vulnerability of being attacked//RE: [RRG] Re: Should the identifier be used as local locator

[xuxiaohu 41208 <xuxh@huawei.com>]

|> Earlier Xu XiaoHu wrote:
|> % Take GSE/ILNP as an example, the so-called identifier
|> % is still used as routing hint in the site networks, ...
|> 
|> The note referenced above does not correctly describe ILNP.
|> I'll leave it to others as to whether it correctly describes GSE.
|> 
|> - ILNP does NOT ever use the Identifier for 
|routing/forwarding packets.
|> - The Identifier is only used for identity purposes in ILNP.
|> 
|> - ILNP *only* uses the Locator to route/forward packets,
|>   including when mobility or multi-homing are part of the deployment.
|
|Ran, after the Locator guides the packet to a subnetwork, does the 
|packet ever go through another IP router on its way to the destination 
|endpoint?  If so, how is it known what the next hop should be 
|to forward 
|the packet?


>And more specifically, how does the last hop router determine the MAC
>address of the final destination?  The MAC address itself is a flat
>identifier (and locator on the last hop) that can be embedded in the
>endpoint identifier, or the endpoint identifier can be used for a lookup to
>determine the MAC address.  In either case, the endpoint identifier ends up
>being used for a local routing decision.

Hi Tony,

I wonder whether the routing on flat identifier(irrelevant to location)will become a vulnerability to being attacked by random destination identifier scan, since the last hop router doesn't know the exact range of the identifiers in its local scale. Take the unlimited range of the flat identifier into consideration, the vulnerability will become even worse than that of current ARP(for one subnet,there is a limit on the range of ARP resoluti
on).

Xiaohu Xu


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg