Hi Luis,
Thanks for starting this thread
See a quick comment below:
1/ extension of ALTO to consider operational simplicity. Here fits the
proposal of introducing BGP communities in ALTO. The rationale is that
operators use BGP communities quite often as mechanism for applying
policies and determining certain behaviors on the IP addresses grouped
in the form of communities. This seems quite useful as well at the
time of exposing associated information (metrics, topology, etc) as
enabled by ALTO. An initial draft can be found
here:https://github.com/luismcontreras/alto-bgp-communities
The plan is to generate version -01 for IETF 117.
Regarding the use of BGP information (including BGP communities), I was
wondering how to process this data. Should it be considered an
aggregation process?
This is because tons of data will eventually be received, and in this
case, the BGP routing information could be aggregated into subnet
prefixes grouped by their attributes (Communities, BGP nextHop, etc.).
This process will massively compress the BGP data and then this
re-structured and aggregated data could be used to generate, for
instance, ALTO network maps based on BGP-Communities.
Make sense?
On 26.06.23 23:13, LUIS MIGUEL CONTRERAS MURILLO wrote:
Hi all,
Related to Topic B on maintenance of ALTO, as a way of summary of what
has been discussed during the last weeks, we could have two major
sub-topics:
1/ extension of ALTO to consider operational simplicity. Here fits the
proposal of introducing BGP communities in ALTO. The rationale is that
operators use BGP communities quite often as mechanism for applying
policies and determining certain behaviors on the IP addresses grouped
in the form of communities. This seems quite useful as well at the
time of exposing associated information (metrics, topology, etc) as
enabled by ALTO. An initial draft can be found
here:https://github.com/luismcontreras/alto-bgp-communities
The plan is to generate version -01 for IETF 117.
2/ security aspects of ALTO. This has been discussed in both one of
the interim meetings (see
https://datatracker.ietf.org/meeting/interim-2023-alto-05/materials/slides-interim-2023-alto-05-sessa-security-aspects-regarding-alto-luis-00)
and one ad-hoc discussion meeting
(https://mailarchive.ietf.org/arch/msg/alto/HnhO5H5xy4hBGtfm3JI7-K9mq3Y/).
The rationale for this activity is to improve the security around the
deployment and operation of ALTO in production networks. As commented
during the interim, there are a number of security issues documented
so far, like:
* A high-level discussion of security issues in the ALTO problem
statement [RFC5693]
* Unwanted information disclosure risks, as well as specific
security-related requirements in the ALTO requirements document
[RFC6708].
* Issues related ALTO server discovery in [RFC7286]
* Identified cases for ALTO deployments in [RFC7971]
* Security considerations in the remaining RFCs
However, new security concerns emerge from deployments, such as:
* Obfuscation of PIDs, and the handling of them in scenarios with
multiple ALTO clients
* Mechanisms for isolation of the ALTO server from direct client
interaction
* Secure retrieval of information from external components (e.g.,
probes, etc)
* etc
A potential first step could be to document these new security
considerations and then concentrate on those not solved representing
relevant threats in ALTO operation.
There could be other relevant topics related to the maintenance of
ALTO part from the two commented above.
Any further ideas on this respect?
Of course for those interested on the topics above, please comment.
Thanks in advance
Best regards
Luis
*De:* alto <alto-boun...@ietf.org> *En nombre de * Y. Richard Yang
*Enviado el:* miércoles, 21 de junio de 2023 1:47
*Para:* IETF ALTO <alto@ietf.org>
*Asunto:* [alto] June 20, 2023 meeting minutes and discussion working
links
Hi all,
As suggested by Ayoub, Jordi and others during the weekly meeting
today, starting from today, the note taker will not only update the
meeting minutes page
(https://github.com/ietf-wg-alto/wg-materials/blob/main/meetings-ietf-alto/ietf-alto-2023.md),
but also provide a text summary and comments, if appropriate, on the
meeting. So below are my quick comments and the full meeting minutes
are below; the archive is at the link above.
Regarding comments, the most important item that I, as a note taker,
take away is the wonderful discussion about how to organize future
work discussions. In particular, the participants divided the
potential work into 4 areas, and created 4 github issues. We also
created a common Google doc to allow systematic write up. The links to
them are below.
In particular, the four areas and their coordinators are:
- A: Integration of data sources and their exposures; coordinator:
Jordi, Luis and Kai
- B: Maintenance of ALTO protocol; coordinator: Luis, Richard
- C: Security and trust; coordinators: Ayoub, Junichi, Motoyoshi
- D: New architectural extensions; coordinators: Roland and Sabine
We sure can adjust the coordinators. So so, please let me know, and we
can adjust the page. The plan is that the coordinators will closely
with the chairs (Qin and Med) to make concrete progress. The
coordinators will kick off the discussions.
Richard as note taker on June 20, 2023
==== Meeting Minutes Text ====
*IETF, ALTO Meeting: June 20, 2023*
*Agenda:*
* Transport and OAM documents
o Transport:
https://github.com/ietf-wg-alto/draft-ietf-alto-new-transport/issues
* OAM: https://github.com/ietf-wg-alto/draft-ietf-alto-oam-yang/issues
* ALTO Future Work:
https://mailarchive.ietf.org/arch/msg/alto/uIFD6Dhikfu4J4PYcpJTbsiXbnE/
https://github.com/ietf-wg-alto/wg-materials/blob/main/FutureALTO/alto-direction-of-work.md
* Preps for IETF 117:
o Drafts and presentations that the ALTO group plans to work on
o Agenda
* New revision of Green Networking Metrics draft in opsawg:
https://datatracker.ietf.org/doc/draft-cx-opsawg-green-metrics/
*Minutes*
*Note taker: Richard
* Charter documents: transport and OAM updates
o OAM: Jensen and Med had a discussion on the draft and submit
the revision to IESG. The document is now waiting for AD review.
o Transport: Richard sent a note to Martin Thompson, to provide
the justification on introducing server push using PUSH
PROMISE. It includes two basic reasonings: lower load, and the
feature is optional; Kai updated that Med sent two pull
requests and sent the latest version for AD review, and wait
for updates.
* Updates on future work on ALTO
o Overview: Jordi started with an update on the planning: Please
follow the ongoing conversation on the WG mailing list
initiated by Sabine, engaged by Jordi and Luis; the WG
welcomes conversations by all; please socialize the ideas;
leadership is important and please take ownership; this WG
meets each week, and we do not know any other IETF WG that
meets each week, but because we meet each week, we do not use
the mailing list, which may appear to be inactive by those not
attending the weekly meeting.
o Individual topics:
+ Jordi summarized that from the mailing list, item 3
appears to be the most preferred; please do discussions,
propose a charter item and then write documents; The goal
is to go to 117 and should be prepared.
+ Richard commented that one of his focus points will be on
data sources, which can be more informational than
standard. Luis advised that there can be two types of
approaches: bottom-up (individuals propose ideas), and
top-down (chairs/AD guidance).
+ Luis suggests that we should take a look at
chair-mentioned items such as BGP communities, and
security; mid-term: such as data sources, please go to the
mailing list.
* Work organization: Meeting notes work plan: Ayoub gave the
suggestion that note taker shares the note to the mailing list,
some kind of annotated meeting minutes. Roland clarified that the
sharing notes can be double sent, or summary/highlights, or up to
note taker. Organizing discussions: Luis/Jordi: email as record,
GitHub tickets to organize; Jordi creates 4 tickets, and puts
links to doc.
* Issues, leads, and working documents:
o Topic A:
+ GitHub issue: #48
<https://github.com/ietf-wg-alto/wg-materials/issues/48>
+ Topic coordinator: Jordi, Kai
o Topic B:
+ GitHub: #49
<https://github.com/ietf-wg-alto/wg-materials/issues/49>
+ Topic coordinator: Roland, Sabine
o Topic C:
+ GitHub: #50
<https://github.com/ietf-wg-alto/wg-materials/issues/50>
+ Topic coordinator: Ayoub, Junichi, Motoyoshi
o Topic D:
+ GitHub: #51
<https://github.com/ietf-wg-alto/wg-materials/issues/51>
+ Coordinator: Luis, Jordi
o Discussion Google doc:
+
https://docs.google.com/document/d/1rpziU7NZEE8f84XkJSjMhEIHUA5G7rXkGB5c_7UFxUY/edit?usp=sharing
o Goals: Enabling conversations and concrete documents (compute,
edge service, etc), need to focus; real good way to make
progress is internet-draft (ID) as ground truth, from dynamic
to stable, with focus on writing drafts for concrete results).
--
--
=====================================
| Y. Richard Yang <y...@cs.yale.edu> |
| Professor of Computer Science |
| http://www.cs.yale.edu/~yry/ |
=====================================
------------------------------------------------------------------------
Este mensaje y sus adjuntos se dirigen exclusivamente a su
destinatario, puede contener información privilegiada o confidencial y
es para uso exclusivo de la persona o entidad de destino. Si no es
usted. el destinatario indicado, queda notificado de que la lectura,
utilización, divulgación y/o copia sin autorización puede estar
prohibida en virtud de la legislación vigente. Si ha recibido este
mensaje por error, le rogamos que nos lo comunique inmediatamente por
esta misma vía y proceda a su destrucción.
The information contained in this transmission is confidential and
privileged information intended only for the use of the individual or
entity named above. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination,
distribution or copying of this communication is strictly prohibited.
If you have received this transmission in error, do not read it.
Please immediately reply to the sender that you have received this
communication in error and then delete it.
Esta mensagem e seus anexos se dirigem exclusivamente ao seu
destinatário, pode conter informação privilegiada ou confidencial e é
para uso exclusivo da pessoa ou entidade de destino. Se não é vossa
senhoria o destinatário indicado, fica notificado de que a leitura,
utilização, divulgação e/ou cópia sem autorização pode estar proibida
em virtude da legislação vigente. Se recebeu esta mensagem por erro,
rogamos-lhe que nos o comunique imediatamente por esta mesma via e
proceda a sua destruição
------------------------------------------------------------------------
Le informamos de que el responsable del tratamiento de sus datos es la
entidad del Grupo Telefónica vinculada al remitente, con la finalidad
de mantener el contacto profesional y gestionar la relación
establecida con el destinatario o con la entidad a la que está
vinculado. Puede contactar con el responsable del tratamiento y
ejercitar sus derechos escribiendo a privacidad....@telefonica.com.
Puede consultar información adicional sobre el tratamiento de sus
datos en nuestra Política de Privacidad
<https://www.telefonica.com/es/telefonica-politica-de-privacidad-de-terceros/>.
We inform you that the data controller is the Telefónica Group entity
linked to the sender, for the purpose of maintaining professional
contact and managing the relationship established with the recipient
or with the entity to which it is linked. You may contact the data
controller and exercise your rights by writing to
privacidad....@telefonica.com. You may consult additional information
on the processing of your data in our Privacy Policy
<https://www.telefonica.com/en/wp-content/uploads/sites/5/2022/12/Telefonica-Third-data-subjects-Privacy-Policy.pdf>.
Informamos que o responsável pelo tratamento dos seus dados é a
entidade do Grupo Telefónica vinculada ao remetente, a fim de manter o
contato professional e administrar a relação estabelecida com o
destinatário ou com a entidade à qual esteja vinculado. Você pode
entrar em contato com o responsável do tratamento de dados e exercer
os seus direitos escrevendo a privacidad....@telefonica.com. Você pode
consultar informação adicional sobre o tratamento do seus dados na
nossa Política de Privacidade
<https://www.telefonica.com/es/politica-de-privacidade-de-terceiros/>.
_______________________________________________
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
--
Danny Lachos | Senior Network Engineer
BENOCS GmbH, Berlin
+49 305 7700 0417
dlac...@benocs.com
www.benocs.com
Visit us on LinkedIn:https://www.linkedin.com/company/benocs/
_______________________________________________
alto mailing list
alto@ietf.org
https://www.ietf.org/mailman/listinfo/alto
