[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Control Plane Security of ISP Network
--- "Smith, Donald" <Donald.Smith@qwest.com> wrote:
> Clearly my definitions of data, mgmt, and ctrl
> planes are not complete;)
> A good definition of the ctrl plane will probably be
> a good place to
> Do we include icmp port/host/net unreachable and
> other icmp error
> messages in the control plane?
I would argue "no," for the following reason: ICMP
unreachables are something which communicate
information from a data-plane host to another
data-plane host. An analagous comparison would be
that Frame-Relay switches can generate FECN/BECN on
the data plane.
Now, certain cases of ICMP unreachable would need to
be used on the data plane - i.e. if a device attempted
to communicate with a control server which crashed, it
should be able to receive an ICMP unreachable, but
that should be completely divorced from the data
Need Geek Rock? Try The Franchise:
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around