[OPSAWG] Eric Rescorla's Discuss on draft-ietf-opsawg-mud-20: (with DISCUSS and COMMENT)

Eric Rescorla has entered the following ballot position for draft-ietf-opsawg-mud-20: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to

[OPSAWG] Eric Rescorla's Discuss on draft-ietf-opsawg-mud-20: (with DISCUSS and COMMENT)

Eric Rescorla has entered the following ballot position for draft-ietf-opsawg-mud-20: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to

Re: [OPSAWG] New Version Notification for draft-ietf-opsawg-tacacs-10.txt

Hello Opsawg, We have uploaded a new version of the TACACS+ informational draft which includes corrections for typos over the document as a whole, but also revised the security section. We anticipate this security section will get most comments, so it is reproduced below. We will endeavor to

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

> I do not see any indication of wide-spread consistency. the point is that there is widespread use. the page heas pointed out is what is documented by large ops, the tip of the iceberg. how about stop speaking for operators? randy ___ OPSAWG

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

Dear Joel Halpern, Thank you very much for your review. Please see my preliminary reply below. For your first concern, the idea is when the routers obtain the information for the already defined BGP related IEs, such as bgpSourceAsNumber, bgpDestinationAsNumber, and bgpNextHopIPv4Address, etc,

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

Thank you for that pointer. It is informative. I looked at a number of the entries (trying to pick larger ISPs as more likely to need more information.) What i see is some ISPs doing what Randy Bush mentioned, marking regions. I see a few ISPs that explicitly mark country (or in one case

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

Sun, Apr 15, 2018 at 02:52:43PM +, li zhenqiang: > Why do you think this is unusual and not common? Possibly, with due respect, because he is not an operator? While ASes often do so internally, not all reveal it externally or not ubiquitously. Browse https://onestep.net/communities/ to

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

hi joel, > The secondary problem is that this additional work is justified for > the router by the claim that the unusual usage of applying community > tags for geographical location of customers is a common practice. It > is a legal practice. And I presume it is done somewhere or the > authors

Re: [OPSAWG] Eric Rescorla's Discuss on draft-ietf-opsawg-mud-20: (with DISCUSS and COMMENT)

Hi Eric, On 15.04.18 13:32, Eric Rescorla wrote: > Eric Rescorla has entered the following ballot position for > draft-ietf-opsawg-mud-20: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this >

Re: [OPSAWG] Eric Rescorla's Discuss on draft-ietf-opsawg-mud-20: (with DISCUSS and COMMENT)

On Sun, Apr 15, 2018 at 10:28 AM, Eliot Lear wrote: > Hi Eric, > > On 15.04.18 13:32, Eric Rescorla wrote: > > Eric Rescorla has entered the following ballot position for > draft-ietf-opsawg-mud-20: Discuss > > When responding, please keep the subject line intact and reply to all

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

> I fone has geo-information, it is unlikely to change. i guess you have never noticed when you are at ietf praha and your phone says you are in seoul or whatever. it takes non-trivial ops pain to get ietf attendees geoloc to work; and sometimes we can't. when you find yourself in a hole, first

Re: [OPSAWG] [Gen-art] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

Randy, I did suggest that one would update the offline data. My point was that the draft claims taht extreme timliness is needed. For IP block geolocation, timeliness on the order of a day (much shorter than the several days before the IETF when the IETF block gets turned on somewhere.)

Re: [OPSAWG] [Gen-art] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

randy, noting that the IETF has trouble with the geo-tagging of its addresses does not seem to have ANYTHING to do with demonstrating how widely used the geo-communities are. If you want to make that case, make it. But don't bring up red herrings. As you note, it is up to the WG, not to me,

Re: [OPSAWG] [Gen-art] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

> Thus, again, you are not making a case for why the existing techniques > which are easier to implement and deploy are not sufficie3nt for the > problem. correct. i, and a couple of other ops, are making the case that communities are fairly widely used for tagging geo loc at varying

[OPSAWG] 答复: Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

Hi, Joel: Can we consider this draft from other viewpoints? If the router can report and correlate the traffic with its associated community, the usage of the community to differentiate the customer, the service category that be accessed and the geographical region etc. will be flourished. And

Re: [OPSAWG] 答复: Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

There seem to be two separate issues. The first issue is what information from BGP would one like to correlate with the traffic flows. I understand that there is useful information. The motivation given in the draft seems to apply to more cases than I thought, but still it is of limited

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

> As far as I can see, this document proposed a new aggregation > parameter for IPFIX. So that the operators can get the traffic > statistic from a new dimension. > > Because "Flow information based on IP address or IP prefix may provide > much too fine granularity for a large network. On the

Re: [OPSAWG] [RTG-DIR] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

Thank you Jimmy. While I disagree, I think this states the case clearly enough for it to be up to the working group and relevant ADs. Yours, Joel On 4/15/18 11:40 PM, Dongjie (Jimmy) wrote: Hi Joel, Thanks a lot for your review comments. Regarding your first problem, I don't think this

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

Hi Joel, Thanks a lot for your review comments. Regarding your first problem, I don't think this draft introduces "significant new processing load on the router", as similar processing has already been done for the BGP AS number and BGP-nexthop based traffic collection. As described in the

Re: [OPSAWG] Rtgdir early review of draft-ietf-opsawg-ipfix-bgp-community-06

Hi Joel, > From what I can tell reading this, the value requires significantly more > precision than "region". As far as I can see, this document proposed a new aggregation parameter for IPFIX. So that the operators can get the traffic statistic from a new dimension. Because "Flow information

[OPSAWG] Ben Campbell's No Objection on draft-ietf-opsawg-mud-20: (with COMMENT)

Ben Campbell has entered the following ballot position for draft-ietf-opsawg-mud-20: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to