[aodvv2-discuss] Re: minutes
- From: Charlie Perkins <charles.perkins@xxxxxxxxxxxxx>
- To: aodvv2-discuss@xxxxxxxxxxxxx
- Date: Tue, 13 Jan 2015 05:12:19 -0800
Hello folks,
I can make the meeting this Friday. However, I am attending
IEEE 802 Wireless this week and sitting in meetings from early
until late every day.
I just wondered if we need to have a section that maybe ties up RREPs
or RERRs with RREQs, so a router doesn't receive an RREP or RERR out
of the blue and start to process it when there was never an RREQ to
start with.
This could be done by having the router check its RREQ table,
which up until now was only used for duplicate suppression.
"SHOULD" versus "MUST"?
I suspect that if a router receives such an RREP or RERR and finds no
match in the routing table, the message would be discarded,
Right now, the router would issue an RERR back to the putative
source of the RREP. Bogus RERRs might disrupt the route table.
Both could be disqualified by pairwise security associations.
Regards,
Charlie P.
On 1/13/2015 2:38 AM, John Dowdell wrote:
On 09/01/15 18:07, Lotte Steenbrink wrote:
Hi all,
my (very incomplete) minutes of today's hangout can be found here.
https://github.com/Lotterleben/AODVv2-Draft/wiki/Jan-12,-2015-Hangout-minutes
Please bear in mind that you'll have to be logged in to github in
order to be able to see and edit them.
Cheers, Lotte
Lotte, thanks for the minutes. All, my apologies for not starting the
hangout even though I didn't have time to attend this week. I keep
hoping my day job workload will decrease to slightly below manic but
it's not happening right now.
Questions:
1. Will there be a hangout this week? I have a call with an off-shore
team scheduled about 30 minutes after our regular slot for the next
few weeks, so if someone else could issue the invite for the hangout
that would be good.
2. Security. Looks like you all agreed on TLS for transport level. I
have no issue with that. However I recall Chris Dearlove worrying
about malicious or malfunctioning AODVv2 routers issuing incorrect
messages. Given AODVv2 is reactive, and routing updates are not
flooded like OSPF, I do not believe we should see whole network
segments get taken down. but it is possible that incorrect RREPs or
RERRs could be sent by a router that joins the network with malicious
intent or immature code. I would be very happy to be told this is not
a scenario we need to consider, but I just wondered if we need to have
a section that maybe ties up RREPs or RERRs with RREQs, so a router
doesn't receive an RREP or RERR out of the blue and start to process
it when there was never an RREQ to start with. I suspect that if a
router receives such an RREP or RERR and finds no match in the routing
table, the message would be discarded, but if a malicious router sent
a storm of such messages then the router processor could easily be
overwhelmed. I recall something about blacklisting a router in the
draft, so we need to be clear that if a message is received from a
blacklisted router it is immediately discarded to preserve the router
processors sanity.
Cheers
John
Other related posts:
