Internet Society Frontpage

Search/Site Map Membership
About the Internet Standards
Publications Public Policy
About ISOC Education

Internet Society Chapters 

ISOC Chapter membership Chapter News Frequently Asked Questions Policy for Establishing New Chapters Guidelines for Chapter Organizers Form a Chapter List of Chapters Services Meetings Chapter Elections Project Funding Initiative ISOC Monthly Newsletter
Become an ISOC Member

Meetings

Informal discussion with the IETF

Date: 26 July 2007, 8pm-10pm 

Place: Palmer House Hilton
            Wabash Parlor on the 3rd Floor
            17 East Monroe Street
            Chicago, IL 60603

An "informal discussion" session was being held in conjunction with the IETF Chicago chapter and the IETF. A panel comprised of the following people all of whom have technical expertise across a wide variety of areas was available in a "Questions and Answer" session:

  • Brian Carpenter, IBM/Former IETF Chair
  • Olaf Kolkman, NLnet Labs/IAB Chair
  • Danny McPherson, Arbor Networks/IAB member
  • Dave Oran, Cisco/IAB member
  • Lixia Zhang, UCLA/IAB member

Questions and Answers

  1. What is IETF doing about evolving threats in their Working Groups?

    Danny: Unwanted Traffic and Security crosses all the areas of the IETF and there is a lot of work going on in the IETF WGs on this topic.

    Dave: It is important to make protocols less perceptible to threats. Often adding features that mean to prevent threats, can be counter-productive. Some of those mechanisms over-react (for instance won't let any traffic through anymore). We need to be sufficiently aware of other work in other areas in the IETF.

    Olaf: There are a number of areas where the IETF does not do work and is not able to do work: virus, botnets, spam etc. The IETF develops protocols by which entities communicate. This is irrelevant of the content of that communication. You cannot see what it will be used for when the protocol gets developed. You can develop protection mechanisms, but you cannot forsee the actual data that is being transmitted.

    Brian: This is an important point. As an example: when the mail protocol delivers spam, it is exactly what it is supposed to do (from a protocol point of view).

  2. How will ICANN's current and future power and responsibilities affect the IETF and its work?

    Brian: The IETF does not do politics. There is an MoU between the IETF and ICANN which draws a precise line: IANA assigns technical parameters acccording to instructions it gets from the IETF. Except for policy questions connected to assignments of TLDs and IP address space (and here except for those that are used for purely technical reasons). As long as we stay within these boundaries, things are clear for the IETF (and we do not need to care about what TLD is delegated and why).

  3. What are the major future challenges for the Internet, near term and long term, and how do you propose to solve these challenges?

    Lixia: It is always hard to predict future, but looking at the past can offer some hints for the future. back in the early days of networking, there were two hard problems: congestion and routing. Over the years we seem to have grasped a good handle on the congestion problem. Not only we developed successful congestion control protocols but also technology advances helped us out tremendously. Congestion control can prevent congestion collapses, but good performance requires adequate bandwidth, which is met by technology advances.

    However routing remains a major problem today. It is not because we made no progress, but the problem has changed: the goal used to be picking the best, i.e. shortest path. Nowadays data must follow paths that costs the least money, i.e. complex policies got introduced in the routing. Also the global routing table is growing out of control. Late last year we passed the 200.000 threshold, today we have 240,000 entries, faster than linear growth.

    Besides the forever existing routing challenge, we now also face a new challenge of network security. This is a much tougher problem than scalability. However we should not be surprised that we have a security problem today. Some research papers blame that the original design of the Internet did not take security into account. But that is not entirely fair: initially it was designed for a specific environment that it was supposed to work within. The original designers of the Internet did a great job which enabled the Internet to grow to its current size.

    But we should keep in mind that a good design is not the sole enabler; without the evolution of technology, especially affordable and ever faster computers, the Internet would not have been able to grow like that. Unfortunately, "Everything that can be used, can also be abused." Affordable computers with Internet connectivity enabled innovations and changed the society, they've also been used by the bad guys to cause severe damages.

    Olaf: Indeed, the Internet grew more than anyone expected. There needs to be serious re-implementations (in form of evlution) to make scaling properties better, so the Internet can scale for the next 15 - 20 years. Those need to happen and to be paid for. We also want the Internet to be affordable by everyone. This is a challenge. The Internet is an important mechanism to make information accessible to everyone, also in developing countries. But we should also not forget that solving the scalability issues, will create more complexibility. Near term problems, in addition to routing problem, are that we still work on IPv4 and that IPv4 is limited and will run out pretty soon. IPv6 has been developed and it was expected that it gets picked up by the industry. Now transition to IPv6 is becoming more important and some problems are more pressing.

    Brian: There is a strong temptation for ISPs for trying to keep their dinosaur business models alive and for keeping their walled gardens (closed service with lower quality that cannot fully reach the Internet). WiMAx could become such a limited services. Not sure the IETF can do anythig about that except preach.

    Dave: Agrees. This is a substantial danger. This could cause serious fragmantation. He sees two other challenges: the nature of peer to peer traffic is substantially different than what we have seen before. The traffic profile is substantially different, we only now start to understand it, both economically and technically. Peer to peer traffic has the effect of finding spare bandwidth and using it. With the result that an ISP adds capacity and before it can make any profit, the bandwidth is already being used by peer to peer traffic.

    What is peer to peer traffic? People that are sharing traffic, legally or not legally. From a tehnical standpoint, they form on a dynamic community that holds everything they are interested in, they get pieces from each other. Traffic patterns look much more random and traffic engineering is much more challenging.

    Another challenge is the evolution of mobile devices. Today a very small fraction of them is Internet ennabled. This will grow enormously. Another one is 'things talking to each other on the Internet'. The number of these things can be extremely large. Every light bulb, switch etc. will have the potential to be Internet enabled.

    Danny: mobility and scalibilty are going to pressure the Internet. Another challenge is the convergence of various security threats: my ISP is sending me filthy water, all this junk is comming down my pipe, can my ISP not filter all that out? No, they can't. Most of the infrastructure does not allow segmenting traffic/service based on individual users.

    Marcos Santz (attendee): read the Unwanted Traffic Report. Since he read that he has nightmares. Can someone give me some comforting words to give me my sleep back.

    Brian: You are very right to be worried. Botnets are really really serious. We don't know how to deal with the botnet problem. BTW, it is not a problem of the network, but of the end system.

    Olaf: If you have sleepness nights, the report was a success. People need to be woken up. We also need to reach out to people outside the technical community. We are now orking with ISOC to do that.

    Brian: Many enterprises and organisations spend a lot of money in order to keep unwanted traffic out of their networks. But this is a small price to pay compared to not to do business on the net at all.

    Olaf: It is cynical, but the bad guys are interested to keep the net running, because they want to use it to do their bad business.

    Danny: I ran a lot of stats on those security threats. Worms are not used so much anymore, because they melted parts of the network and they were too visible. Nowadays threats happen much more quietly.

    Olaf: people who do this is are highly skilled. They probably cash big pay checks.

  4. The IPv6 address space, is there a name for this number?

    Olaf: 340 undecillian - 3.5. x 10_38 (340 trillion trillion trillion) That is not the amount of addresses that is really usable. It is basically chopped into halfs: 64 bits identify a station and 64 bits identify the individual network the station sits. Still many trillion addresses, we don't think we will run out of addresses very soon.

  5. Is the impact of the IPv4 to IPv6 transformation as big as Y2K? And are there any reasons that we need to be concerned about this?

    Brian: It is different, because there is no drop-dead date. In terms of strategic planning, one should start now. The Regional Internet Registries will not have IPv4 addresses to hand out anymore in a few years. People think there will be a market, but at some point it will be cheaper to switch over to IPv6. But this will not be on a certain date like Y2k.

    There is a sense however, in which it is the same as Y2k: you have to check if your router and the rest of your equipment and software is IPv6 compatible. The devil is in the details.

    Dave: The problem is much worse than Y2k. Much of the industry is still only building IPv4. There are 2 - 4 million cisco IP phones that are incapable of IPv6. They do not even have enough memory to run dual-stack. There are million of devices being built every months that are not IPv6 capable.

    Danny: One of the big challenges with IPv6 is related to translating between IPv6 and IPv4. Transition is the wrong term. There will be IPv6, but IPv4 will still be around.

    Brian: The good news is that people start to understand that something has to be done.

    Olaf: But people really need ot start looking at their networks and see what needs to be done to move over to IPv6.

  6. It is possible that by 2016, Moore's Law will become null and void due to limitations of physics and current manufacturing technologies (photolithography). It is projected that the impact on the computing world will be a requirement to write better, more optimized software, because we could be stuck with the last fastest processor for several years. Does the IETF forsee any such disruptive events in the world of the Internet in the coming years?

    Brian: We're going to go more to parallel processing and other mechanisms. We also have to work on power issues, because otherwise the computer will be simply melting.

    Dave: This will hit the router community long before 2016. A lot of parallelism will have to be developed. (channelised inverse multiplexing. multiple physical chanel raising).

    Question from the audience: There is WiFi and WiMAX everywhere. The average person might think this is just magic. Are there other technologies? Is there a model to make this profitable?

    Danny: Is the question 'Who is subsidising it'? OK, I'll give you access, but I give you demographic based advertising for instance that pays for the access.

    Olaf: this kind of access is typiaclly for the World Wide Web and not for other applications that run over IP.

    Lixia: The value of the Internet lies on its applications. If we step up a level and look at a bigger picture, we may see a different view regarding whether (offering ubiquitous wireless access) is a subsidization, or is returning values elsewhere. One of the old research challenges was identifying killer applications. This is not an issue anymore: no one can predict what they may be, but we know for sure they will just come. Look at Myspace, Ytube, facebook, these killer app's keep popping up from nowhere, their inventors were nobody. And look at Wikipedia, which serves as a showcase on what the online community as a whole can accomplish. You give connectivity to people and you open the door to infinite innovations in great application

Extra Questions

7. Do you see China and the government's directions there asa threat to the Internet as we know it? If so, do you have any suggestions about how to handle this?

8. Given that the Internet will be a part of the battleground of 21st Century Warfare, do you have comments how this could impact the non-combatants (non-participants) who just want to use the Internet the way they normally do (i.e. e-mail, chat, news, blogging, etc.)?

9. Is the Department of Defense or the U.S. Intelligence Community working with the IETF for their exclusive, dedicated, secure Internet?

Copyright © 2007 Internet Society | Last Modified on 05 Feb 2008 | Privacy Statement | Contact us
Valid HTML 4.01! Valid CSS!