IETF 47
Adelaide, Australia
Monday, 19.30 - 22.00
Minutes taken by: Joerg Ott
Minutes prepared by: Jonathan Rosenberg
Agenda Bashing
--------------
Agenda:
Agenda Bashing 5mins Rosenberg
Status of docs 5mins Rosenberg
Framework for IIN 15mins Slutsman
TRIP 45mins Rosenberg
TRIP for GWs 15mins Rosenberg
CPL 45mins Rosenberg
Agenda accepted w/o modifications.
Status of documents
-------------------
- CPL Framework
- submitted to the IESG for Informational
- approved & awaiting RFC #
- TRIP Framework
- resubmitted in March
- under consideration now
Framework and Requirements for the Internet Intelligent Networks
----------------------------------------------------------------
- presented by Lev Slutsman
[draft-lslutsman-sip-iin-framework.txt]
Outline
- Generalized IIN architecture
- transparent access from SIP network to traditional IN services
- Internet service creation
- API fo service creation
Transparent access to traditional IN services
- Motivation
- PSTN and VoIP network will coexist for some time
- reuse of h/w (SCP, SN, SMS), software, service logial
- time-to-market for introduction of VoIP services
- proposes to include access to traditional IN together
with IP-based service creation (CPL, CGI)
- APIs
Generalized IIN Architecture
Traditional IN Architecture
Arhictecture (cont.)
- based on remote execution logic
- SoftSwitch layer makes SCP believe that it deals with switches
- challenge is to map SIP FSM onto SSP FSM
Internet-based service creation
- The execution of the service logic takes place on the server
Generalize IIN Architecture
- how to invoke service logic (e.g. script)
- use a trigger database
- trigger + ordered list of programs to be executed
- trigger = SIP-call-leg + State
- in addition, information that comes with a message, along with
"global" variables are used by service logic
Two approaches proposed:
* The Distributed Service Creation Environment
* The Centralized Service Creation Environment
There were no comments on this work.
TRIP Changes
------------
- Jonathan Rosenberg
Overview
- Authentication Attribute
- Intra-domain Flooding algorithm
- Removal of Marker
- Next hop can be IP address or domain name
- LocalPreference must be used as received
- Minor attribute semantics
Auth Attribute
- list of signatures
- each signature is over a specific attribute
- signature data includes
- ITAD of signer
- TRIP ID of signer
- Auth Algorithm
- Signature
- Signature covers ReachableRoutes and attribute
TRIP Internal Flooding
- purpose: sync the database of all LSs within a domain
- method: link-state based
- topology determination
- contains peering relationships at each LS
- allows LS to determine internal topology
- peering changes flooded to all LSs
- ITAD topology:
- a list with identifiers of an LSs internal peers
- flooded to peers when peering changes
- strictly intra-domain
- link state encapsulated attribute
- Link State Encapsulation
- purpose: detect loops
- applies to three attributes
- contains sequence number and originator
TRIP databases
- Adj-Trib-In
- Adj-Trib-External
- Loc-Trib: one per LS
- Adj-Trib-Out: one per external peer
Flooding of Routes
- if Adj-TRIB-External changes
- status of a route originating at LS changes
Receiving Flooded Routes
- check if its a loop
- looped if originator = me
- received a route with same SN already in DB
- if no loop, check if its newer than route in DB. If so, add.
Route Selection
- run on Adj-TRIB-Ins of peers and Adj-TRIB-External
The point was emphasized about the need for the TRIB-External. Its
main purpose is to enable faster convergence. When an internal peer
crashes, all other internal peers already have the best external
routes, and so they can all switch to this one, rather than waiting
for the new best route to be propagated.
Withdrawing routes
- must hold withdrawn routes for some time
Removal of Marker
- original purpose was Auth and Sync in BGP
- we don't need it for Authentication
- using IPsec
- not actually used for synchronization
- removed it
Next Hop Address formats
- previously, was just IPv4 and IPv6. Want to add domain name.
motivation: DNS support for load balancing can be used,
also allows indirection step
Dave Oran asked why we should even bother with IPv4 and IPv6. Rather,
just use domain names. After all, this is an application layer
protocol, not a layer 3 routing protocol. In any case, you can always
allow IPv4 or IPv6 addresses as strings, just like a domain name.
-> domain names only?: significant enough issue to take it to the
list, but there seemed consensus to do it.
Local preference
- clarification that local preference must always be used, and not
recomputed.
Attribute Flags
- some clarifications
Pending Changes
- TRIP port number: 6069
- addition of community attribute
- send/recv/send-recv capability
Community Attribute
- found many uses in BGP4
- probably useful for us
- optional
- may as well include it now
Send/Receive/SendReceive
- useful for an LS to declare it will only
- send routes
- receive routes
- both
- default is both
- if receive only, peer LS must not send
- send-only applications (gateway, next presentation)
- receive only application (monitoring systems)
Dave Oran expressed some concerns about send only and receive only. In
particular, an LS which was send only to some peers and receive only
to others could cause bizarre topology problems that foul things
up. Thus, this capability must apply to the LS, rather than its
relationship with peers.
Open Issues:
- the list is getting smaller
- Main issues
- default timer values
- usage of TRIP IDs
- authentication mechanisms
- Hop by hop security
- Confederations
Default Timer Values
- taken from BGP4 timer defaults
- new one: max purge time
Comment: IS-IS uses 90 minutes for this timer; we may want to follow
suit. Do we want to change any of the other ones? It was noted that
you can always change the value of some of these (like the keepalive
timer), and that we were really discussing the default. In that case,
it may not matter.
Usage of TRIP IDs
- spec says it can be different for each external peer
- If you do monitoring, you may want to use the same TRIP ID
Authentication mechanisms
- used in auth attribute
- none are currently specified
- probably not a bad idea to have just one
- Proposals?
-> None so far. People are encouraged to get back to the list. Brian
Rosen volunteered to look into this and come back with suggestions.
Hop-by-Hop Security:
- IPsec
- However:
- ESP
- transport
- keying
- Help!
-> Propose { ESP, Transport, IKE } on the list.
-> See what the reactions are.
Confederations
- collection of routes learned from peers all members of the same
consortium
- problems using community attribute
- maybe we need a new attribute?
- Do we need or want this?
Dave Oran: no idea where this came from? What to use it for? Also,
you will need security for this to be useful. In that case, why not
use the use the signer of the attribute as indicator of the
conferederation?
-> Seems reasonable. discuss on the list
WG Last Call to happen before next IETF
- There are three different types of routes belonging to H.323
-> a single value to idenfify a route belonging to H.323 may not
be sufficient
-> needs to be clarified with H.323 folks
However, there has been consensus in the past that RAS is not
something that needs to be addressed by TRIP.
Usage of TRIP for Gateway Route Exportation
-------------------------------------------
-Jonathan Rosenberg, Hussein Salama
Problem
- how do proxies/LS learn about gateways in their domain
- what addresses can they route to
- are they alive or down
- currently done through static configuration
Why not SIP REGISTER?
- semantics are wrong
- timing is bad
- scaling is bad
TRIP is an ideal solution
But TRIP is so hard...
- very small subset of TRIP needed for this
Minor change to TRIP
- wasteful if LS sends UPDATES to g/w
- use recv-only
Dave Oran commented that this mechanism also provides a sanity check
on the routes injected by the gateway -> double check that the
TRIP-IDs of all routes are identical.
Dean Willis commented that its preferable to configure gatways from a
central point rather than learning what the gateway can rech from the
g/w. In this case, this mechanism is not needed. The response was
that this is not routing; this is central configuration.
-> Comments were solicited to determine whether this work was
worthwhile to pursue.
CPL: Call Processing Language
-----------------------------
Jonathan Rosenberg, presenting for Jonathan Lennox
revision of CPL with a lot of changes
make it work for H.323 and SIP
- without making it work for the two independently
Changes from the previous version:
New structure: top-level actions
- <call> -> <incoming> + <outgoing>
- timezones
subactions
- similar to subroutines (instead of the previous "goto"s)
new switch: address switch
- string comparison is hard to achieve the right results
- does not work for H.323 at all
- define address-switch tag that is general purpose
- define semantics and map them to the respective protocol fields
new switch: priority-switch
change: string-switch
- removed glob matches
- case insensitive matching with locale independent normalization
change: time-switch
top-level attribute: timezone
- defines sets of timezones in format similar to timeswitch
Dave Oran commented that we don't need another format for
timezones. Rather than inventing one, why not reuse the format in the
config files for Unix? Conclusions:
-> some already well-defined way is definetely a nice-to-have
-> further input (e.g. on an XML standard for this purpose) is solicited.
change: added <not-present> output tag
- taken when desired field not in request
Lookup: changes
- added caller preferences integration
- source can now be URL
- added timeouts
New tag: remove-location
- allows for address filtering
Proxy tag: changes
- recurse (yes,no); ordering (parallel; sequential; first-only);
timeout
Other tag changes
- response -> reject
- notify -> mail (uses also mailto: syntax)
- mail loses failure output
Other model changes
- initial location list for local outbound requests
- default actions defined
Many open issues:
Open Issues: H.323 bindings
-> textual way to represent an H.323 URL
- What H.323 free forms strings should be matched?
- review needed from the H.323 community
Open Issues: language details
- timezone
- ok, we have proposal from today
- many other minor issues
Open Issues: identifiers and XML
- DTDs vs. Schemas
- input solicited
There was no other comments during the discussion. There were
generally nods of support throughout, indicating general support for
the changes.