Re: [homenet] homenet: what now? ... next?

[STARK, BARBARA H]

> > But Wi-Fi Alliance (WFA) has been working to provide a solution for
> seamless whole home coverage. And from what I can see, I think it's going to
> be successful. But WFA EasyMesh (release 1) is a tree-topology L2 bridged
> network. I do think this needs to move towards true mesh (and the reason
> they haven't is because they haven't yet been properly introduced to an
> easy method of loop avoidance).
> 
> 
> Do you know if they deal with differences in the security domains? Or is
> it punted to L3? Like in my example, I might want to let my neighbors
> access my hot tub controller, but not, say, my tv. You can envision the
> same thing with guest/kids nets.

Release 1 did not. 
Here is the Release 1 spec: 
https://www.wi-fi.org/file/multi-ap-specification-v10
They do make non-members provide contact info, but the download is free.

Release 2 hasn't been released, yet. And I've pledged to abide by their 
non-disclosure policies, so I can't tell non-members what's in it. I think it's 
safe to say, it adds functionality that many companies find desirable.
Barbara
___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

Re: [homenet] homenet: what now? ... next?

[Michael Thomas]

On 3/1/19 4:14 PM, Michael Richardson wrote:


When we started this effort we heard of real situations such as Fred's
original FUN BOF slides on how dual-geek households are forced not to share
printers due to corporate home firewall requirements.  And that we should
expect the situation to get worse.  Those slides are close to ten years old.
I'd like to know if they are still at relevant.  Maybe they aren't.
If not, why not?

I've been in startup land the last several years where everything is in 
the cloud and everybody brings their own device. At the office, it was 
just business cable. We got asked by a customer what our firewall was 
and we sort of looked puzzled. Where do you mean? There was no corporate 
network and no need for one. We outsourced all of the typical things 
that corpro IT does which was fine by us because who wants to spend time 
and money on reinventing wheels?


My point here is that companies who are started in the cloud -- which is 
just about everybody these days -- don't even understand the 
requirement. Maybe they do when they get big enough, but I'm not sure.


Mike

___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

Re: [homenet] homenet: what now? ... next?

[Michael Richardson]

Michael Thomas  wrote:
> I would guess that even after 5 years, we still don't have much v6
> deployment
> into homes and that's a pretty big problem. Router vendors are not much
> motivated by that which doesn't have a market.

Cable ISPs in north america (Rogers, Comcast) seem to be turning more and
more IPv6 on daily.  I am going by increasingly visible IPv6 (including ULAs,
btw) at local pubs/restaurants/coffee shops.  But, IPv6 is at this point, a
non-event for users (that's good that they don't notice, btw).

I personally do not believe that Home Router firmware update practices have
significantly improved.  I would welcome more recent data: is anyone
collecting this on a regular basis?  I suspect that 90% of firmware updates
occur because the (integrated) modem is replaced in order to upgrade
bandwidth.

For the last 10 to 15 years the ISP-provided home router has come to dominate
the market, with the belief by the ISPs that this is a MUST that they control
the device.  Many (but not all) at the IETF do not share this view, but most
non-technical users see the ISP provided router is simply saving the trip to
BestBuy, rather than an abdication of control over their home.   If this
trend continues, then I believe that ISPs (residential IAPs) will come to
want to control all IoT devices in the home -- because security -- telling
residential customers what they can and not connect.

I believe that this direction will result in ISPs being 100% liable for
attacks on critical infrastructure; I don't think that this is a place that
ISPs want to be, but I'm not sure that they have understood this yet.

It's clearly not in
Amazon/Google/Facebook/Intel/Samsung/insert-another-IoT-conglomerate's
interest to be told by ISPs what their products may or may not do.
This is an ongoing tussle that that relates in some ways (but not all) to the
net neutrality debate and the desire my ISPs for a cut of the over-top-pie.
My answer is that the consumer should be in control, and that ISPs need to
get out of the home router business entirely.  Home router vendors (or the
service companies they create) should provide first-level support for issues,
and actual real connectivity issues should be submitted electronically.  Not
so different in the way that my furnace maintenance is not provided by my gas
supplier, but my gas supplier gets to inspect the hookup.

When we started this effort we heard of real situations such as Fred's
original FUN BOF slides on how dual-geek households are forced not to share
printers due to corporate home firewall requirements.  And that we should
expect the situation to get worse.  Those slides are close to ten years old.
I'd like to know if they are still at relevant.  Maybe they aren't.
If not, why not?

--
Michael Richardson , Sandelman Software Works
 -= IPv6 IoT consulting =-


signature.asc
Description: PGP signature
___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

Re: [homenet] homenet: what now? ... next?

[Michael Thomas]

On 3/1/19 3:49 PM, STARK, BARBARA H wrote:

I would guess that even after 5 years, we still don't have much
v6 deployment into homes and that's a pretty big problem.

That's an interesting statement to make. Do you have evidence of that?
https://www.worldipv6launch.org/measurements/ shows considerable deployment. I know 
for a fact that the AT wireline network supports IPv6 to 100% of customers. 
The reason only 61.26% of traffic is IPv6 is *not* due to the ISP not supporting 
it. It's due to edge networks that don't support. And in this case, it's mostly due 
to enterprises not supporting. The 61.26% number is heavily weighted towards mass 
market customers using IPv6, because it was easier to push IPv6 support into 
managed CE routers.


Oh, that's interesting. I knew it was getting support on mobile, but 
haven't kept up on what's going on cable/dsl/fiber.





What I *am* seeing, is a lack of random topology multi-router networks.
While it may be that continued use of IPv4 in home networks is a factor that 
drives people away from multi-router topologies, I don't think this is the same 
as saying that lack of IPv6 is a reason people aren't deploying.
I really don't think IPv6 (or even IPv6-only inside the mass market LAN -- 
which won't be happening for a long time) is a driver for multiple routers.
What I meant is that homenet router protocols are v6 only. At least the 
last time I checked.

The biggest driver historically has been to get multiple Wi-Fi access points, 
to cover more of the premises. But many people resisted even this driver, 
because devices didn't seamlessly move between APs and the routed interfaces 
blocked multicast traffic (so you could only cast to your TV if you were on the 
same AP with the TV).


Yeah, I have that problem with my friends/neighbors.



But Wi-Fi Alliance (WFA) has been working to provide a solution for seamless 
whole home coverage. And from what I can see, I think it's going to be 
successful. But WFA EasyMesh (release 1) is a tree-topology L2 bridged network. 
I do think this needs to move towards true mesh (and the reason they haven't is 
because they haven't yet been properly introduced to an easy method of loop 
avoidance).



Do you know if they deal with differences in the security domains? Or is 
it punted to L3? Like in my example, I might want to let my neighbors 
access my hot tub controller, but not, say, my tv. You can envision the 
same thing with guest/kids nets.




But even if the common home network won't have lots of routers, the need for a 
good naming architecture still exists, IMO.



Yes, and that's not dependent on v6 afaik.

Mike

___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

Re: [homenet] homenet: what now? ... next?

[STARK, BARBARA H]

> I would guess that even after 5 years, we still don't have much
> v6 deployment into homes and that's a pretty big problem. 

That's an interesting statement to make. Do you have evidence of that?
https://www.worldipv6launch.org/measurements/ shows considerable deployment. I 
know for a fact that the AT wireline network supports IPv6 to 100% of 
customers. The reason only 61.26% of traffic is IPv6 is *not* due to the ISP 
not supporting it. It's due to edge networks that don't support. And in this 
case, it's mostly due to enterprises not supporting. The 61.26% number is 
heavily weighted towards mass market customers using IPv6, because it was 
easier to push IPv6 support into managed CE routers.

What I *am* seeing, is a lack of random topology multi-router networks.
While it may be that continued use of IPv4 in home networks is a factor that 
drives people away from multi-router topologies, I don't think this is the same 
as saying that lack of IPv6 is a reason people aren't deploying.
I really don't think IPv6 (or even IPv6-only inside the mass market LAN -- 
which won't be happening for a long time) is a driver for multiple routers.
The biggest driver historically has been to get multiple Wi-Fi access points, 
to cover more of the premises. But many people resisted even this driver, 
because devices didn't seamlessly move between APs and the routed interfaces 
blocked multicast traffic (so you could only cast to your TV if you were on the 
same AP with the TV).

But Wi-Fi Alliance (WFA) has been working to provide a solution for seamless 
whole home coverage. And from what I can see, I think it's going to be 
successful. But WFA EasyMesh (release 1) is a tree-topology L2 bridged network. 
I do think this needs to move towards true mesh (and the reason they haven't is 
because they haven't yet been properly introduced to an easy method of loop 
avoidance). 

So if multi-access points was a driver for multiple routers, WFA EasyMesh may 
very well kill that off as a driver.

But even if the common home network won't have lots of routers, the need for a 
good naming architecture still exists, IMO.
And the need for good loop avoidance...

This is my personal, individual opinion, if that wasn't obvious.
Barbara
___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

Re: [homenet] homenet: what now? ... next?

[Michael Thomas]

On 3/1/19 2:25 PM, Ted Lemon wrote:
On Mar 1, 2019, at 4:21 PM, Stephen Farrell > wrote:

If one of those positions captures your opinion, feel free to respond
in shorthand. Otherwise, please tell us where you think we ought be
going, as a WG, with (a), (b) and/or (c).


For me it’s (1) and (2).

I think there are a few reasons why homenet feels stalled right now.



I would guess that even after 5 years, we still don't have much v6 
deployment into homes and that's a pretty big problem. Router vendors 
are not much motivated by that which doesn't have a market.


Sigh.


Mike



  * We are tracking a moving target, and we haven’t adjusted our
goals.   This is the conclusion I came to as a result of working
on the presentation I did in Bangkok on Homenet Marketing.   I
don’t think this is bad.
  * I conjecture that one of the reasons that there is good attendance
at homenet but relatively limited participation is in fact that we
are developing technology that is interesting to the people who
are showing up, but not quite addressing their needs.
  * I don’t actually know what the applicability is for the hidden
primary stuff.   I’ve gotten feedback that there are people who
want this, but I have no idea what to do with it, given that we
don’t want to expose internal DNS to external nodes.
  * No hardware that does homenet.   We have homenet stuff in OpenWRT,
but making it work in a home isn’t a turnkey operation, and that
is, after all, the goal of Homenet: a real network that sets
itself up without the user having to grok how it works.
  * One of the applications of Homenet that we keep hearing about is
the SOHO market.   We should target that explicitly and see what
gaps exist in addressing it.


So I think spending some time re-targeting would be worthwhile, and 
it’s my intention to present a draft that talks about that in Prague.


I also would really like to see if anybody is willing to actually hack 
on Homenet in the hackathon.   There are a couple of projects I’d like 
to see us work on:


  * Turnkey homenet build of OpenWRT
  * If the Turris folks are down, it would be nice if they could join
us and make it work in Turris OS as well.
  * Homenet-wide service discovery using the DNSSD Discovery proxy
we’ve been working on, which is fully functional at this point.
  * Support for DNSSD SRP (this would involve finishing the SRP
gateway I’ve been working on, and getting it to update Unbound or
BIND).
  * Joining constrained-network edge routers to homenet routing and
service discovery infrastructure
  * MUD support for devices that are not on a separate link, but are
isolated from nodes that don’t have permission to talk to them.  
This should be doable in OpenWRT.
  * Automatic IKEv2 tunnels on OpenWRT that use the new split DNS
stuff being published in IPSECME to allow us to serve home.arpa to
VPN clients.


This is an ambitious set of goals, and I don’t expect we’ll work on 
all of them, but these are things that need work, so if there is 
energy to work on any of them, it would be nice to see that happen at 
hackathon.




___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet
___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

Re: [homenet] homenet: what now? ... next?

[Ted Lemon]

On Mar 1, 2019, at 4:21 PM, Stephen Farrell  wrote:
> If one of those positions captures your opinion, feel free to respond
> in shorthand. Otherwise, please tell us where you think we ought be
> going, as a WG, with (a), (b) and/or (c).

For me it’s (1) and (2).

I think there are a few reasons why homenet feels stalled right now.

We are tracking a moving target, and we haven’t adjusted our goals.   This is 
the conclusion I came to as a result of working on the presentation I did in 
Bangkok on Homenet Marketing.   I don’t think this is bad.
I conjecture that one of the reasons that there is good attendance at homenet 
but relatively limited participation is in fact that we are developing 
technology that is interesting to the people who are showing up, but not quite 
addressing their needs.
I don’t actually know what the applicability is for the hidden primary stuff.   
I’ve gotten feedback that there are people who want this, but I have no idea 
what to do with it, given that we don’t want to expose internal DNS to external 
nodes.
No hardware that does homenet.   We have homenet stuff in OpenWRT, but making 
it work in a home isn’t a turnkey operation, and that is, after all, the goal 
of Homenet: a real network that sets itself up without the user having to grok 
how it works.
One of the applications of Homenet that we keep hearing about is the SOHO 
market.   We should target that explicitly and see what gaps exist in 
addressing it.

So I think spending some time re-targeting would be worthwhile, and it’s my 
intention to present a draft that talks about that in Prague.

I also would really like to see if anybody is willing to actually hack on 
Homenet in the hackathon.   There are a couple of projects I’d like to see us 
work on:
Turnkey homenet build of OpenWRT
If the Turris folks are down, it would be nice if they could join us and make 
it work in Turris OS as well.
Homenet-wide service discovery using the DNSSD Discovery proxy we’ve been 
working on, which is fully functional at this point.
Support for DNSSD SRP (this would involve finishing the SRP gateway I’ve been 
working on, and getting it to update Unbound or BIND).
Joining constrained-network edge routers to homenet routing and service 
discovery infrastructure
MUD support for devices that are not on a separate link, but are isolated from 
nodes that don’t have permission to talk to them.   This should be doable in 
OpenWRT.
Automatic IKEv2 tunnels on OpenWRT that use the new split DNS stuff being 
published in IPSECME to allow us to serve home.arpa to VPN clients.

This is an ambitious set of goals, and I don’t expect we’ll work on all of 
them, but these are things that need work, so if there is energy to work on any 
of them, it would be nice to see that happen at hackathon.


___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

[homenet] homenet: what now? ... next?

[Stephen Farrell]

Dear WG,

At IETF-103 Ted lead a good discussion of where we're at and where we
and others in the homenet space may be heading. One key aspect of that
discussion is that we might (or might not) be working on specs that have
been overtaken by events e.g. in the sense that perhaps there are now
sufficient other options that people are less likely to implement the
specs we currently have as WG documents.

As chairs, we have also noted the relative lack of activity on the list
in recent months, which could also be related to a lack of interest in
implementing and deploying our current WG drafts.

We'd therefore like to have a discussion on the list, between now
and IETF-104 as to what the WG ought be doing.

It's fine to offer general opinions, but as a way to break it down, we
basically have two bits of work in-hand: (a) work on simple naming [1]
and (b) the drafts on handling names with help from your ISP. [2,3]
(We also have a chartered work item [4] on security that has seen no
progress but you can comment on that as item (c) if you like;-)

Ted also has some concrete ideas for work to do at the upcoming
hackathon. We've asked him to start a separate thread on that and
would love to see people participate in that.

We think there are a few potential positions that participants in the
discussion may have (or end up having) with respect to each of those,
perhaps:

(1) it's great work and I plan to implement or deploy - see
you at the hackathon!
(2) it's great work and I'll be actively engaged with it in
the coming months reviewing drafts and posting to the
list
(3) I do care about this stuff getting done, but I don't have
the time/management interest to spend the time I'd like.
(4) I'm not that interested in this stuff, but I don't object,
and I'll read some drafts as I'm able to.
(5) it's fine stuff, but IMO not going to be used, so there's
not much point in producing RFCs
(6) not sure at the moment, maybe the WG should go quiescent for
a while 'till we know more

If one of those positions captures your opinion, feel free to respond
in shorthand. Otherwise, please tell us where you think we ought be
going, as a WG, with (a), (b) and/or (c).

To be clear, we're happy to proceed according to the consensus of the
WG participants whatever that may be. That could mean trying to
accelerate some work, or closing down the WG, or anything in between,
assuming we see enough engagement in discussion and that there's a
rough consensus that we can call.

As chairs, we want to allow plenty of time for this, and are considering
devoting (part of) a f2f session to bottoming out on this topic at
IETF-104 if that's needed, but we'd like to be reassured that the WG
think we're working on the right things now, and that those are likely
to be implemented and hopefully deployed.

We'd really appreciate it if you can send an initial response to
this mail in the next week so we can start to build an agenda for
our session at IETF-104.

Thanks
B (As chairs)


[1] https://tools.ietf.org/html/draft-ietf-homenet-simple-naming
[2]
https://tools.ietf.org/html/draft-ietf-homenet-front-end-naming-delegation
[3]
https://tools.ietf.org/wg/homenet/draft-ietf-homenet-naming-architecture-dhc-options/
[4] https://tools.ietf.org/wg/homenet/charters







0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature
___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

[homenet] homenet - Requested session has been scheduled for IETF 104

["IETF Secretariat"]

Dear Barbara Stark,

The session(s) that you have requested have been scheduled.
Below is the scheduled session information followed by
the original request. 


homenet Session 1 (1:30 requested)
Tuesday, 26 March 2019, Morning Session I 0900-1100
Room Name: Grand Ballroom size: 250
-


iCalendar: https://datatracker.ietf.org/meeting/104/sessions/homenet.ics

Request Information:


-
Working Group Name: Home Networking
Area Name: Internet Area
Session Requester: Barbara Stark

Number of Sessions: 1
Length of Session(s):  1.5 Hours
Number of Attendees: 80
Conflicts to Avoid: 
 First Priority: tls saag babel 6man dnssd dnsop intarea v6ops secdispatch
 Second Priority: mptcp
 Third Priority: mls


People who must be present:
  Stephen Farrell
  Eric Vyncke
  Terry Manderson
  Barbara Stark

Resources Requested:

Special Requests:
  
-

___
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet