0. Agenda Bashing and WG Update Chairs (5 mins) Aijun: Move to next milestone. Begin discussing whether intra arch reaches consensus. More general architectures and solutions are encouraged. Joel: Central to the current state of the working group. Discussions and questions are encouraged. ============================================= Architecture (Total 75minutes) 1.Intra-domain Source Address Validation (SAVNET) Architecture(draft-li-savnet-intra-domain-architecture) Lancheng Qin (20 mins) Antoin: There are some automatic tools used. How to do authentication. Joel: Security question belongs to inter domain. Can leave the question in the next presentation. Lancheng: The arch can achieve inbound and outbound SAV simultaneously. The security problem is more about inter domain, not intra. But we also give some security considerations in the draft. (break) Xueyan: Page 8 bullet 1, source prefix can be learned through IGP. Intra-domain architecture should add data-plane configuration. Joel: Some comments are for problem statement drafts like automation. Antoin: No trust issue in intra. Aijun: Can we find general solution for both kind of routers. Huaimo: No need of communication channel. Configure the router and signal the information. Lancheng: Manual config has high overhead. 2.Inter-domain Source Address Validation (SAVNET) Architecture(draft-wu-savnet-inter-domain-architecture) Libin Liu (20 mins) Joel: A suggestion, not refer MD5. Aijun: How to authenticate the information. Libin: Should give some requirements for authenticating information channel. 3.Source Address Validation Table Abstraction and Application(draft-huang-savnet-sav-table) Mingqing Huang (10 mins) Xiangqing Chang (chatbox) There can be multiple ways to generate SAV table entries or rules for devices, and multiple ways to store SAV table entries or rules. However, there needs to be a unified set of action behaviors that satisfy various source address verification scenarios. Therefore, I believe this draft on validation capabilities is very meaningful. Mingxing Liu (chatbox) This draft is appropriate as a capability requirement. 4.A Large-scale Measurement of IP Source Spoofing on the Internet Shuai Wang (15 mins) Joel: Measuring real world and simulations comparing mechanisms are really useful and important input to our work. Antoin: How to deal with multihoming scenarios where one link for legitimate packets and the other for source address spoofed packets. Shuai: Part of the groudtruth. Do our best. Antoin: Cannot traceback the spoofing. 5.Emulations of Nine SAV Mechanisms with SAV Open Playground Li Chen (10 mins) Sriram: slide7 BAR-SAV can deal with no-export with roa and aspa records registered. Aijun: Why decouple the control and data plane. Li Chen: Avoid burdening BGP. ============================================= Solution(Total 40 minutes) 6.IGP Extensions for Intra-Domain SAV(draft-chen-savnet-lsr-intra-00) Huaimo Chen (8 mins) Fang Gao: Three questions, 1) scope of source prefixes genenrated in rules; 2) missing 3) How to deal with PBR Huaimo: for the 1st question, have three options. Joel: Time limitation. Move to the next. (The followings are from chatbox) Joel: Even if all links are symmetric, if different nodes have different ECMP widths, can’t there be discrepancies? Mengxiao Chen: Agree with Joel. Routing policy may also cause discrepancy. Yuanxiang Qiu: The basic idea of draft-chen-savnet-lsr-intra is similar to :https://www.ietf.org/archive/id/draft-lin-savnet-lsr-intra-domain-method-02.txt The presentation: https://datatracker.ietf.org/meeting/114/materials/slides-114-savnet-slides-114-savnet-intra-domain-method-01 Yuanxiang Qiu: I think we should not spare the time of WG for repeated works. Yuanxiang Qiu: In addition, routing-policy is also considered in draft-lin-savnet-lsr-intra-domain-method-02, which is missing in draft-chen-savnet-lsr-intra-00. 7.IGP POI for Intra-domain SAV(draft-song-savnet-intra-domain-igp-poi-00) Xueyan Song (8 mins) No comments 8.BGP Operations for Inter-domain SA(draft-song-savnet-inter-domain-bgp-ops-00) Xueyan Song (8 mins) Fang: Indicate the benefit of the new attribute compared to configuring the existing bgp communnity 9.BGP Extensions for Source Address Validation Networks (BGP SAVNET)(draft-geng-idr-bgp-savnet) Nan Geng (8 mins) No time to give a presentation 10.Inter-domain Source Address Validation based on AS Relationships(draft-rly-savnet-inter-domain-as-relationships) Gang Ren (8 mins) Aijun: May deployment challenges Joel: email list discussion pls. No time for the other talks.