idnits 2.17.1 draft-irtf-panrg-questions-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 11, 2018) is 2197 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Path Aware Networking RG B. Trammell 3 Internet-Draft ETH Zurich 4 Intended status: Informational April 11, 2018 5 Expires: October 13, 2018 7 Open Questions in Path Aware Networking 8 draft-irtf-panrg-questions-00 10 Abstract 12 This document poses open questions in path-aware networking, as a 13 background for framing discussions in the Path Aware Networking 14 proposed Research Group (PANRG). These are split into making 15 properties of Internet paths available to endpoints, and allowing 16 endpoints to select paths through the Internet for their traffic. 18 Status of This Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at https://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on October 13, 2018. 35 Copyright Notice 37 Copyright (c) 2018 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (https://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Introduction to Path-Aware Networking . . . . . . . . . . . . 2 53 2. Questions . . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 2.1. A Vocabulary of Path Properties . . . . . . . . . . . . . 3 55 2.2. Discovery, Distribution, and Trustworthiness of Path 56 Properties . . . . . . . . . . . . . . . . . . . . . . . 3 57 2.3. Supporting Path Selection . . . . . . . . . . . . . . . . 4 58 2.4. Interfaces for Path Awareness . . . . . . . . . . . . . . 4 59 2.5. Implications of Path Awareness for the Data Plane . . . . 5 60 2.6. What is an Endpoint? . . . . . . . . . . . . . . . . . . 5 61 2.7. Operating a Path Aware Network . . . . . . . . . . . . . 6 62 2.8. Deploying a Path Aware Network . . . . . . . . . . . . . 6 63 3. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 64 4. Informative References . . . . . . . . . . . . . . . . . . . 7 65 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 67 1. Introduction to Path-Aware Networking 69 In the current Internet architecture, the interdomain network layer 70 provides an unverifiable, best-effort service: an application can 71 assume that a packet with a given destination address will eventually 72 be forwarded toward that destination, but little else. A transport 73 layer protocol such as TCP can provide reliability over this best- 74 effort service, and a protocol above the network layer such as IPsec 75 AH [RFC4302] or TLS [RFC5246] can authenticate the remote endpoint. 76 However, no explicit information about the path is available, and 77 assumptions about that path sometimes do not hold, sometimes with 78 serious impacts on the application, as in the case with BGP hijacking 79 attacks. 81 By contrast, in a path-aware internetworking architecture, endpoints 82 have the ability to select or influence the path through the network 83 used by any given packet, and the network layer explicitly exposes 84 information about the path or paths available between two endpoints 85 to those endpoints so that they can make this selection. Path 86 control at the packet level enables new transport protocols that can 87 leverage multipath connectivity across maximally-disjoint paths 88 through the Internet, even over a single interface. It also provides 89 transparency and control for applications and end-users to specify 90 constraints on the paths that traffic should traverse, for instance 91 to confound pervasive passive surveillance in the network core. 93 We note that this property of "path awareness" already exists in many 94 Internet-connected networks in an intradomain context. Indeed, much 95 of the practice of network engineering using encapsulation at layer 3 96 can be said to be "path aware", in that it explicitly assigns traffic 97 at tunnel endpoints to a given path within the network. Path-aware 98 internetworking seeks to extend this awareness across domain 99 boundaries without resorting to overlays, except as a transition 100 technology. 102 2. Questions 104 Realizing path-aware networking requires answers to a set of open 105 research questions. This document poses these questions, as a 106 starting point for discussions about how to realize path awareness in 107 the Internet, and to direct future research efforts within the Path 108 Aware Networking Research Group. 110 2.1. A Vocabulary of Path Properties 112 In order for information about paths to be exposed to the endpoints, 113 and for those endpoints to be able to use that information, it is 114 necessary to define a common vocabulary for path properties. The 115 elements of this vocabulary could include relatively static 116 properties, such as the presence of a given node on the path; as well 117 as relatively dynamic properties, such as the current values of 118 metrics such as loss and latency. 120 This vocabulary must be defined carefully, as its design will have 121 impacts on the expressiveness of a given path-aware internetworking 122 architecture. This expressiveness also exhibits tradeoffs. For 123 example, a system that exposes node-level information for the 124 topology through each network would maximize information about the 125 individual components of the path at the endpoints at the expense of 126 making internal network topology universally public, which may be in 127 conflict with the business goals of each network's operator. 129 The first question: how are path properties defined and represented? 131 2.2. Discovery, Distribution, and Trustworthiness of Path Properties 133 Once endpoints and networks have a shared vocabulary for expressing 134 path properties, the network must have some method for distributing 135 those path properties to the endpoint. Regardless of how path 136 property information is distributed to the endpoints, the endpoints 137 require a method to authenticate the properties - to determine that 138 they originated from and pertain to the path that they purport to. 140 Choices in distribution and authentication methods will have impacts 141 on the scalability of a path-aware architecture. Possible dimensions 142 in the space of distribution methods include in-band versus out-of- 143 band, push versus pull versus publish-subscribe, and so on. There 144 are temporal issues with path property dissemination as well, 145 especially with dynamic properties, since the measurement or 146 elicitation of dynamic properties may be outdated by the time that 147 information is available at the endpoints, and interactions between 148 the measurement and dissemination delay may exhibit pathological 149 behavior for unlucky points in the parameter space. 151 The second question: how do endpoints get access to trustworthy path 152 properties? 154 2.3. Supporting Path Selection 156 Access to trustworthy path properties is only half of the challenge 157 in establishing a path-aware architecture. Endpoints must be able to 158 use this information in order to select paths for traffic they send. 159 As with path property distribution, choices made in path selection 160 methods will also have an impact on the scalability and 161 expressiveness of a path-aware architecture, and dimensions included 162 in-band versus out-of-band, as well. Paths may also be selected on 163 multiple levels of granularity - per packet, per flow, per aggregate 164 - and this choice also has impacts on the scalabilty/expressiveness 165 tradeoff. Path selection must, like path property information, be 166 trustworthy, such that the result of a path selection at an endpoint 167 is predictable. 169 The third question: how can endpoints select paths to use for traffic 170 in a way that can be trusted by the both the network and the 171 endpoints? 173 2.4. Interfaces for Path Awareness 175 In order for applications to make effective use of a path-aware 176 networking architecture, the interfaces presented by the network and 177 transport layers must also expose path properties to the application 178 in a useful way, and provide a useful set of paths among which the 179 application can select. Path selection must be possible based not 180 only on the preferences and policies of the application developer, 181 but of end-users as well. Also, the path selection interfaces 182 presented to applications and end users will need to support multiple 183 levels of granularity. Most applications' requirements can be 184 satisfied with the expression path selection policies in terms of 185 properties of the paths, while some applications may need finer- 186 grained, per-path control. 188 The fourth question: how can interfaces to the transport and 189 application layers support the use of path awareness? 191 2.5. Implications of Path Awareness for the Data Plane 193 In the current Internet, the basic assumption that at a given time t 194 all traffic for a given flow will traverse a single path, for some 195 definition of path, generally holds. In a path aware network, this 196 assumption no longer holds. The absence of this assumption has 197 implications for the design of protocols above any path-aware network 198 layer. 200 For example, one advantage of multipath communication is that a given 201 end-to-end flow can be "sprayed" along multiple paths in order to 202 confound attempts to collect data or metadata from those flows for 203 pervasive surveillance purposes [RFC7624]. However, the benefits of 204 this approach are reduced if the upper-layer protocols use linkable 205 identifiers on packets belonging to the same flow across different 206 paths. Clients may mitigate linkability by opting to not re-use 207 cleartext connection identifiers, such as TLS session IDs or tickets, 208 on separate paths. The privacy-conscious strategies required for 209 effective privacy in a path-aware Internet are only possible if 210 higher-layer protocols such as TLS permit clients to obtain 211 unlinkable identifiers. 213 The fifth question: how should transport-layer and higher layer 214 protocols be redesigned to work most effectively over a path-aware 215 networking layer? 217 2.6. What is an Endpoint? 219 The vision of path-aware networking articulated so far makes an 220 assumption that path properties will be disseminated to endpoints on 221 which applications are running (terminals with user agents, servers, 222 and so on). However, incremental deployment may require that a path- 223 aware network "core" be used to interconnect islands of legacy 224 protocol networks. In these cases, it is the gateways, not the 225 application endpoints, that receive path properties and make path 226 selections for that traffic. The interfaces provided by this gateway 227 are necessarily different than those a path-aware networking layer 228 provides to its transport and application layers, and the path 229 property information the gateway needs and makes available over those 230 interfaces may also be different. 232 The sixth question: how is path awareness (in terms of vocabulary and 233 interfaces) different when applied to tunnel and overlay endpoints? 235 2.7. Operating a Path Aware Network 237 The network operations model in the current Internet architecture 238 assumes that traffic flows are controlled by the decisions and 239 policies made by network operators, as expressed in interdomain 240 routing protocols. In a network providing path selection to the 241 endpoints, however, this assumption no longer holds, as endpoints may 242 react to path properties by selecting alternate paths. Competing 243 control inputs from path-aware endpoints and the interdomain routing 244 control plane may lead to more difficult traffic engineering or 245 nonconvergent routing, especially if the endpoints' and operators' 246 notion of the "best" path for given traffic diverges significantly. 248 A concept for path aware network operations will need to have clear 249 methods for the resolution of apparent (if not actual) conflicts of 250 intent between the network's operator and the path selection at an 251 endpoint. It will also need set of safety principles to ensure that 252 increasing path control does not lead to decreasing connectivity; one 253 such safety principle could be "the existence of at least one path 254 between two endpoints guarantees the selection of at least one path 255 between those endpoints." 257 The seventh question: how can a path aware network in a path aware 258 internetwork be effectively operated, given control inputs from the 259 network administrator as well as from the endpoints? 261 2.8. Deploying a Path Aware Network 263 The vision presented in the introduction discusses path aware 264 networking from the point of view of the benefits accruing at the 265 endpoints, to designers of transport protocols and applications as 266 well as to the end users of those applications. However, this vision 267 requires action not only at the endpoints but within the 268 interconnected networks offering path aware connectivity. While the 269 specific actions required are a matter of the design and 270 implementation of a specific realization of a path aware protocol 271 stack, it is clear than any path aware architecture will require 272 network operators to give up some control of their networks over to 273 endpoint-driven control inputs. 275 Here the question of apparent versus actual conflicts of intent 276 arises again: certain network operations requirements may appear 277 essential, but are merely accidents of the interfaces provided by 278 current routing and management protocols. Incentives for deployment 279 must show how existing network operations requirements are met 280 through new path selection and property dissemination mechanisms. 282 The incentives for network operators and equipment vendors to do 283 provide be made clear, in terms of a plan to transition [RFC8170] an 284 internetwork to path-aware operation, one network and facility at a 285 time. 287 The eighth question: how can the incentives of network operators and 288 end-users be aligned to realize the vision of path aware networking? 290 3. Acknowledgments 292 Many thanks to Adrian Perrig, Jean-Pierre Smith, Mirja Kuehlewind, 293 Olivier Bonaventure, Martin Thomson, Shwetha Bhandari, Chris Wood, 294 and Lee Howard, for discussions leading to questions in this 295 document. 297 This work is partially supported by the European Commission under 298 Horizon 2020 grant agreement no. 688421 Measurement and Architecture 299 for a Middleboxed Internet (MAMI), and by the Swiss State Secretariat 300 for Education, Research, and Innovation under contract no. 15.0268. 301 This support does not imply endorsement. 303 4. Informative References 305 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, 306 DOI 10.17487/RFC4302, December 2005, 307 . 309 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 310 (TLS) Protocol Version 1.2", RFC 5246, 311 DOI 10.17487/RFC5246, August 2008, 312 . 314 [RFC7624] Barnes, R., Schneier, B., Jennings, C., Hardie, T., 315 Trammell, B., Huitema, C., and D. Borkmann, 316 "Confidentiality in the Face of Pervasive Surveillance: A 317 Threat Model and Problem Statement", RFC 7624, 318 DOI 10.17487/RFC7624, August 2015, 319 . 321 [RFC8170] Thaler, D., Ed., "Planning for Protocol Adoption and 322 Subsequent Transitions", RFC 8170, DOI 10.17487/RFC8170, 323 May 2017, . 325 Author's Address 326 Brian Trammell 327 ETH Zurich 328 Gloriastrasse 35 329 8092 Zurich 330 Switzerland 332 Email: ietf@trammell.ch