Presentation is loading. Please wait.

Presentation is loading. Please wait.

NATFW NSLP Status draft-ietf-nsis-nslp-natfw-12.txt M. Stiemerling, H. Tschofenig, C. Aoun, and E. Davies NSIS Working Group,

Published byRoger Fleming Modified over 9 years ago

Similar presentations

Presentation on theme: "NATFW NSLP Status draft-ietf-nsis-nslp-natfw-12.txt M. Stiemerling, H. Tschofenig, C. Aoun, and E. Davies NSIS Working Group,"— Presentation transcript:

1 NATFW NSLP Status draft-ietf-nsis-nslp-natfw-12.txt M. Stiemerling, H. Tschofenig, C. Aoun, and E. Davies stiemerling@netlab.nec.de NSIS Working Group, 66th IETF meeting

2 3GPP2 and NSIS Network Firewall Configuration & Control Protocol (NFCCP)  "Requirements for Firewall Configuration Protocol” ( draft-bajko-nsis-FW-reqs-04.txt )  Presentation of the NATFW NSLP at the Jan 17th meeting by John  TSG-X, PSN, WG 3.1  Slides are here http://www.stiemerling.org/ietf/nsis/3gpp2/3gpp2_nsis_natfw_overview_final.ppt 3GPP2 WG is in favour of the path-coupled NSIS approach NSIS NATFW NSLP is the NFCCP! Discussion between NATFW NSLP authors and 3GPP2 group are on-going

3 Status draft-ietf-nsis-nslp-natfw-11  After IETF-65 version for WGLC  Received comments editorial & technical draft-ietf-nsis-nslp-natfw-12  First changes after WGLC comments  Mainly editorial changes due to WGLC  Diff is here  http://www.stiemerling.org/ietf/nsis/draft-ietf-nsis-nslp-natfw- 12-diff-to-11.html NATFW issue tracker https://kobe.netlab.nec.de/roundup/nsis-natfw-nslp/ https://kobe.netlab.nec.de/roundup/nsis-natfw-nslp/

4 Some Issues Who is defining the NSLP object space?  It is not in GIST! Signaling Destination Address (SDA) selection appendix  Quite old  Needs to be reworked  Input is welcome! Terminology issues  NSLP signaling vs. Application signaling  Different “modes”  Signaling exchanges  Etc.

5 REA Naming Contest REA = Reserve External Address (REA) Past: Used to get external address/port at NAT  Name was 100% fit  But semantics changed over time Now:  Used to get external address/port at NAT  Used to install firewall rules for inbound traffic  Used in proxy mode usage Name seems to inappropriate! Need new name but no idea... REA naming contest (reanco)  Starts today July 12th  Runs until August 3rd 8am EST  Send suggestions to NSIS WG mailing list  Prize: Six-pack of local beer at next IETF in San Diego  All legal things apply here: participants must be older than 18 or 21 years (depending on location of IETF and the local laws), no guarantees, not entitled for anything, must be at the next IETF meeting, etc...

6 NAT-PT Support Draft -12 unspecified about NAT-PT usage (RFC 2766). Past revisions had text specifying NAT-PT NAT-PT support has been removed  One of the reasons is http://www.ietf.org/internet-drafts/draft-ietf-v6ops-natpt-to- exprmntl-03.txt http://www.ietf.org/internet-drafts/draft-ietf-v6ops-natpt-to- exprmntl-03.txt Where to go with NAT-PT support? Overall tendency (list opinion): Do not support NAT-PT  Not really recommended...  There is no known deployment to us. Keep “Remove NAT-PT”.

7 DTINFO Issues Carries additional information for REA  Port numbers  Transport protocol  Basically all things not in the LE-MRM DTINFO_IPv4 ambiguity issues  Usage not fully specified  Editorial changes needed DTINFO_IPv4 MAY be included  But required in many cases (above 50%)  Change to MUST and wildcard fields (if needed)

8 DTINFO_IPv6 DTINFO_IPv6 was removed  Same as DTINFO_IPv4  Removed due to removal of NAT-PT support  Caused confusion DTINFO_IPv6 could be used for back-to- back NAT-PT: Proposal: Keep removed.

9 TRACE Semantics TRACE: a request message to trace all involved NATFW NSLP nodes in a particular signaling session. Defined simple semantics Defined object Overall semantics still shaky.

10 TRACE Issues Which type of information should be conveyed?  Currently: IPv4 or IPv6 addresses  Support for any “identifier”* included NATs: which IP to report? Why are you only allowed to TRACE from the session owner? Many more... Asked for well-defined semantics on May 11 Still no proposal for semantics Give YOUR input and discussions NOW Without input TRACE needs to be removed!

11 Thank you! Question?

Download ppt "NATFW NSLP Status draft-ietf-nsis-nslp-natfw-12.txt M. Stiemerling, H. Tschofenig, C. Aoun, and E. Davies NSIS Working Group,"

Similar presentations

NSIS WG 71th IETF Philadelphia, PA, USA March 12, 2008 WG chairs:John Loughney Martin Stiemerling.

NSIS WG 71th IETF Philadelphia, PA, USA March 12, 2008 WG chairs:John Loughney Martin Stiemerling.
Applicability Statement of NSIS Protocols in Mobile Environments draft-ietf-nsis-applicability-mobility-signaling-12.txt Takako Sanda, Xiaoming Fu, Seong-Ho.

Applicability Statement of NSIS Protocols in Mobile Environments draft-ietf-nsis-applicability-mobility-signaling-12.txt Takako Sanda, Xiaoming Fu, Seong-Ho.
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.

EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
Progress Report: Metering NSLP (M-NSLP) 66th IETF meeting, NSIS WG.

Progress Report: Metering NSLP (M-NSLP) 66th IETF meeting, NSIS WG.
1 Improved DNS Server Selection for Multi-Homed Nodes draft-savolainen-mif-dns-server-selection-04 Teemu Savolainen (Nokia) Jun-ya Kato (NTT) MIF WG meeting.

1 Improved DNS Server Selection for Multi-Homed Nodes draft-savolainen-mif-dns-server-selection-04 Teemu Savolainen (Nokia) Jun-ya Kato (NTT) MIF WG meeting.
Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.

Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.
1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.

1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.
Telematics group University of Göttingen, Germany Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol Xiaoming.

Telematics group University of Göttingen, Germany Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol Xiaoming.
1 IETF 64th meeting, Vancouver, Canada Design Options of NSIS Diagnostics NSLP Xiaoming Fu Ingo Juchem Christian Dickmann Hannes Tschofenig.

1 IETF 64th meeting, Vancouver, Canada Design Options of NSIS Diagnostics NSLP Xiaoming Fu Ingo Juchem Christian Dickmann Hannes Tschofenig.
July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.

July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.
1 IETF 64th meeting, Vancouver, Canada Context Transfer Using GIST Xiaoming Fu John Loughney.

1 IETF 64th meeting, Vancouver, Canada Context Transfer Using GIST Xiaoming Fu John Loughney.
Benchmarking Terminology for Routers Supporting Resource Reservation Gábor Fehér, Krisztián Németh, András Korn Budapest University of Technology and Economics.

Benchmarking Terminology for Routers Supporting Resource Reservation Gábor Fehér, Krisztián Németh, András Korn Budapest University of Technology and Economics.
David A. Bryan, PPSP Workshop, Beijing, China, June 17th and 18th 2010 Tracker Protocol Proposal.

David A. Bryan, PPSP Workshop, Beijing, China, June 17th and 18th 2010 Tracker Protocol Proposal.
Draft-gu-ppsp-protocol-00 PPSP Session IETF 77, Anaheim March 22, 2010.

Draft-gu-ppsp-protocol-00 PPSP Session IETF 77, Anaheim March 22, 2010.
PPSP Tracker Protocol draft-gu-ppsp-tracker-protocol PPSP WG IETF 82 Taipei Rui Cruz (presenter) Mário Nunes, Yingjie Gu, Jinwei Xia, David Bryan, João.

PPSP Tracker Protocol draft-gu-ppsp-tracker-protocol PPSP WG IETF 82 Taipei Rui Cruz (presenter) Mário Nunes, Yingjie Gu, Jinwei Xia, David Bryan, João.
NSIS NATFW NSLP: A Network Firewall Control Protocol draft-ietf-nsis-nslp-natfw-08.txt IETF NSIS Working Group January 2006 M. Stiemerling, H. Tschofenig,

NSIS NATFW NSLP: A Network Firewall Control Protocol draft-ietf-nsis-nslp-natfw-08.txt IETF NSIS Working Group January 2006 M. Stiemerling, H. Tschofenig,
Brett Neely IP Next Generation. To boldly go where no network has gone before...

Brett Neely IP Next Generation. To boldly go where no network has gone before...
NSIS Path-coupled Signaling for NAT/Firewall Traversal Martin Stiemerling, Miquel Martin (NEC) Hannes Tschofenig (Siemens AG) Cedric Aoun (Nortel)

NSIS Path-coupled Signaling for NAT/Firewall Traversal Martin Stiemerling, Miquel Martin (NEC) Hannes Tschofenig (Siemens AG) Cedric Aoun (Nortel)
0 NAT/Firewall NSLP IETF 61th November 2004 draft-ietf-nsis-nslp-natfw-04.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.

0 NAT/Firewall NSLP IETF 61th November 2004 draft-ietf-nsis-nslp-natfw-04.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
0 NAT/Firewall NSLP IETF 62th – March 2005 draft-ietf-nsis-nslp-natfw-05.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.

0 NAT/Firewall NSLP IETF 62th – March 2005 draft-ietf-nsis-nslp-natfw-05.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.

Similar presentations

Ads by Google