Re: [Int-area] I-D Action: draft-shen-traceroute-ping-ext-03.txt
"Rajiv Asati (rajiva)" <rajiva@cisco.com> Thu, 05 January 2012 19:47 UTC
Return-Path: <rajiva@cisco.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59C1621F8872 for <int-area@ietfa.amsl.com>; Thu, 5 Jan 2012 11:47:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.299
X-Spam-Level:
X-Spam-Status: No, score=-6.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_47=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ANqzbtFxboUk for <int-area@ietfa.amsl.com>; Thu, 5 Jan 2012 11:47:02 -0800 (PST)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id 56F4D21F8866 for <int-area@ietf.org>; Thu, 5 Jan 2012 11:47:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=rajiva@cisco.com; l=4887; q=dns/txt; s=iport; t=1325792822; x=1327002422; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to:cc; bh=+96yGtSPo2Imwqk6vY0WNSbMohqPrpH+edLKdb5ypNA=; b=U+G7LdJXS6ChWNA+SS81/eO2hNsyORJyrXWbdnFYz+ScuTybreK2fXL9 x3BT7daElEzheGb29C4nV8ngd4d7iP4SEPchQPSVN17cm53awDjGloCSs QED5erUeC0bFCZKQdf3l0s+xzbB0GrJlOIQepW6Jn0ZguPjitLwNZCKaR k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AiAFAE39BU+tJXG8/2dsb2JhbABCggWqeYEFgXIBAQEDAQEBAQ8BHQo0CwwEAgEIEQQBAQEKBhcBBgEmHwkIAQEEARIIGodYCJd/AZ4bBIsuYwSIOZ8h
X-IronPort-AV: E=Sophos;i="4.71,463,1320624000"; d="scan'208";a="49004746"
Received: from rcdn-core2-1.cisco.com ([173.37.113.188]) by rcdn-iport-1.cisco.com with ESMTP; 05 Jan 2012 19:47:02 +0000
Received: from xbh-rcd-202.cisco.com (xbh-rcd-202.cisco.com [72.163.62.201]) by rcdn-core2-1.cisco.com (8.14.3/8.14.3) with ESMTP id q05Jl1WM023869; Thu, 5 Jan 2012 19:47:01 GMT
Received: from xmb-rcd-111.cisco.com ([72.163.62.153]) by xbh-rcd-202.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 5 Jan 2012 13:47:01 -0600
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 05 Jan 2012 13:47:00 -0600
Message-ID: <067E6CE33034954AAC05C9EC85E2577C070D7261@XMB-RCD-111.cisco.com>
In-Reply-To: <AC0A74B6-6ABF-4611-8882-974E854FAADE@cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Int-area] I-D Action: draft-shen-traceroute-ping-ext-03.txt
Thread-Index: AczLa+2TOjATsSZtRuWZNmHvfdcHkgAdbXsQ
References: <13205C286662DE4387D9AF3AC30EF456D74ED699B3@EMBX01-WF.jnpr.net><4F04B6B8.6030208@cisco.com><201201042243.q04Mhpk8014959@cichlid.raleigh.ibm.com><7E187243-EAB3-4814-A78C-56DCEAE2C67C@cisco.com><201201050024.q050OFw1016925@cichlid.raleigh.ibm.com> <AC0A74B6-6ABF-4611-8882-974E854FAADE@cisco.com>
From: "Rajiv Asati (rajiva)" <rajiva@cisco.com>
To: "Naiming Shen (naiming)" <naiming@cisco.com>, Thomas Narten <narten@us.ibm.com>
X-OriginalArrivalTime: 05 Jan 2012 19:47:01.0706 (UTC) FILETIME=[CB1462A0:01CCCBE2]
Cc: "Carlos Pignataro (cpignata)" <cpignata@cisco.com>, int-area@ietf.org, Ronald Bonica <rbonica@juniper.net>
Subject: Re: [Int-area] I-D Action: draft-shen-traceroute-ping-ext-03.txt
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/int-area>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2012 19:47:03 -0000
> > False assumption. The reason why *any* packet (i.e., any src/dest > > address) would be used is precisely to debug problems related to > > traffic between a particular src/dest pair, and that src/dest pair may > > not even belong to the ISP that gets a help desk call. Is it really possible? I am not aware of any implementation that allows the source address of the ping/traceroute packet to be any arbitrary number. In fact, Most implementations limit the source address to be one of those assigned to the device itself. The point here is that if the helpdesk needs additional information from their network devices during troubleshooting, then this proposal could be useful. Cheers, Rajiv > -----Original Message----- > From: int-area-bounces@ietf.org [mailto:int-area-bounces@ietf.org] On Behalf > Of Naiming Shen (naiming) > Sent: Thursday, January 05, 2012 12:36 AM > To: Thomas Narten > Cc: Carlos Pignataro (cpignata); int-area@ietf.org; Ronald Bonica > Subject: Re: [Int-area] I-D Action: draft-shen-traceroute-ping-ext-03.txt > > > On Jan 4, 2012, at 4:24 PM, Thomas Narten wrote: > > > Naiming Shen <naiming@cisco.com> writes: > >>> Consequently, use of this technique may actually cause collateral > >>> damage to existing, deployed applications. Maybe not a big risk, but a > >>> risk nonetheless. > > > >> This draft actually does not change those attributes. The current > >> traceroute/ping application has already picked up those high port > >> numbers, and already has used the source port and id field for some > >> private number no one else cares. Let's say if this draft is using a > >> fixed location scheme, then there is no change to any of that. > > > > This draft doesn't introduce the problem, but it will likely make it > > worse. I.e., if this draft is successful (which presumably is the > > goal), more collateral damage may result. I.e, the more such packets > > are generated, the more likely some will cause problems. > > But the popular traceroute application is using a > 32K port#, so those > are not well-known ports, not used by well-known applications. In the case > of someone is using those ports (by destination), then the socket addresses will > not match, > the receiver will send an different icmp error code back(instead of port > unreachable), > those are the existing implementations, and works fine. this draft does not > change > any of those, and unlikely causing problems. > > > > > >> Let's say if I'm using this extension in an particular ISP only meant to get > >> some private info for our management stations. First I think the operator > >> usually specify the destination to be within the range of the network they > >> want; > > > > False assumption. The reason why *any* packet (i.e., any src/dest > > address) would be used is precisely to debug problems related to > > traffic between a particular src/dest pair, and that src/dest pair may > > not even belong to the ISP that gets a help desk call. > > > > But we are just using exact the same traceroute/ping packets, only with > payload > change with addition information. it's not going to affect any > source/destination > address or layer4 ports (those layer 4 ports are designed to be incremented > each > additional ttl packets and they are random anyway) comparing to the existing > way. > > > I.e., if you get a help desk call about some sort of packet loss or > > unreachability for certain flows, you then generate trace packets that > > mimic those flows. If we could just use regular packets to debug such > > problems, we wouldn't need the proposed mechanism at all. > > > >> secondly, even if not, the packet actually goes off the network, there > >> is not much harm done, those off-net stations should not supply those > >> private information or they probably don't care. > > > > My concern isn't about the *response* messages leaking outside of the > > site, it's that the *probe* packets will leak. Those are the ones that > > could be delivered to a destination incorrectly, causing problems for > > the receiving application. > > what I'm saying is, saying the probe is going outside the network(off-net), > it's just a ping packet, or a traceroute packet. yes it has some request in the > payload, but the receiver does not have to reply. it's like when I send a SNMP > query, but typed the host address wrong, the host can either not send me back > anything, or it can reply also if it does not really care who query this > information. > but that is not a problem. > > thanks. > - Naiming > > > > > > Thomas > > > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org > https://www.ietf.org/mailman/listinfo/int-area
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Tissa Senevirathne (tsenevir)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Thomas Narten
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Thomas Narten
- Re: [Int-area] I-D Action: draft-shen-traceroute-… George, Wes
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Tissa Senevirathne (tsenevir)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Thomas Narten
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Thomas Narten
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Alia Atlas
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Tissa Senevirathne (tsenevir)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Tissa Senevirathne (tsenevir)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Tissa Senevirathne (tsenevir)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Tissa Senevirathne (tsenevir)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Joel jaeggli
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… George, Wes
- Re: [Int-area] I-D Action: draft-shen-traceroute-… George, Wes
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Rajiv Asati (rajiva)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Thomas Narten
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Warren Kumari
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Warren Kumari
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Rajiv Asati (rajiva)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… George, Wes
- Re: [Int-area] I-D Action: draft-shen-traceroute-… George, Wes
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Joel jaeggli
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Ronald Bonica
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Carlos Pignataro
- Re: [Int-area] I-D Action: draft-shen-traceroute-… George, Wes
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Thomas Narten
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Rajiv Asati (rajiva)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Ronald Bonica
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Tissa Senevirathne (tsenevir)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Warren Kumari
- Re: [Int-area] I-D Action: draft-shen-traceroute-… SM
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Naiming Shen
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Jared Mauch
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Rajiv Asati (rajiva)
- Re: [Int-area] I-D Action: draft-shen-traceroute-… Warren Kumari
- Re: [Int-area] I-D Action: draft-shen-traceroute-… George, Wes