Re: [Idr] draft-uttaro-idr-bgp-persistence-00: Security Considerations

[<bruno.decraene@orange.com>]

Jakob,


>From: Jakob Heitz >Sent: Wednesday, November 02, 2011 9:06 PM
>
>On Wednesday, October 26, 2011 5:43 PM, Enke Chen <> wrote:
>
>> Hi, folks:
>>
>> I have a hard time in understanding what new problems (beyond the GR)
>> the draft try to solve :-(
>
>Me too.
>
>The persisting routers will persistently send labeled packets
>into the core. If the intended destination really has disappeared,

If by "really has disappeared", you mean the egress PE (PE2 in Robert's
picture, copied below) is down, then BGP routes whose BGP Next Hop are
PE2 are invalidated (by all ingress PE and also by the persistent RR).
No problem.
If you actually mean that PE2 is alive but has lost its BGP session to
both RR, then this is the case discussed in the security section of the
draft. If you're not happy with it, please be more specific and say why
(because " It diverts the reader's attention with talk of malicious
disturbance." is not helping in addressing your original comment).

            / PE2
 PE1 -- RR
            \ PE3



>and restarted, what is the chance that such labeled packets
>interfere with other unrelated services, just because of labels
>being reused?
>
>Quote from 3.1 of the draft:
>The persist-timer
>      should be set to a large value on the order of days to infinity.
>
>Customers rely on the separation between VPN's. The "P" means private.
>Anything that threatens that "P" should not be taken lightly.
>
>I'm starting to imagine my video stream intrespersed with dzzt, zzt
>from random packets being injected into it. How real is that?
>
>--
>Jakob Heitz.
>_______________________________________________
>Idr mailing list
>Idr@ietf.org
>https://www.ietf.org/mailman/listinfo/idr