IETF Logo Mail Archive

[bess] Secdir last call review of draft-ietf-bess-evpn-mh-pa-11

Yaron Sheffer via Datatracker <noreply@ietf.org> Fri, 08 November 2024 20:06 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: bess@ietf.org
Delivered-To: bess@ietfa.amsl.com
Received: from [10.244.8.181] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 97046C16940D; Fri, 8 Nov 2024 12:06:35 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Yaron Sheffer via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.27.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <173109639526.384407.8085070520318664753@dt-datatracker-5f77bcf4bd-4q5pd>
Date: Fri, 08 Nov 2024 12:06:35 -0800
Message-ID-Hash: RHOQDZWBS2TPMGGEOKHHZUIQTW7ZLHJR
X-Message-ID-Hash: RHOQDZWBS2TPMGGEOKHHZUIQTW7ZLHJR
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-bess.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: bess@ietf.org, draft-ietf-bess-evpn-mh-pa.all@ietf.org, last-call@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Yaron Sheffer <yaronf.ietf@gmail.com>
Subject: [bess] Secdir last call review of draft-ietf-bess-evpn-mh-pa-11
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/hXro-Dnk-qWcNrSqjVOMGiREIQI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Owner: <mailto:bess-owner@ietf.org>
List-Post: <mailto:bess@ietf.org>
List-Subscribe: <mailto:bess-join@ietf.org>
List-Unsubscribe: <mailto:bess-leave@ietf.org>

Reviewer: Yaron Sheffer
Review result: Ready

This is a new redundancy mode for the Ethernet VPN (EVPN) architecture.

The Security Considerations are mostly a reference to the EVPN security
considerations, as well as the document that defines BGP extensions for
MPLS-based EVPN. Malicious misconfiguration of the router can result in various
forms of denial of service. It seems to me that those are similar across the
different redundancy modes, and therefore the Security Considerations look fine.

v2.41.0 | Report a Bug | By Email | System Status