[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: shim6 and bit errors in data packet headers



marcelo bagnulo braun wrote:

This implies that in the bit error case above, since B can't tell the
difference between a bit error and the case when it has lost/discarded
the state, B needs to at least send an error message to A saying "I have
no matching shim6 context".


why?
i would argue that silently discarding the packet would be enough. I mean, i think that soft state approach is an interesting approach, but i would like to explore the possibility of silently discarding packets that don't match with any existent contexts.

I think if you want to discard packets for which you don't have a context, then I think you effectively end up assuming some hard(er) state management, where the two ends coordinate when they discard their state. But I can't see how this can work in a soft-state approach - soft state seems to imply that a node can rebuild the state when it receives packets.


FWIW I've suggested a way to handle a close handshake for hard state management in the past, which has made it into the HIP spec.

I mean, i think that (as i think you mentioned a while ago) defining a error message in order to reply to those packets belonging to non existent contexts may introduce some security issues. In particular, it may allow an attacker to force to communicating end nodes to re-do the initial exchange, allowing the attacker to become a MiTM.

Yes, but that isn't any worse than in today's Internet; an attacker can arrive on the path and use e.g. ARP spoofing in the local link (which might be the link between two routers in the path) to redirect the traffic.


   Erik