Hi Brian and Jim,
The IESG reviewed draft-ietf-magma-mrdisc-03 on our most recent
telechat (2-Dec), and I have included our review comments below.
There were a few blocking issues found (the "discuss" comments from
Russ, Thomas and Alex) that will need to be addressed before the
document can be approved. These issues seem fairly straightforward
to me, so I hope that we can get them addressed quickly and get the
There were also a few non-blocking comments that you may wish to
consider while you are editing the document to address the discuss
Please let me know if you need any further information to address these issues.
Discusses and Comments
[2004-12-01] Reviewed by Mary Barnes, Gen-ART
Draft is ready for publication as Proposed Standard.
Section 6 says:
> Another solution which supports both IPv4 and IPv6 is to use IPSec in
> Authentication Header mode to protect against attacks by ensuring
> that messages came from a system with the proper key. When using
> IPSEC, the messages sent to the All-Snoopers address should be
> authenticated using AH. For keying, a symmetric signature algorithm
> with a single key for routers sending Advertisements. This allows
> validation that the MRD message was sent by a system with the key.
> It should be noted that this does not prevent a system with the key
> from forging a message and it requires the disabling of IPSec's
> Replay Protection.
First, AH does not generally employ a signature algorithm. It usually
employs a symmetric authentication algorithm, such as HMAC-SHA-1.
Second, ESP can be used in environments where AH cannot. This text
should point out that ESP with a null encryption algorithm and a
symmetric authentication algorithm, such as HMAC-SHA-1, is also viable.
This is important because rfc2401bis (which just completed IETF Last
Call) requires implementation of ESP, but makes support for AH optional.
Third, something needs to be said about the manner in which the key is
put in place. It seems that manual configuration of the same key is
envisioned. Finally, please change "IPSEC" to "IPsec."
[2004-12-02] Note: some of these are weak discusses, but I'd like to
at least hear
back from the WG.
Also, for 3.1.1, is this for all advertisements, or just unsolicited
ones? I assume just the latter...
actually, the document would benefit from saying "unsolicited"
everywhere advertisement is used but unsolicited is what is intended.
The NeighborDeadInterval variable is the maximum time (in seconds)
allowed to elapse (after receipt of the last valid Advertisement)
before a neighboring router is declared unreachable. This variable
is maintained per neighbor. In order for all devices to have a
consistent state, it is necessary for the MaxAdvertisementInterval to
be configured consistently in all devices on the subnet.
this seems like a not-so-good requirement. Wouldn't it be better to
have the advertiser indicate what interval it is using, so that
everything "just works"? This is no more work on a node since they are
required to keep per-neighbor state anyway. Actually, such info is
available (or is it? see later comment on Query Interval Field)
... Why not just make the default be roughly 3X the advertised
1. For IPv4 it is the 16-bit one's complement of the one's
complement sum of the IGMP message, starting with the Type field.
For computing the checksum, the checksum field is set to 0.
Checksum does not include any IPv4 header fields. This seems like a
bad design choice. Note that in the IPv6 case, the checksum does
include a pseudo-header. Why not be consistent?
3.2.4 Query Interval Field
How is this value used? Searching for "Query Interval Field", the
document doesn't seem to say...
3.3.4 IPv4 Protocol
The IPv4 Protocol field is set to IGMP (2).
But you don't mention the IPv6 case here. Why?
1. The expiration of the periodic advertisement interval timer.
Note that it this timer is not strictly periodic since it is a
random number between MaxAdvertisementInterval and
this doesn't seem good. The spread between these values can be pretty
wide, I think. What you want is an average value with some randomness
to prevent syncrhonization. You don't want the value to be completely
random between (say) 3 and 180 seconds.
[2004-12-02] !! Missing citation for Informative reference:
P016 L030:  Bradner, S., "Intellectual Property Rights in
!! Missing citation for Informative reference:
P016 L034:  Daigle, L. and Internet Architecture Board,
"IETF ISOC Board of
QUestion: is there a MIB doc (in development) for the management variables
listed in the subsections of sect 3?
Section "9 Authors" may be a bit confusing with the other heading
"Authors' Addresses" further down
Comment from OPSDIR (Pekka) review:
Although MRD messages could be sent as ICMP messages, the group
management protocols were chosen since this functionality is
[2004-12-02] Rather minor DISCUSS:
2. Protocol Overview
All MRD messages are sent with an IPv4 TTL or IPv6 Hop Limit of 1 and
contain the Router Alert Option. All MRD messages SHOULD be
Advertisement and Termination messages are sent to the All-Snoopers
To what rate? Same comment for other instances of rate limiting in the doc.
Does this section specify intervals for unsolicited Ads only or
for solicited as well?
magma mailing list