Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02

To: Fernando Gont <fernando at gont.com.ar>
Subject: Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
From: Joe Touch <touch at ISI.EDU>
Date: Mon, 19 Oct 2009 04:04:12 -0700
Cc: "ah at tr-sys.de" <ah at tr-sys.de>, tsvwg <tsvwg at ietf.org>, "apps-discuss at ietf.org" <apps-discuss at ietf.org>, "draft-ietf-tsvwg-iana-ports at cabernet.tools.ietf.org" <draft-ietf-tsvwg-iana-ports at cabernet.tools.ietf.org>, "port-srv-reg at ietf.org" <port-srv-reg at ietf.org>
Delivered-to: apps-discuss at core3.amsl.com
In-reply-to: <4ADC450F.6030302 at gont.com.ar>
List-archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-post: <mailto:apps-discuss@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
References: <200909291410.QAA19651 at TR-Sys.de> <7D5E249F-06D0-45DB-A63A-33303229F457 at nokia.com> <6468cc520910050215x9314627uf8c28b25a4ecd13d at mail.gmail.com> <8E6CA11C-76C4-405F-87DA-0627850B3280 at nokia.com> <6468cc520910050253i48056e8ewdbd5f8f5ba7aa517 at mail.gmail.com> <2F32CF52-93C7-4D26-B3DF-D3F94ADFE383 at muada.com> <4ACA69C5.1060802 at gont.com.ar> <4ADBBDA9.3090102 at isi.edu> <4ADC1165.6090207 at gont.com.ar> <4ADC2A34.4000602 at isi.edu> <4ADC3ED2.3040708 at gont.com.ar> <4ADC4089.6070404 at isi.edu> <4ADC450F.6030302 at gont.com.ar>
User-agent: Thunderbird 2.0.0.23 (Windows/20090812)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fernando Gont wrote:
> Joe Touch wrote:
> 
>> It'd be useful to consider whether there are actually 15K connections
>> and thus a real problem, 
> 
> file sharing (p2p) applications tend to create lots of connections.
> Although I wouldn't go as far as 15K (at least for *my* client systems).
> When it comes to e.g., a busy web-proxy server and similar systems, I
> guess the number of ongoing connections increases quite a bit.

If these are persistent connections between two IP addresses for the
same service, it begs the question of whether the connections should be
persistent.

>> or whether the hosts are incompletely
>> implementing port reuse checks that prevent a port from being used for
>> different IP addresses simultaneously. 
> 
> Unfortunately, you need to do this. See the API section in the CPNI TCP
> document (i.e., connection stealing).
> 
> If we had socket(),bind(), and listen() combined in a single system call
> (and that was the only way to do things), then I'd agree that we could
> implement the checks you refer to.

I'm talking about a system that declares port 49999 "in use" for all IP
addresses when it's in use for one, just to save the space and/or
computation of keeping more detailed state. I wasn't referring to the
checks that are required as a result of the lack of a single OS call to
setup a connection.

>> Again, though, making the
>> space even 4x larger has only a 4x impact on current issues - that's not
>> all that much, IMO.
> 
> Not all that much... but certainly better than 1x.

A X increase in BW results in an X^2 increase in vulnerability, as
explained in RFC4953. A X increase in ports would result in an X
increase in resistance, which isn't going to keep up. I.e., this is a
small and fixed one-time increase that simply won't have enough of an
impact to justify changes in how we assign or use ports. There are other
good reasons (allowing endpoints to determine port use, removing the
need for an index, etc.), but not this.

Joe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iEYEARECAAYFAkrcR6sACgkQE5f5cImnZrs/iQCguPBezBn1SeDtz80HQX+pqCbh
srwAoMn0tJN5qQOoYTYa0LY+wy6pCgN2
=vaXt
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
  - From: Eliot Lear

References:
- draft-ietf-tsvwg-iana-ports-02
  - From: Alfred Hönes
- Re: [tsvwg] draft-ietf-tsvwg-iana-ports-02
  - From: Lars Eggert
- Re: [tsvwg] draft-ietf-tsvwg-iana-ports-02
  - From: Fernando Gont
- Re: [tsvwg] draft-ietf-tsvwg-iana-ports-02
  - From: Lars Eggert
- Re: [tsvwg] draft-ietf-tsvwg-iana-ports-02
  - From: Fernando Gont
- Re: [tsvwg] draft-ietf-tsvwg-iana-ports-02
  - From: Iljitsch van Beijnum
- Re: [tsvwg] draft-ietf-tsvwg-iana-ports-02
  - From: Fernando Gont
- Re: [port-srv-reg] [tsvwg] draft-ietf-tsvwg-iana-ports-02
  - From: Joe Touch
- Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
  - From: Fernando Gont
- Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
  - From: Joe Touch
- Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
  - From: Fernando Gont
- Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
  - From: Joe Touch
- Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
  - From: Fernando Gont

Prev by Date: Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
Next by Date: Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
Previous by thread: Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
Next by thread: Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02
Index(es):
- Date
- Thread

Re: [tsvwg] [port-srv-reg] draft-ietf-tsvwg-iana-ports-02

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.