[rbridge] TTL only - was RE: New fields in shim header?
sgai at nuovasystems.com
Thu Oct 12 13:50:08 PDT 2006
IMHO TRILL will be valuable in HPC and Datacenters, where high
bisectional bandwidth is a must, and in Enterprise Backbone. In the last
3 to 5 years, in this kind of applications:
1) I haven't seen a hub
2) All links are full-duplex
3) I haven't seen wireless
4) The existing switches support large jumbo frames
5) Almost all links are fiber
6) The attacks are originated by the host, not by the switches
7) Backbones are shared by different applications
IMHO, if we want to design something that addresses user needs, we need
to keep this in mind.
> -----Original Message-----
> From: Joe Touch [mailto:touch at ISI.EDU]
> Sent: Thursday, October 12, 2006 1:30 PM
> To: Silvano Gai
> Cc: Caitlin Bestler; rbridge at postel.org; Radia Perlman
> Subject: Re: [rbridge] TTL only - was RE: New fields in shim header?
> Silvano Gai wrote:
> > Catlin,
> > I didn't reply to your last point
> >> I am assuming there is no desire to replicate IPSEC funcationality
> >> at L2 then *all* of the L2 headers may be forged. I don't see how
> >> you can claim that any specific one is more trustworthy than
> >> the others.
> > Even without IPsec, RBridges can authenticate to each other and
> > an RBridge is much more difficult that using a readily available
> > on your PC to spoof the IP or MAC address.
> I don't need to spoof another rbridge to inject spoofed traffic; I
> need to see the traffic going by; I can do that by plugging in a hub
> running tcpdump.
More information about the rbridge