Packet over SONet/SDH (POS) experience?
Ran Atkinson
rja at corp.home.net
Mon Oct 20 16:32:54 UTC 1997
On Oct 19 8:12, William Allen Simpson wrote:
% There has been a recent bit of scare mongering from Lucent about PPP
% over SONet/SDH over on the IETF-PPP list.
% Has anyone (that has deployed) been having incident reports?
>-- End of excerpt from William Allen Simpson
Bill,
There are known operational incidents where an adversary sent
an IP packet designed to set the SONET scrambling algorithm ["f(x)"]
to all zeros. This caused the SONET device to lose communications
syncronisation and the circuit to go down, requiring a manual reset.
Truly an ugly situation.
I've known about this issue ever since the PPP/SONET spec was
published, but have withheld public comment until someone else
mentioned the issue on a public list.
Cisco originally was going to implement a scrambler in its PPP/SONET
implementation (IOS folks like gmc definitely understood the issue),
but the cisco hardware types would not accept free clue and didn't
include the scrambler. Basically all the PPP/SONET implementations
I know about can be taken out with a single well-known (and
easily calculated) IP datagram.
Sigh.
I have not seen the Lucent proposal myself, so I'm not sure what
it looks like.
>From time to time I've talked with a couple of folks at a small
networking startup in Mountain View about this issue. My suggestions
to them have been of the form below:
Add a scrambler algorithm to the PPP/SONET spec.
A reasonable approach to that scrambler might be something of
the general form:
X^^A + X^^B + C
Where:
^^ is the exponentiation operator
A,B are prime numbers with O(10) or larger.
(A > B)
C is a prime number other than 1.
Adding additional exponential terms might generally strengthen
the algorithm, but intuitively I believe that the above form
is a reasonable tradeoff between implementation complexity and
strength. It is crucial that the selected algorithm be checked
against the SONET scrambler. An early proposal for ATM-layer
scrambling (since fixed) had the property that it fought with the
SONET-layer scrambler.
At this point, an implementation would want to retain backward
compatibility with the deployed systems. Hence, I'd suggest
that implementers put in a knob letting administrators select
either "no PPP scrambling" or "PPP scrambling". Clearly *I* don't
want to buy products that have the vulnerability noted at the top.
Ran
rja at home.net
PS: I'm not on the PPP or PPPSDH lists, so if folks on those lists
want me to see any followups, those folks will need to Cc: me
directly.
PPS: The followups list definitely will need trimming. Please
edit appropriately if you followup...
More information about the NANOG
mailing list