I expect Ramesh has already had a way to log dst IP and port if this is 
required by regulators.

Sent from mobile device, pardon possible typo.

> On May 7, 2018, at 7:28 AM, "mohamed.boucad...@orange.com" 
> <mohamed.boucad...@orange.com> wrote:
> 
> Hi Yiu, 
> 
> This may help but this is not sufficient if supplying "Destination IP + Port 
> (public)" is required. 
> 
> Technically the BR may extract and record the destination IPv4 address/port 
> and source IPv6 prefix when doing its stateless decapsulation/translation, 
> but this is not a "native" feature of a BR/lwAFTR. 
> 
> Cheers,
> Med
> 
>> -----Message d'origine-----
>> De : Int-area [mailto:int-area-boun...@ietf.org] De la part de Lee, Yiu
>> Envoyé : lundi 7 mai 2018 13:16
>> À : ramesh.r.chan...@ril.com
>> Cc : softwi...@ietf.org; int-area@ietf.org; ianfar...@gmx.com
>> Objet : Re: [Int-area] [EXTERNAL] Re: [Softwires] ISP CGN logging inc.
>> Destination ??
>> 
>> Just a quick thought. Will the dhcpv6 logs help?
>> 
>> Sent from mobile device, pardon possible typo.
>> 
>>> On May 7, 2018, at 7:06 AM, "ramesh.r.chan...@ril.com"
>> <ramesh.r.chan...@ril.com> wrote:
>>> 
>>> Dear Ian,  thanks for clarifications.
>>> 
>>> Regulator in India mandated to preserve the following details for each
>> flow.
>>> 1.    Source IP + Port (private for end subscriber device)
>>> 2.    Destination IP + Port (public)
>>> 3.    Translated IP + port (public)
>>> 4.    Date and time
>>> 
>>> There is no brainer and all this is available in NAT44. MAP being
>> stateless, no such data available from MAP-BR. We are exploring alternate
>> option on BR to create this data in MAP.
>>> 
>>> Pls advise.
>>> 
>>> Regds
>>> ramesh
>>> -----Original Message-----
>>> From: ianfar...@gmx.com [mailto:ianfar...@gmx.com]
>>> Sent: 04 May 2018 17:28
>>> To: Rajiv Asati (rajiva)
>>> Cc: Softwires-wg list; int-area@ietf.org; Ramesh R Chandra
>>> Subject: Re: [Softwires] ISP CGN logging inc. Destination ??
>>> 
>>> Hi Rajiv,
>>> 
>>> Please see inline.
>>> 
>>> Cheers,
>>> Ian
>>> 
>>>> On 4. May 2018, at 12:01, Rajiv Asati (rajiva) <raj...@cisco.com> wrote:
>>>> 
>>>> Ian,
>>>> 
>>>> Thanks for sharing the URL. While not explicit, “all metadata” would
>> include both source and destination A+P. Is that the right interpretation?
>>> 
>>> [if - My understanding is that per-flow logging is necessary to meet the
>> requirement, but I’m not familiar enough with the legislation to know what
>> exactly needs to be stored.]
>>> 
>>>> 
>>>> If an ISP were to use “binding” mode on the BR, then without using net
>> flow/IPFIX, How could the compliance be achieved ?
>>> 
>>> [if - If there’s address sharing and the requirement is to provide an exact
>> match to a data retention request (in some countries, a list of e.g. 16 users
>> is OK), then AFAICS, you have to use IPFIX.
>>> 
>>> The implementation problem for this is compounded by the lack of state
>> table on most BR implementations (e.g. how do you know when a UDP session has
>> completed without state for that flow?)]
>>> 
>>> 
>>> "Confidentiality Warning: This message and any attachments are intended
>> only for the use of the intended recipient(s).
>>> are confidential and may be privileged. If you are not the intended
>> recipient. you are hereby notified that any
>>> review. re-transmission. conversion to hard copy. copying. circulation or
>> other use of this message and any attachments is
>>> strictly prohibited. If you are not the intended recipient. please notify
>> the sender immediately by return email.
>>> and delete this message and any attachments from your system.
>>> 
>>> Virus Warning: Although the company has taken reasonable precautions to
>> ensure no viruses are present in this email.
>>> The company cannot accept responsibility for any loss or damage arising
>> from the use of this email or attachment."
>>> _______________________________________________
>>> Softwires mailing list
>>> softwi...@ietf.org
>>> https://www.ietf.org/mailman/listinfo/softwires
>> _______________________________________________
>> Int-area mailing list
>> Int-area@ietf.org
>> https://www.ietf.org/mailman/listinfo/int-area
_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area

Reply via email to