[Softwires] softwire-encaps-safi

Carlos Pignataro <cpignata@cisco.com> Sat, 24 May 2008 04:08 UTC

Return-Path: <softwires-bounces@ietf.org>
X-Original-To: softwires-archive@megatron.ietf.org
Delivered-To: ietfarch-softwires-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 85B373A688F; Fri, 23 May 2008 21:08:33 -0700 (PDT)
X-Original-To: softwires@core3.amsl.com
Delivered-To: softwires@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5C3D23A6829 for <softwires@core3.amsl.com>; Fri, 23 May 2008 21:08:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id unOmamzdPJGE for <softwires@core3.amsl.com>; Fri, 23 May 2008 21:08:28 -0700 (PDT)
Received: from av-tac-rtp.cisco.com (hen.cisco.com [64.102.19.198]) by core3.amsl.com (Postfix) with ESMTP id 895683A6852 for <softwires@ietf.org>; Fri, 23 May 2008 21:08:27 -0700 (PDT)
X-TACSUNS: Virus Scanned
Received: from rooster.cisco.com (localhost [127.0.0.1]) by av-tac-rtp.cisco.com (8.11.7p3+Sun/8.11.7) with ESMTP id m4O482U03437; Sat, 24 May 2008 00:08:04 -0400 (EDT)
Received: from [10.116.85.227] (rtp-cpignata-8712.cisco.com [10.116.85.227]) by rooster.cisco.com (8.11.7p3+Sun/8.11.7) with ESMTP id m4O48ju03115; Sat, 24 May 2008 00:08:46 -0400 (EDT)
Message-ID: <48379496.3000902@cisco.com>
Date: Sat, 24 May 2008 00:07:50 -0400
From: Carlos Pignataro <cpignata@cisco.com>
Organization: cisco Systems, Inc.
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080421 Thunderbird/2.0.0.14 Mnenhy/0.7.5.0
MIME-Version: 1.0
To: David Ward <dward@cisco.com>
References: <89F15385-FDFE-4973-A8B2-A2F358655DFE@cisco.com>
In-Reply-To: <89F15385-FDFE-4973-A8B2-A2F358655DFE@cisco.com>
X-Enigmail-Version: 0.95.6
X-Face: *3w8NvnQ|kS~V{&{U}$?G9U9EJQ8p9)O[1[1F'1i>XIc$5FR!hdAIf5}'Xu-3`^Z']h0J* ccB'fl/XJYR[+,Z+jj`4%06nd'y9[ln&ScJT5S+O18e^
Cc: "Francois Le Faucheur IMAP <flefauch@cisco.com>" <flefauch@cisco.com>, Alain Durand <Alain_Durand@cable.comcast.com>, Jari Arkko <jari.arkko@piuha.net>, softwires@ietf.org, "John G. Scudder <jgs@juniper.net>" <jgs@juniper.net>, jianping <jianping@cernet.edu.cn>, "Russ White <riw@cisco.com>" <riw@cisco.com>
Subject: [Softwires] softwire-encaps-safi
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/softwires>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: softwires-bounces@ietf.org
Errors-To: softwires-bounces@ietf.org

On 5/5/2008 David Ward <dward@cisco.com> wrote:
>        draft-ietf-softwire-encaps-safi-00.txt

Please find some comments on ietf-softwire-encaps-safi, I hope these are 
useful:


     Tunnel Type (2 octets): It identifies the type of the tunneling
     technology being signaled. This document defines the following types:

       - L2TPv3: Tunnel Type = 1

L2TPv3 can be encapsulated in different ways over IP (e.g., directly
over IP proto 115, and over UDP). This document refers implicitly
(without mention) to L2TPv3 over IP (the only L2TPv3 mandatory
encapsulation from RFC3931), but does not explicitly clarify it. Could
this be disambiguated, e.g., by either: i. Renaming the Tunnel Type 1 to
"L2TPv3 over IP", or ii. Providing further L2TPv3 encap details (IP vs.
UDP, etc) in the Encapsulation sub-TLV for the L2TPv3 TLV Type?

~~~~~~

      * Session ID: a 4-octet value locally assigned by the advertising
        router that serves as a lookup key in the incoming packet's
        context.

Could "non-null" be added as a constrain for the Session ID? The 
all-zeros identifies and L2TPv3 Control Packet (instead of data packet) 
when running directly over IP. From RFC3931:

    Session ID

       A 32-bit field containing a non-zero identifier for a session.
...
    L2TP over IP uses the reserved Session
    ID of zero (0) when sending control messages.
...
          Note that the control message header in this case begins after
          the all-zero Session ID when running over IP

~~~~~~

       |                        Cookie (Variable)                      |
...
       * Cookie: an optional, variable length (encoded in octets - 0 to 8
         octets) value used by L2TPv3 to check the association of a
         received data message with the session identified by the Session
         ID. The Cookie value is tightly coupled with the Session ID.


This text defining/describing the Cookie field seems to allow for any
length of cookie from 0 to 8 octets; however, from RFC3931:

       The Assigned Cookie is a 4-octet or 8-octet random value.
...
       The value's length
       (0, 32, or 64 bits) is obtained by the length of the AVP.

Should this description constrain itself to either a 0-, 4- or 8-octet 
cookie (instead of any len between 0..8 octets)?

~~~~~~

4.2. Protocol Type sub-TLV
...
    Note that the protocol type sub-TLV is optional, e.g. if the
    tunneling technology is GRE, this sub-TLV is not required.

Is this sub-TLV also optional for L2TPv3 tunneling, which encap (unlike 
GRE) does not have a PID, or is it mandatory for L2TPv3 Tunnel Type? If 
still optional, how is the encapsulated Protocol Type (tunneled payload 
PID) signaled, checked, selected/validated in the dataplane?

~~~~~~

6. Security Considerations

Shouldn't this section be augmented with the security considerations of 
the tunneling protocols used? e.g., for l2tpv3, source (and dest) 
validation (for tunneled traffic) vs. (or plus) suggested use of  the 
cookie, etc?

~~~~~~

References:

I notice this document does not reference RFC2784 + RFC2890 and RFC3931. 
It seems it should, for example draft-ietf-softwire-encaps-ipsec (that 
does not concern with defining the Tunnel Types for L2TPv3 or GRE still 
add 2784/3931 references.



Thanks,

-- 
--Carlos Pignataro.
Escalation RTP - cisco Systems

_______________________________________________
Softwires mailing list
Softwires@ietf.org
https://www.ietf.org/mailman/listinfo/softwires