Re: [Isis-wg] Eric Rescorla's No Objection on draft-ietf-isis-auto-conf-04: (with COMMENT)

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Mon, 10 April 2017 21:56 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D282128D2E; Mon, 10 Apr 2017 14:56:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.523
X-Spam-Level:
X-Spam-Status: No, score=-14.523 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wy-NoYFATihN; Mon, 10 Apr 2017 14:56:21 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01FA0128DF3; Mon, 10 Apr 2017 14:56:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5928; q=dns/txt; s=iport; t=1491861381; x=1493070981; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=n3XMyq4O4UEhJovT9OXXMa3z9BFNzeClGPaN/RqHAto=; b=XtchhriF7EZIGAslGJXIvg4q/1PNg9RXFzlMqWuwXJ60A0g989b81pDJ PM19F4FaT+VCKqsLbdHGqvncxIX8R+g3jU9p1Pvt+9p11CTyEbVnoJJ7K GAeWoCU1ZPJcEhnVin8tDc0Oq5nablpx1xDnPEqLHSzxK1qSPsN0GkuZg 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0D7AQBN/+tY/5ldJa1cGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBgygrYYELB4NfihORSJVXgg8shXgCGoNOPxgBAgEBAQEBAQFrKIU?= =?us-ascii?q?VAQEBAQIBIxFFDAQCAQgOAwQBAQMCIwMCAgIwFAEICAIEAQ0FCIl/CA6pDIImi?= =?us-ascii?q?wEBAQEBAQEBAQEBAQEBAQEBAQEBAQEYBYELhUWEcIQoEQECgyCCXwWJJYxML4Z?= =?us-ascii?q?bAYZ/gyuIJYIIhS6KFJN/AR84fQhbFYUdGxmBSnUBhzCBIYENAQEB?=
X-IronPort-AV: E=Sophos;i="5.37,183,1488844800"; d="scan'208";a="231311236"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Apr 2017 21:56:19 +0000
Received: from XCH-ALN-001.cisco.com (xch-aln-001.cisco.com [173.36.7.11]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id v3ALuJbM010711 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 10 Apr 2017 21:56:19 GMT
Received: from xch-aln-001.cisco.com (173.36.7.11) by XCH-ALN-001.cisco.com (173.36.7.11) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 10 Apr 2017 16:56:18 -0500
Received: from xch-aln-001.cisco.com ([173.36.7.11]) by XCH-ALN-001.cisco.com ([173.36.7.11]) with mapi id 15.00.1210.000; Mon, 10 Apr 2017 16:56:18 -0500
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Eric Rescorla <ekr@rtfm.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-isis-auto-conf@ietf.org" <draft-ietf-isis-auto-conf@ietf.org>, Hannes Gredler <hannes@gredler.at>, "isis-chairs@ietf.org" <isis-chairs@ietf.org>, "hannes@gredler.at" <hannes@gredler.at>, "isis-wg@ietf.org" <isis-wg@ietf.org>
Thread-Topic: Eric Rescorla's No Objection on draft-ietf-isis-auto-conf-04: (with COMMENT)
Thread-Index: AQHSsj2R7mDoblC0lkSAG0ZsoTpOL6G/Hv3w
Date: Mon, 10 Apr 2017 21:56:18 +0000
Message-ID: <6ed5c5ff808f4bbfb2c8fc5281883843@XCH-ALN-001.cisco.com>
References: <149185805690.3125.12295919644509441476.idtracker@ietfa.amsl.com>
In-Reply-To: <149185805690.3125.12295919644509441476.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.67.234]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/isis-wg/JfFw8_aYeTEgpZEF7uSuhsByK0A>
Subject: Re: [Isis-wg] Eric Rescorla's No Objection on draft-ietf-isis-auto-conf-04: (with COMMENT)
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2017 21:56:24 -0000

Eric -

Thanx for the review.

> -----Original Message-----
> From: Eric Rescorla [mailto:ekr@rtfm.com]
> Sent: Monday, April 10, 2017 2:01 PM
> To: The IESG
> Cc: draft-ietf-isis-auto-conf@ietf.org; Hannes Gredler; isis-chairs@ietf.org;
> hannes@gredler.at; isis-wg@ietf.org
> Subject: Eric Rescorla's No Objection on draft-ietf-isis-auto-conf-04: (with
> COMMENT)
> 
> Eric Rescorla has entered the following ballot position for
> draft-ietf-isis-auto-conf-04: No Objection
> 
> When responding, please keep the subject line intact and reply to all email
> addresses included in the To and CC lines. (Feel free to cut this introductory
> paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-isis-auto-conf/
> 
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> COMMENT
> I am having trouble reconciling 3.4.4 and 3.4.6.
> 
> 3.4.4 seems to tell us how to handle the situation where both System-Id and
> Router-Fingerprint are identical:
> 
>    If the fingerprints are identical in both content and length (and
>    state of the S bit is identical) and the duplication is detected in
>    hellos then the both routers MUST generate a new System ID and
>    restart the protocol.
> 
> And then 3.4.6 says:
> 
>    Also note that the conditions for detecting duplicate System
>    ID will NOT be satisfied because both the System ID and the Router-
>    Fingerprint will be identical.
> 
> So, I am confused.
> 
[Les:] This is a bit of a subtle point and is easier to understand if you have some familiarity with the protocol. Let me try to explain.

In 3.4.4, we specifically talk about the case where duplicates are detected in hellos received from our immediate neighbors. In this case we know that there actually are two active systems using the same system-id/fingerprint and so we can immediately initiate the resolution procedures.

In 3.4.6 we are handling the case where the duplication is detected because we have received an LSP which looks like "it is from ourselves". In such a case we have to distinguish between the benign false positive cases and the actual cases. How can a false positive occur?

Suppose a router is running and generates LSP #0 with its system-id/fingerprint. This LSP is flooded network-wide and exists in the databases of all routers in the network. The LSP will be preserved in the databases of all routers for the LSP lifetime (default of 20 minutes).

The router then restarts for some reason (maintenance, crash, power failure). If this occurs within the window of LSP Lifetime then other routers in the network will have stale copies of the LSP sent as part of the router's previous incarnation. They will flood this stale copy back to the restarting router. THis will of course appear to be a duplicate since it has the same system-id/fingerprint. But this is a benign event which will be handled by the restarting router by generating a new copy with an updated sequence #  - this is normal handling for such a case defined in the base protocol standard. In order for this NOT to trigger duplicate-id resolution procedures (which we do not want to happen in this case) we need to employ the additional logic defined in Section 3.4.6. Basically, only if this persists over a period of time can we safely conclude that there is a real duplicate.

HTH


> 
> "entropy" is already a collective noun, so I think if you want to pluralize it, you
> need to say "sources of entropy"
> 
[Les:] According to https://www.merriam-webster.com/dictionary/entropy "entropies" is valid.
??

> 
> I am surprised that you are recommending HMAC-MD5, but I guess that's
> how IS-IS rolls?

[Les:] There also is RFC 5310 which defines SHA support - not as widely deployed. And it involves the use of key identifiers requiring additional configuration. 
The thought here is to allow for authentication but try to minimize the config required if it is used.

   Les


>