Re: [Anima-signaling] comments on GRASP-07 draft
Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 30 September 2016 19:23 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima-signaling@ietfa.amsl.com
Delivered-To: anima-signaling@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E4A012B08F for <anima-signaling@ietfa.amsl.com>; Fri, 30 Sep 2016 12:23:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LBfNQgdCw6IB for <anima-signaling@ietfa.amsl.com>; Fri, 30 Sep 2016 12:23:55 -0700 (PDT)
Received: from mail-pa0-x231.google.com (mail-pa0-x231.google.com [IPv6:2607:f8b0:400e:c03::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1AFA12B13F for <anima-signaling@ietf.org>; Fri, 30 Sep 2016 12:23:55 -0700 (PDT)
Received: by mail-pa0-x231.google.com with SMTP id cd13so38036403pac.0 for <anima-signaling@ietf.org>; Fri, 30 Sep 2016 12:23:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=t0OD23bLAtkRiWcr+osX4KX1Hfps3OGcqCHUN4jdTOQ=; b=Hx2JiXE2A4lXjm9nNAusxMXzy8r98xCiWv61kyP7dk2hjH7KoeGTM3bAwmp9MXlOGd baTrxKo/z6uGBTR5iD06/kWu8o5W0MkLAK2glV8OkTti4hp3ZXKZWPLJQbiE8u3OpsTE HDg5obXC6r6Hck6h5LPF4zJgrKJELZA0CRyWe58Wlk7cw3bYXtkciYKXoH9u4+pyiN+o NaJwYJDi/+4kzSt+B9u7b0Y1KuA09whZsEAKsi44tX5Lv8scBGI0CXWqKQN3NZGBpFHv On9mm5J/FyLMafBSB2gq+rpurW6+K8cdeZVaF8iXZKBFJK0f3zOkgooqsNFZjDXSmG5C Wh8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=t0OD23bLAtkRiWcr+osX4KX1Hfps3OGcqCHUN4jdTOQ=; b=WffNlNTuhCAkMg03py7G9J5JhQ/+IiodRTCaFJgAu5M54IR3CYYJ3AmZYhwpRMC3jr 5nt/VvZHuGvfGhWEr+P6kDA8qNiZ0QOf93OCCarwyJs8skvcP26WSDpyrIgur5i5UyoV KyB5KxfW/MZ5ql1Z97tChFTySFtqLeJCg9mUVTHJhpuvQU+T5DDT09VVOBWGJ6UYykxI 8AXuu/gmUF5dAjMdV7QrImdAZsO6DwB1+D7pTAk/K+8lwNPKvu9jfZ9aZlmX1gvMjkH8 6s5rUcKb5vdlsDVDu6cA+bLFQsbrR20CSJ/37AF4Kr0JrpA3EZqYQ2cawoCrUZE2aOqZ H3PA==
X-Gm-Message-State: AA6/9Rmn3fxft7KJwoWnP7lJTIZZnV4l82GCb/S43BtghxqE4c5OqGfBIObE2YSGVq64Wg==
X-Received: by 10.66.190.161 with SMTP id gr1mr14124676pac.156.1475263435059; Fri, 30 Sep 2016 12:23:55 -0700 (PDT)
Received: from [192.168.178.23] ([118.148.117.30]) by smtp.gmail.com with ESMTPSA id u19sm29697425pfa.40.2016.09.30.12.23.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 30 Sep 2016 12:23:54 -0700 (PDT)
To: Michael Richardson <mcr+ietf@sandelman.ca>, anima-signaling <anima-signaling@ietf.org>
References: <27023.1475255753@obiwan.sandelman.ca>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <f1f500f9-e7ed-bf2d-dc73-619557971e54@gmail.com>
Date: Sat, 01 Oct 2016 08:24:02 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <27023.1475255753@obiwan.sandelman.ca>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-signaling/rBGMTVRglP4-SGvdIHh9tdWg2wM>
Subject: Re: [Anima-signaling] comments on GRASP-07 draft
X-BeenThere: anima-signaling@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the signaling design team of the ANIMA WG <anima-signaling.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-signaling/>
List-Post: <mailto:anima-signaling@ietf.org>
List-Help: <mailto:anima-signaling-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Sep 2016 19:23:58 -0000
Thanks much Michael. Do you want to repeat this on the main Anima list in response to the last call? Regardless, I will respond next week (it's already Saturday here). Our Chinese colleagues are all off now for their National Day holiday week. Regards Brian On 01/10/2016 06:15, Michael Richardson wrote: > > I read draft-ietf-anima-grasp-07 from beginning to end. > This is probably my first read through in many months. > I will be happy to turn these into issues in the tracker if told to do so. > > I am overall pleased with the document, it read well. > > I did feel like there was a section missing between 2 and 3, that gives a > detailed architecture use of GRASP, without resorting to bits on the wire. > > I think that section 3.3 is trying to do this, but it failing because it gets > into security before it has explained anything about how things work. > Maybe if 3.3.1/3.3.2 were moved to a new section 3.3b entitles "Protocol Security" > or some such. > > I had to go learn about CDDL from draft-greevenbosch-appsawg-cbor-cddl-08 > (now -09), and then how it maps to bytes on the wire. > > Can we please have some worked through examples with bytes on the wire? > I will attempt to contribute some. > > > Some specific text that I didn't like: > > 3.3.4, Discovery Procedures section says: > > An exponential backoff SHOULD be > used for subsequent repetitions, in order to mitigate possible > denial of service attacks. > > I agree that an exponential backoff SHOULD be used by senders in order to > deal with overloads due to unintentional in corrolations of senders. > But, telling well-behaved senders what to do does nothing to mitigate denial > of service attacks. The point is that the malicious attackers are not > well-behaved. > > If the point is to tell responders that they should backoff in their replies, > or rate limit their replies, then that would make sense, but since the reply > will be by TCP (as I understand it), then the opportunity to do forged source > address attacks is rather low. > > Later in that section, it says: > A GRASP device with multiple link-layer interfaces (typically a > router) MUST support discovery on all interfaces. If it > receives a Discovery message on a given interface for a > specific objective that it does not support and for which it > has not previously cached a Discovery Responder, it MUST relay > the query by re-issuing a Discovery message as a link-local > multicast on its other interfaces. The relayed discovery > message MUST have the same Session ID as the incoming discovery > message and MUST be tagged with the IP address of its original > initiator. Since the relay device is unaware of the timeout > set by the original initiator it SHOULD set a timeout at least > equal to GRASP_DEF_TIMEOUT milliseconds. > > > Could we rewrite this into positive language, and also split it up, and maybe > even number some of these things. I suggest: > > 3.3.4.1 GRASP discovery relaying by routers > > A GRASP device with multiple link-layer interfaces (typically a > router) MUST support discovery on all interfaces. > > Different interfaces may be at different security levels: each group > of interfaces with the same security level SHOULD be serviced by the > same GRASP process, except for Limited Security Instances which are > always single-interface instances. > > When a router receives a Discovery message on any interface, > for an objective that it supports, then acting like any other > GRASP device, it replies to it. > > When a router receives a Discovery message for an objective that > it does not support, but which for which it has previously cached > a response, then it replies to that request with the cached > information. > > When a router receives a Discovery message for an objective that > it does not support, and for which it has no cached response, then > it MUST relay the query by re-issuing a Discovery message as a link-local > multicast on ALL of its other interfaces which are at the same > security level as the incoming interface. > > The relayed discovery message formed MUST have the same Session ID > as the incoming discovery message and MUST be tagged (XXX HOW?) > with the IP address of its original initiator. Since the relay > device is unaware of the timeout set by the original initiator it > SHOULD set a timeout at least equal to GRASP_DEF_TIMEOUT milliseconds. > > > section 3.7.3 says: > The discovery initiator sends the Discovery messages via UDP to port > GRASP_LISTEN_PORT at the link-local ALL_GRASP_NEIGHBOR multicast > address. It then listens for unicast TCP responses on the same port, > and stores the discovery results (including responding discovery > objectives and corresponding unicast locators). > > > I have a problem with the mixing of UDP and TCP port numbers in this way. > First of all, this is text is ambiguous because the binding of "same" is > unclear to me. Let me number things so that the ambiguity is clear: > sender: UDP from: X -> to: GRASP_LISTEN_PORT > responder: TCP from: Z -> to: Y > > "then listens for unicast TCP responses on the same port" > > could mean that Y = GRASP_LISTEN_PORT, > or it could mean that Y = X > > Could we just *say* in the UDP which port the initiator is going to listen on? > > Assuming Y=GRASP_LISTEN_PORT, may I suggest that if we say port '0' that it > means grasp_listen_port, which is often GRASP_LISTEN_PORT, except if one > might be debugging,etc. when one might set it to another port. That is, we > normally say, "0" to mean GRASP_LISTEN_PORT whatever it might be at that > moment. When we to reach at a port!="0", then we mean that port. > > Y=X can be made to work if one picks X well, but may be unworkable on some > platforms. > > (I'm saying this mostly from experience with IKE, which originally said to > ignore the source port of the UDP, and always use 500, which was a problem > when it came to NAT traversal, but more to the point, it made it sometimes > painful to test in-vitro). > > I'm understanding that ONLY Discovery requests go out via UDP, but that all > Discovery responses occur via TCP. I'm a bit concerned about this process > during bootstrap. The Discovery initiator will have to be prepared for many > TCP connections... I guess we had assumed that the reply would be UDP as > well. > > > > -- > Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works > -= IPv6 IoT consulting =- > > > > > > _______________________________________________ > Anima-signaling mailing list > Anima-signaling@ietf.org > https://www.ietf.org/mailman/listinfo/anima-signaling >
- [Anima-signaling] comments on GRASP-07 draft Michael Richardson
- Re: [Anima-signaling] comments on GRASP-07 draft Carsten Bormann
- Re: [Anima-signaling] comments on GRASP-07 draft Brian E Carpenter
- Re: [Anima-signaling] comments on GRASP-07 draft Brian E Carpenter
- Re: [Anima-signaling] comments on GRASP-07 draft Carsten Bormann
- Re: [Anima-signaling] comments on GRASP-07 draft Michael Richardson
- Re: [Anima-signaling] comments on GRASP-07 draft Michael Richardson
- Re: [Anima-signaling] comments on GRASP-07 draft Brian E Carpenter
- Re: [Anima-signaling] comments on GRASP-07 draft Michael Richardson
- Re: [Anima-signaling] comments on GRASP-07 draft Brian E Carpenter
- Re: [Anima-signaling] comments on GRASP-07 draft Liubing (Leo)
- Re: [Anima-signaling] comments on GRASP-07 draft Brian E Carpenter