IETF Logo Mail Archive

Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-hmac-08: (with DISCUSS and COMMENT)

Juliusz Chroboczek <jch@irif.fr> Wed, 07 August 2019 14:26 UTC

Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA958120041; Wed, 7 Aug 2019 07:26:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.82
X-Spam-Level:
X-Spam-Status: No, score=-1.82 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4k9A9ScgeRLh; Wed, 7 Aug 2019 07:26:14 -0700 (PDT)
Received: from smtp4-g21.free.fr (smtp4-g21.free.fr [IPv6:2a01:e0c:1:1599::13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83C57120019; Wed, 7 Aug 2019 07:26:14 -0700 (PDT)
Received: from pirx.irif.fr (unknown [IPv6:2a01:e34:ec22:84a2:40cc:4a9b:caf5:e938]) by smtp4-g21.free.fr (Postfix) with ESMTPS id 8C86519F5A3; Wed, 7 Aug 2019 16:26:00 +0200 (CEST)
Date: Wed, 07 Aug 2019 16:26:00 +0200
Message-ID: <87ef1xhx1j.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Mirja Kuehlewind <ietf@kuehlewind.net>
Cc: The IESG <iesg@ietf.org>, draft-ietf-babel-hmac@ietf.org, Donald Eastlake <d3e3e3@gmail.com>, babel-chairs@ietf.org, babel@ietf.org
In-Reply-To: <48D085EC-8B31-47FB-A4E1-05BB5CB30829@kuehlewind.net>
References: <156518028058.8361.10940272410936686016.idtracker@ietfa.amsl.com> <87imr9hyqc.wl-jch@irif.fr> <48D085EC-8B31-47FB-A4E1-05BB5CB30829@kuehlewind.net>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/Xdn6C904iq1mLFc3v1INBUKgn0g>
Subject: Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-hmac-08: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 14:26:16 -0000

> You can also use a different timer e.g. 300s which would also ensure
> that a challenge is not send more often than 300s (expect in the case
> where you got a challenge reply but in case you are not talking to an
> attacker and usually not need to send another challenge request immediately).

If the challenge reply is lost, then the challenge needs to be resent.  It
would not be acceptable to cause a 5 min blackhole after a single packet
loss.

> However, in any case I find 300ms rather low. RFC8085 recommends
> basically one active message (in case you have a response-reply pattern)
> or not more than one message every 3 seconds.

This would mean creating a 3 second blackhole after a single packet loss.

I'll expand on that further in my reply to your review of 6126bis, but
I believe that RFC 8085 speaks about UDP traffic across the Internet.
Babel is a link-local protocol -- there are no intermediary nodes to
congest.

Mirja, if the RFC 8085 limit is to be enforced for link-local protocols,
then OSPF cannot possibly work.

-- Juliusz

v2.23.0 | Report a Bug | By Email