IETF Logo Mail Archive

Re: [middisc] TCP middlebox option requirements

"Anantha Ramaiah (ananth)" <ananth@cisco.com> Tue, 24 May 2011 20:46 UTC

Return-Path: <ananth@cisco.com>
X-Original-To: middisc@ietfa.amsl.com
Delivered-To: middisc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5C6CE0784 for <middisc@ietfa.amsl.com>; Tue, 24 May 2011 13:46:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.099
X-Spam-Level:
X-Spam-Status: No, score=-10.099 tagged_above=-999 required=5 tests=[AWL=-0.100, BAYES_00=-2.599, J_CHICKENPOX_43=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PzRiwqvD3vv4 for <middisc@ietfa.amsl.com>; Tue, 24 May 2011 13:46:42 -0700 (PDT)
Received: from sj-iport-3.cisco.com (sj-iport-3.cisco.com [171.71.176.72]) by ietfa.amsl.com (Postfix) with ESMTP id 9EB23E0775 for <middisc@ietf.org>; Tue, 24 May 2011 13:46:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=ananth@cisco.com; l=10182; q=dns/txt; s=iport; t=1306270002; x=1307479602; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=d1t+ef5lZh5jckYRX4kj+kikgS+n6SaTf6IJaOWBuvA=; b=cr+E5/c/8UDXPwSfiPO4jNe/4ZWUN0ZRVmZ3TGqdZ4HqGBi2l0PvkQGd gAkyK6l6wlZc4kk58/XWBejsKiWd40n89FQH3ocvslF9D44bQo0W9yLEX 01mtHVy1iN6afNAToFwWnwyz3HSWUliSVG1vks7SaQRoXqeNU400fU0PK I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhAAAIoY3E2rRDoJ/2dsb2JhbACXZAGORHeqep1vgxYagmsEhlaOBopk
X-IronPort-AV: E=Sophos;i="4.65,263,1304294400"; d="scan'208";a="322747232"
Received: from mtv-core-4.cisco.com ([171.68.58.9]) by sj-iport-3.cisco.com with ESMTP; 24 May 2011 20:46:41 +0000
Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by mtv-core-4.cisco.com (8.14.3/8.14.3) with ESMTP id p4OKkfFv025496; Tue, 24 May 2011 20:46:41 GMT
Received: from xmb-sjc-21c.amer.cisco.com ([171.70.151.176]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 24 May 2011 13:46:41 -0700
X-Mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 24 May 2011 13:46:40 -0700
Message-ID: <0C53DCFB700D144284A584F54711EC580CCD6121@xmb-sjc-21c.amer.cisco.com>
In-Reply-To: <4DDC162E.5000005@bluecoat.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [middisc] TCP middlebox option requirements
Thread-Index: AcwaUfG+MsE06VHYRTuSzrlH9tOjuAAABIxA
References: <0C53DCFB700D144284A584F54711EC5809BD740A@xmb-sjc-21c.amer.cisco.com><4BF6CF8A.5030707@bluecoat.com><AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADAB3597@MAILBOXES2.nbttech.com><4BFC6B29.1080706@bluecoat.com><2A7D4A79-0E08-480F-A67B-35338D226E14@bluecoat.com><AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADB9D3D6@MAILBOXES2.nbttech.com><93730462-B3C5-4ACA-8C0A-C69F52BF0822@bluecoat.com><C304DB494AC0C04C87C6A6E2FF5603DB47E64A333F@NDJSSCC01.ndc.nasa.gov> <3A2E247DEDD847669D302BFF7ED0E69B@davidPC> <0C53DCFB700D144284A584F54711EC580CCD5F61@xmb-sjc-21c.amer.cisco.com> <4DDC162E.5000005@bluecoat.com>
From: "Anantha Ramaiah (ananth)" <ananth@cisco.com>
To: Andrew Knutsen <andrew.knutsen@bluecoat.com>
X-OriginalArrivalTime: 24 May 2011 20:46:41.0371 (UTC) FILETIME=[AF5E6AB0:01CC1A53]
Cc: middisc@ietf.org
Subject: Re: [middisc] TCP middlebox option requirements
X-BeenThere: middisc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussions on TCP option for middlebox discovery." <middisc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/middisc>, <mailto:middisc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/middisc>
List-Post: <mailto:middisc@ietf.org>
List-Help: <mailto:middisc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/middisc>, <mailto:middisc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2011 20:46:43 -0000

Andrew,
     My primary motivation here was to accommodate other possible use
cases and at the same time be very sensitive to TCP option bits. Hence I
thought we could sub-divide the vendor field into 2 pieces. Instead of
having 8 bits for vendor type and another 8 bits for sub-type. We could
also have something like if the MSB is set, then it is WAN opt option,
what follows is vendor information, if 0 it can be used for other
things. 
    Also to paraphrase what I said earlier : if we want to restrict this
TCP option allocation proposal's scope to middlebox WAN optimization use
case alone, I am fine with that too.
-Anantha

> -----Original Message-----
> From: Andrew Knutsen [mailto:andrew.knutsen@bluecoat.com]
> Sent: Tuesday, May 24, 2011 1:34 PM
> To: Anantha Ramaiah (ananth)
> Cc: David Harrington; Eddy, Wesley M. (GRC-MS00)[ASRC AEROSPACE CORP];
> Ron Frederick; Mark Day; middisc@ietf.org
> Subject: Re: [middisc] TCP middlebox option requirements
> 
> 
>     Anantha, what do you see as the advantage of adding a sub-type to
> the type code, which follows the vendor ID?
> 
> Andrew
> 
> On 5/24/2011 9:03 AM, Anantha Ramaiah (ananth) wrote:
> > Hi David,
> >
> >> -----Original Message-----
> >> From: middisc-bounces@ietf.org [mailto:middisc-bounces@ietf.org] On
> >> Behalf Of David Harrington
> >> Sent: Tuesday, May 24, 2011 6:13 AM
> >> To: 'Eddy,Wesley M. (GRC-MS00)[ASRC AEROSPACE CORP]'; 'Ron
> Frederick';
> >> 'Mark Day'
> >> Cc: middisc@ietf.org
> >> Subject: Re: [middisc] TCP middlebox option requirements
> >>
> >> Hi,
> >>
> >> I also have no skin in this game. and I'm looking at this list
after
> >> months of ignoring it, so I'm way behind in the discussions.
> >>
> >> I am concerned that unless severely limited in what it can be used
> >> for, this will lead to other vendor-specific options.
> >> Whether that is good or bad I'll leave to other people to decide,
> such
> >> as my co-area director Wes, the IETF community and the IESG that
> will
> >> need to approve any document produced as a result of this
> discussion.
> >>
> >> I will observe that many IETF protocols developed for a limited use
> >> "escape into the wild". This happens ofetn when people decide to
> >> develop a weak or non- security solution and claim it will be only
> be
> >> used within an enterprise, but it then gains use in the Internet. I
> >> don't know if there is anything you can do to prevent this from
> >> becoming a generic option for vendor-specific features if you
design
> >> in a vendor code. The best way to avoid that is to reach agreement
> on
> >> a standard that does not include a vendor code (which means
> accepting
> >> that your current products continue to not be compliant to the new
> >> standard).
> > This thread has been quiet for sometime and last week I had sent an
> > email describing the current status and the steps moving forward to
> > reach consensus.
> > I agree with your concerns in the above paragraph and I am sure we
> need
> > to have a section (applicability section ) which exactly spells out
> the
> > scope of the middlebox option, caveats etc.,  I am afraid this is
> best
> > that can be done, we can talk and debate about it but the reality is
> > multiple vendors already have WAN opt options and it is non-goal of
> this
> > effort to interoperate among vendors.
> >
> >> If you do have vendor-specific options, it will be important to
make
> >> sure that each vendor is uniquely identified, so we don't have two
> >> vendors fighting over a vendor code. I recommend registering vendor
> >> codes with IANA to make sure this doesn't happen.
> > Actually I had asked this question (about IANA managing the vendor
> > codes) earlier in this thread. It sounds very useful to me.
> >
> >> IANA already maintains an Enterprise Number registry that is used
> for
> >> many IETF standards. It is a widely used ***standard*** in IETF
> >> standards for identifying vendors using a code number.
> >> http://www.iana.org/assignments/enterprise-numbers.
> > Good to know.
> >
> >> Maybe you can convince the IESG that having another set of codes to
> >> identify vendors is important, and that a given vendor will likely
> >> have a different code in your vendor code list than that used by
> other
> >> standards. It doesn't sound very convincing to me.
> > One of the issues is the limited space of TCP options currently
> > available,  having a standard vendor code would cause it to eat more
> TCP
> > option space which would impact the usability of this option. Given
> that
> > we have an handful of vendors ( I suspect this number to grow for
the
> > use case of WAN optimization anytime), it is probably ok to go ahead
> > with a shorter vendor code point.
> >
> >> If expansion CAN take place in the future, and now you need 0xff
> plus
> >> an OUI, you will also have added complexity to TCP, requiring
> suppoort
> >> for one-byte vendor codes plus OUI support. and you will have added
> a
> >> new list of vendor codes (whether maintained by IANA or not), and
> >> you'll need to convince IESG all this extra complexity is
justified.
> > Actually sometime back I had mentioned the other use cases like the
> > following draft by Dan Wing :-
> > http://tools.ietf.org/html/draft-wing-nat-reveal-option-01
> >
> > Actually it would be expedient to make the middlebox  option
> extensible
> > to accommodate use cases like the above. As far as the WAN
> optimization
> > option goes, there are a very handful of vendors today and
allocating
> a
> > whole byte is overkill and we can sub-divide that portion to
> accommodate
> > other use cases like the above. But this is something we want to do
> if
> > there is a consensus, at the minimum the goal of this effort is to
> get a
> > TCP option for WAN optimization allocated. (which is the original
> > intent)
> >
> > To make things clear I am talking about the following format (which
> was
> > one of the choices listed which the group came up with)
> > Case 3:
> >
> >   0                   1                   2                   3
> >   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> > +---------------+---------------+---------------+---------------+
> > | Opt kind=TBD  |    Opt len    | sub-type + Vendor  |          |
> > +---------------+---------------+--------------------+----------|
> > |                                                               |
> > | ...Optional vendor payload data dependent on vend typecode... |
> > |                                                               |
> > +---------------+---------------+---------------+---------------+
> >
> > In the above we have a option sub-type which can be 3 bits long :-
> >
> > 000 - WAN opt.
> > 001  - NAT reveal
> >
> > This gives vendor codes 5 bits which is more than enough as far as
> this
> > option goes. The point here is putting the OUI information is up to
> the
> > vendor and that belongs to the vendor specific metadata. All that is
> > required is a type code for middlebox option and have this format as
> > generic as possible so that multiple vendors requirements (currently
> as
> > we speak there is Bluecoat, Riverbed, Cisco and maybe Citrix)
> >
> > Adding Dan in the loop.
> >
> > -Anantha
> >> I recommend you consider simply using an existing IETF standard
> >> registry already supported by IANA, such as Enterprise Numbers, for
> >> your vendor codes. OR don't support vendor codes at all, and agree
> on
> >> a single standard.
> >>
> >> David Harrington
> >> Director, IETF Transport Area
> >> ietfdbh@comcast.net (preferred for ietf)
> >> dbharrington@huaweisymantec.com
> >> +1 603 828 1401 (cell)
> >>
> >>
> >>> -----Original Message-----
> >>> From: middisc-bounces@ietf.org
> >>> [mailto:middisc-bounces@ietf.org] On Behalf Of Eddy, Wesley
> >>> M. (GRC-MS00)[ASRC AEROSPACE CORP]
> >>> Sent: Thursday, May 27, 2010 12:53 PM
> >>> To: Ron Frederick; Mark Day
> >>> Cc: middisc@ietf.org
> >>> Subject: Re: [middisc] TCP middlebox option requirements
> >>>
> >>>> -----Original Message-----
> >>>> From: middisc-bounces@ietf.org [mailto:middisc-bounces@ietf.org]
> On
> >>>> Behalf Of Ron Frederick
> >>>> Sent: Thursday, May 27, 2010 12:44 PM
> >>>> To: Mark Day
> >>>> Cc: middisc@ietf.org
> >>>> Subject: Re: [middisc] TCP middlebox option requirements
> >>>>
> >>>> ...
> >>>>
> >>>> If this is really the case, it would be a mistake to limit the
> >> total
> >>>> number of type codes across all vendors to 256. We'd basically be
> >>>> repeating the mistake that led to this effort in the first
> >>> place, where
> >>>> TCP options as a whole have a space of 256 options and we're
> >>> currently
> >>>> using multiple of those to solve this problem.
> >>>
> >>> I don't have skin in the game, but on reading this thread, my
> >>> thought was that it's probably possible to use a single byte,
> >>> but define one codepoint (like 0xFF) to mean "use a full OUI
> >>> which follows".  This way you can start with using a single
> >>> byte given the relatively small number of vendors today, and
> >>> have a way to accommodate larger numbers in the future, if
> >>> the need arises.
> >>>
> >>> This only works if the means of extending to a full OUI is
> >>> part of the base specification and everyone has to support
> >>> it, otherwise there are backwards-compatibility issues when
> >>> someone tries to use it in the future.
> >>>
> >>> --
> >>> Wes Eddy
> >>> MTI Systems
> >>>
> >>>
> >>> _______________________________________________
> >>> middisc mailing list
> >>> middisc@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/middisc
> >>>
> >> _______________________________________________
> >> middisc mailing list
> >> middisc@ietf.org
> >> https://www.ietf.org/mailman/listinfo/middisc
> > _______________________________________________
> > middisc mailing list
> > middisc@ietf.org
> > https://www.ietf.org/mailman/listinfo/middisc

v2.23.0 | Report a Bug | By Email