Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 AS-scope (type 11) Opaque LSA Validation ( draft-bryskin-ospf-lsa-type11-validation-00.txt ) Igor Bryskin (Movaz Networks) : Alex.

Published byClifford Hodges Modified over 9 years ago

Similar presentations

Presentation on theme: "1 AS-scope (type 11) Opaque LSA Validation ( draft-bryskin-ospf-lsa-type11-validation-00.txt ) Igor Bryskin (Movaz Networks) : Alex."— Presentation transcript:

1 1 AS-scope (type 11) Opaque LSA Validation ( draft-bryskin-ospf-lsa-type11-validation-00.txt ) Igor Bryskin (Movaz Networks) : ibryskin@movaz.com Alex Zinin (Alcatel) : zinin@psg.com Lou Berger (LabN Consulting, LLC) : lberger@labn.net

2 2 Purpose of the document qFix issue in RFC2370 vThere is no way to validate AS-scope (type 11) Opaque LSAs received outside of the LSA originator area qProposed solution reuses the mechanism for validation of AS external route (type 5) LSAs

3 3 The Problem q[RFC2370] introduces a mechanism for the distribution of application specific information using the OSPF protocol via opaque LSAs. The distribution of opaque LSA could be limited to: vonly immediate neighbors of the originator (LSAs type- 9) vonly OSPF nodes located within the originator's OSPF area (LSAs type-10) vall OSPF nodes within the originator's OSPF domain/AS (LSAs type-11) qThere is no way for OSPF nodes in remote areas to check availability of a type -11 LSA originator vAs there is with AS external route (type-5)

4 4 Validation of type-5 LSAs qAS external route (type-5) LSAs have also the AS-scope, hence there is a similar problem with their validation qThe problem is addressed via use of area-scope ASBR- summary (type-4) LSAs originated by ABRs for every known ASBR

5 5 Proposed Solution qApply the same approach used for validation of AS external route (type-5) LSAs as used to validate AS-scope (type-11) opaque LSAs qSome details: vAS-scope opaque LSAs originators must act as ASBRs –To trigger ASBR-summary (type-4) LSAs originated by ABRs (without ABR modification) –Uses current E-bit Set by OSPF nodes that originate AS-scope opaque LSAs In the Options field of Hello packets and LSAs vNode validate received AS-scope (type-11) opaque LSAs via type- 4 LSAs –As with type-5 LSAs, type-11 LSAs only processed if advertising router (ASBR) has a routing table entry

6 6 Backward Compatibility issues qNone

7 7 Security Considerations qThe suggested solution reuses the ASBR tracking mechanism that is already employed in basic OSPF for type-5 LSAs. v Applying it to type-11 Opaque LSAs does not create any threats that are not already known for type-5 LSAs.

8 8 Notes/Next Steps qType-11 Opaque LSAs flooding rules are unchanged qThe suggested solution does not apply for stub-areas qWe propose to make this draft a WG document

9 9 Thank You

Download ppt "1 AS-scope (type 11) Opaque LSA Validation ( draft-bryskin-ospf-lsa-type11-validation-00.txt ) Igor Bryskin (Movaz Networks) : Alex."

Similar presentations

Multi-Area OSPF Multi-area OSPF networks can be difficult to design, and typically demand more administrative attention than any other popular interior.

Multi-Area OSPF Multi-area OSPF networks can be difficult to design, and typically demand more administrative attention than any other popular interior.
OSPF WG - IETF 66 OSPF Protocol Evolution WG Re-Charter Acee Lindem/Cisco Systems.

OSPF WG - IETF 66 OSPF Protocol Evolution WG Re-Charter Acee Lindem/Cisco Systems.
CCNP 1: Advanced Routing

CCNP 1: Advanced Routing
OSPF Two-part Metrics Jeffrey Zhang Lili Wang Juniper Networks 88 th IETF, Vancouver.

OSPF Two-part Metrics Jeffrey Zhang Lili Wang Juniper Networks 88 th IETF, Vancouver.
Lonnie Decker Multiarea OSPF for CCNA Department Chair, Networking/Information Assurance Davenport University, Michigan August 2013 Elaine Horn Cisco Academy.

Lonnie Decker Multiarea OSPF for CCNA Department Chair, Networking/Information Assurance Davenport University, Michigan August 2013 Elaine Horn Cisco Academy.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Multiarea OSPF Scaling Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Multiarea OSPF Scaling Networks.
BY MICHAEL SUDKOVITCH AND DAVID ROITMAN UNDER THE GUIDANCE OF DR. GABI NAKIBLY OSPF Security project: Summary.

BY MICHAEL SUDKOVITCH AND DAVID ROITMAN UNDER THE GUIDANCE OF DR. GABI NAKIBLY OSPF Security project: Summary.
Routing Security Capabilities draft-zhao-opsec-routing-capabilities-02.txt OPSEC WG, IETF #66.

Routing Security Capabilities draft-zhao-opsec-routing-capabilities-02.txt OPSEC WG, IETF #66.
Instructor & Todd Lammle

Instructor & Todd Lammle
OSPF Stub neighbor Draft Faraz Shamim – Cisco Padma Pillay-Esnault – Cisco Khalid Raza – Viptela Andrew Kulawiak – Bank of America John Cavanaugh – 405.

OSPF Stub neighbor Draft Faraz Shamim – Cisco Padma Pillay-Esnault – Cisco Khalid Raza – Viptela Andrew Kulawiak – Bank of America John Cavanaugh – 405.
OSPF WG – IETF 70 - Vancouver OSPFv2 Multi-Instance draft-acee-ospf-multi-instance-00.txt Acee Lindem/Redback Networks Abhay Roy/Cisco Systems Sina Mirtorabi/Force10.

OSPF WG – IETF 70 - Vancouver OSPFv2 Multi-Instance draft-acee-ospf-multi-instance-00.txt Acee Lindem/Redback Networks Abhay Roy/Cisco Systems Sina Mirtorabi/Force10.
OSPF Two-part Metrics Jeffrey Zhang Juniper Networks 90 th IETF, Toronto.

OSPF Two-part Metrics Jeffrey Zhang Juniper Networks 90 th IETF, Toronto.
Update to: The OSPF Opaque LSA Option draft-berger-ospf-rfc2370bis Lou Berger Igor Bryskin Alex Zinin

Update to: The OSPF Opaque LSA Option draft-berger-ospf-rfc2370bis Lou Berger Igor Bryskin Alex Zinin
Advanced Juniper Networks Routing

Advanced Juniper Networks Routing
Phased OSPF Link-State Database Synchronization draft-dimitri-ospf-phased-db-sync-00.txt Dimitri Papadimitriou Alcatel-Lucent IETF 79 – Beijing November.

Phased OSPF Link-State Database Synchronization draft-dimitri-ospf-phased-db-sync-00.txt Dimitri Papadimitriou Alcatel-Lucent IETF 79 – Beijing November.
Draft-ospf-non-compatible Mike Dubrovsky. The draft addresses the following problem: Problem: How to introduce non-backward compatible functionality into.

Draft-ospf-non-compatible Mike Dubrovsky. The draft addresses the following problem: Problem: How to introduce non-backward compatible functionality into.
By Alex Kirshon and Dima Gonikman Under the Guidance of Gabi Nakibly.

By Alex Kirshon and Dima Gonikman Under the Guidance of Gabi Nakibly.
OSPF Security Vulnerabilities Analysis draft-jones-OSPF-vuln-01.txt IETF 58 – RPSEC Working Group.

OSPF Security Vulnerabilities Analysis draft-jones-OSPF-vuln-01.txt IETF 58 – RPSEC Working Group.
OSPF Incremental Link State Database Synchronization (draft-retana-ospf-ils-01) Alvaro Retana, Acee Lindem

OSPF Incremental Link State Database Synchronization (draft-retana-ospf-ils-01) Alvaro Retana, Acee Lindem
1 ELEN 602 Lecture 20 More on Routing RIP, OSPF, BGP.

1 ELEN 602 Lecture 20 More on Routing RIP, OSPF, BGP.

Similar presentations

Ads by Google