[rbridge] ARP proxying
touch at ISI.EDU
Tue Dec 20 13:50:40 PST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Gray, Eric wrote:
> Thanks for the explanation.
> I will leave this to be argued by those who are strong proponents
> of ARP/ND Optimization. I think the idea has value, but it is not my
> However, in general, the trust model implicit in a bridged network
> (and further implied by the zero-configuration objective) is one in which
> it is likely that security mechanisms such as these are not used.
Hard to say. It's more useful in wireless scenarios, but even then the
infrastructure is typically trusted (see below).
> likely, ARP/ND Optimization can be turned on and off in those RBridges
> that implement it.
> In addition, since the RBridge enjoys a man-in-the-middle position,
> it is likely that implementers may well implement some hack or another
> to get around this.
There doesn't need to be a hack - though I expect that would be
prohibited by the security model in SEND anyway. But SEND doesn't
prohibit sharing the keys, which the rbridge could be party to.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the rbridge