IETF Logo Mail Archive

Re: [Ideas] [lisp] FW: Technical plenary: Attacks against the architecture - implications for the Network Mapping System

Padma Pillay-Esnault <padma.ietf@gmail.com> Sat, 29 October 2016 17:38 UTC

Return-Path: <padma.ietf@gmail.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9431A12950B; Sat, 29 Oct 2016 10:38:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PlVQJWYGvtjZ; Sat, 29 Oct 2016 10:38:36 -0700 (PDT)
Received: from mail-qt0-x22c.google.com (mail-qt0-x22c.google.com [IPv6:2607:f8b0:400d:c0d::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFC71129407; Sat, 29 Oct 2016 10:38:35 -0700 (PDT)
Received: by mail-qt0-x22c.google.com with SMTP id c47so6631904qtc.2; Sat, 29 Oct 2016 10:38:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=/Ut+0lmGwTKn9tqgszZBLSAZeyPJM2sxQjevgWmbb/c=; b=Us+tFRkD6A7ftC+LFbxTqn0RJJdWVpCGbmvuop4hfd2ubFQG93njkAdSqIeZ9JUbOt AEGVSMYGnq8Nabx5aoQXVrUWsAjQrvPKF5UC9AZPX5rq+TBDveFvm/GgFhGLTzmgAAUc C5l9VHQZTTpwdpzsFrYr07YuxGWPxAWCGYhqOdvhB2BDEw6ZSx0FmskvUTKAdrFrWcol NgdKlfae4R4hqLGaRHKE4NSt0RxtOXE3UHHASwl5A9fsCskcGCgRR80qOkp+Cl34AgE1 4aF6YkZWojvV9pqOyqoSmKE+l2IZZHEvvFFZbKL1yDT2gE6R5ZnkNs3uR1jjK0MFei7s 9pPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=/Ut+0lmGwTKn9tqgszZBLSAZeyPJM2sxQjevgWmbb/c=; b=VgGk5bHWlplzUiqYmIKCnExtTQK92DF1oM//ylKrELvOPSco/7huhDUifMsTy5cnkx 2js4N1rZVeJd44wIDf6GlqhBl0Wx3H/3QPi9zjmWqR8W9OnIBE4sAMNeGADBq1k/ExG8 lXqnKYxKV8ROdNS+ZIwW+uhhe6+NUBCKep6DgKGJZAws1I9/Q6qFbeBAJ3ONCb0Hb8md L7tskvupUnpFDYYi0aPF3PgvRygsq2hyi4VB+0amdNfy9/Zg1ldNoxhDUQOJPJboie1N bM3rjtIbSbkf3ouXJfVs3vZSOQtazDCwH5iFXLuEtTRv79LGyuPmT6ukdyDsKs1KUP3t Bdhw==
X-Gm-Message-State: ABUngvdZSipKSjAcUUWh1Atf2YrqEylCSgA27FmFtPduvrIPE52cON5ND3+sInqrVaPXi+jW4Ey7zd0cWVzgnw==
X-Received: by 10.200.51.251 with SMTP id d56mr3214646qtb.89.1477762714897; Sat, 29 Oct 2016 10:38:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.200.38.15 with HTTP; Sat, 29 Oct 2016 10:38:34 -0700 (PDT)
In-Reply-To: <09534746-0A8F-4CAB-9778-5032F90604F0@gmail.com>
References: <EC7A99B9A59C1B4695037EEB5036666B012C63D0@dfweml501-mbb> <85dd645c-37ca-0839-a175-2fb05539fbf2@joelhalpern.com> <CAG-CQxr8gXiQi_D1PNN6HMk7NVc6P62kPsZicLdm1PgfL41prA@mail.gmail.com> <09534746-0A8F-4CAB-9778-5032F90604F0@gmail.com>
From: Padma Pillay-Esnault <padma.ietf@gmail.com>
Date: Sat, 29 Oct 2016 10:38:34 -0700
Message-ID: <CAG-CQxpZoQWPp_wBpNLTB3ATUJrSB9=kwM05YKiB7i8_x3XTLg@mail.gmail.com>
To: Dino Farinacci <farinacci@gmail.com>
Content-Type: multipart/alternative; boundary=001a1134f2ecaf1b070540047151
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/bml_ifaSy7Q1LfNiJksX8o8a1C0>
Cc: "ideas@ietf.org" <ideas@ietf.org>, "Joel M. Halpern" <jmh@joelhalpern.com>, "lisp@ietf.org" <lisp@ietf.org>
Subject: Re: [Ideas] [lisp] FW: Technical plenary: Attacks against the architecture - implications for the Network Mapping System
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Oct 2016 17:38:37 -0000

On Sat, Oct 29, 2016 at 10:20 AM, Dino Farinacci <farinacci@gmail.com>
wrote:

> > In section 5 of draft-padma-ideas-problem-statement, there is a section
> in the table which specifically discuss about the structure of IDs and
> whether we should used them for specific classes or as the Network Mapping
> system is proposing to attach metadata to ID.
>
> Maybe we can experiment with the EID-prefix block 2001:5::/32 from RFC
> 7954/7955 to allocate sub-blocks from large regions of the world. Yes,
> geographical allocations without the issue of the past, since EIDs are not
> injected into the underlay routing and are not based on Internet topology.
>


> Do this first and then decide which, say continent block is registered to
> a regional mapping system. And if an ID needs to register to multiple
> mapping systems. The mapping systems should considered to be relatively
> local in scope and may overlap.
>
> This could help mitigate DoS attacks to a smaller (but still scalable)
> part of the infrastructure.
>

 <Padma> Agree.

Thanks
Padma

>
> Dino
>
>

v2.8.7 | Report a Bug | By Email