SAVNET-ProblemStatement-Architecture Inter-domain-problem-statement issues

SAVNET-ProblemStatement-Architecture / Inter-domain-problem-statement

3 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

23. Should include security requirements. From Rudiger, offline talk [during ietf 117]

#23 LibinLiu0189 opened 10 months ago
0
22. Architecture contains what I asked for. But mismatch with the requirements. From Jeff [during ietf 117]

#22 LibinLiu0189 opened 10 months ago
0
21. “Low Operational Overhead” is only listed as a requirement for the new intra-domain SAV mechanism. Should it also be a requirement for the new inter-domain SAV mechanism? From Yuanyuan Zhang [after ietf 115]

#21 XiaoTianCan opened 1 year ago
0
20. Should park the existing work and focus on a new joint authored “state of SAV” today. From Barry Greene [after ietf 115]

#20 XiaoTianCan opened 1 year ago
0
19. Your document needs to visit the RIRs/NOGs for feedback. (NANOG, RIPE, APRICOT). From Michael Richardson [after ietf 115]

#19 XiaoTianCan opened 1 year ago
0
18. I can't really understand Figure 3, the ascii art is too dense. From Michael Richardson [after ietf 115]

#18 XiaoTianCan opened 1 year ago
0
17. Requirements section could be reframed to "requirements of a solution in the pursuit of these goals", but pithier. From Li Chen [after ietf 115]

#17 XiaoTianCan opened 1 year ago
0
16. Replace “Misaligned incentive”: “Misaligned incentive” is disrespectful to the operations who have the bear the deployment, operational, and capital SAV cost. I would change “misaligned incentives” to “deployment & operational incentives.” From Barry Greene [after ietf 115]

#16 XiaoTianCan opened 1 year ago
0
15. Remove “EFP-uRPF” from the SAVNET work: Don’t use hypothetical protocols like EFP-uRPF as a foundation for the SAVNET Work. EFP-uRPF is a theory. There has never been an effort to code EFP-uRPF. From Barry Greene [after ietf 115]

#15 XiaoTianCan opened 1 year ago
0
14. Reflection amplification is over emphasized. Direct path boost attack is under emphasized. From Roland Dobbins [during ietf 115]

#14 XiaoTianCan opened 1 year ago
0
13. Slide #12, if we build solutions based on these requirements, these requirements are not specific enough. E.g., the small overhead requirement, we need to quantify. From Alvaro [during ietf 115]

#13 XiaoTianCan opened 1 year ago
0
12. Misaligned incentive is an overstatement. In many cases they are aligned and there is value. If you can detect attacks form your customer cone, you can protect your IP list from being blacklisted. Also benefit for customers to detect compromised machines. From Igor [during ietf 115]

#12 XiaoTianCan opened 1 year ago
0
11. If you do SAV for your customers, reflection attack originated in your customer cone will be detected and mitigated, unlike what you said in general. From Sriram [during ietf 115]

#11 XiaoTianCan opened 1 year ago
0
10. You cannot match real data plane path in SAV rules unless you encode actual data path info into the packet. Sometimes the same prefix can be used as legitimate SA at two different ASes that are in different paths within the CC. From Sriram [after ietf 114]

#10 XiaoTianCan opened 1 year ago
0
9. If an AS detects and drops spoofed traffic, it benefits even if that AS is not the target of the spoofing attack. That is because the AS can avoid the burden of having a large amount of illegitimate traffic pass through and clog its resources. Also, the AS’s own paying customer may be the target of the spoofing attack. From Sriram [after ietf 114]

#9 XiaoTianCan opened 1 year ago
0
8. The gap analysis in terms of partial deployment and overhead seems to be lacked. A more complete discussion about the gaps would be helpful in understanding all the requirements mentioned here. From Yuanyuan Zhang [after ietf 114]

#8 XiaoTianCan opened 1 year ago
0
7. Didn’t see uRPF VRF Mode in the discussion. From Barry Greene [after ietf 114]

#7 XiaoTianCan opened 1 year ago
0
6. [Others] Here is talking about packets versus label switch packets or are we talking about routers are processing non-IP packets as well? From: Jared Mauch.

#6 SAVNET-ProblemStatement-Architecture opened 1 year ago
0
5. [Incentive] How is Gap 3 Misaligned Incentive different from Gap 1 Improper Permit? From: Anthony Somerset.

#5 SAVNET-ProblemStatement-Architecture opened 1 year ago
0
4. [Scenario] For “NO EXPORT” scenario, it's a misconfiguration of the network to set “no export”, or “no advertise”, as opposed to using some other traffic engineering community. This is not an improper block, because you don't have the full forward and reverse path visibility to understand. From: Jared Mauch.

#4 SAVNET-ProblemStatement-Architecture opened 1 year ago
0
3. [Scenario] For “NO EXPORT” scenario, AS4 should learn the route to AS1 from one customer interface if AS1 is in its customer cone. From: Kotikalapudi Sriram.

#3 SAVNET-ProblemStatement-Architecture opened 1 year ago
1
2. [Scenario] Is Gap 1 Improper Permit because the lack of BCP coverage or not properly implemented? From: John O'Brien.

#2 SAVNET-ProblemStatement-Architecture opened 1 year ago
0
1. [Scenario] Are we considering misconfiguration against BCP in scope? From: Anthony Somerset.

#1 SAVNET-ProblemStatement-Architecture opened 1 year ago
0