Re: [93attendees] Network experiment during the meeting

"Eric Vyncke (evyncke)" <> Wed, 15 July 2015 09:14 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 391D51A00D0 for <>; Wed, 15 Jul 2015 02:14:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -13.31
X-Spam-Status: No, score=-13.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, J_CHICKENPOX_12=0.6, J_CHICKENPOX_21=0.6, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9La4acdDWy8h for <>; Wed, 15 Jul 2015 02:14:24 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 51A0C1A00CC for <>; Wed, 15 Jul 2015 02:14:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=20098; q=dns/txt; s=iport; t=1436951664; x=1438161264; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=f1ROTWiPiimuSuP5qh8eLDG54rQZWpWbvmyIrvZfMxs=; b=NccjtUYTueq+zTZkN1q0c28rlQiTYFwRQJ7IUYFpiKZ4xVzzeCisBZQy bVmeARPGAPXC0b9LaV2rLcW+/x9Ym8KPXpiBpEJxLzTBdh+HRqYfoqCkQ AUIPa84zwFIYbLgAsbLDc6SekbVsyqeu6P9HU5eBVKKtiRcc4xdggTT/V s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.15,479,1432598400"; d="scan'208,217";a="9931658"
Received: from ([]) by with ESMTP; 15 Jul 2015 09:14:23 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id t6F9ENkl018369 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 15 Jul 2015 09:14:23 GMT
Received: from ([]) by ([]) with mapi id 14.03.0195.001; Wed, 15 Jul 2015 04:14:22 -0500
From: "Eric Vyncke (evyncke)" <>
To: "" <>
Thread-Topic: [93attendees] Network experiment during the meeting
Thread-Index: AQHQvahub3tN3EifYkmlEWHeffWwQ53bZ8eAgAADaYCAAA5PAIAABFAAgAE5MgA=
Importance: low
X-Priority: 5
Date: Wed, 15 Jul 2015 09:14:22 +0000
Message-ID: <>
References: <> <> <> <> <>
In-Reply-To: <>
Accept-Language: fr-FR, en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_D1CBF04C50692evynckeciscocom_"
MIME-Version: 1.0
Archived-At: <>
Cc: Rolf Winter <>
Subject: Re: [93attendees] Network experiment during the meeting
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list of IETF 93 attendees that have opted in on this list. " <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 15 Jul 2015 09:14:27 -0000

Like Toerless, I find interesting this discussion when we all know that WiFi (unless WPA is used) is 'broadcasted' everywhere.

During some previous IETF meetings, I used for one hour or two to collect aggregated statistics on IPv6 NDP & other multicast packets. Obviously, anybody could do it as the WiFi AP are configured in such a way that mcast packets are forwarded


From: 93attendees <<>> on behalf of Chris Elliott <<>>
Reply-To: "<>" <<>>
Date: mardi 14 juillet 2015 18:32
To: Ray Pelletier <<>>
Cc: joel jaeggli <<>>, "<>" <<>>, Rolf Winter <<>>, "<>" <<>>
Subject: Re: [93attendees] Network experiment during the meeting

On Tuesday, July 14, 2015, Ray Pelletier <<>> wrote:
I asked Jim and Joel this but no response as yet. Maybe you have an opinion

This appears to be a benign experiment, but would it impact operations, or in your opinion, intrude on privacy?

I do not expect it to impact operations, and, as the device collecting data will be in the NOC, we can easily disable it should there be any concerns.

Both Jari and I have discussed privacy concerns with Rolf and, at the level of information I have, I believe Rolf will be protecting our attendees privacy.

That said, I'm not a security guy and a full analysis of the security implications would probably need to be done by a security guru.

However, note, with or without our permission, any attendee can collect the same information Rolf is collecting.



On Jul 14, 2015, at 11:25 AM, Chris Elliott <<javascript:_e(%7B%7D,'cvml','');>> wrote:

On Tue, Jul 14, 2015 at 11:13 AM, joel jaeggli <<javascript:_e(%7B%7D,'cvml','');>> wrote:
Hash: SHA1

Typically experiments involving the production network run past the
network staff and the IAD/IAOC or IETF chair.


Rolf contacted me a while ago and I had him contact Jari for approval of this "experiment". Jari has approved it.

The device will sit in the NOC where we can easily disable it if there's an issue.

I haven't seen this float by so I don't know if it has or not but if
you haven't, I'd suggest doing that.

 Rolf's done his job. I got distracted by traveling and trying to get the network working to forward this to the NOC list. I'll do that asap.



On 7/13/15 1:13 PM, Rolf Winter wrote:
> Hello everyone,
> during the meeting we plan to conduct an experiment on the IETF
> wireless network. We will record the broadcast traffic sent over
> the network with the goal of analyzing current applications' use of
> IP broadcasts. We have conducted this experiment previously on
> another large wireless campus network with interesting results and
> will repeat the experiment on the IETF wireless network as a second
> data point. We collect the data and aggregate it to statistics
> which will not reveal data about individual users of the network
> and once that is done, we will delete all packet traces we
> collected. More information on the experiment can be found here:
>  If you have questions regarding the experiment, please drop me an
> Email.
> See you in Prague,
> Rolf
> _______________________________________________ 93attendees mailing
> list<javascript:_e(%7B%7D,'cvml','');>

Version: GnuPG/MacGPG2 v2
Comment: GPGTools -


93attendees mailing list<javascript:_e(%7B%7D,'cvml','');>

Chris Elliott<javascript:_e(%7B%7D,'cvml','');>

"What the f*ck is a sesame? It's a's a way to open sh*t!" --Mitch Hedberg
93attendees mailing list<javascript:_e(%7B%7D,'cvml','');>

Chris Elliott
CCIE # 2013

“You and I are mirages that perceive themselves”
--Douglas Hofstadter