Re: [tcmtf] Answers to possible questions in the BOF
"Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com> Thu, 04 July 2013 13:41 UTC
Return-Path: <mperumal@cisco.com>
X-Original-To: tcmtf@ietfa.amsl.com
Delivered-To: tcmtf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E73911E80E9 for <tcmtf@ietfa.amsl.com>; Thu, 4 Jul 2013 06:41:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3zXt9ZF71hex for <tcmtf@ietfa.amsl.com>; Thu, 4 Jul 2013 06:41:51 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id 1279B21F9FE7 for <tcmtf@ietf.org>; Thu, 4 Jul 2013 06:41:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7431; q=dns/txt; s=iport; t=1372945311; x=1374154911; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=yKtJNk9qoIlo0FKDYxvq+NtUQMcRVlOSIhoPIk6Ll7o=; b=mIATDWNLnOAfNz0kdW0HJLeKyNaeCRquLJvUhFAIMOuaDmp8JodNcitu QZ2NZ2d9neBhB2/21ERmSHifWgF223In0jKm03bzpbOBZTU5fcGs4W4OZ M1u+fsLwPYYvLbIIn4PVJdl9T/5whhtIoQCkoF7quHHe9xTfA/AAl1niA 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhAFAEp71VGtJXG8/2dsb2JhbABagwkyScA/gQMWdIIjAQEBBAEBASQiIwIIAwwEAgEIEQQBAQsdBycLFAkIAgQOBQgSBIdxDLoLjh6BHDEHBoJ+aQOIa4sMlReDEYIo
X-IronPort-AV: E=Sophos;i="4.87,995,1363132800"; d="scan'208";a="230957920"
Received: from rcdn-core2-1.cisco.com ([173.37.113.188]) by rcdn-iport-7.cisco.com with ESMTP; 04 Jul 2013 13:41:50 +0000
Received: from xhc-aln-x11.cisco.com (xhc-aln-x11.cisco.com [173.36.12.85]) by rcdn-core2-1.cisco.com (8.14.5/8.14.5) with ESMTP id r64DfoKb000407 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 4 Jul 2013 13:41:50 GMT
Received: from xmb-rcd-x02.cisco.com ([169.254.4.192]) by xhc-aln-x11.cisco.com ([173.36.12.85]) with mapi id 14.02.0318.004; Thu, 4 Jul 2013 08:41:49 -0500
From: "Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com>
To: "Dan Wing (dwing)" <dwing@cisco.com>
Thread-Topic: [tcmtf] Answers to possible questions in the BOF
Thread-Index: AQHOdnvPX00XDi64+EGJAr2DWa8S1ZlTTKXAgABYC4CAAFOdIA==
Date: Thu, 04 Jul 2013 13:41:49 +0000
Message-ID: <E721D8C6A2E1544DB2DEBC313AF54DE22417FD51@xmb-rcd-x02.cisco.com>
References: <007e01ce70c9$fe1a0aa0$fa4e1fe0$@unizar.es> <009901ce725a$d1623360$74269a20$@unizar.es> <2543ED38-A2FF-49D7-85E0-4790A31415BC@cisco.com> <20130628105725.lmag0xgqsgogggww@webmail.unizar.es> <EFFB6AC1-BF9A-47D9-B5B8-3DD34A508FE8@cisco.com> <E721D8C6A2E1544DB2DEBC313AF54DE22417E050@xmb-rcd-x02.cisco.com> <23E6BFC1-4D3C-48A5-A9A2-3BD32863F9A6@cisco.com>
In-Reply-To: <23E6BFC1-4D3C-48A5-A9A2-3BD32863F9A6@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.48.23]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "tcmtf@ietf.org" <tcmtf@ietf.org>, "jltornos@unizar.es" <jltornos@unizar.es>, "jsaldana@unizar.es" <jsaldana@unizar.es>
Subject: Re: [tcmtf] Answers to possible questions in the BOF
X-BeenThere: tcmtf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Tunneling Compressed Multiplexed Traffic Flows \(TCMTF\) discussion list" <tcmtf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcmtf>, <mailto:tcmtf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcmtf>
List-Post: <mailto:tcmtf@ietf.org>
List-Help: <mailto:tcmtf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcmtf>, <mailto:tcmtf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jul 2013 13:41:55 -0000
|My read of it was: apply ROHC at the endpoint ("inner headers") and |then do IPsec. That is, compress and then encrypt. Right, Dan. I was thinking the (inner) headers of the packets going over the same IPSec tunnel could first be compressed, multiplex, then encrypted and sent over that tunnel: -------------------------------------------- |outer IP hdr| ESP | MUX | ROHCoIPsec|Data1| | | | hdr | hdr1 | | -------------------------------------------- ---------------------- | ROHCoIPsec | Data2 | | hdr2 | | ---------------------- ------------------------------------- | ROHCoIPsec | Data3 | ESP | ESP| | hdr3 | |Trailer| ICV| ------------------------------------- <-----------Encrypted--------> Muthu |-----Original Message----- |From: Dan Wing (dwing) |Sent: Thursday, July 04, 2013 12:26 AM |To: Muthu Arul Mozhi Perumal (mperumal) |Cc: jltornos@unizar.es; tcmtf@ietf.org; jsaldana@unizar.es |Subject: Re: [tcmtf] Answers to possible questions in the BOF | | |On Jul 3, 2013, at 11:51 AM, Muthu Arul Mozhi Perumal (mperumal) <mperumal@cisco.com> wrote: | |> |However, if there are a bunch of IPsec packets sharing a common path, |> |I could see them being successfully multiplexed into one larger packet |> |at one tunnel endpoint and then de-multiplexed at the other tunnel endpoint. |> |This can provide a packet per second reduction. I don't think there are |> |enough bytes in an IPsec header to bother trying to do IPsec header |> |compression (SPI and sequence number are only 64 bits). |> |> Actually, RFC5856 describes how ROHC can be used over IPSec (ROHCoIPsec). | |My read of it was: apply ROHC at the endpoint ("inner headers") and then do IPsec. That is, compress |and then encrypt. | |-d | | |> Combining it with multiplexing the entire packets could provide significant reduction in the header |overhead, especially for IPv6, I think. |> |> Muthu |> |> |-----Original Message----- |> |From: tcmtf-bounces@ietf.org [mailto:tcmtf-bounces@ietf.org] On Behalf Of Dan Wing (dwing) |> |Sent: Monday, July 01, 2013 10:25 PM |> |To: jltornos@unizar.es |> |Cc: tcmtf@ietf.org; jsaldana@unizar.es |> |Subject: Re: [tcmtf] Answers to possible questions in the BOF |> | |> | |> |On Jun 28, 2013, at 1:57 AM, jltornos@unizar.es wrote: |> | |> |> Hi all, |> |> |> |> Few days ago Julian talked about TCM-TF's security and now I've read in the link included by Dan, |> |saying that the gain obtained when multiplexing Ipsec-encrypted packets is 20-to-1. We have been |> |looking for more information about this issue and thinking about a way to reduce the needed |bandwidth |> |in IPsec flows. |> |> |> |> The main idea is to find a way to change the authentication of the individual packets and merge |all |> |of them in a unique authentication. Thus, instead of using 20 IPsec tunnels, we would have a single |> |tunnel including 20 flows. Is this something similar than how Cisco gets the improvement? |> | |> |We would not be able to change IPsec any more than we could change TCP, so I would not look at how |to |> |change IPsec authentication. |> | |> |However, if there are a bunch of IPsec packets sharing a common path, I could see them being |> |successfully multiplexed into one larger packet at one tunnel endpoint and then de-multiplexed at |the |> |other tunnel endpoint. This can provide a packet per second reduction. I don't think there are |> |enough bytes in an IPsec header to bother trying to do IPsec header compression (SPI and sequence |> |number are only 64 bits). |> | |> |-d |> | |> | |> |> |> |> José Luis |> |> |> |> |> |> |> |> Dan Wing <dwing@cisco.com> ha escrito: |> |> |> |>> |> |>> On Jun 26, 2013, at 3:49 AM, Jose Saldana <jsaldana@unizar.es> wrote: |> |>> |> |>>> Question 4: Is TCM-TF interesting for the Industry? Should the IETF standardize this? |> |>>> |> |>>> Answer: |> |>>> |> |>>> 1) TCM-TF intends to update RFC4170, which optimizes RTP VoIP traffic. So if RFC4170 was |> |interesting, why not updating it? |> |>>> |> |>>> 2) TCM-TF can be useful in order to save bandwidth in many cases: |> |>>> |> |>>> - Aggregation network of *network operators*: We are saving bandwidth by optimizing and |putting |> |together traffic flows. Is this interesting for a network operator? What about overprovisioning? |The |> |idea is that there are places and moments in which a number of flows based on small packets are in |> |the same place and at the same moment. Then, TCM-TF can be applied in order to provide |flexibility. |> |We are not optimizing the overall Internet traffic, we are optimizing specific flows with very |tight |> |delay requirements, which network operators have to take care of in a special way. |> |>>> www.huawei.com/ilink/en/download/HW_193034 |> |>>> |> |>>> - *End to end* optimization: Nowadays, many appliances are used to connect remote offices of |the |> |same company (creating a VPN). So if a tunnel exists, why not optimizing this traffic when |possible? |> |We would save bandwidth in the access network, where it can be scarce. |> |>>> |> |>>> - Wireless and satellite scenarios. |> |>> |> |>> "Cisco adds IP multiplexing to mobile satellite package", April 2012, |> |http://www.networkworld.com/news/2012/040912-cisco-ip-multiplexing-258082.html |> |>> |> |>> |> |>> |> |>>> |> |>>> |> |>>> Any other thoughts? Any other scenarios in mind? Potential beneficiaries? |> |>> |> |>> Some networks, today, use cRTP (RFC2508) on their access links. This gives bandwidth savings |on |> |the access link, but consumes considerable CPU horsepower on the aggregation router (to perform |> |cRTP), but provides no bandwidth savings across the network core. If, instead, the bandwidth |could |> |be saved on the access link, across the core, and on the far-end access link -- all without the |CPU |> |impact on the aggregation router -- it is a considerable win. |> |>> |> |>> -d |> |>> |> |>> |> |>> |> |>>> |> |>>> |> |>>> Jose |> |>>> |> |>>> De: tcmtf-bounces@ietf.org [mailto:tcmtf-bounces@ietf.org] En nombre de Jose Saldana |> |>>> Enviado el: lunes, 24 de junio de 2013 13:00 |> |>>> Para: tcmtf@ietf.org |> |>>> Asunto: [tcmtf] Answers to possible questions in the BOF |> |>>> |> |>>> I would like to start a thread about possible questions people may ask in the BOF. Obviously, |we |> |also need answers, so we should cooperate. |> |>>> |> |>>> This is different from the "questions to ask in the BOF". This will be discussed separately. |> |>>> |> |>>> Thanks! |> |>>> |> |>>> Jose |> |>>> |> |>>> _______________________________________________ |> |>>> tcmtf mailing list |> |>>> tcmtf@ietf.org |> |>>> https://www.ietf.org/mailman/listinfo/tcmtf |> |>> |> |>> |> |> |> |> |> |> |> | |> |_______________________________________________ |> |tcmtf mailing list |> |tcmtf@ietf.org |> |https://www.ietf.org/mailman/listinfo/tcmtf
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- [tcmtf] Answers to possible questions in the BOF Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Julián Fernández-Navajas
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Julián Fernández-Navajas
- Re: [tcmtf] Answers to possible questions in the … Mirko Sužnjević
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … DAVID FLOREZ RODRIGUEZ
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Tomaso.deCola
- Re: [tcmtf] Answers to possible questions in the … jltornos
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Michael Ramalho (mramalho)
- Re: [tcmtf] Answers to possible questions in the … jsalazar
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Michael Ramalho (mramalho)
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Muthu Arul Mozhi Perumal (mperumal)
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Muthu Arul Mozhi Perumal (mperumal)
- [tcmtf] Fwd: RE: Answers to possible questions in… jsalazar
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Diego R. Lopez
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … gorry
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Muthu Arul Mozhi Perumal (mperumal)
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … jltornos
- Re: [tcmtf] Answers to possible questions in the … Muthu Arul Mozhi Perumal (mperumal)
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Spencer Dawkins
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Diego R. Lopez