Re: [802.1] Re: [LinkSec] IETF PANA
Thanks, Alper. You've put my concerns to rest. A Vicious
Rumor had it that you were using one of the 16 BPDU MAC addresses
that cannot pass through a bridge.
-- Norm
Alper Yegin wrote:
> Hi Norman,
>
> The PAA multicast group address is currently TBD. We'd need to get one
> assigned by IANA. Once we have that address, the corresponding MAC address
> is determined as discussed in other specifications, such as RFC2464 for IPv6
> multicast on Ethernet:
>
> 7. Address Mapping -- Multicast
>
> An IPv6 packet with a multicast destination address DST, consisting
> of the sixteen octets DST[1] through DST[16], is transmitted to the
> Ethernet multicast address whose first two octets are the value 3333
> hexadecimal and whose last four octets are the last four octets of
> DST.
>
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> |0 0 1 1 0 0 1 1|0 0 1 1 0 0 1 1|
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> | DST[13] | DST[14] |
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> | DST[15] | DST[16] |
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>
> So, the MAC address will be calculated based on the IP multicast address
> selected by PANA design.
>
> Alper
>
>
>
>
>
>>Alper,
>>
>>If PANA messages are L3 messages, and if a multicast MAC address is
>>used, then it should be either the broadcast MAC address, or a multicast
>>MAC address meaning, "all those endstations that understand PANA." That
>>multicast MAC address can be assigned by the IETF, and would presumably
>>use the IETF OUI. Either way, the multicast bit in the destination MAC
>>address would prevent the packet from being forwarded by a router.
>>
>>Using a MAC address from the bridge BPDU set would be completely
>>inappropriate, as the bridges should be transparent to an L3 protocol.
>>
>>What destination MAC address is used?
>>
>>-- Norm (a long time in 802.1) Finn
>>
>>Alper Yegin wrote:
>>
>>>The destination MAC address of the PANA messages are always unicast, except
>>>for the initial discovery message (rightfully).
>>
>>
>>
>
>