IETF Logo Mail Archive

Re: [Pana] FW: I-D Action:draft-yegin-pana-unspecified-addr-00.txt

Richard Pruss <ric@cisco.com> Tue, 02 March 2010 10:09 UTC

Return-Path: <ric@cisco.com>
X-Original-To: pana@core3.amsl.com
Delivered-To: pana@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D0E5528C0D6 for <pana@core3.amsl.com>; Tue, 2 Mar 2010 02:09:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.228
X-Spam-Level:
X-Spam-Status: No, score=-5.228 tagged_above=-999 required=5 tests=[AWL=-2.629, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dfl+v6jgUlMp for <pana@core3.amsl.com>; Tue, 2 Mar 2010 02:09:43 -0800 (PST)
Received: from ams-iport-2.cisco.com (ams-iport-2.cisco.com [144.254.224.141]) by core3.amsl.com (Postfix) with ESMTP id 9685C28C0D0 for <pana@ietf.org>; Tue, 2 Mar 2010 02:09:42 -0800 (PST)
Authentication-Results: ams-iport-2.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AjEBAE5yjEuQ/uCWe2dsb2JhbACafRUBARYkBhylXpg2hHsE
X-IronPort-AV: E=Sophos;i="4.49,565,1262563200"; d="scan'208";a="3911029"
Received: from ams-core-1.cisco.com ([144.254.224.150]) by ams-iport-2.cisco.com with ESMTP; 02 Mar 2010 09:37:08 +0000
Received: from syd-rpruss-8715.cisco.com (syd-rpruss-8715.cisco.com [10.67.232.182]) by ams-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id o22A9dJ9009577; Tue, 2 Mar 2010 10:09:40 GMT
Mime-Version: 1.0 (Apple Message framework v1077)
Content-Type: text/plain; charset="us-ascii"
From: Richard Pruss <ric@cisco.com>
In-Reply-To: <000f01cab9ee$ae7049f0$0b50ddd0$@yegin@yegin.org>
Date: Tue, 02 Mar 2010 20:09:38 +1000
Content-Transfer-Encoding: quoted-printable
Message-Id: <F25982A1-6956-453A-9B93-D59C90BAE8FE@cisco.com>
References: <0f3c01cab94e$20eb7550$62c25ff0$@yegin@yegin.org> <8BD4156F-8173-49ED-8EBA-4EAC718C54DD@cisco.com> <128701cab9df$b211d880$16358980$@yegin@yegin.org> <88D0FBF0-088B-4ED9-B4D9-B1E6468C9F1D@cisco.com> <000f01cab9ee$ae7049f0$0b50ddd0$@yegin@yegin.org>
To: Alper Yegin <alper.yegin@yegin.org>
X-Mailer: Apple Mail (2.1077)
Cc: pana@ietf.org
Subject: Re: [Pana] FW: I-D Action:draft-yegin-pana-unspecified-addr-00.txt
X-BeenThere: pana@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Protocol for carrying Authentication for Network Access <pana.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pana>
List-Post: <mailto:pana@ietf.org>
List-Help: <mailto:pana-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Mar 2010 10:09:43 -0000

Well the protection of the ARP table will simply drop your packets specification
because they are not DHCP and do not have a valid IP address and thus illegal.

http://tools.ietf.org/html/draft-baker-sava-cisco-ip-source-guard-00

Have you thought of running PANA over DHCP instead.

On 02/03/2010, at 7:56 PM, Alper Yegin wrote:

> Ric, you have to be really specific.
> You are not explaining what specific problem you are seeing, and I'm not
> able to imagine.
> Why would ARP break, please tell us. Both DHCP and Mobile IPv4 already work
> with unspecified IP addresses.
> 
> 
>> -----Original Message-----
>> From: Richard Pruss [mailto:ric@cisco.com]
>> Sent: Tuesday, March 02, 2010 10:17 AM
>> To: Alper Yegin
>> Cc: pana@ietf.org
>> Subject: Re: [Pana] FW: I-D Action:draft-yegin-pana-unspecified-addr-
>> 00.txt
>> 
>> 
>> On 02/03/2010, at 6:09 PM, Alper Yegin wrote:
>> 
>>>> This will break networks in so many ways it is hard to even predict.
>>>> What will the average ARP implementation do with this horror.
>>> 
>>> Please elaborate.
>> 
>> You really do like to answer a question with a question,
>> What will ARP do with the packets of your draft?
>> All parts of ARP, gratuitous, probe, arp learning, spoofing protection,
>> it all seems to fall apart.
>> 
>> 
>>> 
>>> 
>>> 
>>>> On 02/03/2010, at 12:47 AM, Alper Yegin wrote:
>>>> 
>>>>> 
>>>>> Comments are welcome.
>>>>> 
>>>>> 
>>>>> -----Original Message-----
>>>>> From: i-d-announce-bounces@ietf.org [mailto:i-d-announce-
>>>> bounces@ietf.org]
>>>>> On Behalf Of Internet-Drafts@ietf.org
>>>>> Sent: Monday, March 01, 2010 3:00 PM
>>>>> To: i-d-announce@ietf.org
>>>>> Subject: I-D Action:draft-yegin-pana-unspecified-addr-00.txt
>>>>> 
>>>>> A New Internet-Draft is available from the on-line Internet-Drafts
>>>>> directories.
>>>>> 
>>>>> 	Title           : Protocol for Carrying Authentication for
>>>> Network
>>>>> Access (PANA) with IPv4 Unspecified Address
>>>>> 	Author(s)       : A. Yegin, Y. Ohba
>>>>> 	Filename        : draft-yegin-pana-unspecified-addr-00.txt
>>>>> 	Pages           : 9
>>>>> 	Date            : 2010-03-01
>>>>> 
>>>>> This document defines how PANA client (PaC) can perform PANA
>>>> authentication
>>>>> prior to configuring an IP address.
>>>>> 
>>>>> A URL for this Internet-Draft is:
>>>>> http://www.ietf.org/internet-drafts/draft-yegin-pana-unspecified-
>>>> addr-00.txt
>>>>> 
>>>>> Internet-Drafts are also available by anonymous FTP at:
>>>>> ftp://ftp.ietf.org/internet-drafts/
>>>>> 
>>>>> Below is the data which will enable a MIME compliant mail reader
>>>>> implementation to automatically retrieve the ASCII version of the
>>>>> Internet-Draft.
>>>>> 
>>>>> _______________________________________________
>>>>> Pana mailing list
>>>>> Pana@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/pana
>>> 
>

v2.23.0 | Report a Bug | By Email