nanog mailing list archives
Re: Telco's write best practices for packet switching networks
From: Leo Bicknell <bicknell () ufp org>
Date: Fri, 8 Mar 2002 21:07:43 -0500
In a message written on Fri, Mar 08, 2002 at 05:52:46PM -0800, Vadim Antonov wrote:
1) isolation of control traffic from payload traffic to eliminate possible security breaches.
[snip]
On #1, Internet routing protocols are notoriously weak. Using globally routable frames to carry neighbour-to-neighbour routing information is a recipe for disaster (i think everyone on this list can think of few not-yet-plugged holes arising from this approach).
This is an area of interest of mine when looking at IPv6. IPv6
has the notion of link local IP addresses, that can't (for some
definition of can't) be accessed unless you are on that link.
This could go a long way to fixing the problems you mention, but
it introduces some additional configuration issues. In particular,
the current practice of using the same link local addresses on
every link means you would need to configure both the address and
the port.
In any event, I wonder if there is an opportunity here for additional
security. Although any changes are clearly years off.
--
Leo Bicknell - bicknell () ufp org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request () tmbg org, www.tmbg.org
Current thread:
- Telco's write best practices for packet switching networks Sean Donelan (Mar 06)
- Re: Telco's write best practices for packet switching networks Ron da Silva (Mar 06)
- Re: Telco's write best practices for packet switching networks Eric Brandwine (Mar 06)
- Re: Telco's write best practices for packet switching networks Rob Quinn (Mar 06)
- Re: Telco's write best practices for packet switching networks Eric Brandwine (Mar 06)
- Re: Telco's write best practices for packet switching networks Eric Brandwine (Mar 06)
- Re: Telco's write best practices for packet switching networks Ron da Silva (Mar 06)
- Message not available
- Re: Telco's write best practices for packet switching networks Kelly J. Cooper (Mar 06)
- Re: Telco's write best practices for packet switching networks Sean Donelan (Mar 08)
- Re: Telco's write best practices for packet switching networks Vadim Antonov (Mar 08)
- Re: Telco's write best practices for packet switching networks Leo Bicknell (Mar 08)
- Re: Telco's write best practices for packet switching networks Sean Donelan (Mar 11)
- Re: Telco's write best practices for packet switching networks Jake Khuon (Mar 11)
- Re: Telco's write best practices for packet switching networks Sean Donelan (Mar 11)
- Re: Telco's write best practices for packet switching networks Ratul Mahajan (Mar 12)
- Re: Telco's write best practices for packet switching networks Joe Abley (Mar 12)
- Re: Telco's write best practices for packet switching networks Jake Khuon (Mar 13)
- Re: Telco's write best practices for packet switching networks Sean Donelan (Mar 13)
- Re: Telco's write best practices for packet switching networks Gwendolynn ferch Elydyr (Mar 13)
- Re: Telco's write best practices for packet switching networks Kelly J. Cooper (Mar 06)
- Re: Telco's write best practices for packet switching networks Iljitsch van Beijnum (Mar 11)
- <Possible follow-ups>
- Re: Telco's write best practices for packet switching networks Steven M. Bellovin (Mar 06)