IETF Logo Mail Archive

Re: [Gen-art] Gen-ART review of draft-ietf-conex-tcp-modifications

Ronald Bonica <rbonica@juniper.net> Thu, 10 September 2015 16:48 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 378C11A1BC6 for <gen-art@ietfa.amsl.com>; Thu, 10 Sep 2015 09:48:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.902
X-Spam-Level:
X-Spam-Status: No, score=-101.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O6n8D0x8TxmS for <gen-art@ietfa.amsl.com>; Thu, 10 Sep 2015 09:48:04 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0119.outbound.protection.outlook.com [65.55.169.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A518B1B6798 for <gen-art@ietf.org>; Thu, 10 Sep 2015 09:48:04 -0700 (PDT)
Received: from BLUPR05MB1985.namprd05.prod.outlook.com (10.162.224.27) by BLUPR05MB1986.namprd05.prod.outlook.com (10.162.224.28) with Microsoft SMTP Server (TLS) id 15.1.262.15; Thu, 10 Sep 2015 16:48:02 +0000
Received: from BLUPR05MB1985.namprd05.prod.outlook.com ([10.162.224.27]) by BLUPR05MB1985.namprd05.prod.outlook.com ([10.162.224.27]) with mapi id 15.01.0262.011; Thu, 10 Sep 2015 16:48:02 +0000
From: Ronald Bonica <rbonica@juniper.net>
To: Suresh Krishnan <suresh.krishnan@ericsson.com>, "gen-art@ietf.org" <gen-art@ietf.org>, "draft-ietf-conex-tcp-modifications.all@tools.ietf.org" <draft-ietf-conex-tcp-modifications.all@tools.ietf.org>, "draft-ietf-conex-tcp-modifications@tools.ietf.org" <draft-ietf-conex-tcp-modifications@tools.ietf.org>
Thread-Topic: [Gen-art] Gen-ART review of draft-ietf-conex-tcp-modifications
Thread-Index: AQHQ6ma721FEc/QKCk+yzcbDw6rNkJ40qbbggAFRuxA=
Date: Thu, 10 Sep 2015 16:48:02 +0000
Message-ID: <BLUPR05MB198551447890B77F0DD320DCAE510@BLUPR05MB1985.namprd05.prod.outlook.com>
References: <BLUPR05MB19854B6651D13CE6095A3935AE530@BLUPR05MB1985.namprd05.prod.outlook.com> <E87B771635882B4BA20096B589152EF63A91455C@eusaamb107.ericsson.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rbonica@juniper.net;
x-originating-ip: [66.129.241.13]
x-microsoft-exchange-diagnostics: 1; BLUPR05MB1986; 5:2aphymqWAESbDfqQdx/C94lGjMX9jdyvqyQAE9vePT3QvUfV4TUI/aeSV2ftDifVSMj8bIwd0cXZGDGWJSo7YSp0QHb5Hh01mc65mFyoE2tz4xPpfk6f/bcoSwdXuVZZXSTLr35N7rnjZtuqK4CmSg==; 24:0RyAvZ1nSLEhhkqnvDcXptSdRmP2PwFDHEoNvJL4SHUNJK9uEZ8+1mjhINQ9ItNEj2jwFQ6l0aQrkxAl5tMrlrJncOgu/uAvBlgD2B6FO2w=; 20:CIbMplvlRi+UzSTtPSIpiOs1HRLydh4OQ/bm/AGb6OaAS9NXdz5U6cQsUOZQLZyUKP0KxyUfTMlLPug/IB5jGQ==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR05MB1986;
x-microsoft-antispam-prvs: <BLUPR05MB19864534F3947293D9421E52AE510@BLUPR05MB1986.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5005006)(8121501046)(3002001); SRVR:BLUPR05MB1986; BCL:0; PCL:0; RULEID:; SRVR:BLUPR05MB1986;
x-forefront-prvs: 06952FC175
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(377454003)(199003)(51444003)(24454002)(76104003)(13464003)(377424004)(479174004)(189002)(99286002)(107886002)(87936001)(50986999)(102836002)(5004730100002)(2900100001)(122556002)(15975445007)(77096005)(19580395003)(68736005)(76176999)(19580405001)(101416001)(54356999)(92566002)(105586002)(10400500002)(5001830100001)(33656002)(5007970100001)(5001770100001)(40100003)(5001920100001)(230783001)(97736004)(66066001)(5001860100001)(189998001)(77156002)(106116001)(11100500001)(46102003)(5001960100002)(2201001)(2501003)(74316001)(64706001)(81156007)(86362001)(106356001)(5003600100002)(5002640100001)(76576001)(4001540100001)(62966003); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR05MB1986; H:BLUPR05MB1985.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Sep 2015 16:48:02.2649 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR05MB1986
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/fI8cF8wK72zWRSPEPNrxgEYnUPM>
Subject: Re: [Gen-art] Gen-ART review of draft-ietf-conex-tcp-modifications
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Sep 2015 16:48:07 -0000

Resend, this time with correct email address


> -----Original Message-----
> From: Ronald Bonica
> Sent: Wednesday, September 09, 2015 4:50 PM
> To: 'Suresh Krishnan' <suresh.krishnan@ericsson.com>; gen-art@ietf.org
> Cc: draft-ietf-conex-tcp-modifications.all@tools.ietf.org
> Subject: RE: [Gen-art] Gen-ART review of draft-ietf-conex-tcp-modifications
> 
> Suresh,
> 
> You are absolutely right. We have two possible solutions, an HBH Option and
> a Destination Option.  Both solutions severely limit CONEX deployability.
> 
> Since my comment is more about draft-ietf-conex-destopt than it is about
> draft-ietf-conex-tcp-modifications, I think that we can let draft-ietf-conex-
> tcp-modifications go forward, as is.
> 
> Before draft-ietf-conex-tcp-modifications comes up for last call, we might
> want to augment Section 5, explaining why both solutions limit severely limit
> CONEX deployability. Since all of the CONEX documents are EXPERIMENTAL,
> that caveat shouldn't be an impediment to publication.
> 
> We will need to address the problem before the CONEX documents become
> PROPOSED STANDARD. But we can cross that bridge when we get to it.
> 
>                                                                                       Ron
> 
> 
> 
> 
> > -----Original Message-----
> > From: Suresh Krishnan [mailto:suresh.krishnan@ericsson.com]
> > Sent: Tuesday, September 08, 2015 2:47 PM
> > To: Ronald Bonica <rbonica@juniper.net>; gen-art@ietf.org
> > Cc: draft-ietf-conex-tcp-modifications.all@tools.ietf.org
> > Subject: Re: [Gen-art] Gen-ART review of
> > draft-ietf-conex-tcp-modifications
> >
> > Hi Ron,
> >    Thanks for your review. Please find comments inline.
> >
> > On 09/08/2015 12:20 PM, Ronald Bonica wrote:
> > > I am the assigned Gen-ART reviewer for this draft. For background on
> > > Gen-ART, please see the FAQ at
> > > <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>
> > >
> > > Document:                                      draft-ietf-conex-tcp-modifications-09
> > > Reviewer:                                        Ron Bonica
> > > Review Date:                                  2015-09-07
> > > IETF LC End Date:                          2015-08-31
> > > IETF Telechat Date:                      2015-10-01
> > >
> > > Summary:          This document will be ready for publication as soon as the
> > major issue (below) below is addressed.
> > >
> > > Major Issues:
> > >
> > > This document contains a normative reference to
> > > draft-ietf-conex-destopt-
> > 09. The normative reference is appropriate, because this document
> > doesn't work at all unless the concepts described in
> > draft-ietf-conex-destopt-09 work.
> > >
> > > I am concerned about draft-ietf-conex-destopt-09. It uses an IPv6
> > Destination Option to signal CONEX state to intermediate routers.
> > However, according to RFC 2460:
> > >
> > >     "With one exception, extension headers are not examined or
> processed
> > >     by any node along a packet's delivery path, until the packet reaches
> > >     the node (or each of the set of nodes, in the case of multicast)
> > >     identified in the Destination Address field of the IPv6 header."
> > >
> > > The exception to which RFC 2460 refers is the Hop-by-hop Extension
> > Header. Intermediate routers don't examine Destination Options.
> > >
> > > Section 5 of draft-ietf-conex-destopt-09 attempts to address this
> > > issue, but
> > I am not sure that the argument is acceptable.
> >
> > I think we can discuss this further but in my view there are no good
> > solutions to this problem. There are two probable alternatives here
> >
> > Hop-by-hop options: This is arguably the right way to define
> > information that is inspected on intermediate nodes. But using this
> > implies that there is a huge performance penalty for conex packets
> > that hit conex unaware routers (basically being punted into the slow
> > path in the best case, being dropped at worst). RFC7045 section 2.2
> > talks about this explicitly but this problem has been known for much
> longer. This will break requirement R-3.
> >
> > Destination options: Intended for the destination of the packet, but
> > capable of being read at *consenting* conex-aware network nodes. Does
> > not affect nodes that are conex unaware. This is no different than a
> > router that looks at a TCP port for an enforcing an ACL, right?
> >
> > Let me know what you think. (Especially, we would be grateful if you
> > think there is a better solution we ought to be considering that would
> > meet the
> > requirements)
> >
> > Regards
> > Suresh
> >

v2.23.0 | Report a Bug | By Email