[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RRG] Re: LISP gleaning looks insecure and therefore unusable
Short version: Gleaning seems to be completely insecure,
so I can't imagine how it could be useful.
You just don't use a glean until you complete a Map-Request/Map-Reply
exchange. That way you test the outer SA of the packet to echo a
packet back to you with the nonce you provided.
Not only do you want to verify the locator, but you want to get the
other locators associated with the EID-prefix.
do not contain the word "glean".
Here is my understanding of gleaning, by way of an example:
HostA-->--R1==>==R2==>==R3-->--HostB
HostA sends a packet to HostB. HostB's address is within a
LISP-mapped EID prefix. R1 functions as an ITR and (after gaining
the mapping information for HostB's address) encapsulates the packet
and tunnels it "==" to R3 which acts as an ETR. The decapsulated
packet is sent to HostB. (Also, perhaps R1 had no mapping, but the
packet gets to R3 via the ALT network.)
As I understand it, "gleaning" involves R3, as an ETR, taking the
outer source address of the packet it received (R1's address) as an
RLOC location, presuming it to be the address of an ETR, and the
inner packet's source address (HostA's address) and presuming this
to be an EID.
Yes, so the Map-Reply that responds to the Map-Request also provides
the EID-prefix associated with the inner SA (the source EID) from the
invoking packet.
The purpose is to have at least this gleaned mapping information:
EID (HostA's address) mapped to RLOC (R1's address)
ready, without any delay due to mapping lookups, for the likely
event that HostB will soon send a packet right to left to HostA.
Right, but you get an unvalidated partial mapping that one has to
decide if it wants to use. In our prototype, we have gleaning turned
off by default, but when enabled, we also allow you to verify the
glean. So if you turn that off, you use the glean information right
away, otherwise you drop packets until the Map-Reply comes back.
The basic draft-farinacci-lisp-06 document can be hard to
understand, because it primarily (or solely?) applies to LISP
variants 1.0 and 1.5. Where do LISP-NERD and LISP-ALT fit into
this? The reader is trying to construct a concrete understanding of
how NERD and ALT would work while reading multiple documents which
reference each other in general, but perhaps not in sufficient detail.
There is a datagram based mechanism to send and receive Map-Replies
from the main spec. But how and where Map-Requests or Data Probes are
sent, depends on the mapping database.
So Data Probes are used in:
1) LISP 1.0.
2) LISP-ALT
And Map-Requests only are used in:
1) LISP-CONS
2) Gleaning
And both Data Probes and Map-Requests are used in:
1) LISP-ALT
And Nerd doesn't use any Data Probe or Map-Request because the mapping
data comes to you via the push mechanism.
Dino
--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg