IETF 47
Adelaide, Australia
Monday, 19.30 - 22.00

Minutes taken by: Joerg Ott
Minutes prepared by: Jonathan Rosenberg


Agenda Bashing
--------------

Agenda:

Agenda Bashing          5mins   Rosenberg
Status of docs          5mins   Rosenberg
Framework for IIN       15mins  Slutsman
TRIP                    45mins  Rosenberg
TRIP for GWs            15mins  Rosenberg
CPL                     45mins  Rosenberg

Agenda accepted w/o modifications.

Status of documents
-------------------

- CPL Framework
  - submitted to the IESG for Informational
  - approved & awaiting RFC #
- TRIP Framework
  - resubmitted in March
  - under consideration now

Framework and Requirements for the Internet Intelligent Networks
----------------------------------------------------------------

- presented by Lev Slutsman
[draft-lslutsman-sip-iin-framework.txt]

Outline
- Generalized IIN architecture
- transparent access from SIP network to traditional IN services
- Internet service creation
- API fo service creation

Transparent access to traditional IN services
- Motivation
  - PSTN and VoIP network will coexist for some time
  - reuse of h/w (SCP, SN, SMS), software, service logial
  - time-to-market for introduction of VoIP services
  - proposes to include access to traditional IN together
    with IP-based service creation (CPL, CGI)
  - APIs

Generalized IIN Architecture

Traditional IN Architecture

Arhictecture (cont.)
- based on remote execution logic
- SoftSwitch layer makes SCP believe that it deals with switches
- challenge is to map SIP FSM onto SSP FSM

Internet-based service creation
- The execution of the service logic takes place on the server

Generalize IIN Architecture
- how to invoke service logic (e.g. script)
  - use a trigger database
    - trigger + ordered list of programs to be executed
    - trigger = SIP-call-leg + State
  - in addition, information that comes with a message, along with
    "global" variables are used by service logic

Two approaches proposed:
* The Distributed Service Creation Environment
* The Centralized Service Creation Environment

There were no comments on this work.


TRIP Changes
------------
- Jonathan Rosenberg

Overview
- Authentication Attribute
- Intra-domain Flooding algorithm
- Removal of Marker
- Next hop can be IP address or domain name
- LocalPreference must be used as received
- Minor attribute semantics

Auth Attribute
- list of signatures
- each signature is over a specific attribute
- signature data includes
  - ITAD of signer
  - TRIP ID of signer
  - Auth Algorithm
  - Signature
- Signature covers ReachableRoutes and attribute

TRIP Internal Flooding
- purpose: sync the database of all LSs within a domain
- method: link-state based
  - topology determination
    - contains peering relationships at each LS
    - allows LS to determine internal topology
    - peering changes flooded to all LSs

- ITAD topology:
  - a list with identifiers of an LSs internal peers
  - flooded to peers when peering changes
  - strictly intra-domain
  - link state encapsulated attribute

- Link State Encapsulation
  - purpose: detect loops
  - applies to three attributes
  - contains sequence number and originator

TRIP databases
- Adj-Trib-In
- Adj-Trib-External
- Loc-Trib: one per LS
- Adj-Trib-Out: one per external peer

Flooding of Routes
- if Adj-TRIB-External changes
- status of a route originating at LS changes


Receiving Flooded Routes
- check if its a loop
  - looped if originator = me
  - received a route with same SN already in DB
- if no loop, check if its newer than route in DB. If so, add.

Route Selection
- run on Adj-TRIB-Ins of peers and Adj-TRIB-External

The point was emphasized about the need for the TRIB-External. Its
main purpose is to enable faster convergence. When an internal peer
crashes, all other internal peers already have the best external
routes, and so they can all switch to this one, rather than waiting
for the new best route to be propagated.

Withdrawing routes
- must hold withdrawn routes for some time 

Removal of Marker
- original purpose was Auth and Sync in BGP
- we don't need it for Authentication
  - using IPsec
- not actually used for synchronization
- removed it

Next Hop Address formats
- previously, was just IPv4 and IPv6. Want to add domain name.

motivation: DNS support for load balancing can be used,
            also allows indirection step

Dave Oran asked why we should even bother with IPv4 and IPv6. Rather,
just use domain names. After all, this is an application layer
protocol, not a layer 3 routing protocol. In any case, you can always
allow IPv4 or IPv6 addresses as strings, just like a domain name.

-> domain names only?: significant enough issue to take it to the
   list, but there seemed consensus to do it.

Local preference
- clarification that local preference must always be used, and not
recomputed.

Attribute Flags
- some clarifications

Pending Changes
- TRIP port number: 6069
- addition of community attribute
- send/recv/send-recv capability

Community Attribute
- found many uses in BGP4
- probably useful for us
- optional
- may as well include it now

Send/Receive/SendReceive
- useful for an LS to declare it will only
  - send routes
  - receive routes
  - both
- default is both
- if receive only, peer LS must not send
- send-only applications (gateway, next presentation)
- receive only application (monitoring systems)

Dave Oran expressed some concerns about send only and receive only. In
particular, an LS which was send only to some peers and receive only
to others could cause bizarre topology problems that foul things
up. Thus, this capability must apply to the LS, rather than its
relationship with peers.

Open Issues:
- the list is getting smaller
- Main issues
  - default timer values
  - usage of TRIP IDs
  - authentication mechanisms
  - Hop by hop security
  - Confederations

Default Timer Values
- taken from BGP4 timer defaults
- new one: max purge time

Comment: IS-IS uses 90 minutes for this timer; we may want to follow
suit. Do we want to change any of the other ones? It was noted that
you can always change the value of some of these (like the keepalive
timer), and that we were really discussing the default. In that case,
it may not matter.

Usage of TRIP IDs
- spec says it can be different for each external peer
- If you do monitoring, you may want to use the same TRIP ID

Authentication mechanisms
- used in auth attribute
- none are currently specified
- probably not a bad idea to have just one
- Proposals?

-> None so far.  People are encouraged to get back to the list. Brian
   Rosen volunteered to look into this and come back with suggestions.

Hop-by-Hop Security: 
- IPsec
- However:
  - ESP
  - transport
  - keying
  - Help!

-> Propose { ESP, Transport, IKE } on the list.
-> See what the reactions are.

Confederations
- collection of routes learned from peers all members of the same
  consortium
- problems using community attribute
- maybe we need a new attribute?
- Do we need or want this?

Dave Oran: no idea where this came from?  What to use it for? Also,
you will need security for this to be useful. In that case, why not
use the use the signer of the attribute as indicator of the
conferederation?

-> Seems reasonable. discuss on the list

WG Last Call to happen before next IETF

- There are three different types of routes belonging to H.323
  -> a single value to idenfify a route belonging to H.323 may not
     be sufficient
  -> needs to be clarified with H.323 folks

However, there has been consensus in the past that RAS is not
something that needs to be addressed by TRIP.

Usage of TRIP for Gateway Route Exportation
-------------------------------------------

-Jonathan Rosenberg, Hussein Salama

Problem
- how do proxies/LS learn about gateways in their domain
  - what addresses can they route to
  - are they alive or down
- currently done through static configuration


Why not SIP REGISTER?
  - semantics are wrong
  - timing is bad
  - scaling is bad

TRIP is an ideal solution

But TRIP is so hard...
- very small subset of TRIP needed for this

Minor change to TRIP
- wasteful if LS sends UPDATES to g/w
- use recv-only

Dave Oran commented that this mechanism also provides a sanity check
on the routes injected by the gateway -> double check that the
TRIP-IDs of all routes are identical.

Dean Willis commented that its preferable to configure gatways from a
central point rather than learning what the gateway can rech from the
g/w. In this case, this mechanism is not needed.  The response was
that this is not routing; this is central configuration.

-> Comments were solicited to determine whether this work was
   worthwhile to pursue.

CPL: Call Processing Language
-----------------------------
Jonathan Rosenberg, presenting for Jonathan Lennox

revision of CPL with a lot of changes

make it work for H.323 and SIP
- without making it work for the two independently

Changes from the previous version:


New structure: top-level actions
- <call> -> <incoming> + <outgoing>
- timezones

subactions
- similar to subroutines (instead of the previous "goto"s)

new switch: address switch
- string comparison is hard to achieve the right results
- does not work for H.323 at all
- define address-switch tag that is general purpose
- define semantics and map them to the respective protocol fields

new switch: priority-switch

change: string-switch
- removed glob matches
- case insensitive matching with locale independent normalization

change: time-switch

top-level attribute: timezone
- defines sets of timezones in format similar to timeswitch


Dave Oran commented that we don't need another format for
timezones. Rather than inventing one, why not reuse the format in the
config files for Unix? Conclusions:

-> some already well-defined way is definetely a nice-to-have
-> further input (e.g. on an XML standard for this purpose) is solicited.

change: added <not-present> output tag
- taken when desired field not in request

Lookup: changes
- added caller preferences integration
- source can now be URL
- added timeouts

New tag: remove-location
- allows for address filtering

Proxy tag: changes
- recurse (yes,no); ordering (parallel; sequential; first-only);
  timeout

Other tag changes
- response -> reject
- notify -> mail (uses also mailto: syntax)
- mail loses failure output

Other model changes
- initial location list for local outbound requests
- default actions defined

Many open issues:

Open Issues: H.323 bindings
-> textual way to represent an H.323 URL

- What H.323 free forms strings should be matched?
- review needed from the H.323 community

Open Issues: language details
- timezone
  - ok, we have proposal from today
- many other minor issues

Open Issues: identifiers and XML
- DTDs vs. Schemas
- input solicited

There was no other comments during the discussion. There were
generally nods of support throughout, indicating general support for
the changes.