datatracker.ietf.org
Sign in
Version 5.3.0, 2014-04-12
Report a bug

Securing Model-C Inter-Provider L2 VPNs with Label Hopping and TicToc
draft-mjsraman-l2vpn-vpls-tictoc-label-hop-03

Document type: Expired Internet-Draft (individual)
Document stream: No stream defined
Last updated: 2013-10-10 (latest revision 2013-04-08)
Intended RFC status: Unknown
Other versions: (expired, archived): plain text, pdf, html

Stream State:No stream defined
Document shepherd: No shepherd assigned

IESG State: Expired
Responsible AD: (None)
Send notices to: No addresses provided

This Internet-Draft is no longer active. Unofficial copies of old Internet-Drafts can be found here:
http://tools.ietf.org/id/draft-mjsraman-l2vpn-vpls-tictoc-label-hop

Abstract

In certain models of inter-provider Multi- Protocol Label Switching (MPLS) based Virtual Private Networks (VPNs) spoofing attack against VPN sites is a key concern. For example, MPLS-based VPN inter- provider model "C" for VPLS, or any L2 VPN purpose is not favoured, owing to security concerns in the dataplane, even though it can scale with respect to maintenance of routing state. Since the inner labels associated with VPN sites are not encrypted during transmission, a man-in-the-middle attacker can spoof packets to a specific L2 VPN site. In this paper, we propose a label-hopping technique which uses a set of randomized labels and a method for hopping amongst these labels using the time instant the packet leaves the port from a sending Provider Edge Router. To prevent the attacker from identifying the labels in polynomial time, we also use an additional label. The proposed technique can be applied to other variants of inter-provider MPLS based VPNs where Multi-Protocol exterior-BGP (MP- eBGP) multi-hop is used. As we address a key security concern, we can make a case for the deployment of MPLS based L2 VPN inter-provider model "C". Specifically we use the TicToc based Precision Time Protocol LSP to provide the timing for determining the time instant at which the packet is sent from the remote end Provider Edge Router and hence calculating when it must have left that peer at the Provider Edge Router in the near / receiving end. This version of the document suggests a better method for gaining more finely granular time slices. This is done by running the PTP LSP between the ASBRs in the ASes that are providing the inter-AS L2VPN service.

Authors

Shankar Raman <mjsraman@cse.iitm.ac.in>
Balaji Venkat <balajivenkat299@gmail.com>
Gaurav Raina <gaurav@ee.iitm.ac.in>
Bhargav Bhikkaji <bhargav_bhikkaji@dell.com>

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid)