdNMnW5rGD2PdjJCQAGK/EsTljXuGgAuzRdw
Content-Language: zh-cn
X-CM-TRANSID: AQAAf0CZoOheWfBZa8kWAA--.46199S3
X-Coremail-Antispam: 1UD129KBjvJXoW3ZFWUXr1UGw48tF4DWF15Arb_yoWkCF13pF Wft3ZxJFyDJr17Gr4kJw48XrySyrs5tr43JrnrKw18Cwn8Cryvyr47Kr1rZFWDGry8Cw1j vrWjvr15WF1DAFJanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUPvb7Iv0xC_Kw4lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_Gr0_Xr1l84ACjcxK6xII jxv20xvEc7CjxVAFwI0_Gr0_Cr1l84ACjcxK6I8E87Iv67AKxVWxJr0_GcWl84ACjcxK6I 8E87Iv6xkF7I0E14v26rxl6s0DM2AIxVAIcxkEcVAq07x20xvEncxIr21l5I8CrVAYj202 j2C_Xr0_Wr1l5I8CrVAqjxCE14ACF2xKxwAqx4xG64kEw2xG04xIwI0_Jr0_Gr1l5I8CrV CF0I0E4I0vr24lYx0E2Ix0cI8IcVAFwI0_Jr0_Jr4lYx0Ex4A2jsIE14v26r1j6r4UMcvj eVCFs4IE7xkEbVWUJVW8JwACjcxG0xvY0x0EwIxGrwCjr7xvwVCIw2I0I7xG6c02F41lc2 xSY4AK67AK6r4fMxAIw28IcxkI7VAKI48JMxC20s026xCaFVCjc4AY6r1j6r4UMI8I3I0E 5I8CrVAFwI0_JrI_JrWlx2IqxVCjr7xvwVAFwI0_JrI_JrWlx4CE17CEb7AF67AKxVWUAV WUtwCIc40Y0x0EwIxGrwCI42IY6xIIjxv20xvE14v26r1j6r1xMIIF0xvE2Ix0cI8IcVCY 1x0267AKxVWUJVW8JwCI42IY6xAIw20EY4v20xvaj40_Wr1j6rW3Jr1lIxAIcVC2z280aV AFwI0_Jr0_Gr1lIxAIcVC2z280aVCY1x0267AKxVWUJVW8JbIYCTnIWIevJa73UjIFyTuY vjxUgJ5rDUUUU
X-CM-SenderInfo: pix13q5fqqxugofq/
Archived-At: <https://mailarchive.ietf.org/arch/msg/softwires/rvpgMloILCEMm326js5sb1jLZ20>
X-Mailman-Approved-At: Wed, 25 Oct 2017 08:11:17 -0700
Subject: Re: [Softwires] WGLC for draft-ietf-softwire-map-mib-10
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2017 09:29:19 -0000
Hi Ian, Thanks for your thorough comments. Please see my reply inline. >g1. >1, Introduction >[if - RFC7597 only covers MAP-E. Translation is described in RFC7599. >I think that this text is carried over from when MAP E and T were both in the >same draft.] >Suggested rewording for this section: >"Mapping of Address and Port with Encapsulation (MAP-E) [RFC7597] is a >stateless, automatic tunnelling mechanism for providing an IPv4 connectivity >service to end-users over a service provider's IPv6 network. >This document defines a portion of the Management Information Base >(MIB) for use with monitoring MAP-E devices." [Yu]:Done >g2. >In the description for mapRuleIpv4Prefix, what is the mapRuleIPv4PrefixType? >This is the only mention of this object in the whole document. [Yu]: Sorry, we had delete the definition of mapRuleIPv4PrefixType since 08 version. I will delete the description for this. >g3. >Section 7 - States that there are a list of objects and their sensitivity / >vulnerability, but the list that follows only names the objects. No vulnerability >information is included. [Yu]: It has a description as followed : “Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP” “Objects that reveal rule information of the MAP Domain: Various objects can reveal the rule information of the map domain. A curious outsider could monitor these to assess the number of rules and the IPv6 prefix performed in this domain. Further, an intruder could use the information to guess the address-sharing ratios of the ISPs.” [Yu]: The objects in the list reveal the rule information and are readable. So they are vulnerable. >Linguistic Comments >idnits 2.15.00 [Yu]: I accept all the comments and an updated version will be submitted soon. Thanks again Cheers Yu From: ianfarrer@gmx.com [mailto:ianfarrer@gmx.com] Sent: Tuesday, October 24, 2017 3:54 PM To: Yong Cui Cc: softwires@ietf.org; draft-ietf-softwire-map-mib@ietf.org Subject: Re: WGLC for draft-ietf-softwire-map-mib-10 Hi, I’ve done a fairly extensive review of v10 of the draft. There’s quite a lot of comments, but nothing major. Thanks, Ian General Comments g1. 1, Introduction [if - RFC7597 only covers MAP-E. Translation is described in RFC7599. I think that this text is carried over from when MAP E and T were both in the same draft.] Suggested rewording for this section: "Mapping of Address and Port with Encapsulation (MAP-E) [RFC7597] is a stateless, automatic tunnelling mechanism for providing an IPv4 connectivity service to end-users over a service provider's IPv6 network. This document defines a portion of the Management Information Base (MIB) for use with monitoring MAP-E devices." --- g2. In the description for mapRuleIpv4Prefix, what is the mapRuleIPv4PrefixType? This is the only mention of this object in the whole document. --- g3. Section 7 - States that there are a list of objects and their sensitivity / vulnerability, but the list that follows only names the objects. No vulnerability information is included. ======== Linguistic Comments l1. Abstract "This memo defines a portion of the Management Information Base (MIB) for using with network management protocols in the Internet community. In particular, it defines managed objects for MAP with encapsulation (MAP-E)." This doesn't read very clearly. A suggested rewording: This memo defines a portion of the Management Information Base (MIB) for Mapping Address and Port with encapsulation (MAP-E) for use with network management protocols. --- l2. 4 - Structure of the MIB Module The term 'MAP specification[RFC7597]' is used several times in the section and it is redundant. Suggest that just [RFC7597] is used. --- l3. The first sentence repeats what has already been said in the abstract and introduction. Suggest it is removed. --- l4. The text states that it relies on 'several parts of the IF-MIB'. Can you provide more information about which parts and how they are used --- l5. 4.1.1 The mapRule Subtree The mapRule subtree describes managed objects used for managing the multiple mapping rules in the MAP encapsulation mode. s/the MAP encapsulation mode./MAP-E/ --- l6. 4.1.2 The mapSecurityCheck Subtree The mapSecurityCheck subtree is to statistic the number of invalid packets that have been identified. s/is to statistic/provides statistics for/ --- l7. For clarity, I suggest that: - The Border Relay (BR) will perform a validation of the consistency of the source IPv6 address and destination IPv6 address for the packet using Basic Mapping Rule (BMR). is replaced with: The Border Relay (BR) will validates the received packet's source IPv6 address against the configured MAP domain rule and the destination IPv6 address against the configured BR IPv6 address. --- l8. - The Map node... s/Map/MAP/ --- 5. Definitions l9. DESCRIPTION "The MIB module is defined for management of objects in the MAP-E BRs or CEs." s/in the/for/ --- l10. DESCRIPTION "It represents the PSID represented in the hexadecimal version so as to display it more clearly." "Indicates that the PSID is represented as hexidecimal for clarity" --- l11. DESCRIPTION "This enumeration describes the type of the mapping rule. It defines tree types of mapping rules here: s/This enumeration describes/Enumerates/ --- l12. DESCRIPTION "The (conceptual) table containing rule Information of specific mapping rule. It can also be used for row creation." s/Information of/information for a/ --- l13. DESCRIPTION "The IPv6 prefix defined in mapping rule which will be assigned to CE. The address type is given by mapRuleIPv6PrefixType." s/in mapping rule which will be assigned to CE./in the mapping rule which will be assigned to the CE./ --- l14. DESCRIPTION "The length of the IPv6 prefix defined in the mapping rule. As a parameter for mapping rule, it will be also assigned to CE." Replace with: "The length of the IPv6 prefix defined in the mapping rule that is assigned to the CE." --- l15. mapRuleIPv4Prefix DESCRIPTION " The IPv4 prefix defined in mapping rule which will be assigned to CE. The address type is given by mapRuleIPv4PrefixType." s/The IPv4 prefix defined in mapping rule which will be assigned to CE./The IPv4 prefix defined in the mapping rule which will be assigned to the CE./ --- l15. mapRuleIPv4PrefixLen DESCRIPTION "The length of the IPv4 prefix defined in the mapping rule. As a parameter for mapping rule, it will be also assigned to CE." Replace with: "The length of the IPv4 prefix defined in the mapping rule that is assigned to the CE." --- l16. mapRuleType DESCRIPTION "It represents the type of the mapping rule. The value of 1 means it is a bmr, the value 2 means it is a fmr, the value 3 means that the bmr is also a fmr for mesh mode." Replace with: "Indicates the type of mapping rule. '1' represents a BMR. '2' represents an FMR and '3' is for a BMR which is also an FMR for mesh mode." --- l17. mapSecurityCheckTable DESCRIPTION "The (conceptual) table containing information on MAP security checks. This table can be used to statistic the number of invalid packets that been identified." s/to statistic the number of invalid packets that been identified./for statistics on the number of invalid packets that have been identified./ --- l18. mapSecurityCheckEntry DESCRIPTION "Each entry in this table contains the information on a particular MAP SecurityCheck." s/contains the information/contains information/ --- l19. mapSecurityCheckInvalidv4 DESCRIPTION "The Map node (CE and BR) will check that the received packets'source IPv4 address and port is in the range derived from matching MAP Rule.So this object indicate the number of the invalid IPv4 packets received by the MAP domain." Replace with: "Indicates the number of received IPv4 packets which do not have a payload source IPv4 address or port within the range defined in the matching MAP rule." --- l20. mapSecurityCheckInvalidv6 DESCRIPTION "The BR will perform a validation of the consistency of the source IPv6 address and destination IPv6 address for the packet using Basic Mapping Rule (BMR). So this object indicate the number of the invalid IPv6 packets received by the BR." Replace with: "Indicates the number of received IPv6 packets which do not have a source or destination IPv6 address matching a Basic Mapping Rule." --- l21. mapMIBRuleGroup DESCRIPTION " The collection of this objects are used to give the information of mapping rules in MAP-E." Replace with: "The group of objects used to describe the MAP-E mapping rule." --- l22. mapMIBSecurityGroup DESCRIPTION " The collection of this objects are used to give the information on MAP security checks." Replace with: "The group of objects used to provide information on the MAP-E security checks." --- l23. Section 7 Security Considerations s/(for example by using IPSec), even then, there is no control/ (for example by using IPSec), there is no control/ --- idnits 2.15.00 /tmp/draft-ietf-softwire-map-mib-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document date (September 15, 2017) is 39 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC7598' is defined on line 636, but no explicit reference was found in the text -- Obsolete informational reference (is this intentional?): RFC 2629 (Obsoleted by RFC 7749) Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- On 11. Oct 2017, at 04:40, Yong Cui <cuiyong@tsinghua.edu.cn> wrote: Hi folks, The authors believe the document, Definitions of Managed Objects for MAP-E (draft-ietf-softwire-map-mib-10), is mature for advancement. We are now issuing a working group last call for it. Please send your comments, either for or against, to the WG mailing list. The WGLC will end on Oct. 24, 2017. Thanks, Yong & Ian
- [Softwires] WGLC for draft-ietf-softwire-map-mib-… Yong Cui
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Ian Farrer
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Yu Fu
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Ian Farrer
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Yong Cui
- Re: [Softwires] WGLC for draft-ietf-softwire-map-… Yu Fu
- [Softwires] Questions for authors of draft-ietf-s… Yong Cui
- Re: [Softwires] Questions for authors of draft-ie… Yu Fu
- Re: [Softwires] Questions for authors of draft-ie… Liubing (Leo)