IETF
mif@jabber.ietf.org
Thursday, March 6, 2014< ^ >
Olafur has set the subject to: IETF-85 Atlanta meeting in progress
Room Configuration
Room Occupants

GMT+0
[08:55:26] dmitry.anipko joins the room
[08:59:04] Ted Lemon joins the room
[08:59:46] Mark Townsley joins the room
[08:59:53] <Ted Lemon> Wow.   IETF 85.
[09:00:13] Andrew Yourtchenko joins the room
[09:02:19] <Andrew Yourtchenko> I'm the Jabber scribe.
[09:02:36] <Andrew Yourtchenko> Hui going over note well and agenda bashing now.
[09:03:27] <Andrew Yourtchenko> Dmitry Anipko coming to present MPVD architecture draft
[09:03:38] <Andrew Yourtchenko> slide 1
[09:03:51] <Andrew Yourtchenko> slide 2
[09:04:07] <Andrew Yourtchenko> (MPVD architecture update and re-cap)
[09:06:14] <Andrew Yourtchenko> Ian at the mic
[09:07:11] <Andrew Yourtchenko> Margaret commenting
[09:07:29] <Andrew Yourtchenko> Ian
[09:08:21] <Andrew Yourtchenko> Discussion was about the organization of the implicit domains.
[09:10:52] <Andrew Yourtchenko> slide 3
[09:11:10] <Andrew Yourtchenko> (Path to WGLC)
[09:11:29] <Andrew Yourtchenko> Lorenzo at the mic
[09:13:16] <Andrew Yourtchenko> (Most of the implementation is straightforward, but what happens if the application is listening to multiple addresses ? relationships between sockets and provisioning domains - 0.0.0.0/::, also UDP)
[09:13:39] dmitry.anipko leaves the room
[09:14:22] <Andrew Yourtchenko> Dmitry's comment: at a higher level agree it needs more elaboration, but in some cases it may not be required.
[09:15:31] <Andrew Yourtchenko> Lorenzo (suppose the node has 2 implicit PVDs - wifi and 3g, and i am an app and i call bind(::) and then listen. if i put that app into one pvd, say default wifi, if that app binds the :: in the wifi pvd, what happens if it receives syn from 3G interface ? "sorry you came on the wrong PVD, reset " ?)
[09:16:28] <Andrew Yourtchenko> Dmitry (it can bind to wifi interface only, and then yes, it will be a reset; you can also think of a case where both PVD are allowed , then it goes to both PVDs, so then we know which PVD connection is received; in case of UDP it may be harder)
[09:16:54] <Andrew Yourtchenko> Lorenzo (Say app uses a sockets API, once you called accept, the socket has to be bound to a particular PVD, it would be nice to cover this)
[09:17:47] <Andrew Yourtchenko> Lorenzo (Another thing that gets really complicated really quickly, if you have VPNs, you get security concerns that are fundamentally opposed to what is here. If you talk to security person, they will say the device must not connected to anything ever, besides VPN)
[09:18:44] <Andrew Yourtchenko> Dmitry (I think you are talking split/full tunneling - some people argue it's religion; as far as text is concerned it does not contradict this; the text describes the tool how you can implement both of that; it's a policy question. it enables it in a cleaner way)
[09:19:04] <Andrew Yourtchenko> Margaret (should maybe discuss this in security considerations)
[09:19:40] <Andrew Yourtchenko> Margaret (there is no notion that conceptually PVD stops you from shutting down all the other interfaces when you are connected)
[09:20:05] <Andrew Yourtchenko> Lorenzo (when you think of VPN it seems to match completely the PVD, but then turns out that this PVD may want to disable all the other PVDs)
[09:20:23] <Andrew Yourtchenko> Dmitry (we can have a text that this provides the tool to implement the scenarios, but does not give preference)
[09:20:28] <Andrew Yourtchenko> Markus S.
[09:21:27] <Andrew Yourtchenko> (You can have more than 1 provisioning domain per interface - we can have prefix-specific and interface-specific stuff coming from SP, and how it maps, I want to see a bit more explicit)
[09:21:31] <Andrew Yourtchenko> Keith Moore
[09:22:12] <Andrew Yourtchenko> (We are abstracting this config intformation; I lost count how many times the system administrator wanted to have a name for a particular chunk of a network)
[09:22:48] <Andrew Yourtchenko> (I have a feeling once you start to build things like this, other people will start similar things, but this is not quite what you have defined; a bit more foresight may be appropriate compared to narrow scope it does now)
[09:22:51] <Andrew Yourtchenko> Dmitry
[09:23:08] <Andrew Yourtchenko> (You will see it is a container for all sorts of other information, that is communicated today without notion of PVD)
[09:23:20] Andrew Sullivan joins the room
[09:23:25] <Andrew Yourtchenko> (if somebody needs another type of information, if approach itself works - should be easy to add)
[09:23:41] <Andrew Yourtchenko> (if you say approach itself does not work - tell us why which cases are that it does not work)
[09:23:55] <Andrew Yourtchenko> (but other elements can be easily inserted)
[09:23:57] <Andrew Yourtchenko> Keith
[09:24:10] <Andrew Yourtchenko> (I have a problem you have defined it as a container;)
[09:24:21] <Andrew Yourtchenko> Margaret
[09:24:29] <Andrew Yourtchenko> (We have a presentation about names for PDs)
[09:24:31] <Andrew Yourtchenko> Lorenzo
[09:24:53] <Andrew Yourtchenko> (When you connect to network, it is engineered that it works; if they are providing a service, if you do everything they tell you to do, it is supposed to work)
[09:25:07] <Andrew Yourtchenko> (you need a way to partition this information if you want to connect to multiple networks)
[09:25:18] <Andrew Yourtchenko> (so you need a split brain model, so you need a container)
[09:25:29] <Andrew Yourtchenko> (if you use weak host model, it is one pile)
[09:25:42] <Andrew Yourtchenko> (the idea was you do the minimum, to separate)
[09:25:48] <Andrew Yourtchenko> Keith
[09:26:01] <Andrew Yourtchenko> (I understood this, i will need to look at that; need to read the draft)
[09:26:27] <Andrew Yourtchenko> (I would like to see the work to discourage the enclaves)
[09:26:32] <Andrew Yourtchenko> Margaret
[09:26:43] <Andrew Yourtchenko> (There are different networks with different rules)
[09:26:47] Markus Stenberg joins the room
[09:26:56] <Andrew Yourtchenko> Lorenzo
[09:27:04] <Andrew Yourtchenko> (How do you deal with BCP38 then?)
[09:27:26] <Andrew Yourtchenko> Ted Lemon
[09:27:40] <Mark Townsley> Agree with Markus comment about prefix vs interface orientation.  - As an illustrative example: if I have a prefix that is marked as a "cellular" uplink from the home, and I receive that prefix over a "wifi" link on the host in that home, that prefix should be considered "cellular" from the perspective of that host.
[09:27:42] <Andrew Yourtchenko> (This is an opinion oriented discussion, we do not need to continue discussing)
[09:27:59] <Andrew Yourtchenko> Mark: do you want me to relay this to the mic?
[09:28:07] <Mark Townsley> At some point, yes.
[09:28:32] <Andrew Yourtchenko> I think he said there will be slide with this, so I will see if this is covered there, else i will bring it up.
[09:28:32] <Mark Townsley> Since only 5 people are in the jabber room, including you and me :-)
[09:28:44] <Mark Townsley> yes, you can wait until then. thanks.
[09:29:05] Dan Wing joins the room
[09:29:12] <Andrew Yourtchenko> slide 4
[09:29:48] <Andrew Yourtchenko> homenet / one ISP - # of PVDs, their elements
[09:30:15] <Andrew Yourtchenko> Mark: so looks like it is covered in this slide ?
[09:30:20] <Ted Lemon> Mark, we've considered that scenario, and thought the document addressed it.   If it doesn't, we should discuss, because it's definitely a scenario the design considered important, and needs to be properly addressed in the draft.
[09:30:39] <Markus Stenberg> this is trivialized non-example
[09:30:42] <Markus Stenberg> of what I was trying to example
[09:30:43] <Ted Lemon> Yes.
[09:30:46] <Markus Stenberg> err, describe
[09:31:10] <Markus Stenberg> from my point of view, realistic home network has 2+ ISPs, and 3+ prefixes (that's my home)
[09:31:14] <Ted Lemon> The scenario that we're interested in is making it so that if you connect to a router that's connected to two PvDs, you get the same experience as if you connect directly to the two PvDs.
[09:31:20] <Markus Stenberg> and describing how that works is much more interesting
[09:31:36] <Ted Lemon> I'm not sure why Dmitry did it this way—I suspect to fit it on the side.
[09:31:37] <Ted Lemon> slide
[09:31:47] <Andrew Yourtchenko> slide 5
[09:31:56] <Andrew Yourtchenko> (homenet / one ISP - ID, integrity check)
[09:32:39] <Mark Townsley> Agree that it is more complex than my example. My example is to be illustrative - to point out that "wifi" doesn't always mean "wifi"
[09:33:13] <Markus Stenberg> yeah, different external PVDs have different characteristics
[09:33:22] <Markus Stenberg> one mf my ISPs is also backup 3G link
[09:33:22] <Ted Lemon> yup
[09:33:34] <Markus Stenberg> and I'd hate if it was used by default by 'woah, we haz LAN' clients
[09:34:11] <Ted Lemon> That's a hard problem to solve for non-PvD-aware clients.
[09:34:15] <Andrew Yourtchenko> slide 6
[09:34:28] <Markus Stenberg> router could do it
[09:34:35] <Markus Stenberg> offer relevant PVDs available at the time, perhaps
[09:34:40] <Andrew Yourtchenko> Ted: AFAIK there is some option today (?) which tells the clients "tread lightly"
[09:34:44] <Andrew Yourtchenko> Margaret at the mic
[09:34:52] <Mark Townsley> ok - the "train" case is what I was talking about.
[09:35:06] <Andrew Yourtchenko> (You said how is the PVD propagated. I view(ed) as something that is created on each host based on its interfaces)
[09:35:30] <Andrew Yourtchenko> (This brought up the question is how the hosts behind the router know they are connected by two ISPs)
[09:35:41] <Andrew Yourtchenko> Mark: I think Margaret just covered this example of yours ?
[09:36:17] <Mark Townsley> yes. - almost.
[09:36:58] <Mark Townsley> Go ahead and relay now andrew
[09:37:10] <Markus Stenberg> think line was cut :p
[09:37:22] <Mark Townsley> after I said "please relay"
[09:37:58] Dave Thaler joins the room
[09:38:35] <Mark Townsley> Great, thank you!
[09:38:39] <Andrew Yourtchenko> Suresh
[09:38:39] Juan-Pedro Cerezo Martin joins the room
[09:39:03] <Andrew Yourtchenko> (My understanding of all the discussions everything is coming from the source of the configuration, so there is something coming down from the home router)
[09:39:05] <Andrew Yourtchenko> Dmistry
[09:39:34] <Andrew Yourtchenko> (If that's the case then what is the mechanism that bridges the channel to ISP in the information neighbor discovery if ND is used inside the home)
[09:39:36] <Andrew Yourtchenko> Suresh
[09:39:46] <Andrew Yourtchenko> (Even if ND is used within the home, then from ISP to router it is not)
[09:39:47] <Andrew Yourtchenko> Dmitry
[09:40:01] <Andrew Yourtchenko> (Some clarity would help, we need that in the text explicitly)
[09:40:04] <Andrew Yourtchenko> Keith Moore
[09:40:25] <Andrew Yourtchenko> (Wonder if there is need to have explicit hierarchical relationship between PVDs)
[09:40:26] <Andrew Yourtchenko> Dmitry
[09:40:52] <Andrew Yourtchenko> (We discussed, so far the decision is that we can not define that - but it is not a final answer, please come up with the scenario and talk to us)
[09:40:57] <Andrew Yourtchenko> Keith
[09:41:33] <Markus Stenberg> blink.. information about connections doesn't sound like policy to me
[09:41:36] <Andrew Yourtchenko> (There is a lot of cases where the practice is bad; Network should not dictate the policy to the host in the architectural manner)
[09:41:37] <Markus Stenberg> perhaps I just fail to see something
[09:42:01] <Andrew Yourtchenko> slide 7
[09:42:25] <Andrew Yourtchenko> Markus: I view it as "if you do X then it will work"
[09:42:41] <Andrew Yourtchenko> arguably you could generalize it to the policy too
[09:42:44] <Ted Lemon> Keith is a strong proponent for keeping things simpler.   I don't think we can keep things as simple as he wants, but that's been his position for as long as I've known him (e.g., back in the zeroconf days).
[09:42:45] <Andrew Yourtchenko> Dapeng presenting
[09:42:50] <Andrew Yourtchenko> API extensions
[09:42:56] <Andrew Yourtchenko> slide "update summary"
[09:43:06] dmitry.anipko joins the room
[09:43:25] <Andrew Yourtchenko> slide with no title, next
[09:43:35] <Andrew Yourtchenko> bullet point "section 3.1 provisioning domains"
[09:44:00] <Andrew Yourtchenko> slide with bullet point "section 3.2 …"
[09:44:04] <Dave Thaler> “Everything should be made as simple as possible, but no simpler.” --Albert Einstein
[09:44:11] <Andrew Yourtchenko> slide with bullet "Section 4"
[09:44:39] <Andrew Yourtchenko> next slide
[09:44:43] <Andrew Yourtchenko> section 3.2.7.21
[09:44:56] <Andrew Yourtchenko> @Dmitry: I tried sort-of-make notes above within jabber, see if you have any corrections or can use that.
[09:45:02] <Andrew Yourtchenko> slide "references"
[09:45:14] <Andrew Yourtchenko> slide "Next Step"
[09:45:30] <Andrew Yourtchenko> Margaret
[09:46:19] <Andrew Yourtchenko> Shweta presenting "Identification of provisioning domains" draft
[09:46:27] <Andrew Yourtchenko> draft-kkbg-mpvd-id-00
[09:46:31] <Andrew Yourtchenko> slide 2
[09:47:23] <Andrew Yourtchenko> slide 3
[09:48:26] <Andrew Yourtchenko> Ted at the mic
[09:48:35] <Andrew Yourtchenko> Dave Thaler
[09:48:37] <Andrew Yourtchenko> at the mic
[09:49:30] <Andrew Yourtchenko> Margaret at the mic
[09:50:52] Jared Mauch joins the room
[09:52:12] <Andrew Yourtchenko> Suresh at the mic
[09:53:35] <Andrew Yourtchenko> one human readable + one globally unique => need a section discussing security implications of this, imho
[09:54:50] <Markus Stenberg> I don't even see why they want strict global uniqueness
[09:54:53] <Andrew Yourtchenko> Bernie Volz
[09:54:57] <Markus Stenberg> uniqueish is enough for this application I think
[09:55:21] <Andrew Yourtchenko> unique within the list that is seen locally - so this means it should be unique, so by accident there's no collision
[09:55:27] <Andrew Yourtchenko> Dave Thaler at the mic
[09:55:32] <Markus Stenberg> indeed
[09:55:48] <Markus Stenberg> that was my point, they were talking about (strict) global uniqueness requirement
[09:55:50] <Markus Stenberg> which is not really true
[09:56:00] <Markus Stenberg> just low likelihood of conflict
[09:56:06] <Andrew Yourtchenko> Suresh in the queue, i will go into the queue to chime on my own :)
[09:57:52] <Andrew Yourtchenko> Suresh at the mic
[09:58:06] <Andrew Yourtchenko> Ted Lemon
[09:58:08] <Andrew Yourtchenko> at the mic
[09:58:35] <Andrew Yourtchenko> Markus at the mic
[09:59:38] <Markus Stenberg> sigh, her example was again on per interface basis ;)
[09:59:42] <Andrew Yourtchenko> Suresh presenting
[09:59:56] <Andrew Yourtchenko> draft-kk-mpvd-ndp-support-01
[10:00:23] <Andrew Yourtchenko> "background" slide
[10:00:41] <Andrew Yourtchenko> slide "Design choice in -01"
[10:00:47] <Andrew Yourtchenko> s/choice/choices/
[10:01:20] <Andrew Yourtchenko> next slide
[10:01:28] <Andrew Yourtchenko> design choices in -01 cont'd
[10:03:24] <Andrew Yourtchenko> slide "Changes from -00"
[10:03:46] <Andrew Yourtchenko> Dmitry Anipko at the mic
[10:04:38] <Andrew Yourtchenko> slide "PVD container option"
[10:04:56] dmitry.anipko leaves the room
[10:05:11] <Ted Lemon> Marcus, if you read the arch document, pvds are not necessarily specific to an interface.
[10:05:22] <Ted Lemon> Expliciit pvds can span interfaces.
[10:05:24] dmitry.anipko joins the room
[10:05:40] <Andrew Yourtchenko> slide "Issues to think more"
[10:05:50] <Andrew Yourtchenko> (quickly moved through the PVD identifier option slide)
[10:06:07] <Markus Stenberg> Ted Lemon: sure, but I'm more concerned about per-prefix-ish PVDs
[10:06:32] <Markus Stenberg> and it's hard to see how some of those cases can somehow get conveniently human-readable versions
[10:06:42] <Andrew Yourtchenko> Ted Lemon at the mic
[10:06:43] <Markus Stenberg> especially if they're implicit (at ISP edge) => explicit (to provide to clients) in a home router
[10:07:58] <Andrew Yourtchenko> Dmitry at the mic
[10:09:16] <Andrew Yourtchenko> Keith at the mic
[10:09:39] <Andrew Yourtchenko> next presentation
[10:09:44] <Andrew Yourtchenko> support for MPVDs in DHCPv6
[10:09:45] <Andrew Yourtchenko> slide 2
[10:10:09] <Andrew Yourtchenko> slide 3
[10:10:15] <Andrew Yourtchenko> slide 4
[10:10:15] <Mark Townsley> I think since we can have multiple prefixes per interface, but not multiple interfaces per prefix, the inherent hierarchy dictates that the PVDs be per prefix, with the L2-info on the host as "additional information" for associated prefixes.
[10:10:21] Dave Thaler joins the room
[10:10:32] <Ted Lemon> Mark, you can have multiple prefixes per pvd.
[10:10:38] <Andrew Yourtchenko> Bernie Volz at the mic
[10:10:59] Dave Thaler leaves the room
[10:11:59] <Andrew Yourtchenko> Margaret commenting
[10:13:35] <Andrew Yourtchenko> Lorenzo at the mic
[10:14:33] <Mark Townsley> Ted: I'm saying the natural prefix/interface hierarchy that I think already exists, could lead to some assumptions with PVDs. Pointing out that starting at L2 by default might be wrong. To your point, of course you can have multiple prefixes in a PVD, in my case you couldn't do this across multiple interfaces though.
[10:17:03] <Andrew Yourtchenko> Mark: would not a home host with a wired interface in one homenet segment and a wireless interface in another segment be the case of this ?
[10:18:03] <Andrew Yourtchenko> (which, if we split the wired and wireless in different subnets, will be a very common case)
[10:19:03] <Andrew Yourtchenko> Dmitry at the mic
[10:19:12] <Mark Townsley> Each of those interfaces have at least one address from one prefix. one PVD per prefix, which in the simple case happens to be per interface as well.
[10:19:59] <Andrew Yourtchenko> yeah, though then the PVDs will span multiple interfaces ? (since the upstream is the same)
[10:20:50] <Andrew Yourtchenko> Ted Lemon at the mic
[10:22:17] <Andrew Yourtchenko> Keith at the mic
[10:24:14] <Andrew Yourtchenko> Lorenzo at the mic
[10:24:38] <Mark Townsley> Andrew: The two PVDs would share the same uplink information, but why not let them still be two PVDs? Trying to discover that mutliple interfaces happen to be in the same domain and trying to collapse it accordingly… sounds like an unecessary optimization.
[10:26:48] <Andrew Yourtchenko> Jared Mauch at the mic
[10:29:34] <Andrew Yourtchenko> Keith at the mic
[10:34:51] Markus Stenberg leaves the room
[10:37:36] <Andrew Yourtchenko> jabber scribing continued in sunset4 jabber room...
[10:38:09] Andrew Sullivan leaves the room
[10:39:17] Ted Lemon leaves the room
[10:47:04] Jared Mauch leaves the room
[10:54:10] Brian Haberman joins the room
[10:57:59] Dave Thaler leaves the room
[11:15:02] Brian Haberman leaves the room
[11:21:56] Andrew Yourtchenko leaves the room
[11:22:54] dmitry.anipko leaves the room
[11:22:55] Dan Wing leaves the room
[11:31:14] Dan Wing joins the room
[11:38:23] Dave Thaler joins the room
[11:40:56] Mark Townsley leaves the room
[11:46:29] Juan-Pedro Cerezo Martin leaves the room
[11:53:00] Dave Thaler leaves the room
[12:03:25] Dan Wing leaves the room
[12:51:22] Andrew Yourtchenko joins the room
[12:53:48] Andrew Yourtchenko leaves the room
[13:06:02] Dave Thaler joins the room
[13:06:44] Dave Thaler leaves the room
[13:11:57] dmitry.anipko joins the room
[13:54:05] Jared Mauch joins the room
[14:13:39] Jared Mauch leaves the room
[14:58:48] dmitry.anipko leaves the room
[15:26:53] Mark Townsley joins the room
[15:28:18] Mark Townsley leaves the room
[15:29:59] Mark Townsley joins the room
[15:50:52] Mark Townsley leaves the room
[15:59:49] Mark Townsley joins the room
[16:00:15] Mark Townsley leaves the room
[16:00:55] Mark Townsley joins the room
[16:07:34] Mark Townsley leaves the room
[16:28:59] dmitry.anipko joins the room
[16:33:10] Mark Townsley joins the room
[17:00:55] Mark Townsley leaves the room
[17:01:18] Mark Townsley joins the room
[17:25:12] dmitry.anipko leaves the room
[17:48:31] Mark Townsley leaves the room
[17:55:07] Mark Townsley joins the room
[18:59:37] dmitry.anipko joins the room
[19:02:47] Mark Townsley leaves the room
[19:02:55] Mark Townsley joins the room
[19:04:35] Mark Townsley joins the room
[19:04:35] Mark Townsley leaves the room
[19:04:43] Mark Townsley leaves the room
[20:26:45] dmitry.anipko leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!