Re: [bess] AD Review of draft-ietf-bess-mvpn-bidir-ingress-replication-02
"Alvaro Retana (aretana)" <aretana@cisco.com> Fri, 25 September 2015 18:54 UTC
Return-Path: <aretana@cisco.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED6131A87AF; Fri, 25 Sep 2015 11:54:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -13.516
X-Spam-Level:
X-Spam-Status: No, score=-13.516 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FS_REPLICA=0.994, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fbTUySUxgP9Z; Fri, 25 Sep 2015 11:54:56 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 28D321A19E4; Fri, 25 Sep 2015 11:54:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8844; q=dns/txt; s=iport; t=1443207296; x=1444416896; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=VbdPLjfsxB0zEZcX9FxoL7N3WjPcmO4LmepwJquiFoc=; b=Cs61FnMXskRbeOqIv66TMk/OgiEJ8aeFQpP6/fFnX4+TF9l35+ew8SIu ifw7mBOz/8yl771XqWHnxPQyXYrgEtJU5XESNHclFTDU6fpanNBha9DlU UjHs+CY7gmdYz2tv9Sv97h1gdCwZA3cCKO1z3EIaBdqsQXOp2+izP7jbz w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D7AQBVlwVW/4kNJK1dgldNVGkGvTABDYd0AoEsOBQBAQEBAQEBgQqEJQEBBC1MEAIBCD8HMhQRAgQBDQWILswiAQEBAQEBAQEBAQEBAQEBAQEBAQEBF4ZzAYR8hQ0HhCwFkkKDKgGNDJsuHwEBQoIWF4FUcYgcgQUBAQE
X-IronPort-AV: E=Sophos; i="5.17,588,1437436800"; d="scan'208,217"; a="32122863"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by rcdn-iport-6.cisco.com with ESMTP; 25 Sep 2015 18:54:52 +0000
Received: from XCH-RCD-010.cisco.com (xch-rcd-010.cisco.com [173.37.102.20]) by alln-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id t8PIsqXQ012389 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 25 Sep 2015 18:54:52 GMT
Received: from xch-rcd-010.cisco.com (173.37.102.20) by XCH-RCD-010.cisco.com (173.37.102.20) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Fri, 25 Sep 2015 13:54:51 -0500
Received: from xhc-rcd-x03.cisco.com (173.37.183.77) by xch-rcd-010.cisco.com (173.37.102.20) with Microsoft SMTP Server (TLS) id 15.0.1104.5 via Frontend Transport; Fri, 25 Sep 2015 13:54:51 -0500
Received: from xmb-aln-x15.cisco.com ([169.254.9.98]) by xhc-rcd-x03.cisco.com ([173.37.183.77]) with mapi id 14.03.0248.002; Fri, 25 Sep 2015 13:54:51 -0500
From: "Alvaro Retana (aretana)" <aretana@cisco.com>
To: "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>, "draft-ietf-bess-mvpn-bidir-ingress-replication@ietf.org" <draft-ietf-bess-mvpn-bidir-ingress-replication@ietf.org>
Thread-Topic: AD Review of draft-ietf-bess-mvpn-bidir-ingress-replication-02
Thread-Index: AQHQ9t5VHlD7dQG6Pkan2vK2cWbI755NhaEQgAAksYA=
Date: Fri, 25 Sep 2015 18:54:51 +0000
Message-ID: <D22B0FDE.D3B90%aretana@cisco.com>
References: <D2298FF9.D375F%aretana@cisco.com> <CY1PR0501MB17215852447D81D0406DAF42D4420@CY1PR0501MB1721.namprd05.prod.outlook.com>
In-Reply-To: <CY1PR0501MB17215852447D81D0406DAF42D4420@CY1PR0501MB1721.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [173.36.7.20]
Content-Type: multipart/alternative; boundary="_000_D22B0FDED3B90aretanaciscocom_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/bess/MwmC5y-9SDH992XGyugU5nMa7eU>
Cc: "EXT - thomas.morin@orange.com" <thomas.morin@orange.com>, "bess-chairs@ietf.org" <bess-chairs@ietf.org>, "bess@ietf.org" <bess@ietf.org>
Subject: Re: [bess] AD Review of draft-ietf-bess-mvpn-bidir-ingress-replication-02
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Sep 2015 18:54:58 -0000
On 9/25/15, 2:11 PM, "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net<mailto:zzhang@juniper.net>> wrote:
Jeffrey:
Hi!
. . .
Major:
1. I-D.ietf-bess-ir and I-D.ietf-bess-mvpn-extranet should be Normative References.
Zzh> Done.
I-D.ietf-bess-ir wasn’t moved.
. . .
1. Section 4. (Security Considerations) Are there really no security considerations?
* Section 3.1. (Control State) Says that: "To speed up convergence…PEy MAY advertise a Leaf A-D route even if does not choose PEx as its Upstream PE…With that, it will receive traffic from all PEs, but some will arrive with the label corresponding to its choice of Upstream PE while some will arrive with a different label, and the traffic in the latter case will be discarded.” I’m assuming that all the traffic (specially the discarded one) belongs to the same VPN, so there’s no danger of leaking information, right? It might be worth including something in the Security Consideration so that it’s easier for the readers (Security Directorate, for example) to grasp the context.
Zzh> There is indeed no new issues. The quoted text refers to the possible arrival of duplication for the same flow that the receiving PEs need to receive, and they will be discarded anyway. There is no deliver of duplication to CEs, and certainly there is no leaking. I am not sure if that needs to be called out.
You don’t have to..but saying that there are no issues usually raises a flag for more thorough review by the SecDir/ADs. You can leave it as is and address any issues that may come up later.
Thanks!
Alvaro.
- [bess] AD Review of draft-ietf-bess-mvpn-bidir-in… Alvaro Retana (aretana)
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… Jeffrey (Zhaohui) Zhang
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… Alvaro Retana (aretana)
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… thomas.morin
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… thomas.morin
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… thomas.morin
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… thomas.morin
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… Jeffrey (Zhaohui) Zhang
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… thomas.morin
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… Alvaro Retana (aretana)
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… thomas.morin
- Re: [bess] AD Review of draft-ietf-bess-mvpn-bidi… Alvaro Retana (aretana)