On 7/30/08 11:57 AM, Erik Nordmark allegedly wrote:
My question to Vince at the mike in the explisp bof was: Your example has a /24 EID prefix for the site on the right hand of the slide. When its ETR sends back a map-reply is there a mechanism that preventsthe ETR from using e.g., /16 instead of /24 as the prefix length in the map-reply?AFAIU the security mechanisms in BGP doesn't help with this, since the map-reply is sent directly back to the ITR.
Here's my take. There are two issues. One is misconfiguration and the other is security.
Re misconfiguration: In order to receive a Map-Request at all on the ALT, the ETR (or its agent) needs to have an authenticated TCP connection with an ALT router responsible for aggregating its prefix, and also needs to have advertised its prefix to the ALT router and had that advertisement authenticated (that it is advertising no more than it is known to be responsible for). So the _receipt_ of the Map-Request is pretty well covered, and if it receives it the ETR is correctly configured for the prefix it is supposed to advertise to the ALT. The ETR could possibly be misconfigured so that it sends the wrong prefix in a Map-Reply, if that configuration is independent.
Re security: If the edge router is compromised you are completely hosed all around anyway, so LISP+ALT adds no new security issues.