[lisp] Comments on draft-fuller-lisp-ms
Olivier Bonaventure <Olivier.Bonaventure@uclouvain.be> Thu, 26 March 2009 14:48 UTC
Return-Path: <olivier.bonaventure@uclouvain.be>
X-Original-To: lisp@core3.amsl.com
Delivered-To: lisp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5020C3A6D82 for <lisp@core3.amsl.com>; Thu, 26 Mar 2009 07:48:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DiPdCXnN20qI for <lisp@core3.amsl.com>; Thu, 26 Mar 2009 07:48:41 -0700 (PDT)
Received: from smtp1.sgsi.ucl.ac.be (smtpout.sgsi.ucl.ac.be [130.104.5.77]) by core3.amsl.com (Postfix) with ESMTP id 1E61B3A6884 for <lisp@ietf.org>; Thu, 26 Mar 2009 07:48:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=uclouvain.be; h= message-id:date:from:reply-to:mime-version:to:subject: content-type:content-transfer-encoding; q=dns/txt; s=selucl; bh= fYp26nnnBHRjj+UTpsNLnCrpY98=; b=g0A3P8wgxp2r82m3Lzhpu8pSsi6pn6s+ ZaLjFJ2/ThwCPlJWV0TNAo7xpLa/RzQ+myr4v0/CvDz9VevuvPXiQVEXiV9XSueW PfFbF1RhGkie2lUiBh+JVxY9ZwYxgeFBVQYdLC9qZUJTH0TnBiGQ+U7sKK/h9H76 xm8DhSGcNAk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=uclouvain.be; h=message-id:date: from:reply-to:mime-version:to:subject:content-type: content-transfer-encoding; q=dns; s=selucl; b=BHxixdCHv1E7B7MF0T d66bd+qX8c2N7GDhYcu/r9iXO348n6Nqbgu9ZC47nQq4vMbd1aRJOBwjDEta0hAv XmmkGB3xCrl31SlBEz2fELBAKTX5UBRj+6tUOyT9Sf+FG6vzOvXZrr7O6ZzDCVNz wIPJkDSAfnI6rWXMugoD8InI0=
Received: from mbpobo.local (ip-83-134-212-236.dsl.scarlet.be [83.134.212.236]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: obonaventure@smtp1.sgsi.ucl.ac.be) by smtp1.sgsi.ucl.ac.be (Postfix) with ESMTPSA for <lisp@ietf.org>; Thu, 26 Mar 2009 15:44:48 +0100 (CET)
Message-ID: <49CB94D6.7050003@uclouvain.be>
Date: Thu, 26 Mar 2009 15:44:38 +0100
From: Olivier Bonaventure <Olivier.Bonaventure@uclouvain.be>
User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302)
MIME-Version: 1.0
To: lisp@ietf.org
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-AV-Checked: ClamAV using ClamSMTP
X-Sgsi-Spamcheck: SASL authenticated,
X-SGSI-MailScanner-ID: 5603FEBF65.588A7
X-SGSI-MailScanner: Found to be clean
X-SGSI-From: olivier.bonaventure@uclouvain.be
X-SGSI-Spam-Status: No
Subject: [lisp] Comments on draft-fuller-lisp-ms
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Olivier.Bonaventure@uclouvain.be
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Mar 2009 14:48:42 -0000
Hello, I had a look at draft draft-fuller-lisp-ms-00. My first comment is that this is a very good addition to the set of LISP documents, this will allow the implementation of simpler xTRs and also allow people to experiment with mapping systems. I thus fully support this direction on work. However, I have some concerns about the details and the solution chosen in the draft. First, concerning the map register message defined in draft-farinacci-lisp-12 I completely agree that we need a method to authenticate the map register messages. Using AH with MD5 and a key shared between the ETR and the mapping server to authenticate the mapping register appears more like a quick hack than an implementation. Instead of using IPSec to authenticate the content of the map register, I would suggest that we consider adding authentication data inside the map register at least. The authentication data should be flexible and support different types of authentications. MD5 with a shared key could be a first example, but I think that we should also explore the possibility of using certificates that certify a binding between an EID prefix and a keypair and use this keypair to sign the mapping register. Second, the reliability of the transmission of the map register should be discussed. As map register messages are sent in normal IP packets, they may be dropped. One possibility could be that everytime an ETR sends a map-register to a mapping server, it should after a timeout send a map-request to this server to check that the map register sent has caused an update of the mapping server. Third, concerning the map-server processing, draft-fuller-lisp-ms explains that the map-server does not produce map replies, but only forwards the map-requests to the appropriate ETRs. This implies that the map-server does not need to store all the mapping information (i.e. rlocs, reachability, weight, priority, ...). In this case, then why does the ETR indicates all this information in the map register message ? Fourth, when an EID prefix is served by several ETRs, it seems useful to expect that the map-server will load balance the received request among the ETRs that it knows. Fifth, the ability of sending a negative map reply (with an empty locator set) is a useful addition. However, it may create risks of DoS attacks that would be useful to discuss in the security section. The verification of the contents of the map reply (source port, nonce) is very important. The draft suggest to send a negative map reply that contains the largest possible EID prefix. If an ITR accepts a negative reply containing 0.0.0.0/0, then it would consider that the entire IPv4 Internet is unreachable. Olivier -- http://inl.info.ucl.ac.be , UCLouvain, Belgium
- [lisp] Comments on draft-fuller-lisp-ms Olivier Bonaventure
- Re: [lisp] Comments on draft-fuller-lisp-ms Dino Farinacci