IETF 97 SeoulMBONED Agenda Mon, Nov 14, 20169:30-12:00Studio 2 (Held jointly with PIM WG) Note taker: Dave Allan Video log: https://www.youtube.com/watch?v=rzvVHYtSn4s Jabber log:https://www.ietf.org/jabber/logs/mboned/2016-11-14.html Audio log:https://ietf.org/audio/ietf97/ietf97-studio2-20161114-0930.mp3 Agenda bashing Ð no comments Status Ð active WG docs Mboned_mtrace_v2_16 Ð is this ready for WGLC, only two have read it. Take it to the list.. Agreed Interdomain_peering_bcp_05 Ð last last call Other docs Acg_mboned_multicast_info_models Ð main thrust is pushing SSM. Going to rev soon and make thrust SSM. Overuse of term model, this is service model. 1) Malicious Overjoining in Multicast Jacob: WebRC and norm and several earlier versions of algorithms to perform congestion control. Shep: So this is all application layer. A: Yes. Web RC does have aspects of that it does on the wire Problem with one or more bad actors. Solution is circuit breaker. Shep: Is the lead message granular enough to select other than the base layer? A: it is a shut things down. Any channel not responding to congestion. And flows not responsive, start cutting them off. Shep: Something more granular could be less disruptive. Jacob: when any receiver can disrupt the networkÉ. Shep: how deployed? So the base layer with the highest population works well. For various use cases. Not attached to my solution. Shep: Was this found with misbehaving app or operator? Neither. We put up an AMT really, and reviewing the plan, and discovered that this was raised as an issue. And I could not solve it. Dino: WeÕre in steady state, then someone joins, ideal would be to cut off admission. As general policy, that would work. A: so it is not just about AMT, but that is harder. If we get competitors, and they are less responsible, hardest problem to correlate this. A DOS attack waiting to happen. Looking at the attack of a few weeks ago, our operators will make it worse by over rotating. Jacob: A PIM extension is ideal if we can get it. Dino: If at 75-80% for 100 groups, and a malicious joiner joins 100, how do you pick whom to degrade? A good question. Highest B/W loses first. Or Highest B/W over receiver count. Toerless: Vendors have multiple ways to block at replication points. Maybe we can look at this and extract recommendations. If an operator has an interest in getting this blocking done without application signaling. Maybe break the problem into two pieces. Is it biggest flow or assigned priority or what. Minimize configuration by the operator. I think AMT may be more difficult. Hard to identify where the congestion happens. Could do something at the AMT relay. Shep: YouÕre taking links like join rate limits? Toerless: In Cisco IOS there is a multicast limit. Similar things in JunOS. Shep: If you do not have admin control to do that. Easier at the relay than at the edge. Do not have access to every last hop router. Toerless: Need to figure which flows are competing at a congestion point. Jacob: You can have multiple different relays. We convince a partner this is great, spin up a gateway. Shep: Dual homed gateway in the same enterpriseÉ Dino: ThatÕs the hard part, Case two relays and join oneÉ Problem with anycast is you keep pushing it off till it goes nowhere. Maybe the way to deploy this is S,G assigned to single replicator. More control. Each relay can support a single S,G. If you joint multiple groups for same S. Jacob: DoesnÕt solve this problem. Multiple gateways supporting multiple relays can still congest downstream. Tim: Single admin domainÉ No. So potentially a DOS attack in itself. Jacob: Needs to be a router alert so happier with an IP header option. Need to see bandwidth advertisement in the data path and treat it accordingly. Transport area circuit breaker is a general class of this. Tim: More palatable of you start at single domain. Toerless: Good to detail the test results. We could argue that you should leave at 1-2% loss. That is good when the receivers are well behaved. So you validated the good ones are behaving,but the bad ones are driving circuit breakers. Jacob: Hope people see this as a problem that needs more attention. Jeffery: Further work could be done in adding attributes to PIM joins and each router could decide whether to admit the flow or not. Looks at SBG where B is the bandwidth. One receiver issues a bogus bandwidth ? Dino: Do not see how you can solve this without an overlay with AMT as some flavor of that. One bad actor knocking things out means knock out the bad actor 2) Multicast Across Interdomain peering points Ð Percy Responses from last call #5 - Remove manifest file text - Limited to SSM only - Authentication location. More comments - Explicit ASM out of scope required Mikael and HitoshiÕs changes resolved, Final draft to be uploaded. Then a last last callÉPercy to upload today. 3) Multicast Informational Model Ð Sandy Zhang Model has 3 main branches, overlay, transport, underlay. Stig: Useful to have a model like this, but difficult with the various permulations. Draft talks about the model but not enough text to know how to use it. Some examples Need to work with Yang and PIM experts to make sure her proposal fits with the other models underway. New Business Tim: Do we need a navel gazing session. Shep: Need to rev milestones. No intention of starting BIER-DÉ. thatÕs terrible.