Preliminary Agenda IRTF Open Meeting @ IETF-91 Honolulu, HI, USA TUESDAY, November 11, 2014 0900-1130 HST Tuesday Morning Session I State of the IRTF Lars Eggert Applied Networking Prize (ANRP) Award Talks *** Sharon Goldberg *** for discussing threats when BGP RPKI authorities are faulty, misconfigured, compromised, or compelled to misbehave: Danny Cooper, Ethan Heilman, Kyle Brogle, Leonid Reyzin and Sharon Goldberg. On the Risk of Misbehaving RPKI Authorities. Proc. ACM Workshop on Hot Topics in Networks (HotNets-XII), College Park, MD, USA, November 2013. Sharon Goldberg (SG) presents. Bhumip Khasnabish - any legitimate way to verify whether behaviour is being introduced by some malicious 3rd party? SG - that’s the manifest - logs everything present in the publication point - man-in-the-middle could drop objects or modify them, but could not forge manifest without key. so could detect attackers by reference to manifest. BK - reason for asking - canadian isp example Suresh Krishnan - question about hash chains - didn’t see any use for these - could just use epoch - change something, increment number SG - hash means relying part doesn’t have to do signature verification - it’s a short representation of all the data, space saving - also allows you to do a very small message consistency check just by sending the value of the hash Joe Hall - hash chains do sigs on each point of the chain - can’t you attack the diff? SG - yes, but final hash is validated through signature JH - you know someone messed with you but you don’t know how SG - yes, that’s right Doug Montgomery - how are you going to tell the difference between an attack and the normal business operation of an ip resource being deallocated from a customer SG - a consent object would be present if a customer consents to returing the space back, on the other hand if the object is not present then you can’t tell the difference between a legitimate reason to revoke and an abuse of power - can’t tell why disagreement exists, but can identify disagreement ? - question about hash chains - at a particular sync point, you ? - realise something happened - does your proposal say anything about ? - what to do in that situation? SG - there are a lot of things you could do. relying parties should use local policies. could ignore invalid routes, depref invalid, etc. - didn’t analyse differences in these policies. Cedric Westphal - [missed this remark] SG - as the authority how do you make sure you don’t do something that causes routes to become invalid by mistake? CW - [missed] SG - that’s what all these projects (on slide 24) are trying to do - there are lots of different approaches, none of them are really my work. there are lots of configuration tools that will help you make sure you don’t accidentally cause routes to become invalid. Sandy Murphy - many of the interfaces that let you create a roa will tell you about all the routes you’re going to invalidate and ask ‘are you sure?’ - it’s a management of the use of these tools *** Misbah Uddin *** for developing matching and ranking for network search queries to make operational data available in real-time to management applications: Misbah Uddin, Rolf Stadler and Alexander Clemm. Scalable Matching and Ranking for Network Search. Proc. International Conference on Network and Service Management (CNSM), Zürich, Switzerland, October 2013. Misbah Uddin (MU) presents. BK - IP addresses for vm - are these dedicated or virtual IP MU - this is not a public cloud, but these are dedicated IP addresses BK - is the search node running a VM? MU - it’s running on top of the operating system. there is an openstack that runs on the whole system, search node runs as a demon on the operating system on each server. BK - can you tell us what changes would be required in c and yang to make them capable for network search MU - these models are complex, not limited. yang is a data model and provides a structure and a definition for how data should be accessed. to run a search we don’t need data access information - on the other hand, XML structures are hard to index - impacts the performance of the system BK - with reference to slide 14, real time database of objects - how many types of objects have you considered? MU - cloud platform that we have is very simple - we don’t have virtual storage - but in our database we have 16 types of objects - we don’t discriminate about what type of data we collect - collect everything and then make it possible for user to find it by query - only assume that user should know some keywords relevant to objects CW - on slide 6 - can you contrast with sdn - seems similar MU - i’m not an sdn expert, but this is controlerless - lightweight processes that run close to the network, more generic - provides you with means to get the data, how you deal with data is up to the applications *** Tobias Flach *** for the design of novel loss recovery mechanisms for TCP that minimize timeout-driven recovery: Tobias Flach, Nandita Dukkipati, Andreas Terzis, Barath Raghavan, Neal Cardwell, Yuchung Cheng, Ankur Jain, Shuai Hao, Ethan Katz-Bassett, Ramesh Govindan. Reducing Web Latency: the Virtue of Gentle Aggression. Proc. ACM SIGCOMM, Hong Kong, China, August 2013. Tobias Flach (TF) presents. BK - do you use IE, chrome? TF - we are sampling google users - independent of browsers in use Iljitsch van Beijnum - per packet reordering - do you see that a lot? i expect it to be rare TF - see tcpm meeting yesterday - it’s an issue in some environments, because load-balancing is in use that isn’t tcp-friendly, where you see a lot of reordering IvB - what about selective acknowledgement? TF - reactive approach is designed for exactly that reason - we want to trigger sack IvB - but do clients use sack? TF - assumption is that majority uses sack, hope that there are measurement studies that show they help quite a bit Victor Firiou - regarding first part of your talk, and solutions you showed on public side - good work! - reconfirms a lot of things - big problem with doing away with ? unilaterally is that - tcp friendly argument - have you considered this TF - we’re not getting rid of RTO here, and that would be a bad idea - with reactive probe - we’re not tagging data as lost - we’re triggering client to send data about which packet was lost VF - no matter what you do you have improved your performance, by doing that you’re getting ahead of other competing flows that do not use your scheme TF - all of congestion mechanism stays the same - we just change when we detect loss VF - if your throughput stays the same, info stays the same, delay will stay the same Lars Eggert - let’s move this offline ? - single packet loss and losses at tail of flow - are they related? TF - they’re somewhat related - they only apply to short flows - ? - if they are related - could it be an artefact of the flow size - ? - larger flow would have experienced more losses? TF - only showed data for specific burst size here, but there are other burst sizes documented in the paper - size was not fixed Kevin Fall - regarding future work, CWR bits, sack information, timestamps are pretty useful - there are other tools that have done this over the years - what deficiencies are you trying to address? TF - some of these tools just validate if tcp is working correctly - we’re trying to figure out when is tcp performance not working well with some other type of interference -we’re not aware of extensive work on this that isn’t dated Jacob Heitz - tail loss probe is a retransmission - 2 RTTs is too long - RTO is calculated way too high - change RTO algorithm then you don’t even need tail loss probe TF - it’s a trade-off - we’re looking for a solution that can be deployed across the internet - in some cases RTO is just right LE - this is not tcpm - we had this discussion there Jana Iyengar - things like tail loss probe are dealing with things that happen at the tail of chunks of data, not the tail of the tcp flow - this is important for chuncky flows, like video Michael Welzl - tcp has a big problem in that it has these two cases where it works or when it does work RTO fires and hell freezes over - something that can be more aggressive is doing the right thing - this should have been done a long time ago and should be generalised - two extereme cases is a problem with existing tcp Karen Nielsen - we are trying to do the same thing with sctp, so i think it’s a really good idea - reactive method also