IETF Logo Mail Archive

Re: [Int-area] Fwd: I-D Action:draft-rahman-rtg-router-alert-considerations-03.txt

Jukka Manner <jukka.manner@tkk.fi> Tue, 24 November 2009 07:48 UTC

Return-Path: <jukka.manner@tkk.fi>
X-Original-To: int-area@core3.amsl.com
Delivered-To: int-area@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F17D93A682A for <int-area@core3.amsl.com>; Mon, 23 Nov 2009 23:48:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MLOs9lpCA08g for <int-area@core3.amsl.com>; Mon, 23 Nov 2009 23:48:03 -0800 (PST)
Received: from smtp-1.hut.fi (smtp-1.hut.fi [130.233.228.91]) by core3.amsl.com (Postfix) with ESMTP id DF4E13A68E2 for <int-area@ietf.org>; Mon, 23 Nov 2009 23:48:02 -0800 (PST)
Received: from localhost (katosiko.hut.fi [130.233.228.115]) by smtp-1.hut.fi (8.13.6/8.12.10) with ESMTP id nAO7lmmw007789; Tue, 24 Nov 2009 09:47:48 +0200
Received: from smtp-1.hut.fi ([130.233.228.91]) by localhost (katosiko.hut.fi [130.233.228.115]) (amavisd-new, port 10024) with LMTP id 21082-380-11; Tue, 24 Nov 2009 09:47:48 +0200 (EET)
Received: from smtp.netlab.hut.fi (luuri.netlab.hut.fi [130.233.154.177]) by smtp-1.hut.fi (8.13.6/8.12.10) with ESMTP id nAO7jiFW007175; Tue, 24 Nov 2009 09:45:44 +0200
Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp.netlab.hut.fi (Postfix) with ESMTP id 8E62E1E14E; Tue, 24 Nov 2009 09:45:44 +0200 (EET)
X-Virus-Scanned: by amavisd-new at luuri.netlab.hut.fi
Received: from smtp.netlab.hut.fi ([127.0.0.1]) by localhost (luuri.netlab.hut.fi [127.0.0.1]) (amavisd-new, port 10024) with LMTP id HR3Pkq+Gc2Iv; Tue, 24 Nov 2009 09:45:40 +0200 (EET)
Received: from mailsrv.netlab.hut.fi (mailsrv.netlab.hut.fi [130.233.154.190]) by smtp.netlab.hut.fi (Postfix) with ESMTP id 50C001E00C; Tue, 24 Nov 2009 09:45:40 +0200 (EET)
Received: from [192.168.0.101] (a91-154-4-72.elisa-laajakaista.fi [91.154.4.72]) by mailsrv.netlab.hut.fi (Postfix) with ESMTP id 95617120050; Tue, 24 Nov 2009 09:45:36 +0200 (EET)
Message-ID: <4B0B8F24.1090406@tkk.fi>
Date: Tue, 24 Nov 2009 09:45:40 +0200
From: Jukka Manner <jukka.manner@tkk.fi>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Francois Le Faucheur <flefauch@cisco.com>
References: <20091026141502.19A653A6832@core3.amsl.com> <2727_1256568272_ZZ0KS4007M6MA5K0.00_E5FA0438-FCA0-49C0-824A-F59B46624F46@cisco.com> <4AF3DF94.7090904@tkk.fi> <78CD73AD-BDF3-4F09-B4D7-4163A2023C5F@cisco.com> <4AF8E232.9060500@tkk.fi> <3BEF90A9-332B-4EF8-ADE8-8021DD6A52B7@cisco.com>
In-Reply-To: <3BEF90A9-332B-4EF8-ADE8-8021DD6A52B7@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-TKK-Virus-Scanned: by amavisd-new-2.1.2-hutcc at katosiko.hut.fi
Cc: int-area@ietf.org
Subject: Re: [Int-area] Fwd: I-D Action:draft-rahman-rtg-router-alert-considerations-03.txt
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/int-area>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Nov 2009 07:48:05 -0000

Hi,

You had one question below about providing a proposal for a "default" 
rule. I'm the wrong person (an academic) to make proposals on what an 
operator SHOULD or SHOULD NOT do. Probably someone else should think 
about the right approach. My only point was to make it as clear and 
simple as possible, what the alternatives and their pros and cons are.

cheers,
Jukka

Francois Le Faucheur wrote:
> Hello Jukka,
> 
> On 10 Nov 2009, at 12:46, Jukka Manner wrote:
> 
>> Hi Francois,
>>
>> I read the doc on the plane over to Hiroshima.
> 
> and I happen to be reading this message on the plane back from 
> Hiroshima  ^)
> 
>> I pretty much agree with
>> the discussion. Yet, after having read the  document, I was left 
>> wondering, what is it that you actually want to say with?
>>
>> In summary, you want to say that a network operator has three options:
>>
>> 1. Catch RAO packets (grab the hand grenade and hope it doesn't blow *)
>> 2. Ignore them, let them pass (pass it on quickly to the next router)
>> 3. Drop them (throw far, far, away, e.g. to /dev/null)
> 
> right.
> Note that "2 Let them pass" has several flavours:
>     2a. "really Ignore them"
>     2b. "tunnel them over"
> and those have different implications (eg with 2a the operator cannot 
> use RAO-based application inside his network, with 2b he can).
> 
>>
>> [* Scott Bradner once in a discussion with him compared RAO to a hand
>> grenade :) ]
>>
>> All of those choices have implications, of course. Maybe you could be
>> more clear on these options.
> 
> Valid point.
> We could make explicit for each options the implications in terms of:
>     (i) does this prevent/allow users to deploy RAO-based applications 
> transparently on top of the operator (ie overlay model)
>     (ii) does this prevent/allow operator to deploy RAO-based 
> applications in his network
>     (iii) how much does this isolate the operator from external RAO
> 
>> What would be a default behavior to do? if
>> you do 1, you are vulnerable, if you do 2, the next guy might not be 
>> happy, if you do 3, someone else might not be happy.
> 
> Right now, the doc says that 3 is the least preferred.
> Beyond that, I find it difficult to make a universal recommendation 
> between 1 and 2. To me it seems a choice the operator has to make based 
> on the "implications" discussed above, based on the operators 
> requirements (e.g. does the operator need to deploy RAO application in 
> his network?) and based on whether some options are feasible (e.g. does 
> the transport technology & routers allow tunneling of RAO?). I'm 
> thinking that if we make the "implications" explicit as discussed above, 
> the operator would have all the necessary information to make the decision.
> Do you feel we can make a default universal recommendation?
> 
>>
>> (Note that in Section 5 you talk about looking at payload of interest,
>> yet, here you come back to the problem of how to define the filter at a
>> suitable granularity as to not catch all RAO packets and DoS yourself.)
>>
>> Some answers in addition below.
> 
> One more comment below:
> 
>>
>> Cheers,
>> Jukka
>>
>> Francois Le Faucheur wrote:
>>> Hello Jukka,
>>> On 6 Nov 2009, at 09:34, Jukka MJ Manner wrote:
>>>>
>>>> My WG having been a victim of a long debate on router alert, I 
>>>> believe there is value in documenting if or when RAO should or 
>>>> should not be used.
>>> Good.
>>>> Yet, there are already several RFCs that discuss/present RAO (2113, 
>>>> 2711, 5350). I have thought about the RAO lately and how to go 
>>>> forward, and it might make sense to merge these existing specs 
>>>> together, add recent views on RAO, and obsolete the previous RFCs.
>>> There has been quite a bit of discussion about obsoleting (or not) 
>>> RFC 2113 & RFC 2711. Our conclusions from that discussion was that 
>>> the most effective approach was to :
>>> break down the RAO discussions into two different "tracks":
>>>    * one track that assumes current RAO definition (RFC2113 & 2711) 
>>> and router implementation. The aim there is to define a BCP 
>>> discussing if/where/how RAO should/should not be used in the current 
>>> IP world. This can be done in a short time frame. This is the scope 
>>> of draft-rahman-rtg-router-alert-considerations
>>>    * one track that investigates potential changes to RAO definition. 
>>> This is the scope of draft-narayanan-rtg-router-alert-extensions. 
>>> This is much more exploratory and with longer term implications since 
>>> it would depend on deployment of routers supporting the "new" RAO. 
>>> This would be a Standards Track document.
>>
>> Sounds fine. Not sure of the STD track above, maybe first experimental?
> 
> Makes sense.
> 
> Thanks again for your comments.
> 
> Francois
> 
>>
>>> Could we agree to:
>>>    *  "add recent views on RAO"  (including pointers to relevant 
>>> parts of RFC5350 such as discussion on Experimental RAO values, and 
>>> as already done including pointers to relevant text of RFC2113/2711) 
>>> into draft-rahman-rtg-router-alert-considerations, and
>>>    * "merge RFC 2113/2711 and obsolete/update/work-along these 
>>> previous RFCs" in draft-narayanan-rtg-router-alert-extensions if/when 
>>> the work on changing RAO definition progresses
>>> ?
>>
>> Sounds okey to me.
>>
>>> I believe it is really important to provide a BCP asap on use of RAO 
>>> in the current situation and the above proposal would help us get 
>>> there in a reasonable timeframe.
>>> Thanks
>>> Francois
>>>>
>>>> I will arrive too late on Monday to take part in the int are meeting 
>>>> and hear the discussion, unless it would happen as the last item on 
>>>> the agenda.
>>>>
>>>> cheers,
>>>> Jukka
>>>>
>>>> Francois Le Faucheur wrote:
>>>>> FYI.
>>>>> Francois
>>>>> Begin forwarded message:
>>>>>> *From: *Internet-Drafts@ietf.org <mailto:Internet-Drafts@ietf.org>
>>>>>> *Date: *26 October 2009 15:15:02 CET
>>>>>> *To: *i-d-announce@ietf.org <mailto:i-d-announce@ietf.org>
>>>>>> *Subject: **I-D 
>>>>>> Action:draft-rahman-rtg-router-alert-considerations-03.txt *
>>>>>> *Reply-To: *internet-drafts@ietf.org 
>>>>>> <mailto:internet-drafts@ietf.org>
>>>>>>
>>>>>> A New Internet-Draft is available from the on-line Internet-Drafts 
>>>>>> directories.
>>>>>>
>>>>>> Title           : IP Router Alert Considerations and Usage
>>>>>> Author(s)       : F. Le Faucheur
>>>>>> Filename        : draft-rahman-rtg-router-alert-considerations-03.txt
>>>>>> Pages           : 25
>>>>>> Date            : 2009-10-26
>>>>>>
>>>>>> The IP Router Alert Option is an IP option that alerts transit
>>>>>> routers to more closely examine the contents of an IP packet.  RSVP,
>>>>>> PGM, IGMP/MLD, MRD and GIST are some of the protocols that make use
>>>>>> of the IP Router Alert option.  This document discusses security
>>>>>> aspects and usage guidelines around the use of the current IP Router
>>>>>> Alert option.  Specifically, it provides recommendation against using
>>>>>> the Router Alert in the end-to-end open Internet as well as identify
>>>>>> controlled environments where protocols depending on Router Alert can
>>>>>> be used safely.  It also provides recommendation about protection
>>>>>> approaches for Service Providers.  Finally it provides brief
>>>>>> guidelines for Router Alert implementation on routers.
>>>>>>
>>>>>> A URL for this Internet-Draft is:
>>>>>> http://www.ietf.org/internet-drafts/draft-rahman-rtg-router-alert-considerations-03.txt 
>>>>>>
>>>>>>
>>>>>> Internet-Drafts are also available by anonymous FTP at:
>>>>>> ftp://ftp.ietf.org/internet-drafts/
>>>>>>
>>>>>> Below is the data which will enable a MIME compliant mail reader
>>>>>> implementation to automatically retrieve the ASCII version of the
>>>>>> Internet-Draft.
>>>>> ------------------------------------------------------------------------ 
>>>>>
>>>>>> _______________________________________________
>>>>>> I-D-Announce mailing list
>>>>>> I-D-Announce@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/i-d-announce
>>>>>> Internet-Draft directories: http://www.ietf.org/shadow.html
>>>>>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>>>>> ------------------------------------------------------------------------ 
>>>>>
>>>>> _______________________________________________
>>>>> Int-area mailing list
>>>>> Int-area@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/int-area
> 

-- 
Jukka MJ Manner, Professor, PhD.  Phone:  +358+(0)9+451 2481
Helsinki University of Technology Mobile: +358+(0)50+5112973
Department of Communications      Fax:    +358+(0)9+451 2474
and Networking (Comnet)           Office: G320 (Otakaari 5A)
P.O. Box 3000, FIN-02015 TKK      E-mail: jukka.manner@tkk.fi
Finland                           WWW:    www.comnet.tkk.fi

v2.23.0 | Report a Bug | By Email