[14:48:48] --- brabson has become available
[14:52:33] --- warlord has become available
[14:53:13] --- dthaler has become available
[14:53:58] --- shep has become available
[14:54:23] --- Ted Faber has become available
[14:55:15] --- dinakar has become available
[14:55:38] <dthaler> now in agenda bashing item
[14:55:57] <dthaler> 15 mins, problem statement
[14:56:15] <dthaler> 3 possible approaches: auto prefix assignment 15 mins
[14:56:25] <dthaler> L2 bridges and Rbridges, 30 mins
[14:56:37] <dthaler> how do approaches match problem stmt, 10 mins
[14:56:46] <dthaler> discussion 30 mins
[14:57:38] <dthaler> now on IPVLX Problem Statement (Nordmark)
[14:58:23] --- Ted Faber has left
[14:58:36] <dthaler> bridges have 0-config but limited by spanning tree
[14:58:44] --- Glenn Parsons has become available
[14:59:00] <dthaler> routers use redundant paths but address changes when host moves
[14:59:13] <dthaler> task is to investigate a hybrid
[14:59:39] <dthaler> constraints: no changes to hosts or routers
[15:00:53] <dthaler> desirable to have 0 config, no address changes, shortest routes, quick failover
[15:02:20] <dthaler> support both v4 and v6, both unicast and multicast
[15:02:32] --- rgaglian has become available
[15:02:39] <dthaler> also don't prevent Secure Neighbor Discovery
[15:04:19] --- yushun has become available
[15:05:03] <dthaler> Pekka Savola: on the security issue, can't apply existing L3 filters/policies if use this across a large org
[15:05:40] <dthaler> Nordmark: right, the "do no harm" can be taken differently compared to a large routed network, vs a large bridged network
[15:05:58] --- AndrewDMcGregor has become available
[15:06:45] <dthaler> Thomas Narten: applicability may be limited to cases where all hosts in the same area have similar security policies
[15:07:12] --- sakai has become available
[15:09:43] <dthaler> somerfield:best comparison is against bridged networks, not replacing what routers do today
[15:10:48] <dthaler> Joe Touch: not giving up the ability to do VLANs, controlling entry points etc, just providing a richer environment in which they can be controlled
[15:12:05] --- sommerfeld has become available
[15:12:07] --- vm has become available
[15:12:16] --- rik wade has become available
[15:12:20] <sommerfeld> s/sommerfield/sommerfeld/
[15:12:27] <dthaler> Bob Hinden: what about use in a cell phone which wants to share a /64 to devices behind it
[15:12:35] <dthaler> [thanks for the spelling correction :]
[15:12:55] <sommerfeld> no problem.
[15:13:40] <dthaler> Nordmark: this is focussed on large bridged networks
[15:14:31] <dthaler> on to next agenda item... Hilarie Orman on auto prefix assignment
[15:15:14] --- Glenn Parsons has left: Replaced by new connection
[15:18:13] --- sureshkr has become available
[15:18:28] <dthaler> need to support topology changes, cooperate with DHCP, and don't interfere with e2e connections
[15:18:57] <dthaler> one approach is a central authority giving out subnet numbers (need elections to prevent single point of failure)
[15:19:48] <dthaler> in a distributed approach, routers use a peer-to-peer protocol to claim subnet numbers
[15:20:16] --- sureshkr has left: Replaced by new connection
[15:20:16] --- sureshkr has become available
[15:20:17] --- sureshkr has left
[15:20:34] --- sureshkr has become available
[15:20:35] <dthaler> but might be slow at startup, partitions get complicated, and so does authentication (e.g. secure multicast keying)
[15:22:06] <dthaler> in the event of a partition, don't want same number to be allocated on both sides and have conflict on partition heal, and require renumbering
[15:22:23] --- rik wade has left: Replaced by new connection
[15:22:24] --- rik wade has become available
[15:22:42] <dthaler> if want to maintain session across a movement between routers, then this is also messy
[15:22:49] --- Glenn Parsons has become available
[15:23:45] <dthaler> mobility also makes it hard to know best subnet size (in IPv4) so have to overprovision address space
[15:24:22] <dthaler> if want true mobility at L3, need mobile IP
[15:27:21] --- dusty45 has become available
[15:28:11] <dthaler> Narten asked what bridges discover about the topology, and Nordmark is explaining that bridges only do spanning tree, they don't discover the topology
[15:29:37] <dthaler> Pat Thaler: right, also the spanning tree protocol also currently has a 7-hop limit
[15:30:47] --- sureshkr has left: Replaced by new connection
[15:30:47] --- sureshkr has become available
[15:30:47] --- sureshkr has left
[15:31:39] --- Suresh Krishnan has become available
[15:32:33] <dthaler> ?: what about use in wireless
[15:34:03] <dthaler> now on Radia Perlman, RBridges item
[15:35:14] <dthaler> goal is to be compatible with existing bridges, nodes, and routers
[15:36:25] <dthaler> bridges are not optimal, temporary loops are a disaster, and have choice of meltdowns or very conservative failover
[15:41:33] <dthaler> bridges shut down ports in a network until a spanning tree remains, goal of RBridges is to allow the other ports to be used
[15:43:54] <dthaler> currently default bridge failover time is 30 seconds, people don't want to wait that long to bring up an unused port
[15:47:15] <dthaler> RBridge terminates bridge area (that is, RBridge is not part of spanning tree, same as if it were a router)
[15:47:36] <dthaler> uses an ospf-like link-state protocol between RBridges
[15:48:42] <dthaler> end nodes are reported in link state msgs
[15:49:06] <dthaler> also requires encapsulation, to include hop count
[15:49:48] <dthaler> RBridges respond to ARPs from own cache (if know the answer about another endnode)
[15:51:37] <dthaler> encapsulation header has S=sending rbridge, D=dest rbridge, proto="transit", hop count, then original L2 packet
[15:53:26] --- vm has left: Replaced by new connection
[15:54:04] <dthaler> RBridge needs to listen to either data packets or routing messages from routers to learn L2 addresses of IP routers
[15:54:49] <dthaler> RBridge can ping directly attached endnodes to see if still there and update linkstate database
[15:54:58] --- vm has become available
[15:55:01] <dthaler> looks to routers like a bridge, looks to bridges like a router
[15:55:33] <dthaler> Greg Daley: ping is bad since some nodes won't respond, but maybe ARP
[15:56:30] <dthaler> also RBridges could try to be spanning tree roots
[15:58:38] <dthaler> Dave Plonka (U. Wisconsin): uses rapid spanning tree algorithm but still runs into trouble. why go to layer 3 instead of using a tag for link-state info
[16:00:53] <dthaler> ?: what about L2 VPNs? could use MPLS as another solution
[16:01:00] <sakai> 境の今日の残り予定はメールした。ipvlxもルーティング屋には面白そうかも
[16:01:38] <dthaler> Rob Austein: just to confirm, this doesn't defend against L3 things like broadcast storms
[16:02:00] <sakai> sorry to all, I mistake posting
[16:02:15] <dthaler> Hugh Holbrook: since this is Ethernet-in-Ethernet encapsulation, how is this related to the IETF?
[16:03:15] <dthaler> and could you use IP for encapsualtion
[16:05:35] <dthaler> (which already has a hop count in it)
[16:06:22] <dthaler> Perlman: other types of link (non-Ethernet) would need different types of encapsulation headers than Ethernet
[16:07:34] <dthaler> Orman: how big can these networks get? (roughly same as a single layer OSPF network)
[16:08:19] <dthaler> large networks generally want isolation for trust reasons
[16:10:14] <dthaler> ?#2: lots of overlap with L2 VPNs. What about multicast?
[16:10:22] <dthaler> Perlman: yet to be worked out. Could do something like MOSPF.
[16:11:40] <dthaler> Christian Huitema: taking reports from unauthenticated hosts in a large network has huge potential for misuse.
[16:12:01] <dthaler> Perlman: could say require SEND to learn information
[16:14:51] <dthaler> Sommerfeld: as a replacement for existing bridges, this can be an improvement. some concerns like need to preserve ARP duplicate detection. Also need to allow hosts to use same IP address from multiple MACs.
[16:16:03] <dthaler> Greg Daley: encapsulation also tricky due to 1500 MTU issues
[16:18:05] <dthaler> ?#1: pinging hosts can cause ARP storms
[16:18:11] --- norifmi has become available
[16:18:57] <dthaler> Nordmark: since this is still one broadcast domain, still has limited scalability
[16:20:31] <dthaler> Perlman: on the MTU issue, rbridge can send back packet too big error to cause host to drop MTU
[16:22:12] <dthaler> Narten: if hosts with 2 interfaces on same network, can't use routing metrics to optimize which to use, like in L3
[16:23:00] <dthaler> Roque Gagliano: do we need to change routing protocols for this use?
[16:23:18] <dthaler> Perlman: see the paper on www.postel.org/rbridge
[16:23:33] <dthaler> need to include a couple of TLVs
[16:24:12] <dthaler> Aidan Williams: rbridge has to have an IP address to use the protocol
[16:26:05] <dthaler> Joe Touch: compared to just replacing the spanning tree protocol, this also uses encapsulation for backwards compatibility
[16:27:12] <dthaler> ?#3: there's a new 802 project which is MAC-in-MAC encapsulation which is related work
[16:27:48] --- rik wade has left
[16:28:49] --- yushun has left: Replaced by new connection
[16:34:51] <dthaler> Dave Thaler: polling is harmful, since some devices want to go to sleep to conserve power. So if requirement is no change to hosts, and do no harm, then must not poll. Need to be timer based or notice when it shows up somewhere else, instead.
[16:36:58] <dthaler> Huitema: wonder why this should be in the IETF. In bridge networks, it's not limited to payloads that are IP.
[16:40:56] <dthaler> would be better to address within IEEE 802
[16:44:25] --- rgaglian has left
[16:44:46] <dthaler> polled room for interesting, interesting in IETF, interesting in IEEE 802?
[16:44:49] <dthaler> some hands for each
[16:45:57] --- warlord has left
[16:48:13] <dthaler> Tim Shepard: not sure it's good to encourage use of large LANs, due to security issues
[16:49:08] <dthaler> Orman: 0 config is important, but agree with Huitema on need to keep L2 and L3 separate
[16:50:02] <dthaler> Dave Plonka: interesting, but not in IETF. Doing it in IETF is probably divisive.
[16:50:33] --- sakai has left
[16:51:01] <dthaler> ?: interested in this work in a home network, including non-compatible link-layers
[16:52:14] <dthaler> Joe Touch: L2 VPN is in the IETF, it's similar
[16:53:11] <dthaler> ?: might be better to merge into L2VPN effort
[16:54:53] <dthaler> narten: L2VPN is about extending L2 over a WAN, and this is about extending L2 over a LAN
[16:55:25] <dthaler> Aidan Williams: this is probably a routing technology, and the IETF is where that knowledge is
[16:57:26] <dthaler> meeting is adjoruned
[16:58:02] --- brabson has left: Disconnected
[16:59:14] --- Glenn Parsons has left: Disconnected
[17:00:11] --- shep has left: Logged out
[17:00:12] --- shep has become available
[17:00:12] --- shep has left: Logged out
[17:03:09] --- dinakar has left: Disconnected
[17:03:47] --- AndrewDMcGregor has left: Disconnected
[17:06:28] --- vm has left: Disconnected
[17:06:43] --- dusty45 has left: Disconnected.
[17:12:43] --- norifmi has left: Disconnected
[17:15:49] --- dinakar has become available
[17:16:05] --- dthaler has left: Disconnected
[17:17:19] --- Suresh Krishnan has left: Disconnected
[17:18:04] --- Suresh Krishnan has become available
[17:18:48] --- dusty45 has become available
[17:18:56] --- dusty45 has left
[17:19:16] --- Suresh Krishnan has left
[17:26:46] --- AndrewDMcGregor has become available
[17:27:03] --- AndrewDMcGregor has left
[17:34:34] --- sommerfeld has left
[17:38:23] --- dinakar has left: Disconnected
[18:21:07] --- Q has become available
[18:23:09] --- Q has left