Minutes IETF115: maprg: Thu 13:00
minutes-115-maprg-202211101300-00
Meeting Minutes | Measurement and Analysis for Protocols (maprg) RG | |
---|---|---|
Date and time | 2022-11-10 13:00 | |
Title | Minutes IETF115: maprg: Thu 13:00 | |
State | Active | |
Other versions | markdown | |
Last updated | 2022-11-24 |
MAPRG IETF 115
_notes: Brian Trammell (Thanks!)
Overview & Status
Dave (remote) & Mirja (onsite) (5 min)
IRTF Note-well: https://irtf.org/policies/irtf-note-well-2019-11.pdf
no discussion
Heads-up talk: Kirin: Hitting the Internet with Millions of Distributed IPv6 Announcements
Paweł Foremski (5 mins)
no discussion
Waiting for QUIC: On the Opportunities of Passive Measurements to Understand QUIC Deployments
Jonas Mücke (15 mins)
Lorenzo Colitti: Why is it intersting that these measurements are
passive? You could also do these actively.
Jonas: It's non-intrusive.
Ben Schwartz: Any understanding of why someone is spoofing telescope
source IPs?
Jonas: Spoofing is random.
Ben: Ah, source-spoofed DoS, not reflection. Would you recommend the
use of cipher approaches to CID connections.
Jonas: That's in the paper. You still need information in the CID.
Marwan Fayed: Instead of what is the structure, the intersting
question is how do you get lack of structure.
DNS Privacy with Speed? Evaluating DNS over QUIC and its Impact on Web Performance
Robin Marx (15 mins)
Lorenzo Colitti: These are just random resolvers you found?
Robin: Yep.
Lorenzo Colitti: I'd expect no change for subsequent queries and 2x
penalty for the first query. Please do measure DoH3 vs DoQ;
implementations are listening to you.
Tommy Pauly: Concerning that we see badly-configured DoQ servers.
Session resumption without 0-RTT is bad too. Makes you trackable for no
performance benefit.
Robin: See the paper for more bugs. That's why we think they're
preproduction.
Tommy: +1, please compare DoH3 versus DoQ; DoH has better
properties.
Shivan Sahib: Definition of complexity of webpage?
Robin: Domain count.
Chris Box: "Encrypted DNS doesn't have to be a compromise" -- but
there is one, and it can get smaller, yes? If you're a network that's
being benchmarked, that compromise looks much better. H3 measurements?
Robin: Actively ongoing work.
A First Look at Starlink Performance
François Michel (15 mins)
Geoff Huston: did a similar geo/starlink measuerement in March.
Satellites at 550km up, but 2704km at horizon. Raw RTT should change
between 7ms and 36ms, 1 arcsecond per second. Something is somehow
compensating for spacecraft and switching delay. Did you look at BBR.
François: Nope. Quiche didn't have it when we did this.
Geoff: BBR has vastly different performance characteristics. Got
much more bandwidth. These protocols make the tied RTT a more
interesting matric.
Matt Joras: Loss: accounted for spurious loss, QUIC stack reporting,
or pcaps?
François: Packets never ACKed. So not spurious. Also saw weird
first-few packets being lost nearly systematically. Weird traffic
patterns.
Gorry Fairhurst, long-time lover of satellites: Would have liked to
have more specificity on where and when these measurement were.
Constellation is changing. Starlink is fixing RTT but not losses. We
have satellite access and can collaborate. Will take this offline and
tell the list what we think.
Illuminating Large-Scale IPv6 Scanning in the Internet
Philipp Richter (15 mins)
Bob Hindon: You've seen that there's not very much scanning,
compared to v4, but it's very easy to generate a bunch of source
addresses.
Eliot Lear: How did the aggregated traffic for those top sources
compare to the rest of the traffic that might have been scan traffic?
Philipp: Lots of prefiltering before we do scan detection. Lots of
variance: all of the traffic from the cybersecurity traffic was
scanning.
Eliot: So, not many botnets.
Philipp: None. v6's address architecture may help here. Don't know
how to move forward if we ever get them though.
IoT Security by the Numbers
Leslie Daigle (10 mins)
no discussion
Quo vadis IETF: is the IETF ossified?
Ignacio Castro (10 mins)
no discussion
Where .ru? Assessing the Impact of Conflict on Russian Domain Infrastructure
Gautam Akiwate (15 mins)
Brian Trammell: Do we have any comparisons for the pre-conflict
"fully Russian" number; i.e., some way to differentiate "the government
wants internet sovereignty" from "people who speak the same language and
use the same currency tend to do business with each other"?
Gautam: We have not really looked into this. If it is possible
that'll be very interesting, even as a one-off. Happy to chat after.