Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available

To: Andrew Knutsen <andrew.knutsen at bluecoat.com>
Subject: Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
From: Caitlin Bestler <cait at asomi.com>
Date: Fri, 25 Sep 2009 11:15:17 -0700
Cc: Jamshid Mahdavi <jamshid.mahdavi at bluecoat.com>, Ron Frederick <ron.frederick at bluecoat.com>, Qing Li <qing.li at bluecoat.com>, tcpm at ietf.org, Wei Jen Yeh <weijen.yeh at bluecoat.com>
Delivered-to: tcpm at core3.amsl.com
In-reply-to: <4ABC1A99.1000409 at bluecoat.com>
List-archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-help: <mailto:tcpm-request@ietf.org?subject=help>
List-id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-post: <mailto:tcpm@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
References: <4ABAD595.7050303 at bluecoat.com> <BA44DAAB-DCFB-412A-A8CB-B6FAA7975D85 at asomi.com> <4ABC1A99.1000409 at bluecoat.com>

On Sep 24, 2009, at 6:19 PM, Andrew Knutsen wrote:

  I'll try to respond to all the issues raised today in this message:

Caitlin Bestler wrote:
What is not clear is why the probe is based on OUI-specific secrethandshakes.
This draft represents an effort to move technology which iscurrently shipping from at least three vendors towardstandardization. The handshakes are currently not only "secret", butuse invalid option kinds. This draft allows movement away from theinvalid kinds; getting all vendors to disclose and agree on the restis future effort, which would result in the OUI-less IANA-registeredtypes. We could have put this "history" in the draft, but it didn'tseem appropriate. I did include it in the last announcement.

TCP options are a limited resource. There is a strong rationale fortheir use here, because there is no other mechanismthat ensures that the probe packet will follow the same path as theTCP flow. But limiting the standardization to only the

basic wrapper makes no sense.

Why not also define a "common" OUI which would have standard vendor-independent queries, such as a basic TTLdependent probe that can at least enumerate what all of the option-aware middle boxes are?

1) Why not simply probe for "first middlebox that sees this oncethe TTL is less than or equal to X"?That would enable discovering all middleboxes that understoodthis option, no matter whomade them. Once identified SNMP can be used to obtain vendorspecific information.
- Generally, you want to probe for a specific type of device,which will pair with the originator.

That may be your usage, but I think a more common usage would be toprobe what if any middle-boxes are involved on a path

to help diagnose a probleem or perform a security audit.

- Performance is a very important factor here. SNMP adds delay,just like the other existing alternates mentioned in the draft.

Exactly how can discovery of a middle-box be time critical? How manytimes a second does a path change?

In any event, once a middle-box is discovered, is there any need tocontinue to use the TCP-piggy-back to

communicate with it?



--
Caitlin Bestler
cait at asomi.com
http://www.asomi.com/CaitlinBestlerResume.html

Follow-Ups:
- Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
  - From: Joe Touch
- Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
  - From: Andrew Knutsen

References:
- [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
  - From: Andrew Knutsen
- Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
  - From: Caitlin Bestler
- Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
  - From: Andrew Knutsen

Prev by Date: Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
Next by Date: Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
Previous by thread: Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
Next by thread: Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available
Index(es):
- Date
- Thread

Re: [tcpm] New version of TCP Option for Transparent Middlebox Discovery available

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.