[Pana] Source and Destination IP address

Wed, 27 Sep 2006 03:06:09 -0700 


6.1.  IP and UDP Headers

   Any PANA message is unicast between the PaC and the PAA.  The source
   and destination addresses SHOULD be set to the addresses on the
   interfaces from which the message will be sent and received,
   respectively.
It is nonsensical to talk about the sender of a message setting the destination IP address to anything other than the address that will eventually lead to an interface on a PAA.
As for the source address, it sounds as if you are saying that the PANA message SHOULD not be spoofed. I think it is very important to get this source address correct, particularly if the Device ID is a source IP address, and this same source IP address is going to be used to setup filters (as per our previous discussion). 


   The source port of an unsolicited PANA message MUST be set to a value
   chosen by the sender.  The destination port MUST be set to the peer's
   port number if it has already been discovered via earlier PANA
   exchanges, set to the assigned PANA port (To Be Assigned by IANA)
   otherwise.
What is meant by "earlier PANA exchanges"? If a PANA session has the ability to move off of a registered UDP port, I would think that this would only last for a given PANA session. For example, based on this wording one might think: "Yesterday, when contacting PAA foo I used UDP port number 12345. So, I must still be able to use 12345 today." Surely that is not correct.
If by "unsolicited" you mean the initiating PANA messages (a PCI, for example) then I believe it should always be sent on the IANA specified port number. I'm not sure why you wouldn't want to make this true for all PANA messages, in fact. It certainly makes implementations simpler if the dest port is always the same, not to mention intervening equipment that may need to snoop what is happening to open up filters, or allow just PANA messages through for a period of time, etc. (DSLAMs, for example, on a DSL access network, may need to do this). I would highly recommend sticking to ONE dest UDP port, unless you really need a reason to move off of it (and I'd like to know what that reason is). 

- Mark


_______________________________________________
Pana mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/pana

Reply via email to