[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [savi] Broadband Forum liaison to IETF on IPv6 security

From: Alberto García <alberto at it.uc3m.es>
To: "'Christian Vogt'" <christian.vogt at ericsson.com>, "'SAVI Mailing List'" <savi at ietf.org>
Cc: 'David Allan I' <david.i.allan at ericsson.com>
Date: Tue, 10 Nov 2009 16:40:38 +0100
In-reply-to: <AFFD16EA-2ACE-464C-82B6-B15D120E3F37 at ericsson.com>
References: <AFC1ACFB-FDFA-482C-AAF9-7995F5CEFE1F at broadband-forum.org><058861F3-5E50-42FD-A6CC-220EE213629C at ericsson.com> <AFFD16EA-2ACE-464C-82B6-B15D120E3F37 at ericsson.com>

Hi,
After looking at the presentation, I have some questions:
- Is address uniqueness enforced in just one BNG? Or an address must be
unique also across many BNGs?
- Is mobility assumed to occur among channels (i.e. is reasonable to have
Residential Gateways (RG) which are in one channel to move other channel)?
- What is the RG address used for? (frequent use)? At least, does NUD
exchange occurs between the RG and the BNG?

Current SAVI proposal for SLAAC is complex because it deals with uniqueness
across multiple SAVI devices, and considers that hosts may move to different
SAVI devices.

My bet is that this is not the case for Broadband Forum problem. 
Therefore, I assume that it is enough to enforce address uniqueness on each
BNG. The first host using an address as source address forces the creation
of the binding between the address and this channel. Receiving packets with
this source address from the RG extends the life of the binding. Since there
is no RG mobility, the binding can be kept until the timer associated to the
binding expires (there is no need to be too fast to change, or to probe
aggressively if the RG of the first binding is still there). This time can
be very long (of course, higher that the time to expire NUD state). 
The BNG should perform proxy ND, i.e. answer to DAD NSOL with DAD NADV if a
binding exists and a new RG tries to configure a new address. 
Data packets coming from channels for which there is no binding (the binding
is associated to other channel) are discarded.

Does this make sense?

Regards,
Alberto


|  -----Mensaje original-----
|  De: savi-bounces at ietf.org [mailto:savi-bounces at ietf.org] En nombre de
|  Christian Vogt
|  Enviado el: lunes, 09 de noviembre de 2009 9:41
|  Para: SAVI Mailing List
|  CC: David Allan I
|  Asunto: Re: [savi] Broadband Forum liaison to IETF on IPv6 security
|  
|  Folks -
|  
|  Thank you all for a productive working group meeting this morning!
|  
|  As mentioned during our the meeting, the presentation of David Allan is
|  the problem statement that was missing in the liaison we had earlier
|  received from the Broadband Forum.  You find David's slides on the
|  meeting materials web page:
|  
|  http://www.ietf.org/proceedings/09nov/slides/savi-8.pdf
|  
|  The meeting materials web page now also includes last-minute updates to
|  the presentation slides you saw during our meeting this morning.
|  Meeting minutes will follow shortly.
|  
|  - Christian
|  
|  
|  _______________________________________________
|  savi mailing list
|  savi at ietf.org
|  https://www.ietf.org/mailman/listinfo/savi

Follow-Ups:
- Re: [savi] Broadband Forum liaison to IETF on IPv6 security
  - From: David Allan I

References:
- [savi] Broadband Forum liaison to IETF on IPv6 security
  - From: Christian Vogt
- Re: [savi] Broadband Forum liaison to IETF on IPv6 security
  - From: Christian Vogt

Prev by Date: [savi] MIPv6 and SAVI
Next by Date: Re: [savi] Consensus call on adopting draft-bi-savi-dhcp-00
Previous by thread: Re: [savi] Broadband Forum liaison to IETF on IPv6 security
Next by thread: Re: [savi] Broadband Forum liaison to IETF on IPv6 security
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.