IETF Logo Mail Archive

Re: [Anima] big pictures diagrams --- how bootstrap fits into signaling and discovery

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 22 July 2015 09:17 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3830A1ACF5E for <anima@ietfa.amsl.com>; Wed, 22 Jul 2015 02:17:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GN9dTKO5vonx for <anima@ietfa.amsl.com>; Wed, 22 Jul 2015 02:17:14 -0700 (PDT)
Received: from mail-wi0-x22e.google.com (mail-wi0-x22e.google.com [IPv6:2a00:1450:400c:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86D451AD0B0 for <anima@ietf.org>; Wed, 22 Jul 2015 02:17:04 -0700 (PDT)
Received: by wibud3 with SMTP id ud3so145158619wib.1 for <anima@ietf.org>; Wed, 22 Jul 2015 02:17:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=pHYH5BwoR/P7yiPDSKt6JsYEn7u8MPqJ3GdxapemhGg=; b=hgx5/FPOhADBPX+CQm+LRiTT8RMR5F1nRobzDtUEvrOhCljv1XDM03HTgwnM2tfCVY X7wNyJVhF+rv5oM0PyS2T6BZpIGmAoE2Jgaui0GJ8hVTtJ/xTQNA5AvoCbiQdw8F4ukG aS3suWX/1WFBsMIxHGixWK5M/xanfle6atlk7kqNiE3GGnveKnKlo3FUvoIW4riz7NtB apXrScKAGGZUFcGwc8EkfzMvM0jCPVPtAWR3Juisq5z1dDTm6K1noeDpS5qiiVOO38N/ OZtkamNphR+vr2QY9RfDBis7JfyOF1mAT8/zj/CYwUnodFHqhuc3v0ZCNibW0woSr5OH r2Hg==
X-Received: by 10.180.74.162 with SMTP id u2mr41137380wiv.0.1437556623199; Wed, 22 Jul 2015 02:17:03 -0700 (PDT)
Received: from ?IPv6:2001:67c:370:176:28cc:dc4c:9703:6781? ([2001:67c:370:176:28cc:dc4c:9703:6781]) by smtp.gmail.com with ESMTPSA id uc16sm21007036wib.8.2015.07.22.02.17.02 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Jul 2015 02:17:02 -0700 (PDT)
Message-ID: <55AF5F93.5040801@gmail.com>
Date: Wed, 22 Jul 2015 21:17:07 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Michael Richardson <mcr+ietf@sandelman.ca>, anima <anima@ietf.org>
References: <12538.1436128199@sandelman.ca> <5599C873.3030108@gmail.com> <29717.1437555034@sandelman.ca>
In-Reply-To: <29717.1437555034@sandelman.ca>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima/ef3-Ub8MyofvVRZ939e9JxZ1mVI>
Subject: Re: [Anima] big pictures diagrams --- how bootstrap fits into signaling and discovery
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 09:17:17 -0000

Sorry, pressed send too soon.

On 22/07/2015 20:50, Michael Richardson wrote:
> 
> Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>     > On 06/07/2015 08:29, Michael Richardson wrote:
>     >>
>     >> After reading Brians' slides last week,
> 
>     > Those were draft slides sent only to the signaling design team.
>     > When they're ready they will of course be for the whole WG.
> 
> Yes, so I'm not responding to something specific in your slides, but rather
> realizing that there I feel that there is some high level stuff missing.
> I agree that it belongs in the framework document, but I don't find it
> useful to argue in text until after we have argued in pictures (using crayons).
> 
>     >> I will also say that I think that discovery process should include running
>     >> DHCP(v6).
> 
>     > Please explain how that works in a network with no administrator
>     > and no pre-existing default configs. I don't see where a north-south
>     > direction would even come from, let alone a designated DHCPv6
>     > server.
> 
> I'm saying, when a new node turns on, that running a DHCPv6 DISCOVERY process
> should be part of learning what is going on.  Clearly, if all the other
> connected nodes are in a similar state, nobody is going to answer, but in the
> case where there is existing infrastructure, that it could reply.

In fact I believe we should specify that a node SHOULD run the whole
DNA machinery (RFC6059).

>     >> I'm also unconvinced that GDNP/GRASP shouldn't be other than
>     >> DHCPv6,
> 
>     > We have a list of 25 requirements. I don't think DHCP fits them,
>     > not even close. (I don't care about packet formats; in fact I'm
>     > pretty sure we'll have use cases where carrying DHCP options in
>     > anima signaling is entirely appropriate.)
> 
> If we stick with a TLV format, I think that we can make it work inside
> DHCPv6.  Maybe we won't use the exact same set of DHCPv6 messages, but I
> think that DHCPv6 SOLICIT and DHCPv6 ADVERTISE might be very much what
> we want for the discovery process.

Multi-hop?

>     > Please review the requirements and Appendix A in
>     > draft-carpenter-anima-gdn-protocol-04, and if you can show in full
>     > detail how DHCP(v6) or DNCP can meet the requirements, we can have
>     > the discussion.
> 
> I'll review the 25 requirements.
> 
>     >> On top of these point to point tunnels, an RPL (rfc6550) instance would
>     >> run,
> 
>     > but... but... only some Anima networks will run RPL. We definitely need to
>     > be agnostic about the choice of IGP. If we've learned one thing from
>     > homenet, we've learned that, surely?
> 
> What I learned is that we had better decide what we are doing up-front.
> If we aren't building a routed ACP to faciliate end-to-end management
> traffic, then we'd better put that in the *charter*.

The ACP will be routed, afaik. We were talking yesterday about picking
a default without going down the same rat hole as HOMENET.

> As for RPL vs another one, if we don't pick *one* routing protocol, then we
> probably don't have interoperability period, and we should go home.

Well, there might be a model where you do network-wide discovery to find
which routing protocols are supported. But without agreeing on a lowest
common denominator "MUST implement" protocol, it becomes a procurement
requirement issue, and I don't like that conclusion.

> (And, my questions on Monday about the Data Plane ACP essentially amount to:
> if the Data Plane can't route traffic, then the ASAs have to proxy traffic,
> i.e. do layer-7 routing, and that had better be in context if someone
> thinks they really want to throw away e2e for management traffic)

I don't see that. Surely there will be ASAs (in routers) whose job
after bootstrap is to bring up the data plane?

> 
>     >> 6) http://www.sandelman.ca/SSW/ietf/anima/diagrams/network6-imprint.svg
>     >>
>     >> Devices call "home".
>     >> In the first version of this diagram, the devices called the vendor A,
>     >> and vendor B boxes directly.  That could be the case, and they could be
>     >> redirected to the domain owner based upon sales records, or it could be
>     >> that the uplink, being provided by the domain owner, intercepts all
>     >> traffic and directs it to the registrar.
> 
>     > "Intercepts" is a bad word. IMHO we need to devices to discover whether
>     > there is a local registrar first, and not waste their time trying to
>     > call home to a vendor in deployments where that is impossible. (There
>     > is a chicken/egg problem here, since that should be a matter of Intent
>     > but you can't get Intent until you have been authenticated.)
> 
> I don't agree.
> Intents should be signed objects; the device doesn't need to authenticate
> itself to the network before it can see the Intent.  The device may be unable
> to authenticate the Intent; but if the device has nothing else to do, and the
> Intent says, "Get network online", and the device can do that, it might as
> well do it.

I'm not sure how the network can trust the device at that time. Maybe we
don't want to send Intent to an untrusted device?

    Brian

> 
>     >> Or the domain registrar could
>     >> be running an ASA, and could have joined the ACP as well.
> 
>     > Definitely.
> 
>     > I will stop there because I think we need the ACP authors to
>     > comment on much of what you said. But thanks for the systematic
>     > thinking.
> 
> Sorry for leaving this draft in my edit box for over a week.
> 
> 
> 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-
> 
> 
> 
> 
> 
> _______________________________________________
> Anima mailing list
> Anima@ietf.org
> https://www.ietf.org/mailman/listinfo/anima
>

v2.23.0 | Report a Bug | By Email