Re: [tcmtf] Answers to possible questions in the BOF
"Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com> Thu, 04 July 2013 13:41 UTC
Return-Path: <mperumal@cisco.com>
X-Original-To: tcmtf@ietfa.amsl.com
Delivered-To: tcmtf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E73911E80E9 for <tcmtf@ietfa.amsl.com>; Thu, 4 Jul 2013 06:41:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3zXt9ZF71hex for <tcmtf@ietfa.amsl.com>; Thu, 4 Jul 2013 06:41:51 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id 1279B21F9FE7 for <tcmtf@ietf.org>; Thu, 4 Jul 2013 06:41:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7431; q=dns/txt; s=iport; t=1372945311; x=1374154911; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=yKtJNk9qoIlo0FKDYxvq+NtUQMcRVlOSIhoPIk6Ll7o=; b=mIATDWNLnOAfNz0kdW0HJLeKyNaeCRquLJvUhFAIMOuaDmp8JodNcitu QZ2NZ2d9neBhB2/21ERmSHifWgF223In0jKm03bzpbOBZTU5fcGs4W4OZ M1u+fsLwPYYvLbIIn4PVJdl9T/5whhtIoQCkoF7quHHe9xTfA/AAl1niA 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhAFAEp71VGtJXG8/2dsb2JhbABagwkyScA/gQMWdIIjAQEBBAEBASQiIwIIAwwEAgEIEQQBAQsdBycLFAkIAgQOBQgSBIdxDLoLjh6BHDEHBoJ+aQOIa4sMlReDEYIo
X-IronPort-AV: E=Sophos;i="4.87,995,1363132800"; d="scan'208";a="230957920"
Received: from rcdn-core2-1.cisco.com ([173.37.113.188]) by rcdn-iport-7.cisco.com with ESMTP; 04 Jul 2013 13:41:50 +0000
Received: from xhc-aln-x11.cisco.com (xhc-aln-x11.cisco.com [173.36.12.85]) by rcdn-core2-1.cisco.com (8.14.5/8.14.5) with ESMTP id r64DfoKb000407 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 4 Jul 2013 13:41:50 GMT
Received: from xmb-rcd-x02.cisco.com ([169.254.4.192]) by xhc-aln-x11.cisco.com ([173.36.12.85]) with mapi id 14.02.0318.004; Thu, 4 Jul 2013 08:41:49 -0500
From: "Muthu Arul Mozhi Perumal (mperumal)" <mperumal@cisco.com>
To: "Dan Wing (dwing)" <dwing@cisco.com>
Thread-Topic: [tcmtf] Answers to possible questions in the BOF
Thread-Index: AQHOdnvPX00XDi64+EGJAr2DWa8S1ZlTTKXAgABYC4CAAFOdIA==
Date: Thu, 04 Jul 2013 13:41:49 +0000
Message-ID: <E721D8C6A2E1544DB2DEBC313AF54DE22417FD51@xmb-rcd-x02.cisco.com>
References: <007e01ce70c9$fe1a0aa0$fa4e1fe0$@unizar.es> <009901ce725a$d1623360$74269a20$@unizar.es> <2543ED38-A2FF-49D7-85E0-4790A31415BC@cisco.com> <20130628105725.lmag0xgqsgogggww@webmail.unizar.es> <EFFB6AC1-BF9A-47D9-B5B8-3DD34A508FE8@cisco.com> <E721D8C6A2E1544DB2DEBC313AF54DE22417E050@xmb-rcd-x02.cisco.com> <23E6BFC1-4D3C-48A5-A9A2-3BD32863F9A6@cisco.com>
In-Reply-To: <23E6BFC1-4D3C-48A5-A9A2-3BD32863F9A6@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.48.23]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "tcmtf@ietf.org" <tcmtf@ietf.org>, "jltornos@unizar.es" <jltornos@unizar.es>, "jsaldana@unizar.es" <jsaldana@unizar.es>
Subject: Re: [tcmtf] Answers to possible questions in the BOF
X-BeenThere: tcmtf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Tunneling Compressed Multiplexed Traffic Flows \(TCMTF\) discussion list" <tcmtf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcmtf>, <mailto:tcmtf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcmtf>
List-Post: <mailto:tcmtf@ietf.org>
List-Help: <mailto:tcmtf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcmtf>, <mailto:tcmtf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jul 2013 13:41:55 -0000
|My read of it was: apply ROHC at the endpoint ("inner headers") and
|then do IPsec. That is, compress and then encrypt.
Right, Dan. I was thinking the (inner) headers of the packets going over the same IPSec tunnel could first be compressed, multiplex, then encrypted and sent over that tunnel:
--------------------------------------------
|outer IP hdr| ESP | MUX | ROHCoIPsec|Data1|
| | | hdr | hdr1 | |
--------------------------------------------
----------------------
| ROHCoIPsec | Data2 |
| hdr2 | |
----------------------
-------------------------------------
| ROHCoIPsec | Data3 | ESP | ESP|
| hdr3 | |Trailer| ICV|
-------------------------------------
<-----------Encrypted-------->
Muthu
|-----Original Message-----
|From: Dan Wing (dwing)
|Sent: Thursday, July 04, 2013 12:26 AM
|To: Muthu Arul Mozhi Perumal (mperumal)
|Cc: jltornos@unizar.es; tcmtf@ietf.org; jsaldana@unizar.es
|Subject: Re: [tcmtf] Answers to possible questions in the BOF
|
|
|On Jul 3, 2013, at 11:51 AM, Muthu Arul Mozhi Perumal (mperumal) <mperumal@cisco.com> wrote:
|
|> |However, if there are a bunch of IPsec packets sharing a common path,
|> |I could see them being successfully multiplexed into one larger packet
|> |at one tunnel endpoint and then de-multiplexed at the other tunnel endpoint.
|> |This can provide a packet per second reduction. I don't think there are
|> |enough bytes in an IPsec header to bother trying to do IPsec header
|> |compression (SPI and sequence number are only 64 bits).
|>
|> Actually, RFC5856 describes how ROHC can be used over IPSec (ROHCoIPsec).
|
|My read of it was: apply ROHC at the endpoint ("inner headers") and then do IPsec. That is, compress
|and then encrypt.
|
|-d
|
|
|> Combining it with multiplexing the entire packets could provide significant reduction in the header
|overhead, especially for IPv6, I think.
|>
|> Muthu
|>
|> |-----Original Message-----
|> |From: tcmtf-bounces@ietf.org [mailto:tcmtf-bounces@ietf.org] On Behalf Of Dan Wing (dwing)
|> |Sent: Monday, July 01, 2013 10:25 PM
|> |To: jltornos@unizar.es
|> |Cc: tcmtf@ietf.org; jsaldana@unizar.es
|> |Subject: Re: [tcmtf] Answers to possible questions in the BOF
|> |
|> |
|> |On Jun 28, 2013, at 1:57 AM, jltornos@unizar.es wrote:
|> |
|> |> Hi all,
|> |>
|> |> Few days ago Julian talked about TCM-TF's security and now I've read in the link included by Dan,
|> |saying that the gain obtained when multiplexing Ipsec-encrypted packets is 20-to-1. We have been
|> |looking for more information about this issue and thinking about a way to reduce the needed
|bandwidth
|> |in IPsec flows.
|> |>
|> |> The main idea is to find a way to change the authentication of the individual packets and merge
|all
|> |of them in a unique authentication. Thus, instead of using 20 IPsec tunnels, we would have a single
|> |tunnel including 20 flows. Is this something similar than how Cisco gets the improvement?
|> |
|> |We would not be able to change IPsec any more than we could change TCP, so I would not look at how
|to
|> |change IPsec authentication.
|> |
|> |However, if there are a bunch of IPsec packets sharing a common path, I could see them being
|> |successfully multiplexed into one larger packet at one tunnel endpoint and then de-multiplexed at
|the
|> |other tunnel endpoint. This can provide a packet per second reduction. I don't think there are
|> |enough bytes in an IPsec header to bother trying to do IPsec header compression (SPI and sequence
|> |number are only 64 bits).
|> |
|> |-d
|> |
|> |
|> |>
|> |> José Luis
|> |>
|> |>
|> |>
|> |> Dan Wing <dwing@cisco.com> ha escrito:
|> |>
|> |>>
|> |>> On Jun 26, 2013, at 3:49 AM, Jose Saldana <jsaldana@unizar.es> wrote:
|> |>>
|> |>>> Question 4: Is TCM-TF interesting for the Industry? Should the IETF standardize this?
|> |>>>
|> |>>> Answer:
|> |>>>
|> |>>> 1) TCM-TF intends to update RFC4170, which optimizes RTP VoIP traffic. So if RFC4170 was
|> |interesting, why not updating it?
|> |>>>
|> |>>> 2) TCM-TF can be useful in order to save bandwidth in many cases:
|> |>>>
|> |>>> - Aggregation network of *network operators*: We are saving bandwidth by optimizing and
|putting
|> |together traffic flows. Is this interesting for a network operator? What about overprovisioning?
|The
|> |idea is that there are places and moments in which a number of flows based on small packets are in
|> |the same place and at the same moment. Then, TCM-TF can be applied in order to provide
|flexibility.
|> |We are not optimizing the overall Internet traffic, we are optimizing specific flows with very
|tight
|> |delay requirements, which network operators have to take care of in a special way.
|> |>>> www.huawei.com/ilink/en/download/HW_193034
|> |>>>
|> |>>> - *End to end* optimization: Nowadays, many appliances are used to connect remote offices of
|the
|> |same company (creating a VPN). So if a tunnel exists, why not optimizing this traffic when
|possible?
|> |We would save bandwidth in the access network, where it can be scarce.
|> |>>>
|> |>>> - Wireless and satellite scenarios.
|> |>>
|> |>> "Cisco adds IP multiplexing to mobile satellite package", April 2012,
|> |http://www.networkworld.com/news/2012/040912-cisco-ip-multiplexing-258082.html
|> |>>
|> |>>
|> |>>
|> |>>>
|> |>>>
|> |>>> Any other thoughts? Any other scenarios in mind? Potential beneficiaries?
|> |>>
|> |>> Some networks, today, use cRTP (RFC2508) on their access links. This gives bandwidth savings
|on
|> |the access link, but consumes considerable CPU horsepower on the aggregation router (to perform
|> |cRTP), but provides no bandwidth savings across the network core. If, instead, the bandwidth
|could
|> |be saved on the access link, across the core, and on the far-end access link -- all without the
|CPU
|> |impact on the aggregation router -- it is a considerable win.
|> |>>
|> |>> -d
|> |>>
|> |>>
|> |>>
|> |>>>
|> |>>>
|> |>>> Jose
|> |>>>
|> |>>> De: tcmtf-bounces@ietf.org [mailto:tcmtf-bounces@ietf.org] En nombre de Jose Saldana
|> |>>> Enviado el: lunes, 24 de junio de 2013 13:00
|> |>>> Para: tcmtf@ietf.org
|> |>>> Asunto: [tcmtf] Answers to possible questions in the BOF
|> |>>>
|> |>>> I would like to start a thread about possible questions people may ask in the BOF. Obviously,
|we
|> |also need answers, so we should cooperate.
|> |>>>
|> |>>> This is different from the "questions to ask in the BOF". This will be discussed separately.
|> |>>>
|> |>>> Thanks!
|> |>>>
|> |>>> Jose
|> |>>>
|> |>>> _______________________________________________
|> |>>> tcmtf mailing list
|> |>>> tcmtf@ietf.org
|> |>>> https://www.ietf.org/mailman/listinfo/tcmtf
|> |>>
|> |>>
|> |>
|> |>
|> |>
|> |
|> |_______________________________________________
|> |tcmtf mailing list
|> |tcmtf@ietf.org
|> |https://www.ietf.org/mailman/listinfo/tcmtf
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- [tcmtf] Answers to possible questions in the BOF Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Julián Fernández-Navajas
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Julián Fernández-Navajas
- Re: [tcmtf] Answers to possible questions in the … Mirko Sužnjević
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … DAVID FLOREZ RODRIGUEZ
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Tomaso.deCola
- Re: [tcmtf] Answers to possible questions in the … jltornos
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Michael Ramalho (mramalho)
- Re: [tcmtf] Answers to possible questions in the … jsalazar
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Michael Ramalho (mramalho)
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Muthu Arul Mozhi Perumal (mperumal)
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Muthu Arul Mozhi Perumal (mperumal)
- [tcmtf] Fwd: RE: Answers to possible questions in… jsalazar
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Diego R. Lopez
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … gorry
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Muthu Arul Mozhi Perumal (mperumal)
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … jltornos
- Re: [tcmtf] Answers to possible questions in the … Muthu Arul Mozhi Perumal (mperumal)
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Spencer Dawkins
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Dan Wing
- Re: [tcmtf] Answers to possible questions in the … Jose Saldana
- Re: [tcmtf] Answers to possible questions in the … Diego R. Lopez