IETF Logo Mail Archive

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-12.txt

Jeff Ahrenholz <j.ahrenholz@temperednetworks.com> Thu, 23 June 2016 21:49 UTC

Return-Path: <j.ahrenholz@temperednetworks.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 011DE12D7BD for <hipsec@ietfa.amsl.com>; Thu, 23 Jun 2016 14:49:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lfaQQ3iLij3Z for <hipsec@ietfa.amsl.com>; Thu, 23 Jun 2016 14:49:02 -0700 (PDT)
Received: from out.west.exch081.serverdata.net (cas081-co-9.exch081.serverdata.net [199.193.204.190]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 970E412D76E for <hipsec@ietf.org>; Thu, 23 Jun 2016 14:49:02 -0700 (PDT)
Received: from MBX081-W5-CO-2.exch081.serverpod.net (10.224.129.85) by MBX081-W5-CO-2 (10.224.129.85) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Thu, 23 Jun 2016 14:49:01 -0700
Received: from MBX081-W5-CO-2.exch081.serverpod.net ([10.224.129.85]) by MBX081-W5-CO-2.exch081.serverpod.net ([10.224.129.85]) with mapi id 15.00.1130.005; Thu, 23 Jun 2016 14:49:01 -0700
From: Jeff Ahrenholz <j.ahrenholz@temperednetworks.com>
To: Miika Komu <miika.komu@ericsson.com>, "hipsec@ietf.org" <hipsec@ietf.org>
Thread-Topic: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-12.txt
Thread-Index: AQHRzVleTAP7xruKpU6gf7y7RtV0i5/3khUAgAAFU4A=
Date: Thu, 23 Jun 2016 21:49:01 +0000
Message-ID: <01A2E941-8F85-4964-8B2A-347CF48B21A0@temperednetworks.com>
References: <20160623141232.31224.21763.idtracker@ietfa.amsl.com> <576BF266.4040703@ericsson.com>
In-Reply-To: <576BF266.4040703@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [216.168.34.194]
Content-Type: text/plain; charset="utf-8"
Content-ID: <1ABEE70D555BE64ABAB6F5F2EE0AE626@exch081.serverpod.net>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/rAH-QBVhLdN-zqwfCuXVLf03m6w>
Subject: Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-12.txt
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jun 2016 21:49:04 -0000

Hi Miika,
I was reviewing this section...

> * 4.12.3.  Handling Conflicting SPI Values
>     * Should the Responder send a notify on SPI collision?
>     * Removed text about registering with multiple addresses because I 
>think this does not work with HIP (or at least, requires multihoming)

When there is a SPI collision, it does seem that we would want a new type of NOTIFY to be sent.

Otherwise it seems the Initiator will be stuck in the state I2-SENT, retransmitting the I2 until going back to the failure state, when it can retry the BEX from the beginning again.

Maybe it needs to be an ICMP message (and not NOTIFY) since there is not yet an association between the two peers (RFC 7401 section 4.3).

-Jeff

v2.23.0 | Report a Bug | By Email