IETF 87 - Homenet Minutes Monday 29 July 2013, 09:00 - 11:30, Potsdam 1 Many Thanks to Stuart Cheshire and Mikael Abrahamsson for taking notes - WG Administrivia - Note Well, note takers, Jabber scribes (Chairs, 5m) Architecture - draft-ietf-homenet-arch-09 (Tim Chown, 15m) Chairs thanked Tim for effort. Ted Lemon: Happy about document, thanks Tim for effort. -- Naming and Service Discovery - draft-stenberg-homenet-dnssdext-hybrid-proxy-ospf-00 (Markus Stenberg, 20m) Lorenzo Colitti: Isn't it brittle to attach DNS names to links? If you change the topology do all the names change? Markus Stenberg: Yes. Dave Thaler: Disputes whether mDNS is really the most widely deployed. WS-Discovery and UPnP are also widely deployed. Dave Thaler: Why couldn't you use a DNS record synchronization mechanism instead of a routing protocol? Markus Stenberg: DNS record synchronization mechanisms rely on having a "god" server that is in charge. OSPFv3 is more resilient and recovers from connectivity changes. Dave Thaler: Why proxy uDNS to mDNS instead of just answering with what's already in the cache? Stuart Cheshire: We chose not to use constant polling to keep the cache live, instead doing local discovery queries on-demand. Ralph Droms: What about traffic separation? Markus Stenberg: A typical client doesn't send queries to *all* links on the local network, just the link it's interested in. Ralph Droms: How does client know what domains to browse? Markus Stenberg: The list of "interesting" domains is learned from network. Stuart Cheshire: This is in use at the IETF meeting today. When you print, "term-printer" shows up even though you're not on the same physical link as the printer. This is because Macs and iPads learn that there are services to be found in "meeting.ietf.org." You can see this by typing "dns-sd -F" in a Terminal window. Bill Manning: Clients have security associations tied to names. If the protocol renames devices, then it may break security associations. Markus Stenberg: We need some security mechanism that's not tied to hostnames, or if the security mechanism requires a fixed constant hostname, that would have to be administered manually, as it is today. Tim Chown: We'll be discusing this at the dnssdext BoF on Wednesday. Dan York: Lots of ICANN applicants are requesting the TLD ".home" Markus Stenberg: Any IETF-reserved TLD will do; we chose ".home" in the document just as an example -- - draft-mglt-homenet-front-end-naming-delegation-02 (Daniel Migault, 20m) Ted Lemon: Why was this presented here when there's the dnssdext BoF going on? Ray Bellis: This is about how local names get exported outside the home. Tim Chown: We'll be discussing this on Wednesday. Jim Gettys: Existing mechanisms already exist to solve this. Running a primary DNS at home and your secondary at your DNS is not hard to do. Ted Lemon: This sounds like a good discussion for the dnssdext BoF on Wednesday. Simon Kelly: Dnsmasq does this already, using zone transfers. Erik Kline: At least one operator said they would *never* be willing to consider having authoritative DNS hosting as one of the services they offered to their customers. Mikael Abrahamsson: Is this main motivation for this that DNS signing is too hard for a home gateway? Daniel Migault: Yes. Ólafur Guðmundsson: On Buffalo LinkStation, can generate 800 signatures per second. Bill Manning: This is a bad idea. Trusting ISP to do the signing is asking for exploits. -- Routing - draft-boutier-homenet-source-specific-routing-00 (Juliusz Chroboczek, 20m) Jim Gettys: Have you talked to Linux people about fixing the deficient API you dislike so much? Juliusz Chroboczek: Yes. There is actually a better API, but it doesn't work. Lorenzo Colitti: I'm happy to see that there's a second implementation of source+destination routing. I think the document should be split into specification and implementation experiences. Juliusz Chroboczek: Agreed. - draft-jvkjjmb-home-networking-incremental-00 (John Brzozowski, 10m) - open mic on routing protocols in the Homenet (20m) Ted Lemon: I'm concerned about what happens when there's a mix of different kinds of routers on the same network. John Brzozowski: I agree. The incremental path from here to there is going to take careful thought. Lorenzo Colitti: I can't see how to move from Phase 2 to Phase 3. We risk getting stuck in a dead end. It might be better to do nothing. John Brzozowski: From an operator standpoint, doing nothing is not an option. Lorenzo Colitti: For a customer with just a single router, RFC 6204 (Basic Requirements for IPv6 Customer Edge Routers) tells us what to do. Mark Townsley: RFC 6204 specifies some aspects, but not all. Barbara Stark: I support this work to help us move to IPv6 Andrew Yourtchenko: We need IPv6 to work not just as well as IPv4 works today, but as well as IPv4 will be working ten years from now. Lorenzo Colitti: We are at the beginning of IPv6 to the home. What we do right or wrong now will set the stage for what we have to live with for the next decade. -- Related Work (time permitting) - draft-dessez-homenet-googleplus-interconnect-01 (Cedric Dessez, 15m) Juliusz Chroboczek: What does this do that you couldn't achieve using a web page? Cedric Dessez: This would allow things that aren't web pages, like IPP printing. Juliusz Chroboczek: I don't want Google Plus reconfiguring my home network. -- - draft-lepape-6man-prefix-metadata-00 (Ian Farrer, 15m) Lorenzo Colitti: Yes, this is a problem, but how can we do this without having to update every host? Ian Farrer: We could solve this (e.g. using HDPCv6) by only communicating colored prefixes to hosts that indicate they understand colored prefixes. David Lamparter: This seems vulnerable to denial-of-service attack. Bob Hinden: Why can't this be done using the diffserv bits? Lorenzo Colitti: I agree with Bob. Painting a packet blue by painting the address blue may not be the best way to do this. Addresses can be faked. -- Working Group Admin - Wrap-up and Next Steps (Chairs, 10m) Action items: - Simon and Daniel will get together to discuss Dnsmasq - Src+Dst routing to be combined into a single specification/document - Create Design Team for Phasing/hipnet+homenet integration/migration - Shepherd's writeup for homenet-arch advancement to IESG