[conex] Review: draft-ietf-conex-destopt-06
Bob Briscoe <bob.briscoe@bt.com> Mon, 11 August 2014 23:26 UTC
Return-Path: <bob.briscoe@bt.com>
X-Original-To: conex@ietfa.amsl.com
Delivered-To: conex@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B0EF1A011B for <conex@ietfa.amsl.com>; Mon, 11 Aug 2014 16:26:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.269
X-Spam-Level:
X-Spam-Status: No, score=-3.269 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WafsCJY-knrc for <conex@ietfa.amsl.com>; Mon, 11 Aug 2014 16:26:13 -0700 (PDT)
Received: from hubrelay-by-04.bt.com (hubrelay-by-04.bt.com [62.7.242.140]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B2D71A04E7 for <conex@ietf.org>; Mon, 11 Aug 2014 16:26:12 -0700 (PDT)
Received: from EVMHR71-UKRD.domain1.systemhost.net (10.36.3.109) by EVMHR04-UKBR.bt.com (10.216.161.36) with Microsoft SMTP Server (TLS) id 8.3.348.2; Tue, 12 Aug 2014 00:26:10 +0100
Received: from EPHR01-UKIP.domain1.systemhost.net (147.149.196.177) by EVMHR71-UKRD.domain1.systemhost.net (10.36.3.109) with Microsoft SMTP Server (TLS) id 8.3.348.2; Tue, 12 Aug 2014 00:26:10 +0100
Received: from bagheera.jungle.bt.co.uk (132.146.168.158) by EPHR01-UKIP.domain1.systemhost.net (147.149.196.177) with Microsoft SMTP Server id 14.3.181.6; Tue, 12 Aug 2014 00:26:09 +0100
Received: from BTP075694.jungle.bt.co.uk ([10.111.49.191]) by bagheera.jungle.bt.co.uk (8.13.5/8.12.8) with ESMTP id s7BNQ6Gd022734; Tue, 12 Aug 2014 00:26:07 +0100
Message-ID: <201408112326.s7BNQ6Gd022734@bagheera.jungle.bt.co.uk>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Tue, 12 Aug 2014 00:26:01 +0100
To: Suresh KRISHNAN <suresh.krishnan@ericsson.com>, Mirja KUEHLEWIND <mirja.kuehlewind@ikr.uni-stuttgart.de>, Carlos Ucendo <ralli@tid.es>
From: Bob Briscoe <bob.briscoe@bt.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Scanned-By: MIMEDefang 2.56 on 132.146.168.158
Archived-At: http://mailarchive.ietf.org/arch/msg/conex/SpdCzewfeZNI6Szr5cMrEUTq0ME
Cc: ConEx IETF list <conex@ietf.org>
Subject: [conex] Review: draft-ietf-conex-destopt-06
X-BeenThere: conex@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Congestion Exposure working group discussion list <conex.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/conex>, <mailto:conex-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/conex/>
List-Post: <mailto:conex@ietf.org>
List-Help: <mailto:conex-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/conex>, <mailto:conex-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Aug 2014 23:26:16 -0000
Suresh, Mirja, Carlos, As promised at the authors mtg in Toronto, I have reviewed draft-ietf-conex-destopt-06. At this late stage, I prefer to suggest text, not just criticise. But pls don't take this to mean I expect you to use my suggested text. I had a lot of nits, so I thought it easiest to deal with these by annotating the draft (using MS Word, but also supplied as PDF output): <http://www.bobbriscoe.net/projects/conex/draft-ietf-conex-destopt-06-rvw-bb.doc> <http://www.bobbriscoe.net/projects/conex/draft-ietf-conex-destopt-06-rvw-bb.pdf> I have also included all my more substantial concerns in the above annotations - highlighted in yellow. I've listed the major items here, as hooks if mailing list discussion is needed on any of them (but see the annotations for detail before discussing). My most controversial disagreement is around IPsec compatibility, which we ought to spin into a separate thread if you want to discuss/argue. Most of the other additions are because conex-abstract-mech says a concrete protocol spec has to address specific aspects, which weren't addressed. ==Intro== * Added scoping in Intro (solely wire protocol; specific transport protocol specs will determine when specifically to set each marking, e.g. conex-tcp-modifications) * Standards Track -> Experimental * Added subsection of intro on experiment goals: criteria for success and duration ==Requirements== * Referred to abstract-mech for requirements, explained that it would be hard to satisfy them all, and explained which one wasn't satisfied (visibility in outer), referring to section on fast-path performance. ==CDO== * For any text about ignoring invalid fields, explicitly said that intermediate nodes MUST NOT normalise. Also, specified to treat packets with invalid fields like a non-ConEx-capable packet. * Specified precisely which IP header is included in the byte count. * Suggested deleting example of Not-ConEx-capable packets (see separate thread to conex-tcp-modifications authors about TCP pure ACKs). ==Fast-path== * CDO as first destination option: changed from MUST to SHOULD (with an example of when not to). ==Config & Management== * Added section, mainly to say there is no config & mgmt (required by abstract-mech). ==IPsec compatibility== * Suggested ConEx counts the AH header, and the outer tunnel mode header, with reasoning. * Suggested the section is restructured because I believe the visibility problem is not related to tunnel mode, but only to ESP in tunnel mode. * Added a para about the possibility of implementing a ConEx proxy (without breaking e2e authentication). ==Tunnelling== * Section added, to generalise from just IPsec to any IP-in-IP tunnelling (particularly relevant to mobile scenarios). * Suggested optional copying of CDO to outer, but also a simpler 'Do not copy CDO' alternative. ==Security Considerations== * Added lots, all pointers to where security issues are discussed in other places (which is what security directorate reviewers need). ==IANA== * I think the act bits need to be 00 not 10 to avoid ConEx packets being dropped by non-ConEx nodes (including by non-ConEx receivers)? But I'm willing to be corrected. Regards Bob ________________________________________________________________ Bob Briscoe, BT
- [conex] Review: draft-ietf-conex-destopt-06 Bob Briscoe
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Mirja Kühlewind
- Re: [conex] Review: draft-ietf-conex-destopt-06 Mirja Kühlewind
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Bob Briscoe
- Re: [conex] Review: draft-ietf-conex-destopt-06 Bob Briscoe
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Mirja Kühlewind
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Mirja Kühlewind
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Bob Briscoe
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Mirja Kühlewind
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Bob Briscoe
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Mirja Kühlewind
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Bob Briscoe
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Mirja Kühlewind
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Bob Briscoe
- [conex] Act bits and Positioning (Was Re: Fwd: Re… Suresh Krishnan
- Re: [conex] Act bits and Positioning (Was Re: Fwd… Bob Briscoe
- Re: [conex] Act bits and Positioning (Was Re: Fwd… Mirja Kühlewind
- Re: [conex] Fwd: Review: draft-ietf-conex-destopt… Mirja Kühlewind
- Re: [conex] Act bits and Positioning (Was Re: Fwd… Bob Briscoe
- Re: [conex] Act bits and Positioning (Was Re: Fwd… Suresh Krishnan
- Re: [conex] Act bits and Positioning (Was Re: Fwd… Mirja Kühlewind
- Re: [conex] Act bits and Positioning (Was Re: Fwd… Bob Briscoe
- Re: [conex] Act bits and Positioning (Was Re: Fwd… Mirja Kühlewind