Hello Mark, Thank you for the comments.
On Wed, 2008-10-29 at 15:54 -0500, Mark Townsley wrote: > When tunnels are well-scoped and rather static, or accompanied with > tightly coupled control planes which can include their own control-level > loop prevention during setup, tunnel loops on data packets are less > likely - which is probably why you do not see much extra effort at an > optimized check for them on the data path. Loops are more likely when > tunnels encapsulations are used liberally, automatically, and allowed to > operate in a multihop fashion. The future may be different, but at the > moment I believe we see less of this kind of situation in practice. > True. For cases such as enterprise networks where IPSec tunnels are created over the global internet, or with layer 2 tunneling is used in telecommunications network, such tunnel are statically configured and loops are avoided at creation time. For dynamic cases, one example that immediately come to mind is Mobile IP tunneling (one reason why this is cross posted to Mext). A tunnel is created at the point of reception of a BU. On Wed, 2008-10-29 at 15:56 -0500, Mark Townsley wrote: > Chan-Wah Ng wrote: > > > > As to whether there is a practical need to fix this problem, it is up to > > the IETF community to decide. The information I can provide to help make > > that decision is both Mext WG and 3GPP CT1 has acknowledged it as a > > problem. > > > What are the specific situations where tunnel loops have been seen in > practice? Was there a control plane setting up the tunnel which could be > used to prevent the creation of the loop in the first place? > We have described two examples in the draft, both related to mobility. The first case is loop formation between two (or more) home agents. The second case is the formation of loop between a IPSec (Mobike) gateway and the home agent. In 3GPP, there is a clear separation of control and data plane. However, those are generally for 3GPP access. For non-3GPP access (which is the case where DSMIP is used), the separation is a bit more fuzzy. Based on discussion in other SDO, the case where the loop is formed within an operator's domain (eg the loop between DSMIP and Mobike) can be averted with additional checks. However, there is also the case where the loop is formed using entities from different domains (eg. between a 3GPP PDNGW and a HA provided by independent Mobility Service Provider). Here, there are no control plane signaling to employ to prevent the formation of a loop. In such cases, the best thing an operator could do is to protect its own network by detecting the loop once it is formed and perform counter-measures. /rgds /cwng _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
