IETF Logo Mail Archive

Re: [Softwires] AD review of draft-ietf-softwire-dual-stack-lite (part 2)

Jari Arkko <jari.arkko@piuha.net> Tue, 17 August 2010 11:27 UTC

Return-Path: <jari.arkko@piuha.net>
X-Original-To: softwires@core3.amsl.com
Delivered-To: softwires@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0BA373A68E7 for <softwires@core3.amsl.com>; Tue, 17 Aug 2010 04:27:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.612
X-Spam-Level:
X-Spam-Status: No, score=-101.612 tagged_above=-999 required=5 tests=[AWL=-0.471, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PH0i6NON+MZa for <softwires@core3.amsl.com>; Tue, 17 Aug 2010 04:27:25 -0700 (PDT)
Received: from p130.piuha.net (p130.piuha.net [IPv6:2001:14b8:400::130]) by core3.amsl.com (Postfix) with ESMTP id 7DE213A6870 for <softwires@ietf.org>; Tue, 17 Aug 2010 04:27:24 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id 9532F2CEB5; Tue, 17 Aug 2010 14:27:59 +0300 (EEST)
X-Virus-Scanned: amavisd-new at piuha.net
Received: from p130.piuha.net ([127.0.0.1]) by localhost (p130.piuha.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t43FcEQV5XMK; Tue, 17 Aug 2010 14:27:59 +0300 (EEST)
Received: from [IPv6:::1] (unknown [IPv6:2001:14b8:400::130]) by p130.piuha.net (Postfix) with ESMTP id E506D2CC62; Tue, 17 Aug 2010 14:27:58 +0300 (EEST)
Message-ID: <4C6A723E.5080701@piuha.net>
Date: Tue, 17 Aug 2010 14:27:58 +0300
From: Jari Arkko <jari.arkko@piuha.net>
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: Ralph Droms <rdroms.ietf@gmail.com>
References: <C885FC34.307F2%yiu_lee@cable.comcast.com> <4C6A6AEE.70409@piuha.net> <FDDC58FD-C0F4-4ADA-8595-B8EA27B25883@gmail.com>
In-Reply-To: <FDDC58FD-C0F4-4ADA-8595-B8EA27B25883@gmail.com>
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: draft-ietf-softwire-dual-stack-lite@tools.ietf.org, Softwires <softwires@ietf.org>
Subject: Re: [Softwires] AD review of draft-ietf-softwire-dual-stack-lite (part 2)
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/softwires>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Aug 2010 11:27:26 -0000

OK. Maybe RFC 5844 text would then be useful in this context as well.

Jari

Ralph Droms kirjoitti: 
Quick response to your first comment - a DHCPv4 server is allowed to send options that were not requested by the client.

- Ralph

On Aug 17, 2010, at 6:56 AM 8/17/10, Jari Arkko wrote:

  
Part 2 of my review.

Technical:

I wonder if the draft should say something more about MTU handling. In particular, should it attempt to inform clients on its inner interface of the real MTU so that fragmentation is not needed. Here's what RFC 5844 said in a very similar situation.

 o  The DHCPOFFER message [RFC2131] sent to the mobile node MUST
    include the Interface MTU option [RFC2132].  The DHCP servers in
    the Proxy Mobile IPv6 domain MUST be configured to include the
    Interface MTU option.  The MTU value SHOULD reflect the tunnel MTU
    for the bidirectional tunnel between the mobile access gateway and
    the local mobility anchor.

(Though I wonder if this text is right either, as presumably you have to ask for options before handing them out...)

    
8.1. NAT pool


AFTRs MAY operate distinct, non overlapping NAT pools.  Those NAT
pools do not have to be continuous.
      
This text is unclear. Are you talking about different AFTRs operating with different sets of public address pools? Or one AFTR running for some set of clients, using a number of different address pools? Or assigning a public address for one client from different pools for different connections? These are all different, and I think you mean the second alternative but I'm not sure.

Please specify.

    
The AFTR should only perform a minimum number of ALG for the classic
applications such as FTP, RTSP/RTP, IPsec and PPTP VPN pass-through
and enable the users to use their own ALG on statically or
dynamically reserved ports instead.
 
      
First off, shouldn't this be written as "... should only implement a minimum ..."

The more substantial comment is that the recommendation is very weak. I do not know if the application list above is complete or if I am expected to implement additional ALGs. Secondly, are there RFCs that we can point to for these ALGs? Finally, I do not know how to provide the use-own-alg functionality. But I'm reading on, maybe its described later in the document.

    
There is an important operational difference if those N ports are
pre-allocated in a cookie-cutter fashion versus allocated on demand
by incoming connections.  This is a difference between an average of
N ports and a maximum of N ports.  Several service providers have
reported an average number of connections per customer in the single
digits.  At the opposite end, thousands or tens of thousands of ports
could be use in a peak by any single customer browsing a number of
AJAX/Web 2.0 sites.
 
      
Is your argument assuming a traditional web browsing usage model, i.e.., that users actively use an application and that the computer sits idle at other times? I am not sure this the model we have going forward. Many popular applications are starting to update content and perform various actions even when the browser sits idle, for instance. I think there will still be a difference between average and maximum, though it is perhaps not as pronounced over the time dimension but could still be very visible between users.

    
In order to achieve higher address space reduction ratios, it is
recommended that service provider do not use this cookie-cutter
approach, and, on the contrary, allocate ports as dynamically as
possible, just like on a regular NAT.
      
Given the above, perhaps the text should warn that in order for this trick to work at all, there really has to be a difference either in the between-users or the time dimension, and that trends in networking may easily reduce either one.

    
When dynamic port assignment is used to maximize the number of
subscribers sharing the AFTR global IPv4 addresses, the AFTR should
implement checks to avoid DOS attack through exhaustion of available
ports.  
      
How?

Editorial:


    
  In broadband home networks, sometime devices are directly connected
      
Sometimes? Some devices?

    
Under this scenario, the customer device is a dual-stack capable host
  that is only provisioned by the service provider only with IPv6. 
      
Would this be better: "... is provisioned by the service provider only with IPv6"?

Jari

_______________________________________________
Softwires mailing list
Softwires@ietf.org
https://www.ietf.org/mailman/listinfo/softwires" rel="nofollow">https://www.ietf.org/mailman/listinfo/softwires

v2.29.0 | Report a Bug | By Email | System Status