Re: [OSPF] New Version Notification for draft-liang-ospf-flowspec-extensions-01.txt

"Russ White" <> Sat, 11 October 2014 15:30 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id CFDEF1A6F39 for <>; Sat, 11 Oct 2014 08:30:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.787
X-Spam-Status: No, score=-0.787 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RP_MATCHES_RCVD=-0.786] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id XKfUEXHBqsyf for <>; Sat, 11 Oct 2014 08:30:15 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3C3391A1BCE for <>; Sat, 11 Oct 2014 08:30:15 -0700 (PDT)
Received: from ([]:63727 helo=RussPC) by with esmtpsa (UNKNOWN:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.82) (envelope-from <>) id 1XcycV-00080N-8B; Sat, 11 Oct 2014 15:30:11 +0000
From: "Russ White" <>
To: "'Acee Lindem \(acee\)'" <>, "'Osborne, Eric'" <>, "'Youjianjie'" <>, "'Hannes Gredler'" <>
References: <> <> <20141008155350.GB34437@hannes-mba.local> <> <> <> <054c01cfe55c$b9075090$2b15f1b0$> <>
In-Reply-To: <>
Date: Sat, 11 Oct 2014 11:30:07 -0400
Message-ID: <073b01cfe568$3dd93bc0$b98bb340$>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQKCgfI8rVi9dEuLzuAGlFPsN1X1GQIeNN82Ajp32rUC5hQTOgIBUAVfAoCf7CMBrRtY4gIt8lk6mkjqoLA=
Content-Language: en-us
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-Get-Message-Sender-Via: authenticated_id:
Subject: Re: [OSPF] New Version Notification for draft-liang-ospf-flowspec-extensions-01.txt
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 11 Oct 2014 15:30:17 -0000

> OSPF is a good choice for quickly disseminating the same piece of
> to multiple OSPF routers using the same policy and I believe that the
> transport instance
> instance-11.txt
> facilitates this. However, I see flow-spec distribution in the general
> case as being peer specific or even peer interface specific. Do you

> The use case in question is mitigating attacks closer to the compromised
> system by pushing the flow-spec to the customer sites using OSPF as a
> protocol (RFC 4577). Are there any other instances where we¹d want to push
> the same flow-spec to the routers in an IGP domain using OSPF or ISIS?

Why isn't this use case extendable to all edge OSPF routers, and not just
CE's? I would think the same reasoning would apply...

So -- if we are going to do this, we should specifically design it more like
a type 5, perhaps, or something with a very limited flooding scope to solve
the specific use case in hand, rather than in a way that encourages general

Does this make sense?