IETF Logo Mail Archive

Re: [middisc] TCP middlebox option requirements

Andrew Knutsen <andrew.knutsen@bluecoat.com> Tue, 24 May 2011 20:57 UTC

Return-Path: <andrew.knutsen@bluecoat.com>
X-Original-To: middisc@ietfa.amsl.com
Delivered-To: middisc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4104DE0791 for <middisc@ietfa.amsl.com>; Tue, 24 May 2011 13:57:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.852
X-Spam-Level:
X-Spam-Status: No, score=-1.852 tagged_above=-999 required=5 tests=[AWL=0.148, BAYES_00=-2.599, J_CHICKENPOX_43=0.6]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HpVm+JgAc8g8 for <middisc@ietfa.amsl.com>; Tue, 24 May 2011 13:57:01 -0700 (PDT)
Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by ietfa.amsl.com (Postfix) with ESMTP id 551CFE0786 for <middisc@ietf.org>; Tue, 24 May 2011 13:57:01 -0700 (PDT)
Received: from exchfront1.internal.cacheflow.com (exchfront1 [10.2.2.114]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id p4OKuuSp001903; Tue, 24 May 2011 13:56:57 -0700 (PDT)
Received: from [10.9.84.250] ([10.9.84.250]) by exchfront1.internal.cacheflow.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 24 May 2011 13:56:51 -0700
Message-ID: <4DDC1B93.7010605@bluecoat.com>
Date: Tue, 24 May 2011 13:56:51 -0700
From: Andrew Knutsen <andrew.knutsen@bluecoat.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10
MIME-Version: 1.0
To: "Anantha Ramaiah (ananth)" <ananth@cisco.com>
References: <0C53DCFB700D144284A584F54711EC5809BD740A@xmb-sjc-21c.amer.cisco.com><4BF6CF8A.5030707@bluecoat.com><AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADAB3597@MAILBOXES2.nbttech.com><4BFC6B29.1080706@bluecoat.com><2A7D4A79-0E08-480F-A67B-35338D226E14@bluecoat.com><AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADB9D3D6@MAILBOXES2.nbttech.com><93730462-B3C5-4ACA-8C0A-C69F52BF0822@bluecoat.com><C304DB494AC0C04C87C6A6E2FF5603DB47E64A333F@NDJSSCC01.ndc.nasa.gov> <3A2E247DEDD847669D302BFF7ED0E69B@davidPC> <0C53DCFB700D144284A584F54711EC580CCD5F61@xmb-sjc-21c.amer.cisco.com> <4DDC162E.5000005@bluecoat.com> <0C53DCFB700D144284A584F54711EC580CCD6121@xmb-sjc-21c.amer.cisco.com>
In-Reply-To: <0C53DCFB700D144284A584F54711EC580CCD6121@xmb-sjc-21c.amer.cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 24 May 2011 20:56:51.0412 (UTC) FILETIME=[1AFB4940:01CC1A55]
Cc: middisc@ietf.org
Subject: Re: [middisc] TCP middlebox option requirements
X-BeenThere: middisc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussions on TCP option for middlebox discovery." <middisc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/middisc>, <mailto:middisc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/middisc>
List-Post: <mailto:middisc@ietf.org>
List-Help: <mailto:middisc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/middisc>, <mailto:middisc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2011 20:57:02 -0000

     If you don't need a vendor code, that means its a standard type, 
which has vendor ID 0 in the current proposal.

Andrew

On 5/24/2011 1:46 PM, Anantha Ramaiah (ananth) wrote:
> Andrew,
>       My primary motivation here was to accommodate other possible use
> cases and at the same time be very sensitive to TCP option bits. Hence I
> thought we could sub-divide the vendor field into 2 pieces. Instead of
> having 8 bits for vendor type and another 8 bits for sub-type. We could
> also have something like if the MSB is set, then it is WAN opt option,
> what follows is vendor information, if 0 it can be used for other
> things.
>      Also to paraphrase what I said earlier : if we want to restrict this
> TCP option allocation proposal's scope to middlebox WAN optimization use
> case alone, I am fine with that too.
> -Anantha
>
>> -----Original Message-----
>> From: Andrew Knutsen [mailto:andrew.knutsen@bluecoat.com]
>> Sent: Tuesday, May 24, 2011 1:34 PM
>> To: Anantha Ramaiah (ananth)
>> Cc: David Harrington; Eddy, Wesley M. (GRC-MS00)[ASRC AEROSPACE CORP];
>> Ron Frederick; Mark Day; middisc@ietf.org
>> Subject: Re: [middisc] TCP middlebox option requirements
>>
>>
>>      Anantha, what do you see as the advantage of adding a sub-type to
>> the type code, which follows the vendor ID?
>>
>> Andrew
>>
>> On 5/24/2011 9:03 AM, Anantha Ramaiah (ananth) wrote:
>>> Hi David,
>>>
>>>> -----Original Message-----
>>>> From: middisc-bounces@ietf.org [mailto:middisc-bounces@ietf.org] On
>>>> Behalf Of David Harrington
>>>> Sent: Tuesday, May 24, 2011 6:13 AM
>>>> To: 'Eddy,Wesley M. (GRC-MS00)[ASRC AEROSPACE CORP]'; 'Ron
>> Frederick';
>>>> 'Mark Day'
>>>> Cc: middisc@ietf.org
>>>> Subject: Re: [middisc] TCP middlebox option requirements
>>>>
>>>> Hi,
>>>>
>>>> I also have no skin in this game. and I'm looking at this list
> after
>>>> months of ignoring it, so I'm way behind in the discussions.
>>>>
>>>> I am concerned that unless severely limited in what it can be used
>>>> for, this will lead to other vendor-specific options.
>>>> Whether that is good or bad I'll leave to other people to decide,
>> such
>>>> as my co-area director Wes, the IETF community and the IESG that
>> will
>>>> need to approve any document produced as a result of this
>> discussion.
>>>> I will observe that many IETF protocols developed for a limited use
>>>> "escape into the wild". This happens ofetn when people decide to
>>>> develop a weak or non- security solution and claim it will be only
>> be
>>>> used within an enterprise, but it then gains use in the Internet. I
>>>> don't know if there is anything you can do to prevent this from
>>>> becoming a generic option for vendor-specific features if you
> design
>>>> in a vendor code. The best way to avoid that is to reach agreement
>> on
>>>> a standard that does not include a vendor code (which means
>> accepting
>>>> that your current products continue to not be compliant to the new
>>>> standard).
>>> This thread has been quiet for sometime and last week I had sent an
>>> email describing the current status and the steps moving forward to
>>> reach consensus.
>>> I agree with your concerns in the above paragraph and I am sure we
>> need
>>> to have a section (applicability section ) which exactly spells out
>> the
>>> scope of the middlebox option, caveats etc.,  I am afraid this is
>> best
>>> that can be done, we can talk and debate about it but the reality is
>>> multiple vendors already have WAN opt options and it is non-goal of
>> this
>>> effort to interoperate among vendors.
>>>
>>>> If you do have vendor-specific options, it will be important to
> make
>>>> sure that each vendor is uniquely identified, so we don't have two
>>>> vendors fighting over a vendor code. I recommend registering vendor
>>>> codes with IANA to make sure this doesn't happen.
>>> Actually I had asked this question (about IANA managing the vendor
>>> codes) earlier in this thread. It sounds very useful to me.
>>>
>>>> IANA already maintains an Enterprise Number registry that is used
>> for
>>>> many IETF standards. It is a widely used ***standard*** in IETF
>>>> standards for identifying vendors using a code number.
>>>> http://www.iana.org/assignments/enterprise-numbers.
>>> Good to know.
>>>
>>>> Maybe you can convince the IESG that having another set of codes to
>>>> identify vendors is important, and that a given vendor will likely
>>>> have a different code in your vendor code list than that used by
>> other
>>>> standards. It doesn't sound very convincing to me.
>>> One of the issues is the limited space of TCP options currently
>>> available,  having a standard vendor code would cause it to eat more
>> TCP
>>> option space which would impact the usability of this option. Given
>> that
>>> we have an handful of vendors ( I suspect this number to grow for
> the
>>> use case of WAN optimization anytime), it is probably ok to go ahead
>>> with a shorter vendor code point.
>>>
>>>> If expansion CAN take place in the future, and now you need 0xff
>> plus
>>>> an OUI, you will also have added complexity to TCP, requiring
>> suppoort
>>>> for one-byte vendor codes plus OUI support. and you will have added
>> a
>>>> new list of vendor codes (whether maintained by IANA or not), and
>>>> you'll need to convince IESG all this extra complexity is
> justified.
>>> Actually sometime back I had mentioned the other use cases like the
>>> following draft by Dan Wing :-
>>> http://tools.ietf.org/html/draft-wing-nat-reveal-option-01
>>>
>>> Actually it would be expedient to make the middlebox  option
>> extensible
>>> to accommodate use cases like the above. As far as the WAN
>> optimization
>>> option goes, there are a very handful of vendors today and
> allocating
>> a
>>> whole byte is overkill and we can sub-divide that portion to
>> accommodate
>>> other use cases like the above. But this is something we want to do
>> if
>>> there is a consensus, at the minimum the goal of this effort is to
>> get a
>>> TCP option for WAN optimization allocated. (which is the original
>>> intent)
>>>
>>> To make things clear I am talking about the following format (which
>> was
>>> one of the choices listed which the group came up with)
>>> Case 3:
>>>
>>>    0                   1                   2                   3
>>>    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
>>> +---------------+---------------+---------------+---------------+
>>> | Opt kind=TBD  |    Opt len    | sub-type + Vendor  |          |
>>> +---------------+---------------+--------------------+----------|
>>> |                                                               |
>>> | ...Optional vendor payload data dependent on vend typecode... |
>>> |                                                               |
>>> +---------------+---------------+---------------+---------------+
>>>
>>> In the above we have a option sub-type which can be 3 bits long :-
>>>
>>> 000 - WAN opt.
>>> 001  - NAT reveal
>>>
>>> This gives vendor codes 5 bits which is more than enough as far as
>> this
>>> option goes. The point here is putting the OUI information is up to
>> the
>>> vendor and that belongs to the vendor specific metadata. All that is
>>> required is a type code for middlebox option and have this format as
>>> generic as possible so that multiple vendors requirements (currently
>> as
>>> we speak there is Bluecoat, Riverbed, Cisco and maybe Citrix)
>>>
>>> Adding Dan in the loop.
>>>
>>> -Anantha
>>>> I recommend you consider simply using an existing IETF standard
>>>> registry already supported by IANA, such as Enterprise Numbers, for
>>>> your vendor codes. OR don't support vendor codes at all, and agree
>> on
>>>> a single standard.
>>>>
>>>> David Harrington
>>>> Director, IETF Transport Area
>>>> ietfdbh@comcast.net (preferred for ietf)
>>>> dbharrington@huaweisymantec.com
>>>> +1 603 828 1401 (cell)
>>>>
>>>>
>>>>> -----Original Message-----
>>>>> From: middisc-bounces@ietf.org
>>>>> [mailto:middisc-bounces@ietf.org] On Behalf Of Eddy, Wesley
>>>>> M. (GRC-MS00)[ASRC AEROSPACE CORP]
>>>>> Sent: Thursday, May 27, 2010 12:53 PM
>>>>> To: Ron Frederick; Mark Day
>>>>> Cc: middisc@ietf.org
>>>>> Subject: Re: [middisc] TCP middlebox option requirements
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: middisc-bounces@ietf.org [mailto:middisc-bounces@ietf.org]
>> On
>>>>>> Behalf Of Ron Frederick
>>>>>> Sent: Thursday, May 27, 2010 12:44 PM
>>>>>> To: Mark Day
>>>>>> Cc: middisc@ietf.org
>>>>>> Subject: Re: [middisc] TCP middlebox option requirements
>>>>>>
>>>>>> ...
>>>>>>
>>>>>> If this is really the case, it would be a mistake to limit the
>>>> total
>>>>>> number of type codes across all vendors to 256. We'd basically be
>>>>>> repeating the mistake that led to this effort in the first
>>>>> place, where
>>>>>> TCP options as a whole have a space of 256 options and we're
>>>>> currently
>>>>>> using multiple of those to solve this problem.
>>>>> I don't have skin in the game, but on reading this thread, my
>>>>> thought was that it's probably possible to use a single byte,
>>>>> but define one codepoint (like 0xFF) to mean "use a full OUI
>>>>> which follows".  This way you can start with using a single
>>>>> byte given the relatively small number of vendors today, and
>>>>> have a way to accommodate larger numbers in the future, if
>>>>> the need arises.
>>>>>
>>>>> This only works if the means of extending to a full OUI is
>>>>> part of the base specification and everyone has to support
>>>>> it, otherwise there are backwards-compatibility issues when
>>>>> someone tries to use it in the future.
>>>>>
>>>>> --
>>>>> Wes Eddy
>>>>> MTI Systems
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> middisc mailing list
>>>>> middisc@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/middisc
>>>>>
>>>> _______________________________________________
>>>> middisc mailing list
>>>> middisc@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/middisc
>>> _______________________________________________
>>> middisc mailing list
>>> middisc@ietf.org
>>> https://www.ietf.org/mailman/listinfo/middisc

v2.23.0 | Report a Bug | By Email