►
From YouTube: IETF98-BFD-20170327-1710
Description
BFD meeting session at IETF98
2017/03/27 1710
A
A
A
C
C
Ok,
so
this
blue
sheet
should
be
circulating
around
know
that
that
we
need
all
that
often,
but
we
could
be
able
to
get
a
room
when
we
need
one.
So
please
no
solutions,
so
that's
next
slide.
So
this
is
the
note,
well
you've,
probably
seen
mobile
times
already.
This
does
actually
say
that
anything.
You
say
in
the
mailing.
C
C
Things
slide
so
in
terms
of
things
that
are
in
a
zombie
draft
state.
The
mpls
did
is
basically
done
at
this
point.
Nobody
sings
be
super
interested
in
it.
We
still
need
to
clear
out
some
charter
stuff
without
Alvaro
and
make
sure
that
we
actually
get
that
off
the
Charter
at
some
point,
the
BFD
generic
authentication
and
sha-1
is
also
in
the
zombie
state,
but
courtesy
of
changes
to
the
data
tracker
they've
now
put
this
in
waiting
for
implementing
and
leave
it.
That
way.
C
C
So
BFD
mol
point
is
a
piece
of
work
that
we
do
need
to
close
off.
You
know
the
face
multi-point
document
does
have
implementation
at
alcatel
also
has
interested
several
other
vendors,
so
we
do
want
to
actually
push
this
one
through
standards.
The
active
tail
document
is
not,
basically,
you
know,
still
a
good
idea,
but
it's
unlikely
to
see
you
know
deployment
anytime
soon,
ish
our
general
ideas
that
we
want
to
publish
these
things,
ideally
within
the
next
IETF
cycle.
C
So
what
we're
going
to
be
doing
is
looking
for
a
document
shepherd
to
pick
these
things
up.
When
we
last
talked
about
this
at
ITF
96
know,
Greg
said
he
might
be
interested,
so
we
will
their
talk
to
Greg
and
see
if
he
wants
to
actually
carry
this
through
as
a
shepherd
or
no,
but
for
somebody
else
that
they
have
time
and
what
will
actually
be
doing
is
just
running
this
through
no
last
calls
will
be
working
with
outfit
I'll
make
sure
that
the
procedure
that's
documented.
C
So
the
draft
that
Greg
and
Jeff
come
Sura
have
been
working
on
for
basically
efb
over
mopey
chassis,
which
is
basically
the
same
thing
as
VF
p.m.
like
just
the
multi
chassis
environment
had
them
presented
IETF
96.
We
had
good
sense
of
the
room
at
that
time
that
the
work
is
in
scope
for
the
working
groups.
You
know
very
similar
to
the
VFD
em
like
stuff.
C
D
B
D
D
B
B
A
special
case
and
Jones
suggested
consider
bringing
this
work
too
I
Triple
E.
So
my
thing
is
that
I
don't
think
that
I
truly
will
be
interested
in
using
layer
3
protocol
to
monitor
layer
to
object,
so
the
interest
that
they
probably
will
work
on,
extending
1731,
for
example,
or
CFM.
But
what
I
would
like
of
others?
B
F
C
So
I
think
there's
enough
context
there
that
the
mailing
list
is
probably
the
best
place
to
have
this
discussion.
So
if
you
could
basically
frame
this
in
a
set
of
questions
for
the
working
group
to
discuss
on
the
mailing
list
that
that
offers
advanced
this,
this
is
not
the
first
time
we've
run
into
that
sort
of
headache.
Wit,
I
triple
e
before,
when
we're
doing
the
fdm
lag
in
the
first
place.
It's
it's
obviously
a
weird
mix
between
layer,
3
and
layer
2,
and
this
is
just
sort
of
the
opposite
end
of
the
equation.
C
G
Okay,
so
I'm
going
to
give
an
update
on
the
VFD
yang
data
model
next
slightly,
so
the
changes
in
drop
05
since
drop
03.
We
basically
not
two
sets
of
changes
that
make
the
first
ones
were.
We
fixed
the
the
were
compiled
issues
in
indy
03
version,
which
were
found
when
we
started
using
new
young
compilers,
and
also
the
biggest
change
really
was,
as
all
many
of
the
other
routing
models
were
doing.
G
What's
still
not
there
yet
d
/
DC
cv4
to
the
wires,
so
one
thing
I've
been
waiting
for
is
I.
Think
the
l2vpn
model
was
going
to
fair
amount
of
churn.
It
seems
to
be
more
stable.
Now,
there's
a
new
version
which
was
published
last
week,
I
think,
and
so
one
thing
we
have
to
decide:
I,
don't
if
it's
something
we
discuss
on
the.
F
F
G
C
Pause
on
the
slide,
so
in
terms
of
urgency,
whether
you
should
wait
on
the
VC
cv,
I
think
the
big
question
is
we're
getting
pushed
to
publish
yang
metals
and
I,
see
our
ad
hiding
in
the
back
of
the
room.
There
I
offer
that
you
so
then
why
no
is
actually
been
pushing
us
to
get
these
things
up.
Lished.
You
have
any
personal
sense
of
note.
Should
we
just
get
this
thing
out
and
put
in
the
augmentation
and
later
because
that
is
an
option
with
yang
or
you
know,
should
we
just
close
this
off.
H
D
H
D
C
G
I
mean
right
now,
the
way
it
is.
Is
you
go
to
base
model
and
then
all
the
VFD
for
each
organ
type,
basically
augments
from
there.
So
we
could
have
a
separate
module
where
it
yippee
for
a
store,
I
mean
I
could
even
try
there's
an
experimental
thing.
You
know
how
it
would
work,
the
current,
healthy
and
modeled.
You
get
confidence
that
could
work
up
in
the
future.
G
B
B
C
A
A
A
B
Yeah,
okay,
so.
B
B
Me
any
echo
messages
so
in
another
interesting.
B
Accordingly
and
in
current
give
the
yang
model
their
model
is
such
that
there
are
two
things
so
the
first
thing
the
model
includes
the
transmit
echo
interval
as
part
of
the
configuration
which
is
it
persistent
configuration
and,
second
of
all.
So
from
my
point
of
view,
echo
is
not
proactive
mechanism
as
a
synchronous
being
demoed,
but
on
demand,
and
in
my.
D
D
B
I'm
not
sure
that
on
demand
will
make
it
absolutely
impossible
to
do
this.
Correction
of
the
rate.
I,
though,
wonder,
is
that
if
we
reduce
the
number
of
messages,
that
will
mean
that
we
reduce
the
interval
and
will
change
the
state
machine
so
interleaving
with
the
ekka
messages,
determination
of
Thaler.
D
D
B
C
I
think
this
is
a
place
to
interject.
You
know
what
we
see
the
real
world
so
with
regard
to,
what
do
you
do
about
the
DFT
state
machine,
especially
when
it
sort
of
down
negotiates
it
is
part
of
running
the
echo
function.
What
we
tend
to
see
in
the
field
is
that
echo
is
there
to
say
that
I
am
taking
full
control
over
whether
I
consider
my.
D
C
Reachable
or
not
simply
by
the
fact
that
I'm
seeing
my
traffic
mutiny,
my
payload
is
my
choice.
Hi
verification
is
my
choice,
so
this
is
taking
it
a
bit
out
of
the
snake
machine
because
it
is
now
fully
under
control
of
the
initiator
and
I
think
the
FD
is
requesting
is
that
the
session
not
exceed
to
give
them
a
packet
for
second
rate,
so
it
is
to
some
extent
the
choice
of
the
implementation
as
to
what
it
wants.
Did
you
get?
What
I
think
this
does
and
towards
the
yang
module,
which
is
the
original
points?
C
Conversation
configuration
hasn't
changed?
No,
we
have
what
the
user
had
put
in
as
it's
the
tent
for
know
the
async
session,
and
also
for
the
echo
session
operationally.
You
know
we're
always
going
to
show
what
the
active
state
is
know
whether
you
know
we've
negotiated
our
timers
down
is
Carter
running
the
protocol
or,
if
we're
still
running
at
the
great
that
was
virtually
configured.
C
What
might
be
absent
from
the
model
that
maybe
you
could
offer
some
suggestions
on
is
when
we've
done
this
no
down
negotiation?
We
can
see
that
in
terms
of
the
settings
of
the
async
session,
whether
or
not
the
echo
function
has
any
sort
of
representation,
operational
state
I,
don't
think
that's
there
right
now.
I
can't
tell
that
echo
is
actually
in
progress.
I
can't
tell
what
it
happens
to
think
about
this,
and
the
problem
is.
C
E
B
C
In
terms
of
the
management
editing,
so
the
egg
module
that
we're
talking
about
it's
an
inherent
property
of
the
end
user,
so
I
would
not
expect
to
be
up
to
implementation
to
prod
the
yang
mult.
Initiate
a
echo
activity
is
its
way
of
interacting
with
BF
d.
Now
this
would
be
something
the
internal
software
into
the
place
where
you'd
want
to
expose
this
in
the
yang
module
is,
if
you
expect
the
end,
users
use
the
management
claim
to
actually
initiate
something.
C
C
D
B
C
B
B
I
So
today
I'll
be
talking
about
and
you
can
you.
C
I
I
We
actually
don't
have
to
authenticate
the
whole
package,
because
it's
expensive
when
packets
comment
line
great
it's
expensive
to
decode
the
authentication
on
the
entire
packet,
and
we
can
authenticate
parts
of
the
packet
and
the
part
of
the
package
that
we
want.
Your
tentative
is
the
sequence
number,
so
we
want
to
protect
that
and
that's
what
this
graph
talked
about
and
also
the
authentication
is
not
on
the
whole
package.
It
is
just
on
the
sequence
number
and
how
we
can
hide
the
sequence
number
from
all
intruders.
So
that's
the
reason
for
this
enhancement
so.
I
So
the
problem
is
that
sequence
numbers
increase
monotonically,
so
it
is,
it
becomes
very
predictable.
What
the
next
sequence
number
is
going
to
be.
So
when
that
happens,
it's
easy
for
the
man
in
the
middle
to
bring
down
the
PFD
session
or
take
control
of
the
deity
session.
So,
in
order
to
avoid
this,
we've
come
up
with
a
proposal.
I
When
you
hash
the
sequence
number
in
the
hash
algorithm
with
a
shared
key,
the
sequence
number
is
now
hidden
from
anyone
who
tries
to
intercept
the
package.
So
instead
of
placing
the
sequence
number
in
the
sequence,
number
field
or
the
packet,
you
place
the
hashed
value
in
the
sequence
number
of
accounts.
So
that's
the
high-level
solution.
I
I
So
the
sender
encodes,
the
sequence
number
using
the
shared
key
and
the
hash
and
the
receiver
decodes
the
sequence
number
using
the
reverse
hash
and
the
shake
the
expected
sequence
number
will
match
the
decoded
value
and
the
receiver
now
knows
what
they
expected.
Sequence
number
would
be
if
the
sequence
number
is
match
up
using
the
reverse
hash,
then
you
know
that
the
fact
it
is
good.
Otherwise,
you
know
that
the
packet
is
a
bad
product.
I
So
this
is
just
an
example
this.
This
is
just
an
example
on
all
the
sequence
numbers
that
would
have
individuals.
So
on
help
we
have
what
RFC
1558
uses,
so
it
uses
increasing
sequence
numbers
and
when
you
have
a
hash
with
a
shake
either
just
random
numbers
I
chose
is
to
show
that
the
the
array,
the
low,
is
basically
the
sequence
number
when
completed
in
hash,
with
a
shape.
I
So
in
1580
you
have
the
hash
on
the
whole
packet
which,
when
you
have
to
decode
the
hash,
it's
expensive,
because
it's
on
the
whole
packet.
But
here
this
is
just
on
a
32-bit
value
that
is
hidden
from
all
attacks.
Now
it
it
provides
a
level
of
security,
because
intruders
will
not
be
able
to
detect
the
sequence
number
and
hence
won't
be
able
to
bring
down
the
VNC
session.
I
C
So
we're
going
to
get
into
a
broader
discussion
is
after
the
next
presentation
about
now
the
optimizing
vfp
draft
will
be
doing
something
slightly
out
or
the
agenda
and
what
should
hopefully
become
a
parent.
You
know
from
the
update
is
this
mechanism
is
intended
to
address
the
one
of
the
problems
that
we
had
when
we
were
sending
you
know
unauthenticated
the
FD
packets,
in
the
clear
we
want
to
run
authentication
less.
How
do
you
run
event
occasionally
without
actually
making
ourselves
vulnerable
during
that
time?
Demand
in
the
Middle's?
I
C
And
what
sort
of
worth
pointing
out
is
that
this
mechanism
can
be
used
outside
of
the
FD
know?
Basically,
one
of
the
genetic
problems
IETF
has
is,
if
you
want
to
make
sure
that
you
have
some
piece
of
high
volume
data
PFD
being
an
excellent
example
of
that,
where
you
can't
afford
to
do
an
actual
hardcore
crew,
neck
action
like
no
sha
wan
xiao,
xu
et
cetera,
that
this
mechanism
for
data
that
has
a
short
lifespan
may
actually
be
a
good
way
to
provide
no
eating
great
security.
E
D
B
B
B
So
this
is
where,
on
the
suggestion
of
taking
what
is
already
our
tunnel
presented
in
terms
of
birth,
using
be
meticulous
sequence,
number
and
saying
that
if
we
were
to
hide
or
a
bunch
the
sequence
number,
then
we
would
be
actually
be
able
to
prevent
the
man
in
the
middle
attack.
In
the
cases
where
the
packet
is
going
into
clear.
On
next
slide.
B
C
B
D
B
B
B
C
B
Imagine
that
it's
like
a
authentication
as
a
bump
in
the
wire,
so
a
tent
occation,
gratification
being
shipped
to
control,
plane
and
I
have
a
high
rate
of
packets,
so,
let's
say
running
at
3.3
millisecond
and
let's
assume
the
control
plane,
it's
so
busy.
It
cannot
get
to
process
this
packets
in
the
next
seven
milliseconds,
but
so
happens
that
the
next
to
be
a
package
that's
supposed
to
be
processed
by
hardware.
B
That
was
so
what
I
have
I
have
one
packet:
that's
still
waiting,
processing
and
two
packets
being
lost
so
I'm
out
of
my
death
interval,
true
yeah.
So
in
that
particular
scenario,
you're
left
with
no
option
but
to
bring
the
session
dog
yes,
okay,
so
you
think
that
it
doesn't
have
to
somehow
change
their
validation
scheme.
So
that
leaves
this
packet,
that
being
accepted
and
sent
for
authentication
validation,
gets
counted
as
a
valid
packet.
B
E
Hesitate
because
it's
been
awhile
since
I've
read
this,
but
so
I'm
working
from
memory
right
rather
than
the
document,
but
it's
a
authentication
is
essentially
a
separate
process.
You
just
keep
receiving
the
packets
and
if
they
look
right,
you
assume
the
session
is
still
up
at
some
point
you
get
around
to
validating
whether
or
not
the
FN
occation
is
correct.
You
go.
Oh
damn,
there's
a
problem
that
happened
a
little
while
ago.
Let's
take
it
down
or
let's
set
off
an
alarm,
that's
the
only
trigger
that
is
associated
with
the
detection
of
an
authentication
problem.
B
E
A
D
B
Gian
I
think
what
Greg
is
referring
to
a
previous
option
he's
not
referring
to
the
suggested
changes
that
we're
making
he
you
know
previous
option.
We
had
recommended
that
every
so
often
every
one
second,
as
a
suggestion,
we
would
encrypt
a
pack,
and
in
that
case,
what
Garriga
saying
is
that
the
timer
will
expire.
Therefore,
the
system
will
have
no
option
but
to
bring
the
session
of
and
I
accept.
That
argument.
F
C
F
F
H
B
To
the
argument,
a
guy,
ok,
I'll
I
should
have
last
time
to
what
he's
saying
it's
not
just
that
it's
an
authentication
is
not
only
for
that.
Packet
is
taking
more
than
people
in
three
milliseconds.
It's
actually
taking
nine
point:
nine
milliseconds
for
the
authentication
to
succeed
before
for
you
to
be
able
to
say:
oh
I,
Kiva's
I
lost
three
packets.
Now,
if
you're
not
able
to
authentic
authentic
8
the
packet
in
nine
point,
nine
milliseconds
and
yes
you're
totally
out
of
luck,
you
probably
shouldn't
even
be
doing
authentication
to
begin
with.
B
D
B
That's
not
a
problem
if
performance
is
not
a
problem,
then
why
we
do
it
theoretically,
why
we
not
authenticate
each
and
every
tech?
Okay
right,
I
know
for
a
fact
that
authenticating
every
packet
at
3.3
million
seconds
is
a
problem.
What
we
don't
know
is
that,
if
indicated,
every
nth
packet
is
a
problem,
I
agree.
We
won't
be
proposing
this.
F
D
F
B
B
C
If
you
increase
the
numbers
on
one
thing,
you
change
know
what
you
scale
on
the
other
ones.
So
if
you
could
support
authenticating
one
out
of
n,
that's
great
but
as
Greg
points
out,
if
you
make
end
big
enough,
you'll
eventually
run
into
enough
of
indications
happening
potentially
at
the
same
time,
because
you
know
some
level
of
headache,
one
thing
that
the
FD
tries
to
give
us
to
help
with
the
situation.
C
B
Not
specifically
with
authentic
this
form
of
authentication,
the
difference
between
no
authentication
and
full
authentication
was
I
believe
one
in
five,
so
the
numbers
dropped
one.
Fifth,
if
you
for
the.
F
C
So,
in
terms
of
the
actions
that
come
out
of
this
I
think
we're
probably
slightly
premature
on
last
call:
you
did
the
procedures
I
think
are
well
understood.
You
know
it's
just
a
matter
of
how
do
we
hold
in
the
procedures
from
sonals
draft
to
cover
the
situation's
we
knew
where
problems
some
of
that
includes.
You
know
how
we
actually
do.
The
initial
sequence
number
discovery
in.
C
Of
the
sequence
numbers
for
the
cases
worth
buying
that
mechanism,
so
I,
don't
think
we're
ready
for
last
call,
but
no
certainly
after
integration-
they
probably
are.
What
this
does
mean
is
that
now
we
would,
as
part
of
this
work,
also
need
to
take
up.
Sonals
draft
is,
you
know,
basically
dependent
draft
and
therefore
make
it
a
brick.
Your
baptism
is
that
what
you're
looking
for
yes.
B
C
Assume
so,
but
you
know
you
always
have
to
ask,
so
what
we'll
be
doing
is
part
of
you
know.
The
post-meeting
stuff
is
putting
out
an
adoption.
Call
for
this.
Make
sure
that
the
briton
group
agrees,
and
hopefully
we
probably
said
it
for
about
two
weeks
after
I
ETF
is
complete
and
the
two
of
you
can
sort
of
work
together
on
making
sure
that
no,
your
solos
draft
is
actually
covering
procedures,
know
that
are
sort
of
generic
and.