[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 12 Problems with "draft-ietf-v6ops-mech-v2-04.txt" : was RE: Reminder: clarification....

To: Alex Conta <aconta@txc.com>
Subject: Re: 12 Problems with "draft-ietf-v6ops-mech-v2-04.txt" : was RE: Reminder: clarification....
From: Erik Nordmark <Erik.Nordmark@sun.com>
Date: Fri, 20 Aug 2004 02:22:54 -0700 (PDT)
Cc: Pekka Savola <pekkas@netcore.fi>, Erik Nordmark <Erik.Nordmark@sun.com>, v6ops@ops.ietf.org, gilligan@intransa.com, david.kessens@nokia.com, jonne.Soininen@nokia.com
In-reply-to: "Your message with ID" <41215BEB.5080203@txc.com>
Reply-to: Erik Nordmark <Erik.Nordmark@sun.com>

> Problem 3
> Section 3.5 IPv4 Header Construction
> 
>   Following Text introduces protocol and security problem.
> ------
>             Source Address:
> 
> 
>                  IPv4 address of outgoing interface of the encapsulator
>                  or an administratively specified address as described
>                  below.
> ------
> [...]
>
> Suggestion:
> Change Source Address text to the following text:
> 
> 
>           Source Address:
> 
> 
>                   IPv4 address of outgoing interface of the encapsulator
>                   or an administratively configured address of one of the
>                   encapsulator's node addresses.

I think it makes sense to do this minor clarification since the current
text can be read as the protocol allowing the source address to be
configured to be the IPv4 address assigned to some other node.
This clearly doesn't work for many reasons such as ICMPv4 errors wouldn't be
sent back to the encapsulator.

However, I don't think we need to repeat that the tunnel source address can not
be an address not assigned to the node all over the document.


> Problem 7:
> Section 3.6 Decapsulation
> 
> Black hole effect, in case one misconfigures the tunnel entrypoint, the 
> tunnel exitpoint, or routing system instability causes source address 
> oscillation.
> 
> Node which was misconfigured has no way of finding out it did that.
> Misconfiguration can happen at any end of the tunnel.
> 
> Suggestion:
> Change third paragraph to:
> 
>      Packets for which the IPv4 source address does not match MUST be
>      discarded and an ICMP message MUST be generated, with the error code
>      ICMPv4 Protocol 41 Unreachable.

I haven't read the followup emails on the list yet, but if this is
essentially a form of source address filtering, the fact is that for
ingress filtering there is no error message. So a MUST is definitely
too strong - there are good reasons for not sending any error. A MAY might
be appropriate [I have to read the rest of the messages on the list.]

Sending protocol 41 unreachable seems like a likely source of confusion
though so we shouldn't overload that.

  Erik

Follow-Ups:
- Re: 12 Problems with "draft-ietf-v6ops-mech-v2-04.txt" : was RE: Reminder: clarification....
  - From: Alex Conta <aconta@txc.com>
- misconfiguring the tunnel source address [mech-v2-04]
  - From: Pekka Savola <pekkas@netcore.fi>

References:
- 12 Problems with "draft-ietf-v6ops-mech-v2-04.txt" : was RE: Reminder: clarification....
  - From: Alex Conta <aconta@txc.com>

Prev by Date: Re: IESG evaluation draft-ietf-v6ops-ent-scenarios-05
Next by Date: misconfiguring the tunnel source address [mech-v2-04]
Previous by thread: Re: 12 Problems with "draft-ietf-v6ops-mech-v2-04.txt" : was RE: Reminder: clarification....
Next by thread: misconfiguring the tunnel source address [mech-v2-04]
Index(es):
- Date
- Thread