intarea WG IETF 93 Chairs: Suresh Krishnan Juan-Carlos Zúñiga Minute Takers: Ian Farrer Ole Troan 1. Agenda Bashing, WG & Document Status (Chairs) 5 minutes David Black - Joe touch is working on a rev of the tunnels draft. It should be back soon Suresh Krishnan (providing context) - This was a working group draft 4 years ago. It had expired. Joe is now updating it. 2. Current Hostname Practice Considered Harmful, Christian Huitema 15 minutes draft-huitema-privsec-harmfulname-00 Dave Thaler - The intearea picking this up would be preferable to the IAB Erik Nordmark - I agree. The IAB can help. Dave Thaler - There might be cases with non IETF protcols. The IAB could direct attention to this. Suresh - Is there stuff that is more than Intarea here? Is this the right scope? Dave Thaler - My opinion - this is the right place for the guidance. Other WGs may have to do their own scrub and identify Lee Howard - I like this document. 1 comment - NAT prevents leakage made me think of a doc that I've brought to Ops. It's appropriate to bring here as well. There should be a cross ref between these docs. Suresh - We'll take it up on the mailing list. 3. Tunnel MTU considerations, Fred Templin 10 minutes draft-templin-aerolink-58 Section 3.13 David Black - Packet too big for nested tunnels. Eventually you run out of space and you can't encap. Fred Templin - nested tunnels is something you have to concern yourself with. With 1280 you still have space for nesting. Erik Nordmark - When I talked about VXlan in Dallas, the LISP folks said that there are routers that don't support this and only include 8-bytes of the packet in the ICMP error. When you deploy, you migh trun into issues in the real world. Ive also seen cases wehn the source of the tunnel is anycast. In this cases, the icmp error goes back to one of the, but it might not be the right one. There's other issues in practice. 4. Encapsulating IP in UDP, Xiaohu Xu 10 minutes draft-xu-intarea-ip-in-udp Not presented as presenter did not send slides. 5. Dynamic GRE Tunnel, Sheng Jiang 10 minutes draft-jiang-intarea-dynamic-gre Ron Bonica - There's a similar draft in i2r where they use BGP. is there any parts that are common so that you can abstract them out Sheng - I'll have a look Lee Howard - Do we really need new DHCPv4 options? Sheng - we have operators that are requesting this. If operators are willing to get rid of the v4 part, then fine. Suresh - To the mailing list. 6. MAC Randomization Implementation Experience, Christian Huitema 10 minutes (No draft) Juan Carlos Zuniga - How long do you take to pick a MAC address in probing mode? Christian - It will be some random number Dan Harkins - When you probe, is it directed or broadcast Christian - Broadcast, by default. If the user connects to a hidden SSID, then it's probiing for that SSID Dan Harkins - if it is in the same SSID, then when I go to the coffee shop I will have the same AMC address Christian - Change it every day Dan Harkins - Has there been large test Christian - Yes Dan Harkins - No problems Lorenzo Collitti - Is it looking at the MAC address of the probe? Dan Harkins - In our test we fixed mac and probe and it didnt' work Lorenzo Collitti - in v6ops we worry about collisions in 64 bits. What are you doing about the risk ofcollisions in 48 bits? Lorenzo Collitti - So its, never going to happen, not going to worry? Christian - All MACs are cryptographiclly generated. If there's a collision, you delete the network and try again Fred Templin - There needs to be some work on the chance of a collision Juan Carlos Zuniga - When you're randomizing, we had a case similar to the one Dan described. If your MAC address shows up and has the same pattern of movements, then it can be collated by the pattern even if the MAC address changes. Christian - We didn't want to do something complicated in the NIC Dan Harkins - When people build networks, they don't have that many users on a subnet. With 2k users, collision chance is 1 in 35 billion. Worry about collision is overblown.