Re: [trill] Alvaro Retana's Discuss on draft-ietf-trill-smart-endnodes-10: (with DISCUSS)
Donald Eastlake <d3e3e3@gmail.com> Wed, 07 March 2018 19:57 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: trill@ietfa.amsl.com
Delivered-To: trill@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 918BF12D86F; Wed, 7 Mar 2018 11:57:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T6K7m0P6jZE0; Wed, 7 Mar 2018 11:57:10 -0800 (PST)
Received: from mail-io0-x234.google.com (mail-io0-x234.google.com [IPv6:2607:f8b0:4001:c06::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C7DB129C6B; Wed, 7 Mar 2018 11:57:10 -0800 (PST)
Received: by mail-io0-x234.google.com with SMTP id h23so4368005iob.11; Wed, 07 Mar 2018 11:57:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=vLK9T98TUMt5v1mj430L/KUtu1ugmpZiOXnzqLuXx+E=; b=qhUeN4VAV5ltCaj23/M16VAPFeTUUV2Jc5Au3vCb20ifvhQf1AZPZQPSYVLSKzPB2V YYd1QxxBR2O1JgyYcO2fXMYMw4h73mli49DlwuKeW21qcmGDZwck11i/+HA07IpCAnMg L7j2xislZ4uvDhAtUvilGNLGIKYK1xKv1Cb2qgeUYlw4WySe1Bqu8eqPvF1NtSmKXcId 26+f/da1BWg938XcW55bVU4H9Ey5Xjyn/mQVBvQ7VgOGt6e6Oz/TZCFFVQ1pqp9Q0ajr LukmvR0LSHXI8IHQ15HSnVhra6FFDz7BsBxxFrDP7nP/FxiIlo63wF9Pj3WNRtkYjcVj 9niw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=vLK9T98TUMt5v1mj430L/KUtu1ugmpZiOXnzqLuXx+E=; b=O9fvkSXvA4asoZnfWcd/6K4AlIxzLaEjJhqBx19/og8CAGkTsgnTvft4TBtoMi+rpl pddNJbtlIFz4sOMbvCbW1kf15VA3QtWTXS378SuWZ8dUIxjD9du0nymvVdaAK4YcSBoX 408w2wIs0S38idA7+q8gwyLdCiWQt1e2H91lZfmIi/2Mqu3t7lta3gvqPexaJpOPIPx6 B3nhlceC/c4Y5d+QTDJxtgTTqNMILMNefxIco5AMdsfa9LvavgPWQrR7jAHChQA1Zyyf 1yppYrR5F7uOyEWWVC9vcYByOw7iQGoF1b+o1GnhiWjVrMRb/N08e+lMFTqIlyZYdq7M 3fFQ==
X-Gm-Message-State: APf1xPCdxUf9z449Jztxq/MNwwoJmksojCtQAAphatGMeDM9Mw4vZuNv 55GJc8cQ7pkhEByZvCB2ej5+0Nd7wmYAqmklRq8=
X-Google-Smtp-Source: AG47ELsr10hHXqk/7pTzbzajWfqQwA96fLfN0NsRUQzGo+GM2vaxiXvDKXXQ+/HvAi+ytJYVXMyZUX+ckU8helGBsyY=
X-Received: by 10.107.95.23 with SMTP id t23mr27808010iob.14.1520452629815; Wed, 07 Mar 2018 11:57:09 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.58.193 with HTTP; Wed, 7 Mar 2018 11:56:54 -0800 (PST)
In-Reply-To: <152028566673.31723.3025539385493024777.idtracker@ietfa.amsl.com>
References: <152028566673.31723.3025539385493024777.idtracker@ietfa.amsl.com>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Wed, 07 Mar 2018 14:56:54 -0500
Message-ID: <CAF4+nEGbGebfdDZ4Ktk62VeE7YC+Jktd1fpEckO6jrV_Deo6Jw@mail.gmail.com>
To: Alvaro Retana <aretana.ietf@gmail.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-trill-smart-endnodes@ietf.org, trill-chairs@ietf.org, Susan Hares <shares@ndzh.com>, trill IETF mailing list <trill@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trill/iVWABjgK0iAJ-18bS1K67jdt-vQ>
Subject: Re: [trill] Alvaro Retana's Discuss on draft-ietf-trill-smart-endnodes-10: (with DISCUSS)
X-BeenThere: trill@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Developing a hybrid router/bridge." <trill.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trill>, <mailto:trill-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trill/>
List-Post: <mailto:trill@ietf.org>
List-Help: <mailto:trill-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trill>, <mailto:trill-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2018 19:57:13 -0000
Hi Alvaro, On Mon, Mar 5, 2018 at 4:34 PM, Alvaro Retana <aretana.ietf@gmail.com> wrote: > Alvaro Retana has entered the following ballot position for > draft-ietf-trill-smart-endnodes-10: Discuss > > ... > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > This document feels tightly coupled with > draft-ietf-trill-directory-assisted-encap, even though there are no > cross-references. If I understand the mechanisms correctly, a Smart Endnode > (discussed in this draft) can then do directory assisted encapsulation > (described in draft-ietf-trill-directory-assisted-encap). In fact, the > encapsulation/decapsulation seems to be the main motivation in defining a Smart > Endnode. There are similarities, but I'm not sure I would say that draft-ietf-trill-directory-assisted-encap and draft-ietf-trill-smart-endnodes are "tightly coupled". trill-directory-assisted-encap is the best you can do with no changes to RBridges as specified in the TRILL Base Protocol [RFC6325]. Special end stations can do the encapsulation but edge RBridges always do the decapsuation. trill-smart-endnodes requires additional mechanisms in the edge RBridges to shake hands with the smart endnode, recognize when a destination MAC is being handled by the smart endnode and just forward it without decapslation, etc. As a result, this also support smart endnodes that are fine grained label aware. > I think then that this document also falls short in the exploration of > potential issues, so I am also balloting DISCUSS. The same cases that I > pointed at for draft-ietf-trill-directory-assisted-encap [1] are applicable > here -- with the added caveat that the Smart Endnode, in general, has other > sources of information (learning, etc.), which means that there are potentially > more doors to close. OK, similar security consideration text improvements can presumably be made to this draft. > The Multi-homing Scenario (Section 6) adds some complexity to the ability to > check whether the Ingress RBridge is set correctly in the encapsulation. It > would be nice to explore this case a little further and highlight the issues as > the topologies get more complex. > > As I wrote in [1], I don't think that there are easy mitigations for these > issues, but at least mentioning them so that operators are aware of the risk > would be enough to clear this DISCUSS. Given that the authors partially > overlap, it may be a good idea to solve the issue in this document (which is > the general case) and then just have the other one point this way. > > [1] > https://mailarchive.ietf.org/arch/msg/trill/xZvEj_9FtSgHSp4DnKCVxr670gc/?qid=1e5a9496ac80237a3f7cc6aeea09d24d Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e3e3@gmail.com
- [trill] Alvaro Retana's Discuss on draft-ietf-tri… Alvaro Retana
- Re: [trill] Alvaro Retana's Discuss on draft-ietf… Donald Eastlake
- Re: [trill] Alvaro Retana's Discuss on draft-ietf… Donald Eastlake