Hi Suresh, Please see inline.
Cheers, Med >-----Message d'origine----- >De : Suresh Krishnan [mailto:[email protected]] >Envoyé : mercredi 13 février 2013 07:17 >À : Brian Haberman >Cc : [email protected]; >[email protected] >Objet : Re: [Int-area] AD evaluation: >draft-ietf-intarea-nat-reveal-analysis > >>>> >>>> * Shouldn't there be an additional metric that covers the >impact/cost of >>>> needing client or middlebox code changes? >>>> >>>> * Where did the 100% success ratio for IP-ID come from? >There have been >>>> documented cases of OSes setting the Identification field >to zero. If >>>> that is true, the success ratio can't be 100% can it? >>> >>> This technique involves the translator (and not the sender) >setting the >>> IP-ID field. That is why it can still work with OSes on >senders setting >>> the IP-ID to zero. >> >> You still have the issue of the middlebox setting that ID to >something >> that potentially impacts fragmentation reassembly. So, I would still >> like to know how that 100% success ratio was collected. > >Makes sense. I read the test result % to mean successful connection >establishment and identification. Med, can you elaborate a bit on what >exactly was tested and what the success % means. > Med: I made the following changes: OLD: o "Success ratio" indicates the ratio of successful communications when the option is used. Provided figures are inspired from the results documented in [Options]. NEW: o "Success ratio" indicates the ratio of successful communications with remote servers when the HOST_ID is injected using a candidate solution. And added this NEW text: Provided success ratio figures for TCP and IP options are inspired from the results documented in [Options] [I-D.abdo-hostid-tcpopt-implementation][ExtendTCP]. The provided success ratio for IP-ID is theoretical; it assumes the address sharing function follows the rules in [RFC6864] to re-write the IP Identification field. Since PROXY and HIP are not widely deployed, the success ratio to establish a communication with remote servers using these protocols is low. The success ratio for ICMP-based solution is implementation-specific but it is likely to be close to 100%. A remote server which does not support the ICMP-based solution will ignore received companion ICMP messages. An upgraded server will need to hold accepting a session until receiving the companion ICMP message. The success ratio depends on how efficient the solution is implemented at the server side. The success ratio for IDENT solution is implementation-specific but it is likely to be close to 100%. A remote server which does not support IDENT will accept a session establishment request following its normal operation. An upgraded server will need to hold accepting a session until receiving the response to IDENT request it will send to the host. The success ratio depends on how efficient the solution is implemented at the server side. Cheers; Med _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
