IETF Logo Mail Archive

Re: [v4v6interim] [BEHAVE] [46translation] Proposal for new BEHAVE charter

" Rémi Denis-Courmont" <remi.denis-courmont@nokia.com> Fri, 24 October 2008 09:09 UTC

Return-Path: <v4v6interim-bounces@ietf.org>
X-Original-To: v4v6interim-archive@ietf.org
Delivered-To: ietfarch-v4v6interim-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 180C03A68D1; Fri, 24 Oct 2008 02:09:33 -0700 (PDT)
X-Original-To: v4v6interim@core3.amsl.com
Delivered-To: v4v6interim@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 193013A6810; Fri, 24 Oct 2008 02:09:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.299
X-Spam-Level:
X-Spam-Status: No, score=-6.299 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vcVcJ0F3BMZR; Fri, 24 Oct 2008 02:09:31 -0700 (PDT)
Received: from mgw-mx09.nokia.com (smtp.nokia.com [192.100.105.134]) by core3.amsl.com (Postfix) with ESMTP id 3AE8D3A6A6F; Fri, 24 Oct 2008 02:09:31 -0700 (PDT)
Received: from esebh106.NOE.Nokia.com (esebh106.ntc.nokia.com [172.21.138.213]) by mgw-mx09.nokia.com (Switch-3.2.6/Switch-3.2.6) with ESMTP id m9O99wxo002946; Fri, 24 Oct 2008 04:10:47 -0500
Received: from vaebh102.NOE.Nokia.com ([10.160.244.23]) by esebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 24 Oct 2008 12:10:44 +0300
Received: from vaebh101.NOE.Nokia.com ([10.160.244.22]) by vaebh102.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 24 Oct 2008 12:10:43 +0300
Received: from esdhcp04094.research.nokia.com ([172.21.40.94]) by vaebh101.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 24 Oct 2008 12:10:43 +0300
From: Rémi Denis-Courmont <remi.denis-courmont@nokia.com>
Organization: Maemo Software - Nokia Devices R&D
To: v4v6interim@ietf.org
Date: Fri, 24 Oct 2008 12:10:45 +0300
User-Agent: KMail/1.9.10
References: <48F8539D.90608@ericsson.com> <49009C8B.80707@cisco.com> <A1BB57A1-8B5F-44FF-85BE-C533D0FAE85D@cisco.com>
In-Reply-To: <A1BB57A1-8B5F-44FF-85BE-C533D0FAE85D@cisco.com>
MIME-Version: 1.0
Content-Disposition: inline
Message-Id: <200810241210.46374.remi.denis-courmont@nokia.com>
X-OriginalArrivalTime: 24 Oct 2008 09:10:43.0294 (UTC) FILETIME=[647D07E0:01C935B8]
X-Nokia-AV: Clean
Cc: 46Translation <46translation@employees.org>, Behave WG <behave@ietf.org>
Subject: Re: [v4v6interim] [BEHAVE] [46translation] Proposal for new BEHAVE charter
X-BeenThere: v4v6interim@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of coexistence topics for the 01-Oct-2008 v4-v6 coexistence interim meeting <v4v6interim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/v4v6interim>, <mailto:v4v6interim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/v4v6interim>
List-Post: <mailto:v4v6interim@ietf.org>
List-Help: <mailto:v4v6interim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v4v6interim>, <mailto:v4v6interim-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: v4v6interim-bounces@ietf.org
Errors-To: v4v6interim-bounces@ietf.org

On Thursday 23 October 2008 19:06:52 ext Cullen Jennings, you wrote:
> If the mapping was purely and 1:1 mapping between internal and
> external IPs I would agree with you but unfortunately, I worry that
> meeting the requirement that drive section 4.4 of 4864 (privacy and
> topology hiding) really complicate trying to do it with 1:1 mapping at
> IP level.
>
> If you want to be able hide that two uncorrelated sessions are
> actually coming from the same internal host, well, I'm not sure I see
> how to do this with 1:1 mappings. One might argue that one should
> ignore these requirements but this is one of key areas where some
> people feel that 4864 has limitations that drive the deployment of
> NAT66. Two solutions I have seen for this are
> a) different external IP for every internal flow

This is unlikely to be deployed. It breaks to many applications that work fine 
with NATs (e.g. many web apps tie their "session" to the client IP address).

> b) doing port address translation similar to 
> NAPT in NAT44. Either of these choices has some pretty substantial
> impacts on how to make applications like VoIP work.

I don't think there's a strong requirement to hide correlation (or rather, 
lack thereof) between VoIP sessions - human user being the bottleneck in how 
many VoIP sessions a system can have.

But most importantly, I doubt that people who are this paranoid about topology 
hiding would tolerate using STUN, or any other server-reflexive address 
learning for that matter. But hey, you must know the SIP privacy work better 
than I do :) IIRC, it's proxy-based (TURN).

Therefore I am not convinced that 1:1 mapping would be a problem.
However, and to answer Alain's point, yes, some vendors will ship NAT66 boxes 
that work exactly like NAT44. But these will be no more BEHAVE-compliant than 
the NAT44 boxes. So it's kind of a non-issue from a standardization 
perspective - I tend to think that there is no problem if there is no 
solution.

-- 
Rémi Denis-Courmont
Maemo Software, Nokia Devices R&D
_______________________________________________
v4v6interim mailing list
v4v6interim@ietf.org
https://www.ietf.org/mailman/listinfo/v4v6interim

v2.23.0 | Report a Bug | By Email