Re: [ippm] [**EXTERNAL**] Re: AD review of draft-ietf-ippm-stamp

Rakesh Gandhi <rgandhi.ietf@gmail.com> Tue, 20 August 2019 11:41 UTC

Return-Path: <rgandhi.ietf@gmail.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAA051201E3; Tue, 20 Aug 2019 04:41:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.987
X-Spam-Level:
X-Spam-Status: No, score=-1.987 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P7o4sjtat_aB; Tue, 20 Aug 2019 04:41:17 -0700 (PDT)
Received: from mail-lf1-x144.google.com (mail-lf1-x144.google.com [IPv6:2a00:1450:4864:20::144]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C9E712095D; Tue, 20 Aug 2019 04:41:17 -0700 (PDT)
Received: by mail-lf1-x144.google.com with SMTP id b29so3872066lfq.1; Tue, 20 Aug 2019 04:41:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=FjQI58cFIJIlkPHcEbzPwP5h/TD27ScEcrt2FSkW150=; b=KGapy9FS36lzVFgHjP2CzeutbRGQo37+1+s1IPK30GM23CVBLzlQkGklZ3pSDiLA5o A/t8fWkdJ884CHCeHiO6VrarxecI/4n8yvsPakGyHCg1md3E77SXW/+3OYsajLPrHvwi 3EACgm72y7Il7hZ28xMEG6eZS0ISXfdGKFsv2s/7FSQLDjMMv+ObVe/9BcgiXOdsdjOu Gr7kWB+/MC4c3Je/YLoIUF4c6c49HeaNfGgjoVvwB5xS4zmxXgPBS/c9WIJ8GxEzvcPN nmJfEfIUHEbgBVhm4PLZiqjwBBKZbKbXwl3ILeDTB7PixvKOPDwg8r4d5dcgFYz8G8kD Auag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=FjQI58cFIJIlkPHcEbzPwP5h/TD27ScEcrt2FSkW150=; b=Jk4CY5OVZckVU2RbJ44fQWyot/Rqvyu9ScYX8TPX7kiYPumcY71LWlBYkNV/Ibvapk W5WsVyEKnVFybtjXXZCJ4U9N0r8dqfaNreo40bREv2wH3q0OjBYl8/Ghw/hFS/quPYzc TqLKOcQvWshfmjpOzVpiFpfcav7jNEpw/k8QNcJXmi+bPy59jw5ubaJvpT5oZSFu0WEQ WtGORowIZTkbuIisFurQTw3lkHHvNPqFyCWFMm6l7pAg/9h3UAIwhVhusKZzzk51xtDJ vN8g2DOlpW/5qXF+3WCPkXiHkKdCltLO/vrW4omvLpnOXK3kBByhbgbVB3VmWeEOa00V IkBg==
X-Gm-Message-State: APjAAAVJ6/q67IylTx6fdA7Q6dvzzJKuGjPMV4OOOSwPfUPkGDaHpbeW EHrPamvbgOiopPwUAkeYaljUOHrcmYDdCX2SJA==
X-Google-Smtp-Source: APXvYqxm2TdnjuMZX3EIvDfpssxtZ7O5bSE81sdYaQlffk88EMIHJ6V9vRgaRXQ0wIiVATDS4iEwQWKtqwNZOJqXIVs=
X-Received: by 2002:a19:7908:: with SMTP id u8mr15078749lfc.178.1566301275744; Tue, 20 Aug 2019 04:41:15 -0700 (PDT)
MIME-Version: 1.0
References: <B617B303-6EBE-4E3B-AE5C-1438FF1C5D7F@kuehlewind.net> <CA+RyBmVEmKQu=LGp9eVT+x5e01LCSk_A4tQD=RE8Ett-R35BVg@mail.gmail.com> <11938018-8A65-483B-8176-A6E1C2A265A3@kuehlewind.net> <CA+RyBmX=Jx2yXrMXu4Y2VKX36iKphymb1Hkyfy0XhPGFmsUGzQ@mail.gmail.com> <B8047CA0-2F5E-48F8-9BE4-3FA41D742F12@kuehlewind.net> <CA+RyBmXPCe7TZQqPgsKsVnifZDG8O8wGafDn-nzYfGpx2OiaXQ@mail.gmail.com> <F167C330-76F4-48FC-B720-415CA190239C@broadcom.com> <CA+RyBmVtfXcwqu1RH-1JXnhpCZcbGgm30ubKGctUPnLNJCgVZQ@mail.gmail.com> <CAMZsk6f=x1j_fXAoqZ874y0nw7Y1wP0OeS9eFuToSBQfrqkJLQ@mail.gmail.com> <CA+RyBmVWZ3utikyBRm4TDhRDuMd3cZ9-otbuX=Mbg0ioAGjwHg@mail.gmail.com> <CAMZsk6eJf2xjsRJwnBtd5KFHbwO4KX3gEjs_Nv1Dhf39ZWjegA@mail.gmail.com> <CA+RyBmXHTjpbWv4FGpOsfL94Zip3MsVvESyka5M8PrmNKFB=YQ@mail.gmail.com> <CAMZsk6dGneYXFr3Xk_DuQnbwa=-ObV_SNdGOSj1Z203wW-PzTg@mail.gmail.com> <CALhTbppn9jpCLaSLR3QSN=yA0uDyXXMCQ+Rm4qFrR5OrjS31Dw@mail.gmail.com> <CAMZsk6eidFR-doLCvMim6HJZ142q_Q0V7XmiLP6Ki5_jmNvUxw@mail.gmail.com> <CALhTbppD+GSRf2U_eSPfm4RkTC1-vm-+rfuVJUesHmFiPxmnGw@mail.gmail.com> <CAMZsk6e=eDds8fEWgqTs6anYb0m2jciZ7EHBtNtNWp3i6s+0=w@mail.gmail.com> <CH2PR04MB657072ABD626806915BC94F7CBAC0@CH2PR04MB6570.namprd04.prod.outlook.com> <CAMZsk6dSJABREi2RpLi7qg6ocvfr0fouhkDNisjS03D2ygXm_A@mail.gmail.com> <34941CF8-B658-4B15-A6BB-403457CD78CC@kuehlewind.net> <CAMZsk6cXcjLoc_sGbcrkgTM=cdcfA-hdLshqFEwH0zpTVQ=BwQ@mail.gmail.com> <CALhTbpqkuiABchHhcSarbBv6aKYhMqzFY4E7XKxj_ML2jBLEhA@mail.gmail.com>
In-Reply-To: <CALhTbpqkuiABchHhcSarbBv6aKYhMqzFY4E7XKxj_ML2jBLEhA@mail.gmail.com>
From: Rakesh Gandhi <rgandhi.ietf@gmail.com>
Date: Tue, 20 Aug 2019 07:41:03 -0400
Message-ID: <CAMZsk6e88gqxB_zgEc9t86BHYkqrnKUL77ehqkxAShXOu6NJOA@mail.gmail.com>
To: Henrik Nydell <hnydell@accedian.com>
Cc: Mirja Kuehlewind <ietf@kuehlewind.net>, "Civil, Ruth" <gcivil@ciena.com>, Greg Mirsky <gregimirsky@gmail.com>, "rrahman@cisco.com" <rrahman@cisco.com>, Shahram Davari <shahram.davari@broadcom.com>, "draft-ietf-ippm-stamp@ietf.org" <draft-ietf-ippm-stamp@ietf.org>, IPPM Chairs <ippm-chairs@ietf.org>, IETF IPPM WG <ippm@ietf.org>, "draft-ietf-ippm-twamp-yang@ietf.org" <draft-ietf-ippm-twamp-yang@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000026f0a305908aef5f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/rowiaCDCJuNuggiB_sWJq9XQWp0>
X-Mailman-Approved-At: Tue, 20 Aug 2019 08:41:14 -0700
Subject: Re: [ippm] [**EXTERNAL**] Re: AD review of draft-ietf-ippm-stamp
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Aug 2019 11:41:23 -0000

Hi Henrik,
Agree.

Thanks,
Rakesh


On Mon, Aug 19, 2019 at 1:55 PM Henrik Nydell <hnydell@accedian.com> wrote:

> I think the Yang model should not put too many restrictions in place for
> the port used for the TWAMP-test packets, neither source nor destination
> ports. Although some ports are indeed assigned to specific services, the
> idea of a test function often is to be able to as closely as possible mimic
> the patterns of a real service.
>
> Limiting the port at the application (TWAMP/STAMP) level would not be the
> solution to "securing" an internet service, each application needs to have
> enough protection to not become disturbed by unknown packets. As an
> example, neither Chrome nor Edge prevents me from entering URLs with
> destination TCP ports that are reserved for other protocols. I moved my
> private web server to port 88 (which is assigned to Kerberos, although I am
> not using Kerberos) and both browsers were fine with letting me point to
> SERVER:88
>
>
>
>
>
> On Mon, Aug 19, 2019 at 6:38 PM Rakesh Gandhi <rgandhi.ietf@gmail.com>
> wrote:
>
>> Hi Mirja,
>> Thanks for your comments, yes, such appropriate caveat can be added for
>> the user port range in the TWAMP Yang mode.
>>
>> Thanks,
>> Rakesh
>>
>>
>> On Mon, Aug 19, 2019 at 11:25 AM Mirja Kuehlewind <ietf@kuehlewind.net>
>> wrote:
>>
>>> Hi Rakesh,
>>>
>>> Just quickly a comment on this bit:
>>>
>>> > On 19. Aug 2019, at 17:12, Rakesh Gandhi <rgandhi.ietf@gmail.com>
>>> wrote:
>>> >
>>> > TWAMP Yang model [draft-ietf-ippm-twamp-yang-13] can also support the
>>> range to allow user ports. An example caveat is specified in
>>> [draft-ietf-tram-turnbis-29]
>>> > as "unless the TURN server application knows, through some means not
>>> >    specified here, that other applications running on the same host as
>>> the TURN server application will not be impacted by allocating ports
>>> outside this range. "
>>> >
>>> I don’t think it is the same thing for turn and stamp/twamp.
>>>
>>> In turn you aim at actually opening a connection to a remote endpoint
>>> and need to make sure that that endpoint is talking the same protocol as
>>> you do. That remote endpoint might actually implement different services on
>>> different ports.
>>>
>>> TWAMP is used for testing, therefore it could make sense to set up a
>>> testing server that listens on exactly the same port as your application
>>> would usually do. Yes, when using twamp on such ports, you have to make
>>> sure that your twamp server does not implement another protocol on that
>>> port but often these server are decided for testing only and preconfigured
>>> in a respective way.
>>>
>>> Mirja
>>>
>>>
>>>
>
> --
>
> *Henrik Nydell*
> *Sr Product Manager*
> 1.866.685.8181
> hnydell@accedian.com
> <http://accedian.com>
> <https://www.facebook.com/accedian/>  <https://twitter.com/Accedian>
> <https://www.linkedin.com/company/accedian-networks?originalSubdomain=ca>
> <http://www.accedian.com>
> *accedian.com <http://accedian.com>*
>
> Avis de confidentialité
>
> Les informations contenues dans le présent message et dans toute pièce qui
> lui est jointe sont confidentielles et peuvent être protégées par le secret
> professionnel. Ces informations sont à l’usage exclusif de son ou de ses
> destinataires. Si vous recevez ce message par erreur, veuillez s’il vous
> plait communiquer immédiatement avec l’expéditeur et en détruire tout
> exemplaire. De plus, il vous est strictement interdit de le divulguer, de
> le distribuer ou de le reproduire sans l’autorisation de l’expéditeur.
> Merci.
>
> Confidentiality notice
>
> This e-mail message and any attachment hereto contain confidential
> information which may be privileged and which is intended for the exclusive
> use of its addressee(s). If you receive this message in error, please
> inform sender immediately and destroy any copy thereof. Furthermore, any
> disclosure, distribution or copying of this message and/or any attachment
> hereto without the consent of the sender is strictly prohibited. Thank you.
>