Re: [pcp] GET and GETNEXT OpCodes
"Dan Wing" <dwing@cisco.com> Fri, 11 March 2011 17:40 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: pcp@core3.amsl.com
Delivered-To: pcp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0EF543A6B1A for <pcp@core3.amsl.com>; Fri, 11 Mar 2011 09:40:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6T+c0g2C2b3p for <pcp@core3.amsl.com>; Fri, 11 Mar 2011 09:40:15 -0800 (PST)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id F3FA43A6A5A for <pcp@ietf.org>; Fri, 11 Mar 2011 09:40:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=dwing@cisco.com; l=3071; q=dns/txt; s=iport; t=1299865294; x=1301074894; h=from:to:cc:references:in-reply-to:subject:date: message-id:mime-version:content-transfer-encoding; bh=Hrf7bxSJZM/7GmWkljTbxdldS2a+M7VJm2UN1C+zWN0=; b=J+5BwXF1X4TmokJMlvfCqwW758zS756/pMt2PJ+KkF+tqOHbgcBVUvnC t2OS1G7lxSLsy8l0T3iks9ABJPIvuU6CHcj+w/J5vlEwdfO69LR3HJVYK v8goKE+IHFFnjZTQH7JbA/kphn3O50XibCUaZ27Wj7UfOJ0nOIHr1v+SU A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0AALfteU2tJXHB/2dsb2JhbACYZIFki2l3pgecKYViBIUp
X-IronPort-AV: E=Sophos;i="4.62,304,1297036800"; d="scan'208";a="274840119"
Received: from rcdn-core2-6.cisco.com ([173.37.113.193]) by sj-iport-4.cisco.com with ESMTP; 11 Mar 2011 17:41:34 +0000
Received: from dwingWS ([10.21.79.146]) by rcdn-core2-6.cisco.com (8.14.3/8.14.3) with ESMTP id p2BHfX89003867; Fri, 11 Mar 2011 17:41:33 GMT
From: Dan Wing <dwing@cisco.com>
To: xiaohong.deng@orange-ftgroup.com, Francis.Dupont@fdupont.fr
References: Your message of Thu, 10 Mar 2011 11:55:34 +0800. <0962B0BEF842A24191AD9BE41A8DD2FC015EB84F@ch-mailsrv.rd.francetelecom.fr> <201103101438.p2AEcPva047524@givry.fdupont.fr> <256d01cbdf4d$d4103960$7c30ac20$@com> <0962B0BEF842A24191AD9BE41A8DD2FC015EBCB1@ch-mailsrv.rd.francetelecom.fr>
In-Reply-To: <0962B0BEF842A24191AD9BE41A8DD2FC015EBCB1@ch-mailsrv.rd.francetelecom.fr>
Date: Fri, 11 Mar 2011 09:41:33 -0800
Message-ID: <2a8501cbe013$90336980$b09a3c80$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcvfMNcTuTa7eAMhSLeGY3u0r3iFWwAGmonQACIzuUAAD7NLMA==
Content-Language: en-us
Cc: pcp@ietf.org
Subject: Re: [pcp] GET and GETNEXT OpCodes
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Mar 2011 17:40:16 -0000
> -----Original Message----- > From: xiaohong.deng@orange-ftgroup.com [mailto:xiaohong.deng@orange- > ftgroup.com] > Sent: Friday, March 11, 2011 2:16 AM > To: dwing@cisco.com; Francis.Dupont@fdupont.fr > Cc: pcp@ietf.org; simon.perreault@viagenie.ca > Subject: RE:[pcp] GET and GETNEXT OpCodes > > > |Oh! That must be the security problem you refer us back to, > |but have not re-explained to us. > | > |So, the scenario is: > | > | 1. PCP client does a MAP > | 2. PCP server (or the CGN) crashes and loses state > | 3. PCP client is, of course, unaware of that state loss until > | much later (whatever its refresh interval is) > | 4. In that interval, another PCP client (or implicit dynamic > | mapping) could grab that port. > | > |The same problem exists without PCP, of course, with an > |implicit mapping (e.g., created with a TCP SYN). And the > |resolution is described in Section 6, "Cold Standby Mode" > |of draft-xu-behave-stateful-nat-standby-06: that the CGN > |needs to use a different public IPv4 address pool > |when it crashes and loses state. IMO, that advice > |belongs in BEHAVE's CGN Requirements document, as it does not > |solely affect PCP. Simon Perreault, CC'd, is the editor of > |the CGN Requirements document. > | > | > |In the PCP document, adding something along the lines of seems > |a reasonable addition for the Epoch section: > | > | In the time between a PCP server loses state and the PCP client > | notices the lower-than-expected Epoch value, it is possible that > the > | PCP client's mapping will be acquired by another host (via an > | explicit dynamic mapping or implicit dynamic mapping). This means > | incoming traffic will be sent to a different host. A mechanism to > | immediately inform the PCP client of state loss would reduce this > | interval, but would not eliminate this threat. The PCP client can > | reduce this interval by using a relatively short lifetime; however, > > xiaohong: that could help, but how long would be the perfect lifetime > that niether too long > for healing nor too short to limit the amount of PCP chatter? There isn't any ideal value. The exact same problem occurs with DHCP, today -- the DHCP server can crash and lose state (forgetting which clients had leased which addresses), and a different host can acquire that address. Even if there was a way to inform a host, immediately, that the PCP server lost state (e.g., using a multicast message, as done by NAT-PMP), one host could beat another host. The window of opportunity would be shorter, but something as simple as being connected to wired Ethernet (rather than wireless) or a faster Ethernet driver or faster CPU would allow someone to win. I don't see a solution. As my proposed text suggests, if this is a concern, use TLS on the connection itself. -d > | increases the amount of PCP chatter. Connection authentication > | > BR, > Xiaohong > opensource A+P: http://opensourceaplusp.weebly.com/
- [pcp] GET and GETNEXT OpCodes xiaohong.deng
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont
- Re: [pcp] GET and GETNEXT OpCodes Dan Wing
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont
- Re: [pcp] GET and GETNEXT OpCodes xiaohong.deng
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont
- Re: [pcp] GET and GETNEXT OpCodes Dan Wing
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont
- Re: [pcp] GET and GETNEXT OpCodes xiaohong.deng
- Re: [pcp] GET and GETNEXT OpCodes xiaohong.deng
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont
- Re: [pcp] GET and GETNEXT OpCodes Dan Wing
- Re: [pcp] GET and GETNEXT OpCodes Dan Wing
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont
- Re: [pcp] GET and GETNEXT OpCodes Dan Wing
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont
- Re: [pcp] GET and GETNEXT OpCodes Francis Dupont