Hi Damien,
I am not sure that Threat Level 2 is appropriate in Section 5.2 (EID-to-RLOC
Cache Threats). This is because the threats described in Section 5.2.2
(EID-to-RLOC Cache overflow) may be more difficult to mitigate than we realize.
In Section 5.2.2, you consider scenarios in which "an attacker could try to
fill the cache with fake mappings." However, you do not consider scenarios in
which an attacker behind LR1 attacks LR3 and LR4 by causing multiple devices
behind LR4 and LR4 to send traffic to a wide variety of prefixes. This makes
the caches in LR3 and LR4 overflow with legitimate mappings.
I can think of mitigations to this class of attacks, but they all require LR1
to protect LR2 and LR3.
Ron
P.S. More comments to follow.
>
> 2. do you agree with the level of severity given for each threat
> (yes/no/why)?
>
_______________________________________________
lisp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/lisp
