Minutes IETF97: mboned

Meeting Minutes MBONE Deployment (mboned) WG
Title Minutes IETF97: mboned
State Active
Other versions plain text
Last updated 2016-11-30

Meeting Minutes

   IETF 97 SeoulMBONED Agenda
Mon, Nov 14, 20169:30-12:00Studio 2 (Held jointly with PIM WG)
Note taker: Dave Allan
Video log:

Jabber log:https://www.ietf.org/jabber/logs/mboned/2016-11-14.html
Audio log:https://ietf.org/audio/ietf97/ietf97-studio2-20161114-0930.mp3

Agenda bashing Ð no comments

Status Ð active WG docs
    Mboned_mtrace_v2_16 Ð is this ready for WGLC, only two have read it. Take
    it to the list.. Agreed Interdomain_peering_bcp_05 Ð last last call

Other docs
        Acg_mboned_multicast_info_models Ð main thrust is pushing SSM. Going to
        rev soon and make thrust SSM. Overuse of term model, this is service

1) Malicious Overjoining in Multicast

Jacob: WebRC and norm and several earlier versions of algorithms to perform
congestion control.

Shep: So this is all application layer.  A: Yes.  Web RC does have aspects of
that it does on the wire Problem with one or more bad actors. Solution is
circuit breaker.

Shep: Is the lead message granular enough to select other than the base layer?
A: it is a shut things down. Any channel not responding to congestion. And
flows not responsive, start cutting them off. Shep: Something more granular
could be less disruptive.  Jacob: when any receiver can disrupt the networkÉ.
Shep: how deployed?

So the base layer with the highest population works well. For various use cases.
Not attached to my solution.

Shep: Was this found with misbehaving app or operator? Neither. We put up an
AMT really, and reviewing the plan, and discovered that this was raised as an
issue. And I could not solve it.

Dino: WeÕre in steady state, then someone joins, ideal would be to cut off
admission.  As general policy, that would work.  A: so it is not just about
AMT, but that is harder. If we get competitors, and they are less responsible,
hardest problem to correlate this. A DOS attack waiting to happen.  Looking at
the attack of a few weeks ago, our operators will make it worse by over
rotating. Jacob: A PIM extension is ideal if we can get it.

Dino: If at 75-80% for 100 groups, and a malicious joiner joins 100, how do you
pick whom to degrade?  A good question. Highest B/W loses first. Or Highest B/W
over receiver count.

Toerless: Vendors have multiple ways to block at replication points. Maybe we
can look at this and extract recommendations.  If an operator has an interest
in getting this blocking done without application signaling. Maybe break the
problem into two pieces. Is it biggest flow or assigned priority or what.
Minimize configuration by the operator. I think AMT may be more difficult. Hard
to identify where the congestion happens. Could do something at the AMT relay.

Shep: YouÕre taking links like join rate limits? Toerless: In Cisco IOS there
is a multicast limit. Similar things in JunOS. Shep: If you do not have admin
control to do that. Easier at the relay than at the edge. Do not have access to
every last hop router.  Toerless: Need to figure which flows are competing at a
congestion point.

Jacob: You can have multiple different relays. We convince a partner this is
great, spin up a gateway.  Shep: Dual homed gateway in the same enterpriseÉ

Dino: ThatÕs the hard part, Case two relays and join oneÉ Problem with anycast
is you keep pushing it off till it goes nowhere. Maybe the way to deploy this
is S,G assigned to single replicator.  More control. Each relay can support a
single S,G. If you joint multiple groups for same S.  Jacob: DoesnÕt solve this
problem. Multiple gateways supporting multiple relays can still congest

Tim: Single admin domainÉ No. So potentially a DOS attack in itself.  Jacob:
Needs to be a router alert so happier with an IP header option. Need to see
bandwidth advertisement in the data path and treat it accordingly. Transport
area circuit breaker is a general class of this.

Tim: More palatable of you start at single domain.

Toerless: Good to detail the test results. We could argue that you should leave
at 1-2% loss.  That is good when the receivers are well behaved.  So you
validated the good ones are behaving,but the bad ones are driving circuit
breakers. Jacob: Hope people see this as a problem that  needs more attention.

Jeffery:  Further work could be done in adding attributes to PIM joins and each
router could decide whether to admit the flow or not.  Looks at SBG where B is
the bandwidth. One receiver issues a bogus bandwidth ?

Dino: Do not see how you can solve this without an overlay with AMT as some
flavor of that. One bad actor knocking things out means knock out the bad actor

2) Multicast Across Interdomain peering points Ð Percy

Responses from last call #5
-       Remove manifest file text
-       Limited to SSM only
-       Authentication location.

More comments
-       Explicit ASM out of scope required

Mikael and HitoshiÕs changes resolved, Final draft to be uploaded. Then a last
last callÉPercy to upload today.

3) Multicast Informational Model Ð Sandy Zhang

Model has 3 main branches, overlay, transport, underlay.

Stig: Useful to have a model like this, but difficult with the various
permulations. Draft talks about the model but not enough text to know how to
use it. Some examples Need to work with Yang and PIM experts to make sure her
proposal fits with the other models underway.

New Business
Tim: Do we need a navel gazing session.  Shep: Need to rev milestones.  No
intention of starting BIER-DÉ. thatÕs terrible.