IETF Logo Mail Archive

Re: [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?

Kyle Rose <krose@krose.org> Fri, 06 January 2023 17:37 UTC

Return-Path: <krose@krose.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38317C1524B2 for <ietf@ietfa.amsl.com>; Fri, 6 Jan 2023 09:37:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=krose.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cXzCChOUMzyx for <ietf@ietfa.amsl.com>; Fri, 6 Jan 2023 09:37:18 -0800 (PST)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21DEEC151701 for <ietf@ietf.org>; Fri, 6 Jan 2023 09:37:17 -0800 (PST)
Received: by mail-ed1-x52f.google.com with SMTP id v6so3162715edd.6 for <ietf@ietf.org>; Fri, 06 Jan 2023 09:37:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=CMqYfpm5WzFoFftsIeiPI7RlZsaoysBRzoXHl416f3k=; b=L3/Zo/v7SYnUbUq4RJ6vUH+jQYHEX/jBADYJvU08GeWfv117pN0CiBmjbNzJwD19s7 w4XXbpW9OKzDp4Iga0f7zsRmOjPUa5rAWItQm2xn9imllN/UYXmiRfrhoIOjoykvg8da 15eFoYGAdx3bsIq2YJHqvBnr0TIxF7nzMsbRM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CMqYfpm5WzFoFftsIeiPI7RlZsaoysBRzoXHl416f3k=; b=oyAXgoXz8PzjMLo/sqvA6crfDsp+xW9lM89bFqsCvOMhtBDCvmFagmzCrvzrECuEFN ZXlpgOtteR2Swm6ykUTgFndu9hVsJIo/6ygPvkK9Tx1tueGbdNtvpfj2ktMKsqlM1mId X+dPk6OE1VAdWNPJetA/JHUuWNSxJiZ82OHZEwlTyoHA1ekjbE5EDang9plu/Ya9dDty /v3mm8ve4fGK2qimfhRIXjERaUwbXOTIzaBmbPxSkGY9lfke/dDMKM4Ot3nnKiMY4zAe HcP4+LJxJtkWIQfPWxOSr/TPCr7Z1sEbhgrk2Q7AQnjxVkMq7BmsgyY66aaJqIPQsxsN CHIQ==
X-Gm-Message-State: AFqh2koAN0ZRajKT/6xPYyow+YfG1UR3igezttSi0CuDJFy36wwRHy33 tFeX3jtBOBn41+ufbXRQCwTR/bJFiTNhiP1IRetixQ==
X-Google-Smtp-Source: AMrXdXu1gNA0yZ2lDJ9XkKGS95MIMQmsC3cbzHuQdJ7+RJjIXeRiy8jgsSkUgLOR6o9HHbukSkKWcCapCpoQrOpeaPo=
X-Received: by 2002:a05:6402:708:b0:488:dd00:372a with SMTP id w8-20020a056402070800b00488dd00372amr2985351edx.258.1673026636470; Fri, 06 Jan 2023 09:37:16 -0800 (PST)
MIME-Version: 1.0
References: <3c3230f3783b4ec9a8a9e3bb87cc2a8d@huawei.com> <08C49067-DB4C-41AB-A6F3-B96BDBE0A4BC@yahoo.co.uk> <CAKr6gn0tFXEV-h7LH1_Ts5iQRw_mGEi=TqS7hsyK-SqDFmmY-A@mail.gmail.com> <C09B3D18-2871-491F-B76C-630A2DCA439A@gmail.com> <EFCEFAA6-3638-4CE0-91DD-3E38FE00DF29@gmail.com> <1F71EB99-3657-4A20-8B28-2AFB743A9762@gmail.com> <CAMm+LwgCxHJYWtv+4ZQdr0-MbSE3qXg6wrT=DZLS=X9pKqpMSg@mail.gmail.com>
In-Reply-To: <CAMm+LwgCxHJYWtv+4ZQdr0-MbSE3qXg6wrT=DZLS=X9pKqpMSg@mail.gmail.com>
From: Kyle Rose <krose@krose.org>
Date: Fri, 06 Jan 2023 12:37:04 -0500
Message-ID: <CAJU8_nVWLx9FuP_g=9SXXzGj3HMu9vmuCHh4yRYJ7JGNoW_qsw@mail.gmail.com>
Subject: Re: [saag] Ten years after Snowden (2013 - 2023), is IETF keeping its promises?
To: Phillip Hallam-Baker <phill@hallambaker.com>
Cc: Stewart Bryant <stewart.bryant@gmail.com>, Dino Farinacci <farinacci@gmail.com>, Lloyd W <lloyd.wood=40yahoo.co.uk@dmarc.ietf.org>, IETF Discussion Mailing List <ietf@ietf.org>, pearg@irtf.org, hrpc@irtf.org, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, saag <saag@ietf.org>, Antoine FRESSANCOURT <antoine.fressancourt=40huawei.com@dmarc.ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/pauPdoWBbnj2oYguUxUmew606gQ>
X-Mailman-Approved-At: Mon, 09 Jan 2023 08:09:51 -0800
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IETF-Discussion. This is the most general IETF mailing list, intended for discussion of technical, procedural, operational, and other topics for which no dedicated mailing lists exist." <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jan 2023 17:37:22 -0000

On Fri, Jan 6, 2023 at 11:59 AM Phillip Hallam-Baker
<phill@hallambaker.com> wrote:
> I suspect the biggest barrier for deployment of multicast is the steep learning curve for implementers. I have no idea how I would go about getting a multicast address group assigned, no idea how I would set up a test stand, etc. etc. And the information is certainly not easily accessible.

>From what I can tell from the last few years working in this space,
this isn't it. IP multicast is pretty straightforward and easy to get
working in a sandbox.

> Then as mentioned earlier, multicast is only giving me a limited UDP functionality that is essentially unidirectional. I have to do my own work at transport and above and on top of that, the security model is changed.

This is exactly it.

Unicast delivery is very mature in every way: not just reliable
transport, but operations, monitoring, congestion control,
authentication, and confidentiality. The single biggest problem with
deploying multicast is bootstrapping all the *other* things that are
required to make use of IP multicast. In a very real sense, getting
the basic IP multicast function to do something (i.e., getting routers
to duplicate packets and manage group membership) is the easy part:
it's the rest of the ecosystem that requires a large lift to get
multicast delivery to the point where it is viable for businesses
whose users have high baseline quality expectations. In most cases,
technologies for doing those things don't exist except on paper, and
even then have not been battle-tested by operators for 40 years.

> So given modern hardware, does it really make such a big difference if that voodoo is happening in a processor that is in the router chassis itself or in another box in the same rack connected by a nice fat pipe?

This does appear to be the way the industry has gone. CDNs have
limited ability to help with congestion on shared access networks
(like cable) or in places where nodes are hard to deploy, but the
judgment increasingly seems to be that an approximation of multicast
via CDNs doing unicast combined with limiting the size of broadcast
domains is "good enough". It may be that deploying multicast buys only
a small constant multiplier improvement in efficiency, equating to a
few years' worth of capacity increases on access networks, making the
unicast approximation C-competitive. I honestly haven't looked into
that aspect of it very closely.

Kyle

v2.23.0 | Report a Bug | By Email