cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
537
Views
0
Helpful
2
Replies
Highlighted
Beginner

Gateway load balancing protocols - possible misuses

Hi everyone!

I had some brainstorming today at work regarding gateway load balancing protocols and was thinking about authentication. The fist thing that I could think of is what would happen if some rogue switch/router was added to our network (or lets say misconfigured device), that would use the same virtual IP, as the master already used as the real gateway. It is fine, that if I do not use the same password as the already running one, we will not be able to speak to each other, and comunicate via lets say HSRP. But nothing stops that router from having the same virtual IP address, and thanks to the different passwords, it has no chance of knowing that somebody else is master already for that network. So in this case both of the router/MLSes will probably respond to ARP queries regarding the gateway, and some nasty MAC address flaping can ocure on the switches in the network. Is there any way how to solve it, other than to have full control over your network and not allowing this kind of missconfiguration or attack?

Tom

2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Hall of Fame Master

Have you run a real network before? Seems to me you're worring too much.

View solution in original post

Highlighted
Hall of Fame Cisco Employee

Hi Tomas,

For sure, the authentication in FHRP protocols brings little value. VRRP RFCs 3768 Section 10, and 5798 Section 9 put it quite nicely - there is no point in doing authentication in these protocols. It does not really increase the security.

With the ability of any station to come with a conflicting IP or MAC, the only reasonable solution I can see is having a full control, optionally utilizing mechanisms like DAI or IPSG to prevent stations from doing inappropriate things to their IP/MAC identity.

Best regards,

Peter

View solution in original post

2 REPLIES 2
Highlighted
Hall of Fame Master

Have you run a real network before? Seems to me you're worring too much.

View solution in original post

Highlighted
Hall of Fame Cisco Employee

Hi Tomas,

For sure, the authentication in FHRP protocols brings little value. VRRP RFCs 3768 Section 10, and 5798 Section 9 put it quite nicely - there is no point in doing authentication in these protocols. It does not really increase the security.

With the ability of any station to come with a conflicting IP or MAC, the only reasonable solution I can see is having a full control, optionally utilizing mechanisms like DAI or IPSG to prevent stations from doing inappropriate things to their IP/MAC identity.

Best regards,

Peter

View solution in original post