Re: FW: New Version Notification for draft-gont-6man-lla-opt-validation-00.txt

Jen Linkova <furry13@gmail.com> Tue, 04 March 2014 22:43 UTC

Return-Path: <furry13@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5A741A0374 for <ipv6@ietfa.amsl.com>; Tue, 4 Mar 2014 14:43:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.149
X-Spam-Level:
X-Spam-Status: No, score=0.149 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id evPzhnbNJHMb for <ipv6@ietfa.amsl.com>; Tue, 4 Mar 2014 14:43:40 -0800 (PST)
Received: from mail-qc0-x22a.google.com (mail-qc0-x22a.google.com [IPv6:2607:f8b0:400d:c01::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 262621A0373 for <ipv6@ietf.org>; Tue, 4 Mar 2014 14:43:40 -0800 (PST)
Received: by mail-qc0-f170.google.com with SMTP id e9so267158qcy.1 for <ipv6@ietf.org>; Tue, 04 Mar 2014 14:43:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=+7vayuj03mboXeQup9Yr6ex6rtezml725ETyCGYUsQI=; b=UTsUcIgIFU46CNLRJa0VjJDutjhHYL/HSUV9+GeTKHl3cfwlcrAJUPzSmZAIGtpjiZ 9eOFfhTw6m2UeDqrXXZHTxBFNT9YHANLt13La59z1R2VQy+6ZG9VeFOrOi8M0X3ysXfB BF5lZybzIn9BZ7Ysm1cPFXuOjFqTwGxgOHyiV3j+2agw0nMH4L13zTYv66Nl7Bpg586E SUbCj2zmFZKcvvMmoqVkepUYk17uF0UXm41fQM8pdq9ErAVUeyQE50iQGsmz9oaSX3qu kv/XNxwrSMN9SeaueOEDn51XlcTlU/IOLq2AmC6RwUA0cP1k+Be+r7/Tq/n5RPiz/v5E 55UA==
X-Received: by 10.224.136.67 with SMTP id q3mr3027734qat.8.1393973016664; Tue, 04 Mar 2014 14:43:36 -0800 (PST)
MIME-Version: 1.0
Received: by 10.224.27.20 with HTTP; Tue, 4 Mar 2014 14:43:16 -0800 (PST)
In-Reply-To: <CAFU7BAQ_PwVfTaOzEHiCv3b0BY6QJUF=We8_dRPw5_7QzsOy7Q@mail.gmail.com>
References: <4cb5b8b8622048479255c9f6c42abac5@CO1PR05MB442.namprd05.prod.outlook.com> <CAFU7BAQ_PwVfTaOzEHiCv3b0BY6QJUF=We8_dRPw5_7QzsOy7Q@mail.gmail.com>
From: Jen Linkova <furry13@gmail.com>
Date: Tue, 04 Mar 2014 23:43:16 +0100
Message-ID: <CAFU7BARTx=z1CzaT-4d+uh2VCq2Rj5KVfuFKMSJyvqEtBMn-gA@mail.gmail.com>
Subject: Re: FW: New Version Notification for draft-gont-6man-lla-opt-validation-00.txt
To: Ronald Bonica <rbonica@juniper.net>
Content-Type: text/plain; charset="ISO-8859-1"
Archived-At: http://mailarchive.ietf.org/arch/msg/ipv6/zmAEGbADvYpUvJLAjPQaj7Bt98Y
Cc: Fernando Gont <fgont@si6networks.com>, 6man <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Mar 2014 22:43:42 -0000

oops, sorry, please disregard my previous mail. My memory fails me -
Microsoft NLB used *static* ARP entry for unicast IP - multicast MAC,
not ARP replies indeed (as it is prohibited by RFC1812.
Sorry, should have verified before sending an email ;)

On Tue, Mar 4, 2014 at 8:25 PM, Jen Linkova <furry13@gmail.com> wrote:
> Hi Ron,
> Few years ago I observed the situation when multicast MAC <-> unicast VIP
> mapping (in ARP replies) was used by Microsoft server load balancing. Not
> sure if it is still the case and if they are using the same trick for ipv6
> but IMHO it worth investigating before prohibiting it.
>
> On 14 Feb 2014 20:36, "Ronald Bonica" <rbonica@juniper.net> wrote:
>>
>> Folks,
>>
>> Please review and provide comments.
>>
>>                    Ron
>>
>>
>> -----Original Message-----
>> From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
>> Sent: Friday, February 14, 2014 9:54 AM
>> To: Shucheng LIU (Will); Will Liu; Fernando Gont; Ronald Bonica; Fernando
>> Gont; Ronald Bonica
>> Subject: New Version Notification for
>> draft-gont-6man-lla-opt-validation-00.txt
>>
>>
>> A new version of I-D, draft-gont-6man-lla-opt-validation-00.txt
>> has been successfully submitted by Fernando Gont and posted to the IETF
>> repository.
>>
>> Name:           draft-gont-6man-lla-opt-validation
>> Revision:       00
>> Title:          Validation of Neighbor Discovery Source Link-Layer Address
>> (SLLA) and Target Link-layer Address (TLLA) options
>> Document date:  2014-02-14
>> Group:          Individual Submission
>> Pages:          10
>> URL:
>> http://www.ietf.org/internet-drafts/draft-gont-6man-lla-opt-validation-00.txt
>> Status:
>> https://datatracker.ietf.org/doc/draft-gont-6man-lla-opt-validation/
>> Htmlized:
>> http://tools.ietf.org/html/draft-gont-6man-lla-opt-validation-00
>>
>>
>> Abstract:
>>    This memo documents two scenarios in which an on-link attacker emits
>>    a crafted IPv6 Neighbor Discovery (ND) packet that poisons its
>>    victim's neighbor cache.  In the first scenario, the attacker causes
>>    a victim to map a local IPv6 address to a local router's own link-
>>    layer address.  In the second scenario, the attacker causes the
>>    victim to map a unicast IP address to a link layer broadcast address.
>>    In both scenarios, the attacker can exploit the poisoned neighbor
>>    cache to perform a subsequent forwording-loop attack, thus
>>    potentially causing a Denial of Service.
>>
>>    Finally, this memo specifies simple validations that the recipient of
>>    an ND message can execute in order to protect itself against the
>>    above-mentioned threats.
>>
>>
>>
>>
>> Please note that it may take a couple of minutes from the time of
>> submission until the htmlized version and diff are available at
>> tools.ietf.org.
>>
>> The IETF Secretariat
>>
>>
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------



-- 
SY, Jen Linkova aka Furry