[Int-dir] Intdir early review of draft-ietf-intarea-probe-00

[Jean-Michel Combes <jeanmichel.combes@gmail.com>]

Reviewer: Jean-Michel Combes
Review result: Almost Ready

Hi,

I am an assigned INT directorate reviewer for draft-ietf-intarea-probe-06.
These comments were written primarily for the benefit of the Internet Area
Directors. Document editors and shepherd(s) should treat these comments just
like they would treat comments from any other IETF contributors and resolve
them along with any other Last Call comments that have been received. For more
details on the INT Directorate, see http://www.ietf.org/iesg/directorate.html.

                PROBE: A Utility For Probing Interfaces
                      draft-ietf-intarea-probe-06

<snip>

1.  Introduction

<snip>

If the probed interface resides on a node that is directly connected to the
probed node, PROBE reports that the interface is up if it appears in the IPv4
Address Resolution Protocol (ARP) table or the IPv6 Neighbor Cache. Otherwise,
it reports that the interface does not exist.

<JMC>
Comment:
Normative references to "IPv4 Address Resolution Protocol (ARP) table" (i.e.,
RFC 826) and "IPv6 Neighbor Cache" (i.e., RFC 4861) are missing. </JMC>

<snip>

2.  ICMP Extended Echo Request

<snip>

o  L (local) - The L-bit is set of the probed interface resides on the probed
node. The L-bit is clear if the probed interface is directly connected to the
probed node.

<JMC>
Typo:
s/"The L-bit is set of the probed interface resides on the probed node."/"The
L-bit is set if the probed interface resides on the probed node." </JMC>

<snip>

3.  ICMP Extended Echo Reply

<snip>

o  F (IPv4) - The F-bit is set if the A-bit is also set and IPv4 is running on
the probed interface.  Otherwise, the F-bit is clear.

o  S (IPv6) - The S-bit is set if the A-bit is also set and IPv6 is running on
the probed interface.  Otherwise, the S-bit is clear.

o  E (Ethernet) - The E-bit is set if the A-bit is also set and IPv4 is running
on the probed interface.  Otherwise, the E-bit is clear.

<JMC>
Question:
Why IPv4 must also run to have the E-bit set?
Question:
Why the E-bit is not set if IPv4 is not running and IPv6 is running?
</JMC>

4.  ICMP Message Processing

<snip>

   o  Set the Code field as described Section 4.1

   o  If the Code Field is equal to No Error (0) and the L-bit is clear,
      set the A-Bit.

   o  If the Code Field is equal to No Error (0) and the L-bit is set
      and the probed interface is active, set the A-bit.

<JMC>
Question:
Why the A-bit is not set when Code Field is equal to Multiple Interfaces
Satisfy Query (3) and the L-bit is clear? Question: Same question when L-bit is
set. </JMC>

<snip>

8.  Security Considerations

<snip>

In order to protect local resources, implementations SHOULD rate-limit incoming
ICMP Extended Echo Request messages.

<JMC>
Comment:
IMHO, the main security threat I see with this mechanism is to use it as
"reflection" scanning: to discover nodes "behind" the proxy interface, without
raising alarms from security probes watching the networks hosting these nodes.
So, rate-limit can help to mitigate this potential threat too. </JMC>

9.  References

9.1.  Normative References

<snip>

<JMC>
Comment:
Too add normative references to "IPv4 Address Resolution Protocol (ARP) table"
(i.e., RFC 826) and "IPv6 Neighbor Cache" (i.e., RFC 4861), as commented
previously. </JMC>

<snip>

Thanks in advance for your replies.

Best regards,

JMC.