IETF Logo Mail Archive

RE: Broadband Forum liaison to IETF on IPv6 security

"Hemant Singh (shemant)" <shemant@cisco.com> Fri, 06 November 2009 00:38 UTC

Return-Path: <shemant@cisco.com>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 675553A6822; Thu, 5 Nov 2009 16:38:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.247
X-Spam-Level:
X-Spam-Status: No, score=-5.247 tagged_above=-999 required=5 tests=[AWL=0.451, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iwX5WFyzVCXx; Thu, 5 Nov 2009 16:38:53 -0800 (PST)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id EAC7C3A67DB; Thu, 5 Nov 2009 16:38:52 -0800 (PST)
Authentication-Results: rtp-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AsYEAMv+8kqtJV2Y/2dsb2JhbACCJiyCIZU9riaHEoIVCY5Kgj8VgRZTBIFm
X-IronPort-AV: E=Sophos; i="4.44,689,1249257600"; d="scan'208,217"; a="66633982"
Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rtp-iport-1.cisco.com with ESMTP; 06 Nov 2009 00:39:14 +0000
Received: from xbh-rcd-201.cisco.com (xbh-rcd-201.cisco.com [72.163.62.200]) by rcdn-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id nA60dE00002217; Fri, 6 Nov 2009 00:39:14 GMT
Received: from xmb-rcd-114.cisco.com ([72.163.62.156]) by xbh-rcd-201.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 5 Nov 2009 18:39:14 -0600
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CA5E79.90B310CA"
Subject: RE: Broadband Forum liaison to IETF on IPv6 security
Date: Thu, 05 Nov 2009 18:39:13 -0600
Message-ID: <AF742F21C1FCEE4DAB7F4842ABDC511C11D863@XMB-RCD-114.cisco.com>
In-Reply-To: <3C6F21684E7C954193E6C7C4573B762703676D7FCE@IMCMBX1.MITRE.ORG>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Broadband Forum liaison to IETF on IPv6 security
Thread-Index: AcpeZtIVuNWrTGm6Rq6EZWyTq8GaggAAFI4gAAI8l1AAAd33sA==
References: <AFC1ACFB-FDFA-482C-AAF9-7995F5CEFE1F@broadband-forum.org><F311A255-3303-4C9D-B270-D1D23DE31E31@cisco.com> <AF742F21C1FCEE4DAB7F4842ABDC511C11D7EE@XMB-RCD-114.cisco.com> <3C6F21684E7C954193E6C7C4573B762703676D7FCE@IMCMBX1.MITRE.ORG>
From: "Hemant Singh (shemant)" <shemant@cisco.com>
To: "Dunn, Jeffrey H." <jdunn@mitre.org>, "Fred Baker (fred)" <fred@cisco.com>, Erik Nordmark <erik.nordmark@sun.com>, Hesham Soliman <hesham@elevatemobile.com>, JINMEI Tatuya / 神明達哉 <jinmei@isl.rdc.toshiba.co.jp>, Thomas Narten <narten@us.ibm.com>, "Susan Thomson (sethomso)" <sethomso@cisco.com>, william.allen.simpson@gmail.com
X-OriginalArrivalTime: 06 Nov 2009 00:39:14.0211 (UTC) FILETIME=[90841730:01CA5E79]
X-Mailman-Approved-At: Fri, 06 Nov 2009 00:11:52 -0800
Cc: 6man-ads@tools.ietf.org, IETF IPv6 Mailing List <ipv6@ietf.org>, savi-ads@tools.ietf.org, IPv6 Operations <v6ops@ops.ietf.org>, v6ops-ads@tools.ietf.org, Robin Mersh <rmersh@broadband-forum.org>, SAVI Mailing List <savi@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2009 00:38:54 -0000

Could be VLAN like one has L2 VPN in the cable specifications.   But L2 VPN will limit one to  1024 max per cable line card on a  CMTS – it’s a very limited for services arch in cable and I don’t think deployed very widely.  The point is a cable modem receiver chip is built to send its upstream data only to the CMTS and likewise receive data from the CMTS – so how can two modems even talk to each other?   

 

The link-local domain on the CMTS is also a well-defined and tied to a virtual L3 network interface that aggregates several physical cable network interfaces and all the modems.  As of Fall 2007, CableLabs in the U.S. that certifies CMTS and CM equipment has certified more than one CMTS vendor for Docsis 3.0 IPv6 with ND Proxy support on the CMTS.

 

I will be in Hiroshima, so if anyone would like to understand the cable and CMTS link-local model and mcast for ND in cable,  please find me – I am hanging out in 6man, v6ops, INT area and the like.

 

Regards,

 

Hemant

 

From: Dunn, Jeffrey H. [mailto:jdunn@mitre.org] 
Sent: Thursday, November 05, 2009 6:35 PM
To: Hemant Singh (shemant); Fred Baker (fred); Erik Nordmark; Hesham Soliman; JINMEI Tatuya / 神明達哉; Thomas Narten; Susan Thomson (sethomso); william.allen.simpson@gmail.com
Cc: 6man-ads@tools.ietf.org; IETF IPv6 Mailing List; savi-ads@tools.ietf.org; Robin Mersh; v6ops-ads@tools.ietf.org; IPv6 Operations; SAVI Mailing List; Dunn, Jeffrey H.
Subject: RE: Broadband Forum liaison to IETF on IPv6 security

 

Colleagues,

 

I may be missing something, but it appears that, in the cases described, the two hosts downstream of two separate cable modems are off link to each other. This brings up the question: Do there two cable modems constitute two virtual interfaces, like two VLANs on the same physical router interface? If so, this is an architectural, rather than an implementation, question. Thoughts?

 

Best Regards, 
  
Jeffrey Dunn 
Info Systems Eng., Lead 
MITRE Corporation.

(301) 448-6965 (mobile)

v2.23.0 | Report a Bug | By Email