Re: [Netrqmts] IETF 105 Minutes

Michael Richardson <mcr+ietf@sandelman.ca> Tue, 30 July 2019 22:08 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: netrqmts@ietfa.amsl.com
Delivered-To: netrqmts@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E07F61200C5 for <netrqmts@ietfa.amsl.com>; Tue, 30 Jul 2019 15:08:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tRSHWwp258-i for <netrqmts@ietfa.amsl.com>; Tue, 30 Jul 2019 15:08:48 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3ACB5120045 for <netrqmts@ietf.org>; Tue, 30 Jul 2019 15:08:47 -0700 (PDT)
Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2:56b2:3ff:fe0b:d84]) by tuna.sandelman.ca (Postfix) with ESMTP id 062E13808A; Tue, 30 Jul 2019 18:08:21 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id B520C14; Tue, 30 Jul 2019 18:08:45 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Toerless Eckert <tte@cs.fau.de>
cc: netrqmts@ietf.org
In-Reply-To: <20190730202439.zl6gjvzasxofvej2@faui48f.informatik.uni-erlangen.de>
References: <DF3803B7-C05B-4A31-B873-73A86B1416CE@vigilsec.com> <19915.1564514403@localhost> <20190730202439.zl6gjvzasxofvej2@faui48f.informatik.uni-erlangen.de>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature"
Date: Tue, 30 Jul 2019 18:08:45 -0400
Message-ID: <27837.1564524525@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netrqmts/vfBb0dEC0FJYU8se1vSWtHbyLSA>
Subject: Re: [Netrqmts] IETF 105 Minutes
X-BeenThere: netrqmts@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Meeting Network Requirements <netrqmts.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netrqmts>, <mailto:netrqmts-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netrqmts/>
List-Post: <mailto:netrqmts@ietf.org>
List-Help: <mailto:netrqmts-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netrqmts>, <mailto:netrqmts-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2019 22:08:51 -0000

Toerless Eckert <tte@cs.fau.de> wrote:
    > On Tue, Jul 30, 2019 at 03:20:03PM -0400, Michael Richardson wrote:
    >> +5.  I find that the most important thing that the IETF meeting
    >> (network) does for people, is that it gives them an idea what a real
    >> end-to-end transparent network *can* be like.  Suddenly things that
    >> never worked for them work.

    > As i said in my prior mail to this list (which went without any reply),
    > most people nowadays wouldn't even know what it means to be directly on
    > the internet without any firewall, and i really question whether it is
    > prudent to ONLY have this option and NOT document it very clearly to

We used to see those people, they were in the terminal room re-installing
windows 98.   Those days are over.  Firewalls have not prevents 14B a year of
damage from trojans, and they never will as long as the MIME Security
Considerations continues to be ignored.

    > all those users not working at the network level. I also think that
    > folks who want to test if their applications work well and invested
    > into ICE/STUN and other firewall traversal mechanisms (like RTCweb and
    > other app groups), would maybe like to have something more reflective
    > of relevant end-user access (with firewall).

A $22 home router fixes that problem.

    >> If we are going to continue to make such investments, can we somehow
    >> do so in a useful way?  Can we collaborate with the hotel to make
    >> changes that persist?  This goes into returning to the same hotels
    >> regularly, and *is* a mtgvenue discussion, not a netrqmts discussion.

    > I am already surprised how much the IETF noc team has been able to work
    > with hotels existing AP and access-LAN infrastructure and make it work
    > as good as possible. I do not always like the results (like in
    > montreal), but lets not underestimate the complexity of the job of the
    > noc doing this.

I have been a NOC volunteer in decades past, and I've been involved in
pulling "Long Range Ethernet" into places... at 4m vertical/floor, and 100m
total for GbE over copper,  the 30th floor of some hotels was a problem.
(Atlanta...)
We aren't having to do this anymore.

    >> I think that we should split up the discussion into perhaps four
    >> areas.
    >> 
    >> 1) the L2/WiFi coverage of the meeting rooms for IETF participants
    >> 
    >> 2) the availability of IPv6 in the guest rooms [I don't mind captive
    >> portals, *if* they follow our WG's specification...]
    >> 
    >> 3) the availability and flexibility of the bandwidth in/out of the
    >> conference hotel(s).
    >> 
    >> 4) the architectural requirements for good IPv6 and good meetecho
    >> experience within the venue.

    > Where would the discussion about what type of security options to
    > offer/ document fit ?

I'd put them in /dev/null.
I think that IETF participants are adults, and don't need this, and
I don't think the IETF should take on the liability of offering anything that
probably won't really help anyway.

    >> I think that the document tries to do this, but I don't get the
    >> impression the discussion split things up.
    >> 
    >> One could imagine a situation where the Meetecho network was a
    >> different network from the Participant network.  I'm not saying that's
    >> a good plan, but I'm saying that I think that we should think about
    >> whether we are expending a lot of effort in one area for reasons that
    >> are relating to another area.

    > Not sure what other think to be meetecho problems. I only thoght the
    > video quality from remote participants sucked but didn't get an answer
    > whether thats because of unavoidable remote participant upstream limits
    > or application level enforced uper bandwidth/quality limits.

Meetecho gets wired infrastructure into each meeting room.  
If not for that, if the hotel had decent Access Points, then we might not
have to wire the meeting rooms at all.  If the hotel had large enough
capacity Internet, but perhaps too poor (bufferbloated) latency, we might be
able to get by providing an appropriate network for Meetecho only via other
means.

I know that Meetecho is used at other conferences, and I assume that those
conferences do not bring the same kit that IETF brings, so I wonder what they
do there, and what problems we are avoiding.

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [