[Ndn-interest] Same LSDB in entire network?

Lan Wang (lanwang) lanwang at memphis.edu
Thu Jul 21 15:56:04 PDT 2016 

Having the same set of LSAs is simply an algorithmic requirement for routing convergence.  What specific security threat do you see this prevents?

Lan

On Jul 19, 2016, at 10:54 AM, Tanusree Chatterjee <tnsr.chatterjee at gmail.com<mailto:tnsr.chatterjee at gmail.com>> wrote:


Thanks for the response. By security, I also meant the digest tree maintained by all the nodes (last version of NLSR) in the entire network must be same as they exchange the root digest while sending interest periodically to each other. So, to do the same each node in the entire network must have the common LSDB.
As a simple scenario of 5 nodes I was running in mini ndn emulator, the nlsrc status of all nodes show the same LSDB, which consists of all the LSAs of each node in the network.

On Jul 19, 2016 7:09 PM, "Lan Wang (lanwang)" <lanwang at memphis.edu<mailto:lanwang at memphis.edu>> wrote:
Tanusree,

Every node in NLSR maintains an LSDB (i.e. the topology of the entire network) since NLSR is a link-state routing protocol.  If the network has converged, all the LSDBs should be the same.  Every LSA is signed by its originator and can be verified using a trust model to make sure that the LSA is indeed originated by that origin router.  This is a security benefit provided by NDN’s data-centric security model.  Is this what you mean by “this synchronization of same LSDB in the entire network helps in security"?

Lan

On Jul 18, 2016, at 9:25 AM, Tanusree Chatterjee <tnsr.chatterjee at gmail.com<mailto:tnsr.chatterjee at gmail.com>> wrote:


Hi all,
One thing I could not be sure about that whether all the nodes in the network have the common LSDB? If so, all the nodes have the idea of topology of the entire network? If NLSR is concerned, so this synchronization of same LSDB in the entire network helps in security also?

Regards,
Tanusree Chatterjee

_______________________________________________
Ndn-interest mailing list
Ndn-interest at lists.cs.ucla.edu<mailto:Ndn-interest at lists.cs.ucla.edu>
http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20160721/73f6001a/attachment.html>

More information about the Ndn-interest mailing list