RE: security policy discovery

[Jan Vilhuber <vilhuber@cisco.com>]

On Thu, 12 Sep 2002, Henry Spencer wrote:

> On Thu, 12 Sep 2002, Satyadeva Konduru wrote:
> > In this scenario, is there not a problem of spoofed packets
> > unnecessarily setting up tunnels between Bob and Alice. Each think that
> > the other side needs a tunnel to send traffic. This could become a
> > denial of service attack, especially if the lifetimes are small, since
> > both Bob and Alice will keep setting up tunnels and thus make the setup
> > of genuine tunnels slow.
>
> Bob and Alice would be well advised to adaptively adjust the lifetime of
> the tunnels they set up, so that if they are starting to burn significant
> numbers of cycles setting up and tearing down tunnels to the same place,
> they lengthen the tunnel life to reduce the overhead.  (Keeping a tunnel
> open costs essentially nothing, at least not until rekeying time.)
>

That's true for end-hosts only. The memory and resources (crypto slots
for example) used when terminating on a concentrator shouldn't be
ignored so lightly. That's not to say we need to make a great big fuss
about it either. Just don't ignore seemingly trivial costs, because in
aggregation they can add up.

jan
 --
Jan Vilhuber                                            vilhuber@cisco.com
Cisco Systems, San Jose                                     (408) 527-0847

http://www.eff.org/cafe