RE: AW: draft-wbeebee-ipv6-cpe-router-04 comments

["Stark, Barbara" <bs7652@att.com>]

Hemant,
I was simply clarifying the history of why telco SPs currently use
"point-to-point" Ethernet connections, because other emails had implied
it was for governmental eavesdropping purposes. I meant no insult, and
had no agenda, other than to explain that eavesdropping was not the
primary goal. Governmental eavesdropping, as a justification for
requirements, leaves a bad taste in many people's mouths, and is rather
unpopular. Security and privacy are considered worthy goals. I was
trying to turn the tone of justification from being negative
(governmental eavesdropping) to positive (security and privacy).

Although DOCSIS 1.0 did include support for encryption, in the old days,
many providers did not enable this security, and there were many
anecdotes of neighbors seeing each other's computers. The encryption
capabilities of DOCSIS 1.0 were just an option, and not mandatory.
Again, this is really old (10 years +) history; but this history was key
in driving telco service providers to architecting access networks that
did not have shared Ethernet links among customers. This isn't intended
as an insult or a slam against the cable industry. I haven't heard any
of these anecdotes in years, and have no doubt that cable access is
quite secure at this time. But history is history. Here is a website
that describes some of this old history, in case you're curious:
http://www.securityfocus.com/news/7977.

I do not see that this history has any impact on the draft. The
requirements, from my perspective, are sufficiently justified. Since
there doesn't seem to be a request for any changes to the draft, based
on this thread, I don't think it's a useful thread to pursue.
Barbara

> -----Original Message-----
> From: Hemant Singh (shemant) [mailto:shemant@cisco.com]
> Sent: Monday, March 30, 2009 4:00 PM
> To: Stark, Barbara; Mark Smith; Alan Kavanagh
> Cc: Alastair Johnson; Mikael Abrahamsson; Olaf.Bonness@telekom.de;
> v6ops@ops.ietf.org
> Subject: RE: AW: draft-wbeebee-ipv6-cpe-router-04 comments
> 
> Barbara,
> 
> What initial cable standards deployment are you talking about where
> clients in the home in cable modems or hosts behind the modems could
> talk directly to another cable modem in a neighboring home?  For over
> 10
> years, in docsis networks since docsis 1.0, I don't see such behavior
> on
> a routed CMTS - this thread is also focused on routed networks because
> at the DSL first hop IPv6 router, we have a routed network.  Also,
what
> you have said below about security or privacy was something that I
sent
> already on 03/26.  This is what I had said.
> 
> "At this point I would like you all to see this text below that I and
> Wes wrote in an expired draft of
> draft-wbeebee-on-link-and-off-link-determination-01.txt.
> [3.  Router Models
> 
>    The Redirect Clarifications section clarifies RFC 4861 [ND] host
and
>    router behavior for an aggregation router deployment.
> 
>    The Aggregation Router Deployment Model section presents a possible
>    aggregation router deployment model for IPv6 and discusses its
>    properties with respect to ND.  Aggregation routers can service
more
>    than 100,000 subscribers.  Due to scaling considerations, any NS
for
>    global address resolution from any host to any other host should
not
>    reach the aggregation router.
> 
> 3.1.  Aggregation Router Deployment Model
> 
>    A property of routed aggregation networks is that hosts cannot
>    directly communicate with each other even if they share the same
>    prefix.  Physical connectivity between the aggregation router and
> the
>    modems prevents hosts behind modems to communicate directly with
> each
>    other.  Hosts send their traffic to aggregation router.  This
design
>    is motivated by scaling and security considerations.  If every host
>    could receive all traffic from every other host, then the
>    subscriber's privacy would be violated and the amount of bandwidth
>    available for each subscriber would be very small.  That is why
> hosts
>    communicate between each other through the aggregation router,
which
>    is also the IPv6 first-hop router.
> 
>    For scaling reasons, any NS to resolve any address other than that
> of
>    the default router should not reach the aggregation router.
> 
> 
>                            +-----+
>                            |     |
>                            |Aggre+----(Rtr CPE)----Host1
>             Core----WAN----+gator|
>                            | Rtr |
>                            |     +----(Br CPE)----(Cust Rtr)----Host2
>                            +-----+
> 
>                                  Figure 1.
> 
>    In the figure above, the customer premises equipment (CPE) is
> managed
>    by the ISP and is deployed behind an aggregation router that is an
>    IPv6 first-hop router and also a DHCPv6 relay agent.  IPv6 CPEs are
>    either IPv6 routers (Rtr CPE) or IPv6 bridges (Br CPE).  If the
>    customer premises uses a bridge CPE, then a router (Cust Rtr) is
>    needed.  All hosts reside behind a router CPE or a customer router.
> 
>    No NS to resolve any address other than that of the default router
> 
> 
> 
> Singh & Beebee            Expires July 4, 2008                  [Page
> 7]
> 
> 
> Internet-Draft          ND On-link Determination            January
> 2008
> 
> 
>    will reach the aggregation router from any device on the customer
>    side of the aggregator.  CPEs do not communicate with each other in
>    this deployment model since a CPE does not run any applications
that
>    need to communicate with other CPEs.  Hosts do communicate with
each
>    other, but every host is off-link to any other host on the
>    aggregation router.]
> 
> Hemant
> 
> 
> -----Original Message-----
> From: owner-v6ops@ops.ietf.org [mailto:owner-v6ops@ops.ietf.org] On
> Behalf Of Stark, Barbara
> Sent: Monday, March 30, 2009 10:08 AM
> To: Mark Smith; Alan Kavanagh
> Cc: Alastair Johnson; Mikael Abrahamsson; Olaf.Bonness@telekom.de;
> v6ops@ops.ietf.org
> Subject: RE: AW: draft-wbeebee-ipv6-cpe-router-04 comments
> 
> My remembrance of why SPs aren't keen to localize routing is quite
> different.
> Originally, cable operators had neighbors all on the same Ethernet
> network. Neighbors were able to discover each other's computers and
> printers (this was before routers were common), and sometimes sniff
> each
> other's traffic. This was considered a bad thing, from a customer
> security and privacy standpoint. Telco providers decided that they did
> not want to it this way, and effectively made Ethernet connections
from
> customers "point-to-point" to an element in the access network.
> 
> Today, the access network elements are able to detect a lot of malware
> traffic (especially DDoS attacks), and disconnect customers that are
> infected with malware that presents a security / privacy /
> performance-impacting risk to others. Unfortunately, this is not an
> infrequent occurrence. If customer traffic were somehow able to bypass
> these network elements, it would open up neighbors to attacks by
> infected neighbors. That would be a very bad thing.
> 
> Furthermore, in general, there just isn't that much neighbor-to-
> neighbor
> communication, that would make the savings outweigh the cost of
> implementation. The only neighbor my home trades a lot of traffic with
> (my kids and their kids, gaming) is on a separate network, since we
use
> different service providers.
> 
> Lack of cost justification and security concerns are the reasons why
> SPs
> are unlikely to localize traffic within the access network, for
general
> consumers.
> Barbara
>