Ietf84 august 2012
Sponsored Links
This presentation is the property of its rightful owner.
1 / 14

IETF84 – August 2012 PowerPoint PPT Presentation


  • 59 Views
  • Uploaded on
  • Presentation posted in: General

Analysis of Solution Candidates to Reveal a Host Identifier ( HOST_ID ) in Shared Address Deployments draft- ietf - intarea - nat -reveal-analysis-02. Authors: Mohamed Boucadair, Joe Touch, Pierre Levis, Reinaldo Penno Presenter: Dan Wing. IETF84 – August 2012.

Download Presentation

IETF84 – August 2012

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Analysis of Solution Candidates to Reveal a Host Identifier (HOST_ID) in Shared Address Deploymentsdraft-ietf-intarea-nat-reveal-analysis-02

Authors:

Mohamed Boucadair, Joe Touch, Pierre Levis, Reinaldo Penno

Presenter:

  • Dan Wing

IETF84 – August 2012


Steps to Success

  • There is a engineering problem

  • Discuss solutions

  • Engineer the best solution


Steps to Success

  • There is a engineering problem

  • Discuss solutions

  • Engineer the best solution


1. There Is an Engineering Problem

  • RFC6269, “Issues with IP Address Sharing”

    • draft-ietf-intarea-shared-addressing-issues

    • Section 13.1, Abuse Logging and Penalty Boxes


RFC6269, Section 13.1

... one user who fails a number of login attempts may block out other users who have not made any previous attempts but who will now fail on their first attempt. ...


IP Reputation

Image source: Jason Fesler, Yahoo!


Captcha challenge


Steps to Success

  • There is a engineering problem

    • Problem documented in RFC6269, Section 13.1

  • Discuss solutions

  • Engineer the best solution


2. Discuss Solutions (1/2)

  • Collect proposed solutions

  • Analyze differences

  • Recommend best solution

  • Previous examples of solution discussions

    • “Recommendation for a Routing Architecture”, RFC6115, recommendation: ILNP

    • “Requirements and Analysis of Media Security Management Protocols”, RFC5479, recommendation: DTLS-SRTP


2. Discuss Solutions (2/2)

  • draft-ietf-intarea-nat-reveal-analysis

  • 8 solutions analyzed:

    • IPID field

    • IP option

    • Port sets

    • ICMP

    • TCP option

    • PROXY protocol

    • Host Identity Protocol (HIP)

    • Inject Application Headers (e.g., X-Forwarded-For)


Steps to Success

  • There is a engineering problem

    • Problem documented in RFC6269, Section 13.1

  • Discuss solutions

    • draft-ietf-intarea-nat-reveal-analysis

  • Engineer the best solution


3. Engineer the best solution

  • First need consensus on the best solution

  • We aren’t yet ready


Some Questions for the WG

  • Consensus on problem in RFC6269 §13.1?

  • “Just Deploy IPv6”

    • Does this avoid problem in RFC6269 §13.1?

    • Current trajectory is 50% IPv6 in 6 years

  • Are there more than 8 solutions?

  • Disagreement that ietf-intarea-nat-reveal-analysis should recommend a best solution


Thank you

draft-ietf-intarea-nat-reveal-analysis


  • Login