BMWG Minutes
2021-07-26
IETF 111

 - Over 27 people attended the session at the start.
 - Bill Cerveny took the minutes, a contribution for which the chairs are eternally grateful.

WG Status
 - RFC 9004, Updates for the Back-to-Back Frame Benchmark (Update to RFC2544)
   https://datatracker.ietf.org/doc/html/rfc9004
   Published in May 2021.
 - Benchmarking Methodology for EVPN and PBB-EVPN
   https://datatracker.ietf.org/doc/draft-ietf-bmwg-evpntest/
   status: IESG Review on July 1, 2021; Resolving DISCUSS and Comment ballots
   
   *Al: Milestones need to be updated.*
   
WG Drafts:
   
 - Multiple Loss Ratio Search
   draft-ietf-bmwg-mlrsearch-00.txt
   https://datatracker.ietf.org/doc/html/draft-ietf-bmwg-mlrsearch-01
   status:
   - This version describes the new logic and examples on throughput in
   transactions per second, not just packets.  Some more to do in next ver.
   - Reviewers Requested!
    *Maciek Konstantynowicz presenting.*
    *Gábor Lencse and Vladimir Vassilev confirmed they will review mlrseach draft.*
   
- Benchmarking Methodology for Network Security Device Performance
   https://datatracker.ietf.org/doc/html/draft-ietf-bmwg-ngfw-performance-09
   status:
   - Draft was updated several times since March 2021 meeting
   - WGLC on -08 ended in May 
   - several extensive reviews and supportive comments
   - Draft was updated on May 21, with Sarah's LC comments yet to address
   - WG decision: "...and this document obsoletes [RFC3511]."
       https://tools.ietf.org/html/rfc3511
       
       *Al says there must be standalone line in abstract, "this document obsoletes RFC3511..."*
       *Brian Monkman presenting initial slides and is taking written comments*
       *Carsten Rossenhoevel reviews open comments and later slides.*
       *Comment 1/11: Sarah Banks responds that proposal makes sense to her.
       *Comment 2, Sarah proposes calling devices as active/inline versus "next generation".
       Alex Samonte said that he didn't know if NG implied inline or other state.
       Sarah likes description of firewall being a little broader.
       Alex: This doesn't cover a passive device.
       Sarah: There is a bit of confusion about use of term, "next generation" firewall.
       Comment 3/11:Sarah agrees in regards to "fail close" text.
       Comment 4/11: Alex: Two scenarios. In general, they are behind a router or switch. If test equipment, lots of MAC addresses, not like real environment. 2)  I like virtual test tools in the test bed.
       Jurrie van del Breekal: Impact of latency is a typically rounding error in testing.
       Sarah: Goal is to keep things simple as possible in the test bed.
	   Alex: SEC devices are normally behind a router or switch, reduces L2 traffic. Also, need to do a B2B test to eliminate issues.
	   Jurrie: Most customers who test use the switches in their testing.
	   Sarah agrees.  
	   Al: Add some notes into the draft to cover this discussion.
       Comment 5/11: Sarah Offered to provide text to authors.
       Comment 6/11: Jurrie: Virtual routers are used to avoid overrunning MAC tables and for a realistic perspective -- it's more realistic to use virtual routers.
	   Comment 7/11: to be resolved with comment Comment 5/11
       Comment 8/11: Agreement to remove NG IDS from draft. Sarah agrees this is resolved.
       Comment 9/11: Sarah to review 4.3.1.1 and propose something.
       Amritan Putatunda commented  Working to remove test vendor-specific details now.
       Carsten: We need to include the TCP stack attributes Window sizes, etc.  -- Sarah: Need vendors tell you what parameters are. What happens to open source tools that don't have that info. 
       Jurrie: Test defines key stack parameters that defines how TCP behavior. It's what the draft calls out and configure tests to parameters.
       Al: Need to define key parameter values for TCP in the draft (as agreed).
	   Carsten: Even the need to use the same way to close TCP connections.
       Comment 10/11: Appeared to be agreement with author's proposal. 
	   Sarah: cover the switch config with generic configuration.
	   Carsten: this was our goal - we believe we have already done this.
	   Alex: yes, we have details, we don't ask for all details; the B2B test without SUT is the baseline for SUT evaluation.
       Comment 10/11: Sarah: If you can ask them to document details, then you can test apples to apples.
       Carsten: These details might be dangerous. Specifying details may force tester to use specific router/model.
       Sarah: As long as details are documented without specifying vendor/model, it shouldn't matter.
       Sarah: Has to go back and look at draft to clarify, but is interested in being able to replicate test.
       Alex: We don't go into that level of detail. We don't ask for that to be documented.
       Sarah: BMWG is big on repeatability. Erring on having details in regards to how that's the case.
       Alex: We want to get to that same point as much as possible, but want to avoid locking people out. Maybe we can reach a balance.
       Comment 11/11: Sarah concurs on proposed text.
       Al asks for any comments on this version of the draft. None noted. Al said he wanted to move this forward as fast as he can. There are a few more details and we'll go from there.
       Brian: Should we work with Sarah and go from there?
       Al: We should get the next steps done. Version 10 will be posted, Doc Shepherd will review, there may be some nits to fix.  Warren will review as AD, resolve his comments.  Then Area Review teams prepare comments during Last Call. Try to put on IESG telechat agenda in October. Authors need to reply to IESG comments - ASAP!
       Al describes remaining steps to publication.
       Warren Kumari suggests that authors send reminders to people in publication process.*
	   Sarah: RFC Editor editing and AUTH48 takes about 12 weeks.
	   Bill: Make the draft as clean grammar-wise, spelling-wise, Capitalization consistency-wise as you can. The fewer Questions from RFC Editor is best - leave them with less opportunities to misinterpret things.
	   Everyone is happy.
       
       
Proposals:

 + A YANG Data Model for Network Interconnect Tester Management
https://datatracker.ietf.org/doc/html/draft-vassilev-bmwg-network-interconnect-tester-06
   status:
   - This version adds capture "start-trigger" and "stop-trigger" configuration
   to the YANG model (a common feature for many traffic analyzer implementations)
   - Draft updated 11 July, 2021 
   - Vladimir has shared "Yet Another RFC2544 Testimplementation"
   open-source/hardware implementation with the BMWG.
   *Vladimir Vassilev presenting*
   *No feedback from attendees.
   Al: Your (Vladimir Vassilev) progress has been continuous and prolific. We might want to take it as a working group draft. Sarah agrees with making it a working group draft.
   Al: Will have a WG adoption call on the list, in August. *

NEW !!   
 + Benchmarking Methodology for Stateful NATxy Gateways using RFC 4814
   Pseudorandom Port Numbers
 https://datatracker.ietf.org/doc/html/draft-lencse-bmwg-benchmarking-stateful-00
   status:
   - ~5 people have discussed the draft on the list in May-July
   - Reference to procedures in RFC 8219
   - TCP-based testing = compliments the NG security device testing?
    *Gábor Lencse Presenting*
    *No feedback from attendees. Al: Will be productive to talk about this on the mailing list and we'll take it from there.
    Gábor: will attempt to upload new version of draft in August.*

 + AOB