IETF Logo Mail Archive

Re: [tcmtf] Answers to possible questions in the BOF

Dan Wing <dwing@cisco.com> Mon, 01 July 2013 16:55 UTC

Return-Path: <dwing@cisco.com>
X-Original-To: tcmtf@ietfa.amsl.com
Delivered-To: tcmtf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49B9F11E81FD for <tcmtf@ietfa.amsl.com>; Mon, 1 Jul 2013 09:55:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.044
X-Spam-Level:
X-Spam-Status: No, score=-110.044 tagged_above=-999 required=5 tests=[AWL=0.555, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OEt-V8zquXvn for <tcmtf@ietfa.amsl.com>; Mon, 1 Jul 2013 09:55:30 -0700 (PDT)
Received: from mtv-iport-4.cisco.com (mtv-iport-4.cisco.com [173.36.130.15]) by ietfa.amsl.com (Postfix) with ESMTP id 34B1211E822A for <tcmtf@ietf.org>; Mon, 1 Jul 2013 09:55:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4405; q=dns/txt; s=iport; t=1372697730; x=1373907330; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=S53Dik4HwoDzRM5mz8DSBGVgBefzE/1hSAjjdAlrx40=; b=LXk/8mCtn7CJjPrirKOKQjYCXi9cdf7SpIyCgZtLrSsq9fgzeERd0v5p jy9NqFIfcz6AqfNYfStbYbIJw5wPVxrg75+uzW7Pr9ORnQUd41rbITMvS rzwMQgS48MW4lPJ29+x1BU0oTPFQFGg83zKMPBNRaej2VpfhOn7AipPpr 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgIFAJSy0VGrRDoI/2dsb2JhbABagwkyv2N/FnSCIwEBAQMBAQEBRiMCCAMFCwsYJwcnHxEZGgSHawUNvDGOEYEaMweDBGMDiSOKU4NSkUWDMRw
X-IronPort-AV: E=Sophos;i="4.87,975,1363132800"; d="scan'208";a="84862097"
Received: from mtv-core-3.cisco.com ([171.68.58.8]) by mtv-iport-4.cisco.com with ESMTP; 01 Jul 2013 16:55:28 +0000
Received: from sjc-vpn2-667.cisco.com (sjc-vpn2-667.cisco.com [10.21.114.155]) by mtv-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id r61GtR0E004609; Mon, 1 Jul 2013 16:55:27 GMT
Content-Type: text/plain; charset="iso-8859-1"
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
From: Dan Wing <dwing@cisco.com>
In-Reply-To: <20130628105725.lmag0xgqsgogggww@webmail.unizar.es>
Date: Mon, 01 Jul 2013 09:55:25 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <EFFB6AC1-BF9A-47D9-B5B8-3DD34A508FE8@cisco.com>
References: <007e01ce70c9$fe1a0aa0$fa4e1fe0$@unizar.es> <009901ce725a$d1623360$74269a20$@unizar.es> <2543ED38-A2FF-49D7-85E0-4790A31415BC@cisco.com> <20130628105725.lmag0xgqsgogggww@webmail.unizar.es>
To: jltornos@unizar.es
X-Mailer: Apple Mail (2.1508)
Cc: tcmtf@ietf.org, jsaldana@unizar.es
Subject: Re: [tcmtf] Answers to possible questions in the BOF
X-BeenThere: tcmtf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Tunneling Compressed Multiplexed Traffic Flows \(TCMTF\) discussion list" <tcmtf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcmtf>, <mailto:tcmtf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcmtf>
List-Post: <mailto:tcmtf@ietf.org>
List-Help: <mailto:tcmtf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcmtf>, <mailto:tcmtf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jul 2013 16:55:34 -0000

On Jun 28, 2013, at 1:57 AM, jltornos@unizar.es wrote:

> Hi all,
> 
> Few days ago Julian talked about TCM-TF's security and now I've read in the link included by Dan, saying that the gain obtained when multiplexing Ipsec-encrypted packets is 20-to-1. We have been looking for more information about this issue and thinking about a way to reduce the needed  bandwidth in IPsec flows.
> 
> The main idea is to find a way to change the authentication of the individual packets and merge all of them in a unique authentication. Thus, instead of using 20 IPsec tunnels, we would have a single tunnel including 20 flows. Is this something similar than how Cisco gets the improvement?

We would not be able to change IPsec any more than we could change TCP, so I would not look at how to change IPsec authentication.  

However, if there are a bunch of IPsec packets sharing a common path, I could see them being successfully multiplexed into one larger packet at one tunnel endpoint and then de-multiplexed at the other tunnel endpoint.  This can provide a packet per second reduction.  I don't think there are enough bytes in an IPsec header to bother trying to do IPsec header compression (SPI and sequence number are only 64 bits).

-d


> 
> José Luis
> 
> 
> 
> Dan Wing <dwing@cisco.com> ha escrito:
> 
>> 
>> On Jun 26, 2013, at 3:49 AM, Jose Saldana <jsaldana@unizar.es> wrote:
>> 
>>> Question 4: Is TCM-TF interesting for the Industry? Should the IETF  standardize this?
>>> 
>>> Answer:
>>> 
>>> 1) TCM-TF intends to update RFC4170, which optimizes RTP VoIP  traffic. So if RFC4170 was interesting, why not updating it?
>>> 
>>> 2) TCM-TF can be useful in order to save bandwidth in many cases:
>>> 
>>> - Aggregation network of *network operators*: We are saving  bandwidth by optimizing and putting together traffic flows. Is this  interesting for a network operator? What about overprovisioning?  The idea is that there are places and moments in which a number of  flows based on small packets are in the same place and at the same  moment. Then, TCM-TF can be applied in order to provide  flexibility. We are not optimizing the overall Internet traffic, we  are optimizing specific flows with very tight delay requirements,  which network operators have to take care of in a special way.
>>> www.huawei.com/ilink/en/download/HW_193034
>>> 
>>> - *End to end* optimization: Nowadays, many appliances are used to  connect remote offices of the same company (creating a VPN). So if  a tunnel exists, why not optimizing this traffic when possible? We  would save bandwidth in the access network, where it can be scarce.
>>> 
>>> - Wireless and satellite scenarios.
>> 
>> "Cisco adds IP multiplexing to mobile satellite package", April  2012,  http://www.networkworld.com/news/2012/040912-cisco-ip-multiplexing-258082.html
>> 
>> 
>> 
>>> 
>>> 
>>> Any other thoughts? Any other scenarios in mind? Potential beneficiaries?
>> 
>> Some networks, today, use cRTP (RFC2508) on their access links.   This gives bandwidth savings on the access link, but consumes  considerable CPU horsepower on the aggregation router (to perform  cRTP), but provides no bandwidth savings across the network core.   If, instead, the bandwidth could be saved on the access link, across  the core, and on the far-end access link -- all without the CPU  impact on the aggregation router -- it is a considerable win.
>> 
>> -d
>> 
>> 
>> 
>>> 
>>> 
>>> Jose
>>> 
>>> De: tcmtf-bounces@ietf.org [mailto:tcmtf-bounces@ietf.org] En  nombre de Jose Saldana
>>> Enviado el: lunes, 24 de junio de 2013 13:00
>>> Para: tcmtf@ietf.org
>>> Asunto: [tcmtf] Answers to possible questions in the BOF
>>> 
>>> I would like to start a thread about possible questions people may  ask in the BOF. Obviously, we also need answers, so we should  cooperate.
>>> 
>>> This is different from the "questions to ask in the BOF". This will  be discussed separately.
>>> 
>>> Thanks!
>>> 
>>> Jose
>>> 
>>> _______________________________________________
>>> tcmtf mailing list
>>> tcmtf@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tcmtf
>> 
>> 
> 
> 
>

v2.23.0 | Report a Bug | By Email