Re: [trill] Alissa Cooper's No Objection on draft-ietf-trill-directory-assist-mechanisms-11: (with COMMENT)
Alissa Cooper <alissa@cooperw.in> Thu, 19 January 2017 14:21 UTC
Return-Path: <alissa@cooperw.in>
X-Original-To: trill@ietfa.amsl.com
Delivered-To: trill@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FEBC1295FA; Thu, 19 Jan 2017 06:21:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.721
X-Spam-Level:
X-Spam-Status: No, score=-2.721 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cooperw.in header.b=g0H5O0Uo; dkim=pass (1024-bit key) header.d=messagingengine.com header.b=AACyDRCM
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q9hL6gDGj7Mv; Thu, 19 Jan 2017 06:21:25 -0800 (PST)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D28DA1295F2; Thu, 19 Jan 2017 06:21:24 -0800 (PST)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 423E9208ED; Thu, 19 Jan 2017 09:21:24 -0500 (EST)
Received: from frontend2 ([10.202.2.161]) by compute7.internal (MEProxy); Thu, 19 Jan 2017 09:21:24 -0500
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=cooperw.in; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc:x-sasl-enc; s=mesmtp; bh=rlfydeBBsJ9pidN q0OS6rS2xgSQ=; b=g0H5O0UozJVNbRt6ntVS3cRNEujvhUb+uEGslJUI/CDzElI Xsm05SPrbZCm+mJ2wU+qVmUmkWM4NSDSnREV96b8zXZI0x4fsqXRkpoIy43nRLzb 1Rv3QhaN98j/MGvkG9ew59dw54nwzvcDD0pxJmKjpD8aHZ1O/mvovjQCi8yw=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= smtpout; bh=rlfydeBBsJ9pidNq0OS6rS2xgSQ=; b=AACyDRCMu8iPCBRSZIiD orsVidJ59bBuKaLpVLA3Rv0GNosOEefMWJsHJIZW5li82iquFin/nKLQQN1i3TR4 ngAbqHo6gZeVXbvjzFjvtAZBEgFgdIeZw6vcrcNKg11LQUXXCrwStGLzY/I3Ty4F VH3EX/1UXG4r21Oq5QVJudA=
X-ME-Sender: <xms:ZMuAWEVYWCSg1v0aS3hlPRFW_4eGAILp9z_3XnchVTwBMaarpGyIyA>
X-Sasl-enc: UEjyJ9IoSzN3e9BmSfq2JCR+5rrNifsipOgzbR5utfNi 1484835683
Received: from sjc-alcoop-8818.cisco.com (unknown [128.107.241.165]) by mail.messagingengine.com (Postfix) with ESMTPA id EF36F2418A; Thu, 19 Jan 2017 09:21:22 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Alissa Cooper <alissa@cooperw.in>
In-Reply-To: <CAF4+nEFwpQAf6d25RooBrXHUO-_vk0zD4zbFb0yu_N54ARJ3qQ@mail.gmail.com>
Date: Thu, 19 Jan 2017 09:21:21 -0500
Content-Transfer-Encoding: 7bit
Message-Id: <049DB5B4-422C-496D-824E-3ABB290D289A@cooperw.in>
References: <148475513653.2001.17665625207200773811.idtracker@ietfa.amsl.com> <CAF4+nEFwpQAf6d25RooBrXHUO-_vk0zD4zbFb0yu_N54ARJ3qQ@mail.gmail.com>
To: Donald Eastlake <d3e3e3@gmail.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/trill/fkYKLy5a-oASb41b4lwwyh4gfgY>
Cc: "trill-chairs@ietf.org" <trill-chairs@ietf.org>, draft-ietf-trill-directory-assist-mechanisms@ietf.org, The IESG <iesg@ietf.org>, "shares@ndzh.com" <shares@ndzh.com>, "trill@ietf.org" <trill@ietf.org>
Subject: Re: [trill] Alissa Cooper's No Objection on draft-ietf-trill-directory-assist-mechanisms-11: (with COMMENT)
X-BeenThere: trill@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Developing a hybrid router/bridge." <trill.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trill>, <mailto:trill-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trill/>
List-Post: <mailto:trill@ietf.org>
List-Help: <mailto:trill-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trill>, <mailto:trill-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jan 2017 14:21:26 -0000
> On Jan 18, 2017, at 2:02 PM, Donald Eastlake <d3e3e3@gmail.com> wrote: > > Hi Alissa, > > On Wed, Jan 18, 2017 at 10:58 AM, Alissa Cooper <alissa@cooperw.in> wrote: >> >> Alissa Cooper has entered the following ballot position for >> draft-ietf-trill-directory-assist-mechanisms-11: No Objection >> >> When responding, please keep the subject line intact and reply to all >> email addresses included in the To and CC lines. (Feel free to cut this >> introductory paragraph, however.) >> >> ---------------------------------------------------------------------- >> COMMENT: >> ---------------------------------------------------------------------- >> >> Since this document implies the creation of centralized databases of >> addressing information, I think it would help to call out in Section 6 > > Yes, although such centralized databases are quite common currently in > terms of data center management and orchestration system databases. > >> the need to secure the directory contents themselves, not just against >> abuses of the push or pull services but in general against unauthorized >> access. > > OK. > > I'm not sure the need to secure directories resident on TRILL switches > is that much different from the need to secure the routing function > and routing data of TRILL switches. But the draft also supports Pull > Directories hosted on end stations and I think something should be > said about end station security in connection with the end station > hosting a directory. Sounds good. > >> Also, I recall in prior evaluations of TRILL documents some discussion >> about how TRILL deals with ephemeral MAC addresses and my recollection is >> that they are likely prohibited by policy on TRILL networks. But if there > > The payload of a TRILL Data packet looks like an Ethernet frame. TRILL > delivers it to end station(s) based on the destination MAC address > and, by default, learns about MAC reachability by observing the source > MAC address. So, while I would not say ephemeral or frequently > changing MAC addresses are prohibited by "policy", they would reduce > the efficiency of a TRILL campus by frequently obsoleting learned MAC > reachability information. > >> is some interaction between ephemeral MAC addresses and the services >> described in this document that would be good for implementors to be >> aware of, those are probably worth mentioning. > > Directories need not be complete. If, for example, there were servers > with fixed MACs and clients with mostly ephemeral MACs, I think it > would still be reasonable to have the reachability (edge attachment > point) information for the fixed MACs in a directory. Something about > this could be added to the draft. I think that would be helpful. Thanks, Alissa > > Thanks, > Donald > =============================== > Donald E. Eastlake 3rd +1-508-333-2270 (cell) > 155 Beaver Street, Milford, MA 01757 USA > d3e3e3@gmail.com
- [trill] Alissa Cooper's No Objection on draft-iet… Alissa Cooper
- Re: [trill] Alissa Cooper's No Objection on draft… Donald Eastlake
- Re: [trill] Alissa Cooper's No Objection on draft… Alissa Cooper
- Re: [trill] Alissa Cooper's No Objection on draft… Donald Eastlake