[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

a few ssm comments

To: ssm-interest@cisco.com
Subject: a few ssm comments
From: pekkas@netcore.fi
Date: Tue, 17 Dec 2002 04:35:16 -0500 (EST)


Hello,

I quickly read the two SSM drafts properly for the first time.  A few
minor comments.

ssm-overview-04:

                                                                   Thus  
      the complexity of the multicast routing infrastructure for SSM is 
      low, making it viable for immediate deployment. Note that MBGP is 
      still required for distribution of multicast reachability
      information.

==> I would dispute the last sentence a bit.  It's not really necessary to
use MBGP at all if you're using PIM.

	6.3. SSM-Aware Applications

     -- An application that wants to received an SSM session must first
      
==> s/received/receive/

ssm-arch-01:

==> In many places, there if a referrence to "IPv6 SSM address range
FF2x::".  According to e.g. RFC3306, this perhaps should be FF3x:: -- or a 
lot of clarification is required!

No globally agreed-upon administratively-scoped address range [ADMIN-
SCOPE] is currently defined for source-specific multicast.  Note that 
there is no possibility of address conflict between hosts in different  
administrative domains (or between two hosts of any kind).
Administrative scoping of SSM addresses can be implemented within an
administrative domain by filtering at domain boundary routers.

==> this seems to be an obvious oversight.  Administrative scoping for SSM 
is very much existant for IPv6.

Source Routing [RFC791] (both Loose and Strict) in combination with
source address spoofing may be used to allow an impostor of the true
channel source to inject packets onto an SSM channel.  An SSM router
MUST have a configuration option to disable source routing to an SSM    
destination addresses, and the default value SHOULD be to disable Source
Routing to an SSM destination address.  Anti-source spoofing mechanisms
like source address filtering at the edges of the network are also
strongly encouraged.

==> this seems overly specificative to me.  IMO, if the default is to 
disable source routing to multicast addresses, I believe there is no need 
for a knob.  In any case, this is a bit like an implementation issue.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords

Prev by Date: ReMIME-Version: 1.0
Next by Date: ReMIME-Version: 1.0
Prev by thread: NOTE
Next by thread: ReMIME-Version: 1.0
Index(es):
- Date
- Thread