IETF Logo Mail Archive

Re: [77attendees] Bar BoF: ip traceback

Chris Morrow <morrowc@google.com> Thu, 25 March 2010 17:51 UTC

Return-Path: <morrowc@google.com>
X-Original-To: 77attendees@core3.amsl.com
Delivered-To: 77attendees@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F1B5A3A6800 for <77attendees@core3.amsl.com>; Thu, 25 Mar 2010 10:51:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.847
X-Spam-Level:
X-Spam-Status: No, score=-100.847 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, FM_FORGED_GMAIL=0.622, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4sJMl+s2Vy7B for <77attendees@core3.amsl.com>; Thu, 25 Mar 2010 10:51:25 -0700 (PDT)
Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.35]) by core3.amsl.com (Postfix) with ESMTP id 25E8C3A6BBD for <77attendees@ietf.org>; Thu, 25 Mar 2010 10:49:49 -0700 (PDT)
Received: from kpbe15.cbf.corp.google.com (kpbe15.cbf.corp.google.com [172.25.105.79]) by smtp-out.google.com with ESMTP id o2PHo9qu017831 for <77attendees@ietf.org>; Thu, 25 Mar 2010 18:50:09 +0100
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1269539410; bh=Ur3BnBirgyp7Ir4jEBxhN5vyPcY=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type:Content-Transfer-Encoding; b=i51UVw3HEilkr4IVj1rl7hTYK3cR0Pu8RcQew2p+rRkeYcenioMy2kbDKSk9N7SxW tB52chOVe4bXm7uK8Yv1g==
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=mime-version:in-reply-to:references:date:message-id:subject:from:to: cc:content-type:content-transfer-encoding:x-system-of-record; b=mxVyW/xGPI/Q12rtLgukuL8Y/SGYp4n54bg3RhMymJ7SBunu2a2fx20mWan037XP7 IIOl09yHex1t8Lr1DrjEg==
Received: from qw-out-1920.google.com (qwj9.prod.google.com [10.241.195.73]) by kpbe15.cbf.corp.google.com with ESMTP id o2PHnpJe007143 for <77attendees@ietf.org>; Thu, 25 Mar 2010 10:50:07 -0700
Received: by qw-out-1920.google.com with SMTP id 9so719069qwj.38 for <77attendees@ietf.org>; Thu, 25 Mar 2010 10:49:51 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.229.10.132 with SMTP id p4mr98951qcp.86.1269539390963; Thu, 25 Mar 2010 10:49:50 -0700 (PDT)
In-Reply-To: <C3960BE0-9093-4863-8AAE-62BEAB197E6D@checkpoint.com>
References: <4BA8BCE3.5020309@is.naist.jp> <4BA95B6A.5040707@is.naist.jp> <4BAB0464.2010307@is.naist.jp> <4BAB7A4D.7070904@piuha.net> <8133D17D-D9B6-40A6-AE9B-80BF90A5223D@checkpoint.com> <4BAB936E.6010307@piuha.net> <C3960BE0-9093-4863-8AAE-62BEAB197E6D@checkpoint.com>
Date: Thu, 25 Mar 2010 10:49:50 -0700
Message-ID: <c7cec2131003251049q7c5da6d1i9d0bd94cf9a8ec9@mail.gmail.com>
From: Chris Morrow <morrowc@google.com>
To: Yoav Nir <ynir@checkpoint.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-System-Of-Record: true
Cc: "77attendees@ietf.org" <77attendees@ietf.org>
Subject: Re: [77attendees] Bar BoF: ip traceback
X-BeenThere: 77attendees@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <77attendees.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/77attendees>, <mailto:77attendees-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/77attendees>
List-Post: <mailto:77attendees@ietf.org>
List-Help: <mailto:77attendees-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/77attendees>, <mailto:77attendees-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2010 17:51:27 -0000

On Thu, Mar 25, 2010 at 10:40 AM, Yoav Nir <ynir@checkpoint.com> wrote:
>
> On Mar 25, 2010, at 9:46 AM, Jari Arkko wrote:
>>> My own, personal conclusion was that this was interesting and has potential. There *is* work to be done (two different versions that they wrote did not interoperate properly) and since success requires wide adoption by ISPs, I believe that the IETF is probably the right place for this.  But these are just my personal opinions, and I have no idea if we can get enough people to actually work on this.
>>>
>>> I suggest that the correct next step is for the authors to contact one or more ADs. Though this seems directly related to security, the fact that this would be a protocol that would run between AS edge routers, it could fall to other areas as well. So I think the next step should be scheduling a BoF for next IETF, and making sure that the right people are there.
>>>
>>
>> The question in my mind is: is the world interested in this technology. Previous IETF efforts in traceback failed IMO due to lack of operator/vendor interest. We should not create new efforts unless that interest surges again. Is it surging, and if so, why?
>>
>> Jari
>
> We've heard that attack packets now take up a significant portion of the traffic on the
> Internet. Specifically members of bot-nets create congestion for ISPs. There is a chance

where is this statistic? as near as I know/recall it's no where near
'significant portion' in general. Certainly there are times when
individual links see this as the case (mostly edge/customer links).

> that now they would be more interested in deploying traceback technology than in the past,
> when Internet attacks were a problem only for the end users.

probably not, no... the traceback options from the past nearly all had
significant penalties on the routing equipment in the network, that
was a showstopper then, and will be today.

> We have at least anecdotal evidence of such interest, in that 15 Japanese ISPs have agreed to participate in this experiment on their production networks. This must count for something.
>
>
> Anyway, a BoF with the relevant people present is, IMO, the best way to gauge the interest.
>
> So the next steps are to set up a BoF for IETF 78, and to set up a mailing list, where
> hopefully we can hear from the operators.

hopefully announce it early :) I'd love to attend.

-chris

> _______________________________________________
> 77attendees mailing list
> 77attendees@ietf.org
> https://www.ietf.org/mailman/listinfo/77attendees
>

v2.23.0 | Report a Bug | By Email