►
From YouTube: IETF114-HACKATHON-20220724-1800
Description
HACKATHON meeting session at IETF114
2022/07/24 1800
https://datatracker.ietf.org/meeting/114/proceedings/
A
A
A
B
B
So
if
you
haven't
familiarized
yourself
with
it
already,
maybe
before
you
present
see
what
you're
signing
up
to,
but
it
basically
covers
the
ietf
rules
and
procedures
and
and
when
you're
sharing
something
here
that
that's
an
ietf
contribution
the
presentation
that
you're
sharing
so
the
agenda.
We
came
to
this
point.
B
It's
about
two
o'clock,
we're
going
to
get
started
with
the
presentations
and
and
some
people
have
been
asking
about
the
order
and
the
order
is
going
to
be
based
on
the
order
in
which
they
basically
got
put
into
the
github
repo,
because
they're
getting
pulled
from
the
github
repo
being
pulled
into
meet
techo
and
then
we're
gonna
go
through
them
and
meet
teca.
So
the
first
one
is
this
one,
because
I
uploaded
it
yesterday
and
they're
just
so:
they're
not
appearing
in
alphabetical
order,
they're
appearing,
even
though
they
might
look.
B
That
way
in
github
it's
basically
based
on
when
they
came
in.
If
you
don't
have
your
presentation
in
yet
we'll
be
looking
for
it
to
get
uploaded
to
github,
and
we
will
try
to
pull
it
in
so
you'll
probably
be
more
toward
the
the
end.
But
you
know
I,
so
I
can't
tell
you
exactly
when
your
presentation
is
going
to
be
if
anyone
has
a
a
real
challenge
with
time.
B
I
know
one
person
who
does
we're
going
to
try
to
fit
that
person
in
at
a
very
specific
time,
otherwise
we're
going
to
basically
go
through
them
in
order.
If
you
happen
to
not
be
here
when
we
get
to
yours,
we'll
come
back
again.
So
so
you
know,
don't
worry
too
much
about
that,
but
just
to
make
it
flow
smoothly.
We'll
try
to
go
through
an
order,
and
we
can
try
to
give
you
a
heads
up
too
as
to
which
one's
next.
B
B
These
are
short
four
minutes
at
the
absolute
most,
if
you
can
do
it
in
less
that's
fantastic
because
we
have
like
20
or
more
of
these
to
get
through
and
we
need
to
get
through
them
all
with
the
changes
over
and
you
know
speaker
and
that
within
two
hours,
so
we'll
have
more
time
for
more
in-depth
discussion
later
on,
and
maybe
I'll
just
pull
that
up
now
too.
While
I'm
thinking
about
it,
I
think
the
next
slide
I
have.
This
is
a
little
slow.
B
Oh,
so
this
is
the
github
repo
that
your
slides
need
to
be
in
and
the
longer
time
for
presentations
will
be
a
hack
demo
happy
hour
tomorrow.
We'll
have
a
whole
hour
when
you
can
sign
up,
you
can
be
here
and
you
can
have.
You
can
talk
to
someone
for
an
hour
if
you
want
about
all
that.
You
did
so
today.
Just
try
to
get
the
the
main
points
across
okay
and
with
that
we
are
going
to
go
to
the
the
next.
The
first
project
presentation.
B
Let's
see
so
the
first
one
I
see
is
sdn
based
mp,
tcp,
aware
and
mp
quick,
aware,
transmission
control
model
and
it
keeps
going.
But
hopefully
that's
enough.
You
know
it's
you
anyone
here
to
present
that
one,
the
next
one
after
that
is
bmwg,
but
what
about
the
sdn
based
mp,
tcp
and
mp?
Quick,
no
one
here
for
that
one.
C
D
D
D
I'm
I'm
sorry
hot
forgetting
next
yeah
yeah,
so
yeah
yeah
yeah.
So
so
our
plan
is
we
can
we
can
see
the
user.
One
has
a
two
parts.
One
password
is
a
wi-fi.
The
other
one
is
the
firew
g,
the
other
user.
Two
also
has
to
pass
wife
wifi
at
the
firewood
g
and
the
car.
The
sdn
controller
is,
is
the
elgo
climate.
D
D
D
D
D
B
C
C
So
that
was
the
plan
for
all
our
hackathon
events.
The
providers
have
been
looking
to
resolve
for
the
different
considerations
that
we
have
mentioned
in
our
draft,
so
it's
all
about
masking
container
level
performance
with
the
various
developers,
acceleration
model
and
different
configuration
settings
next
slide.
Please.
C
So
what
we've
done
so
far
is
that
we
have
a
provide
the
marketing
result
for
sake,
user
space
magnetic
with
srov
and
a
combined
model
with
iov
and
vdp.
We
also
done
some
we're
looking.
We
saw
with
different
configuration
with
new
map
hps
and
cv
chains,
so
based
on
the
lead
on
the
right
side.
What's
the
left
is
the
epf
access
model?
So
exactly
what
we
focus
on
this
hacker
next
id.
C
So
we
implement
the
epf
association
model
using
the
af
hdb
and
obvs
dpdk
d
switch.
So
for
the
package
transmission
between
the
nic
card
and
display,
we
use
af
hdp
with
a
new
socket
available
from
linux
kernel
greater
than
480,
and
that
fsdp
allow
a
touch
evpl
program
in
the
xdp
hook
as
a
canonic
driver
to
transmit
packaged
user
play
and
by
passing
the
connector
stack
to
associate
to
accelerate
the
packet
changes
in
performance
and
for
the
packaging
mission
we
can
use
the
spraying
container.
C
We
use
ovdk
with
af
hdb
supported
version,
so
this
one
allows
us
to
create
af
hdb
port
to
promote,
promote
the
promote
driver
to
point
the
packet
from
the
atp
socket
and
for
champions
packet
from
the
restrict
to
the
dpdk
port.
We
use
a
rehost
user.
Let's
try
this,
so
these
are
mamakin
tesla.
So
is
the
same
with
our
previous
hackathon,
so
we
use
intel
the
card
until
twenty
point:
zero,
four
for
the
newest
kernel
and
the
eu
mantis
cni
for
profile,
multiple
interface
for
the
core
and
for
support
of
atpk.
C
So
about
the
results,
so
we
observed
that
the
oes
af
adp
had
a
pretty
much
similar
result
with
osdbtk,
but
significantly
lower
behind
sr,
iov
and
ddp.
So
we
think
that's
the
results
like
at
the
v
host
user
and
virtual
pmd
path
between
the
container
and
the
v3,
which
is
the
same
result.
That's
why
obviously
decay
lower
performance
than
vdp.
So
we
think
that
if
we
can
sdp
with
the
pvp,
which
is
a
one
that
support
and
mimic
interface,
then
the
performance
will
be
similar
with
the
necessary.
C
So
in
our
upcoming
hackathon,
so
we
want
to
continue
to
explore
the
result
of
the
memory
result
of
ebpf
assassin
model.
So
we
consider
three
variations.
The
first
one
is
the
ax
atp
with
the
vpp.
Then
the
cloud
native
data
plane,
the
cndp
which
is
a
new
cloud
native,
is
a
spray
framework.
Developer
intel
just
first
released
in
april,
look
into
the
fctp
and
bep,
and
the
third
one
is
a
civilian
and
evc
based
cni.
C
C
C
B
B
B
E
F
F
F
B
F
G
Good
pleasure
to
make
a
presentation
here
to
share
my
project
with
you.
This
slide
shows
our
hackathon
plan.
The
plan
consists
of
two
parts:
the
people,
implementation
of
msr6be
and
the
emulations
based
on
intel,
tofino
switches.
Some
related
documents
are
listed
below
here
is
a
schematic
of
the
msrbe
that
enables
the
source
indicating
the
explicit
duplication
of
multicast
and
functionally
implements
beer
to
transport
multicast
traffic
in
a
scalable
manner.
H
G
And
each
bit
in
the
bit
string
represents
a
receiver,
as
shown
in
the
figure.
So
how
does
a
multicast
b
string
works?
We
introduce
the
principle
of
rjp,
which
means
replication
through
global
between
as
a
new
type
of
activities,
destination
options
header
using
the
code
point
of
non
mpls
via
header
rgb
is
used
to
identify
the
replication
endpoint
and
realize
the
function
of
beer.
G
We
implicate
the
demos
based
on
p4
and
conduct
some
simulations
based
on
hardware
people
switches
here
shows
some
realized
functions.
As
the
figures
show,
the
rgb
option
is
encapsulated
and
decapitated
according
to
the
ipv6
destination,
address
figure,
3
shows
the
function
of
eift
and
the
figure
4
educates
the
forwarding
and
the
copying
of
these
strings.
G
The
emulation
setup
consists
of
two
hosts
two
v4
switches
and
one
ipv6
switch
here
will
distance
so
our
hardware
equipment.
Next,
I
will
show
our
results.
It
can
be
seen
from
the
results
that
the
msr6
pe
is
valid
in
explicit
of
least
depletion
and
forwarding,
and
it
is
compatible
with
ipv6
forwarding
in
processing,
latency
duplication
and
the
encapsulation
of
rtb
often
costs
318
and
315
nano
100
seconds
respectively.
G
B
I
So
hello,
I'm
matthew,
I'm
here
on
behalf
of
the
also
working
group
from
yale
and
in
this
hypatia
we
were
focused
on
optimizing.
Large-Scale
global
data
transfer
for
scientific
networks,
so
also
working
group
has
started
to
work
with
a
scientific
data
transfer
stack
from
the
early
days
of
2022.,
so
in
hackathon
130
we
are
focused
on
integrating
also
with
true
seo,
which
is
a
data
transfer
to
a
scientific
data
transfer
application.
I
But
here
in
114
we
have
decided
to
dig
deeper
into
another
level
which
is
fts
and
schedule
the
transport,
and
we
have
built
it
as
results,
because
after
talking
with
like
fda
through
ceo
design
teams
and
also
analyzing,
the
behaviors
of
russia
and
fts,
mainly
to
give
the
rationale
because
fts
controller
architecture
is
like
a
robust,
they
use
lightweight
but
and
also
universally
accessible
control
and
knobs
to
to
control
the
behavior
of
scientific
data
transfer.
But
they
have
like
two
main
problems.
I
I
So
we
have
devised
another
stack,
a
controller
stack,
which
we
call
a
transfer,
control,
network
transport
control
networking
and
has
three
main
components.
The
first
one
is
three
of
three
also
in
the
picture
and
is
a
zero
zero
order,
optimal
gradient
algorithm
that
we
have
devised
and
implemented
in
isekata
and
the
last
the
latter.
One
is
tree
control
that
we
were
focused
on
the
second
one
on
that
too,
and.
I
Is
aggregating
the
the
aggregated
information
from
alto
to
enable
global
resource
control?
So
these
are
the
algorithm
and
schema
of
the
algorithm
that
is
given
in
that
slide.
But
given
the
time
level,
no
talk
about
them
and
so
or
bowling
to
the
in
this
hackathon
were
to
implement
a
prototype
of
the
three
alto
and
three
control
components
that
I
previously
talked
about.
These
are
the
rfcs
that
are
that
are
involved
in
this
segaton,
mainly
the
abstract
network
element
and
pass
vector.
Behaviors
of
also
are
considered
in
this
project.
I
So
this
is
the
first
input
of
our
system.
One
interesting
behavior
of
the
system
is
that
the
three
also
part
is
enabled
to
integrate
network
information
from
multi-domains,
namely
the
network
domain.
One
an
internet
work
domain
are
two
in
this.
In
this
slide,
more
information
are
given
in
that
slide
that
is
available
in
the
github
page,
but
they
are
basically
the
implementation
of
pass
vector
and
cost
matrix
properties
of
alto
protocol.
I
At
the
same
time,
so
at
the
top
of
the
page,
you
can
see
how
we
were
configuring,
the
bandwidth
usage
of
each
pipe
in
tcn,
either
with
absolute
bandwidth
limits
or
relative
bandwidth
limits,
and
on
the
bottom
part
you
can
see
that
or
tcn
optimizer
can
achieve
optimality
and
also
can
limit
the
bandwidth
usage
of
single
connections
at
the
same
time,
which
is
unfortunately
fts
optimizer
itself
is
not
capable
of
so
to
wrap
up.
Also,
we
have
implemented
a
prototype
of
tcn
optimizer
and
integrated
that
of
it
fts
in
this
hackathon.
I
This
is
the
very
beginning
of
our
collaboration
with
our
fts
rusio
and
scientific
data
transfer,
transfer
group
and
toward
itf
10115.
We
want
to
integrate
this
system
at
larger
scale
without
collaborators
at
san
diego
super
current
computing
center
and
also
esnet,
and
finally,
thank
you
all
for
your
attention.
I
B
H
Good
afternoon
everybody,
so
the
lp1
working
group
has
been
working
at
igfa
caton
for
about
five
years
now
and
for
the
most
recent
editions,
we've
been
developing
an
open
source
implementation
of
the
check
header
compression
protocol.
So
lp1
is
a
working
group
interested
in
transporting
ipv6
and
ib
based
protocol
stacks
over
very
constrained
networks
such
as
sig
fox
larwan
and
those
called
low
bar
wide
array
networks
which
have
a
payload
of
in
the
order
of
tens
of
bytes
and
they
trades
in
the
order
of
hundreds
of
bits
per
second.
H
Implementers
interested
and
come
to
grasp
with
the
technology
easily
so,
and
we
also
have
continuing
drafts
which
are
mentioned
here.
So
what
we
did
is
doing
a
few
bug
fixes
in
in
the
code
itself
and
also
in
the
data
model.
The
young
data
model
that
we're
just
completing
the
draft
for
and
integrating.
A
H
Model
checking
into
the
the
code
and
we've
also
been
working
on
validating
the
whole
protocol.
The
whole
suite
software
suite
on
the
macos
environment
and
the
last
bullet
point
is
we
are
writing
an
easy
to
read:
documentation
use
user
manual
for
the
open
source
code.
If
you
will
and
we've
been
rewriting
that
very
extensively.
G
H
H
Which
is
an
industrial
alliance?
Developing
the
lorawan
protocol
has
committed
to
use
our
open
source
implementation
as
a
reference
implementation
for
device
certification
for
the
optional
ipv6
or
r1
technology,
which
draws
on
the
rfcs
that
I've
mentioned
before.
That's
it
for
me,
thank
you
for
your
attention.
B
B
K
So
this
figure
shows
the
architecture
of
security
policy
translator.
So
alternative
user
is
network
security
of
the
mutual
writer.
It
gives
a
high-level
security
policy
such
as
some
regulation
of
access
in
company
or
some
enterprise.
So
the
high
level
policy
you
can
see
given
to
security
policy
security,
police
translator.
K
K
So
this
table
shows
the
mapping
between
high
level
young,
such
as
consumer
phase
interface.
Data
model
attribute
map
to
nsf
facing
is
a
low
level
security
policy.
So
basically,
we
can
matching
two
data
model
attributes
using
the
zhang
cha-cha
algorithm.
Basically,
we
can
measure
the
distance
to
a
passes
for
young
tree
and
that
we
can
match
each
the
attribute
from
young
tree.
K
K
Okay,
cannot
access
sms
websites
such
as
instagram
youtube
during
a
work
time,
so
the
basic
idea
is:
we
want
to
make
high
level
data
into
relatable
data.
So
basically
this
left-hand
side.
There
is
a
high-level
policy
data,
especially
sns
employees,
will
be
converted
into
specific
ip
addresses
and
then
sns
website
will
be
converted
into
specific
urls,
such
as
pace
blue
instagram,
something
like
that
in
the
middle
we
have
a
natural
security
function,
we'll
provide
the
specific
network,
sql
functions,
associated,
fiber
and
replicator,
or
something
like
that.
K
Next
and
then
using
this
procedure,
we
can
translate
the
high-level
skill
policy
into
lower-level
security
follows
xml
file
like
this.
So
the
previously
we
have
one
xml
file
for
the
web
access
regulation,
so
it
turns
out
that
we
can
generate
the
two
parts.
Part
one
is
for
five
words
and
second
one
is
web
filter,
so
you
can
see
employee
converted
into
ip
addresses
and
also
using
web
filter.
The
website
such
as
facebook
instagram
can
be
translated
like
that.
K
So
the
interesting
is
that
we
can
so
we
provide
itunes
step.
We
highlight
the
policy
as
the
consumer
phase
interface,
low
level
policies,
nsfx
interface,
young
module,
so
given
to
this
security
policy,
gen
policy
translator,
so
we
can
automatically
a
map
attribute
without
any
invention
of
the
other
mutilator
and
then
xml
file.
High-Level
policy
will
be
translated
into
reliable
policy
automatically.
So
I
think
this
is
a
very
the
interesting
feature,
so
we
demonstrated
automatic
translation
between
high-level
young
data
model
into
low
level
data
model.
K
K
G
B
A
C
C
B
K
Okay,
thank
you
sorry.
So,
hello
again,
this
is
a
projean
from
skq.
So
from
now
on,
I
will
explain
ip
wave
hackathon
project
so
the
basically
this
hackasm
project.
We
want
to
demonstrate
the
feasibility
of
a
heterogeneous
networking
such
as
ieee
wave,
lt,
11,
ocb
mode
and
3gpp
lte
module
4.
So
it
is
called
the
shiv
attacks.
K
So
you
can
see
the
middle
speakers
can
communicate
with
each
other
using
a
wave
or
a
c
blue
text
protocol
ip
wave.
We,
I
have
individual
draft.
It's
called
the
context
aware
navigation
protocol
cmp
so
basically,
cnp
provides
two
messages.
One
is
corporation
context,
message
for
on
a
normal
driving
condition
and
certain
accidents
happen
over
some
driving
hazard
in
front
of
a
beaker,
so
emergency
context,
message
ecm,
can
be
generated
and
disseminated
all
vehicles
to
protect
the
vehicles.
K
K
So
basically,
we
demonstrated
our
tech
awesome
project
using
omnipres
plus
for
networking,
simulator
and
sumo
is
the
speaker
or
mobility
monitor
we
combined
using
baines
architecture,
so
you
can
see
the
beakers
moving
and
in
highway
scenario,
so
we
implemented
on
top
of
the
base
for
elta
11
ocb.
We
implemented
the
logical
link
layer,
combine.
K
So
the
challenge
is
how
to
integrate.
So
let
me
show
you:
the
protocol
stack
here
so
left
hand
side
is
the
3gpp
protocol
stack,
so
you
can
see
5z
retex
over
on
the
lte
mode,
4
protocol
stack
and
right
side.
We
have
a
web
protocol
stack.
So
on
top
of
that,
so
we
have
a
logical
link
layer,
so
we
can
power
the
some
metal
layer
packet
to
tcp
ip
layer
or
non
ipv
layer
such
as
w
smp
wave
source
message
protocol
stack.
K
So
we
implemented
the
protocol
convergence
for
this
hackathon
project,
so
we
showed
the
feasibility,
so
I
think
the
wave
and
the
5g
void
tracks
or
lte
multiple
can
be
combined
together.
So
we
can
provide
the
vehicle
driving
safety,
so
we
have
open
source
project,
so
you
can
access
github
using
this
link
you
can
download.
L
L
A
little
brief
information
about
pdm:
it's
got
some
great
information
about
network
management,
information
and
session
information
for
ipv6
sessions
really
valuable
to
network
operators.
We
think
but
the
catch
is
we
use
extension
headers
to
transmit
that
information
and
there's
been
some
concern
and
some
studies
that
show
that
a
lot
of
extension
headers
are
getting
dropped
in
the
internet.
L
M
Thanks
all
yeah,
so
we
obviously
tested
ftp.
We
obviously
we're
testing
with
vms
from
a
plain
old
vm
provider,
not
your
average
tier
one
like
your
aws
ovh
rackspace,
because
we
wanted
to
avoid
things
like
overlay
networks,
which
could
you
know
hide
this,
and
because
it's
one
network-
and
we
also
did
testing
from
this
ietf
network
this
morning-
just
to
prove
you
know
what
it's
not
just
vm
networks,
it's
normal
networks
as
well,
and
we
also
in
the
tracing
that
was
going
over
multiple
providers.
M
We
had
transit
networks
in
clay
and
we,
obviously
this
is
all
running
on
vms,
with
bsd11.
We've
got
a
kernel
patch
that
does
all
that
pdm
injections
and
we
saw
it
in
all
the
scenarios,
including
in
those
fragmentation
headers,
and
if
you
look
at
the
vm
to
the
vm
top
left
is
the
the
request.
The
bottom
right
is
the
response,
and
if
we
looked
at
the
itf
network,
we
even
got
it
here.
M
If
you
look
closely
enough,
you'll
see
that
the
response
ip
is
the
same
subnet
as
here
today
and
look
it
gets
over
the
internet,
but
we're
only
scratching
the
surface
as
we
started.
Digging
into
this
and
andrew
will
mention
a
bit
more
when
we
tried
to
break
the
rfcs
it
started,
suggesting
we've
got
some
security
issues
that
we
need
to
investigate.
So
there's
a
lot
more
work
to
be
done.
E
And
this
is
the
wrap
up,
quick,
because
the
point
is
that,
in
order
to
implement
security,
you
don't
have
to
have
or
well
you
want
to
minimize
unexpected
behavior.
So
we
are
not
saying
that
it
is
right
to
drop
the
the
extension
error.
We
don't
say
that
it's
right
to
let
them
pass
through
unexpectedly,
but
we
might,
we
must
have
some.
E
E
What
we
are
proposing
actually
to
work
on
a
bcp,
basically
outlining
what
are
the
assumption
of
extension
errors
and
not
all
of
them,
but
what
have
to
be
outlined
in
rfcs
how
they
should
be
treated,
how
we
should
actually
test
them
or
what
are
the,
what
we
expect
from
them?
Actually,
because
they
can
be
extremely
valuable
for
not
only
what
we
was
working
on
the
performance
metrics,
but
for
everything,
and
but
we
must
make
use
of
them
in
the
right
way.
So,
basically
that
we
already
have
some
possible
mitigations.
E
But
we
don't
want
to
talk
about
the
mitigations
before
analyzing
the
problem.
It
will
be
too
early,
but
just
saying
we
can
have
roughly
either
let
them
pass
without
considering
them
encrypting
authenticating,
because
sometimes
it's
a
matter
of
being
sure
that
the
actual
accenture
are
right
and
basically
andrew
floor
to
you.
N
N
This
was
really
interesting.
So
what
I
did
was
I
decided
to
violate
8200
entirely.
Take
our
firewall
code
base
and
modify
it
to
say
that
if
it's
a
v6
packet,
the
v6
packet
is
an
mtu
of
1200
or
less.
Because
I
didn't
want
to
run
into
fragment
fragmentation
issues.
I
would
slap
a
random
extension
header
on
there,
be
a
hop
by
hop
or
destination
option
and
send
it
out
across
the
internet
and
see
what
broken
what
didn't
destination
options?
No
problem
got
everywhere
this
network-
and
this
is
from
my
house
in
kenya.
N
N
Is
we
don't
know
what
the
state
of
filtering
on
the
internet
is,
because
I
could
have
a
bug
in
the
router
code
that
I've
got
or
the
vendors
could
have
gone?
Well.
We
can't
handle
this
on
the
slow
path
so,
as
a
result,
we're
going
to
throw
away
these
packets
for
now,
but
either
situation
is
subject
to
change.
It's
not
the
behavior
that
was
expected
in
the
rfcs.
N
That
does
create
a
really
big
security
issue,
because
you've
got
operators
out
there
who
are
operating
on
an
assumption
that
stuff
is
being
filtered.
We
can't
say
that
for
sure
and
in
every
test
that
we
did,
we
found
that
it's
more
common
that
it's
actually
being
dropped
without
any
filters
being
specified
either
because
of
bugs
in
vendor
code
or
because
they've
deliberately
chosen
to
drop
it
because
of
not
being
able
to
handle
the
slow
path,
we're
not
sure
which
and
so
yeah.
N
That
was
just
a
little
bit
of
code
that
we
wrote
and
I'm
quite
happy
to
talk
to
anybody
about
that.
I'm
around
and
yeah.
It
was
an
interesting
test,
but
what
it
does
show
is
don't
rely
on.
The
fact
that
your
hbh
is
being
filtered
do
rely
on
the
fact
that
your
destination
option
stuff,
probably
isn't
being
faulted,
plan
your
security.
Accordingly,
thanks
guys.
L
O
So
I
have
a
just
a
sort
of
a
little
announcement.
The
knock
was
in
here.
We
were
looking
at
why
the
wi-fi
is
so
messed
up.
I
guess
somebody
has
like
a
google
nest
hotspot
or
something
just
letting
you
know
that
maybe
the
power
is
too
high
on
it
or
you
know
whatever,
but
it's
it's.
What's
screwing
up
the
wi-fi
in
here.
P
P
That's
we
do
think
both
implemented
the
protocol
mechanisms
etc,
but
we
didn't
reach
interrupt
because
we
all
struggled
with
actually
getting
the
packets
in
and
out
of
the
tunnels.
I
think
that
was
the
primary
problems
here
so
and
I
think
to
launch
a
little
bit
more
preparation,
at
least
from
my
perspective
from
me
and
marcus.
We,
if
we
looked
into
this,
maybe
prepared
some
of
our
cloud
environment.
P
Maybe
we
could
have
multiple
interfaces
in
the
cloud
and
things
like
that
that
our
default
policies
wouldn't
allow
so
there's
some
preparation
stuff
that
we
could
have
done
better.
But
I
also
think
that's
really
the
lessons
here
about
issues
around
more
the
environment
than
the
actual
implementation
so
and
the
people
from
ericsson.
Google
is
on
the
list
here
and
the
draft
github.
If
you
want
to
contribute
to
the
draft
so
yeah.
Thank
you.
B
Q
Hi,
I'm
dan
petrie,
and
before
I
start,
I'm
gonna
take
a
few
gratuitous
minutes
to
explain
what
what
a
v-con
is.
I
I
apologize.
We
didn't
get
our
draft
done
in
time
for
for
this
itf,
but
it'll
it'll
be
there
in
in
for
london,
so
you
may
ask:
what's
a
v
con
vcon
is
a
standard
container
for
conversations
all
right.
Next
question
is:
what's
a
conversation.
Well,
a
conversation
could
be
a
a
sms
chat
exchange.
It
could
be
an
email
thread.
Q
It
could
be
a
two-way
call
on
the
pstn
could
be
a
a
multi-party
call
with
audio
and
video
on
zoom
or
google
meet
or
whatever,
and
so
it
may
be
a
combination
of
those
things
you
may
start
in
one
media
and
move
on
to
another,
and
so
what
we're
proposing
here
is
a
standard
container
for
conversational
data.
You
know
we
have
things
like
you
know,
call
detail
records.
Q
Where,
when
things
that
you
might
have
in
a
call
detail
record
the
dialogue
or
the
actual
media
that
was
exchanged
in
the
conversation
text,
audio
video-
and
you
know,
you
may
have
real
time
or
post
conversational
analysis-
a
transcript,
a
translation,
a
sentiment
analysis
and
you
may
have
some
documents
that
were
exchanged
as
part
of
the
conversation
as
well.
You
know,
maybe
a
presentation
that
was
it
was
put
on
in
in
in
your
google
me
conversation
or
an
nda
that
was
signed
in
the
context
of
that
conversation
or
whatever.
Q
So
what
we'd
like
to
see
is
is
a
conte
standard
container
for
all
of
these
things,
which
are
all
components
of
your
conversation
and
and
so
then
you
may
ask
well
why
do
I
want
to
do
that?
Well,
it
really
makes
integration
of
services
much
easier.
I
can
provide
a
a
much
easier
way
to
to
provide
translation,
transcription
services
sentiment.
Analysis
services,
a
a
vcon,
becomes
a
a
nice
tool
for
analysis
of
of
of
conversations.
Q
You
know
if
I'm
a
call
center,
and
I
want
to
analyze-
you
know
how
my
agents
are
doing
or
if
maybe
one
of
the
agents
has
got
a
problematic
headset
and
you
might
be
able
to
detect
that
you
know
that
the
the
customers
can't
can't
hear
them.
You
know
a
v.
Con
becomes
a
an
asset,
for
you
know
a
a
call
center
that
is,
you
know,
doing
cold
call
kyle
dialing.
Q
Maybe
they
create
a
v
con
and
sell
that
v
con
to
a
a
sales
person
or
a
sales
service
to
to
is
a
hot
lead
right.
It's
robot
food
right
for
machine
learning
and
analysis,
so
having
a
standard
container
really
enables
a
lot
of
services
and
capabilities,
and
so
this
is.
This
is
what
kind
of
we're
we're
looking
to
achieve
with,
with
with
econ.
Q
So
we
we
already
have
a
draft,
that's
in
progress,
we
didn't
get
it
done
in
time.
It's
70,
80
percent.
There
we're
we're
working
on
that.
In
parallel,
we
have
an
open
source
implementation.
We
wanted
to
implement
encryption
decryption
because
there's
certainly
there's
privacy
concerns
over
the
contents
of
of
a
of
a
v
con,
and
we
had
the
idea
to
create
a
a
conserver,
a
conversation
server,
which
is
a
kind
of
a
a
wrestling
pad
for
storing
decons
or
whatever.
Q
Q
Q
And
what'd
we
learn
well,
we
found
some
bugs.
You
know
going
through
examples.
You
know
helps
and
we
found
some
bugs
in
our
code,
no
issues
with
the
draft
yet
because
it's
not
done
other
than
that,
we're
filling
in
more
of
that
kind
of,
if
you're
going
through
in
in
applying
jose
for
both
signing
and
encryption.
We
kind
of
feel
like
we
want
to
reduce
the
the
algorithms
that
need
to
be
supported
for
v
con
to
just
kind
of
reduce
the
the
the
the
coding
requirements.
Q
You
know
we
came
up
with
no
work
group
issues.
We
don't
have
work
yet
so
that's
stuff
in
progress.
He
had.
We
had
a
couple
two
remote
people
working
on
on
the
project
and,
as
I
said,
we're
on
github
and
please
contact
me
if
you're,
if
you're
interested,
I
want
to
know
more
or
want
to
participate
thanks.
B
B
R
R
So
we
were
working
on
implementations
of
the
draft
that
is
listed
here
and
the
idea
is
or
or
the
the
problem
that
the
draft
tackles
is.
If
you
have
dnssec
for
a
dns
zone,
you
can
sign
it,
but
then
you
also
need
to
put
the
trust
anchor
in
the
parent
zone
and
the
protocol
proposes
how
to
do
that
automatically
and
there
is
an
implementation
site
for
the
parent
and
one
for
the
zone
operator
itself
for
the
child
zone,
and
we
were
working
on
automation
for
the
second
part.
R
So
the
protocol
requires
that
you
publish
a
copy
of
the
zone's
cds
and
cdnsq
records
at
a
subdomain
of
the
nameserver
hostname
itself.
So,
for
example,
if
the
zone
is
example.co.uk
and
the
name
server
is
ns1.desec.io,
you
would
have
to
provision
this
record.
That's
listed
here
as
an
example.
It
has
an
underscore
ds,
boot,
prefix,
and
then
there
is
an
intermediate
label,
underscore
signal
and
also
the
child
zone
name
and
the
name.
Several
hostname
are
encoded
in
this
record
owner
name
and
then,
on
the
right
hand,
side.
R
The
value
of
the
record
is
the
same
one
as
in
the
child
zone,
and
you
can
use
that
to
do
validation
as
long
as
you
don't
have
a
chain
of
trust
to
the
target
zone.
Yet
because
you
can
have
one
to
the
name:
server
host
name
if
that
already
does
have
dnsec,
but
there's
no
automation
so
far.
So
the
hackathon
plan
was
to
automatically
generate
these
records
and
we
were
thinking
about
how
to
do
this.
One
can
either
write
scripts
and
run
ground
jobs
periodically,
for
example,
or
synthesize.
R
These
records
dynamically
in
the
authoritative
name,
server
software,
which
would
require
touching
code
from
let's
say,
powerdns
or
not,
dns
or
bind,
and
then,
whenever
that
service
is
queried
for
such
a
record,
it
would
go
and
look
at
the
target
zone,
and
then
you
know
get
it
and
sign
it
with
the
corresponding
keys
and
all
that.
So
what
got
done
so?
R
Then
the
agreement
was
that
this
enabled
synthesis
of
these
records
for
all
zones
managed
on
this
name
server.
So
we
don't
have
any
particular
sub
configuration.
We
figured
that's
easiest
and
has
no
harm.
Then
we
wrote
code
and
we
got
some
code
running.
That's
really
cool,
I
think
very
good
result
for
for
the
hackathon.
R
In
fact,
my
expectations
have
been
over
satisfied,
so
we
got
some
code
written
for
a
crown
job,
that's
deported
sultan.net
and
it
consumes
a
catalog
zone
which
is
another
new
dns
feature
and
from
that
it
extracts
a
list
of
zones
that
the
name
server
is
authoritative
for
fetches
the
bootstrapping
records
and
creates
the
bootstrapping
zone.
So
there
is
a
link
into
the
gitlab
repo
that
has
this
code
and
also
at
the
esac,
which
is
a
managed
essay
hosting
platform.
R
We
were
working.
We
were
working
on
synthesizing
these
records
in
powerdns
and
it's
also
gone
in
production
today.
I
think
around
lunchtime
when
the
deployment
was
done,
there's
the
pull
request
here
also
in
github.
We
also
worked
on
integrating
this
natively
into
not
dns,
but
it's
going
to
take
a
little
longer
until
that's
finished.
So
that's
in
the
works.
R
The
techniques
used
were
for
the
chrome
jobs
in
python
script
for
powerdns
implementation,
lua
records
which
allow
you
to
run
code
while
processing
a
query
and
for
not
dns.
It
was
a
c
module
for
for
the
server
software.
We
learned
that
it's
pretty
straightforward
to
implement
this.
I
was
more
skeptical
in
the
beginning
and
we
learned
some
things
about
lua
and
learned
that
it's
good
to
have
people
at
the
table
who
know
how
to
use
lua.
R
R
R
Okay,
it's
not
very
interesting,
so
there's
two
terminals
I
mean
I
can
describe
it
and
it's
probably
more
interesting
when
you
see
a
human
describing
things
and
making
jokes
and
mistakes
anyway,
so
there's
a
terminal
at
the
top,
which
runs
an
api
command
at
the
dsec,
a
dns
operator
which
creates
a
zone
and
that
automatically
also
creates
the
unessec
keypair
at
the
bottom.
We're
querying
these
records
that
we're
looking
for
to
provision
automatically
in
the
beginning.
There
is
a
dnessic
proof
of
non-existence
because
it
doesn't
exist
yet
then
the
video
would
start.
R
You
would
see
how
the
domain
is
created
when
we
hit
this
command
in
the
command
line.
You
get
the
output,
you
see
confirmation,
it's
confirmed,
then
you
wait
only
about
15
seconds
until
on
the
secondary
server.
You
will
see
that
these
records
have
been
provisioned
automatically
thanks
to
the
lua
script
that
is
running
on
the
server
now.
So
this
is
roughly
what
the
video
has
and
you
can
check
it
out.
If
you
go
to
the
itf
114
hackathon,
look
at
the
source
code
of
this
html
file
and
dig
out
the
url.
R
So
that's
the
wrap
up.
Team
members
were
john
who's,
an
itf
hackathon
first
timer
he
worked,
he
wrote
the
crown
job
script
and
deployed
it
on
his
servers.
Also
niels
is
the
first
timer
at
the
hackathon
at
least,
and
he
worked
with
jerry
on
the
power
dns
lua
scripting
synthesis
thing
and
I've
been
working
on
the
nuts
dns.
B
S
B
J
So
aim
was
to
look
at
a
slightly
new
programming
language
here,
and
this
is
being
implemented
as
a
systems
programming
language,
that's
supposed
to
be
relatively
stable
once
it's
finished
and
there's
efforts
to
add
encryption
to
it,
and
many
of
these
encryption
protocols
are
described
in
rfcs.
So
next
slide.
J
J
So
there's
a
guest
paper
from
about
two
years
ago,
where
they
suggested
some
further
tests
that
are
needed
and
they
examined
a
number
of
different
implementations
of
ed25519
and
they
found
that
for
these
corner
cases,
the
library
implementation
basically
don't
agree,
they
made
some
other
suggestions
that
would
improve
it
as
well.
But
at
this
point
I
just
looked
at
the
tests
and
the
line
at
the
top
is
the
new
one
looking
at
the
hair
implementation.
J
J
The
tests
came
from
this
paper
by
chalkies,
gary
lowe
and
nikolineko,
who
also
suggest
improvements
that
would
allow
for
applications
in
contract
signing
electronic
voting
and
transactions
and
their
test
vectors.
Should
I
guess,
my
suggestions
that
probably
the
chest
vectors
should
be
added
to
rfc
or
made
a
supplement
just
so
that
implementations
that
do
comply
with
the
rfc
can
be
said
to
comply
in
these
in
these
coordinate
cases.
J
T
So,
as
always,
the
plan
with
the
codesprint
is
to
improve
the
tools
that
are
used
to
make
the
iatf
work,
in
particular
the
data
tracker
and
xml
rfc
we've
been
doing
this
since
ietf
70..
So
if
you
find
that
you
there's
some
little
thing
that
annoys
you
about
how
one
of
these
tools
works
fix
it,
and
so
we
actually
got
a
fair
amount
of
things
done.
T
B
U
V
So
for
the
hackathon
we
have,
the
challenge
of
a
lot
of
uas
is
closed
source
and
we
have
a
closed
source
broadcaster
implementation
and
a
structure
of
a
dns
and
registry
system.
So
we
wanted
to
bring
the
two
of
them
together
during
the
hackathon
and
for
the
two
days
we
accomplished
actually
doing
a
live
registration
of
a
session
id
through
a
puck
public
information
lookups.
U
And
if
this
video
works,
we
were
able
to
film
a
live
demo.
It
does
not
look
like
it's
going
to
work
all
right,
so
what
the
demo
would
have
demonstrated
is
we
have
a
drone
simulation
running
in
microsoft,
air
sim.
We
have
that
plugged
into
a
software
in
the
loop
version
of
px4
and
we
have
that
plugged
into
cue
ground
control
and
we
have
those
mavlink
packets
from
q,
ground
control,
routing
to
a
puck
implementation
which
allows
for
backwards
compatibility
with
existing
drone
hardware.
U
That
poc
is
broadcasting
using
the
drip
protocol.
It
is
being
picked
up
by
the
two
phones
that
you
see.
One
of
the
phones
is
unauthenticated
and
is
able
to
obtain
relevant
public
session
information.
The
other
phone
is
authenticated
that
enables
it
to
obtain
serial
number
information
associated
with
that
session.
V
W
All
right
good
afternoon,
everyone,
so
I'm
greg
white
with
cablelabs
and
joined
by
a
number
of
the
other
champions
for
this
project.
I
hear
vidi
and
well
from
apple,
be
presenting
part
of
this
as
well,
so
this
project
is
taking
up
the
front
five
tables
in
the
corner
here,
as
well
as
with
racks
of
equipment
in
the
in
hidden
in
the
back
there
and
to
some
degree
this
is
a
hackathon
project.
W
W
There
are
three
components
to
the
l4s
architecture
and
make
it
work.
You
have
got
the
congestion
control
of
the
sender.
You've
got
congestion
marking
in
the
bottleneck,
link
along
the
path
and
then
you've
got
marking
feedback.
That's
coming
from
the
receiver
back
to
the
sender,
and
we've
got
implementations
of
all
of
those
here
today,
and
actually
our
plan
is
not
to
to
finish
today.
W
We're
actually
planning
going
all
the
way
through
the
end
of
the
day
on
tuesday,
there's
a
fair
amount
of
setup
involved
in
getting
all
this
networking
gear.
Here
we
actually
started
yesterday
afternoon
or
friday
afternoon,
getting
things
set
up,
and
yesterday
most
of
that
was
really
debugging
the
network.
Getting
everything
going.
We've
got
some
initial
results
to
share
with
you
guys
today,
tomorrow,
at
the
tsb
working
group
session,
we'll
have
an
update
with
additional
things
that
we
found
and
then
again
continuing
through
tuesday,
with
additional
testing.
W
W
W
In
terms
of
what
we've
tested
so
far
in
terms
of
interoperability,
this
is
a
list
I
possibly
complete,
maybe
not
complete.
A
set
of
things
have
been
tested
so
far,
but
different
congestion
controllers,
different
bottleneck,
links,
different
receivers,
trying
to
work
our
way
through
to
the
full
list.
X
X
This
one
shows
the
classic
results
for
the
classic
traffic
for
upstream.
I
remember,
if
I
remember
correctly,
this
is
done
with
casa
and
it
shows
it
shows
basically
what
we
see
with
the
classic
condition,
control
which
is
cubic,
and
you
can
see
the
highlighted
box
where
we
show
the
pdv
stats,
where
p99
is
30.
Millisecond
and
p99.9
is
125
milliseconds.
So
there's
a
lot
of
delay
variation,
which
means
there's
a
lot
of
jitter
as
well,
for
the
classic
and.
X
If
you
look
at
the
l4s
upstream,
this
is
again
with
casa,
and
but
this
uses
our
l4s
conduction
controller
and
the
low
latency
queue
instead
of
the
classic
queue
and
the
pdb
stats.
Again,
if
you
look
at
p99,
it's
9,
millisecond
and
p99.9
is
10.3
milliseconds.
So
there
is
a
huge
improvement
or,
I
should
say,
a
huge
reduction
in
the
latency
for
l4s
as
compared
to
classic.
X
Please
note
that
for
for
the
sorry
for
the
docsis
implementation,
there's
you
know
there's
this
request
grand
delay,
which
is
basically
the
minimum
delay
that
some
packets
always
see.
So
it's
not
that
the
p99
being
nine
millisecond,
not
all
of
it
is
queuing
delay.
Some
of
it
is
the
base
delay
or
the
request.
Grain
delay.
X
Moving
on
to
the
downstream
testing
this
one,
I
think
we
did
with
comm
scope.
We
did
with
casa
as
well,
but
this
result
is
with
comscope
and
if
you
look
at
the
classic
again,
the
p99
is
55
and
99.9
is
96
for
classic
traffic.
There's
a
huge
delay
variation
for
for
classic,
and
if
you
look
at
l4s,
the
variation
is
much
smaller.
X
B
B
Mentioned
a
few
times
we
have
a
you
know
a
couple
more
things.
After
this
we
have
the
hack
demo
happy
hour.
A
few
of
you
have
have
already
signed
up.
If
you
look
on
the
the
wiki,
the
hackathon
wiki
you'll
see
right
underneath
the
agenda.
It
mentions
the
hack
demo
happy
hour
and
there's
a
link
to
you,
know,
reserve
space
for
for
your
table.
Please
do
that
as
soon
as
possible.
B
Okay
and
then
I
also
mentioned
the
code
lounge,
so
hack
demo
happy
hours
just
for
that
one
hour,
but
this
area
will
essentially
turn
into
the
lounge
for
the
iatf
meeting
and
there's
a
portion
of
it
that
will
be
kind
of
signed
off
as
being
for
the
code.
Lounge
it'll
probably
be
up
here,
so
that
it'll
be
close
to
the
equipment.
B
I
would
imagine,
but
in
any
case
you
can
also
there's
a
sign
up
sheet
there
and
that's
just
for
your
own
reference
and
to
let
other
people
know
as
to
when
you
plan
to
be
here.
So
I
saw
the
l4s
they
already
signed
up
at
the
times
they
planned
to
be
here
and
that's
great
others
are
free
to
be
here.
There
can
be
more
than
one
team
here
at
any
one
time.
B
And
then
you
know
thanks
thanks
to
thanks
to
all
of
you
for
participating
in
the
hackathon
for
working
with
us
through
some
of
the
glitches
too.
You
know
this
is
every
time
I
think,
there's
something
new
that
that
we
try
this
time.
The
integration,
the
slides
with
me
techo
had
some
really
nice
benefits
to
it.
Those
many
of
you
may
have
interacted
with
barry
he's
he's
in
the
back
there
kind
of
silently
making
sure
that
thank
you
barry
that.
B
He's
my
co-chair
at
the
hackathon
and
making
sure
that
you
know
everyone
got
added
to
the
github
organization
that
your
slides
got
uploaded
there
and
that
they
then
got
into
meet
techo,
and
then
the
muteco
team
was,
of
course
great
and
the
knock
team
working
with
us
on
the
network
so
realize
that
all
this
happens
the
the
weekend
before
the
ietf
meetings
really
starting.
So
a
lot
of
stuff.
B
Not
only
your
projects
but
really
the
whole
ietf
network
everything's
getting
set
up
and
the
fact
that
we're
able
to
pull
this
off
and
have
things
be
as
stable
and
work
as
well
as
they
are,
is
really
a
phenomenal
and
a
tribute
to
the
noc
team
and
meet
techo
and
the
whole
ams
staff.
So
it's
a
really
fantastic
and
then
we're
always
looking
for
people
to
help
us
make
the
hackathon
better.
B
So
you
can
share
your
ideas
with
me
and
barry
if
you
have
more
than
just
ideas,
but
you
actually
want
to
help
us
join
our
team
so
that
we
can
work
on
the
hackathon
together
and
maybe
you
can
be
up
here
doing
the
presentations
running
the
presentations
next
time.
That'd,
be
great
too
so
talk
to
me
talk
to
barry
about
that
we'd
love
to
hear
from
you,
we'd
love
your
help.
B
And
with
that,
we
we
are
done.
The
next
hackathon
will
be
in
london
and
we'll
try
to
make
sure
we
have
plenty
of
space
and
a
good
setup
for
all
you
there
so
start
planning.
Now
I
hope
it's
possible
for
you
to
join
us
in
person
again
and
in
any
case,
save
the
date.
It'll
be
the
weekend
at
the
start
of
the
ietf
meeting,
so
mark
that
in
your
calendars
and
and
start
making
your
plans
now
well.
Thank
you
all.
Please
have
a
a
great
and
safe
iatf
week.