Re: [Dime] Association between origin-host and source IP address
Yuval Lifshitz <ylifshitz@sandvine.com> Sun, 10 September 2017 06:08 UTC
Return-Path: <ylifshitz@sandvine.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1898013219C for <dime@ietfa.amsl.com>; Sat, 9 Sep 2017 23:08:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DtBE7nBECYh8 for <dime@ietfa.amsl.com>; Sat, 9 Sep 2017 23:08:53 -0700 (PDT)
Received: from mail1.sandvine.com (Mail1.sandvine.com [64.7.137.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EE01126B71 for <dime@ietf.org>; Sat, 9 Sep 2017 23:08:53 -0700 (PDT)
Received: from WTL-EXCHP-2.sandvine.com ([fe80::68ac:f071:19ff:3455]) by wtl-exchp-1.sandvine.com ([::1]) with mapi id 14.03.0319.002; Sun, 10 Sep 2017 02:08:51 -0400
From: Yuval Lifshitz <ylifshitz@sandvine.com>
To: Ajinkya Joshi <ajoshi@definitionnetworks.com>, "dime@ietf.org" <dime@ietf.org>
Thread-Topic: [Dime] Association between origin-host and source IP address
Thread-Index: AQHTKK05IXwrFScMuUedYNWWQFU77qKto6LA
Date: Sun, 10 Sep 2017 06:08:50 +0000
Message-ID: <C43C255C7106314F8D13D03FA20CFE49A8AD9E1B@wtl-exchp-2.sandvine.com>
References: <CAFUT_s33RDETqXGsObCWRHAjDpnnniVkKsbwHjCCwFKJe6k2SA@mail.gmail.com>
In-Reply-To: <CAFUT_s33RDETqXGsObCWRHAjDpnnniVkKsbwHjCCwFKJe6k2SA@mail.gmail.com>
Accept-Language: en-CA, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.142.3]
x-c2processedorg: b2f06e69-072f-40ee-90c5-80a34e700794
Content-Type: multipart/alternative; boundary="_000_C43C255C7106314F8D13D03FA20CFE49A8AD9E1Bwtlexchp2sandvi_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dime/MNQuFrIPaeIC8eghazfKm-S5mfg>
Subject: Re: [Dime] Association between origin-host and source IP address
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dime/>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Sep 2017 06:08:55 -0000
Hi Ajinkya, The spec is silent about this because this is not required. The peers and routing tables are meant to help the Diameter host to find the right peer through which the message is to be sent, not to filter incoming messages. In addition, use of IP addresses to identify Diameter hosts may be problematic – address of a host may change, multiple hosts could be behind one IP address, etc. Regards, Yuval From: DiME [mailto:dime-bounces@ietf.org] On Behalf Of Ajinkya Joshi Sent: Friday, September 08, 2017 5:18 PM To: dime@ietf.org Subject: [Dime] Association between origin-host and source IP address Hello, It is clear from the RFC that, each diameter implementation maintains a peer table, which is keyed on origin-host of the peer. But, it's not clear that on receiving incoming diameter request (non capability exchange), is diameter node suppose to match source IP address of incoming request with the source IP address of original transport association between these nodes? e.g. Consider that there two transport connection established between A1 <-> B1 and A2 <-> B1, Where A1,A2, and B1 are diameter hosts. Suppose, A2 sends a diameter request to B1, with origin-host as "A1", is B1 suppose to reject such requests? -- Regards, Ajinkya Joshi
- [Dime] Association between origin-host and source… Ajinkya Joshi
- Re: [Dime] Association between origin-host and so… Yuval Lifshitz