IETF Logo Mail Archive

Re: [Int-area] Kathleen Moriarty's Discuss on draft-ietf-intarea-gre-mtu-04: (with DISCUSS)

"Templin, Fred L" <Fred.L.Templin@boeing.com> Wed, 20 May 2015 15:13 UTC

Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3E931A87BC; Wed, 20 May 2015 08:13:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R2Bap1mwHcTg; Wed, 20 May 2015 08:13:18 -0700 (PDT)
Received: from blv-mbsout-02.boeing.com (blv-mbsout-02.boeing.com [130.76.32.232]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0085B1A87B2; Wed, 20 May 2015 08:13:17 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by blv-mbsout-02.boeing.com (8.14.4/8.14.4/DOWNSTREAM_MBSOUT) with SMTP id t4KFDH3l031903; Wed, 20 May 2015 08:13:17 -0700
Received: from XCH-BLV-306.nw.nos.boeing.com (xch-blv-306.nw.nos.boeing.com [130.247.25.218]) by blv-mbsout-02.boeing.com (8.14.4/8.14.4/UPSTREAM_MBSOUT) with ESMTP id t4KFDEkK031874 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=OK); Wed, 20 May 2015 08:13:14 -0700
Received: from XCH-BLV-504.nw.nos.boeing.com ([169.254.4.238]) by XCH-BLV-306.nw.nos.boeing.com ([169.254.6.20]) with mapi id 14.03.0235.001; Wed, 20 May 2015 08:13:13 -0700
From: "Templin, Fred L" <Fred.L.Templin@boeing.com>
To: Brian Haberman <brian@innovationslab.net>, Ronald Bonica <rbonica@juniper.net>, Suresh Krishnan <suresh.krishnan@ericsson.com>, "Carlos Pignataro (cpignata)" <cpignata@cisco.com>
Thread-Topic: Kathleen Moriarty's Discuss on draft-ietf-intarea-gre-mtu-04: (with DISCUSS)
Thread-Index: AQHQjeuraQWLl4q6nUqMr+wRYH60Tp2E8auggAANcrmAAADw0A==
Date: Wed, 20 May 2015 15:13:13 +0000
Message-ID: <2134F8430051B64F815C691A62D9831832E712F8@XCH-BLV-504.nw.nos.boeing.com>
References: <20150514021405.29892.21704.idtracker@ietfa.amsl.com> <CAHbuEH5NEopFBPeATmhhLJ=iLom+2DvtTZUUobax2r3KbW=JcQ@mail.gmail.com> <BLUPR05MB19859D4F490C1744BC9B50F7AED80@BLUPR05MB1985.namprd05.prod.outlook.com> <BLUPR05MB19854E65D511F14253556DF3AED80@BLUPR05MB1985.namprd05.prod.outlook.com> <2134F8430051B64F815C691A62D9831832E621B4@XCH-BLV-504.nw.nos.boeing.com> <32221A4D-CD1B-4678-94BE-F49C0499F483@gmail.com> <BLUPR05MB19854B35DFE0D3774756E6B7AEC70@BLUPR05MB1985.namprd05.prod.outlook.com> <5555DF49.2090906@innovationslab.net> <2134F8430051B64F815C691A62D9831832E6BCF6@XCH-BLV-504.nw.nos.boeing.com> <06D9795C-D11F-4C4B-921B-D38D25BE4893@cisco.com> <2134F8430051B64F815C691A62D9831832E706EE@XCH-BLV-504.nw.nos.boeing.com> <E87B771635882B4BA20096B589152EF628C59FAD@eusaamb107.ericsson.se> <2134F8430051B64F815C691A62D9831832E71202@XCH-BLV-504.nw.nos.boeing.com> <BLUPR05MB19859502AB5AC5CA8D2463C4AEC20@BLUPR05MB1985.namprd05.prod.outlook.com> <555CA110.4010202@innovationslab.net>
In-Reply-To: <555CA110.4010202@innovationslab.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.247.104.6]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-TM-AS-MML: disable
Archived-At: <http://mailarchive.ietf.org/arch/msg/int-area/TvOXB4iAldgzjtWQbSSUlHIQkq8>
X-Mailman-Approved-At: Wed, 20 May 2015 08:26:23 -0700
Cc: "draft-ietf-intarea-gre-mtu@ietf.org" <draft-ietf-intarea-gre-mtu@ietf.org>, "int-area@ietf.org" <int-area@ietf.org>, "draft-ietf-intarea-gre-mtu.ad@ietf.org" <draft-ietf-intarea-gre-mtu.ad@ietf.org>, "draft-ietf-intarea-gre-mtu.shepherd@ietf.org" <draft-ietf-intarea-gre-mtu.shepherd@ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>, "intarea-chairs@ietf.org" <intarea-chairs@ietf.org>
Subject: Re: [Int-area] Kathleen Moriarty's Discuss on draft-ietf-intarea-gre-mtu-04: (with DISCUSS)
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2015 15:13:19 -0000

Hi,

> -----Original Message-----
> From: Brian Haberman [mailto:brian@innovationslab.net]
> Sent: Wednesday, May 20, 2015 7:58 AM
> To: Ronald Bonica; Templin, Fred L; Suresh Krishnan; Carlos Pignataro (cpignata)
> Cc: Kathleen Moriarty; draft-ietf-intarea-gre-mtu@ietf.org; int-area@ietf.org; draft-ietf-intarea-gre-mtu.ad@ietf.org; draft-ietf-
> intarea-gre-mtu.shepherd@ietf.org; The IESG; intarea-chairs@ietf.org
> Subject: Re: Kathleen Moriarty's Discuss on draft-ietf-intarea-gre-mtu-04: (with DISCUSS)
> 
> Hi Ron,
> 
> On 5/20/15 10:52 AM, Ronald Bonica wrote:
> > Fred,
> >
> > Are we all talking about the same draft? The paragraph that you quote
> > is not in Section 3.2 of  draft-ietf-intarea-gre-mtu-04.
> 
> No, he is referencing a completely different draft...
> 
> https://tools.ietf.org/html/draft-ietf-intarea-gre-ipv6-07#section-3.2

Yes, the comments on MTU probing were intended for the GRE IPv6 draft; was
out of the office for several days and away from email, so lost context and got
off track. Sorry.

However, in *this* draft I suggest adding the following trailing sentence to the
final paragraph of the Security Considerations section:

   "These attacks can be mitigated when the ingress and egress are within the
   same well-managed administrative domain, where ingress filtering is employed
   to prevent source address spoofing."

Thanks - Fred
fred.l.templin@boeing.com

> Regards,
> Brian
> 
> >
> > Ron
> >
> >
> >>
> >> That would be an informational; this document is being offered as
> >> standards- track. In Section 3.2, it says:
> >>
> >> "Before activating a GRE tunnel and periodically thereafter, the
> >> GRE ingress node MUST execute procedures that verify the tunnel's
> >> ability to carry a 1280-byte IPv6 payload packet from ingress to
> >> egress, without fragmenting the payload.  Having executed those
> >> procedures, the GRE ingress node MUST activate or deactivate the
> >> tunnel accordingly."
> >>

v2.23.0 | Report a Bug | By Email