Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

CyberAwareness Month - Day 15, Standards Body Soup (pt2), Same Soup Different Cook.

Published: 2012-10-16
Last Updated: 2012-10-16 14:02:16 UTC
by Richard Porter (Version: 3)
0 comment(s)

Introduction 

 

There are several new protocols that are on their way to being adopted in some form or another. In the previous article we covered how different standards bodies can cover and sometimes govern similar protocols and standards. Here we will discuss two emerging data center orriented standards and how they compete.
 

TRILL

 
First, I would like to draw your attention to a protocol called TRILL or TRansparnet Interconnection of Lots of Links. [1] There are several good sources for a technical overview so I will be brief. In short TRILL is a method of Routing Bridges or RBRidges [4] to exchange link state and does so with another protocol called IS-IS [2] or Intermediate System to Intermediate System. 
 
Before we get lost in our first example of too many cooks making the soup, lets be clear on TRILL using IS-IS that are both published by the IETF as RFC6327 and RFC 1142. RFC1142 is a republication of an ISO Standards body routing protocol publication. So, RFC6327 uses a standard that that was actually published by the ISO body but republ… You see where I am going.
 

SUPER OVER Simplification (TRILL)

 

TRILL is desinged to run at Layer 2 in the OSI model and allows for each TRILL switch to exchange link state information. You get enough information shared between TRILL Switches that they can make route discisions for optimized pathing. Here is a great write up http://en.wikipedia.org/wiki/TRILL_(computing) on Wikipedia. So basically build a tree of L2 States, trade them, and help them to talk, REALLY Fast… Well that's the goal anyways.
 
Why are we talking about this new Data Center Protocol by the IETF and through republication the ISO? 
 

SPB

 

Enter Protocol number 2, this protocol is brought to you by the good ole folks at the IEEE. If we remember our breakdown from my last diary, we will know they govern things like 802.1 [5] and 802.11 [6]. Why is this relevant? Enter contender number two for datacenter bridging protocols. SPB or Shortest Path Bridging. [7] [8] 
 

SUPER OVER Simplification (SPB)

 

Use IS-IS (<------seeing a trend?) to exchange a tree information to compute shortest path for packets. There is, of course, a lot more to it than the above but hopefully my point is made. Another great write up: http://en.wikipedia.org/wiki/IEEE_802.1aq
 

Conclusion

 
So, to recap, the IETF and the IEEE are working on similar protocols to accomplish similar goals. We will see who "Markets" the best to gain acceptance but It might be important to understand how many standards bodies have influence on the widgets and tools we implement. With SDN [9] or Software Defined Networking being the new "Cloud" word, it is good to understand who is shaping the SDN protocols. We can now start to see that many standards bodies go into making the "Internet" go....
 
And most of all, awareness of this is good as we are the ones that have to secure it 
 
IETF - TRILL
IEEE - SPB
 
[1] http://tools.ietf.org/html/rfc6327
[2] http://tools.ietf.org/html/rfc1142
[3] http://tools.ietf.org/pdf/rfc1142.pdf <-- PDF Warning
[4] http://tools.ietf.org/html/rfc6325
[5] http://www.ieee802.org/1/
[6] http://www.ieee802.org/11/
[7] http://en.wikipedia.org/wiki/IEEE_802.1aq
[8] http://www.ieee802.org/1/pages/802.1aq.html
[9] http://www.technologyreview.com/article/412194/tr10-software-defined-networking/
 
 

 

0 comment(s)
Diary Archives