Re: [mpls] Roman Danyliw's Discuss on draft-ietf-mpls-egress-protection-framework-06: (with DISCUSS and COMMENT)
Yimin Shen <yshen@juniper.net> Thu, 18 July 2019 20:51 UTC
Return-Path: <yshen@juniper.net>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73FA41200EF; Thu, 18 Jul 2019 13:51:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kd3z3GE2SdIW; Thu, 18 Jul 2019 13:51:05 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 548561200E0; Thu, 18 Jul 2019 13:51:05 -0700 (PDT)
Received: from pps.filterd (m0108158.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x6IKjDxV026748; Thu, 18 Jul 2019 13:51:01 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=dzFB6K91OD8axLl3AuMXVS++xkt1pVSPyjUeczkRIO4=; b=uYV4tFpXLHjMuaIO4Z2ql8+0+Z24wq6MnSWhIN3VY27N5DRfXll10ir/tUL5IZq+1ckB iVbmO0OBGCX7Imhws3oc7+1j1LlQLx6DWkmxxEKND6BAVF73T9d2czaKax/E8Xyj5UPx vbvu4A7bQGz3x7Nca185kAccjnqM2ul6KE+ITOUF1Nzj00jMrvIr5uQL/Crqm9/TVYpW APz5UnmKD8IRgoY/Xn7PnzWnaZ5if2PG+520UyVcZhKpJQ06/4fvNoiWrk2syVD8JLwQ GOub8EbmBzirsnA4ODMZgVIhAXT5WXU1J5nFOGR3kXZ+1CU4JzlD+lRpOgFDs5oSb2kW 3g==
Received: from nam04-bn3-obe.outbound.protection.outlook.com (mail-bn3nam04lp2056.outbound.protection.outlook.com [104.47.46.56]) by mx0a-00273201.pphosted.com with ESMTP id 2ttvj2reth-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 18 Jul 2019 13:51:01 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i24l3PfuaE3Onr3J/+aHuNlCYuLdhaOw8rhjimd08aSAxidZN72Tq9mykEGcxvApSrfUSw9l0eLGhi9OnQkCg5vwtIoAS1s8igQvZ4FPBrCi+D6uDL+9qQyStHRcF7OL+tpd3sOHkbCY9dVFbkdgJBDDfUQoWV2Uo90vfiTCz/klo2JkBi7Xx4tQL7Sc51d28vpwUmy2ldkAPSr43mmSSVY15U8in0YBe2lBZohaHVrAr3Ej3/mysf2tvnkh9sd14SXvqIB/04dLReIm37YaURLo24e9jEQj23ec/XT5Rx4snLY0x9p6HMeSfAdiG38S3BQpG3HUjdd1Mt9r7BYfxA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dzFB6K91OD8axLl3AuMXVS++xkt1pVSPyjUeczkRIO4=; b=AAXm3cRF6SMax6ICIKgRafsz4niKjgsiRqlGiid3ZCPPl2uhso+9lYfa2lEyF5KnoMM5nvgMzT0sEKcESbigQkbXqD8TnFNjkets5LBnYK13gYdRJPNOHKqJGY1R0iMN5XHbbidBcebX+ceQQyK+xmatB3LfoZFLfvOuw4mA8a/C7veKmF45IoveI9gqqOOWyy5s8q1It9B5H1tSDz8In1QPxcfqaXjTyxyYZv/087jUoztra9rVPxP958SsPAPlKSwViC27hdzoDjFS6Bt3X7+1JXXruB7nYKWuvjoyvgIkhNdfYbCekvfw0k+l8RM2nzTehP2CFNW49UmfFy2HXg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=juniper.net;dmarc=pass action=none header.from=juniper.net;dkim=pass header.d=juniper.net;arc=none
Received: from BYAPR05MB5256.namprd05.prod.outlook.com (20.177.231.94) by BYASPR01MB0019.namprd05.prod.outlook.com (20.177.126.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.7; Thu, 18 Jul 2019 20:50:57 +0000
Received: from BYAPR05MB5256.namprd05.prod.outlook.com ([fe80::9888:79c2:fa09:2995]) by BYAPR05MB5256.namprd05.prod.outlook.com ([fe80::9888:79c2:fa09:2995%7]) with mapi id 15.20.2094.009; Thu, 18 Jul 2019 20:50:57 +0000
From: Yimin Shen <yshen@juniper.net>
To: Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>
CC: "draft-ietf-mpls-egress-protection-framework@ietf.org" <draft-ietf-mpls-egress-protection-framework@ietf.org>, Loa Andersson <loa@pi.nu>, "mpls-chairs@ietf.org" <mpls-chairs@ietf.org>, "mpls@ietf.org" <mpls@ietf.org>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-mpls-egress-protection-framework-06: (with DISCUSS and COMMENT)
Thread-Index: AQHVNpIdMylsKTiOdUiLwxWif3+RsKbGw8aAgAnhBQA=
Date: Thu, 18 Jul 2019 20:50:57 +0000
Message-ID: <F9CB4323-4934-4D3F-B9C1-564925624EE2@juniper.net>
References: <156270292067.15831.1558464118600381453.idtracker@ietfa.amsl.com> <F0304867-E97D-48EB-AC7D-525E84AE4199@juniper.net>
In-Reply-To: <F0304867-E97D-48EB-AC7D-525E84AE4199@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.b.190609
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 493b247e-f11e-4dcc-ec52-08d70bc1a266
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:BYASPR01MB0019;
x-ms-traffictypediagnostic: BYASPR01MB0019:
x-microsoft-antispam-prvs: <BYASPR01MB0019CD1DABA0DA3781D60AA2BDC80@BYASPR01MB0019.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 01026E1310
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(136003)(396003)(346002)(376002)(366004)(39860400002)(189003)(199004)(71190400001)(71200400001)(5660300002)(36756003)(478600001)(6246003)(86362001)(33656002)(76176011)(305945005)(7736002)(14444005)(53936002)(6512007)(256004)(99286004)(2906002)(6436002)(14454004)(66574012)(6486002)(446003)(81156014)(486006)(66946007)(25786009)(91956017)(66446008)(476003)(66476007)(66556008)(2616005)(8676002)(11346002)(229853002)(76116006)(81166006)(186003)(316002)(6506007)(58126008)(102836004)(26005)(110136005)(54906003)(4326008)(3846002)(8936002)(64756008)(68736007)(66066001)(6116002); DIR:OUT; SFP:1102; SCL:1; SRVR:BYASPR01MB0019; H:BYAPR05MB5256.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: mziBllFDQWMWvGHAuJJQUmdpuxnUYqK7LzTxHsAzhmI/LB/rAmjGWabc5+LEx9FJFNby2nvPSTDSQaUFlHfOGGMlxJEfgMMBqf0ZiSiZr/VeWRjwhNJBwqZ1++PHQFE5lX8fbvbri8O9XfufENteOu2pRZ2aBl+kqZRvhMyEwJOONBAUYOJ1qvimZrUVpckA7k5Ix0WNU9oGuwu8S8UhMUfhvLckFqistbRgzGovR68xf/Jc/uTsMSwzLHOjm4FOHT6ZoA4coBiwmQ6tvfwNA0IwIHsgubm7IcwrkE8a0GkuIp+bTv2TnqyoGVp7vyJDWU699nJ4zbaazqPQSBMgaKDwSmPfhw75D1nO1FKYkM2J4B3jkpZ4vsu/CaTrgL1I404eSXSLoxT7d/ISetAZE7LMHpOVbdwVKyK+kW4lLpg=
Content-Type: text/plain; charset="utf-8"
Content-ID: <7AFF4C0E6352DF4DBBBF1F64B4B9B321@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 493b247e-f11e-4dcc-ec52-08d70bc1a266
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jul 2019 20:50:57.5433 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yshen@juniper.net
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYASPR01MB0019
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-07-18_10:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=661 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1907180214
Archived-At: <https://mailarchive.ietf.org/arch/msg/mpls/VaekDRpRHC93-sWQDZnzjJ1tKcM>
Subject: Re: [mpls] Roman Danyliw's Discuss on draft-ietf-mpls-egress-protection-framework-06: (with DISCUSS and COMMENT)
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2019 20:51:08 -0000
Hi Roman,
We are planning to update the "Security Considerations" section as below to address your suggestions. Please let us know if you can agree on this and clear the discuss state.
-----
The framework in this document involves rerouting traffic around an egress node or link failure, via a bypass path from a PLR to a protector, and ultimately to a backup egress router. Some control plane protocols may be used between these routers to facilitate the establishment of egress protection. The general security measures of the protocols SHOULD be used whenever applicable. In particular, the framework requires a service label distribution protocol between an egress router and a protector. The security measures of the chosen protocol SHOULD be used to achieve a secured session between the two routers. Common secure measures include authentication methods and password-based methods. This framework does not foresee requiring additional security measures for these protocols. The security aspects SHOULD be defined in the protocol-specific documents.
Also, the PLR, protector, and backup egress router are located close to the protected egress router, and normally in the same administrative domain. If they are not in the same administrative domain, a certain level of trust MUST be established between them in order for the protocols to be allowed and run securely across the domain boundary. The forwarding performed by the routers in the data plane is also anticipated, as part of the planning of egress protection.
In one possible case, the egress link between an egress router and a CE could become a point of attack. An attacker that gains control of the CE might use it to simulate link failures and trigger constant and cascading activities in the network. Such attack could occur regardless of the existence of egress protection. If egress link protection is in place, the attack might also trigger egress link protection activities. As a general solution to defeat the attack, a damping mechanism SHOULD be used by the egress router to promptly suppress the services associated with the link or CE. The egress router would stop advertising the services, essentially detaching them from the network and eliminating the effect of the simulated link failures.
Thanks,
-- Yimin
On 7/12/19, 9:59 AM, "Yimin Shen" <yshen@juniper.net> wrote:
the same manner as that of an inter-AS protocols
- [mpls] Roman Danyliw's Discuss on draft-ietf-mpls… Roman Danyliw via Datatracker
- Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Yimin Shen
- Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Yimin Shen
- Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw
- Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Yimin Shen
- Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw
- Re: [mpls] Roman Danyliw's Discuss on draft-ietf-… Yimin Shen