[RTG-DIR] RtgDir review: draft-ietf-bfd-multipoint-active-tail-08.txt
Stig Venaas <stig@venaas.com> Fri, 15 June 2018 21:16 UTC
Return-Path: <stig@venaas.com>
X-Original-To: rtg-dir@ietfa.amsl.com
Delivered-To: rtg-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6285B130E64 for <rtg-dir@ietfa.amsl.com>; Fri, 15 Jun 2018 14:16:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=venaas-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pg-W8K6njy2i for <rtg-dir@ietfa.amsl.com>; Fri, 15 Jun 2018 14:16:23 -0700 (PDT)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 328B2126CB6 for <rtg-dir@ietf.org>; Fri, 15 Jun 2018 14:16:23 -0700 (PDT)
Received: by mail-wm0-x230.google.com with SMTP id p126-v6so5491173wmb.2 for <rtg-dir@ietf.org>; Fri, 15 Jun 2018 14:16:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=venaas-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to:cc; bh=QFQLDuHhhrh6lhdHCUGQ1o0CDYDB/QFjltio7kYKgWQ=; b=CDWEN6B2sXeQ5UQCceYNcALrzrc/Pp9PwAMmmAz9RzDmXhjEY2XKvMGOkruSFgiLiy lUQ29InL/DZTCHYwwLd9+5Q/yCWbfNVasCEE9K8JApeIYkyGnHTAdqUhHzuaw4E9cUPH myPpeJUwPrPyv1h4KZNkF+x999IxCRhNgOVvSrU3ahl4v7u3CaP9sH7I3W6SQDKTOmWz SAALblvwtD+c3ZXL4D3LQLWfJQ13eXC9dMTEtAzAHw+o7cARU0nA0vb9nSNCkvi6Gjvv 65nwvuC6MeCPjPPLoQaSFH5kF3sBGILWZcfGF6w8pq77qfbmLizB4cAN1qyGLuv34W3U sfzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=QFQLDuHhhrh6lhdHCUGQ1o0CDYDB/QFjltio7kYKgWQ=; b=QKD4kDq942nD9dU8p8z0b6xWZxuv3v4ggiB1PTksR0cMZiq8rtletlv03x4gDOraiy FM9CVf+Zvnqnm4q2/S+o3yuX8Yoa2X4lWoCtQFzVlmXPpI0jHqzBcmzd3U943Fgob3cA DmOAvI0i0V3gxH4hXhHu/AKHgUvIffG8Sql7wrplEs9jS8JA5DSch+FrubwIbouS/DDJ l1FeSVRlUMjcuMtjz81TQMY/r0UPGsiOuFvVbAtl3/PeKx/+QAHHCE7t2G3jyGErRksE +tmKjKmYLaZti0I37bgXVq+YU8DTEMadrJFIbgUJ0XwhM7jUkXCOPUbmcro2+PjMyw2J nmbA==
X-Gm-Message-State: APt69E3rTLBrtSP0+Uhb2s5uPeVsgoIMtyeR2ZudoE1+LqvZm0Xig8Ug v5FqDI0jfJ2B1S2rbD6Ge0fwm5KMUXgGboBTu6yMFA==
X-Google-Smtp-Source: ADUXVKJkhEP0kIzRvWJ24zJq4HJeNvN5THn1faF8MT3fbI+zJtSlw/eQHFRPT1Ewl8KkfBwgxlTDLuiUNbrzIPGepoA=
X-Received: by 2002:a50:a985:: with SMTP id n5-v6mr3029101edc.263.1529097381720; Fri, 15 Jun 2018 14:16:21 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a50:ec17:0:0:0:0:0 with HTTP; Fri, 15 Jun 2018 14:16:21 -0700 (PDT)
From: Stig Venaas <stig@venaas.com>
Date: Fri, 15 Jun 2018 14:16:21 -0700
Message-ID: <CAHANBt+ZwsMfdknrnExY60UuyDWZ_2u6Gp-9mg=5gApo+UqMpQ@mail.gmail.com>
To: "<rtg-ads@ietf.org>" <rtg-ads@ietf.org>
Cc: draft-ietf-bfd-multipoint-active-tail.all@ietf.org, bfd@ietf.org, rtg-dir@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-dir/UJ8PLAnTNNr15KMf3ItSoS5fQXQ>
Subject: [RTG-DIR] RtgDir review: draft-ietf-bfd-multipoint-active-tail-08.txt
X-BeenThere: rtg-dir@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Routing Area Directorate <rtg-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-dir/>
List-Post: <mailto:rtg-dir@ietf.org>
List-Help: <mailto:rtg-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-dir>, <mailto:rtg-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jun 2018 21:16:26 -0000
Hello, I have been selected as the Routing Directorate reviewer for this draft. The Routing Directorate seeks to review all routing or routing-related drafts as they pass through IETF last call and IESG review, and sometimes on special request. The purpose of the review is to provide assistance to the Routing ADs. For more information about the Routing Directorate, please see http://trac.tools.ietf.org/area/rtg/trac/wiki/RtgDir Although these comments are primarily for the use of the Routing ADs, it would be helpful if you could consider them along with any other IETF Last Call comments that you receive, and strive to resolve them through discussion or by updating the draft. Document: draft-ietf-bfd-multipoint-active-tail-08.txt Reviewer: Stig Venaas Review Date: date 2018-06-15 IETF LC End Date: 2018-06-18 Intended Status: Standards Track Summary: I have some minor concerns about this document that I think should be resolved before publication. Comments: The document is in a good shape and almost ready for publication. I only have some minor issues and a couple of nits. The main one is perhaps the security considerations. Major Issues: No major issues found. Minor Issues: I found 5.2.3 last paragraph a bit confusing: If the multipoint path and the reverse unicast path both stay up but the forward unicast path fails, neither side will notice so long as a unicast Poll Sequence is never sent by the head. If the head sends a unicast Poll Sequence, the head will see the BFD session fail, but the state of the multipoint path will be unknown to the head. The tail will continue to receive multipoint data traffic. It says here that the state of the multipoint path is unknown, which is true if it only does unicast polling. But the assumption is 5.2.3 is that multipoint polling is also done. So it might be good to point out that the state of the multipoint path will determined by the multipoint pull. The security considerations could need more details. Is there some way an attacker can send forged multipoint polls getting clients to send a large number of responses to the head? Also how hard would it be to use any address for the head? Would clients only accept a certain address for the head? It should perhaps be emphasized that BFD authentication mechanisms are important? It should be possible to restrict a client to only respond to authenticated polls. Also perhaps have some rate limiting in clients in case the head polls at an unreasonably high rate? Nits: In the Introduction it says: This document effectively modifies and adds to Sections 5.12 and 5.13 of the base BFD multipoint document [I-D.ietf-bfd-multipoint]. This should be 4.12 and 4.13, right? 6.13.1 and 6.13.2 Refer to 5.13.x, but should be 4.13.x. One of the authors is listed in the Acknowledgments section. Regards, Stig
- Re: [RTG-DIR] RtgDir review: draft-ietf-bfd-multi… Jeffrey Haas
- Re: [RTG-DIR] RtgDir review: draft-ietf-bfd-multi… Stig Venaas
- Re: [RTG-DIR] RtgDir review: draft-ietf-bfd-multi… Greg Mirsky
- [RTG-DIR] RtgDir review: draft-ietf-bfd-multipoin… Stig Venaas