Notes of the OPSAREA session at IETF 74 in Stockholm on July 30 Notes of the OPSAREA Open Meeting Area Directors: Dan Romascanu and Ron Bonica DateAndTime: Thursday July 30, 2009, at 13:00 Location: Large Stage 1. Note well, agenda bashing, note takers, blue sheets No requests to change the agenda Dan Romascanu: New NomCom being established, folks are encouraged to provide feedback to the NomCom as well as volunteer for ADs and other positions. 2. Operational Deployment and Management of Storage over the Internet: David Black (see slides): There will be a new WG in the transport area called STORage Maintenance (STORM). It has MIB module updates on its charter. The talk serves for making people in the OPS area aware of the issues related to OAM. Went through storage networking standards (Data protocols like SCSI, fiber channel, ATA and SATA, etc. and management protocols like SMI-S, SNMP and Web.) Standards also exist for stored data. Talk focuses on first item (data protocols.) What do we need to standardize? Network communications and drive interface (see slide 4). Talk focuses on IP storage protocols. Went through different configurations (see slide 5). Went through some old slides to talk about remote disk mirroring that helps in case of disaster scenarios. Talks about SCSI and Fiber Channel, T11 (slide 13) -- a lot of alphabet soup of family of protocols. SMIS - storage mgnt. interface specification manages all of the protocols on slide 13. Went through existing standards for storage management (slide 17). Dave Harrington: Give a quick overview of security of protocols and management. David Black: IPSec is used, IPSec profile has been specified. In practice a pair of encrypting VPN gateways are used. For mgmt, it is all of usual suspect. SMIS is web-based, so it runs over TLS. CLI uses ssh. 3. Inter SDO management model harmonization: Mehmet Ersue (see slides): Whether we should report from this discussion to netconf directly or is someone from yang interested in joining this team? Dan Romascanu: If other folks are interested contact me or Mehmet. Balazs Lengyel: Why is service availaibility forum (SAF) missing? Mehmet: No idea. Dan R: This question should be asked of SAF. Invitations were extended by ITU-T to many SDOs involved with management work, but not all responded. Mehmet: There is a discussion of yang and netconf in SAF, but I don't know why SAF is missing. Mehmet: We should specify in which cases we from the IETF can help, or when it is a tooling issue, etc. unknown speaker: This issue for Ericsson is very imp. There are small issues that may become blocking issues if not handled now. 4. NETCONF and YANG status, tutorial, demo: Juergen Schoenwaelder (see slides): YANG is close to completion and will potentially be used by several WGs in the future for configuration management. Purpose of presentation and demonstration is spreading a better understanding of YANG in the OPS area. Went through what netconf is (slide 2) Went through what yang is (a data modeling language that goes along with netconf. Slide 3). Went through the timeline (slide 4): So far we are on track. IPFIX WG is considering yang. Slide 12-13: went through netconf operations. Open source netconf implementations exists. He showed live the protocol on a CLI terminal He showed how to easily extract device capabilities and the device configuration with a few lines of PYTHON code using a PYTHON library for NetConf clients. Yang, Yin, XSD and RelaxNG slides presented next. Slide 39 lists open source yang implementations. Presentation ended, no questions. Couple of comments stating that the presentation was great from a conceptual point of view. 5. Big ISP Operators input: Ron Bonica - 15 min Ron Bonica: Operators are underrepresented in this meeting. I asked for more participation at NANOG. There are not many here. One reason might be the IDR meeting running in parallel to the OPSAREA meeting. I want to bring operators together here at a separate meeting. Please send me your email address if you want to get involved (to rbonica@juniper.net) Dan Romascanu: Anything interesting that happened that we may want to know? Ron: Output of the first meeting is probably going on in the next door IDR meeting. Draft on sending advisory messages in BGP. Knocked down in San Franciso IETF but the ops liked it. As a result, it is now a WG item. 6. SNMP usage in 6lowpan networks: Juergen Schoenwaelder (see slides): The 6LoWPAN WG is dealing with running IPv6 in an enrgy-efficient way between battery-enabled nodes. They are discussing a new charter. One of the issues under discussion is network management. SNMPv3 is a candidate protocol under discussion. David Harrington: There is work in CAPWAP on configuring wireless access devices. This may be related. They are also in the process of re-chartering. Juergen: I will check. Wes Hardaker: What about security? Remember AgentX and security issues; you may not be running over an entirely trusted network. Carsten Bormann (6LoWPAN co-chair): We do like security. But there is a trade-off. Memory on our hosts is very limited and may be too small for SNMPv3. One issue that may be relevant is that not only do the devices need to be managed, but some data needs to be exchanged with other nodes. So, is this 48K flash 10K RAM node able to support > 1 protocol at the same time. If not, is SNMP the 1 protocol you want to use for application and management purposes. 7. Syslog WG status: David Harrington (see slides): Most SYSLOG milestones are complete, we are discussion a new charter. Syslog is part of the security area, but it is under consideration to move it to the OPSAREA. We have one more security item to solve, probably within the next six months and then will be open for more management-related work items. The slides give an overview of currently suggested work. 8. RAI Common Log File (CLF) WG proposal Vijay Gurbani: In the RAI area a Common Log Format is being defined for the SIP protocol. This standard will be developed in a mini-WG. Work includes transfer of log information over he network. One candidate protocol is IPFIX. Benoit Claise: You are saving certain information elements? Vijay: Yes, I am a proxy and I have a request. I will like to save some information elements from that request. Benoit: Do you envision moving this information around or saving it in a log file? Vijay: Right now, we envision saving the information in a persistent store and using it for the use cases enunciated before. There is no requirement to move the information around. 9. Summarized story about NAT444 Akira Nagakawa (see slides): There is a set of documents on large NATs. This presentation discusses the NAT444 model. unknown speaker: This is a CGN solution. There is also A+P. Is there any conclusion where to go? Akira: These issues are discussed in several working groups. There is no conclusion. Discussion is going on. unknown speaker: Do you already have an implementation of NAT444 in your network? Shin Miyakawa: We have contacted several vendors and got several hight profile vendors in an interop in May near Tokyo and demonstrated this. Several vendors boxes were not scalable or fast. Some trouble and we need to stabilize it. unknown speaker: What is different between current implementations of Japanese cable operators and this NAT444 Akira: Cable operators in Japan are small. The difference is in the size. 10. Recommendation of IPv6 Security work Tina Tsou (see slides): The main point of this presentation is raising security issues arising during the transition from IPv4 to IPv6. David Harrington: This is important work. Ron Bonica: Where does this work belong? Here in v6ops or in the security area? Please write a draft and let's discuss this then. Tina: I am glad about receiving advice on this issue. Ron: Submit your draft first here. Then other WGs could speak up and claim it for them. David Harrington: It will need review from several WGs. Is there a draft per technology or do the individual drafts need to just have a Sec. Cons. section written? 11. Open microphone: whatever time is left No issues.