IETF Logo Mail Archive

Re: [mif-arch-dt] New Version Notification for draft-anipko-mif-mpvd-arch-00.txt

Dmitry Anipko <Dmitry.Anipko@microsoft.com> Sat, 20 July 2013 01:00 UTC

Return-Path: <Dmitry.Anipko@microsoft.com>
X-Original-To: mif-arch-dt@ietfa.amsl.com
Delivered-To: mif-arch-dt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 789AC21E8095 for <mif-arch-dt@ietfa.amsl.com>; Fri, 19 Jul 2013 18:00:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.4
X-Spam-Level:
X-Spam-Status: No, score=0.4 tagged_above=-999 required=5 tests=[AWL=-0.134, BAYES_00=-2.599, HTML_MESSAGE=0.001, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VSpW4yd-Twr5 for <mif-arch-dt@ietfa.amsl.com>; Fri, 19 Jul 2013 17:59:58 -0700 (PDT)
Received: from db8outboundpool.messaging.microsoft.com (mail-db8lp0186.outbound.messaging.microsoft.com [213.199.154.186]) by ietfa.amsl.com (Postfix) with ESMTP id 5178221E8064 for <mif-arch-dt@ietf.org>; Fri, 19 Jul 2013 17:59:57 -0700 (PDT)
Received: from mail139-db8-R.bigfish.com (10.174.8.233) by DB8EHSOBE025.bigfish.com (10.174.4.88) with Microsoft SMTP Server id 14.1.225.22; Sat, 20 Jul 2013 00:59:56 +0000
Received: from mail139-db8 (localhost [127.0.0.1]) by mail139-db8-R.bigfish.com (Postfix) with ESMTP id 28D0D1C02B4 for <mif-arch-dt@ietf.org>; Sat, 20 Jul 2013 00:59:56 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC104.redmond.corp.microsoft.com; RD:autodiscover.service.exchange.microsoft.com; EFVD:NLI
X-SpamScore: -20
X-BigFish: VS-20(zz98dI9371I936eIc85fh14ffIzz1f42h208ch1ee6h1de0h1fdah2073h1202h1e76h1d1ah1d2ah1fc6hzz1d7338h1de098h1033IL17326ah18c673h1c8fb4h1de097h1de096h8275bh8275dhz2fh2a8h683h839hd24hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h1b0ah1bceh1d07h1d0ch1d2eh1d3fh1de9h1dfeh1dffh1e1dh17ej9a9j1155h)
Received-SPF: pass (mail139-db8: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Dmitry.Anipko@microsoft.com; helo=TK5EX14HUBC104.redmond.corp.microsoft.com ; icrosoft.com ;
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.21; KIP:(null); UIP:(null); (null); H:BL2PRD0310HT002.namprd03.prod.outlook.com; R:internal; EFV:INT
Received: from mail139-db8 (localhost.localdomain [127.0.0.1]) by mail139-db8 (MessageSwitch) id 13742819937321_601; Sat, 20 Jul 2013 00:59:53 +0000 (UTC)
Received: from DB8EHSMHS005.bigfish.com (unknown [10.174.8.226]) by mail139-db8.bigfish.com (Postfix) with ESMTP id E6C09320047 for <mif-arch-dt@ietf.org>; Sat, 20 Jul 2013 00:59:52 +0000 (UTC)
Received: from TK5EX14HUBC104.redmond.corp.microsoft.com (131.107.125.8) by DB8EHSMHS005.bigfish.com (10.174.4.15) with Microsoft SMTP Server (TLS) id 14.16.227.3; Sat, 20 Jul 2013 00:59:52 +0000
Received: from co1outboundpool.messaging.microsoft.com (157.54.51.113) by mail.microsoft.com (157.54.80.25) with Microsoft SMTP Server (TLS) id 14.3.136.1; Sat, 20 Jul 2013 00:59:32 +0000
Received: from mail3-co1-R.bigfish.com (10.243.78.248) by CO1EHSOBE012.bigfish.com (10.243.66.75) with Microsoft SMTP Server id 14.1.225.22; Sat, 20 Jul 2013 00:59:32 +0000
Received: from mail3-co1 (localhost [127.0.0.1]) by mail3-co1-R.bigfish.com (Postfix) with ESMTP id DE54A5402AD for <mif-arch-dt@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Sat, 20 Jul 2013 00:59:31 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(199002)(377424004)(53754006)(24454002)(189002)(377454003)(59766001)(50986001)(76576001)(76482001)(19580385001)(69226001)(51856001)(79102001)(49866001)(65816001)(19580395003)(56816003)(19300405004)(4396001)(19580405001)(47736001)(56776001)(81542001)(81342001)(47976001)(63696002)(83072001)(74662001)(74366001)(74316001)(33646001)(53806001)(77982001)(31966008)(54356001)(77096001)(16406001)(76786001)(54316002)(80022001)(74706001)(15202345003)(47446002)(76796001)(18717965001)(46102001)(74502001)(16236675002)(74876001)(83322001)(3826001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:SN2PR03MB079; H:SN2PR03MB077.namprd03.prod.outlook.com; CLIP:2001:4898:80e0:ed43::b4; RD:InfoNoRecords; A:1; MX:1; LANG:en;
Received: from mail3-co1 (localhost.localdomain [127.0.0.1]) by mail3-co1 (MessageSwitch) id 1374281968614541_29914; Sat, 20 Jul 2013 00:59:28 +0000 (UTC)
Received: from CO1EHSMHS030.bigfish.com (unknown [10.243.78.234]) by mail3-co1.bigfish.com (Postfix) with ESMTP id 91607400047; Sat, 20 Jul 2013 00:59:28 +0000 (UTC)
Received: from BL2PRD0310HT002.namprd03.prod.outlook.com (157.56.240.21) by CO1EHSMHS030.bigfish.com (10.243.66.40) with Microsoft SMTP Server (TLS) id 14.16.227.3; Sat, 20 Jul 2013 00:59:28 +0000
Received: from SN2PR03MB079.namprd03.prod.outlook.com (10.255.175.155) by BL2PRD0310HT002.namprd03.prod.outlook.com (10.255.97.37) with Microsoft SMTP Server (TLS) id 14.16.329.3; Sat, 20 Jul 2013 00:59:22 +0000
Received: from SN2PR03MB077.namprd03.prod.outlook.com (10.255.175.153) by SN2PR03MB079.namprd03.prod.outlook.com (10.255.175.155) with Microsoft SMTP Server (TLS) id 15.0.731.11; Sat, 20 Jul 2013 00:59:20 +0000
Received: from SN2PR03MB077.namprd03.prod.outlook.com ([169.254.14.77]) by SN2PR03MB077.namprd03.prod.outlook.com ([169.254.14.183]) with mapi id 15.00.0731.000; Sat, 20 Jul 2013 00:59:20 +0000
From: Dmitry Anipko <Dmitry.Anipko@microsoft.com>
To: Alper Yegin <alper.yegin@yegin.org>
Thread-Topic: [mif-arch-dt] New Version Notification for draft-anipko-mif-mpvd-arch-00.txt
Thread-Index: AQHOgv+4mFu4guoAwkagUkCVJ8Cxrplstz+w
Date: Sat, 20 Jul 2013 00:59:19 +0000
Message-ID: <b09348cef1a04283895ef36445f1bda8@SN2PR03MB077.namprd03.prod.outlook.com>
References: <20130714041913.29430.66253.idtracker@ietfa.amsl.com> <e7573b69f58a4f0b903cf7a3ae03cf48@SN2PR03MB077.namprd03.prod.outlook.com> <B526E0C2-0638-4ACF-BFCF-4285F0C7D422@yegin.org>
In-Reply-To: <B526E0C2-0638-4ACF-BFCF-4285F0C7D422@yegin.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e0:ed43::b4]
x-forefront-prvs: 0913EA1D60
Content-Type: multipart/alternative; boundary="_000_b09348cef1a04283895ef36445f1bda8SN2PR03MB077namprd03pro_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: SN2PR03MB079.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%YEGIN.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14HUBC104.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14HUBC104.redmond.corp.microsoft.com
X-OriginatorOrg: microsoft.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Cc: "mif-arch-dt@ietf.org" <mif-arch-dt@ietf.org>
Subject: Re: [mif-arch-dt] New Version Notification for draft-anipko-mif-mpvd-arch-00.txt
X-BeenThere: mif-arch-dt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: MIF Architecture Design Team mailing list <mif-arch-dt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif-arch-dt>, <mailto:mif-arch-dt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif-arch-dt>
List-Post: <mailto:mif-arch-dt@ietf.org>
List-Help: <mailto:mif-arch-dt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif-arch-dt>, <mailto:mif-arch-dt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Jul 2013 01:00:03 -0000

Hi Alper,

I think there are two parts to your question, as I understood it:


1.       Whether MPVD problem can be solved [possibly, you meant in the particular VPN scenario], by using the IP interface for grouping of configuration, instead of PVD.

2.       How could OS + app implement tying the connection to the specific set of parameters, and possible impact on APIs / application code.

Please let me know if I interpreted either or both questions incorrectly.

For the first question, RFC 6419 discusses that not all implementations keep interfaces in isolation from other interfaces. If the implementations consistently did that for configuration across layers (e.g. including DNS, HTTP etc), then I'd agree that a subset of MPVD problem, where 1 interface = 1 PVD would be solved. However even in that case, as RFC 6418 section 4.5 describes, there are cases where 1 interface may be attached to multiple PVD, and those (as well as the scenarios where PVD spans across interfaces) would not be solved by per-interface grouping.

For the second question, I don't think the question is specific to whether the grouping of configuration elements is done per interface or per PVD. In either case, something needs to ensure that the correct set of parameters, be it for a particular interface or for a particular PVD, is used for a particular connection and/or application. As I started outlining in the draft, section 5, there are different not exclusive (i.e. host could support all of them) approaches for how the API could look like. E.g. the "Basic" approach would imply that OS does all the work based on e.g. policies + on app identity, destination name / IP address etc. In "Intermediate" approach, the app could provide some PVD-aware input. I think the approach you described, falls into "Advanced" category, where the app does most of the work by itself.

If I've misunderstood what you meant with "virtualization", please clarify.

Thank you,
Dmitry

From: mif-arch-dt-bounces@ietf.org [mailto:mif-arch-dt-bounces@ietf.org] On Behalf Of Alper Yegin
Sent: Wednesday, July 17, 2013 8:09 AM
To: Dmitry Anipko
Cc: mif-arch-dt@ietf.org
Subject: Re: [mif-arch-dt] New Version Notification for draft-anipko-mif-mpvd-arch-00.txt

Hello,

Can we perceive this as some kind of a "virtualization" at the IP layer?

In order to handle "(3) is a use of employer-sponsored VPN connection for peer-to-peer connections, unrelated to employment activities.", PVD ID needs to be to exposed all the way to the application, and the application needs to explicitly request/bind to it. So, in a way, that virtualization needs to propagate all the way up to the apps.


Alper









On Jul 14, 2013, at 7:24 AM, Dmitry Anipko wrote:


Hi everyone.

I've just posted the first version of the MPD arch draft based on the teleconfs and list discussions we've had so far. If possible, please take a look before the Monday call and comment.

For some of the topics, which we touched but where I didn't feel like I had enough information, for now I created placeholder sections with little / no text.

Thank you,
Dmitry



________________________________________
From: internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>>
Sent: Saturday, July 13, 2013 9:19 PM
To: Dmitry Anipko
Subject: New Version Notification for draft-anipko-mif-mpvd-arch-00.txt

A new version of I-D, draft-anipko-mif-mpvd-arch-00.txt
has been successfully submitted by Dmitry Anipko and posted to the
IETF repository.

Filename:        draft-anipko-mif-mpvd-arch
Revision:        00
Title:           Multiple Provisioning Domain Architecture
Creation date:   2013-07-13
Group:           Individual Submission
Number of pages: 9
URL:             http://www.ietf.org/internet-drafts/draft-anipko-mif-mpvd-arch-00.txt
Status:          http://datatracker.ietf.org/doc/draft-anipko-mif-mpvd-arch
Htmlized:        http://tools.ietf.org/html/draft-anipko-mif-mpvd-arch-00


Abstract:
  This document is a product of the work of MIF architecture design
  team.  It outlines a solution framework for some of the issues,
  experienced by nodes that can be attached to multiple networks.  The
  framework defines the notion of a Provisioning Domain (PVD) - a
  consistent set of network configuration information, and PVD-aware
  nodes - nodes which learn PVDs from the attached network(s) and/or
  other sources and manage and use multiple PVDs for connectivity
  separately and consistently.




The IETF Secretariat




_______________________________________________
mif-arch-dt mailing list
mif-arch-dt@ietf.org<mailto:mif-arch-dt@ietf.org>
https://www.ietf.org/mailman/listinfo/mif-arch-dt

v2.23.0 | Report a Bug | By Email