RE: [Speermint] NATs and Firewalls
"Medhavi Bhatia" <mbhatia@nextone.com> Thu, 06 April 2006 00:50 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FRIhd-0006vg-Rw; Wed, 05 Apr 2006 20:50:25 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FRIhc-0006vb-LT for speermint@ietf.org; Wed, 05 Apr 2006 20:50:24 -0400
Received: from mail1.nextone.com ([209.125.86.104]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FRIhc-0006CT-Cx for speermint@ietf.org; Wed, 05 Apr 2006 20:50:24 -0400
Received: from moe.nextone.local ([192.168.15.38]) by mail1.nextone.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 5 Apr 2006 20:50:23 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [Speermint] NATs and Firewalls
Date: Wed, 05 Apr 2006 20:50:20 -0400
Message-ID: <8812D8156467224C9E9739E513037EF155A1B6@moe.nextone.local>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Speermint] NATs and Firewalls
thread-index: AcZYuXyi5X4kMntWQ7CCMmoxP2btVAAB2tNQAAMgH6AABGzpcAACaXJQAAkOs+A=
From: Medhavi Bhatia <mbhatia@nextone.com>
To: Hadriel Kaplan <HKaplan@acmepacket.com>, speermint@ietf.org
X-OriginalArrivalTime: 06 Apr 2006 00:50:23.0910 (UTC) FILETIME=[168B8C60:01C65914]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: a87a9cdae4ac5d3fbeee75cd0026d632
Cc:
X-BeenThere: speermint@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Mailing list for the speermint working group <speermint.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/speermint>, <mailto:speermint-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/speermint>
List-Post: <mailto:speermint@ietf.org>
List-Help: <mailto:speermint-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/speermint>, <mailto:speermint-request@ietf.org?subject=subscribe>
Errors-To: speermint-bounces@ietf.org
> Hi Hadriel, See below. > I think what may be the issue is our definition of SBCs may simply not be > the same. Maybe you feel all the functions of modern SBCs are all > implemented in a single physical box, which is not the case from my view at > all. The functions can be broken up, or not. It does not matter from the > context of this working group, because the peering partner is a single > logical entity and it's the requirements that must be covered, not the > implementations meeting those requirements. (as pointed out to me earlier! > :) I think that is the problem today. There are too many SBC definitions and behaviors. This is the result of different point solutions for similar requirements given by service providers in different circumstances (fixed, mobile etc). Clearly something this under-defined cannot be taken into account by the WG when making choices. That's what I essentially said in an earlier thread on WG scope. We need to get all the requirements on the table and be practical about them. SBCs are out of scope... > My only point relative to what should be "required", is applicability to > as broad a spectrum of providers as possible, where covering the case of L3 > VPNs is probably the broadest approach, and within the IETF's domain. > > Or maybe you feel the definition of "SBC" _requires_ media relaying > somewhere? That is not the case for any of the current physical > implementations of SBCs that I know of in the service-provider market. It > happens to be that many providers enable them to do that, for many reasons > way beyond "point" requirements. For example, I consider media-relaying for > the purpose of hosted-nat-traversal a "point" requirement. Someday it will > fix itself. But that's not why many providers relay media, and certainly > not in peering applications; and some providers don't relay media with their > SBCs. > I think in the speermint we should look at the problem of peering during session setup. After the setup phase, the service providers may decide to do media peering or not. We should tackle those requirements later on. > Regardless, in my view even if the SBC does not relay media it's still an > SBC if it performs other functions related to security, inter-working, > policies, etc. Some of those functions are described in > draft-camarillo-sipping-sbc-funcs-03.txt, which I believe you helped author. > Clearly at some point as you remove those functions it ends up being just a > proxy. B2BUA to be precise. If I remove those functions, I will still be left with a lot more functions! (it is not easy to document all SBC functions, especially since there is no clear definition or requirements out there on functions or expected behavior. We only mention some in that draft). But since a large group of providers appear to want some or all of > those functions (and more) today, at peering points, then a peering BCP for > peering providers would be most successful if it "worked" within the > constraints of those wants while providing BCPs to enable new services or > applications. > I think the problem we are trying to solve in the WG is definition of a specific SIP signaling profile (as defined by this WG at some point I guess) and location mechanism for next hop (again TBD from this WG) which will enable successful hand-off of the call between domains. This is clearly my interpretation and the chairs may think o/w. We should not be taking the SBC functions as defined somewhere (especially since they are incomplete) and try to write BCPs on them. We should be defining interfaces in this WG, not elements, architecture etc. > I think the simplest way to do it is to simply also cover the case of L3 > VPNs peering with each other. Do you disagree with that? Any "services" or > applications which cannot be met by peering L3 VPNs, may be documented as > such in the BCPs, as far as I care. > L3 is out of scope... I think that I am pretty sure of. I am not sure what you mean by peering L3 VPNs in speermint's context. -Medhavi. _______________________________________________ Speermint mailing list Speermint@ietf.org https://www1.ietf.org/mailman/listinfo/speermint
- [Speermint] NATs and Firewalls Stastny Richard
- RE: [Speermint] NATs and Firewalls Malas, Daryl
- [Speermint] RE: NATs and Firewalls Hadriel Kaplan
- [Speermint] Re: NATs and Firewalls Stastny Richard
- [Speermint] RE: NATs and Firewalls Hadriel Kaplan
- [Speermint] RE: NATs and Firewalls Patrick Melampy
- RE: [Speermint] NATs and Firewalls Drage, Keith (Keith)
- Re: [Speermint] NATs and Firewalls Spencer Dawkins
- RE: [Speermint] NATs and Firewalls Patrick Melampy
- Re: [Speermint] RE: NATs and Firewalls Jonathan Rosenberg
- Re: [Speermint] NATs and Firewalls Spencer Dawkins
- RE: [Speermint] NATs and Firewalls Peter Macaulay
- RE: [Speermint] NATs and Firewalls Michael Hammer (mhammer)
- RE: [Speermint] NATs and Firewalls Khan, Sohel Q [CTO]
- RE: [Speermint] RE: NATs and Firewalls Hadriel Kaplan
- RE: [Speermint] NATs and Firewalls Malas, Daryl
- RE: [Speermint] NATs and Firewalls Uzelac, Adam
- RE: [Speermint] NATs and Firewalls Medhavi Bhatia
- RE: [Speermint] NATs and Firewalls Malas, Daryl
- RE: [Speermint] RE: NATs and Firewalls Khan, Sohel Q [CTO]
- RE: [Speermint] NATs and Firewalls Hadriel Kaplan
- RE: [Speermint] NATs and Firewalls Hadriel Kaplan
- RE: [Speermint] NATs and Firewalls Hadriel Kaplan
- Re: [Speermint] NATs and Firewalls Stastny Richard
- RE: [Speermint] NATs and Firewalls Reinaldo Penno
- RE: [Speermint] NATs and Firewalls Reinaldo Penno
- RE: [Speermint] NATs and Firewalls Medhavi Bhatia
- RE: [Speermint] NATs and Firewalls Uzelac, Adam
- RE: [Speermint] NATs and Firewalls Reinaldo Penno
- Re: [Speermint] NATs and Firewalls Marshall Eubanks
- RE: [Speermint] NATs and Firewalls Reinaldo Penno
- Re: [Speermint] NATs and Firewalls Marshall Eubanks
- RE: [Speermint] NATs and Firewalls Hadriel Kaplan
- RE: [Speermint] NATs and Firewalls Hadriel Kaplan
- RE: [Speermint] NATs and Firewalls Medhavi Bhatia
- RE: [Speermint] NATs and Firewalls Stastny Richard
- RE: [Speermint] NATs and Firewalls Hadriel Kaplan