[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OSPF] Re: draft-acee-ospf-multi-instance-00

To: "Acee Lindem" <acee at redback.com>
Subject: [OSPF] Re: draft-acee-ospf-multi-instance-00
From: "Vishwas Manral" <vishwas.ietf at gmail.com>
Date: Thu, 24 Jan 2008 11:28:09 -0800
Cc: OSPF List <ospf at ietf.org>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=1GSLIgPPwGPcVtthy6wtIgurRA6K/YKh88HbC5+elGs=; b=D592mFx2v2t1BLV60RrVjcQ4I2jIEav/65Gku4CZFLKUxHEzVNDrQc+g+2VQas8Kckzb/uIo6YwmBMg8UEtEP0gP5NAXBW8NFLo9/6g6g0ABrbO9t7YlJWhnoUvy1ofd5GQANCDyPX9iEW36x3jTES4RKMEO3AwtXhZDGiYxDzg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=I4qiQKOhdAsy8CW/XXoItwleI2z5TfPfjDYuH13xuq2IiRvS6oTIpU3F3/wbumSd56YIHyr30Iqf3GLbTeZWXH4Wtpl7NAILk8n30KE7wzekqIFXbc4e+wvxjaERnnaYciQJncjkVIWjkU4S1vyv4AICU77f+PbzdIfbV8ILZKM=
In-reply-to: <FA8A6B7C-F299-4FFF-A633-E716626B7B45@redback.com>
List-archive: <http://www1.ietf.org/pipermail/ospf>
List-help: <mailto:ospf-request@ietf.org?subject=help>
List-id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-post: <mailto:ospf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
References: <77ead0ec0801240949y123f577au9dc36b99694a506@mail.gmail.com> <FA8A6B7C-F299-4FFF-A633-E716626B7B45@redback.com>

Hi Acee,

Thanks a lot for the reply. The backward compatibility issue would
come unless there would be the case that the draft would not use
instance ID 0 (when working with a router not supporting the
functionality - where it would be treated as no instance - rather than
a particular instance). May be that could be clarified.

I understand what you mean - but would using LLS (which is now a part
of standards track now) be of any more help?

Thanks again,
Vishwas

On Jan 24, 2008 10:56 AM, Acee Lindem <acee at redback.com> wrote:
>  Hi Vishwas,
>
> From a protocol standpoint, it is completely backward compatible. OSPF
> routers not supporting the draft but receiving a multicast OSPF packet with
> a non-zero instance ID will simply treat it as an unknown AuType and fail
> authentication.
>
> With this respect, RFC 2328 simply states:
>
>
>  8.2.  Receiving protocol packets
>                          o
>                          o
>                          o
>  o   The packet must be authenticated.  The authentication
>        procedure is indicated by the setting of AuType (see
>        Appendix D).  The authentication procedure may use one or
>        more Authentication keys, which can be configured on a per-
>         interface basis.  The authentication procedure may also
>         verify the checksum field in the OSPF packet header (which,
>         when used, is set to the standard IP 16-bit one's complement
>         checksum of the OSPF packet's contents after excluding the
>         64-bit authentication field).  If the authentication
>         procedure fails, the packet should be discarded.
>
>
> And:
>
>
>     D.5 Message verification
>
>         When an OSPF packet has been received on an interface, it must
>         be authenticated. The authentication procedure is indicated by
>         the setting of Autype in the standard OSPF packet header, which
>         matches the setting of Autype for the receiving OSPF interface.
>
>         If an OSPF protocol packet is accepted as authentic, processing
>         of the packet continues as specified in Section 8.2. Packets
>         which fail authentication are discarded.
>
> Speaking as a draft author (not OSPF WG Co-chair):
>
> Unfortunately, some well-deployed implementations make a bigger fuss than is
> necessary when an authentication failure occurs. IMHO, now would be a good
> time to rectify this to lesses the impact should this draft be accepted as a
> standards track document. Of course, there are manual ways of segregating
> the multi-access networks to avoid down-level routers from receiving
> multicast packets for non-zero instances. Perhaps, we should discuss these
> in the draft and dispense with the more radical discussions of requesting
> new multicast addresses or other IANA code points.
>
> Thanks,
> Acee
>
>
>
>
> On Jan 24, 2008, at 12:49 PM, Vishwas Manral wrote:
>
> Hi Acee,
>
> I wanted to know if this draft was backward compatible with current
> implementation. If its not, I was also eager to know, if we have a way
> for incremental deployment.
>
> Thanks,
> Vishwas
>

_______________________________________________
OSPF mailing list
OSPF at ietf.org
https://www1.ietf.org/mailman/listinfo/ospf

Follow-Ups:
- RE: [OSPF] Re: draft-acee-ospf-multi-instance-00
  - From: Sina Mirtorabi
- [OSPF] Re: draft-acee-ospf-multi-instance-00
  - From: Acee Lindem

References:
- [OSPF] draft-acee-ospf-multi-instance-00
  - From: Vishwas Manral
- [OSPF] Re: draft-acee-ospf-multi-instance-00
  - From: Acee Lindem

Prev by Date: [OSPF] Re: draft-acee-ospf-multi-instance-00
Next by Date: [OSPF] Re: draft-acee-ospf-multi-instance-00
Previous by thread: [OSPF] Re: draft-acee-ospf-multi-instance-00
Next by thread: [OSPF] Re: draft-acee-ospf-multi-instance-00
Index(es):
- Date
- Thread