Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tldp-hello-reduce-03
"Dutta, Pranjal K (Pranjal)" <pranjal.dutta@alcatel-lucent.com> Mon, 23 July 2012 22:45 UTC
Return-Path: <pranjal.dutta@alcatel-lucent.com>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24A8E21F84FF for <mpls@ietfa.amsl.com>; Mon, 23 Jul 2012 15:45:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.266
X-Spam-Level:
X-Spam-Status: No, score=-9.266 tagged_above=-999 required=5 tests=[AWL=1.333, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zsHP1q67fqjS for <mpls@ietfa.amsl.com>; Mon, 23 Jul 2012 15:45:54 -0700 (PDT)
Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by ietfa.amsl.com (Postfix) with ESMTP id 2E59421F84FE for <mpls@ietf.org>; Mon, 23 Jul 2012 15:45:53 -0700 (PDT)
Received: from inbansmailrelay2.in.alcatel-lucent.com (h135-250-11-33.lucent.com [135.250.11.33]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id q6NMjn8x010523 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 23 Jul 2012 17:45:51 -0500 (CDT)
Received: from INBANSXCHHUB03.in.alcatel-lucent.com (inbansxchhub03.in.alcatel-lucent.com [135.250.12.80]) by inbansmailrelay2.in.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q6NMjlrJ000471 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Tue, 24 Jul 2012 04:15:47 +0530
Received: from INBANSXCHMBSA3.in.alcatel-lucent.com ([135.250.12.50]) by INBANSXCHHUB03.in.alcatel-lucent.com ([135.250.12.80]) with mapi; Tue, 24 Jul 2012 04:15:47 +0530
From: "Dutta, Pranjal K (Pranjal)" <pranjal.dutta@alcatel-lucent.com>
To: "erosen@cisco.com" <erosen@cisco.com>
Date: Tue, 24 Jul 2012 04:15:45 +0530
Thread-Topic: [mpls] MPLS-RT review of draft-pdutta-mpls-tldp-hello-reduce-03
Thread-Index: Ac1pFrmEjOgZ6gMpQ8GbEvXlLiz7kgACUN7g
Message-ID: <C584046466ED224CA92C1BC3313B963E09F2162845@INBANSXCHMBSA3.in.alcatel-lucent.com>
References: Your message of Mon, 23 Jul 2012 08:18:50 +0530. <C584046466ED224CA92C1BC3313B963E09F20ADE2E@INBANSXCHMBSA3.in.alcatel-lucent.com> <24256.1343077448@erosen-linux>
In-Reply-To: <24256.1343077448@erosen-linux>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33
Cc: "mpls@ietf.org" <mpls@ietf.org>, Giles Heron <giheron@cisco.com>, Thomas Nadeau <tnadeau@juniper.net>, "mpls-chairs@tools.ietf.org" <mpls-chairs@tools.ietf.org>
Subject: Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tldp-hello-reduce-03
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mpls>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jul 2012 22:45:55 -0000
Please find my answers further inline. -----Original Message----- From: Eric Rosen [mailto:erosen@cisco.com] Sent: Monday, July 23, 2012 2:04 PM To: Dutta, Pranjal K (Pranjal) Cc: Markus Jork; Giles Heron; Thomas Nadeau; mpls-chairs@tools.ietf.org; VIGOUREUX, MARTIN (MARTIN); mpls@ietf.org Subject: Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tldp-hello-reduce-03 Pranjal> This draft does not change or violate procedures defined in RFC Pranjal> 5036. It proposes an OPTIONAL method of reduction of "targeted' Pranjal> hellos (only - as the name of the draft suggests) and the proposed Pranjal> method is backward compatible with procedures defined in RFC Pranjal> 5036. The method uses the hello timeout negotiation procedures as Pranjal> per RFC 5036 without any changes in negotiation procedures. If the draft does not change any of the procedures specified in RFC 5036, and does not define any new procedures or messages either, then why is the draft marked as "standards track"? At best it would be "Informational". But are you saying that all the draft really does is to suggest that a particular parameter be set to a particular value? That doesn't seem like very much content. [Pranjal] The version 00 was informational. It was made to standards track as per feedback received from WG IETF-SFO. Although the draft re-uses the Hello negotiation method as in RFC 5036, it does define procedures for reduction (section 4). I am OK if majority votes for Informatonal. [/Pranjal] Pranjal> The reduction of hellos provides probabilistically better Pranjal> resiliency on maintenance of hello adjacency during sporadic DoS Pranjal> attacks. Sporadic DoS attacks on UDP port 646 can result in loss of Pranjal> "good" hello packets for certain period of time and thus leading to Pranjal> loss of existing adjacencies. If an attacker can send you UDP packets on port 646, why doesn't he make them look like Hello packets specifying a short hold time? That's a much more effective attack than a "sporadic DoS attack". In fact, if real Hellos are not being sent at all, it just becomes easier to mount an attack with a spoofed Hello. [Pranjal] When I said UDP packets in port 646 it was not meant to be non-Hello packets - it was meant to be any packet in port 646 that includes LDP Hello Packet (parser won't say bad_msg) or any garnage UDP payload. Sporadic floods of good LDP Hellos are tantamount to DoS attack. If such a flood comes from an "existing" adjacency then one solution could be rate limiting on existing adjacencies (there are several established techniques). If an implementation doesn't have such techniques (e.g h/w assisted) then it is possible that such attacks from one peer may bring down other adjacencies, if the hold time of other adjacencies are relatively small. The draft does not claim as solution for DoS prevention but for probabilistically better resilience on sporadic attacks. [/Pranjal] An attacker could send a spoofed Hello with a hold time of 3 days, and the session would stay up for a few days and then fail mysteriously, for no apparent reason. An attack whose effects are not felt until days later can be quite hard to deal with. When the Hellos are sent periodically, on the other hand, there is a self-correction mechanism that prevents this. [Pranjal] Could you elaborate in more details what self-correction means in this context? If we read the section 4, it mentions that Hello Reduction starts only after a LDP session is ESTABLISHED. There are additional well known security methods to secure LDP session (e.g TCP MD5). Do you mean to say that a peer to which we may be running a trusted LDP session can be considered as spoof? Well, nobody can prevent a trusted peer not to do spoofing with hellos (hide-and-seek), if the peer administration decided to do so but the draft doesn't claim solution for such spoofing. If there is a trusted peer and hello reduction procedures set the holdtime as 3 days And the session is lost then hello reduction terminates immediately. This Is mentioned clearly in point 4 in section 4. Then I don't see your point how a spoofed hello adjacency stays up for 3 days. If you want to reduce the targeted Hello load, it might be better to invent a way (i.e., a protocol change) of turning them off entirely after the session comes up, so that arriving Hellos are just discarded. ( [Pranjal] We may not like to do that due to backward compatibility with RFC 5036, unless we say that T-LDP Hellos are deprecated. However, I think there are vendor implementations (at least one vendor I am aware of) that does LDP session protection with T-LDP hellos while link adjacencies to same peer may get lost for a short window. Thus it may not be a sound approach to get rid of T-LDP Hellos. [/Pranjal]. BTW, the draft asserts that the periodic Hellos have no value that is not better served by either BFD or the LDP session keepalives. I don't know whether that's true, but it would be nice to see an argument with a little more substance. [Pranjal] It depends on case by case. If LDP session transport address is different from IP addresses used for T-LDP hellos then Session Keepalives are not substitute. But if we want to use protocols like BFD for fast tracking reachability of T-LDP IPs (there are other protocols as well) then Hellos are redundant. If any Hello param are changed during the life time of a adjacency then hellos can be exchanged immediately to reflect the change keeping reduced hold time intact and draft does not prevent it from doing so (corrective action). I would like to hear opposing side of the argument that claims the period fast T-LDP hellos are mandatory for proper functioning of LDP as a protocol and need to quantify the "fastness". [/Pranjal]
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Markus Jork
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Markus Jork
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Lizhong Jin
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Lizhong Jin
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Eric Rosen
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Kamran Raza (skraza)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Kamran Raza (skraza)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Eric Rosen
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Kamran Raza (skraza)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Dutta, Pranjal K (Pranjal)
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Lizhong Jin
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Thomas Nadeau
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Ross Callon
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Thomas.Beckhaus
- Re: [mpls] MPLS-RT review of draft-pdutta-mpls-tl… Lizhong Jin