Re: [savi] Gen-ART review of draft-ietf-savi-threat-scope-07
"Black, David" <david.black@emc.com> Wed, 03 April 2013 17:04 UTC
Return-Path: <david.black@emc.com>
X-Original-To: savi@ietfa.amsl.com
Delivered-To: savi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 716C221F8F56; Wed, 3 Apr 2013 10:04:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qPdFAoY03Sjy; Wed, 3 Apr 2013 10:04:40 -0700 (PDT)
Received: from mexforward.lss.emc.com (hop-nat-141.emc.com [168.159.213.141]) by ietfa.amsl.com (Postfix) with ESMTP id 6899321F8F40; Wed, 3 Apr 2013 10:04:38 -0700 (PDT)
Received: from hop04-l1d11-si03.isus.emc.com (HOP04-L1D11-SI03.isus.emc.com [10.254.111.23]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id r33H4Xe3026469 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 3 Apr 2013 13:04:33 -0400
Received: from mailhub.lss.emc.com (mailhubhoprd03.lss.emc.com [10.254.221.145]) by hop04-l1d11-si03.isus.emc.com (RSA Interceptor); Wed, 3 Apr 2013 13:04:14 -0400
Received: from mxhub12.corp.emc.com (mxhub12.corp.emc.com [10.254.92.107]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id r33H4ALW029953; Wed, 3 Apr 2013 13:04:10 -0400
Received: from mx15a.corp.emc.com ([169.254.1.81]) by mxhub12.corp.emc.com ([10.254.92.107]) with mapi; Wed, 3 Apr 2013 13:04:09 -0400
From: "Black, David" <david.black@emc.com>
To: "Black, David" <david.black@emc.com>, "McPherson, Danny" <dmcpherson@verisign.com>, Fred Baker <fred@cisco.com>, "joel.halpern@ericsson.com" <joel.halpern@ericsson.com>, "gen-art@ietf.org" <gen-art@ietf.org>
Date: Wed, 03 Apr 2013 13:04:08 -0400
Thread-Topic: Gen-ART review of draft-ietf-savi-threat-scope-07
Thread-Index: AcwRKxLMGPOwf18pRUizv8st+VLKC4QxHuTAAbSUPlA=
Message-ID: <8D3D17ACE214DC429325B2B98F3AE71293D371CF@MX15A.corp.emc.com>
References: <7C4DFCE962635144B8FAE8CA11D0BF1E055F69357F@MX14A.corp.emc.com> <8D3D17ACE214DC429325B2B98F3AE71293AEEDC8@MX15A.corp.emc.com>
In-Reply-To: <8D3D17ACE214DC429325B2B98F3AE71293AEEDC8@MX15A.corp.emc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EMM-MHVC: 1
X-Mailman-Approved-At: Thu, 04 Apr 2013 08:17:05 -0700
Cc: "ietf@ietf.org" <ietf@ietf.org>, "Black, David" <david.black@emc.com>, "savi@ietf.org" <savi@ietf.org>, Ted Lemon <Ted.Lemon@nominum.com>, Jean-Michel Combes <jeanmichel.combes@gmail.com>
Subject: Re: [savi] Gen-ART review of draft-ietf-savi-threat-scope-07
X-BeenThere: savi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mailing list for the SAVI working group at IETF <savi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/savi>, <mailto:savi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/savi>
List-Post: <mailto:savi@ietf.org>
List-Help: <mailto:savi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/savi>, <mailto:savi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2013 17:04:42 -0000
The -07 version of this draft resolves all of the issues raised by the Gen-ART review of the -06 version. Discussion of the review with the authors has resulted in a common understanding that there is no need for additional text on statically allowing all source addresses through all links in a set of teamed/aggregated links - that's at best "nice to have" for this draft, but not essential. Thanks, --David > -----Original Message----- > From: Black, David > Sent: Monday, March 25, 2013 9:04 PM > To: McPherson, Danny; Fred Baker; joel.halpern@ericsson.com; gen-art@ietf.org > Cc: Jean-Michel Combes; Ted Lemon; savi@ietf.org; Black, David; ietf@ietf.org > Subject: Gen-ART review of draft-ietf-savi-threat-scope-06 > > I have been selected as the General Area Review Team (Gen-ART) reviewer > for this draft (for background on Gen-ART, please see > http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html) > > Please wait for direction from your document shepherd or > AD before posting a new version of the draft. > > Document: draft-ietf-savi-threat-scope-06 > Reviewer: David L. Black > Review Date: March 27, 2013 > IESG Telechat Date: (if known) > > Summary: This draft is on the right track, but has open issues, described in > the review. > > Looking at the original Gen-ART review of the -05 draft and checking the diffs > between -05 and -06, the issues raised by that review have only been partially > addressed: > > > There is no discussion of link teaming or aggregation (e.g., via LACP); this > > may affect source address validation functionality by requiring the same > > validation checks on all aggregated ports. An important case to discuss > > is where the aggregated host links are connected to ports on different > > switches (e.g., in an active/passive configuration). > > This is partially addressed on 4.1.2 (new section in -06), but only in terms > of moving validation state when something like LACP reconfigures. This has a > couple of shortcomings: > a) the alternative of statically allowing all source addresses through all > teamed/aggregated links (decouples SAVI state from link > teaming/aggregation > state) should also be mentioned, and > b) the new text implies that LACP is the only way to cause this situation - > it's > not, so LACP should be used as an example. VRRP is another example. > > > (1) Some of the software switch implementations are single instance switches > > whose implementation is distributed across multiple physical servers. This > > results in concerns similar to the link aggregation discussion above. > > I don't think this has been addressed, but the notion of single-instance > switches > could be added to the generalization of the new text in 4.1.2. > > > (2) Live migration of virtual machines among physical servers causes > > relocation of MAC addresses across switch ports. A so-called "gratuitous > ARP" > > is often used to inform the network of the MAC address move; port-based > > source address validation information needs to move in response to such > ARPs. > > > > (3) MAC address relocation is also used as a failure recovery technique; the > > surviving hardware element (e.g., host in a cluster) takes over the MAC > > addresses of the failed hardware; like the previous case, a "gratuitous ARP" > > is a common means of informing the network that the MAC address has moved, > > and source address validation information needs to move in response to it. > > > > Minor issues: > > > > There doesn't seem to be much discussion of dynamic network reconfiguration, > > which may change traffic egress points. VRRP may be a useful example to > > discuss beyond the typical routing protocol updates to forwarding tables. > > A paragraph has been added to 5.2.3 to address all three of the above > concerns. > I guess that's ok, but I would have liked to see some text pointing out that a > MAC move can be detected by the switches and used to update SAVI state about > which port(s) a MAC is accessed through. > > Thanks, > --David > > > -----Original Message----- > > From: Black, David > > Sent: Friday, May 13, 2011 1:03 AM > > To: McPherson, Danny; Fred Baker; joel.halpern@ericsson.com; gen- > art@ietf.org > > Cc: Black, David; Christian Vogt; Jean-Michel Combes; Jari Arkko; > > savi@ietf.org > > Subject: Gen-ART review of draft-ietf-savi-threat-scope-05 > > > > I am the assigned Gen-ART reviewer for this draft. For background on > > Gen-ART, please see the FAQ at > > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. > > > > Please resolve these comments along with any other Last Call comments > > you may receive. > > > > Document: draft-ietf-savi-threat-scope-05 > > Reviewer: David L. Black > > Review Date: 12 May 2011 > > IETF LC End Date: 18 May 2011 > > > > Summary: This draft is on the right track, but has open issues, described in > > the review. > > > > This draft discusses the threats and deployment environment for IP source > > address validation with particular attention to finer-grain validation that > > could be used within a network to validate IP addresses closer to the > sources > > of network traffic than ingress to an ISP's network. > > > > Major issues: > > > > There is no discussion of link teaming or aggregation (e.g., via LACP); this > > may affect source address validation functionality by requiring the same > > validation checks on all aggregated ports. An important case to discuss > > is where the aggregated host links are connected to ports on different > > switches > > (e.g., in an active/passive configuration). > > > > The discussion of multi-instance hosts in section 5.2.3 is incomplete > > in several important aspects: > > > > (1) Some of the software switch implementations are single instance switches > > whose implementation is distributed across multiple physical servers. This > > results in concerns similar to the link aggregation discussion above. > > > > (2) Live migration of virtual machines among physical servers causes > > relocation of MAC addresses across switch ports. A so-called "gratuitous > ARP" > > is often used to inform the network of the MAC address move; port-based > > source address validation information needs to move in response to such > ARPs. > > > > (3) MAC address relocation is also used as a failure recovery technique; the > > surviving hardware element (e.g., host in a cluster) takes over the MAC > > addresses of the failed hardware; like the previous case, a "gratuitous ARP" > > is a common means of informing the network that the MAC address has moved, > > and source address validation information needs to move in response to it. > > > > Minor issues: > > > > There doesn't seem to be much discussion of dynamic network reconfiguration, > > which may change traffic egress points. VRRP may be a useful example to > > discuss beyond the typical routing protocol updates to forwarding tables. > > > > Nits/editorial comments: > > > > idnits 2.12.11 ran clean. > > > > Thanks, > > --David > > ---------------------------------------------------- > > David L. Black, Distinguished Engineer > > EMC Corporation, 176 South St., Hopkinton, MA 01748 > > +1 (508) 293-7953 FAX: +1 (508) 293-7786 > > david.black@emc.com Mobile: +1 (978) 394-7754 > > ---------------------------------------------------- > >
- [savi] Gen-ART review of draft-ietf-savi-threat-s… david.black
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel M. Halpern
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… david.black
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel M. Halpern
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… david.black
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel M. Halpern
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Jari Arkko
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel Halpern
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel Halpern
- [savi] Gen-ART review of draft-ietf-savi-threat-s… Black, David
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Black, David
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Ted Lemon
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Black, David
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel Halpern
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel M. Halpern
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Black, David
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Ted Lemon
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel Halpern
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel M. Halpern
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Black, David
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Joel Halpern Direct
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Black, David
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Russ Housley
- Re: [savi] Gen-ART review of draft-ietf-savi-thre… Ted Lemon