Re: [Rift] Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft
wei.yuehua@zte.com.cn Mon, 18 March 2024 08:56 UTC
Return-Path: <wei.yuehua@zte.com.cn>
X-Original-To: rift@ietfa.amsl.com
Delivered-To: rift@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD27BC14F5E2; Mon, 18 Mar 2024 01:56:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.804
X-Spam-Level:
X-Spam-Status: No, score=-6.804 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X3e6GENNRY2i; Mon, 18 Mar 2024 01:56:48 -0700 (PDT)
Received: from mxhk.zte.com.cn (mxhk.zte.com.cn [63.216.63.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 197FBC14E513; Mon, 18 Mar 2024 01:56:43 -0700 (PDT)
Received: from mse-fl2.zte.com.cn (unknown [10.5.228.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mxhk.zte.com.cn (FangMail) with ESMTPS id 4Typcj3sj9z8XrRG; Mon, 18 Mar 2024 16:56:37 +0800 (CST)
Received: from szxlzmapp02.zte.com.cn ([10.5.231.79]) by mse-fl2.zte.com.cn with SMTP id 42I8uVHu003493; Mon, 18 Mar 2024 16:56:31 +0800 (+08) (envelope-from wei.yuehua@zte.com.cn)
Received: from mapi (szxlzmapp07[null]) by mapi (Zmail) with MAPI id mid13; Mon, 18 Mar 2024 16:56:34 +0800 (CST)
Date: Mon, 18 Mar 2024 16:56:34 +0800
X-Zmail-TransId: 2b0965f801c212e-a07f0
X-Mailer: Zmail v1.0
Message-ID: <202403181656340679679@zte.com.cn>
In-Reply-To: <BL0PR05MB5362487D76D46CBF2BF23A88B62B2@BL0PR05MB5362.namprd05.prod.outlook.com>
References: 202312161448290183570@zte.com.cn, 202312261107143654996@zte.com.cn, SN7PR05MB78070F6C239DDB774D943E7CAC98A@SN7PR05MB7807.namprd05.prod.outlook.com, 202312270853519752761@zte.com.cn, BL0PR05MB5362487D76D46CBF2BF23A88B62B2@BL0PR05MB5362.namprd05.prod.outlook.com
Mime-Version: 1.0
From: wei.yuehua@zte.com.cn
To: jhead=40juniper.net@dmarc.ietf.org
Cc: prz@juniper.net, alvaro.retana@futurewei.com, james.n.guichard@futurewei.com, draft-ietf-rift-applicability.shepherd@ietf.org, jefftant.ietf@gmail.com, zzhang@juniper.net, draft-ietf-rift-applicability.authors@ietf.org, rift@ietf.org
Content-Type: multipart/mixed; boundary="=====_001_next====="
X-MAIL: mse-fl2.zte.com.cn 42I8uVHu003493
X-Fangmail-Gw-Spam-Type: 0
X-Fangmail-Anti-Spam-Filtered: true
X-Fangmail-MID-QID: 65F801C5.001/4Typcj3sj9z8XrRG
Archived-At: <https://mailarchive.ietf.org/arch/msg/rift/-KeE5uexoTZEJPIFSaUCr-lSbI8>
Subject: Re: [Rift] Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft
X-BeenThere: rift@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of Routing in Fat Trees <rift.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rift>, <mailto:rift-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rift/>
List-Post: <mailto:rift@ietf.org>
List-Help: <mailto:rift-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rift>, <mailto:rift-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2024 08:56:52 -0000
Hi Jordan, Thank you so much. I hope the draft would wrap up soon. Best regard, Yuehua Wei Original From: JordanHead <jhead=40juniper.net@dmarc.ietf.org> To: 魏月华00019655;Antoni Przygienda <prz@juniper.net>; Cc: alvaro.retana@futurewei.com <alvaro.retana@futurewei.com>;james.n.guichard@futurewei.com <james.n.guichard@futurewei.com>;draft-ietf-rift-applicability.shepherd@ietf.org <draft-ietf-rift-applicability.shepherd@ietf.org>;jefftant.ietf@gmail.com <jefftant.ietf@gmail.com>;Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>;draft-ietf-rift-applicability.authors@ietf.org <draft-ietf-rift-applicability.authors@ietf.org>;rift@ietf.org <rift@ietf.org>; Date: 2024年03月12日 21:02 Subject: Re: [Rift] Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft _______________________________________________RIFT mailing listRIFT@ietf.orghttps://www.ietf.org/mailman/listinfo/rift I thought I had replied to this previously regarding the TTL/HL of 1 vs. 255, thank you for amending that text. There are still two more points that Jim and Alvaro wanted to address (and I agree). Miscabling Considerations The base spec has made mis-cabling OPTIONAL in a previous version due to the fact that different networks may not agree on what “miscabled” means. The current version of the applicability draft outlines one of these potential options where level 0 connects directly to level 2 (ToF) bypassing level 1. I would like to propose some text that considers a couple of other use-cases, so that things are covered more broadly. Multicast vs. Broadcast Implementations I would like to propose a bit of text for the existing IoT section that talks about “less robust” IP stacks on things like containers or embedded devices that might require the use of a broadcast implementation of RIFT. I’ll send proposals to the applicability authors in the next week or so. Thank you Jordan Juniper Business Use Only From: wei.yuehua@zte.com.cn <wei.yuehua@zte.com.cn> Date: Tuesday, December 26, 2023 at 7:54 PM To: Antoni Przygienda <prz@juniper.net> Cc: alvaro.retana@futurewei.com <alvaro.retana@futurewei.com>, james.n.guichard@futurewei.com <james.n.guichard@futurewei.com>, Jordan Head <jhead@juniper.net>, draft-ietf-rift-applicability.shepherd@ietf.org <draft-ietf-rift-applicability.shepherd@ietf.org>, jefftant.ietf@gmail.com <jefftant.ietf@gmail.com>, Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>, draft-ietf-rift-applicability.authors@ietf.org <draft-ietf-rift-applicability.authors@ietf.org>, rift@ietf.org <rift@ietf.org> Subject: Re: Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft [External Email. Be cautious of content] No problem, two drafts advance together Best Wishes Yuehua Wei Original From: AntoniPrzygienda <prz@juniper.net> To: 魏月华00019655;alvaro.retana@futurewei.com <alvaro.retana@futurewei.com>;james.n.guichard@futurewei.com <james.n.guichard@futurewei.com>;Jordan Head <jhead@juniper.net>; Cc: draft-ietf-rift-applicability.shepherd@ietf.org <draft-ietf-rift-applicability.shepherd@ietf.org>;jefftant.ietf@gmail.com <jefftant.ietf@gmail.com>;Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>;draft-ietf-rift-applicability.authors@ietf.org <draft-ietf-rift-applicability.authors@ietf.org>;rift@ietf.org <rift@ietf.org>; Date: 2023年12月27日 03:47 Subject: Re: Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft thanks, happy holidays back. There maybe more overflow from recent reviews on rift towards the applicability draft BTW once they’re resolved by Jordan and me so I’d expect at least one more version … tony Juniper Business Use Only From: wei.yuehua@zte.com.cn <wei.yuehua@zte.com.cn> Date: Tuesday, 26 December 2023 at 04:07 To: alvaro.retana@futurewei.com <alvaro.retana@futurewei.com>, james.n.guichard@futurewei.com <james.n.guichard@futurewei.com>, Jordan Head <jhead@juniper.net> Cc: Antoni Przygienda <prz@juniper.net>, draft-ietf-rift-applicability.shepherd@ietf.org <draft-ietf-rift-applicability.shepherd@ietf.org>, jefftant.ietf@gmail.com <jefftant.ietf@gmail.com>, Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>, draft-ietf-rift-applicability.authors@ietf.org <draft-ietf-rift-applicability.authors@ietf.org>, rift@ietf.org <rift@ietf.org> Subject: Re: Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft [External Email. Be cautious of content] Hi, Happy holidays! Your comments are resolved, and a new version was just uploaded. https://mailarchive.ietf.org/arch/msg/rift/zPJ3XaPD7tYWX_q2wBUmyRn37r4/ Best Wishes, Yuehua Wei Original From: AlvaroRetana <alvaro.retana@futurewei.com> To: prz@juniper.net <prz@juniper.net>;Alvaro Retana <alvaro.retana@futurewei.com>;魏月华00019655; Cc: jhead@juniper.net <jhead@juniper.net>;draft-ietf-rift-applicability.shepherd@ietf.org <draft-ietf-rift-applicability.shepherd@ietf.org>;jefftant.ietf@gmail.com <jefftant.ietf@gmail.com>;zzhang@juniper.net <zzhang@juniper.net>;draft-ietf-rift-applicability.authors@ietf.org <draft-ietf-rift-applicability.authors@ietf.org>;James Guichard <james.n.guichard@futurewei.com>; Date: 2023年12月19日 02:59 Subject: Re: Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft Works for me. Thanks! On December 16, 2023 at 1:48:42 AM, wei.yuehua@zte.com.cn (wei.yuehua@zte.com.cn) wrote: hi,Tony and Alvaro, Based on your comments, the text is amended as following: ----- 5.17 TTL/HopLimit of 1 vs. 255 on LIEs/TIEs The use of a packet's Time to Live (TTL) (IPv4) or Hop Limit (IPv6) to verify whether the packet was originated by an adjacent node on a connected link has been used in RIFT. LIEs/TIEs MUST be sent with an IPv4 Time to Live (TTL) or an IPv6 Hop Limit (HL) of either 1 or 255 to prevent RIFT information reaching beyond a single L3 next-hop in the fabric. LIEs/TIEs arriving with IPv4 Time to Live (TTL) or an IPv6 Hop Limit (HL) different than 1 or 255 MUST be ignored. RIFT explicitly requires the use of a TTL/HL value of 1 *or* 255 when sending/receiving LIEs and TIEs so that implementors have a choice between the two. TTL (or HL) = 1 protects against the information disseminating more than 1 hop in the fabric and should be the default unless configured otherwise. TTL (or HL) = 255 can lead RIFT TIE packet propagation to more than one hop (multicast address is already local subnetwork range) in case of implementation problems but does protect against a remote attack as well, and the receiving remote router will ignore such TIE packet unless the remote router is exactly 254 hops away and accepts only TTL=1. [RFC5082] defines a Generalized TTL Security Mechanism (GTSM). The GTSM is applicable to LIEs/TIEs implementations that use a TTL or HL of 255. It provides a defense from infrastructure attacks based on forged protocol packets from outside the fabric. For implementations that use a TTL or HL of 1, there are some security threats that are left open. For example, it is relatively easy to spoof a packet remotely so that it has a TTL of 1 within the fabric. Please see the Security Considerations in [RFC5082]. I appreciate your comments. Best Regards, Yuehua Wei From: AntoniPrzygienda <prz@juniper.net> To: 魏月华00019655;Jordan Head <jhead@juniper.net>;james.n.guichard@futurewei.com <james.n.guichard@futurewei.com>; Cc: draft-ietf-rift-applicability.authors@ietf.org <draft-ietf-rift-applicability.authors@ietf.org>;draft-ietf-rift-applicability.shepherd@ietf.org <draft-ietf-rift-applicability.shepherd@ietf.org>;alvaro.retana@futurewei.com <alvaro.retana@futurewei.com>;jefftant.ietf@gmail.com <jefftant.ietf@gmail.com>;Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>; Date: 2023年12月16日 04:19 Subject: Re: Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft okey, I fully support adding this to applicability draft with amedments below here the comment as to correctness TTL=1 protects against the information disseminating more than 1 hop in the fabric and should be the default unless configured otherwise TTL=255 can lead to more than one hop RIFT TIE packet propagation (multicast address is already local subnetwork range) in case of implementation problems but does protect against a remote attack as well and the receiving remote router will ignore such unless the remote router is exactly 254 hops away and accepts only TTL=1. the ‘MUST be ignored’ should be amended (unless explicitly configured otherwise). Just like in case of MTU mismatch a knob is always necessary due to some deployment corner cases AFAIS this can be still discussed, we’re not RFC yet and implementations can be knob’ed to accept anyting and send anything (just like the ‘OSPF security check’ knob so common today … tony Juniper Business Use Only From: wei.yuehua@zte.com.cn <wei.yuehua@zte.com.cn> Date: Friday, 15 December 2023 at 04:31 To: Jordan Head <jhead@juniper.net>, james.n.guichard@futurewei.com <james.n.guichard@futurewei.com> Cc: Antoni Przygienda <prz@juniper.net>, draft-ietf-rift-applicability.authors@ietf.org <draft-ietf-rift-applicability.authors@ietf.org>, draft-ietf-rift-applicability.shepherd@ietf.org <draft-ietf-rift-applicability.shepherd@ietf.org>, alvaro.retana@futurewei.com <alvaro.retana@futurewei.com>, jefftant.ietf@gmail.com <jefftant.ietf@gmail.com>, Jeffrey (Zhaohui) Zhang <zzhang@juniper.net> Subject: Jim raised the concern about TTL issue at IETF118 and require to add some text to rift-applicability draft [External Email. Be cautious of content] hi Jordan and Jim, Jim raised the concern about TTL issue at IETF118 (https://datatraker.ietf.org/doc/minutes-118-rift/), and require to add some text to the rift-applicability draft to wrap up the draft with base spec together. The following text is proposed to add to new version of draft-ietf-rift-applicability as a section of "5. Operational Considerations", please review and comment, thanks! 5.17 TTL/HopLimit of 1 vs. 255 on LIEs/TIEs The use of a packet's Time to Live (TTL) (IPv4) or Hop Limit (IPv6) to verify whether the packet was originated by an adjacent node on a connected link has been used in RIFT. LIEs/TIEs MUST be sent with an IPv4 Time to Live (TTL) or an IPv6 Hop Limit (HL) of either 1 or 255 to prevent RIFT information reaching beyond a single L3 next-hop in the fabric. LIEs/TIEs arriving with IPv4 Time to Live (TTL) or an IPv6 Hop Limit (HL) different than 1 or 255 MUST be ignored. RIFT explicitly requires the use of a TTL/HL value of 1 *or* 255 when sending/receiving LIEs and TIEs so that implementors have a choice between the two. [RFC5082] defines a Generalized TTL Security Mechanism (GTSM). The GTSM is applicable to LIEs/TIEs implementations that use a TTL or HL of 255. It provides a defense from infrastructure attacks based on forged protocol packets from outside the fabric. For implementations that use a TTL or HL of 1, there are some security threats that are left open. For example, it is relatively easy to spoof a packet remotely so that it has a TTL of 1 within the fabric. Please see the Security Considerations in [RFC5082]. Best Regards, Yuehua Wei Non-Junipe
- Re: [Rift] Jim raised the concern about TTL issue… wei.yuehua
- Re: [Rift] Jim raised the concern about TTL issue… Antoni Przygienda
- Re: [Rift] Jim raised the concern about TTL issue… wei.yuehua
- Re: [Rift] Jim raised the concern about TTL issue… Jordan Head
- Re: [Rift] Jim raised the concern about TTL issue… wei.yuehua