Hello folks, I can make the meeting this Friday. However, I am attending IEEE 802 Wireless this week and sitting in meetings from early until late every day.
I just wondered if we need to have a section that maybe ties up RREPs or RERRs with RREQs, so a router doesn't receive an RREP or RERR out of the blue and start to process it when there was never an RREQ to start with.
This could be done by having the router check its RREQ table, which up until now was only used for duplicate suppression. "SHOULD" versus "MUST"?
I suspect that if a router receives such an RREP or RERR and finds no match in the routing table, the message would be discarded,
Right now, the router would issue an RERR back to the putative source of the RREP. Bogus RERRs might disrupt the route table. Both could be disqualified by pairwise security associations. Regards, Charlie P. On 1/13/2015 2:38 AM, John Dowdell wrote:
On 09/01/15 18:07, Lotte Steenbrink wrote:Hi all, my (very incomplete) minutes of today's hangout can be found here.https://github.com/Lotterleben/AODVv2-Draft/wiki/Jan-12,-2015-Hangout-minutesPlease bear in mind that you'll have to be logged in to github in order to be able to see and edit them.Cheers, LotteLotte, thanks for the minutes. All, my apologies for not starting the hangout even though I didn't have time to attend this week. I keep hoping my day job workload will decrease to slightly below manic but it's not happening right now.Questions:1. Will there be a hangout this week? I have a call with an off-shore team scheduled about 30 minutes after our regular slot for the next few weeks, so if someone else could issue the invite for the hangout that would be good.2. Security. Looks like you all agreed on TLS for transport level. I have no issue with that. However I recall Chris Dearlove worrying about malicious or malfunctioning AODVv2 routers issuing incorrect messages. Given AODVv2 is reactive, and routing updates are not flooded like OSPF, I do not believe we should see whole network segments get taken down. but it is possible that incorrect RREPs or RERRs could be sent by a router that joins the network with malicious intent or immature code. I would be very happy to be told this is not a scenario we need to consider, but I just wondered if we need to have a section that maybe ties up RREPs or RERRs with RREQs, so a router doesn't receive an RREP or RERR out of the blue and start to process it when there was never an RREQ to start with. I suspect that if a router receives such an RREP or RERR and finds no match in the routing table, the message would be discarded, but if a malicious router sent a storm of such messages then the router processor could easily be overwhelmed. I recall something about blacklisting a router in the draft, so we need to be clear that if a message is received from a blacklisted router it is immediately discarded to preserve the router processors sanity.Cheers John