IETF Logo Mail Archive

Re: [manet-dlep-rg] DLEP session establishment

"Stan Ratliff (sratliff)" <sratliff@cisco.com> Wed, 13 November 2013 15:30 UTC

Return-Path: <sratliff@cisco.com>
X-Original-To: manet-dlep-rg@ietfa.amsl.com
Delivered-To: manet-dlep-rg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D14A21F9B85 for <manet-dlep-rg@ietfa.amsl.com>; Wed, 13 Nov 2013 07:30:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.47
X-Spam-Level:
X-Spam-Status: No, score=-10.47 tagged_above=-999 required=5 tests=[AWL=0.129, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 549377TU8kpZ for <manet-dlep-rg@ietfa.amsl.com>; Wed, 13 Nov 2013 07:30:47 -0800 (PST)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id 3BF5721F9BC1 for <manet-dlep-rg@ietf.org>; Wed, 13 Nov 2013 07:30:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3113; q=dns/txt; s=iport; t=1384356647; x=1385566247; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=wXCnzOsU1O5Kp+XrrU0hq0NOElO9fr951aEmWvWJLbA=; b=LNErU1y8BxG/zIeMSkYzWlzkpYrjzNRUvq+QElJL+VUhywwMkyROeAdz dN/8HiQfCJJctVYZDVsUe1VDxEuF92dJplzeQJQg0ejeFQB2HslWN8nAQ Q+2lx3NNoG7etOngXPmLcQtzZiTSsCD/PIIALi/MUlMvHLl+XEcQ5ks52 g=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgsFABqag1KtJV2Z/2dsb2JhbABagwc4U78pgSEWdIIlAQEBAwEnExskBQsCAQg2EDIlAgQOBYd7BsAijiAGAYEFMwcCgx6BEQOYEJILgyiBaAkXIg
X-IronPort-AV: E=Sophos;i="4.93,693,1378857600"; d="scan'208";a="284273436"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-7.cisco.com with ESMTP; 13 Nov 2013 15:30:46 +0000
Received: from xhc-rcd-x10.cisco.com (xhc-rcd-x10.cisco.com [173.37.183.84]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id rADFUkLb000751 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 13 Nov 2013 15:30:46 GMT
Received: from xmb-aln-x03.cisco.com ([169.254.6.200]) by xhc-rcd-x10.cisco.com ([173.37.183.84]) with mapi id 14.03.0123.003; Wed, 13 Nov 2013 09:30:45 -0600
From: "Stan Ratliff (sratliff)" <sratliff@cisco.com>
To: "Taylor, Rick" <Rick.Taylor@cassidian.com>
Thread-Topic: [manet-dlep-rg] DLEP session establishment
Thread-Index: AQHO4D+89M2H7YHOwk6IdPrWTJ8AQpoi7H8ggADCPgA=
Date: Wed, 13 Nov 2013 15:30:44 +0000
Message-ID: <1EFB06F8-05B2-4A4B-8A6B-DDDB946B7D01@cisco.com>
References: <72FB622921C13746AD6349E70A8D9F307D9192F7@EXC-MBX03.tsn.tno.nl> <CAK=bVC85XAXR3Zkwq+JwELF-dvgrKwbowWCvwvnjeVn7VStnbw@mail.gmail.com> <72FB622921C13746AD6349E70A8D9F307D9193CD@EXC-MBX03.tsn.tno.nl> <5A8A5085482DA84995F4E70F5093AB50268E6C@XCH-BLV-503.nw.nos.boeing.com> <B2BA430A-F4E6-4DED-A7BB-7282A22802B7@inf-net.nl> <D02397F1-9D1B-4B36-81D0-4585ACDBA34A@gmail.com> <5D184300-2D97-4EC1-8D91-76D4A79B2BDA@inf-net.nl> <DDAE98C5-520E-4F8F-9F9B-2AB9A15A70EF@cisco.com> <0541163b-2d1c-4afd-ad06-ba9a25744310@SUCNPTEXC01.COM.AD.UK.DS.CORP> <B177F831FB91F242972D0C35F6A0733106FB0425@SUCNPTEXM01.com.ad.uk.ds.corp> <14B5C326-6499-439D-BC23-BB39A376825C@cisco.com> <CAGnRvuoxD_dxdoD_8qbHhq--6AF=2B7wNFEE5Xz=vKNwnBhhZw@mail.gmail.com> <9EB171E6-62E6-4136-BFDB-6FEB8DF23B74@cisco.com> <cb165b80-275e-45ff-ae0e-8ca5354a3568@SUCNPTEXC01.COM.AD.UK.DS.CORP> <B177F831FB91F242972D0C35F6A0733106FB081B@SUCNPTEXM01.com.ad.uk.ds.corp>
In-Reply-To: <B177F831FB91F242972D0C35F6A0733106FB081B@SUCNPTEXM01.com.ad.uk.ds.corp>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [64.102.41.107]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <B29FB7DFA2DFB04EAB6B2875FDB5AAAC@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Henning Rogge <hrogge@googlemail.com>, "DLEP Research Group (manet-dlep-rg@ietf.org)" <manet-dlep-rg@ietf.org>, Teco Boot <teco@inf-net.nl>
Subject: Re: [manet-dlep-rg] DLEP session establishment
X-BeenThere: manet-dlep-rg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DLEP Radio Group <manet-dlep-rg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet-dlep-rg>, <mailto:manet-dlep-rg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet-dlep-rg>
List-Post: <mailto:manet-dlep-rg@ietf.org>
List-Help: <mailto:manet-dlep-rg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet-dlep-rg>, <mailto:manet-dlep-rg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2013 15:30:52 -0000

I'm on board with this. 

Regards,
Stan

On Nov 13, 2013, at 5:12 AM, "Taylor, Rick" <Rick.Taylor@cassidian.com> wrote:

> My thoughts:
> 
> The principle of keeping the modem code as small and light as possible is good.  In general modems are not only getting bigger and smarter, they are also getting physically smaller and lower power.  Routers however are not getting so small so quickly, so even though there are full TCP stacks in many radios, we should not force a full server implementation on them.
> 
> So, Lets keep the 3-way handshake we have discussed, but make the router the advertiser/server:
> 
> 
>   Router                                        Modem
>   ===================================================
> 
> 1) TCP Listen()
> 
> 2) UDP Peer_Discovery ------------------------------->
>     + Version TLV
>     + TCP address:port
> 
> 3)                                       TCP Connect()
> 
> 4) <-------------------------------- Peer_Initialize()
>                                      + Version TLV
>                                      + Ident TLV
>                                      + Mandatory TLVs
> 
> 5) Peer_Initialize_Ack ------------------------------>
>     + Status TLV
>     + Ident TLV
> 
> I withdraw my suggestion about cookies.  As Teco has pointed out, just do security properly (TLS or IPSec or whatever).  Putting in a lightweight/half-baked authentication process in the protocol may lead some implementers to assume this provides security.
> 
> I have also suggested just Version TLV and TCP endpoint address in the UDP discovery packet to save space.  This should allow a listening modem to decide whether to start a session with a router before TCP connect.
> 
> At step 5, the router has the opportunity to send a negative ACK, by including an error Status TLV in the Peer_Inialize_Ack and then shutdown the connection.  This captures Teco's SHOULD condition "The router SHOULD NOT start a session with a modem that does not advertise mandatory metric TLVs"
> 
> Would it help to have a state machine in the draft?
> 
> Comments?
> 
> Rick Taylor
> The information contained within this e-mail and any files attached to this e-mail is private and in addition may include commercially sensitive information. The contents of this e-mail are for the intended recipient only and therefore if you wish to disclose the information contained within this e-mail or attached files, please contact the sender prior to any such disclosure. If you are not the intended recipient, any disclosure, copying or distribution is prohibited. Please also contact the sender and inform them of the error and delete the e-mail, including any attached files from your system. Cassidian Limited, Registered Office : Quadrant House, Celtic Springs, Coedkernew, Newport, NP10 8FZ Company No: 04191036 http://www.cassidian.com

v2.23.0 | Report a Bug | By Email