Re: [IPFIX] draft-ietf-ipfix-protocol-26.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



yeh - I read that but am not convinced that the message is clear 
enough of what can happen if those rules are not followed

Scott


---
Date: Tue, 25 Sep 2007 23:02:52 +0100
From: Stewart Bryant <stbryant@xxxxxxxxx>
To: "Scott O. Bradner" <sob@xxxxxxxxxxx>
Cc: ietf@xxxxxxxx, ipfix@xxxxxxxx, tsv-dir@xxxxxxxx
Subject: Re: [IPFIX] draft-ietf-ipfix-protocol-26.txt

Scott
> Historically the biggest issue with IPFIX has been that most
> implementers want to run it over UDP with consequences be dammed.  -
> this was weaseled in the IPFIX Requirements document (RFC 3917) by
> requiring (in section 6.3.1) that "For the data transfer, a congestion
> aware protocol must be supported."  This draft meets that requirement by
> making the implementation of SCTP a MUST.  That will not stop many
> implementers from ignoring the requirement for implementation or users
> to enable UDP and thus creating a potentially very high bandwidth
> non-congestion avoiding fire hose that can quite easily wipe out a net
> by misconfiguration or become a DoS engine by purposeful configuration.
>
> I'm not sure if anything can be actually be done about this risk - It
> might help some to say that UDP is a "MUST NOT" but I doubt it - in any
> case it would help somewhat, imho, to expand section 10.3 to be clearer
> about the threats posed by any use of a non-congestion avoiding
> transport protocol or to do that in the Security Considerations section
>   

There is text in section 10.1 which states:

UDP MAY be used although it is not a congestion aware protocol.  
However, the IPFIX traffic between Exporter and Collector MUST run 
in an environment where IPFIX traffic has been provisioned for or is 
contained through some other means. 

This sets out the set of conditions that MUST be fulfilled in order to 
run IPFIX over
UDP safely.

Stewart


_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]