IETF81 7-28-2011 IETF 81: Open Shortest Path First (OSPF) WG Agenda Thursday, July 28, 2011. 1520-1720 Afternoon Session II Room 206 A ======================================================== Chairs: Abhay Roy Acee Lindem Scribe: Les Ginsberg (ginsberg@cisco.com) WG Status Web Page: http://tools.ietf.org/wg/ospf/ 1) Administrivia - blue sheets - scribe/jabber - Jabber room: ospf@jabber.ietf.org 5 minutes 2) WG Status, Update Slides 15 minutes No RFCs since Prague OSPFv3 Auth Header in WG last call Active Drafts ------------- V2 MI V2/V3 Transport Instance Can be used for non-routing (optical switch, alternative to L2 in BGP) RFC3137bis needs refresh New WG drafts -------------- IPv4 embedded in IPv6 Hide transit only networks (some IPR material) Security Extension for OSPFv2 (mostly done - needs review before LC) Other Drafts ------------- OSPFv3 PE-CE - waiting to be sent to IESG ccamp-5787bis - Now CCAMP WG document Multiple OTN/WSON drafts in CCAMP will be presented in OSPF when mature Potential Drafts ---------------- hybrid-bcast-and-p2mp manet-single-hop (ogier/retana) - experimental drafts TE express path 3) OSPF MANET Single Hop Slides draft-ogier-ospf-manet-single-hop-00.txt - Tom Henderson for Richard Ogier 15 minutes See slides Acee: Multiple MANET solutions - instead of spanning tree the proposed MANET solutions are better at reducing flooding overhead. Please don't suggest spanning tree. :-) 4) Updates to OSPF Hybrid Broadcast/P2MP Interface Slides draft-nsheth-ospf-hybrid-bcast-and-p2mp-01.txt - Jeffrey Zhang 10 minutes See slides Acee (as chair): This is simpler for fixed networks as compared to MANET solutions for single hop networks - so it makes sense to move this forward as well as MANET drafts. Acee: Did enhancements plug hole Richard pointed out? Jeffrey: No - but we have a fix for it. 5) Updates OSPF Traffic Engineering (TE) Express Path Slides draft-giacalone-ospf-te-express-path-01.txt - Spencer Giacalone 10 minutes See slides Lou Berger: Work has moved to MPLS from CCAMP Acee: All optional TLVs? Spencer: Yes Acee: # of sub-TLVs is getting large - maybe advertise only what is necessary. Spencer: Agreed Acee: Need to keep link attributes confined to a single LSA 6) Security Extension for OSPFv2 when using Manual Key Management Slides draft-ietf-ospf-security-extension-manual-keying-00.txt - Acee Lindem 15 minutes See slides Abhay: Should include section mentioning it is backwards compatible. 7) Updates to Routing for IPv4-embedded IPv6 Packets Slides draft-ietf-ospf-ipv4-embedded-ipv6-routing-00.txt - Dean Cheng 10 minutes See slides Acee: Initial reaction was this was a bit radical - but translation have already been done in BEHAVE WG. 8) Updates to OSPF TE Extension for Area IDs Slides draft-lu-ospf-area-tlv-01.txt - Wenhu Lu 10 minutes See slides Abhay: What were comments in PCE presentation? Wenhu: Good reception. Why do we need to know Area ID? Isn't it enough to simply know if ABR is TE enabled? Solution avoids "brute force" solution and produces faster convergence. Abhay: Discussed with PCE chairs. RFC 5088 - extensions for PCE. Look at those extensions to see if they can be used. Wenhu: Will do that. 9) Consideration on OSPF LSDB Monitoring Slides draft-ohara-ospf-lsdb-monitoring-consideration-01.txt - Yasu Ohara 10 minutes See slides Acee: Solution applies only to malicious routers? Yasu: Proposing change in base spec so affects all flooding Acee: Problem statement: 2 routers transferring info inside an LSA to establish a "covert channel" between them. Anyone keep track of each OSPF LSA transmission? ???: Yes - for operations - not for security. Acee: Are you worried about using covert channel in this way? Spencer: Corner case Jeff Haas: Suggestion to change basic OSPF operation - not likely to fly. Requires full upgrade. Better to monitor as a heuristic for detecting this. Acee: I know some routers that would not be backwards compatible. Padma Pillay-Esnault: Will break Demand Circuit. Will compromise fast convergence. Yasu: Did not realize DC would be affected. Stewart Bryant: How will you handle multiple rapid LSA changes => where incomplete flooding of intermeidate revisions occurs? Yasu: Intermediate versions are reflooded. Gregorgy Cauchie : Agree with Jeff. Have multiple recording points - a recording heuristic may be useful. Security issue hard to evaluate. Acee: Attack assumes that there are 2 malicious routers - not just one. KARP would not help. Greg: SIDR more important than KARP. Acee: This issue seems like a corner case. Could query KARP chair ??: I would ask routers who detect this to drop. Acee: Until we see this as a significnat problem better to document the issue than change the protocol. Spencer: Security a corner case - not a great concern. But use of heuristics a good idea. (Agree w Jeff) *********************** Acee: May or may not have a meeting at IETF 82.