Ietf84 august 2012
This presentation is the property of its rightful owner.
Sponsored Links
1 / 14

IETF84 – August 2012 PowerPoint PPT Presentation


  • 50 Views
  • Uploaded on
  • Presentation posted in: General

Analysis of Solution Candidates to Reveal a Host Identifier ( HOST_ID ) in Shared Address Deployments draft- ietf - intarea - nat -reveal-analysis-02. Authors: Mohamed Boucadair, Joe Touch, Pierre Levis, Reinaldo Penno Presenter: Dan Wing. IETF84 – August 2012.

Download Presentation

IETF84 – August 2012

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Ietf84 august 2012

Analysis of Solution Candidates to Reveal a Host Identifier (HOST_ID) in Shared Address Deploymentsdraft-ietf-intarea-nat-reveal-analysis-02

Authors:

Mohamed Boucadair, Joe Touch, Pierre Levis, Reinaldo Penno

Presenter:

  • Dan Wing

IETF84 – August 2012


Steps to success

Steps to Success

  • There is a engineering problem

  • Discuss solutions

  • Engineer the best solution


Steps to success1

Steps to Success

  • There is a engineering problem

  • Discuss solutions

  • Engineer the best solution


1 there is an engineering problem

1. There Is an Engineering Problem

  • RFC6269, “Issues with IP Address Sharing”

    • draft-ietf-intarea-shared-addressing-issues

    • Section 13.1, Abuse Logging and Penalty Boxes


Rfc6269 section 13 1

RFC6269, Section 13.1

... one user who fails a number of login attempts may block out other users who have not made any previous attempts but who will now fail on their first attempt. ...


Ip reputation

IP Reputation

Image source: Jason Fesler, Yahoo!


Captcha challenge

Captcha challenge


Steps to success2

Steps to Success

  • There is a engineering problem

    • Problem documented in RFC6269, Section 13.1

  • Discuss solutions

  • Engineer the best solution


2 discuss solutions 1 2

2. Discuss Solutions (1/2)

  • Collect proposed solutions

  • Analyze differences

  • Recommend best solution

  • Previous examples of solution discussions

    • “Recommendation for a Routing Architecture”, RFC6115, recommendation: ILNP

    • “Requirements and Analysis of Media Security Management Protocols”, RFC5479, recommendation: DTLS-SRTP


2 discuss solutions 2 2

2. Discuss Solutions (2/2)

  • draft-ietf-intarea-nat-reveal-analysis

  • 8 solutions analyzed:

    • IPID field

    • IP option

    • Port sets

    • ICMP

    • TCP option

    • PROXY protocol

    • Host Identity Protocol (HIP)

    • Inject Application Headers (e.g., X-Forwarded-For)


Steps to success3

Steps to Success

  • There is a engineering problem

    • Problem documented in RFC6269, Section 13.1

  • Discuss solutions

    • draft-ietf-intarea-nat-reveal-analysis

  • Engineer the best solution


3 engineer the best solution

3. Engineer the best solution

  • First need consensus on the best solution

  • We aren’t yet ready


Some questions for the wg

Some Questions for the WG

  • Consensus on problem in RFC6269 §13.1?

  • “Just Deploy IPv6”

    • Does this avoid problem in RFC6269 §13.1?

    • Current trajectory is 50% IPv6 in 6 years

  • Are there more than 8 solutions?

  • Disagreement that ietf-intarea-nat-reveal-analysis should recommend a best solution


Thank you

Thank you

draft-ietf-intarea-nat-reveal-analysis


  • Login