[quagga-dev 10531] Re: RFC-6506(Supporting Authentication Trailer for OSPFv3) implementation in quagga-0.99.21 version

Lokesh Pareta lokesh.pareta at tcs.com
Fri May 10 14:21:06 BST 2013


Hi Balaji,
Thank you for your response.
As per your suggestion, I created three patch files related to lib, CLI 
stuff and OSPF implementation,
These patch files can be applied cleanly one by one and also the code 
compiles after each iteration. The applying sequence of the patches should 
be as follows:
lib patch
CLI patch
OSPF implementation patch

The lib part were done in the following files:
Makefile.in
Makefile.am
memtypes.h
memtypes.c
sha256.h
sha256.c

The CLI part were done in the following files:
ospf6_interface.c 
ospf6_interface.h
ospf6_area.c 
ospf6_proto.h


The implementation of CLI functionalities were done in following files:
ospf6_message.c 
ospf6_message.h
ospf6_proto.c 
ospf6_neighbor.c 
ospf6_neighbor.h

Please find the attachments of following files:
Patch file for lib directory
Patch file for CLI part
Patch file for OSPF implementation
Patch file of whole project


           


Thanks & Regards,
Lokesh Pareta

Telecom Technology - NextGen R&D,
Tata Consultancy Services
TCS Towers, 249 D&E Udyog Vihar,
Phase IV, Gurgaon
Haryana, India
Cell:- +91 8506946082
Mailto: lokesh.pareta at tcs.com
Website: http://www.tcs.com

___________________________________________
Experience certainty.   IT Services
                        Business Solutions
                        Outsourcing
___________________________________________



From:
Balaji G <balajig81 at gmail.com>
To:
Lokesh Pareta <lokesh.pareta at tcs.com>
Cc:
Deepankar Gupta <deepankar.gupta at tcs.com>, Saloni Jain 
<saloni.jain at tcs.com>, quagga-dev at lists.quagga.net, David Lamparter 
<equinox at opensourcerouting.org>, Rajeev Agarwal <rajeev.agarwal at tcs.com>
Date:
05/09/2013 11:44 AM
Subject:
[quagga-dev 10529] Re: RFC-6506(Supporting Authentication Trailer for 
OSPFv3) implementation in quagga-0.99.21 version



Also make sure the patches after you break it down, applies cleanly when 
applied one by one and also the code compiles after the iteration. You 
could probably break it down into CLI stuff, the actual OSPF 
implementation, libs etc if you wish to.

 - Balaji

On Thu, May 9, 2013 at 11:36 AM, Balaji G <balajig81 at gmail.com> wrote:
Hi Lokesh 

Is it possible for you to break these into smaller patches and send it as 
i see the changes are done in lib, ospf. Its easier to get it reviewed and 
acknowledge specific patches in specific modules.

Thanks,
Cheers,
   - Balaji


On Thu, May 9, 2013 at 11:11 AM, Lokesh Pareta <lokesh.pareta at tcs.com> 
wrote:
Hi All, 

Tata Consultancy Services (TCS) wants to contribute to Quagga development 
by providing the implementation code for RFC-6506, developed and tested on 
quagga-0.99.21 version. 

Abstract of the RFC-6506: 
Currently, OSPF for IPv6 (OSPFv3) uses IPsec as the only mechanism for 
authenticating protocol packets. 
This behavior is different from authentication mechanisms present in other 
routing protocols (OSPFv2, Intermediate System to Intermediate System 
(IS-IS), RIP, and Routing Information Protocol Next Generation (RIPng)).   

In some environments, it has been found that IPsec is difficult to 
configure and maintain and thus cannot be used.   
RFC-6506 defines an alternative mechanism to authenticate OSPFv3 protocol 
packets so that OSPFv3 does not only depend upon IPsec for authentication.

Steps to test/run the developed patch file on quagga-0.99.21 : 
As per RFC, implementation is done by TCS in order to provide 
authentication support on both interface and area. 
Commands to be used are as follows: 
For an interface(under interface <i/f name>)-
                ipv6 ospf6 sha-256-authentication                         
       [command to set AT-bit on interface] 
                ipv6 ospf6 sha-256-key <key-id> sha-256 <password>         
         [command to attach key-id and password to the packets] 
For an area (under router ospf6)-
                area <area-id> sha-256-authentication                     
           [command to set AT-bit on area] 
In order to authenticate OSPFv3 packets, please provide combination of 
both AT bit  on an interface/area and key-id with sha-256 password.

Please find following attachment: 
Patch file of RFC-6506 implementation



Kindly revert in case of any queries or doubts and suggestions are also 
welcome. 

Thanks & Regards,
Lokesh Pareta 

Telecom Technology - NextGen R&D,
Tata Consultancy Services
TCS Towers, 249 D&E Udyog Vihar,
Phase IV, Gurgaon
Haryana, India
Cell:- +91 8506946082
Mailto: lokesh.pareta at tcs.com
Website: http://www.tcs.com

___________________________________________
Experience certainty.        IT Services
                       Business Solutions
                       Outsourcing
___________________________________________
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you

_______________________________________________
Quagga-dev mailing list
Quagga-dev at lists.quagga.net
http://lists.quagga.net/mailman/listinfo/quagga-dev


_______________________________________________
Quagga-dev mailing list
Quagga-dev at lists.quagga.net
http://lists.quagga.net/mailman/listinfo/quagga-dev


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20130510/63a738a9/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RFC6506_lib.patch
Type: application/octet-stream
Size: 16191 bytes
Desc: not available
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20130510/63a738a9/attachment-0004.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RFC6506_cli.patch
Type: application/octet-stream
Size: 10602 bytes
Desc: not available
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20130510/63a738a9/attachment-0005.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RFC6506_implementation.patch
Type: application/octet-stream
Size: 35777 bytes
Desc: not available
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20130510/63a738a9/attachment-0006.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RFC6506.patch
Type: application/octet-stream
Size: 47169 bytes
Desc: not available
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20130510/63a738a9/attachment-0007.obj>


More information about the Quagga-dev mailing list