1 / 14

IETF84 – August 2012

Analysis of Solution Candidates to Reveal a Host Identifier ( HOST_ID ) in Shared Address Deployments draft- ietf - intarea - nat -reveal-analysis-02. Authors: Mohamed Boucadair, Joe Touch, Pierre Levis, Reinaldo Penno Presenter: Dan Wing. IETF84 – August 2012.

haruko
Download Presentation

IETF84 – August 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Analysis of Solution Candidates to Reveal a Host Identifier (HOST_ID) in Shared Address Deploymentsdraft-ietf-intarea-nat-reveal-analysis-02 Authors: Mohamed Boucadair, Joe Touch, Pierre Levis, Reinaldo Penno Presenter: • Dan Wing IETF84 – August 2012

  2. Steps to Success • There is a engineering problem • Discuss solutions • Engineer the best solution

  3. Steps to Success • There is a engineering problem • Discuss solutions • Engineer the best solution

  4. 1. There Is an Engineering Problem • RFC6269, “Issues with IP Address Sharing” • draft-ietf-intarea-shared-addressing-issues • Section 13.1, Abuse Logging and Penalty Boxes

  5. RFC6269, Section 13.1 ... one user who fails a number of login attempts may block out other users who have not made any previous attempts but who will now fail on their first attempt. ...

  6. IP Reputation Image source: Jason Fesler, Yahoo!

  7. Captcha challenge

  8. Steps to Success • There is a engineering problem • Problem documented in RFC6269, Section 13.1 • Discuss solutions • Engineer the best solution

  9. 2. Discuss Solutions (1/2) • Collect proposed solutions • Analyze differences • Recommend best solution • Previous examples of solution discussions • “Recommendation for a Routing Architecture”, RFC6115, recommendation: ILNP • “Requirements and Analysis of Media Security Management Protocols”, RFC5479, recommendation: DTLS-SRTP

  10. 2. Discuss Solutions (2/2) • draft-ietf-intarea-nat-reveal-analysis • 8 solutions analyzed: • IPID field • IP option • Port sets • ICMP • TCP option • PROXY protocol • Host Identity Protocol (HIP) • Inject Application Headers (e.g., X-Forwarded-For)

  11. Steps to Success • There is a engineering problem • Problem documented in RFC6269, Section 13.1 • Discuss solutions • draft-ietf-intarea-nat-reveal-analysis • Engineer the best solution

  12. 3. Engineer the best solution • First need consensus on the best solution • We aren’t yet ready

  13. Some Questions for the WG • Consensus on problem in RFC6269 §13.1? • “Just Deploy IPv6” • Does this avoid problem in RFC6269 §13.1? • Current trajectory is 50% IPv6 in 6 years • Are there more than 8 solutions? • Disagreement that ietf-intarea-nat-reveal-analysis should recommend a best solution

  14. Thank you draft-ietf-intarea-nat-reveal-analysis

More Related