Eric Rescorla has entered the following ballot position for
draft-ietf-opsawg-mud-20: Discuss
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to
Eric Rescorla has entered the following ballot position for
draft-ietf-opsawg-mud-20: Discuss
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to
Hello Opsawg,
We have uploaded a new version of the TACACS+ informational draft which
includes corrections for typos over the document as a whole, but also revised
the security section. We anticipate this security section will get most
comments, so it is reproduced below.
We will endeavor to
> I do not see any indication of wide-spread consistency.
the point is that there is widespread use. the page heas pointed out is
what is documented by large ops, the tip of the iceberg. how about stop
speaking for operators?
randy
___
OPSAWG
Dear Joel Halpern,
Thank you very much for your review. Please see my preliminary reply below.
For your first concern, the idea is when the routers obtain the information for
the already defined BGP related IEs, such as bgpSourceAsNumber,
bgpDestinationAsNumber, and bgpNextHopIPv4Address, etc,
Thank you for that pointer. It is informative.
I looked at a number of the entries (trying to pick larger ISPs as more
likely to need more information.)
What i see is some ISPs doing what Randy Bush mentioned, marking
regions. I see a few ISPs that explicitly mark country (or in one case
Sun, Apr 15, 2018 at 02:52:43PM +, li zhenqiang:
> Why do you think this is unusual and not common?
Possibly, with due respect, because he is not an operator? While ASes often
do so internally, not all reveal it externally or not ubiquitously. Browse
https://onestep.net/communities/ to
hi joel,
> The secondary problem is that this additional work is justified for
> the router by the claim that the unusual usage of applying community
> tags for geographical location of customers is a common practice. It
> is a legal practice. And I presume it is done somewhere or the
> authors
Hi Eric,
On 15.04.18 13:32, Eric Rescorla wrote:
> Eric Rescorla has entered the following ballot position for
> draft-ietf-opsawg-mud-20: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
>
On Sun, Apr 15, 2018 at 10:28 AM, Eliot Lear wrote:
> Hi Eric,
>
> On 15.04.18 13:32, Eric Rescorla wrote:
>
> Eric Rescorla has entered the following ballot position for
> draft-ietf-opsawg-mud-20: Discuss
>
> When responding, please keep the subject line intact and reply to all
> I fone has geo-information, it is unlikely to change.
i guess you have never noticed when you are at ietf praha and your phone
says you are in seoul or whatever. it takes non-trivial ops pain to get
ietf attendees geoloc to work; and sometimes we can't.
when you find yourself in a hole, first
Randy, I did suggest that one would update the offline data.
My point was that the draft claims taht extreme timliness is needed.
For IP block geolocation, timeliness on the order of a day (much shorter
than the several days before the IETF when the IETF block gets turned on
somewhere.)
randy, noting that the IETF has trouble with the geo-tagging of its
addresses does not seem to have ANYTHING to do with demonstrating how
widely used the geo-communities are.
If you want to make that case, make it. But don't bring up red herrings.
As you note, it is up to the WG, not to me,
> Thus, again, you are not making a case for why the existing techniques
> which are easier to implement and deploy are not sufficie3nt for the
> problem.
correct. i, and a couple of other ops, are making the case that
communities are fairly widely used for tagging geo loc at varying
Hi, Joel:
Can we consider this draft from other viewpoints? If the router can report
and correlate the traffic with its associated community, the usage of the
community to differentiate the customer, the service category that be
accessed and the geographical region etc. will be flourished.
And
There seem to be two separate issues.
The first issue is what information from BGP would one like to correlate
with the traffic flows. I understand that there is useful information.
The motivation given in the draft seems to apply to more cases than I
thought, but still it is of limited
> As far as I can see, this document proposed a new aggregation
> parameter for IPFIX. So that the operators can get the traffic
> statistic from a new dimension.
>
> Because "Flow information based on IP address or IP prefix may provide
> much too fine granularity for a large network. On the
Thank you Jimmy.
While I disagree, I think this states the case clearly enough for it to
be up to the working group and relevant ADs.
Yours,
Joel
On 4/15/18 11:40 PM, Dongjie (Jimmy) wrote:
Hi Joel,
Thanks a lot for your review comments.
Regarding your first problem, I don't think this
Hi Joel,
Thanks a lot for your review comments.
Regarding your first problem, I don't think this draft introduces "significant
new processing load on the router", as similar processing has already been done
for the BGP AS number and BGP-nexthop based traffic collection. As described in
the
Hi Joel,
> From what I can tell reading this, the value requires significantly more
> precision than "region".
As far as I can see, this document proposed a new aggregation parameter for
IPFIX. So that the operators can get the traffic statistic from a new dimension.
Because "Flow information
Ben Campbell has entered the following ballot position for
draft-ietf-opsawg-mud-20: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to
21 matches
Mail list logo