IETF
v6ops
v6ops@jabber.ietf.org
Friday, 29 July 2011< ^ >
Patrik Halfar has set the subject to: v6ops -- IETF80
Room Configuration

GMT+0
[00:02:08] Carlos Martinez joins the room
[00:03:36] Carlos Martinez leaves the room
[00:09:03] weiyinxing leaves the room
[00:58:01] jinmei joins the room
[01:07:50] jinmei leaves the room
[01:39:00] mcharlesr joins the room
[01:46:41] mcharlesr leaves the room
[01:49:03] mcharlesr joins the room
[01:54:20] Atarashi Yoshifumi joins the room
[02:17:30] mcharlesr leaves the room
[02:17:59] mcharlesr joins the room
[02:59:09] mcharlesr leaves the room
[03:37:26] Atarashi Yoshifumi leaves the room
[04:02:10] liubingpang leaves the room
[04:10:26] Joel Jaeggli joins the room
[04:11:59] Joel Jaeggli leaves the room
[04:12:16] Joel Jaeggli joins the room
[04:40:51] Ole Troan joins the room
[04:48:50] Joel Jaeggli leaves the room
[04:49:03] Ole Troan leaves the room
[04:51:41] Tomas Podermanski joins the room
[05:07:33] Joel Jaeggli joins the room
[06:03:12] Tomas Podermanski leaves the room
[11:05:30] Ole Troan joins the room
[12:43:01] Ole Troan leaves the room
[12:54:59] Joel Jaeggli leaves the room
[13:09:39] Joel Jaeggli joins the room
[13:47:58] liubingpang joins the room
[14:02:52] Joel Jaeggli leaves the room
[14:20:27] Joel Jaeggli joins the room
[15:24:37] liubingpang leaves the room
[16:45:39] Joel Jaeggli leaves the room
[16:50:28] Joel Jaeggli joins the room
[16:56:55] doug.otis joins the room
[16:57:38] tsavo_work@jabber.org/Meebo joins the room
[16:58:49] jlcJohn joins the room
[16:59:00] <Joel Jaeggli> meeting starts in 2 minutes
[16:59:24] Dave Thaler joins the room
[17:02:24] <Joel Jaeggli> agenda -
[17:02:35] <Joel Jaeggli> tim chown - address accountability
[17:03:00] arifumi joins the room
[17:04:06] <Joel Jaeggli> at the moment people in ipv4 have a reasonable task of providing address accountability in v6 things like privacy addresses make that harder.
[17:04:55] <Joel Jaeggli> dave thayler - what do you mean with accountability
[17:05:46] <Joel Jaeggli> etierh a hardware port or 802.1x gives you a binding between port and ip address
[17:05:57] jpc@jabber joins the room
[17:06:15] <Joel Jaeggli> correlation between ipv4/v6 arp nd tables
[17:06:34] cabo joins the room
[17:06:39] <Joel Jaeggli> may place load on swtiches and routers
[17:07:04] <Joel Jaeggli> and you need to know that you're polling rapidly enough that information to be relevant
[17:07:14] <Joel Jaeggli> fred - zigbee has pana
[17:07:25] <Joel Jaeggli> record all the nd traffic on a link
[17:08:00] <Joel Jaeggli> nd attacks can increase the amount of traffic you have to log.
[17:08:09] Ruri Hiromi joins the room
[17:08:14] jpc@jabber leaves the room
[17:08:17] <Joel Jaeggli> back mic - savi?
[17:08:53] <Joel Jaeggli> dave thayler accountability mapped to something
[17:09:02] Ole Troan joins the room
[17:09:51] <Joel Jaeggli> fred when I use 802.1x that correlates a mac address with a user idneity
[17:10:04] <Joel Jaeggli> try - to force dhcpv6 everywhere
[17:10:58] danwing joins the room
[17:11:16] <Joel Jaeggli> joel - dhcpv6 could be used to construct the acl
[17:11:59] <Joel Jaeggli> logging with savi should only log potneital spoffing events, logging all mapping data becomes applicable.
[17:12:22] <Joel Jaeggli> fred - as a savi author switches in general have places where they log all sorts of things.
[17:13:19] <Joel Jaeggli> joel halpren - it is extremely likely that savi devices will be logging bindings, still under consideration
[17:13:44] <Joel Jaeggli> jean ? - savi issue was about privacy concerns
[17:15:16] <Joel Jaeggli> the purpose of the draft is to discuss the paths that administrators can take to produce some accountability
[17:16:00] <Joel Jaeggli> james woodyat - shouldn't this rightly be taken up in the nog organization
[17:17:01] <Joel Jaeggli> one persons accountability is another persons pen register
[17:18:24] <Joel Jaeggli> wes george - the privacy concerns are something that should be included
[17:22:25] sm joins the room
[17:27:24] behcet.sarikaya joins the room
[17:33:16] sm leaves the room
[17:33:51] sm joins the room
[17:37:11] mwm joins the room
[17:39:23] Bjoern A. Zeeb joins the room
[17:45:09] <Dave Thaler> since joel is presenting, mic discussion was about whether the NUD issue is actually a problem in reality.
[17:45:14] sm leaves the room
[17:45:31] <Dave Thaler> 6man owns solutions, v6ops needs to decide whether there's actually a problem or not
[17:45:41] sm joins the room
[17:45:54] <Dave Thaler> there are other possible solutions if so, but that's for 6man to do if there's a problem.
[17:46:43] <Dave Thaler> now on ND cache priming & refresh
[17:46:51] sm leaves the room
[17:46:52] <Dave Thaler> troan: what's relationship to 6lowpan nd
[17:47:12] <Dave Thaler> JJ: linux kernel change for this is trivial
[17:47:22] sm joins the room
[17:47:35] <Dave Thaler> fred: what about a simple rate limit
[17:47:53] <Dave Thaler> JJ: that's possible yes
[17:49:01] <Dave Thaler> lorenzo proposed splitting draft into operational guidance vs protocol changes
[17:51:58] <Dave Thaler> fred asked whether address scans were a problem and whether if the draft is split the WG should take as a WG I-D
[17:52:05] <Dave Thaler> lorenzo: what's left for this WG
[17:52:14] <Dave Thaler> thaler: prioritization & rate limiting
[17:52:49] <Joel Jaeggli> thanks
[17:53:14] <Joel Jaeggli> a+p implmentations
[17:53:24] <Joel Jaeggli> x deng
[17:54:02] <Joel Jaeggli> about address sharing solutions and implmentations details
[17:54:23] <Joel Jaeggli> topology slide
[17:54:55] <Joel Jaeggli> dhcp server is responsible for provding a+p ce with a+p parameters
[17:55:06] <Joel Jaeggli> implmented on openwrt
[17:55:31] <Joel Jaeggli> implmented both port range a+p
[17:55:42] <Joel Jaeggli> and scatter port sets a+p
[17:56:04] mwm leaves the room
[17:57:02] <Joel Jaeggli> needs scetter port sets in order to support port requirements for p2p applications
[17:59:29] <Joel Jaeggli> how to provision scattered ports?
[18:00:49] <Joel Jaeggli> only two parameters subscriber id pattern and subscriber id value
[18:01:00] <Joel Jaeggli> showing port selection algorythm
[18:03:55] <Joel Jaeggli> fred - so was this in the demo you showed in the terminal room?
[18:04:04] <Joel Jaeggli> x deng - yeah
[18:04:26] <Joel Jaeggli> what breaks - upnp 1.0 clients
[18:05:30] <Joel Jaeggli> how fix it? take care of port allocation mechanisms, same thing with even odd ports e.g. with rtp rtcp
[18:07:09] <Joel Jaeggli> stuart cheshire - quick comment, lot of focus on making upnp work, it'll never work, you have to throw it out and start again, hence igd 2
[18:07:27] <Joel Jaeggli> having a bunch of device all wanting the same port doesn't work
[18:07:33] <Joel Jaeggli> marshall
[18:07:50] <Joel Jaeggli> is there a security implication to the mask of ports
[18:08:12] <Joel Jaeggli> x deng - yeah it will be.
[18:09:09] <Joel Jaeggli> dan wing, what if I'm running a kamisky style attack I can guess you next port.
[18:10:28] <tsavo_work@jabber.org/Meebo> http://tools.ietf.org/id/draft-bajko-pripaddrassign-03.txt describes a cryptographically random port allocation scheme
[18:10:44] <Joel Jaeggli> what she found was that random port range was more relaible that the upnp mechanism
[18:11:14] <Joel Jaeggli> lorezoen - this is what the ap gateway does would be a good slide to have in the set.
[18:11:14] <tsavo_work@jabber.org/Meebo> where listener cannot guess what the next port is, unless the listener has been able to snoop DHCP messages or is another client using the same IPv4 address (but different port set) on same network
[18:11:46] Ole Troan leaves the room
[18:13:15] <Joel Jaeggli> rapid transition of ipv4 contents to be ipv4 accessible.
[18:13:26] <Joel Jaeggli> er ipv6 accessible
[18:13:39] <Joel Jaeggli> q-sunq
[18:16:19] <Joel Jaeggli> nat6-4 based
[18:18:20] <Joel Jaeggli> uses a gateway in front of the datacenter
[18:28:30] <Joel Jaeggli> dan wing - one of the operational characterization of behave's approach.
[18:28:41] <Joel Jaeggli> it's solving a problem that's too segmented.
[18:29:49] jinmei joins the room
[18:31:49] narten joins the room
[18:32:07] <Joel Jaeggli> wes george - the case where you need to turn on content providers they need to do that on their own edge
[18:36:19] <Joel Jaeggli> show us the practical applicaiton or is it an example or a propietary one off which is the conext for doucmenting this?
[18:36:35] <Joel Jaeggli> address - mapping
[18:36:49] <Joel Jaeggli> this draft is based on their expeince
[18:37:04] <danwing> I didn't want to take more time at the microphone, but: if the consensus in the room is NAT64 is inappropriate in front of an IPv4-only server because of loss of the IPv6 source address, then v6ops would benefit from documenting that as a "not recommended" deployment.
[18:37:47] <Joel Jaeggli> lorezno if it based on experience then it probably worked.
[18:40:22] <Joel Jaeggli> if the draft stated the drawbacks of this approach that would be helpful
[18:43:38] <Joel Jaeggli> fred - does this encourage v6 deployment?
[18:44:02] <Joel Jaeggli> I think no
[18:44:51] <Joel Jaeggli> lorenzo - what I wanted to say is I'm not sure ipv6 content enabiling in access.
[18:45:37] <Joel Jaeggli> there's a disparity where content is ahead of access.
[18:45:56] <Joel Jaeggli> jason wild - time warner cable
[18:47:19] shinmiyakawa joins the room
[18:48:42] <Joel Jaeggli> access providers are currently working on that
[18:49:10] narten leaves the room
[18:49:13] <Joel Jaeggli> fred adjourned
[18:49:21] shinmiyakawa leaves the room
[18:49:21] danwing leaves the room
[18:49:25] arifumi leaves the room
[18:49:25] Joel Jaeggli leaves the room
[18:49:40] Ruri Hiromi leaves the room
[18:50:29] jinmei leaves the room
[18:50:46] sm leaves the room
[18:52:14] Dave Thaler leaves the room
[18:55:02] jinmei joins the room
[18:56:18] behcet.sarikaya leaves the room
[19:02:22] jinmei leaves the room
[19:02:46] Joel Jaeggli joins the room
[19:07:44] tsavo_work@jabber.org/Meebo leaves the room
[19:11:50] jinmei joins the room
[19:18:22] Bjoern A. Zeeb leaves the room
[19:21:44] jlcJohn leaves the room
[19:34:03] jinmei leaves the room
[19:57:45] cabo leaves the room
[20:19:41] liubingpang joins the room
[20:59:14] lochii leaves the room
[21:07:40] Joel Jaeggli leaves the room
[21:08:15] doug.otis leaves the room
[21:17:04] Joel Jaeggli joins the room
[22:41:19] narten joins the room
[22:51:09] narten leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!