Skip to main content

Last Call Review of draft-ietf-l2vpn-pbb-vpls-pe-model-07

Request Review of draft-ietf-l2vpn-pbb-vpls-pe-model
Requested revision No specific revision (document currently at 07)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-06-27
Requested 2013-06-20
Authors Florin Balus , Ali Sajassi , Dr. Nabil N. Bitar
Draft last updated 2013-06-27
Completed reviews Secdir Last Call review of -07 by Phillip Hallam-Baker
Assignment Reviewer Phillip Hallam-Baker
State Completed
Review review-ietf-l2vpn-pbb-vpls-pe-model-07-secdir-lc-hallam-baker-2013-06-27
Reviewed revision 07
Result Has Issues
Completed 2013-06-27
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

The draft is an informational document describing an architecture for moving
packets about based on MAC addresses.

While the existence of such architectures and devices is likely relevant to
Internet Protocol networking, the draft does not explain how the architecture
described is relevant.

The draft does not contain a substantive Security Considerations, there is
instead a reference:

   No new security issues are introduced beyond those that are described

   in [


] and [



The references in turn contain references

   A more comprehensive description of the security issues involved in
   L2VPNs is covered in [



This is a pity if the principle purpose of the document is to explain the
differences between IP layer inter-networking and Layer 2 (aka Ethernet layer)
networking and the main differences are in the area of security and scalability.

One of the main reasons to prefer L2 networking over IP is the dependence
certain LAN protocols still have on the use of broadcast techniques. But
broadcast techniques are by their very nature unscalable. Given n nodes the
cost of broadcast traffic rises as n^2 as every machine on the network has to
process the spam from all the rest.

From a security point of view the L2 approach results in a true peered network
which has unfortunate effects on security. Absent mechanisms to authenticate
network control messages, every additional machine added to the network is an
additional potential point of pollution.