Re: [OSPF] New Version Notification for draft-liang-ospf-flowspec-extensions-01.txt

"Russ White" <russw@riw.us> Sat, 11 October 2014 15:30 UTC

Return-Path: <russw@riw.us>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFDEF1A6F39 for <ospf@ietfa.amsl.com>; Sat, 11 Oct 2014 08:30:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.787
X-Spam-Level:
X-Spam-Status: No, score=-0.787 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RP_MATCHES_RCVD=-0.786] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XKfUEXHBqsyf for <ospf@ietfa.amsl.com>; Sat, 11 Oct 2014 08:30:15 -0700 (PDT)
Received: from server.riw.us (server.riw.us [162.144.32.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C3391A1BCE for <ospf@ietf.org>; Sat, 11 Oct 2014 08:30:15 -0700 (PDT)
Received: from 108-78-210-25.lightspeed.chrlnc.sbcglobal.net ([108.78.210.25]:63727 helo=RussPC) by server.riw.us with esmtpsa (UNKNOWN:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.82) (envelope-from <russw@riw.us>) id 1XcycV-00080N-8B; Sat, 11 Oct 2014 15:30:11 +0000
From: "Russ White" <russw@riw.us>
To: "'Acee Lindem \(acee\)'" <acee@cisco.com>, "'Osborne, Eric'" <eric.osborne@level3.com>, "'Youjianjie'" <youjianjie@huawei.com>, "'Hannes Gredler'" <hannes@juniper.net>
References: <F6C28B32DA084644BB6C8D0BD65B669D11A0A9@nkgeml509-mbs.china.huawei.com> <63CB93BC589C1B4BAFDB41A0A19B7ACDF930C2@USIDCWVEMBX08.corp.global.level3.com> <20141008155350.GB34437@hannes-mba.local> <F6C28B32DA084644BB6C8D0BD65B669D11A486@nkgeml509-mbs.china.huawei.com> <63CB93BC589C1B4BAFDB41A0A19B7ACDF93F22@USIDCWVEMBX08.corp.global.level3.com> <D05C07DB.4A98%acee@cisco.com> <054c01cfe55c$b9075090$2b15f1b0$@riw.us> <D05EBC35.4D9D%acee@cisco.com>
In-Reply-To: <D05EBC35.4D9D%acee@cisco.com>
Date: Sat, 11 Oct 2014 11:30:07 -0400
Message-ID: <073b01cfe568$3dd93bc0$b98bb340$@riw.us>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQKCgfI8rVi9dEuLzuAGlFPsN1X1GQIeNN82Ajp32rUC5hQTOgIBUAVfAoCf7CMBrRtY4gIt8lk6mkjqoLA=
Content-Language: en-us
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server.riw.us
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - riw.us
X-Get-Message-Sender-Via: server.riw.us: authenticated_id: russw@riw.us
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: http://mailarchive.ietf.org/arch/msg/ospf/GrD6FbLar0umBCTu8dM1dTM_DBU
Cc: ospf@ietf.org
Subject: Re: [OSPF] New Version Notification for draft-liang-ospf-flowspec-extensions-01.txt
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Oct 2014 15:30:17 -0000

> OSPF is a good choice for quickly disseminating the same piece of
information
> to multiple OSPF routers using the same policy and I believe that the
> transport instance http://www.ietf.org/id/draft-ietf-ospf-transport-
> instance-11.txt
> facilitates this. However, I see flow-spec distribution in the general
controller
> case as being peer specific or even peer interface specific. Do you
disagree?

> The use case in question is mitigating attacks closer to the compromised
> system by pushing the flow-spec to the customer sites using OSPF as a
PE-CE
> protocol (RFC 4577). Are there any other instances where we¹d want to push
> the same flow-spec to the routers in an IGP domain using OSPF or ISIS?

Why isn't this use case extendable to all edge OSPF routers, and not just
CE's? I would think the same reasoning would apply...

So -- if we are going to do this, we should specifically design it more like
a type 5, perhaps, or something with a very limited flooding scope to solve
the specific use case in hand, rather than in a way that encourages general
use...

Does this make sense?

:-)

Russ