RFC A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers. (Czerny Andeas)

Similar documents
Network Working Group Request for Comments: Cisco Systems, Inc. February 2004

show crypto group summary, page 1 show crypto ikev2-ikesa security-associations summary spi, page 2

Table of Contents 1 IKE 1-1

IPsec Dead Peer Detection PeriodicMessage Option

IPsec Dead Peer Detection Periodic Message Option

IPsec Dead Peer Detection Periodic Message Option

IPsec Dead Peer Detection Periodic Message Option

IPSec. Overview. Overview. Levente Buttyán

Overview of Keepalive Mechanisms on Cisco IOS

Swift Migration of IKEv1 to IKEv2 L2L Tunnel Configuration on ASA 8.4 Code

CSCE 715: Network Systems Security

IPsec NAT Transparency

Redundant IPSec Tunnel Fail-over

The IPsec protocols. Overview

VPN and IPsec. Network Administration Using Linux. Virtual Private Network and IPSec 04/2009

Cisco Group Encrypted Transport VPN Configuration Guide, Cisco IOS Release 15M&T

CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

Cisco Live /11/2016

GET VPN GM Removal and Policy Trigger

IPsec NAT Transparency

CIS 6930/4930 Computer and Network Security. Topic 8.2 Internet Key Management

IPSec VPN Setup with IKE Preshared Key and Manual Key on WRVS4400N Router

Virtual Private Network

Cisco Group Encrypted Transport VPN

Siemens August Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol

Overview of the IPsec Features

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

CSC 6575: Internet Security Fall 2017

Crypto Templates. Crypto Template Parameters

Crypto Template IKEv2-Vendor Configuration Mode Commands

Border Gateway Protocol - BGP

VPN-1 Pro Interoperability

IP Security Protocol Working Group (IPSEC) draft-ietf-ipsec-nat-t-ike-03.txt. B. Swander Microsoft V. Volpe Cisco Systems 24 June 2002

CloudBridge :31:07 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security

The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,

Firepower Threat Defense Site-to-site VPNs

Some optimizations can be done because of this selection of supported features. Those optimizations are specifically pointed out below.

VPN Connection through Zone based Firewall Router Configuration Example

K15344: Troubleshooting the IPsec tunnel between two BIG-IP AFM systems

Configure IKEv1 IPsec Site-to-Site Tunnels with the ASDM or CLI on the ASA

Junos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services

Crypto Template IKEv2-Vendor Configuration Mode Commands

IPSec implementation for SCTP

A crypto map is applied to an interface. The concept of a crypto map was introduced in classic crypto but

IPSec Between Two Cisco VPN 3000 Concentrators with Overlapping Private Networks

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

Configuring Redundant Routing on the VPN 3000 Concentrator

Internet Engineering Task Force (IETF) Request for Comments: 6092 Category: Informational January 2011 ISSN:

FA Service Configuration Mode Commands

Chapter 6/8. IP Security

Firewalls, Tunnels, and Network Intrusion Detection

Internet Engineering Task Force Mark Baugher(Cisco) Expires: April, 2003 October, 2002

file:///c:/users/hpguo/dropbox/website/teaching/fall 2017/CS4470/H...

Charles Perkins Nokia Research Center 2 July Mobility Support in IPv6 <draft-ietf-mobileip-ipv6-14.txt> Status of This Memo

IKE and Load Balancing

Configuring IKEv2 Fragmentation

AIT 682: Network and Systems Security

Internet Protocol and Transmission Control Protocol

The IPSec Security Architecture for the Internet Protocol

BiGuard C01 BiGuard VPN Client Quick Installation Guide (BiGuard series VPN enabled devices) Secure access to Company Network

CSE509: (Intro to) Systems Security

L13. Reviews. Rocky K. C. Chang, April 10, 2015

IPV6 SIMPLE SECURITY CAPABILITIES.

IP Security IK2218/EP2120

VNS3 IPsec Configuration. VNS3 to Cisco ASA ASDM 5.2

Module 25 TCP Timers and delayed duplicates problem in TCP

IP Security II. Overview

Advanced IKEv2 Protocol Jay Young, CCIE - Technical Leader, Services. Session: BRKSEC-3001

Cisco CCIE Security Written.

Computer Network Programming

IPSec Guide. ISAKMP & IKE Formats

IP Security. Have a range of application specific security mechanisms

T.D.T. M-/G- Series. TheGreenBow IPSec VPN Client. Configuration Guide.

Configuring an IPSec Tunnel Between a Cisco VPN 3000 Concentrator and a Checkpoint NG Firewall

A-B I N D E X. backbone networks, fault tolerance, 174

Cryptography and Network Security. Sixth Edition by William Stallings

ETSI CTI Plugtests Report ( ) The 1st UMTS FemtoCell Plugfest; Sophia Antipolis, France; March 2010

Configuring Internet Key Exchange (IKE) Features Using the IPSec VPN SPA

TSIN02 - Internetworking

Virtual Private Networks

Internet Key Exchange

TCP: Flow and Error Control

FDDI by default supports Early Token Release. Below is the operation of FDDI ring.

SIP System Features. SIP Timer Values. Rules for Configuring the SIP Timers CHAPTER

ASA-to-ASA Dynamic-to-Static IKEv1/IPsec Configuration Example

Lixia Zhang M. I. T. Laboratory for Computer Science December 1985

PART III. Implementing Inter-Network Relationships with BGP

Configuring IPsec and ISAKMP

Crypto Template Configuration Mode Commands

draft-ietf-ipsec-nat-t-ike-01.txt W. Dixon, B. Swander Microsoft V. Volpe Cisco Systems L. DiBurro Nortel Networks 23 October 2001

Internet Networking recitation #10 TCP New Reno Vs. Reno

Set Up a Remote Access Tunnel (Client to Gateway) for VPN Clients on RV016, RV042, RV042G and RV082 VPN Routers

Lecture 3: The Transport Layer: UDP and TCP

Configuring IPsec on Cisco Routers Mario Baldi Politecnico di Torino (Technical University of Torino)

GET VPN Resiliency. Finding Feature Information. Prerequisites for GET VPN Resiliency

Ike Sa Manually Delete. To 'clear Crypto Sa Peer

User Datagram Protocol

Transcription:

RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers (Czerny Andeas)

Summery 1. Introduction 2. Keepalives and Heartbeats 3. DPD Protocol 4. Resistance to Replay Attack and False Proof of Liveliness

Situation Peer A Peer B Internet IKE Protected IP traffic IKE Problem if connectivity goes down No way for IKE and IPSec to identify the loss of peer connectivity The SAs can remain until their lifetimes naturally expire SA = Security Association

"Black Hole" Situation Packets are tunneled to oblivion It is often desirable to recognize black holes as soon as possible Proposals - failover to a different peer quickly. - recover lost resources. - sending periodic HELLO/ACK messages to prove liveliness.

Keepalives and Heartbeats Bidirectional "keepalive" message exchange - a HELLO followed by an ACK only on side is interested in liveliness Unidirectional "heartbeat" message exchange - a HELLO only both sides have to demonstrate liveliness

Scenario 1 Peer A Peer B A's 10 sec. timer elapses first Sends HELLO to B Receives ACK as proof of B's liveliness HELLO ACK Receives HELLO Acknowledges A's liveliness Resets keepalive timer Sends ACK Reset keepalive timer

Scenario 2 Peer A Peer B (dead) A's 10 sec. timer elapses first Sends HELLO to B Retransmission timer expires Message could have lost in transit A increments error counter Sends another HELLO... HELLO (dead) (dead)

Scenario 3 Peer A Peer B A's 10 sec. timer elapses first Sends HELLO to B Receives HELLO as proof of B's liveliness HELLO HELLO Receives HELLO as proof of A's liveiness B's 10 sec. timer elapses Sends HELLO

Scenario 4 Peer A Peer B A's 10 sec. timer elapses first Sends HELLO to B... HELLO (dead) Assumes B is dead

DPD Protocol A peer is free to request proof of liveliness when it needs it. asynchronous property allows fewer messages to be sent IPSec traffic itself serves as the proof of liveliness. Knowledge of the peer's liveliness, is only necessary if there is traffic to be sent.

DPD implementation In DPD, each peer can define its own "worry metric". the decision about when to initiate a DPD exchange is implementation specific. Each peer's DPD state is largely independent of the other's.

DPD Vendor ID Both peers of an IKE session MUST send the DPD vendor ID before DPD exchanges can begin 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ MM HASHED_VENDOR_ID J N R R +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ MJR and MNR correspond to the current major and minor version of this protocol

Message Exchanges Peer A Peer B NOTIFY(R-U-THERE) The DPD exchange is a bidirectional message. Both messages are simply ISAKMP Notify payloads (Internet Security Association and Key Management Protocol) Notify Message Value R-U-THERE 36136 R-U-THERE-ACK 36137 NOTIFY(R-U-THERE-ACK)

A peer MUST keep track of the state of a given DPD exchange. Retransmit R-U-THERE queries when it fails to receive an ACK. After some number of retransmitted messages delete IPSec and IKE SAs to the peer.

Message Format +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Next Payload RESERVED Payload Length ----------------------------------------------------------------------------------------- Domain of of Interpretation (DOI) ----------------------------------------------------------------------------------------- Protocol-ID SPI Size Notify Message Type ----------------------------------------------------------------------------------------- ~ ~ Security Parameter Index (SPI) ~ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- ----------------------------------------------------------------------------------------- Notification Data Notification Data! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Notify Message Type (2 octets) - MUST be set to R-U-THERE Security Parameter Index (16 octets) - SHOULD be set to the cookies of the Initiator and Responder of the IKE SA Notification Data (4 octets) - MUST be set to the sequence number corresponding to this message

Implementation Suggestion Liveliness of a peer is only questionable when no traffic is exchanged A viable implementation might begin by monitoring idleness. A peer's liveliness is only important when there is outbound traffic to be sent. initiate a DPD exchange if outbound IPSec traffic was sent, but not received any inbound IPSec packets. A complete DPD exchange will serve as proof of liveliness until the next idle period.

Comparisons DPD vs keepalive/heartbeats Performance benefit: DPD do not need to sent regular messages. The number of IKE messages to be sent and processed is reduced. Implementation benefit: DPD needs only 1 timer

Resistance to Replay Attack and False Proof of Liveliness Sequence Number in DPD Messages A responder to an R-U-THERE message MUST send an R-U-THERE-ACK with the same sequence number. The initial sender SHOULD reject the R-U-THERE-ACK if the sequence number fails to match the one sent with the R-U-THERE message. both SHOULD check the validity of the Initiator and Responder cookies presented in the SPI field of the payload.

Selection and Maintenance of Sequence Numbers both DPD peers can initiate a DPD exchange each peer MUST maintain its own sequence number The first R-U-THERE message sent in a session MUST be a randomly chosen number the high-bit of the sequence number initially SHOULD be set to zero. Sequence numbers MAY reset at the expiry of the IKE SA Maintain a window of acceptable sequence numbers

Benefit of sequence numbers detecting replayed messages prevents from needing to build, encrypt, and send ACKs. sequence numbers is that it adds an extra assurance of the peer's liveliness.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback