TSVDIR review, draft-ietf-softwire-dual-stack-lite-08
"Dan Wing" <dwing@cisco.com> Fri, 06 May 2011 00:45 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: tsv-area@ietfa.amsl.com
Delivered-To: tsv-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF133E06FB; Thu, 5 May 2011 17:45:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.367
X-Spam-Level:
X-Spam-Status: No, score=-110.367 tagged_above=-999 required=5 tests=[AWL=0.232, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ILHwr2wlgqhz; Thu, 5 May 2011 17:45:25 -0700 (PDT)
Received: from sj-iport-3.cisco.com (sj-iport-3.cisco.com [171.71.176.72]) by ietfa.amsl.com (Postfix) with ESMTP id CF422E06CF; Thu, 5 May 2011 17:45:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=dwing@cisco.com; l=3408; q=dns/txt; s=iport; t=1304642725; x=1305852325; h=from:to:subject:date:message-id:mime-version: content-transfer-encoding; bh=MgatDgcccnj+klpW+Rg/C15wpY7+y5+bae5wjxXkc/M=; b=QJx+3Xoeszjx4qtIHhqr8DsNLvOIfQxtvM5KfSa6A7GZqWWcltmi2tLE F9KWeErg8OP36/x4+ypNgSn9yk85g90bVfuEG7hGOTeYMdmqWkSH1wDzR aYbK8BFlp4H3Ieo2zS9ccyuFQtMaVOcCkgwq0wX/+Yt0x7hP/EXK05fbE Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EAHpDw02rRDoG/2dsb2JhbACZfYxCd6gGniOGBwSGOJgB
X-IronPort-AV: E=Sophos;i="4.64,323,1301875200"; d="scan'208";a="309522647"
Received: from mtv-core-1.cisco.com ([171.68.58.6]) by sj-iport-3.cisco.com with ESMTP; 06 May 2011 00:42:58 +0000
Received: from dwingWS ([10.32.240.194]) by mtv-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id p460gw2e016390; Fri, 6 May 2011 00:42:58 GMT
From: Dan Wing <dwing@cisco.com>
To: 'David Harrington' <ietfdbh@comcast.net>, 'Transport Directorate' <tsv-dir@ietf.org>, tsv-area@ietf.org, draft-ietf-softwire-dual-stack-lite@tools.ietf.org
Subject: TSVDIR review, draft-ietf-softwire-dual-stack-lite-08
Date: Thu, 05 May 2011 17:42:57 -0700
Message-ID: <034e01cc0b86$8b9eb8e0$a2dc2aa0$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcwLhotQF09IEkEUQgq4rzA1nGrQvQ==
Content-Language: en-us
X-BeenThere: tsv-area@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF Transport Area Mailing List <tsv-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-area>, <mailto:tsv-area-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tsv-area>
List-Post: <mailto:tsv-area@ietf.org>
List-Help: <mailto:tsv-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-area>, <mailto:tsv-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 May 2011 00:45:26 -0000
I've reviewed this document as part of the transport area directorate's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors for their information and to allow them to address any issues raised. The authors should consider this review together with any other last-call comments they receive. Please always CC tsv-dir@ietf.org if you reply to or forward this review. This draft is basically ready for publication, but has nits that should be fixed before publication: In draft-ietf-softwire-dual-stack-lite-08, it says: 8.3. Application Level Gateways (ALG) AFTR performs NAT-44 and inherits the limitations of NAT. Some protocols require ALGs in the NAT device to traverse through the NAT. For example: SIP and ICMP require ALGs to work properly. Three comments on that "For example:" 1. I do not believe SIP requires an ALG. Here are three citations that SIP ALG is unnecessary: * ICE (RFC5245), which has the SIP endpoint do its own NAT traversal. With this, a SIP ALG is unnecessary. * Session Border Controllers routinely implement 'media latching' (described in draft-ietf-mmusic-media-path-middleboxes), which works with endpoints that don't implement ICE. With this, a SIP ALG is unnecessary. * draft-ietf-sipping-nat-scenarios describes how all of this stuff works in great detail, and its Section 3 says SIP ALG is not required. I worry that the IETF is requiring / suggesting / recommending that vendors implement ALGs in NATs. If the IETF were to make such a recommendation, it needs to come from BEHAVE which is where the NAT work occurs, not SOFTWIRE. Unless there is a citation that SIP ALG is necessary, please strike it. 2. "ALG" is an abbreviation for Application Layer Gateway, but ICMP is not an application; it is a layer 4 protocol. If anything, it is traditionally considered a "layer 3.5", because it is not normally used for transport but rather to signal the IP layer. The term "ALG" is not appropriate when discussing ICMP. RFC5508, which describes the behavior of ICMP for NAT, does not use the term ALG (or Application) when describing ICMP. I suggest simply striking "ICMP" from the example of protocols needing an ALG. This also requires updating the text: This specification only requires that the AFTR MUST support [RFC5508]. by moving it out of the ALG section and to section 8.2 ("NAT Conformance") where there are already citations for RFC4787 (UDP operation) and RFC5382 (TCP operation). I suggest striking the mention of RFC5508 from the ALG section and adding it to Section 8.2 ("NAT Conformance"), like this: OLD: A dual-stack lite AFTR MUST implement behavior conforming to the best current practice, currently documented in [RFC4787] and [RFC5382]. NEW: A dual-stack lite AFTR MUST implement behavior conforming to the best current practice, currently documented in [RFC4787], [RFC5382], and .................................................................^^^^^ [RFC5508]. ...^^^^^^^^^ 3. If the authors desire an example of a protocol that requires an ALG, a good example is "active-mode FTP". (Which is seldom used anymore, because it requires an ALG! It has been surpassed by passive-mode FTP.) -d