What does this have to do with the protocol? On Tue, 2005-10-25 at 09:35 -0700, Caitlin Bestler wrote: > On an IP network, a non-privileged user is generally not capable of > forging > a source IP address and is typically prevented from using certain > source ports. > > I would propose that the CM [MAY|SHOULD|MUST] enforce that a non- > privileged > user can only use a Source IP Address and Port that they would have > been > able to use following the normal stack path (or what it would have > been in the > case that there is no conventional IP stack associated with this > path). > > So if IPoIB is installed, you would not be able to use any address > that > you would have been blocked from using over IPoIB. Or at least you > would not be guaranteed that you could. > > I think that MUST is the correct level of enforcement, but it needs to > be > clear that the CM and OS *MAY* do this checking and that a userspace > IB application cannot use the IB stack to perform IP spoofing. > > > ______________________________________________________________ > From: [EMAIL PROTECTED] [mailto:dat- > [EMAIL PROTECTED] On Behalf Of Kanevsky, Arkady > Sent: Tuesday, October 25, 2005 9:00 AM > To: openib-general@openib.org; dat- > [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: [dat-discussions] round 2 - proposal for socket based > connection model > > > Dear OpenIB, SWG and DAT members, > enclosed is teh second version of the proposal. > There are really 2 proposals that are related. > The first one is encoding IP 5-tuple into REQ private data > with small additional info for versioning and IB capabilities. > The second is just a couple of ideas, not a real proposal, > on maping of IP ports > to IB Service IDs. > > Thanks everybody for tons of feedback and deep discussions. > I appologize if I had missed something. > > Happy reading, > Arkady > > > Arkady Kanevsky email: [EMAIL PROTECTED] > > Network Appliance phone: 781-768-5395 > > 375 Totten Pond Rd. Fax: 781-895-1195 > > Waltham, MA 02451-2010 central phone: 781-768-5300 > > > > > > > > ______________________________________________________________ > YAHOO! GROUPS LINKS > > 1. Visit your group "dat-discussions" on the web. > > 2. To unsubscribe from this group, send an email to: > [EMAIL PROTECTED] > > 3. Your use of Yahoo! Groups is subject to the Yahoo! > Terms of Service. > > > ______________________________________________________________ > > _______________________________________________ > openib-general mailing list > openib-general@openib.org > http://openib.org/mailman/listinfo/openib-general > > To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general _______________________________________________ openib-general mailing list openib-general@openib.org http://openib.org/mailman/listinfo/openib-general
To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general