[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: about R1bis

To: marcelo bagnulo braun <marcelo@it.uc3m.es>
Subject: Re: about R1bis
From: Erik Nordmark <erik.nordmark@sun.com>
Date: Thu, 10 Nov 2005 17:28:03 -0800
Cc: shim6-wg <shim6@psg.com>
In-reply-to: <ac39f47aaedb75c0e34d1e0c77ef7673@it.uc3m.es>
References: <4ab62e1642a160c79132398984ac5867@it.uc3m.es> <4372B94B.8060200@sun.com> <ac39f47aaedb75c0e34d1e0c77ef7673@it.uc3m.es>
User-agent: Mozilla Thunderbird 1.0.6 (X11/20050720)

marcelo bagnulo braun wrote:

Two more issues related to R1bis that came to my mind:

1 - Is it important to defend a peer from a fake R1bis?
I mean, R1bis may enable some attacks similar to sending a fake TCP RSTpacket.If a peer receives a R1bis packet refering to an established context, itwill try to restablish the context, sending an I2 packet. If we assumethat the R1bis packet is fake and that the validator is not correct, thereceiver will siliently discard the I2 packet. At this point thereceiver will try to resend the I2 packet or try to send an I1 packetagain. I2 will continue to be discarded, but I1 packet will get a R2reply, which imho will be good enough in this case. I guess that thiscovers this case pretty good, so i don't think that anything else isneeded.


ok

And faking an R1bis requires knowing the context tag.

2 - Do we want that the failure detection probes trigger a contextrecovery mechanisms i.e. R1bis?


Yes.

In the considered scenario, when the initial path between the ulids isworking fine, the transmission of probes to verify that the current pathis working may result in triggering the context recovery mechanisms i.e.the transmission of a R1bis packet. Such behaviour may not be theoptimum for dealing with the case of the server that wants to discard

But I don't think we need to have optimality; question is whether itworks or not.


  Erik

the clients contexts, in order to let the clients to handle faulttolernace (the scenario suggested by Iljitsch in the ams meeting). Apossibility for dealing with this would be that probes that verify thatthe current path is working do not contain context specific information(as oposed to probes used for exploring the alternative paths, that inorder to be used for flooding prevention must carry context specificinformation). I know that this would imply a change in the failuredetection protocol in Jari's draft, but maybe it would be worth toconsider this issue.
Regards, marcelo
PS: agree that interaction with context confusion mechanisms needs to bebe clearly understood in order to get the full picture about this R1bisthing

References:
- about R1bis
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>
- Re: about R1bis
  - From: Erik Nordmark <erik.nordmark@sun.com>
- Re: about R1bis
  - From: marcelo bagnulo braun <marcelo@it.uc3m.es>

Prev by Date: Re: about draft-ietf-shim6-proto-02.txt
Next by Date: Re: about R1bis
Previous by thread: Re: about R1bis
Next by thread: Re: about R1bis
Index(es):
- Date
- Thread