Re: Update to BFD over VXLAN
Jeffrey Haas <jhaas@pfrc.org> Wed, 27 November 2019 20:26 UTC
Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0B9E1208B8; Wed, 27 Nov 2019 12:26:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mJayXGWnqJZT; Wed, 27 Nov 2019 12:26:48 -0800 (PST)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 6E67C120908; Wed, 27 Nov 2019 12:26:48 -0800 (PST)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 3F3D41E2F8; Wed, 27 Nov 2019 15:30:55 -0500 (EST)
Date: Wed, 27 Nov 2019 15:30:55 -0500
From: Jeffrey Haas <jhaas@pfrc.org>
To: Greg Mirsky <gregimirsky@gmail.com>
Cc: rtg-bfd WG <rtg-bfd@ietf.org>, bfd-chairs@ietf.org, Martin Vigoureux <martin.vigoureux@nokia.com>
Subject: Re: Update to BFD over VXLAN
Message-ID: <20191127203055.GC18175@pfrc.org>
References: <CA+RyBmWaeTZknMAdXBTeok3DOTUZdtKxnReD76ad9X9S+cROwQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CA+RyBmWaeTZknMAdXBTeok3DOTUZdtKxnReD76ad9X9S+cROwQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/Q0KjV3G_Mq9RzcWCb1XMch9yERQ>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Nov 2019 20:26:51 -0000
Greg, On Wed, Nov 20, 2019 at 10:41:46AM +0800, Greg Mirsky wrote: > Dear All, > as was decided at the meeting, an explanation of using an address from the > Internal host loopback interface address range has been added into the > Security Consideration section: > NEW TEXT: > This document recommends using an address from the Internal host > loopback addresses range as the destination IP address in the inner > IP header. Using such address prevents the forwarding of the > encapsulated BFD control message by a transient node in case the > VXLAN tunnel is broken as according to [RFC1812]: > > A router SHOULD NOT forward, except over a loopback interface, any > packet that has a destination address on network 127. A router > MAY have a switch that allows the network manager to disable these > checks. If such a switch is provided, it MUST default to > performing the checks. I think the text above is largely right. There's a slight level of ambiguity since elsewhere in the document, we don't use the RFC 4379 notation, i.e. 0:0:0:0:0:FFFF:127/104: : : loopback addresses (127/8 range for IPv4 and : 0:0:0:0:0:FFFF:7F00:0/104 range for IPv6). I think if you explicitly call it out in the 7400 format, we may be all set. -- Jeff
- Update to BFD over VXLAN Greg Mirsky
- Re: Update to BFD over VXLAN Jeffrey Haas
- Re: Update to BFD over VXLAN Greg Mirsky