[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Pls review documents on IESG Agenda for December 1, 2005

To: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Subject: Re: Pls review documents on IESG Agenda for December 1, 2005
From: Jari Arkko <jari.arkko@piuha.net>
Date: Thu, 24 Nov 2005 14:03:12 +0200
Cc: "Aaa-Doctors (E-mail)" <aaa-doctors@ops.ietf.org>
In-reply-to: <7D5D48D2CAA3D84C813F5B154F43B15508A47E40@nl0006exch001u.nl.lucent.com>
References: <7D5D48D2CAA3D84C813F5B154F43B15508A47E40@nl0006exch001u.nl.lucent.com>
User-agent: Mozilla Thunderbird 1.0 (X11/20041206)

Wijnen, Bert (Bert) wrote:

 o draft-ietf-mpls-lsp-ping-10.txt
Detecting MPLS Data Plane Failures (Proposed Standard) - 1 of 22Note: ITU requires an RFC number by December 12th.Token: Alex Zinin

I recently completed a review of this spec for Sam. The
review is copied below for your information:

--Jari

Hi Sam, Kireeti,

This is my somewhat delayed review of the mpls
ping draft that I promised to Sam earlier.

Overall:

I did not see any major security or other problems,
but I am somewhat worried about the use of 127.x.x.x
addresses on the wire (more on that below).

The protocol seems reasonable. I see a need for this
function. The protocol is very complicated for a ping,
however. I'm assuming its what the community wants
and/or result of the mpls architecture.

Disclaimer: Note that I am not an MPLS expert and
do not fully understand all the other components
involved in the MPLS system.

Security:

I looks like there are no specific security issues in this
protocol, beyond those already adequately discussed
in the security considerations section. I did not see,
for instance, reflection attack problems.

Technical:

   An MPLS echo request is a (possibly) labeled UDP packet.  The IP
   header is set as follows: the source IP address is a routable address
   of the sender; the destination IP address is a (randomly chosen)
   address from 127/8; the IP TTL is set to 1.  The source UDP port is
   chosen by the sender; the destination UDP port is set to 3503
   (assigned by IANA for MPLS echo requests).  The Router Alert option
   is set in the IP header.


The use of 127.0.0.1 and other 127... addresses on the wire
is against a MUST in RFCs 1122, 1700, 3330 and maybe others.

Interestingly, the echo responses are not sent using these
fictional addresses. Is this because at MPLS level we may not
know initially what the IP address of the egress point is? Or
is there some other reason?

   The contents of the field are shown in the table above.
   IP addresses are drawn from the range 127/8.


There are references to these addresses in several
places in the document. What does an IPv6 system do?

Editorial:

   The following Mutipath Types are defined:


s/Mutipath/Multipath/

   For a more precise definition of the notion of "downstream", see the
   section named "Downstream".


There is no section with that name, I think. Unless
you mean "Downstream IP Address and Downstream
Interface Address" little further down, or Section 3.3?

References:
- Pls review documents on IESG Agenda for December 1, 2005
  - From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>

Prev by Date: Pls review documents on IESG Agenda for December 1, 2005
Next by Date: Re: Pls review documents on IESG Agenda for December 1, 2005
Previous by thread: Pls review documents on IESG Agenda for December 1, 2005
Next by thread: Re: Pls review documents on IESG Agenda for December 1, 2005
Index(es):
- Date
- Thread