idnits 2.17.1 draft-trammell-panrg-questions-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (December 07, 2017) is 2325 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) Summary: 3 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Path Aware Networking RG B. Trammell 3 Internet-Draft ETH Zurich 4 Intended status: Informational December 07, 2017 5 Expires: June 10, 2018 7 Open Questions in Path Aware Networking 8 draft-trammell-panrg-questions-02 10 Abstract 12 This document poses open questions in path-aware networking, as a 13 background for framing discussions in the Path Aware Networking 14 proposed Research Group (PANRG). These are split into making 15 properties of Internet paths available to endpoints, and allowing 16 endpoints to select paths through the Internet for their traffic. 18 Status of This Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at https://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on June 10, 2018. 35 Copyright Notice 37 Copyright (c) 2017 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (https://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Introduction to Path-Aware Networking . . . . . . . . . . . . 2 53 2. Questions . . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 2.1. A Vocabulary of Path Properties . . . . . . . . . . . . . 3 55 2.2. Discovery, Distribution, and Trustworthiness of Path 56 Properties . . . . . . . . . . . . . . . . . . . . . . . 3 57 2.3. Supporting Path Selection . . . . . . . . . . . . . . . . 4 58 2.4. Interfaces for Path Awareness . . . . . . . . . . . . . . 4 59 2.5. Implications of Path Awareness for the Data Plane . . . . 4 60 2.6. What is an Endpoint? . . . . . . . . . . . . . . . . . . 5 61 2.7. Operating a Path Aware Network . . . . . . . . . . . . . 5 62 2.8. Deploying a Path Aware Network . . . . . . . . . . . . . 6 63 3. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 6 64 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 65 4.1. Normative References . . . . . . . . . . . . . . . . . . 6 66 4.2. Informative References . . . . . . . . . . . . . . . . . 7 67 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 69 1. Introduction to Path-Aware Networking 71 In the current Internet architecture, the network layer provides an 72 unverifiable, best-effort service: an application can assume that a 73 packet with a given destination address will eventually be forwarded 74 toward that destination, but little else. A transport layer protocol 75 such as TCP can provide reliability over this best-effort service, 76 and a protocol above the network layer such as IPsec AH [RFC4302] or 77 TLS [RFC5246] can authenticate the remote endpoint. However, no 78 explicit information about the path is available, and assumptions 79 about that path sometimes do not hold, sometimes with serious impacts 80 on the application, as in the case with BGP hijacking attacks. 82 By contrast, in a path-aware networking architecture, endpoints have 83 the ability to select or influence the path through the network used 84 by any given packet, and the network layer explicitly exposes 85 information about the path or paths available between two endpoints 86 to those endpoints so that they can make this selection. Path 87 control at the packet level enables new transport protocols that can 88 leverage multipath connectivity across maximally-disjoing paths 89 through the Internet, even over a single interface. It also provides 90 transparency and control for applications and end-users to specify 91 constraints on the paths its traffic should traverse, for instance to 92 confound pervasive passive surveillance in the network core. 94 2. Questions 96 Realizing path-aware networking requires answers to a set of open 97 research questions. This document poses these questions, as a 98 starting point for discussions about how to realize path awareness in 99 the Internet, and to direct future research efforts within the Path 100 Aware Networking Research Group. 102 2.1. A Vocabulary of Path Properties 104 In order for information about paths to be exposed to the endpoints, 105 and for those endpoints to be able to use that information, it is 106 necessary to define a common vocabulary for path properties. The 107 elements of this vocabulary could include relatively static 108 properties, such as the presence of a given node on the path; as well 109 as relatively dynamic properties, such as the current values of 110 metrics such as loss and latency. 112 This vocabulary must be defined carefully, as its design will have 113 impacts on the expressiveness of a given path-aware internetworking 114 architecture. This expressiveness also exhibits tradeoffs. For 115 example, a system that exposes node-level information for the 116 topology through each network would maximize information about the 117 individual components of the path at the endpoints at the expense of 118 making internal network topology universally public, which may be in 119 conflict with the business goals of each network's operator. 121 The first question is therefore: how are path properties defined and 122 represented? 124 2.2. Discovery, Distribution, and Trustworthiness of Path Properties 126 Once endpoints and networks have a shared vocabulary for expressing 127 path properties, the network must have some method for distributing 128 those path properties to the endpoint. Regardless of how path 129 property information is distributed to the endpoints, the endpoints 130 require a method to authenticate the properties - to determine that 131 they originated from and pertain to the path that they purport to. 132 The end goal of authentication is not necessarily to establish that a 133 given property is actually bound to a given path, but to ensure that 134 the information is trustworthy, that actions taken based on it will 135 have the predicted result. 137 Choices in an distribution and authentication methods will have 138 impacts on the scalability of a path-aware architecture. Possible 139 dimensions in the space of distribution methods include in-band 140 versus out-of-band, push versus pull versus publish-subscribe, and so 141 on. There are temporal issues with path property dissemination as 142 well, especially with dynamic properties, since the measurement or 143 elicitation of dynamic properties may be outdated by the time that 144 information is available at the endpoints, and interactions between 145 the measurement and dissemination delay may exhibit pathological 146 behavior for unlucky points in the parameter space. 148 The second question: how do endpoints get access to trustworthy path 149 properties? 151 2.3. Supporting Path Selection 153 Access to trustworthy path properties is only half of the challenge 154 in establishing a path-aware architecture. Endpoints must be able to 155 use this information in order to select paths for traffic they send. 156 As with path property distribution, choices made in path selection 157 methods will also have an impact on the scalability and 158 expressiveness of a path-aware architecture, and dimensions included 159 in-band versus out-of-band, as well. Paths may also be selected on 160 multiple levels of granularity - per packet, per flow, per aggregate 161 - and this choice also has impacts on the scalabilty/expressiveness 162 tradeoff. 164 The third question: how can endpoints select paths to use for traffic 165 in a way that can be trusted by the network? 167 2.4. Interfaces for Path Awareness 169 In order for applications to make effective use of a path-aware 170 networking architecture, the interfaces presented by the network and 171 transport layers must also expose path properties to the application 172 in a useful way, and provide a useful selection for path selection. 173 Path selection must be possible based not only on the preferences and 174 policies of the application developer, but of end-users as well. 176 The fourth question: how can interfaces to the transport and 177 application layers support the use of path awareness? 179 2.5. Implications of Path Awareness for the Data Plane 181 In the current Internet, the basic assumption that at a given time t 182 all traffic for a given flow will traverse a single path, for some 183 definition of path, generally holds. In a path aware network, this 184 assumption no longer holds. The failure of this assumption has 185 implications for the design of protocols above a path-aware network 186 layer. 188 For example, one advantage of multipath communication is that a given 189 end-to-end flow can be "sprayed" along multiple paths in order to 190 confound attempts to collect data or metadata from those flows for 191 pervasive surveillance purposes [RFC7624]. However, the benefits of 192 this approach are reduced if the upper-layer protocols use linkable 193 identifiers on packets belonging to the same flow across different 194 paths. Clients may mitigate linkability by opting to not re-use 195 cleartext connection identifiers, such as TLS session IDs or tickets, 196 on separate paths. The privacy-conscious strategies required for 197 effective privacy in a path-aware Internet are only possible if 198 higher-layer protocols such as TLS permit clients to obtain 199 unlinkable identifiers. 201 The fifth question: how should transport-layer and higher layer 202 protocols be redesigned to work most effectively over a path-aware 203 networking layer? 205 2.6. What is an Endpoint? 207 The vision of path-aware networking articulated so far makes an 208 assumption that path properties will be disseminated to endpoints on 209 which applications are running (terminals with user agents, servers, 210 and so on). However, incremental deployment may require that a path- 211 aware network "core" be used to interconnect islands of legacy 212 protocol networks. In these cases, it is the gateways, not the 213 application endpoints, that receive path properties and make path 214 selections for that traffic. The interfaces provided this gateway 215 are necessarily different than those a path-aware networking layer 216 provides to its transport and application layers, and the path 217 property information the gateway needs and makes available over those 218 interfaces may also be different. 220 The sixth question: how is path awareness (in terms of vocabulary and 221 interfaces) different when applied to tunnel and overlay endpoints? 223 2.7. Operating a Path Aware Network 225 The network operations model in the current Internet architecture 226 assumes that traffic flows are controlled by the decisions and 227 policies made by network operators, as expressed in interdomain 228 routing protocols. In a path-aware network with effective path 229 selection, however, this assumption no longer holds, as endpoints may 230 react to path properties by selecting alternate paths. Competing 231 control inputs from path-aware endpoints and the interdomain routing 232 control plane may lead to more difficult traffic engineering or 233 nonconvergent routing, especially if the endpoints' and operators' 234 idea of the "best" path for given traffic differs significantly. 236 The seventh question: how can a path aware network in a path aware 237 internetwork be effectively operated, given control inputs from the 238 network administrator as well as from the endpoints? 240 2.8. Deploying a Path Aware Network 242 The vision presented in the introduction discusses path aware 243 networking from the point of view of the benefits accruing at the 244 endpoints, to designers of transport protocols and applications as 245 well as to the end users of those applications. However, this vision 246 requires action not only at the endpoints but within the 247 interconnected networks offering path aware connectivity. While the 248 specific actions required are a matter of the design and 249 implementation of a specific realization of a path aware protocol 250 stack, it is clear than any path aware architecture will require 251 network operators to give up some control of their networks over to 252 endpoint-driven control inputs. The incentives for network operators 253 and equipment vendors to do this must be made clear. 255 The eighth question: how can the incentives of network operators and 256 end-users be aligned to realize the vision of path aware networking? 258 3. Acknowledgments 260 Many thanks to Adrian Perrig, Jean-Pierre Smith, Mirja Kuehlewind, 261 Olivier Bonaventure, Martin Thomson, Shwetha Bhandari, and Chris 262 Wood, for discussions leading to questions in this document. 264 This work is partially supported by the European Commission under 265 Horizon 2020 grant agreement no. 688421 Measurement and Architecture 266 for a Middleboxed Internet (MAMI), and by the Swiss State Secretariat 267 for Education, Research, and Innovation under contract no. 15.0268. 268 This support does not imply endorsement. 270 4. References 272 4.1. Normative References 274 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, 275 DOI 10.17487/RFC4302, December 2005, 276 . 278 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 279 (TLS) Protocol Version 1.2", RFC 5246, 280 DOI 10.17487/RFC5246, August 2008, 281 . 283 4.2. Informative References 285 [RFC7624] Barnes, R., Schneier, B., Jennings, C., Hardie, T., 286 Trammell, B., Huitema, C., and D. Borkmann, 287 "Confidentiality in the Face of Pervasive Surveillance: A 288 Threat Model and Problem Statement", RFC 7624, 289 DOI 10.17487/RFC7624, August 2015, 290 . 292 Author's Address 294 Brian Trammell 295 ETH Zurich 296 Gloriastrasse 35 297 8092 Zurich 298 Switzerland 300 Email: ietf@trammell.ch