[Softwires] AD review of draft-ietf-softwire-dual-stack-lite (part 2)
Jari Arkko <jari.arkko@piuha.net> Tue, 17 August 2010 10:56 UTC
Return-Path: <jari.arkko@piuha.net>
X-Original-To: softwires@core3.amsl.com
Delivered-To: softwires@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 934803A693D for <softwires@core3.amsl.com>; Tue, 17 Aug 2010 03:56:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.336
X-Spam-Level:
X-Spam-Status: No, score=-102.336 tagged_above=-999 required=5 tests=[AWL=0.263, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j6d3lHS9spXv for <softwires@core3.amsl.com>; Tue, 17 Aug 2010 03:56:13 -0700 (PDT)
Received: from p130.piuha.net (p130.piuha.net [IPv6:2001:14b8:400::130]) by core3.amsl.com (Postfix) with ESMTP id 07A3D3A6803 for <softwires@ietf.org>; Tue, 17 Aug 2010 03:56:13 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id D7A162CCCF; Tue, 17 Aug 2010 13:56:47 +0300 (EEST)
X-Virus-Scanned: amavisd-new at piuha.net
Received: from p130.piuha.net ([127.0.0.1]) by localhost (p130.piuha.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YSi2cK06PoUy; Tue, 17 Aug 2010 13:56:47 +0300 (EEST)
Received: from [IPv6:::1] (unknown [IPv6:2001:14b8:400::130]) by p130.piuha.net (Postfix) with ESMTP id 534EE2CC62; Tue, 17 Aug 2010 13:56:47 +0300 (EEST)
Message-ID: <4C6A6AEE.70409@piuha.net>
Date: Tue, 17 Aug 2010 13:56:46 +0300
From: Jari Arkko <jari.arkko@piuha.net>
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: draft-ietf-softwire-dual-stack-lite@tools.ietf.org, softwires@ietf.org
References: <C885FC34.307F2%yiu_lee@cable.comcast.com>
In-Reply-To: <C885FC34.307F2%yiu_lee@cable.comcast.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [Softwires] AD review of draft-ietf-softwire-dual-stack-lite (part 2)
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/softwires>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Aug 2010 10:56:14 -0000
Part 2 of my review.
Technical:
I wonder if the draft should say something more about MTU handling. In
particular, should it attempt to inform clients on its inner interface
of the real MTU so that fragmentation is not needed. Here's what RFC
5844 said in a very similar situation.
o The DHCPOFFER message [RFC2131] sent to the mobile node MUST
include the Interface MTU option [RFC2132]. The DHCP servers in
the Proxy Mobile IPv6 domain MUST be configured to include the
Interface MTU option. The MTU value SHOULD reflect the tunnel MTU
for the bidirectional tunnel between the mobile access gateway and
the local mobility anchor.
(Though I wonder if this text is right either, as presumably you have to
ask for options before handing them out...)
> 8.1. NAT pool
>
>
> AFTRs MAY operate distinct, non overlapping NAT pools. Those NAT
> pools do not have to be continuous.
This text is unclear. Are you talking about different AFTRs operating
with different sets of public address pools? Or one AFTR running for
some set of clients, using a number of different address pools? Or
assigning a public address for one client from different pools for
different connections? These are all different, and I think you mean the
second alternative but I'm not sure.
Please specify.
> The AFTR should only perform a minimum number of ALG for the classic
> applications such as FTP, RTSP/RTP, IPsec and PPTP VPN pass-through
> and enable the users to use their own ALG on statically or
> dynamically reserved ports instead.
>
First off, shouldn't this be written as "... should only implement a
minimum ..."
The more substantial comment is that the recommendation is very weak. I
do not know if the application list above is complete or if I am
expected to implement additional ALGs. Secondly, are there RFCs that we
can point to for these ALGs? Finally, I do not know how to provide the
use-own-alg functionality. But I'm reading on, maybe its described later
in the document.
> There is an important operational difference if those N ports are
> pre-allocated in a cookie-cutter fashion versus allocated on demand
> by incoming connections. This is a difference between an average of
> N ports and a maximum of N ports. Several service providers have
> reported an average number of connections per customer in the single
> digits. At the opposite end, thousands or tens of thousands of ports
> could be use in a peak by any single customer browsing a number of
> AJAX/Web 2.0 sites.
>
Is your argument assuming a traditional web browsing usage model, i.e..,
that users actively use an application and that the computer sits idle
at other times? I am not sure this the model we have going forward. Many
popular applications are starting to update content and perform various
actions even when the browser sits idle, for instance. I think there
will still be a difference between average and maximum, though it is
perhaps not as pronounced over the time dimension but could still be
very visible between users.
> In order to achieve higher address space reduction ratios, it is
> recommended that service provider do not use this cookie-cutter
> approach, and, on the contrary, allocate ports as dynamically as
> possible, just like on a regular NAT.
Given the above, perhaps the text should warn that in order for this
trick to work at all, there really has to be a difference either in the
between-users or the time dimension, and that trends in networking may
easily reduce either one.
> When dynamic port assignment is used to maximize the number of
> subscribers sharing the AFTR global IPv4 addresses, the AFTR should
> implement checks to avoid DOS attack through exhaustion of available
> ports.
How?
Editorial:
> In broadband home networks, sometime devices are directly connected
Sometimes? Some devices?
> Under this scenario, the customer device is a dual-stack capable host
> that is only provisioned by the service provider only with IPv6.
Would this be better: "... is provisioned by the service provider only
with IPv6"?
Jari
- [Softwires] AD review of draft-ietf-softwire-dual… Jari Arkko
- Re: [Softwires] AD review of draft-ietf-softwire-… Yiu L. Lee
- Re: [Softwires] AD review of draft-ietf-softwire-… Jari Arkko
- Re: [Softwires] AD review of draft-ietf-softwire-… Alain Durand
- Re: [Softwires] AD review of draft-ietf-softwire-… Alain Durand
- Re: [Softwires] AD review of draft-ietf-softwire-… Alain Durand
- [Softwires] AD review of draft-ietf-softwire-dual… Jari Arkko
- Re: [Softwires] AD review of draft-ietf-softwire-… Jari Arkko
- Re: [Softwires] AD review of draft-ietf-softwire-… Ralph Droms
- Re: [Softwires] AD review of draft-ietf-softwire-… Jari Arkko
- [Softwires] AD review of draft-ietf-softwire-dual… Jari Arkko
- Re: [Softwires] AD review of draft-ietf-softwire-… Yiu L. Lee
- Re: [Softwires] AD review of draft-ietf-softwire-… Yiu L. Lee