Re: How to include APBP scenarios in the Coexistence RequirementI-D
Alain Durand <alain_durand@cable.comcast.com> Thu, 17 July 2008 15:05 UTC
Return-Path: <owner-v6ops@ops.ietf.org>
X-Original-To: ietfarch-v6ops-archive@core3.amsl.com
Delivered-To: ietfarch-v6ops-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B1E853A686B for <ietfarch-v6ops-archive@core3.amsl.com>; Thu, 17 Jul 2008 08:05:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.338
X-Spam-Level: **
X-Spam-Status: No, score=2.338 tagged_above=-999 required=5 tests=[AWL=-1.698, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_MODEMCABLE=0.768, HELO_MISMATCH_COM=0.553, MIME_8BIT_HEADER=0.3, MIME_QP_LONG_LINE=1.396, RCVD_NUMERIC_HELO=2.067, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7jweGZvXa1n1 for <ietfarch-v6ops-archive@core3.amsl.com>; Thu, 17 Jul 2008 08:05:10 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 60CC23A6781 for <v6ops-archive@lists.ietf.org>; Thu, 17 Jul 2008 08:05:10 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-v6ops@ops.ietf.org>) id 1KJV19-000MGP-Qm for v6ops-data@psg.com; Thu, 17 Jul 2008 15:03:39 +0000
Received: from [208.17.35.58] (helo=paoakoavas09.cable.comcast.com) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from <alain_durand@cable.comcast.com>) id 1KJV10-000MFJ-QJ for v6ops@ops.ietf.org; Thu, 17 Jul 2008 15:03:36 +0000
Received: from ([10.195.246.152]) by paoakoavas09.cable.comcast.com with ESMTP id KP-NTF18.57855991; Thu, 17 Jul 2008 11:03:09 -0400
Received: from PACDCEXCMB06.cable.comcast.com ([24.40.15.22]) by NJMDCEXCRLY01.cable.comcast.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 17 Jul 2008 11:03:10 -0400
Received: from 71.192.55.85 ([71.192.55.85]) by PACDCEXCMB06.cable.comcast.com ([24.40.15.22]) via Exchange Front-End Server webmail.comcast.com ([24.40.8.152]) with Microsoft Exchange Server HTTP-DAV ; Thu, 17 Jul 2008 15:02:21 +0000
User-Agent: Microsoft-Entourage/12.11.0.080522
Date: Thu, 17 Jul 2008 11:02:19 -0400
Subject: Re: How to include APBP scenarios in the Coexistence RequirementI-D
From: Alain Durand <alain_durand@cable.comcast.com>
To: Rémi Després <remi.despres@free.fr>, Dan Wing <dwing@cisco.com>
CC: marcelo bagnulo braun <marcelo@it.uc3m.es>, v6ops <v6ops@ops.ietf.org>
Message-ID: <C4A4D73B.143DB%alain_durand@cable.comcast.com>
Thread-Topic: How to include APBP scenarios in the Coexistence RequirementI-D
Thread-Index: Acjn9cfsLUOyuoRHTambGl3DA2Gv4AAKFOwx
In-Reply-To: <487F1483.5030403@free.fr>
Mime-version: 1.0
Content-type: text/plain; charset="ISO-8859-1"
Content-transfer-encoding: quoted-printable
X-OriginalArrivalTime: 17 Jul 2008 15:03:10.0269 (UTC) FILETIME=[3A2C16D0:01C8E81E]
Sender: owner-v6ops@ops.ietf.org
Precedence: bulk
List-ID: <v6ops.ops.ietf.org>
Rémi, I have some fundamental objections to the APBP proposal. What is does is replace the carrier grade nat (CGN) by a distributed system of home gateways that are allocated chunks of port numbers. The service provider still has to run the port mapping part of the CGN, the only advantage I see is to avoid back-hauling the data traffic to the CGN. You still have most if the issue with CGN, which are mainly customer apps cannot expect to run on their own, well know, port number. More importantly, you introduce a whole bunch of new issues. In random order: - You need to put filtering in place on the ISP access router to make sure the customer is only using the allocated port numbers. This list needs to be in sync with the port number allocation system. - The same access router now need to do port base routing to return the packets to the customer. This is not without cost. - Allocating chunks of port number is not the most efficient allocation algorithm. If a customers does nothing or just use one port number, you are wasting a lot of resources. - Timing out those port number is a bit of a mess, both the apps, the home gateway, the access router and the port allocation system need to be synced up. - All kind of security measure need to be put in place to prevent customers to hoard the port number space. In other words, the complexity you create by distributing the mapping mechanism seems high. It seem to me a better trade-off to centralize this in a CGN. Please note that an ISP does not need to run only one CGN and can distribute those as well close to its network edge, but no closer. Note: the route you are on seems to lead to IPv7 (ask ekr about it), where you augment the IPv4 addressing space with the port number space for routing. You might have seen the T-shirt 32+16 > 128. - Alain. On 7/17/08 5:44 AM, "Rémi Després" <remi.despres@free.fr> wrote: > Dan Wing - Le 7/16/08 8:03 PM : > >> I noticed all of the current proposals (SNAT, NAT64, NAT6, IVI, >> dual-stack-lite, etc.) are quiet on a significant aspect of a requirement >> that >> is important: keeping existing games and existing applications working. I >> am >> thinking of game boxes like Microsoft's Xbox that need UPnP IGD in order to >> function properly over the Internet, and applications such as Microsoft >> Netmeeting (needs an H.323 ALG in the NAT), Quicktime and RealAudio streaming >> (RTSP), and so on. http://tools.ietf.org/html/rfc3027 does a good job of >> explaining the specifics. > > Thanks, a very useful RFC. > > > >> Here is some beautiful ASCII art diagrams of the difference between today's >> UPnP IGD (and NAT-PMP) and what I am suggesting is useful (and necessary) for >> tomorrow's APBP in conjunction with UPnP IGD and NAT-PMP: > > In the new APBP draft > (http://tools.ietf.org/html/draft-despres-v6ops-apbp-01), an APBP client > obtains in one request a public IPv4 address and a range of ports to go > with it. > An APBP message to the APBP server is then not necessary for each > UPnP... packet, and independent outgoing connections will have the same > public IPv4 source adress, IMO an important progress. > > Here is a proposed revision of your ASCII art: > > +-----------------+ > |incoming UPnP IGD| > |or NAT-PMP packet| > +----+------------+ > | > V > +-------------+ +===============================+ > | need new |-----YES->|If needed, Send an APBP Request| > |NAT binding? | | Then create NAT binding | > +----+--------+ |using the obtained IPv4 address| > | | and a free port in its range | > NO +===============================+ > | | > V | > +----+---------------+ | > |respond to UPnP IGD |<------------+ > |or NAT-PMP request | > +----+---------------+ > > > > > Once an APBP client has obtained a range of ports with an address, it > can operate as though it would have an exclusive v4 address, except that > it has less than 64K ports to go with it, and no port in the < 1024 range. > - Of course, this is still a significant restriction but, IMU, CGNs > won't do better. > - To be reachable on a well-known port, in a site that has an IPv6 > prefix and no public IPv4 address, applications should better be > reachable in IPv6. > > > Regards. > > RD >
- How to include APBP scenarios in the Coexistence … Rémi Després
- Re: How to include APBP scenarios in the Coexiste… marcelo bagnulo braun
- Re: How to include APBP scenarios in the Coexiste… Rémi Després
- Re: How to include APBP scenarios in the Coexiste… marcelo bagnulo braun
- Re: How to include APBP scenarios in the Coexiste… Brian E Carpenter
- Re: How to include APBP scenarios in the Coexiste… Rémi Després
- Re: How to include APBP scenarios in the Coexiste… Rémi Després
- Re: How to include APBP scenarios in the Coexiste… Rémi Després
- Re: How to include APBP scenarios in the Coexiste… Alain Durand
- RE: How to include APBP scenarios in the Coexiste… Dan Wing
- Re: How to include APBP scenarios in the Coexiste… Durand, Alain
- Re: How to include APBP scenarios in the Coexiste… Alain Durand
- RE: How to include APBP scenarios in the Coexiste… Dan Wing
- RE: How to include APBP scenarios in the Coexiste… Dan Wing
- Re: How to include APBP scenarios in the Coexiste… David Miles
- Re: How to include APBP scenarios in the Coexiste… EricLKlein
- Re: How to include APBP scenarios in the Coexiste… Rémi Després
- RE: How to include APBP scenarios in the Coexiste… Dan Wing
- Re: How to include APBP scenarios in the Coexiste… Rémi Després