[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [DNA] Re: RS/RA Exchange

To: greg.daley@eng.monash.edu.au
Subject: RE: [DNA] Re: RS/RA Exchange
From: Soliman Hesham <H.Soliman@flarion.com>
Date: Mon, 15 Mar 2004 01:52:31 -0500
Cc: Erik Nordmark <Erik.Nordmark@sun.com>, Brian Haberman <brian@innovationslab.net>, Zhigao Chen <zgchen@psl.com.sg>, dna@eng.monash.edu.au
Sender: owner-dna@ecselists.eng.monash.edu.au
Thread-Index: AcQKWD3MJVuPttJ5TA+fLLCTkiL0jgAAFN7A
Thread-Topic: [DNA] Re: RS/RA Exchange


 > >  > Personally, I think that the lack of security in VRRP is the
 > >  > killer for using this technology in DNA.  It may be trivial
 > >  > on a wireless link to become the [fastest responder, 
 > VRRP master].
 > > 
 > > => But the routers don't have to talk VRRP over the wireless
 > > link. Surely they can do that on the wired side.
 > 
 > On WLAN with switched ethernet, broadcasts go over the wireless link.

=> Doesn't that depend on which link is shared between
the two routers? For instance, the link shared between
the two routers can be physically separate from the 
bridged link connected to the wireless interface.

 > 
 > Most switches today treat multicast as broadcast.
 > 
 > So multicast all-routers RA/VRRP goes over the wireless link.
 > 
 > A device which can transmit onto the wirless link will have its
 > vrrp or all-routers messages bridged onto the wired link, and will
 > also be able to snoop the status of the conversation from the wired
 > side.

=> Ok, but even if that can happen, what harm is there
in snooping? As long as the device cannot impersonate
the router I don't see any harm in that. 

Hesham

 > 
 > Since VRRPv6 is unsecured, this is trivial to do.
 > 
 > Greg
 >

Follow-Ups:
- Re: [DNA] Re: RS/RA Exchange
  - From: Greg Daley <greg.daley@eng.monash.edu.au>

Prev by Date: Re: [DNA] Re: RS/RA Exchange
Next by Date: Re: [DNA] Re: RS/RA Exchange
Prev by thread: Re: [DNA] Re: RS/RA Exchange
Next by thread: Re: [DNA] Re: RS/RA Exchange
Index(es):
- Date
- Thread