NATFW NSLP Status draft-ietf-nsis-nslp-natfw-12.txt M. Stiemerling, H. Tschofenig, C. Aoun, and E. Davies NSIS Working Group,

Slides:



Advertisements
Similar presentations
NSIS WG 71th IETF Philadelphia, PA, USA March 12, 2008 WG chairs:John Loughney Martin Stiemerling.
Advertisements

Applicability Statement of NSIS Protocols in Mobile Environments draft-ietf-nsis-applicability-mobility-signaling-12.txt Takako Sanda, Xiaoming Fu, Seong-Ho.
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
Progress Report: Metering NSLP (M-NSLP) 66th IETF meeting, NSIS WG.
1 Improved DNS Server Selection for Multi-Homed Nodes draft-savolainen-mif-dns-server-selection-04 Teemu Savolainen (Nokia) Jun-ya Kato (NTT) MIF WG meeting.
Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.
1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.
Telematics group University of Göttingen, Germany Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol Xiaoming.
1 IETF 64th meeting, Vancouver, Canada Design Options of NSIS Diagnostics NSLP Xiaoming Fu Ingo Juchem Christian Dickmann Hannes Tschofenig.
July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.
1 IETF 64th meeting, Vancouver, Canada Context Transfer Using GIST Xiaoming Fu John Loughney.
Benchmarking Terminology for Routers Supporting Resource Reservation Gábor Fehér, Krisztián Németh, András Korn Budapest University of Technology and Economics.
David A. Bryan, PPSP Workshop, Beijing, China, June 17th and 18th 2010 Tracker Protocol Proposal.
Draft-gu-ppsp-protocol-00 PPSP Session IETF 77, Anaheim March 22, 2010.
PPSP Tracker Protocol draft-gu-ppsp-tracker-protocol PPSP WG IETF 82 Taipei Rui Cruz (presenter) Mário Nunes, Yingjie Gu, Jinwei Xia, David Bryan, João.
NSIS NATFW NSLP: A Network Firewall Control Protocol draft-ietf-nsis-nslp-natfw-08.txt IETF NSIS Working Group January 2006 M. Stiemerling, H. Tschofenig,
Brett Neely IP Next Generation. To boldly go where no network has gone before...
NSIS Path-coupled Signaling for NAT/Firewall Traversal Martin Stiemerling, Miquel Martin (NEC) Hannes Tschofenig (Siemens AG) Cedric Aoun (Nortel)
0 NAT/Firewall NSLP IETF 61th November 2004 draft-ietf-nsis-nslp-natfw-04.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
0 NAT/Firewall NSLP IETF 62th – March 2005 draft-ietf-nsis-nslp-natfw-05.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.
Authentication Mechanism for Port Control Protocol (PCP) draft-wasserman-pcp-authentication-01.txt Margaret Wasserman Sam Hartman Painless Security Dacheng.
GIMPS * – The NSIS Transport Layer draft-ietf-nsis-ntlp-05.txt Slides: Robert Hancock, Henning.
QoS NSLP draft-ietf-nsis-qos-nslp-06.txt Slides: Sven van den Bosch, Georgios Karagiannis, Andrew McDonald.
0 NAT/Firewall NSLP Activities IETF 60th - August 2nd 2004 Cedric Aoun, Martin Stiemerling, Hannes Tschofenig.
WG Document Status 192nd IETF TEAS Working Group.
Draft-cordeiro-nsis-hypath-02 Luís Cordeiro
IETF67 DIME WG Towards the specification of a Diameter Resource Control Application Dong Sun IETF 67, San Diego, Nov 2006 draft-sun-dime-diameter-resource-control-requirements-00.txt.
CGA Extension Header for IPv6 draft-dong-savi-cga-header-03.txt Margaret Wasserman IETF 78, Maastricht July 2010.
IPv6 Site-Local Discussion Bob Hinden & Margaret Wasserman IETF 56 San Francisco March 2003.
An NSLP for Quality of Service draft-buchli-nsis-nslp-00.txt draft-mcdonald-nsis-qos-nslp-00.txt draft-westberg-proposal-for-rsvpv2-nslp-00.txt Slides:
Draft-ietf-fecframe-config-signaling-02 1 FEC framework Configuration Signaling draft-ietf-fecframe-config-signaling-02.txt IETF 76 Rajiv Asati.
NSIS NAT/Firewall NSLP Martin Stiemerling, Hannes Tschofenig, Miquel Martin, Cedric Aoun NSIS WG, 59th IETF.
Analysis and recommendation for the ULA usage draft-liu-v6ops-ula-usage-analysis-00 draft-liu-v6ops-ula-usage-analysis-00 Bing Liu(speaker), Sheng Jiang.
Implications of Trust Relationships for NSIS Signaling (draft-tschofenig-nsis-casp-midcom.txt) Authors: Hannes Tschofenig Henning Schulzrinne.
Mobile IPv6 with IKEv2 and revised IPsec architecture IETF 61
Magnus Westerlund 1 The RTSP Core specification draft-ietf-mmusic-rfc2326bis-06.txt Magnus Westerlund Aravind Narasimhan Rob Lanphier Anup Rao Henning.
1 © NOKIA FILENAMs.PPT/ DATE / NN Requirements for Firewall Configuration Protocol March 10 th, 2005 Gabor Bajko Franck Le Michael Paddon Trevor Plestid.
IP Traffic Engineering RSP draft-shen-ip-te-rsp-01.txt Naiming Shen Albert Tian Jun Zhuang
A Framework for Session Initiation Protocol User Agent Profile Delivery (draft-ietf-sipping-config-framework-11) SIPPING – IETF 68 Mar 19, 2007 Sumanth.
Problem Statement: IP Address Configuration for IPDVB draft-stiemerling-ipdvb-config-02.txt M. Stiemerling (Ed.), G. Gardikis, H. Asgari, D. Negru, T.
1 ipv6-node-02.PPT/ 18 November 2002 / John Loughney IETF 55 IPv6 Working Group IPv6 Node Requirements draft-ietf-ipv6-node-requirements-02.txt John Loughney.
/ Jonne Soininen v6ops-3GPP Design Team IETF#55, v6ops wg Atlanta, USA Jonne Soininen / Juha Wiljakka
1 3gpp_trans/ / IPv6 Transition Solutions for 3GPP Networks draft-wiljakka-3gpp-ipv6-transition-00.txt Juha Wiljakka,
0 NAT/Firewall NSLP IETF 63th – August 2005 draft-ietf-nsis-nslp-natfw-07.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
Behcet Sarikaya Frank Xia July 2009 Dual-stack Lite Mobility Solutions IETF-75
RFC 4068bis draft-ietf-mipshop-fmipv6-rfc4068bis-01.txt Rajeev Koodli.
March 20th, 2001 SIP WG meeting 50th IETF SIP WG meeting Overlap signalling handling
SIP Working Group IETF 72 chaired by Keith Drage, Dean Willis.
NSIS NAT/Firewall Signaling NSIS Interim Meeting Romsey/UK, June 2004 Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
Draft-ietf-behave-nat-udp-00 NAT Behavioral Requirements for Unicast UDP draft-ietf-behave-nat-upd-00 François Audet - Cullen Jennings.
GIST NAT traversal and Legacy NAT traversal for GIST AND
NATFW NSLP Status draft-ietf-nsis-nslp-natfw-08.txt M. Stiemerling, H. Tschofenig, C. Aoun NSIS Working Group, 64th IETF meeting.
Draft-ietf-v6ops-ipsec-tunnels-03 Using IPsec to Secure IPv6-in-IPv4 Tunnels draft-ietf-v6ops-ipsec-tunnels-03 Richard Graveman Mohan Parthasarathy Pekka.
PANA in DSL networks draft-morand-pana-panaoverdsl-00.txt Lionel Morand Roberta Maglione John Kaippallimalil Alper Yegin IETF-67, San Diego.
Applicability Statement of NSIS Protocols in Mobile Environments draft-ietf-nsis-applicability-mobility-signaling-06.txt Takako Sanda, Xiaoming Fu, Seong-Ho.
San Diego, November 2006 IETF 67 th – mip6 WG Goals for AAA-HA interface (draft-ietf-mip6-aaa-ha-goals-03) Gerardo Giaretta Ivano Guardini Elena Demaria.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials draft-bajko-nsis-fw-reqs-01 Gábor Bajkó IETF Interim May 2005.
IETF 64 PSAMP WG1 Path-coupled Meter Configuration Georg Carle, Falko Dressler, Changpeng Fan, Ali Fessi, Cornelia Kappler, Andreas Klenk, Juergen Quittek,
MIDCOM Protocol Semantics 55th IETF
PANA Issues and Resolutions
draft-ietf-simple-message-sessions-00 Ben Campbell
IETF 55 IPv6 Working Group IPv6 Node Requirements
Preferred Alternatives for Tunnelling HIP (PATH)
IKEv2 Mobility and Multihoming Protocol (MOBIKE)
IPv4 Support for Proxy Mobile IPv6 Ryuji Wakikawa & Sri Gundavelli
IEEE MEDIA INDEPENDENT HANDOVER DCN:
Problem Statement of PPSP
Technical Issues with draft-ietf-mpls-bfd-directed
IETF 87 DHC WG Berlin, Germany Thursday, 1 August, 2013
Presentation transcript:

NATFW NSLP Status draft-ietf-nsis-nslp-natfw-12.txt M. Stiemerling, H. Tschofenig, C. Aoun, and E. Davies NSIS Working Group, 66th IETF meeting

3GPP2 and NSIS Network Firewall Configuration & Control Protocol (NFCCP)  "Requirements for Firewall Configuration Protocol” ( draft-bajko-nsis-FW-reqs-04.txt )  Presentation of the NATFW NSLP at the Jan 17th meeting by John  TSG-X, PSN, WG 3.1  Slides are here 3GPP2 WG is in favour of the path-coupled NSIS approach NSIS NATFW NSLP is the NFCCP! Discussion between NATFW NSLP authors and 3GPP2 group are on-going

Status draft-ietf-nsis-nslp-natfw-11  After IETF-65 version for WGLC  Received comments editorial & technical draft-ietf-nsis-nslp-natfw-12  First changes after WGLC comments  Mainly editorial changes due to WGLC  Diff is here  12-diff-to-11.html NATFW issue tracker

Some Issues Who is defining the NSLP object space?  It is not in GIST! Signaling Destination Address (SDA) selection appendix  Quite old  Needs to be reworked  Input is welcome! Terminology issues  NSLP signaling vs. Application signaling  Different “modes”  Signaling exchanges  Etc.

REA Naming Contest REA = Reserve External Address (REA) Past: Used to get external address/port at NAT  Name was 100% fit  But semantics changed over time Now:  Used to get external address/port at NAT  Used to install firewall rules for inbound traffic  Used in proxy mode usage Name seems to inappropriate! Need new name but no idea... REA naming contest (reanco)  Starts today July 12th  Runs until August 3rd 8am EST  Send suggestions to NSIS WG mailing list  Prize: Six-pack of local beer at next IETF in San Diego  All legal things apply here: participants must be older than 18 or 21 years (depending on location of IETF and the local laws), no guarantees, not entitled for anything, must be at the next IETF meeting, etc...

NAT-PT Support Draft -12 unspecified about NAT-PT usage (RFC 2766). Past revisions had text specifying NAT-PT NAT-PT support has been removed  One of the reasons is exprmntl-03.txt exprmntl-03.txt Where to go with NAT-PT support? Overall tendency (list opinion): Do not support NAT-PT  Not really recommended...  There is no known deployment to us. Keep “Remove NAT-PT”.

DTINFO Issues Carries additional information for REA  Port numbers  Transport protocol  Basically all things not in the LE-MRM DTINFO_IPv4 ambiguity issues  Usage not fully specified  Editorial changes needed DTINFO_IPv4 MAY be included  But required in many cases (above 50%)  Change to MUST and wildcard fields (if needed)

DTINFO_IPv6 DTINFO_IPv6 was removed  Same as DTINFO_IPv4  Removed due to removal of NAT-PT support  Caused confusion DTINFO_IPv6 could be used for back-to- back NAT-PT: Proposal: Keep removed.

TRACE Semantics TRACE: a request message to trace all involved NATFW NSLP nodes in a particular signaling session. Defined simple semantics Defined object Overall semantics still shaky.

TRACE Issues Which type of information should be conveyed?  Currently: IPv4 or IPv6 addresses  Support for any “identifier”* included NATs: which IP to report? Why are you only allowed to TRACE from the session owner? Many more... Asked for well-defined semantics on May 11 Still no proposal for semantics Give YOUR input and discussions NOW Without input TRACE needs to be removed!

Thank you! Question?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.