Re: [netlmm] TLV header in the GRE Keys draft
"Ahmad Muhanna" <amuhanna@nortel.com> Wed, 20 May 2009 05:42 UTC
Return-Path: <AMUHANNA@nortel.com>
X-Original-To: netlmm@core3.amsl.com
Delivered-To: netlmm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B69A03A6E7A for <netlmm@core3.amsl.com>; Tue, 19 May 2009 22:42:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.582
X-Spam-Level:
X-Spam-Status: No, score=-6.582 tagged_above=-999 required=5 tests=[AWL=0.017, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6XRNUtbow-1k for <netlmm@core3.amsl.com>; Tue, 19 May 2009 22:42:40 -0700 (PDT)
Received: from zcars04e.nortel.com (zcars04e.nortel.com [47.129.242.56]) by core3.amsl.com (Postfix) with ESMTP id D29233A6D74 for <netlmm@ietf.org>; Tue, 19 May 2009 22:42:39 -0700 (PDT)
Received: from zrc2hxm0.corp.nortel.com (zrc2hxm0.corp.nortel.com [47.103.123.71]) by zcars04e.nortel.com (Switch-2.2.0/Switch-2.2.0) with ESMTP id n4K5h5Q08326; Wed, 20 May 2009 05:43:05 GMT
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 20 May 2009 00:43:32 -0500
Message-ID: <C5A96676FCD00745B64AE42D5FCC9B6E1EAD4838@zrc2hxm0.corp.nortel.com>
In-Reply-To: <C63892E1.7983%vijay@wichorus.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: TLV header in the GRE Keys draft
Thread-Index: AcnY3AVLmsmSfi5hIkqA/gbGZ4XWlAAMa1TQ
References: <4A006CEC.3060809@piuha.net> <C63892E1.7983%vijay@wichorus.com>
From: Ahmad Muhanna <amuhanna@nortel.com>
To: Vijay Devarapalli <vijay@wichorus.com>, NETLMM Mailing List <netlmm@ietf.org>
Subject: Re: [netlmm] TLV header in the GRE Keys draft
X-BeenThere: netlmm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: NETLMM working group discussion list <netlmm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/netlmm>, <mailto:netlmm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netlmm>
List-Post: <mailto:netlmm@ietf.org>
List-Help: <mailto:netlmm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netlmm>, <mailto:netlmm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2009 05:42:47 -0000
Hello Vijay, Text looks fine. Will take care of it during AUTH48. Cheers! Regards, Ahmad > -----Original Message----- > From: Vijay Devarapalli [mailto:vijay@wichorus.com] > Sent: Tuesday, May 19, 2009 6:46 PM > To: NETLMM Mailing List; Muhanna, Ahmad (RICH1:2H10) > Cc: Jari Arkko > Subject: FW: TLV header in the GRE Keys draft > > Hello folks, > > I had an offline discussion with the Ads on restricting the > possible valid values for the 'Next Header' field in the TLV > header in draft-ietf-netlmm-grekey-option-09.txt. See below. > Jari suggested making this change during the AUTH48 stage. > Here is the suggested text change for this > > OLD: > > Next Header > > 8-bit unsigned integer which indicates the protocol > number of the > payload header following this TLV header. It is set to the > protocol number as assigned by IANA at the following > http://www.iana.org/assignments/protocol-numbers. e.g., > if an IPv6 > header follows, it should be '41'; '47' if it is a GRE > header that > follows. > > NEW: > > Next Header > > 8-bit unsigned integer which indicates the protocol > number of the > payload header following this TLV header. The valid > values for this > field are '4' (IPv4), '41' (IPv6), '47' (GRE), and '50' (ESP). > The values are taken from the protocol numbers as > assigned by IANA at > the http://www.iana.org/assignments/protocol-numbers. All others > values are not permitted. If the MAG or the LMA node > receives a packet > with the TLV header where the 'Next Header' field is > set to anything > other than the above mentioned four protocols, it > SHOULD silently > discard the packet. > > Feel free to modify the text. > > Vijay > > ------ Forwarded Message > From: Jari Arkko <jari.arkko@piuha.net> > Date: Tue, 05 May 2009 19:44:28 +0300 > To: Vijay Devarapalli <vijay@wichorus.com> > Cc: Pasi Eronen <Pasi.Eronen@nokia.com> > Subject: Re: TLV header in the GRE Keys draft > > I think that sounds reasonable. Bring it up in AUTH48. > > Jari > > Vijay Devarapalli wrote: > > Hi Jari, Pasi, > > > > I think we need to restrict the values for the "Next > Header" field in > > the TLV header in draft-ietf-netlmm-grekey-option to just > IPv4, IPv6 or GRE. > > > > A typical MAG or LMA implementation would turn off most of > the ports, > > allow a certain number of ports and only process a limited > number of > > control plane packets. The TLV header causes issues. > Basically on top > > of the DS-MIPv6 port (since the UDP header is always there > before the > > TLV header), you can carry pretty much any protocol. All the 140 > > protocols described on the IANA page can carried inside the > TLV header. > > > http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtm > > l > > > > An implementation can address this by dropping anything other the > > relevant protocols after the TLV header. But I am not sure if all > > implementers will do this. So it would better if we specify in > > draft-ietf-netlmm-grekey-option that only IPv4, IPv6 or GRE > can follow > > the TLV header. If there is anything else, the MAG or the > LMA should drop the packet. > > > > I just noticed that this document got approved. So can we add this > > restriction in the AUTH48 stage? > > > > Vijay > >
- [netlmm] FW: TLV header in the GRE Keys draft Vijay Devarapalli
- Re: [netlmm] TLV header in the GRE Keys draft Ahmad Muhanna