<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-tab-span" style="white-space:pre"> </span>Again, thanks to Geert Jan for taking the notes!<div><br></div><div><span class="Apple-tab-span" style="white-space:pre"> </span>- Jim</div><div><br></div><div>---------</div><div><br></div><div><br><span class="Apple-tab-span" style="white-space: pre; "> </span><span class="Apple-tab-span" style="white-space: pre; "> </span>Minutes IETF78 conf call<br><span class="Apple-tab-span" style="white-space: pre; "> </span><span class="Apple-tab-span" style="white-space: pre; "> </span>Jul 5 2010, 17:00 UTC<br><br>Attendees:<br><span class="Apple-tab-span" style="white-space: pre; "> </span>jim<br><span class="Apple-tab-span" style="white-space: pre; "> </span>chris<br><span class="Apple-tab-span" style="white-space: pre; "> </span>sjoerd<br><span class="Apple-tab-span" style="white-space: pre; "> </span>john<br><span class="Apple-tab-span" style="white-space: pre; "> </span>menno<br><span class="Apple-tab-span" style="white-space: pre; "> </span>randy<br><span class="Apple-tab-span" style="white-space: pre; "> </span>karen<br><span class="Apple-tab-span" style="white-space: pre; "> </span>rob<br><span class="Apple-tab-span" style="white-space: pre; "> </span>geertj (scribe)<br><br><br>1. Shipping<br>Chris:<span class="Apple-tab-span" style="white-space: pre; "> </span>Final list sent to Verilan on tuesday.<br><span class="Apple-tab-span" style="white-space: pre; "> </span>No response yet, no shipping quote received yet<br><span class="Apple-tab-span" style="white-space: pre; "> </span>Little uncertain about fiber jumper cables<br><span class="Apple-tab-span" style="white-space: pre; "> </span>19 SFP's<br><span class="Apple-tab-span" style="white-space: pre; "> </span>Will get 2nd quote from Stephanie once Verilan quote is in [Jim: Unlikely ... we'll just go with sho-air]<br><span class="Apple-tab-span" style="white-space: pre; "> </span><br><span class="Apple-tab-span" style="white-space: pre; "> </span>We're likely to use same (or similar) equipment in Beijing.<br><br>Jim:<span class="Apple-tab-span" style="white-space: pre; "> </span>need to confirm Juniper router loan<br><br><span class="Apple-tab-span" style="white-space: pre; "> </span>What VM's will we use? Basically IETF75, w/ changed (and un-changed)<br><span class="Apple-tab-span" style="white-space: pre; "> </span>IP's and vlans for Anaheim<br><br>Randy:<span class="Apple-tab-span" style="white-space: pre; "> </span>Beijing crew wants to know software for DNS, DHCP, ...<br><span class="Apple-tab-span" style="white-space: pre; "> </span>Chris to answer<br><br><span class="Apple-tab-span" style="white-space: pre; "> </span>ACTION: chris to ping verilan on quote / shipping<br><span class="Apple-tab-span" style="white-space: pre; "> </span>ACTION: jim to confirm loan with Juniper<br><span class="Apple-tab-span" style="white-space: pre; "> </span>ACTION: chris to give DNS, DHCP, ... software details to Beijing crew<br><br><br>2. Initial Design<br>Jim:<span class="Apple-tab-span" style="white-space: pre; "> </span>similar to IETF75 design: same vlans, same addressing.<br><span class="Apple-tab-span" style="white-space: pre; "> </span>Added: 2 vlans:<br><span class="Apple-tab-span" style="white-space: pre; "> </span><span class="Apple-tab-span" style="white-space: pre; "> </span>outside <--> portal box<br><span class="Apple-tab-span" style="white-space: pre; "> </span><span class="Apple-tab-span" style="white-space: pre; "> </span>portal <--> inside<br><br><br><br>3. VM's<br><span class="Apple-tab-span" style="white-space: pre; "> </span>VM's are being upgraded to FreeBSD 8. <br><span class="Apple-tab-span" style="white-space: pre; "> </span>Chris is working with Joel on this.<br>Rob:<span class="Apple-tab-span" style="white-space: pre; "> </span>should we use FreeBSD 9? <br><span class="Apple-tab-span" style="white-space: pre; "> </span>Randy: I'm using it, no issues, but it is early.<br><span class="Apple-tab-span" style="white-space: pre; "> </span>Consensus is to stay with FreeBSD 8 for now.<br><br><br><br>4. Captivator (portal)<br>John: <span class="Apple-tab-span" style="white-space: pre; "> </span>Experimenting with test setup, small Dell + switch<br><span class="Apple-tab-span" style="white-space: pre; "> </span>test at <a href="http://ietf-nac.route-views.org/">ietf-nac.route-views.org</a> (XXX does not exist)<br><span class="Apple-tab-span" style="white-space: pre; "> </span>Initially no IPv6, John added ip6tables support and IPv6 works now,<br><span class="Apple-tab-span" style="white-space: pre; "> </span> auth is IPv4 only.<br><span class="Apple-tab-span" style="white-space: pre; "> </span>captivator ties MAC <-->IPv4 address, this means IPv4 addresses<br><span class="Apple-tab-span" style="white-space: pre; "> </span> should not chance, hence loooong DHCP leases.<br><span class="Apple-tab-span" style="white-space: pre; "> </span>performance: iptables+ip6tables, uses hashing, looks workable.<br>?:<span class="Apple-tab-span" style="white-space: pre; "> </span>q: same MAC on different VLANs yields different IP,<br><span class="Apple-tab-span" style="white-space: pre; "> </span> does this work? a: yes<br>?:<span class="Apple-tab-span" style="white-space: pre; "> </span>q: does one need to re-auth if IP changes? a: yes<br>?:<span class="Apple-tab-span" style="white-space: pre; "> </span>q: what will this do on the on the 3 MACs/token limit? a: we'll see<br>randy:<span class="Apple-tab-span" style="white-space: pre; "> </span>q: 3 MACs: is that simultanious, or total number of auths? a: tbd<br>geertj:<span class="Apple-tab-span" style="white-space: pre; "> </span>q: doesn't understand as it takes manual effort to change from<br><span class="Apple-tab-span" style="white-space: pre; "> </span> 802.11a capable VLAN to somewhere else, then why fuss about re-auth?<br><span class="Apple-tab-span" style="white-space: pre; "> </span> a: Such a move indeed will need manual config work, hence re-auth<br><span class="Apple-tab-span" style="white-space: pre; "> </span> is no big problem.<br><br><span class="Apple-tab-span" style="white-space: pre; "> </span>freeradius author heard about this and is interested, offered to help<br><br><span class="Apple-tab-span" style="white-space: pre; "> </span>ACTION: rob to contact freeradius author<br><br><br><br>5. captive portal hardware<br>jim:<span class="Apple-tab-span" style="white-space: pre; "> </span>menno, we'll need 2 more servers, problem?<br><span class="Apple-tab-span" style="white-space: pre; "> </span> we don't have specs as we're still experimenting captivator,<br><span class="Apple-tab-span" style="white-space: pre; "> </span> but we'll need 2 ethernets. menno: no problem, I need to confirm<br><span class="Apple-tab-span" style="white-space: pre; "> </span> RIPE NCC IT mgr (brian).<br>john:<span class="Apple-tab-span" style="white-space: pre; "> </span>q: captivator box wants 3rd NIC as mgmt port. Problem?<br><span class="Apple-tab-span" style="white-space: pre; "> </span> a: RIPE to check / buy<br><span class="Apple-tab-span" style="white-space: pre; "> </span>john to send captivator specs to list<br><span class="Apple-tab-span" style="white-space: pre; "> </span>consensus is to run freeradius on services<br><br><span class="Apple-tab-span" style="white-space: pre; "> </span>ACTION: NCC to confirm availability of 2 more servers, with 3 NICs each<br><span class="Apple-tab-span" style="white-space: pre; "> </span>ACTION: john to send captivator specs to list<br><br><br>6. printer<br>sjoerd:<span class="Apple-tab-span" style="white-space: pre; "> </span>NCC printers survived the flood, are OK, need to ask IT mgr for avail<br><span class="Apple-tab-span" style="white-space: pre; "> </span>q: get extra toner<br><br><span class="Apple-tab-span" style="white-space: pre; "> </span>ACTION: Sjoerd to confirm 2 printer avail with brian, and get toner<br><br><br><br>7. name / SSL cert for portal<br><span class="Apple-tab-span" style="white-space: pre; "> </span>work in progress. Since this will go via CA, better inform the<br><span class="Apple-tab-span" style="white-space: pre; "> </span>powers-that-be that they can expect a request and need to approve.<br><br><br><br>8. status 130.129.0.0/16 <br>geertj:<span class="Apple-tab-span" style="white-space: pre; "> </span>IP is still hot. Jim to coordinate to stop announcements<br><br><span class="Apple-tab-span" style="white-space: pre; "> </span>ACTION: jim to have ICANN net folk undo BGP config <br><br></div></body></html>