AD/Routing Directorate Feedback, ForCES Framework Draft
"Putzolu, David" <david.putzolu@intel.com> Wed, 02 April 2003 19:52 UTC
Message-Id: <WED.2.APR.2003.115224.0800.>
Date: Wed, 02 Apr 2003 11:52:24 -0800
From: "Putzolu, David" <david.putzolu@intel.com>
Subject: AD/Routing Directorate Feedback, ForCES Framework Draft
Comments: To: "Yang, Lily L" <lily.l.yang@intel.com>, "ram.dantu@utdallas.edu" <ram.dantu@utdallas.edu>, "Anderson, Todd A" <todd.a.anderson@intel.com>
Comments: cc: "Patrick Droz (dro@zurich.ibm.com)" <dro@zurich.ibm.com>, Alex Zinin <zinin@psg.com>
MIME-Version: 1.0
Content-Type: text/plain
All, The ADs and the routing directorate have reviewed the ForCES framework. They had the following feedback on the draft. Once the authors and the working group address the issues listed below a new rev will need to be uploaded, after which it can be re-submitted to the IESG for review and publication as an RFC. I will be adding these to the issues list on the ForCES supplemental web page at http://www.sstanamera.com/~forces and these issues will be tracked via that page & the WG so that we can resolve them promptly. 1) FE Virtualization A single physical FE might be partitioned into multiple virtual FEs. I think the requirements talks abut this but the framework doesn't explicitly call out how this is handled. I believe the approach being taken is one where each FE (where FE is defined as the slave endpoint of an Fp connection) is a single logical entity, and partitioning of a physical FE into multiple such entities is beyond the scope of Fp and is instead a pre-association phase issue. The framework should explicitly call this out and may also want to include a reference to the new informational RFC that just issued on requirements for accomplishing this from the GSMP wg. RFC-Editor has not yet gotten around to it, so here is the URL for the draft: http://www.ietf.org/internet-drafts/draft-ietf-gsmp-dyn-part-reqs-03.txt 2) Multiple FEMgrs The framework seems to say that there is one FE manager. It is possible that in some architectures each FE may have associated with it a FEMgr, thus necessitating selection of a single FEMgr among many. The rtg-dir questioned where such an interaction fits in the framework. Initial impression was that this would be a Fi interaction (if the FEMgrs are collocated with the FEs). Is this the right place, and if so, it should be documented. 3) DoS attacks 4.2.4 should explicitly call out that Fp could be a vector used by adversaries for DoS attacks on the NE. As such, it should explicitly be said that the combination of packet filterings on FEs, plus prioritization of specific packets being sent across Fp, helps to combat such attacks. Also - probably add a SHOULD that FEs should support the ability to do rate limiting of packets to CE. This is necessary to prevent flooding of the CE w/packets from FE. 4) OSPF Offload The ADs and the rtg-dir where both concerned that features such as OSPF offload, while useful, are probably so new that standardizing support for them is not practical in the first rev of forces. They suggested that support for that be removed from sections 5, 5.2, and 5.6. 5) Non-stop forwarding/Graceful restart Section 4.3 talks a bit about features needed for graceful restart, and requirements section 5 item 7 discusses this topic. The framework should explicitly spell out the need to support this and name it appropriately ("graceful restart") in its own section. In that section the framework should indicate the specific capabilities that FEs are expected to provide to enable graceful restart, i.e. "In order to enable graceful restart, FEs MAY choose to cash forwarding and QoS state across CE restarts. If they do so, they MUST include timers that eventually cause such cached state to expire. Those timers SHOULD be settable by CEs." (Note: this is just an example, need to be more specific about this. Include justifications & refs to appropriate RFCs, WGs, and drafts). 6) Terminology issue: route vs. forward Section 4.2.3 shows a "route to this port instead" message going from CE to FE. Would be more accurate to indicate that the CE is downloading a new FIB to the FE here. 7) Vagueness of CE action in response to FE loss/reestablishment Section 4.3 says a CE would "note" the event of FE loss or reestablishment. Would be more informative to say that the CE would inform routing protocols of such an event, most likely prompting a reachability and SPF recalculation and associated downloading of new FIB and other calculations. 8) Security handshakes as part of association establishment and re-establishment Sections 4.2.2 and 4.2.4 should explicitly call out the fact that FEs and CEs will perform a security handshake as part of the association establishment/re-establishment interaction. Need to make sure that the association is the intended one. Authentication mechanism (IPSec? TLS? other?) to be used to accomplish this should be identified. 9) Cached state in re-establishment The end of section 4.3 mentions the possibility that a FE may reuse cached state to save Fp interactions during a connection re-establishment. While it is ok for the framework to call out such a possibility, it should also make it clear that whether such a feature is actually part of Fp will depend on protocol selection/definition. Also, a checksum is a poor choice as it is rather unreliable. FIBs are very important and as such a more reliable mechanism (e.g. CRC-32) should be used. 10) Security Considerations This is where the IESG expects the security analysis of the framework and outlining the actual security mechanisms that should be present in the architecture. The document should provide vulnerability analysis of the framework, and how identified vulnerabilities should be covered. 11) Editorial changes Security considerations belongs before references. There are 8 bit characters in the draft that need to be excised. Cheers, David Putzolu (co-chair, ForCES)
- AD/Routing Directorate Feedback, ForCES Framework… Putzolu, David
- Re: AD/Routing Directorate Feedback, ForCES Frame… Putzolu, David
- Re: AD/Routing Directorate Feedback, ForCES Frame… Yang, Lily L