By: Mirjam Kühne
Date: November 7, 2006
In its return to San Diego – city of the first IETF meeting and site of five others – IETF 67 drew nearly 1,200 participants from 41 countries. IETF chair Brian Carpenter offered a warm welcome to participants and special thanks to Siemens for hosting the event and for providing outstanding networking facilities. Together with Siemens’ staff, countless volunteers ensured excellent WiFi coverage, including in the bars and at the pool. Brian also expressed gratitude to Afilias for its sponsoring of the welcome reception.
A Fond Farewell to Joyce Reynolds
On behalf of the entire IETF, Brian and Internet Architecture Board (IAB) chair Leslie Daigle publicly thanked Joyce Reynolds for her longtime involvement in and contribution to the IETF. Joyce had announced in October 2006 that she was stepping down from her position with the RFC Editor team after having served the IETF community for more than 20 years. She began as an Internet Assigned Numbers Authority (IANA) staff member under Jon Postel and ultimately became coleader of the RFC Editor function. In the 10 years beginning in 1988, Joyce also organised and led the User Services Area of the IETF. At the IETF meeting in San Diego, she received an award from the Internet Society (ISOC) and a standing ovation from the IETF community. Joyce expressed her gratitude to the community, saying, “It has been a lovely ride.”
IETF administrative director Ray Pelletier reported that a significant budget surplus followed IETF 66 that is now expected to be returned to the IETF Administrative Support Activity (IASA) budget. Ray also announced that a request for proposal (RFP) for the RFC Editor function was issued and a letter of intent has been signed with the Information Sciences Institute of the University of Southern California (ISI), the organisation that fulfilled this function over the past years. In addition, Ray reported on the recent publication of two FAQs: The first is on the use of request-for-comment (RFC) material by third parties, and the second is on the use of the IETF logo and trademarks. In addition to that, the text for a service-level agreement with the IANA has been finalised. Ray also announced that the Web site for the IAOC has been moved to http://iaoc.ietf.org. A full report can be found there. Finally, the current chair of the IETF Nominations Committee, Andrew Lange, urged everyone to nominate candidates for open positions in the IAB, IESG and IAOC.
Jonathan B. Postel Award
The Jonathan B. Postel award was established by the Internet Society to honor those who have made outstanding contributions to the data communications community. For the first time since the program began, two individuals have been chosen to receive the prestigious award: Bob Braden and Joyce Reynolds, both of whom are being recognised for their stewardship of the RFC series, which enabled countless others to contribute to the development of the Internet. They each received a crystal globe and $10,000. Bob and Joyce expressed their appreciation to the community and to ISOC for the honor. The IETF and ISOC also recognised Jonne Soininen of Nokia and Olle Viktorsson of Ericsson for hosting IETF 65 and IETF 66, respectively.
Open Discussion Focuses on Legal Issues, Remote Participation in Meetings
Following presentation of the Postel award was an open-mike discussion, much of which was dedicated to reviewing particular aspects of the new secretariat contract and the IETF Trust. One participant expressed his interest that tools for the IETF will soon be developed through an open committee process rather than being contracted out to the IETF secretariat, as is the case now. Ray Pelletier and IAOC chair Lucy Lynch said they are working with the secretariat on an agreement for support services. “If we are not satisfied with the proposal, we will open it up” said Ray. Brian added that one of the tools being considered is a mechanism for metadata interchange between tools, which is expected to simplify the process of decoupling tools in the future.
Others expressed concern that with the development of tools to support remote participation, IETF meeting revenue might decrease. However, statistics show that this does not seem to be the case. While tools that facilitate remote participation appear to be useful if meeting attendance is not possible, there is no evidence to suggest that remote participation offers the same value as face-to-face participation.
IETF 67 Technical Plenary
Leslie Daigle announced publication of two IAB documents as RFCs: RFC 4690 “Review and Recommendations for Internationalised Domain Names (IDNs)” and RFC4691 “Guidelines for Acting as an IETF Liaison to Another Organisation.”In addition, a number of IAB internet-drafts are currently under way. A full list can be found on http://tools.ietf.org/group/iab.
Last October, the IAB held a workshop in Amsterdam on routing and addressing. A report is expected to be released shortly on www.iab.org.
IAB Workshop on Unwanted Traffic
In March 2006, the IAB held a workshop in Marina del Rey at the University of Southern California titled Unwanted Traffic. Danny McPherson and Loa Andersson provided a readout from that workshop to the plenary session.The purpose of the workshop was to raise awareness of unwanted traffic that is proliferating on the Internet today, including spam, (D)DoS attacks, viruses, and worms. The ratio of unwanted to desired traffic is increasing, and infected hosts stay on the Internet for a long time.
The most common forms of unwanted traffic began as worms and viruses that are designed to wreak havoc on the network and that have evolved to include self-propagating malware, which compromises hosts and enables command and control infrastructure, as well as service platforms that facilitate malicious activity. New forms of unwanted traffic include, for example, Code Red (DDoS against an IP address), Blaster (DDoS against hostname), and Deloder (arbitrary DDoS toolkit). DDos was initially designed for botnet threats, but today it encompasses a multitude of functions that are, for the most part, motivated by financial gain but are sometimes also employed for political or religious purposes.
Workshop participants assessed the current situation and examined possible countermeasures. One of their findings points to a huge underground economy that drives most of the unwanted traffic. This underground economy is a virtual shopping mall where one’s belongings and assets are bought and sold by criminals who use the tools developed by the Internet community. Due to the vulnerability of host platforms and a lack of education, which prevents protection, no meaningful deterrence exists. Prosecution of the criminals who perpetrate these crimes is extremely difficult, especially in an international environment. And service providers aren’t inclined to take proactive measures, mainly because few tools exist to prevent attacks and because there is no clear return on investment if they did.
It was suggested that the IETF and the Internet community step up discussion on this issue and look for the right balance in terms of solutions. New cryptographic mechanisms could stem the tide of unwanted traffic but could also curtail openness and increase the network’s level of complexity. Hackers are savvy, tenacious, and highly adaptive, and it is commonly understood that they can often outmaneuver any attempts at self-defense.
What can be done in the near and long term to protect the Internet?
- Tighten security of the routing infrastructure
- Clean up the Internet Routing Registry (IRR)
- Take down bots and botnets
- Educate the community
- Raise the bar on layer security
Members of the Internet technical community are encouraged to update documents on host and router requirements as well as the RFCs on ingress filtering; the IAB should continue to raise awareness throughout the community; and the Internet Research Task Force (IRTF) would benefit from becoming thoroughly acquainted with all aspects of this underground economy so that the research community can work on effective countermeasures.
While the situation appears to be worsening, with growing awareness of the problem certain first steps toward effective solutions can emerge.
For a full report of the IAB workshop on Unwanted Traffic, see www.iab.org.
Audience response to the discussion was one of support and an understanding that effective solutions will require community effort. Security needs to be addressed at all levels, including among vendors and users and as part of the protocol design. “Even at IETF meetings, security is often an afterthought,” said Merike Kaeo. “It is not often an integral part of the protocol design from the start.”
IAB Routing and Addressing Workshop
The Internet’s routing system appears to be facing a set of serious scaling problems, and many backbone operators are of the opinion that none of the existing IETF initiatives provides a complete set of solutions. In response, the IAB organised a routing and addressing workshop in Amsterdam in October 2006. Sponsored by ISOC, the RIPE NCC, NLnetLabs, and Cisco Systems, the workshop brought together 38 backbone operators, hardware designers, and individuals running enterprises, many of them from the IAB, the IESG, and the IRTF. The group met to develop an understanding of the problems operators face with today’s routing and addressing system and to find ways to use that information to inform the IETF process. Dave Meyer and Chris Morrow provided an overview of the workshop material.
Data suggests that current trends in the growth of routing and addressing are not scalable in the long term due mainly to the rapid growth that resulted from multihoming and traffic engineering. Unfortunately, when it comes to routing, IPv6 is not significantly different from IPv4; it shares many of the same properties and scaling characteristics.
Statistics presented at IETF 67 sparked a heated debate about the actual growth curve as well as underlying assumptions, with questions being raised about whether the growth is exponential, polynomial, or linear. According to Dave Meyer, who defended those who are working on the statistics, it’s not an easy task to analyse the data, project the growth, and produce the graphs.
According to the data presented, the Internet community is expected to switch on IPv6 at the same time and run it in parallel with IPv4. Not everyone agreed with that assumption, even though it is generally agreed that IPv4 will be around for a long time and that the scalability of the routing system is an urgent problem. As Peter Lothberg said, “There are things we can’t do with today’s architecture, which limits functionality for users.”
Another important finding from the workshop was that the use of IP addresses for both identifier and locator is becoming problematic. Workshop participants expressed the belief that a solution to overloading may solve the mobility and multihoming problems. They also examined the trade-offs inherent in SHIM6 and GSE and agreed that long-term solutions must take into account the anticipated order-of-magnitude growth in today’s new mobile end devices. At the moment, costs and benefits in current practices are not aligned.
The workshop concluded with a few recommendations:
- The problems are urgent.
- We need to reach out to all stakeholders – not just backbone operators but also content providers, enterprises, application developers, and vendors.
- Solutions must be developed in an open and transparent manner and must engage as many people as possible, including the research community.
- Interim solutions could buy time.
- A road map with next steps, intermediate steps, and long-term steps needs to be established.
Leslie Daigle assured attendees that the IAB and IESG are taking the problem seriously and will be facilitating the process; however, more input from all stakeholders and experts is needed. It is clear that unprecedented, coordinated action is needed and that more open discussion of the issues is required. Several actions are currently being considered, such as (1) creation of a group to help track the situation and monitor progress and (2) development of additional IAB workshops pertaining to this topic.
Leslie encourages everyone to review the existing material atwww.iab.org/about/workshops/routingandaddressing/ and to engage in existing or propose new WGs. There is also some ongoing discussion on [email protected].
Sam Hartman reminded attendees of previous work on this topic, including a presentation by Radia Perlman, given during the plenary session at IETF 53 in Minneapolis.
Bob Hinden said he was pleased that the IETF community is starting to again work seriously on routing. “The routing is not that different between IPv4 and IPv6,” he said. “When we approach this problem, we should not restrict ourselves to how we handle things today and how routers work today. We probably need to replace BGP [Border Gateway Protocol].”
In conclusion, plenary attendees were asked whether they’d be interested in participating in a BoF in an effort to address the issues related to this topic. Many hands went up – an indication that the first step might be a plenary-size BoF at the next IETF meeting. All IETF 67 presentations can be found atwww.ietf.org/meetings/past.meetings.html.