nanog mailing list archives
Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)
From: Jeff Wheeler <jsw () inconcepts biz>
Date: Sun, 17 Jul 2011 14:06:35 -0400
On Sun, Jul 17, 2011 at 11:07 AM, Eliot Lear <lear () cisco com> wrote:
We all make mistakes in not questioning our own positions, from time to time. You, Jeff, seem to be making that very same mistake.
Rome wasn't built in a day. The current system didn't come ready-made pre-built with all the bells and whistles you are used to. It grew slowly over time, as we learned what works, what doesn't, and what was missing. Any system that attempts to deal with locator/id separation will assuredly not be built in a day, either.
LISP work has been going on for a long time to still not have any useful discussion on a designed-in, trivial DoS which will affect any ITR and make the work being done to allow ETRs to validate source addresses (or even do loose uRPF) into a DoS vector for ETRs as well.
While you have stated a problem relating to a security consideration – specifically that there is a potential reflection attack that could cause cache thrashing, the solution may not be what you expect.
I agree, a solution might be available. One has not been presented yet. In my earliest postings to the IETF LISP list, the ones which received zero replies, I suggest a way to significantly improve the cache churn DoS problem. It is not novel, as Darrel Lewis informed me, which means that even already-available research has not been applied to LISP in this area, and the Mapping Service protocol ties the hands of implementors so they *cannot* apply such techniques while still conforming to the specifications.
Yes, you were asked. Even so... Novelty isn't something worth arguing over, except in patent battles.
Really? Novelty, by definition, advances the state of the art. You may not think it's very important to inform people that LISP is based on essentially the same flow-caching scheme used in the 1990s, but I do.
Never is a very long time. Many uses of "never" have been used relating to the Internet. It is the corollary to "Imminent Death of the 'Net: film @ 11." I still have the NANOG tee-shirt with Robert Metcalfe, someone with considerably more notoriety, eating his hat.
And yet, I am quite comfortable with the statement that LISP can never scale up to meet the demands of the Internet. Perhaps with fundamental changes to its design, and its advocates giving up some of their current assumptions, some progress could be made. In its current form, though, LISP will never be a useful tool to scale the Internet, and in fact, it cannot meet the demands of today's Internet. Unless, of course, you pretend that the ability to DoS any router with a trivial amount of traffic is not worthy of concern. -- Jeff S Wheeler <jsw () inconcepts biz> Sr Network Operator / Innovative Network Concepts _____ NANOG mailing list NANOG () nanog org https://mailman.nanog.org/mailman/listinfo/nanog
Current thread:
- Re: in defense of lisp, (continued)
- Re: in defense of lisp Seth Mos (Jul 13)
- Re: in defense of lisp Cameron Byrne (Jul 13)
- Re: in defense of lisp (was: Anybody can participate in the IETF) Randy Bush (Jul 14)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Jeff Wheeler (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Luigi Iannone (Jul 13)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Damien Saucez (Jul 13)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Jeff Wheeler (Jul 13)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Luigi Iannone (Jul 13)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Luigi Iannone (Jul 13)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Eliot Lear (Jul 17)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Jeff Wheeler (Jul 17)
- RE: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Ronald Bonica (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Michael Thomas (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Joel Jaeggli (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Cameron Byrne (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Doug Barton (Jul 12)
- RE: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Ronald Bonica (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Owen DeLong (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Joel Jaeggli (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Mark Andrews (Jul 12)
- Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Cameron Byrne (Jul 12)