intarea WG Agenda IETF 85 Monday, November 5, 2012 1300-1500 Afternoon Session I Minute taker: Ole Trøan 1. Agenda Bashing, WG & Document Status (Chairs) 10 minutes No changes to agenda. Chair goes through document status. Need reviews of draft-fleischhauer-ipv4-addr-saving-03 and draft-carpenter-flow-label-balancing-01 Brian Haberman, AD states that there is no further IESG discusses on document: draft-ietf-intarea-ipv4-id-update-06 2. Adaptation Layer Fragmentation Indication Carsten Bormann 20 minutes draft-bormann-intarea-alfi-01 Suresh: Why do you use header compression? Carsten: Fragment size is 128 bytes and compression can save(?) 40 bytes. Dave Thaler: This is the application protocol that uses fragmentation. Are the potential use cases only for use within a specific network. Or can some of these applications packets come inbound from the Internet. Or is it constrained to e.g. a constrained network. Carsten: Good question. Dave: Scoping question. Eric Vyncke: Hop by hop options are either dropped or ignored in the Internet Suresh: The overhead you are adding, you are adding 8 bytes. Where are you putting it? Carsten: In the first packet in an exchange of packets. It is in the data packet. Suresh: So you are piggybacking on the data packet at an interval. Jari Arkko: Where is premature. We should ask if we want to do this. Returning to what Dave said. It would be a good strategy to focus on techniques that would work on the Internet. Carsten: The first hop might be different than the next. In e.g. RPL the host router hop is quite different from the router to router hop. Jari: I can understand that, but that doesn't solve the problem mentioned here for the HBH option. Jari: some radio systems send small packets quickly but longer packets have to wait, so similar. Carsten: this is for anything that can be expressed by a+N*b Cui: why is frag bad? Peter McCann: Could the adaption layer do retransmission Carsten: Yes Suresh: We'll talk to the ADs... Carsten: Can we get some mailing list discussion on how we can make this work? 3. Transaction SIGnature (TSIG) using CGA Algorithm in IPv6 Hosnieh Rafiee 15 mins draft-rafiee-cga-tsig-00 Francis Dupont: The server example is specific to BIND and it may not work with other servers. Hosnieh: New modules in PowerDNS Eric Vyncke: Clarification question. TSIG is not linked to an IP address, but a keyname. Hosnieh: The CGA is used. [Long explanation...] Eric: CGA you only check it if you have access to the right ND messages, if you are not on an L2 adjacent node. Dave Thaler: No, that's added to RR type Suresh: How do you change address while still proving ownership. Hosnieh: Dave Thaler: Suresh: I come around with this was my previous CGA and my public key. Hosnieh: You don't say that. Suresh: Hosnieh: You change the modifier. Jari: You use CGA to use the TSIG. I don't think that's a big problem. My problem is slightly different. I don't quite understand the use case. The draft doesn't say what you do with the name. Are you every time generating a new name. Hosnieh: Both. You can create a new name. Jari: I understand the case where you want to generate a new address and a new name If you kept the same name but changed the address, it would always be an opportunity for the attacker to consider the name, and track the changing address. NN Why TSIG instead of SIG(0)? Hosnieh: That way the DNS servers don't have to change anything. NN You are only providing address ownership, no security feature with regards to FQDN. H: For DNS servers we also save the keys. Julien:Similar to Jari on the use case. If you for privacy reasons change your address, why do you put your address in DNS? H: ... Dave Thaler: Can two pieces of information be linked. So anything you can link to that name, is linkable, you don't have privacy between the two. What does this provide? The model here within a particular zone within the zone it is first come first serve. It is important to say what the trust model is. My last question: Just to make sure something correctly. Can I have one address at the time associated with a name? Such as one ipv4 address and one ipv6 address, or perhaps two ipv6 address? It looks to me as if the first update message includes one CGA, then would work with any number of address? Andrew: Yes, that's how TSIG works. Suresh: It depends on what you sign. What does the signature cover. Julien: Purpose built key. It is a leap of faith and I don't need CGA. A key built for ownership of names. I don't need CGA. Andrew Sullivan: TSIG binds the end points. It isn't bound to a particular peice of data. A great deal of the draft is motivated with dynamic update. TSIG isn't about the data it is about the endpoints. ... 4. Scaling ARP for large data centers Tal Mizrahi 15 mins draft-nachum-sarp-03 Dave Thaler: Question on which MAC address is used. Tal: The MAC address is giving the location. MAC address represents the location. Dave: If I understand you right, you are saing if something changes, both sites have MAC-E. As something moves around, Suresh: How does this work if there is another SARP proxy? What's the filter? Tal: We only consider a single level of hierarchy. Chris: Missed question. Suresh: That was my quesiton Chris: I'm talking about parallel, how do I ensure that I don't go back to where I learnt? General comment, how are you going to detect loops? No TTL decrements. Do we have the never ending packet? Ron Bonica: If you had a topology with a third network, it could get into a loop. Wouldn't that be a fatal flaw? If you have a routing loop. You have a route that would persist forever. Lee Howard: You've done a great way explaining this. What you have invented is L2 NAT with no TTL decrement. ... [presentation ends] Suresh: I have a question. What does this draft do for IPv6? I don't see a strong need for this in IPv6. Tal: The first advantage was to reduce the L3/L2 table size, that applies to both IP4 and IPv6. NN: All the end stations in that L2 need to send IPv6 ND requests to that router. That is a lot of burden on that router. The SARP will respond on behalf of the gateway router. Suresh: That's a liveness check. An issue with IPv6 is that there are too many messages to the router. NN: The SARP can aggregate the messages. Suresh: That's not in the draft. NN: We can add that description there. Julien: With regards to the liveness checks. One of the goals is to lessen the load of the router? You seem to be saying that the goal of this mechanism for IPv6 is to reduce the load of the ND protocol? [discussion between NN& Julien] (taken offline). Brian Haberman: I'm curious if you have looked at any of the work being done in 6man. One thing it is aimed at reducing the number of ND messages. To see how much overlap there is. Chris Liljenstolpe: I understand you are trying to reduce the load... on the gateways. Then I have to maintain state on every SARP maintaining the L2/L3 mapping. Tal: Existing chipsets can support SARP. The scalability issue is no different from the routing problem. Chairs: Take discussion to list. 5. Security Requirements in the Software Defined Networking Model Margaret Wasserman 15 mins draft-hartman-sdnsec-requirements-00 Bob Hinden: Your model of applications in the SDN are different from what I understand them. Margaret: They are not SDN applications unless they want to do something with the network. Why would an application want to talk to the network. Bob: At least the way I think of it, an application pushes down some information to the network that creates a slice. You don't have a firewall application next to it. It is just part of how you program the slice. Chris Liljenstolpe: People are using SDN to slice networks. It isn't necessarily slicing, applications may talk to another exposure of the SDN's controllers API. Slicing is the most talked about, but certainly not the only one. Does it make sense to broker the communication applications have to the controller? Margaret: And there are different security considerations for the two options. Cheng(?): You are assuming the SDN architecture specified in Openflow. Could your model apply to a general architecture? Margaret: We are not assuming Openflow. Started with the IAB model. This draft is not openflow specific. Brian X: [missed comment] Margaret: Some people have said applications will talk directly to switches... That's a different security model than this one.