[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Control Plane Security of ISP Network




--- "Smith, Donald" <Donald.Smith@qwest.com> wrote:

> Clearly my definitions of data, mgmt, and ctrl
> planes are not complete;)
> A good definition of the ctrl plane will probably be
> a good place to
> start.
> Do we include icmp port/host/net unreachable and
> other icmp error
> messages in the control plane?
>  

I would argue "no," for the following reason: ICMP
unreachables are something which communicate
information from a data-plane host to another
data-plane host.  An analagous comparison would be
that Frame-Relay switches can generate FECN/BECN on
the data plane.

Now, certain cases of ICMP unreachable would need to
be used on the data plane - i.e. if a device attempted
to communicate with a control server which crashed, it
should be able to receive an ICMP unreachable, but
that should be completely divorced from the data
plane.

-David

David Barak
Need Geek Rock?  Try The Franchise: 
http://www.listentothefranchise.com

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com