IETF Logo Mail Archive

Re: [trill] Alissa Cooper's No Objection on draft-ietf-trill-directory-assist-mechanisms-11: (with COMMENT)

Donald Eastlake <d3e3e3@gmail.com> Thu, 02 March 2017 22:48 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: trill@ietfa.amsl.com
Delivered-To: trill@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F3A21293F8; Thu, 2 Mar 2017 14:48:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0erx5YvA2tQ2; Thu, 2 Mar 2017 14:47:58 -0800 (PST)
Received: from mail-it0-x22b.google.com (mail-it0-x22b.google.com [IPv6:2607:f8b0:4001:c0b::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C11C6128E18; Thu, 2 Mar 2017 14:47:58 -0800 (PST)
Received: by mail-it0-x22b.google.com with SMTP id m27so2927933iti.1; Thu, 02 Mar 2017 14:47:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=G8kRaZAWuUGMZP/ATAHUvdTB10uaT+PR5su3cX5t7VQ=; b=D9Vk17ZPSSHKsQqYEm+mhxLoVpXNSZQjccCj09U6ypU358cktBaucxh6AiPf2M8/uS 33QU6RWQ60bMuqjOpYD4yBLGwAJpn967Ss9asvV8Fc/QrobmW5o/fw2b+a4ashOJwzKv Kf6E3ZolKrBZIk8rfuo92beXp8i3A9x/4Au4UmnijIm7991kR3VLcEWx/8iTeIgG7Lwc VJAhNAHsoUOkHY10l6GgYtHZYJvgDRQ6fJS8DTrNnsR10lijIN3VDKC1T8ubKQXFdR1a u2DKdc9hy7pZ8eayOUXErhuczs+yKPZDPiqw7Lessh5o/zg36GwJQkzVGS0BUPqT4SkL aEdw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=G8kRaZAWuUGMZP/ATAHUvdTB10uaT+PR5su3cX5t7VQ=; b=CU5h1zCPDk5J6pvln1g7EFbp88MR8ferlXQaK5pzBYD4CjxyKgbK/pEaRbgVSK5VBX IObqbLqvgpBZWIXk3rAUFl/goVP93v60oV9ySPammQk3QXxY1c9Mrup6FYxeTfdPYvGA b18ufE6fmAier3i+zZhSJLgLTA2+efRibycv9zrou4hzKZQQdFd6sgUxurKa9j7nZb0e IKjQaotJPtk3L55nTk+bEK8ggPbdl500bKxW9hC97Q+63kmi5m491wUDk47anWf7hhbr IK93GBdUdss8q5XUH/BuFHKnDFoWxwHmRhS8Owzu/uarPsPtzTyXGqtX+0Gh1RNbywnW zzyw==
X-Gm-Message-State: AMke39kCJ5eel2BnOVbbnWY7n9cZh2bjqSrWL4DYCXdkpiZQZoD/u4x0chYjAeTK9LtSaqhI99PlKeOLdpFxqg==
X-Received: by 10.36.77.10 with SMTP id l10mr148811itb.59.1488494878095; Thu, 02 Mar 2017 14:47:58 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.135.215 with HTTP; Thu, 2 Mar 2017 14:47:42 -0800 (PST)
In-Reply-To: <049DB5B4-422C-496D-824E-3ABB290D289A@cooperw.in>
References: <148475513653.2001.17665625207200773811.idtracker@ietfa.amsl.com> <CAF4+nEFwpQAf6d25RooBrXHUO-_vk0zD4zbFb0yu_N54ARJ3qQ@mail.gmail.com> <049DB5B4-422C-496D-824E-3ABB290D289A@cooperw.in>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Thu, 2 Mar 2017 17:47:42 -0500
Message-ID: <CAF4+nEE+P2ZTnLM+kZ9f2DxsN6FFvbWb=Sm7P1fa-qopV=j0Dw@mail.gmail.com>
To: Alissa Cooper <alissa@cooperw.in>
Content-Type: multipart/alternative; boundary=001a1144d016758e670549c73854
Archived-At: <https://mailarchive.ietf.org/arch/msg/trill/Pohz5NwVhi_rnsQNw0WwrZt1QCY>
Cc: "trill-chairs@ietf.org" <trill-chairs@ietf.org>, draft-ietf-trill-directory-assist-mechanisms@ietf.org, The IESG <iesg@ietf.org>, "shares@ndzh.com" <shares@ndzh.com>, "trill@ietf.org" <trill@ietf.org>
Subject: Re: [trill] Alissa Cooper's No Objection on draft-ietf-trill-directory-assist-mechanisms-11: (with COMMENT)
X-BeenThere: trill@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Developing a hybrid router/bridge." <trill.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trill>, <mailto:trill-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trill/>
List-Post: <mailto:trill@ietf.org>
List-Help: <mailto:trill-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trill>, <mailto:trill-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 22:48:00 -0000

Hi Alissa,

The -12 version of this draft, just posted, has a paragraph about ephemeral
MAC addresses in Section 1 and some text about protecting directory
information added to Section 6, which is now divided into subsections. This
is intended to resolve your comments.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 <(508)%20333-2270> (cell)
 155 Beaver Street, Milford, MA 01757 USA
 d3e3e3@gmail.com

On Thu, Jan 19, 2017 at 9:21 AM, Alissa Cooper <alissa@cooperw.in> wrote:

>
> > On Jan 18, 2017, at 2:02 PM, Donald Eastlake <d3e3e3@gmail.com> wrote:
> >
> > Hi Alissa,
> >
> > On Wed, Jan 18, 2017 at 10:58 AM, Alissa Cooper <alissa@cooperw.in>
> wrote:
> >>
> >> Alissa Cooper has entered the following ballot position for
> >> draft-ietf-trill-directory-assist-mechanisms-11: No Objection
> >>
> >> When responding, please keep the subject line intact and reply to all
> >> email addresses included in the To and CC lines. (Feel free to cut this
> >> introductory paragraph, however.)
> >>
> >> ----------------------------------------------------------------------
> >> COMMENT:
> >> ----------------------------------------------------------------------
> >>
> >> Since this document implies the creation of centralized databases of
> >> addressing information, I think it would help to call out in Section 6
> >
> > Yes, although such centralized databases are quite common currently in
> > terms of data center management and orchestration system databases.
> >
> >> the need to secure the directory contents themselves, not just against
> >> abuses of the push or pull services but in general against unauthorized
> >> access.
> >
> > OK.
> >
> > I'm not sure the need to secure directories resident on TRILL switches
> > is that much different from the need to secure the routing function
> > and routing data of TRILL switches. But the draft also supports Pull
> > Directories hosted on end stations and I think something should be
> > said about end station security in connection with the end station
> > hosting a directory.
>
> Sounds good.
>
> >
> >> Also, I recall in prior evaluations of TRILL documents some discussion
> >> about how TRILL deals with ephemeral MAC addresses and my recollection
> is
> >> that they are likely prohibited by policy on TRILL networks. But if
> there
> >
> > The payload of a TRILL Data packet looks like an Ethernet frame. TRILL
> > delivers it to end station(s) based on the destination MAC address
> > and, by default, learns about MAC reachability by observing the source
> > MAC address. So, while I would not say ephemeral or frequently
> > changing MAC addresses are prohibited by "policy", they would reduce
> > the efficiency of a TRILL campus by frequently obsoleting learned MAC
> > reachability information.
> >
> >> is some interaction between ephemeral MAC addresses and the services
> >> described in this document that would be good for implementors to be
> >> aware of, those are probably worth mentioning.
> >
> > Directories need not be complete. If, for example, there were servers
> > with fixed MACs and clients with mostly ephemeral MACs, I think it
> > would still be reasonable to have the reachability (edge attachment
> > point) information for the fixed MACs in a directory. Something about
> > this could be added to the draft.
>
> I think that would be helpful.
>
> Thanks,
> Alissa
>
> >
> > Thanks,
> > Donald
> > ===============================
> > Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
> > 155 Beaver Street, Milford, MA 01757 USA
> > d3e3e3@gmail.com
>
>

v2.8.7 | Report a Bug | By Email