IETF Logo Mail Archive

Re: [middisc] TCP middlebox option requirements

Andrew Knutsen <andrew.knutsen@bluecoat.com> Tue, 24 May 2011 20:34 UTC

Return-Path: <andrew.knutsen@bluecoat.com>
X-Original-To: middisc@ietfa.amsl.com
Delivered-To: middisc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C357CE0730 for <middisc@ietfa.amsl.com>; Tue, 24 May 2011 13:34:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.778
X-Spam-Level:
X-Spam-Status: No, score=-1.778 tagged_above=-999 required=5 tests=[AWL=0.221, BAYES_00=-2.599, J_CHICKENPOX_43=0.6]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8cx+zsM52Ean for <middisc@ietfa.amsl.com>; Tue, 24 May 2011 13:33:59 -0700 (PDT)
Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by ietfa.amsl.com (Postfix) with ESMTP id BDCD9E0670 for <middisc@ietf.org>; Tue, 24 May 2011 13:33:59 -0700 (PDT)
Received: from exchfront1.internal.cacheflow.com (exchfront1 [10.2.2.114]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id p4OKXu6L022417; Tue, 24 May 2011 13:33:57 -0700 (PDT)
Received: from [10.9.84.250] ([10.9.84.250]) by exchfront1.internal.cacheflow.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 24 May 2011 13:33:51 -0700
Message-ID: <4DDC162E.5000005@bluecoat.com>
Date: Tue, 24 May 2011 13:33:50 -0700
From: Andrew Knutsen <andrew.knutsen@bluecoat.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10
MIME-Version: 1.0
To: "Anantha Ramaiah (ananth)" <ananth@cisco.com>
References: <0C53DCFB700D144284A584F54711EC5809BD740A@xmb-sjc-21c.amer.cisco.com><4BF6CF8A.5030707@bluecoat.com><AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADAB3597@MAILBOXES2.nbttech.com><4BFC6B29.1080706@bluecoat.com><2A7D4A79-0E08-480F-A67B-35338D226E14@bluecoat.com><AF3CDDFAE1BB6C41B8F9EF3F4ADA9D11ADB9D3D6@MAILBOXES2.nbttech.com><93730462-B3C5-4ACA-8C0A-C69F52BF0822@bluecoat.com><C304DB494AC0C04C87C6A6E2FF5603DB47E64A333F@NDJSSCC01.ndc.nasa.gov> <3A2E247DEDD847669D302BFF7ED0E69B@davidPC> <0C53DCFB700D144284A584F54711EC580CCD5F61@xmb-sjc-21c.amer.cisco.com>
In-Reply-To: <0C53DCFB700D144284A584F54711EC580CCD5F61@xmb-sjc-21c.amer.cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 24 May 2011 20:33:51.0328 (UTC) FILETIME=[E4632E00:01CC1A51]
Cc: middisc@ietf.org
Subject: Re: [middisc] TCP middlebox option requirements
X-BeenThere: middisc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussions on TCP option for middlebox discovery." <middisc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/middisc>, <mailto:middisc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/middisc>
List-Post: <mailto:middisc@ietf.org>
List-Help: <mailto:middisc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/middisc>, <mailto:middisc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2011 20:34:04 -0000

    Anantha, what do you see as the advantage of adding a sub-type to 
the type code, which follows the vendor ID?

Andrew

On 5/24/2011 9:03 AM, Anantha Ramaiah (ananth) wrote:
> Hi David,
>
>> -----Original Message-----
>> From: middisc-bounces@ietf.org [mailto:middisc-bounces@ietf.org] On
>> Behalf Of David Harrington
>> Sent: Tuesday, May 24, 2011 6:13 AM
>> To: 'Eddy,Wesley M. (GRC-MS00)[ASRC AEROSPACE CORP]'; 'Ron Frederick';
>> 'Mark Day'
>> Cc: middisc@ietf.org
>> Subject: Re: [middisc] TCP middlebox option requirements
>>
>> Hi,
>>
>> I also have no skin in this game. and I'm looking at this list after
>> months of ignoring it, so I'm way behind in the discussions.
>>
>> I am concerned that unless severely limited in what it can be used
>> for, this will lead to other vendor-specific options.
>> Whether that is good or bad I'll leave to other people to decide, such
>> as my co-area director Wes, the IETF community and the IESG that will
>> need to approve any document produced as a result of this discussion.
>>
>> I will observe that many IETF protocols developed for a limited use
>> "escape into the wild". This happens ofetn when people decide to
>> develop a weak or non- security solution and claim it will be only be
>> used within an enterprise, but it then gains use in the Internet. I
>> don't know if there is anything you can do to prevent this from
>> becoming a generic option for vendor-specific features if you design
>> in a vendor code. The best way to avoid that is to reach agreement on
>> a standard that does not include a vendor code (which means accepting
>> that your current products continue to not be compliant to the new
>> standard).
> This thread has been quiet for sometime and last week I had sent an
> email describing the current status and the steps moving forward to
> reach consensus.
> I agree with your concerns in the above paragraph and I am sure we need
> to have a section (applicability section ) which exactly spells out the
> scope of the middlebox option, caveats etc.,  I am afraid this is best
> that can be done, we can talk and debate about it but the reality is
> multiple vendors already have WAN opt options and it is non-goal of this
> effort to interoperate among vendors.
>
>> If you do have vendor-specific options, it will be important to make
>> sure that each vendor is uniquely identified, so we don't have two
>> vendors fighting over a vendor code. I recommend registering vendor
>> codes with IANA to make sure this doesn't happen.
> Actually I had asked this question (about IANA managing the vendor
> codes) earlier in this thread. It sounds very useful to me.
>
>> IANA already maintains an Enterprise Number registry that is used for
>> many IETF standards. It is a widely used ***standard*** in IETF
>> standards for identifying vendors using a code number.
>> http://www.iana.org/assignments/enterprise-numbers.
> Good to know.
>
>> Maybe you can convince the IESG that having another set of codes to
>> identify vendors is important, and that a given vendor will likely
>> have a different code in your vendor code list than that used by other
>> standards. It doesn't sound very convincing to me.
> One of the issues is the limited space of TCP options currently
> available,  having a standard vendor code would cause it to eat more TCP
> option space which would impact the usability of this option. Given that
> we have an handful of vendors ( I suspect this number to grow for the
> use case of WAN optimization anytime), it is probably ok to go ahead
> with a shorter vendor code point.
>
>> If expansion CAN take place in the future, and now you need 0xff plus
>> an OUI, you will also have added complexity to TCP, requiring suppoort
>> for one-byte vendor codes plus OUI support. and you will have added a
>> new list of vendor codes (whether maintained by IANA or not), and
>> you'll need to convince IESG all this extra complexity is justified.
> Actually sometime back I had mentioned the other use cases like the
> following draft by Dan Wing :-
> http://tools.ietf.org/html/draft-wing-nat-reveal-option-01
>
> Actually it would be expedient to make the middlebox  option extensible
> to accommodate use cases like the above. As far as the WAN optimization
> option goes, there are a very handful of vendors today and allocating a
> whole byte is overkill and we can sub-divide that portion to accommodate
> other use cases like the above. But this is something we want to do if
> there is a consensus, at the minimum the goal of this effort is to get a
> TCP option for WAN optimization allocated. (which is the original
> intent)
>
> To make things clear I am talking about the following format (which was
> one of the choices listed which the group came up with)
> Case 3:
>
>   0                   1                   2                   3
>   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> +---------------+---------------+---------------+---------------+
> | Opt kind=TBD  |    Opt len    | sub-type + Vendor  |          |
> +---------------+---------------+--------------------+----------|
> |                                                               |
> | ...Optional vendor payload data dependent on vend typecode... |
> |                                                               |
> +---------------+---------------+---------------+---------------+
>
> In the above we have a option sub-type which can be 3 bits long :-
>
> 000 - WAN opt.
> 001  - NAT reveal
>
> This gives vendor codes 5 bits which is more than enough as far as this
> option goes. The point here is putting the OUI information is up to the
> vendor and that belongs to the vendor specific metadata. All that is
> required is a type code for middlebox option and have this format as
> generic as possible so that multiple vendors requirements (currently as
> we speak there is Bluecoat, Riverbed, Cisco and maybe Citrix)
>
> Adding Dan in the loop.
>
> -Anantha
>> I recommend you consider simply using an existing IETF standard
>> registry already supported by IANA, such as Enterprise Numbers, for
>> your vendor codes. OR don't support vendor codes at all, and agree on
>> a single standard.
>>
>> David Harrington
>> Director, IETF Transport Area
>> ietfdbh@comcast.net (preferred for ietf)
>> dbharrington@huaweisymantec.com
>> +1 603 828 1401 (cell)
>>
>>
>>> -----Original Message-----
>>> From: middisc-bounces@ietf.org
>>> [mailto:middisc-bounces@ietf.org] On Behalf Of Eddy, Wesley
>>> M. (GRC-MS00)[ASRC AEROSPACE CORP]
>>> Sent: Thursday, May 27, 2010 12:53 PM
>>> To: Ron Frederick; Mark Day
>>> Cc: middisc@ietf.org
>>> Subject: Re: [middisc] TCP middlebox option requirements
>>>
>>>> -----Original Message-----
>>>> From: middisc-bounces@ietf.org [mailto:middisc-bounces@ietf.org] On
>>>> Behalf Of Ron Frederick
>>>> Sent: Thursday, May 27, 2010 12:44 PM
>>>> To: Mark Day
>>>> Cc: middisc@ietf.org
>>>> Subject: Re: [middisc] TCP middlebox option requirements
>>>>
>>>> ...
>>>>
>>>> If this is really the case, it would be a mistake to limit the
>> total
>>>> number of type codes across all vendors to 256. We'd basically be
>>>> repeating the mistake that led to this effort in the first
>>> place, where
>>>> TCP options as a whole have a space of 256 options and we're
>>> currently
>>>> using multiple of those to solve this problem.
>>>
>>> I don't have skin in the game, but on reading this thread, my
>>> thought was that it's probably possible to use a single byte,
>>> but define one codepoint (like 0xFF) to mean "use a full OUI
>>> which follows".  This way you can start with using a single
>>> byte given the relatively small number of vendors today, and
>>> have a way to accommodate larger numbers in the future, if
>>> the need arises.
>>>
>>> This only works if the means of extending to a full OUI is
>>> part of the base specification and everyone has to support
>>> it, otherwise there are backwards-compatibility issues when
>>> someone tries to use it in the future.
>>>
>>> --
>>> Wes Eddy
>>> MTI Systems
>>>
>>>
>>> _______________________________________________
>>> middisc mailing list
>>> middisc@ietf.org
>>> https://www.ietf.org/mailman/listinfo/middisc
>>>
>> _______________________________________________
>> middisc mailing list
>> middisc@ietf.org
>> https://www.ietf.org/mailman/listinfo/middisc
> _______________________________________________
> middisc mailing list
> middisc@ietf.org
> https://www.ietf.org/mailman/listinfo/middisc

v2.23.0 | Report a Bug | By Email