Multiast Address-Set Claim (MASC) Up date USC F OIL 1 MASC - - PDF document

▶

Nov 15, 2022 104 likes •214 views

Multiast Address-Set Claim (MASC) Up date USC F OIL 1 MASC In ternet Draft Status A p oin ter to the new draft just sen t to the ML Sev eral subsetions added/ hanged A n um b er of bug xes

SLIDE 1 Multi ast Address-Set Claim (MASC) Up date

SLIDE 2 USC F OIL 1 MASC In ternet Draft Status

ter to the new draft just sen t to the ML

eral subse tions added/ hanged

n um b er

bug xes

suggestion for hange is still p ending

(Should

b e) ready to go for last all b efore end

July

SLIDE 3 USC F OIL 2 Changes Sin e Last IETF

Op eration

Leaf/Non-Leaf

MASC Domain Op eration

k Sk ew W

around

Se urit

y Consideration

\Sample

Algorithms" App endix added

SLIDE 4 USC F OIL 3 Bo

Op eration

T
reate

the appropriate sibling-paren t as- so iation, establish

nne tions

to the P AR- ENT no des b efore the SIBLING no des.

T
restore

the in ternal state from more trust- w

y sour e, establish

nne tions

to the P ARENT no des and/or INTERNAL PEER no des b efore the

nne tions

to the CHILD and SIBLING no des.

SLIDE 5 USC F OIL 4 Leaf/Non-Leaf MASC Domain Op eration

leaf MASC domain should adv ertise all

its managed addresses to the MAASs

non-leaf MASC domain should laim from itself (and

ete against its MASC hil- dren domains) the spa e to adv ertise to the MAASs (default = 48 hours)

la k

laims b y MASC hild domains should trigger

eration in \leaf mo de", and vi e v ersa

SLIDE 6 USC F OIL 5 Clo k Sk ew W

around Ea h laim's absolute timestamp is used to:

Dene
llision

winner. Collisions are presumably rare, hen e the slo w, \unfair" lo ks are not a signi an t problem

Estimate

ho w long to k eep a laim in a no de's a he. Expiring sibling's PREFIX IN USE more than 48 hours earlier reates the p

tials for lash. Keeping an expired laim for addi- tional 48 hours will

ensate for lo k sk ew for up to 48 hours.

SLIDE 7 USC F OIL 6 Se urit y Consideration

rust y

P aren t and In ternal P eers, but ma y drop in ternal state through Children and Siblings.

Denial
f

Servi e atta k (to

llisions)

b y a single no de an b e iden tied b y all

its siblings, and ignore that no de's laims.

Denial
f

Servi e atta k with m ultiple

gin addresses an b e prev en ted b y a epting laims

through the paren t, and \through" the laim no de-originator itself.

SLIDE 8 USC F OIL 7 \Sample Algorithms"

Prex

allo ation algorithms rened through (re en t) sim ulations and briey des rib ed in an App endix

Read

the sour e

for algorithms details ;)

SLIDE 9 USC F OIL 8 \Op en" Issue

Curren

tly , siblings with more than

mon paren t an m ultiplex all UPD A TEs

er a single TCP

nne tion
T
mpli ated;

negligible sa vings

few TCP

nne tions
Solution:
p

en a new TCP

nne tion

b e- t w een siblings for ea h

mmon

paren t (sim- pler and easier to debug)

SLIDE 10 USC F OIL 9 MASC Implemen tation Status

Detailed

testing, rening and bugs xing

MASC pro essing

through sim ulations (mas d and mas sim share the same MASC- sp e i

de).
QUER

Y/RESPONSE debug messages added (des rib e them in APPENDIX?)

MASC-AAP

in terfa e + AAP \ lien t" in progress (it will b e v ery helpful if someone already has MADCAP/AAP implemen tation)