Re: [bmwg] FW: WGLC on New version of draft-ietf-bmwg-ngfw-performance
"MORTON JR., AL" <acmorton@att.com> Thu, 20 May 2021 02:01 UTC
Return-Path: <acmorton@att.com>
X-Original-To: bmwg@ietfa.amsl.com
Delivered-To: bmwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AF213A28BA for <bmwg@ietfa.amsl.com>; Wed, 19 May 2021 19:01:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.689
X-Spam-Level:
X-Spam-Status: No, score=0.689 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MANY_SPAN_IN_TEXT=2.585, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nEXU_raioxiD for <bmwg@ietfa.amsl.com>; Wed, 19 May 2021 19:01:46 -0700 (PDT)
Received: from mx0a-00191d01.pphosted.com (mx0b-00191d01.pphosted.com [67.231.157.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45CC53A28B7 for <bmwg@ietf.org>; Wed, 19 May 2021 19:01:46 -0700 (PDT)
Received: from pps.filterd (m0083689.ppops.net [127.0.0.1]) by m0083689.ppops.net-00191d01. (8.16.0.43/8.16.0.43) with SMTP id 14K1t4RP001370; Wed, 19 May 2021 22:01:22 -0400
Received: from alpi154.enaf.aldc.att.com (sbcsmtp6.sbc.com [144.160.229.23]) by m0083689.ppops.net-00191d01. with ESMTP id 38mux8kge1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 19 May 2021 22:01:21 -0400
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id 14K21Kif011752; Wed, 19 May 2021 22:01:21 -0400
Received: from zlp30485.vci.att.com (zlp30485.vci.att.com [135.47.91.178]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id 14K21Dpb011573 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 19 May 2021 22:01:13 -0400
Received: from zlp30485.vci.att.com (zlp30485.vci.att.com [127.0.0.1]) by zlp30485.vci.att.com (Service) with ESMTP id 57F514009E73; Thu, 20 May 2021 02:01:13 +0000 (GMT)
Received: from GAALPA1MSGEX1DD.ITServices.sbc.com (unknown [135.50.89.117]) by zlp30485.vci.att.com (Service) with ESMTP id CDD254009E68; Thu, 20 May 2021 02:01:12 +0000 (GMT)
Received: from GAALPA1MSGEX1DB.ITServices.sbc.com (135.50.89.115) by GAALPA1MSGEX1DD.ITServices.sbc.com (135.50.89.117) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Wed, 19 May 2021 22:01:12 -0400
Received: from GAALPA1MSGEX1DB.ITServices.sbc.com ([135.50.89.115]) by GAALPA1MSGEX1DB.ITServices.sbc.com ([135.50.89.115]) with mapi id 15.01.2242.008; Wed, 19 May 2021 22:01:05 -0400
From: "MORTON JR., AL" <acmorton@att.com>
To: "bmonkman@netsecopen.org" <bmonkman@netsecopen.org>, 'Gabor LENCSE' <lencse@hit.bme.hu>
CC: "'MORTON, ALFRED C (AL)'" <acm@research.att.com>, "bmwg@ietf.org" <bmwg@ietf.org>, 'Bala Balarajah' <bala@netsecopen.org>, 'Bala Balarajah' <bm.balarajah@gmail.com>
Thread-Topic: [bmwg] FW: WGLC on New version of draft-ietf-bmwg-ngfw-performance
Thread-Index: AQHXRbCPiGfdLKcgXUuREvf6eqjp5KrdL2+AgAADloCAAAEIgP//wytQgA6nLcA=
Date: Thu, 20 May 2021 02:01:05 +0000
Message-ID: <b522dda59b634abca9d73fb2e36621c7@att.com>
References: <413e779fd7eb4dd4b3aa8473c171e282@att.com> <f1a2b5c5-ebf2-12ab-b053-b9b2538342ad@hit.bme.hu> <047501d745bb$e22f4ab0$a68de010$@netsecopen.org> <7dc6b282-7f41-bf7c-f09c-65e7ce94b674@hit.bme.hu> <048801d745be$31424b50$93c6e1f0$@netsecopen.org> <84196d5ce7474f9196ab000be64c49fd@att.com>
In-Reply-To: <84196d5ce7474f9196ab000be64c49fd@att.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.10.66.162]
x-tm-snts-smtp: F797880D0A13BF265FA6066A43D5E06091E452D6BE711907DBCA11BFF73BB1D42
Content-Type: multipart/alternative; boundary="_000_b522dda59b634abca9d73fb2e36621c7attcom_"
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: 5bzeV9c8vAe4fxPbfhaVbCWv4rpXjTRU
X-Proofpoint-GUID: 5bzeV9c8vAe4fxPbfhaVbCWv4rpXjTRU
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-05-19_10:2021-05-19, 2021-05-19 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 clxscore=1015 lowpriorityscore=0 mlxlogscore=999 spamscore=0 impostorscore=0 bulkscore=0 adultscore=0 phishscore=0 suspectscore=0 priorityscore=1501 mlxscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2105200010
Archived-At: <https://mailarchive.ietf.org/arch/msg/bmwg/J1HnYOMZzXCADOQXsB3jz9PxwYQ>
X-Mailman-Approved-At: Wed, 19 May 2021 19:03:07 -0700
Subject: Re: [bmwg] FW: WGLC on New version of draft-ietf-bmwg-ngfw-performance
X-BeenThere: bmwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Benchmarking Methodology Working Group <bmwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bmwg>, <mailto:bmwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bmwg/>
List-Post: <mailto:bmwg@ietf.org>
List-Help: <mailto:bmwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bmwg>, <mailto:bmwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 May 2021 02:01:51 -0000
Thanks to the authors/editor for continuing to chase-down comments and resolving them.
I know very well how much work this is.
I'm trying to finish-up my review tonight (as a participant):
o Inspected Throughput
The number of bits per second of allowed traffic a network
security device is able to transmit to the correct destination
interface(s) in response to a specified offered load. The
throughput benchmarking tests defined in Section 7 SHOULD measure
the average OSI model Layer 2 throughput value. This document
recommends presenting the throughput value in Gbit/s rounded to
two places of precision with a more specific Kbit/s in
parenthesis.
Let me suggest a couple of tweaks on this definition:
It took me several minutes to remember that "inspected" invokes the role of security device, for some reason.
The OSI model doesn't have a good reputation here at IETF, and the Internet was not built based on ISO's model.
So I'll try a little editing:
o Inspected Throughput
The number of bits per second of examined and allowed traffic a network
security device is able to transmit to the correct destination
interface(s) in response to a specified offered load. The
throughput benchmarking tests defined in Section 7 SHOULD measure
the average Layer 2 throughput value when the DUT is "inspecting" traffic. This document
recommends presenting the inspected throughput value in Gbit/s rounded to
two places of precision with a more specific Kbit/s in
parenthesis.
I also checked the nits, which revealed use of 2 incorrect addresses as examples.
BMWG has it's own IPv4 and v6 address space assigned. Please use it where appropriate.
I'm not sure where the offending addresses are, sorry!
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
== There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses
in the document. If these are example addresses, they should be changed.
== There are 1 instance of lines with non-RFC3849-compliant IPv6 addresses
in the document. If these are example addresses, they should be changed.
The tables below are from RFC 6890:
+----------------------+---------------+
| Attribute | Value |
+----------------------+---------------+
| Address Block | 198.18.0.0/15 |
| Name | Benchmarking |
| RFC | [RFC2544<https://datatracker.ietf.org/doc/html/rfc2544>] |
| Allocation Date | March 1999 |
| Termination Date | N/A |
| Source | True |
| Destination | True |
| Forwardable | True |
| Global | False |
| Reserved-by-Protocol | False |
+----------------------+---------------+
Table 12: Network Interconnect Device Benchmark Testing
and
+----------------------+----------------+
| Attribute | Value |
+----------------------+----------------+
| Address Block | 2001:2::/48 |
| Name | Benchmarking |
| RFC | [RFC5180<https://datatracker.ietf.org/doc/html/rfc5180>] |
| Allocation Date | April 2008 |
| Termination Date | N/A |
| Source | True |
| Destination | True |
| Forwardable | True |
| Global | False |
| Reserved-by-Protocol | False |
+----------------------+----------------+
Table 24: Benchmarking
Also:
Miscellaneous warnings:
----------------------------------------------------------------------------
== The document seems to lack the recommended RFC 2119 boilerplate, even if
it appears to use RFC 2119 keywords.
(The document does seem to have the reference to RFC 2119 which the
ID-Checklist requires).
The section seems to exist, but may need slight re-wording,
to match RFC 8174, or this version of the nits-checker is out of date
(it doesn't mention rfc 8174?):
2<https://datatracker.ietf.org/doc/html/draft-ietf-bmwg-ngfw-performance-08#section-2>. Requirements
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP<https://datatracker.ietf.org/doc/html/bcp14>
14<https://datatracker.ietf.org/doc/html/bcp14> [RFC2119<https://datatracker.ietf.org/doc/html/rfc2119>], [RFC8174<https://datatracker.ietf.org/doc/html/rfc8174>] when, and only when, they appear in all
capitals, as shown here.
thanks,
Al
From: bmwg <bmwg-bounces@ietf.org> On Behalf Of MORTON JR., AL
Sent: Monday, May 10, 2021 1:34 PM
To: bmonkman@netsecopen.org; 'Gabor LENCSE' <lencse@hit.bme.hu>
Cc: 'MORTON, ALFRED C (AL)' <acm@research.att.com>; bmwg@ietf.org; 'Bala Balarajah' <bala@netsecopen.org>; 'Bala Balarajah' <bm.balarajah@gmail.com>
Subject: Re: [bmwg] FW: WGLC on New version of draft-ietf-bmwg-ngfw-performance
***Security Advisory: This Message Originated Outside of AT&T ***
Reference http://cso.att.com/EmailSecurity/IDSP.html for more information.
of course Brian and Gábor, I can use the extra time myself.
BMWG,
We will extend the deadline for WGLC to May 21, as requested.
Al
bmwg co-chair
From: bmonkman@netsecopen.org<mailto:bmonkman@netsecopen.org> <bmonkman@netsecopen.org<mailto:bmonkman@netsecopen.org>>
Sent: Monday, May 10, 2021 1:02 PM
To: 'Gabor LENCSE' <lencse@hit.bme.hu<mailto:lencse@hit.bme.hu>>
Cc: 'Bala Balarajah' <bala@netsecopen.org<mailto:bala@netsecopen.org>>; 'Bala Balarajah' <bm.balarajah@gmail.com<mailto:bm.balarajah@gmail.com>>; bmwg@ietf.org<mailto:bmwg@ietf.org>; 'MORTON, ALFRED C (AL)' <acm@research.att.com<mailto:acm@research.att.com>>; 'Sarah Banks' <sbanks@encrypted.net<mailto:sbanks@encrypted.net>>
Subject: RE: [bmwg] FW: WGLC on New version of draft-ietf-bmwg-ngfw-performance
Thanks Gabor.
Al, could you extend the deadline for WGLC to May 21st from May 17th?
Brian
From: Gabor LENCSE <lencse@hit.bme.hu<mailto:lencse@hit.bme.hu>>
Sent: Monday, May 10, 2021 12:58 PM
To: bmonkman@netsecopen.org<mailto:bmonkman@netsecopen.org>
Cc: 'Bala Balarajah' <bala@netsecopen.org<mailto:bala@netsecopen.org>>; 'Bala Balarajah' <bm.balarajah@gmail.com<mailto:bm.balarajah@gmail.com>>; bmwg@ietf.org<mailto:bmwg@ietf.org>; 'MORTON, ALFRED C (AL)' <acm@research.att.com<mailto:acm@research.att.com>>; 'Sarah Banks' <sbanks@encrypted.net<mailto:sbanks@encrypted.net>>
Subject: Re: [bmwg] FW: WGLC on New version of draft-ietf-bmwg-ngfw-performance
Hi Brian,
Perhaps I can do another chunk later this week, and I plan to complete it next week.
Best regards,
Gábor
On 5/10/2021 6:45 PM, bmonkman@netsecopen.org<mailto:bmonkman@netsecopen.org> wrote:
Hi Gabor,
Thank you very much for your comments. On initial review they all look reasonable to us. How long do you think it will take you to complete your review of the rest of the document?
Brian
- [bmwg] FW: WGLC on New version of draft-ietf-bmwg… MORTON JR., AL
- Re: [bmwg] FW: WGLC on New version of draft-ietf-… Gabor LENCSE
- Re: [bmwg] FW: WGLC on New version of draft-ietf-… bmonkman
- Re: [bmwg] FW: WGLC on New version of draft-ietf-… Gabor LENCSE
- Re: [bmwg] FW: WGLC on New version of draft-ietf-… bmonkman
- Re: [bmwg] FW: WGLC on New version of draft-ietf-… MORTON JR., AL
- [bmwg] Second part -- Re: FW: WGLC on New version… Gabor LENCSE
- Re: [bmwg] Second part -- Re: FW: WGLC on New ver… bmonkman
- [bmwg] Sequential vs. random -- Re: FW: WGLC on N… Gábor LENCSE
- Re: [bmwg] FW: WGLC on New version of draft-ietf-… MORTON JR., AL
- Re: [bmwg] FW: WGLC on New version of draft-ietf-… bmonkman
- Re: [bmwg] Sequential vs. random -- Re: FW: WGLC … bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Sarah Banks
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Sarah Banks
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Sarah Banks
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… MORTON JR., AL
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Carsten Rossenhoevel
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… MORTON JR., AL
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Sarah Banks
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Carsten Rossenhoevel
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Sarah Banks
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… MORTON JR., AL
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… bmonkman
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Gábor LENCSE
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Carsten Rossenhoevel
- Re: [bmwg] WGLC on New version of draft-ietf-bmwg… Gábor LENCSE