Hi Rajiv, > On 4 May 2018, at 11:36, Rajiv Asati (rajiva) <[email protected]> wrote: > >> For what it’s worth, my Internet draft also discourages >> connection/destination logging - draft-daveor-cgn-logging-04 (see section >> 3). > > Besides the size of the log data, the CGN implementations may take a > performance hit if destination A+P also needs to be logged (e.g. connection > log), resulting in increased CGN investment. >
Good point. Will incorporate in next draft. > >> outlined the regulatory alternatives that are the only options left for >> dealing with CGN crime attribution (if source port logging at internet >> facing servers does not become routine) - one of which was this form of >> connection logging. > > The need for connection logging may go beyond the concern of size of logging > data - user privacy. And this carries over to not only A+P techniques, but > also IPv6. IOW, this concern may not be limited to address sharing > techniques. > I completely agree with you. In fact, I have already started to investigate the IPv6 attribution issues. See https://datatracker.ietf.org/doc/draft-daveor-ipv6-crime-attribution/. This document is still preliminary so I would be very interested in any feedback you might have. Best, daveor _______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires
