1 security framework for mpls-tp draft-fang-mpls-tp-security-framework-01.txt luyuan fang...
TRANSCRIPT
1
Security Framework for MPLS-TP
draft-fang-mpls-tp-security-framework-01.txt
Luyuan [email protected] Niven-Jenkins
March 25, 201077 IETF, Anaheim
2
Brief Review: Objectives and Scope• Objectives:
– Identify and address MPLS-TP specific security issues. • Provide MPLS-TP security requirements• Define MPLS-TP security reference models• Identify MPLS-TP security threats• Discuss MPLS-TP security threat mitigation, recommendations
• Intended category: Informational• Scope:
– In scope: Directly related with MPLS-TP– Out of scope:
• Any functions/application not specific to MPLS-TP. e.g. General MPLS/GMPLS Security, General IP/Internet Security best practice..
– Other drafts for MPLS-TP can point to this draft for general MPLS-TP security discussion, and discuss any specific security issues for the specific protocol proposals as needed.
– Focus is on the inter-connection between trusted and untrusted zones
Pseudowire
PW1
Emulated Service
Native Service(Attachment
Circuit)
T-PE1 T-PE2
Native Service(Attachment
Circuit)
S-PE1CE1 CE2
TP-LSP
PW.Seg t3PW.Seg t1
PW.Seg t2 PW.Seg t4
TP-LSP
MPLS-TP Security Reference Model 1
Model 1: single SP scenarioModel 1a (Not shown): SS-PW within single trusted zone.
Model 1b: MS-PW within single trusted zone (as shown)
Trusted Zone Untrusted ZoneUntrusted Zone
Pseudowire
Emulated Service
Native Service(Attachment
Circuit)
T-PE1 T-PE2
Native Service(Attachment
Circuit)
S-PE1CE1 CE2
TP-LSP
PW1
TP-LSP
MPLS-TP Security Reference Model 2 (b)
Model 2 (b): Single SP, but not all T-PEs are in the Trusted Zone
Trusted Zone Untrusted ZoneUntrusted Zone
S-PE1PW3 PW5
MPLS Core
Pseudowire
Emulated Service
Native Service(Attachment
Circuit)
T-PE1 T-PE2
Native Service(Attachment
Circuit)
S-PE1CE1 CE2
TP-LSP
PW1
TP-LSP
MPLS-TP Security Reference Model 2 (c)
Model 2 (c): Typical Inter-Provider Scenario
Trusted Zone
Untrusted ZoneUntrusted Zone
S-PE1PW3 PW5
Outstanding Security Issues still to be addressed
• Trusted zone boundary definition• Issues
– Spoofing ID– Loopback– NMS – NMS and CP interaction– MIP/MEP assignment and attacks– Topology discovery– Data plane authentication– Label authentication– DoS attack– Performance Monitoring
7
Next Steps
• Clarify Security Trust models– Have we missed anything?
• List additional security requirements/threats/mitigations
• Call for volunteers to provide text for open issues.
Back-up
Pseudowire
PW1
Emulated Service
Native Service(Attachment
Circuit)
T-PE1 T-PE2
Native Service(Attachment
Circuit)
S-PE1CE1 CE2
TP-LSP
PW.Seg t3PW.Seg t1
PW.Seg t2 PW.Seg t4
TP-LSP
MPLS-TP Security Reference Model 2 (a)
Model 2 (a): Inter-Provider Scenario with single S-PE
Trusted Zone Untrusted ZoneUntrusted Zone