Re: [Idr] Magnus Westerlund's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS)

Magnus Westerlund <magnus.westerlund@ericsson.com> Fri, 15 January 2021 16:49 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D90533A0DAD; Fri, 15 Jan 2021 08:49:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.351
X-Spam-Level:
X-Spam-Status: No, score=-2.351 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jDupRKsdZoVM; Fri, 15 Jan 2021 08:49:01 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2045.outbound.protection.outlook.com [40.107.20.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDA583A0DA5; Fri, 15 Jan 2021 08:49:00 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A7xplATTeWR9tJmUWVXrA0LmeCGOAH5kRiI9Q9zt1jtoktJHkgPU8Jfw8gn5cxLAVWQa1s9K1tprRQc8tdTIf+TGAK6G6M9flWxwXJdQFgsteb2gF1PKinkT7DAgaOiavR/1yIDV96lti6W1UF5QEEXy6rsige5ldaCNC/bhxlkxM6S13p3WW9r1DyuqSl5Cu4XxmccgsIlFNP3mLEEGGvtEXCn5Bzmd+XKjgfm21WkLq9pZQrF52Oid8u3HJEIl9KB8YaJ8ABawn9KcVO/X08U1Vt3FY8Gb1khFC2489EHvNnqz9SpD3eMomhTo52CcC4SsQsscYTdt7P86rcpLrA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BikRLi1V2rMvK0uSrue/gRQ48XCa7yMXA1aFjcjBroo=; b=KnEYhEHXloFDdzDXPNrUEzAi2dU5ZXEMQHi+jtZb7ET0Bi27NRFEsOkfFmAPDszJlJtdAleguGMpLG1W8WZAY3Zzzp3NDrVdHY30dDHTTr0+nqg5CBHmowNutElvOup5t9KWLbYrf2UBnD5goMl2BpGEYgy0qMHK8fkRfiGLokQWnfh2HpeJT9CbGwgsQ38xAkHe3yNYIF4XSZ1/nb6Fv8X/oa8tboAS6oRAnaQprTC18vdtippnfOf+ac+tgsXoqYLDR4m0Hj0ps8itXgjKVP81icnX7Oge+S1thekVkjf85amSJKl5sq0ncr7WH+aGFm5On5GuVok/1Va8yMZv8A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BikRLi1V2rMvK0uSrue/gRQ48XCa7yMXA1aFjcjBroo=; b=cEzEFbx7eEYJLTM59hr9LdhCM2FXCGQnInSfgId/0dmzOegdcXjzpcdHNxWurLFH6mE2HPZ1IclwC8q9jjAYmi+udCQtuX0hkLaqrIqGJ22XTSjcNb8yL16PJKdOL1ikqrHMjWwWlL1SaKN7mIXyddXWfLlTXKKeF0ht3/mkJak=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR07MB4171.eurprd07.prod.outlook.com (2603:10a6:7:9e::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.6; Fri, 15 Jan 2021 16:48:55 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::8cd:496:65de:4ace]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::8cd:496:65de:4ace%6]) with mapi id 15.20.3784.006; Fri, 15 Jan 2021 16:48:55 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "jgs@juniper.net" <jgs@juniper.net>
CC: "idr@ietf.org" <idr@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, "draft-ietf-idr-tunnel-encaps@ietf.org" <draft-ietf-idr-tunnel-encaps@ietf.org>, "shares@ndzh.com" <shares@ndzh.com>, "aretana.ietf@gmail.com" <aretana.ietf@gmail.com>
Thread-Topic: Magnus Westerlund's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS)
Thread-Index: AQHWyWJuKQHhG1Wgvky8fhmmmVxer6nl5pQAgADbRQCAAKZGgIAEQeGAgDjBToCABL6LAA==
Date: Fri, 15 Jan 2021 16:48:55 +0000
Message-ID: <912a5f71c76ebd7449879cadd8919e5923ffd65f.camel@ericsson.com>
References: <160699274176.32616.2646384288138693459@ietfa.amsl.com> <011B5202-4AA9-413F-B16C-C8BF9E43A0CA@juniper.net> <ad54d8b05747127c593aab0337f1496e4ee25dbd.camel@ericsson.com> <EA46DF01-A4C4-4E9E-883F-14C397F796DE@juniper.net> <8ea80e273da05fd44da75d9f092e9af9c63ea12b.camel@ericsson.com> <AE10B512-1F69-4164-AC31-63AE3E615E94@juniper.net>
In-Reply-To: <AE10B512-1F69-4164-AC31-63AE3E615E94@juniper.net>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: juniper.net; dkim=none (message not signed) header.d=none;juniper.net; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [192.176.1.81]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 310670e6-07b5-4e24-df17-08d8b9757272
x-ms-traffictypediagnostic: HE1PR07MB4171:
x-microsoft-antispam-prvs: <HE1PR07MB4171CA0F46BBE6F455A1614595A70@HE1PR07MB4171.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: nw5VUu/CfheRX5aLrNthzZw1Z6bOtAgz/zavb/7AK5mDtp0QO+C1D32MWQYs2Ajq5MQYWcWLMA8SX7TCv6mtSpEKvcheoeujpKkzU0ntmxxlBWx4plFdWj5Q4lgZxf57NePFE+CxscaREY7RhOK5z13fdPpo8jFv2x7WgZLGpxbWsups/e+FRmTDjLvukfFhp6gnTaPYJxej+8OJI3YSIUBE183hODpKiai7BbXGYsz4M1sGAJRRgDNM0VRYOzs0LnE6jIByTwEuE146jM7Dge4W5ChUiZC39UXwV4BhzPc3/aJ7v3WSSFCjyXakKdnnpUVPcCSbvyBF1GnL5c8zHK75BPq8FfTtZH55xBLshSaEwPI3lolJUtoW452MbyRW5agkx2Xq/K8sEzJ8l3YylQ1ploHRu+2Kc6iujCtBnL8fxw0al6VsjiEDL3cnCo70j8PHr1+I65Tk7wT2H3nHSwO18EmLquod3oX6lsxv+dofZUUH6ZtIGQSoi0l/i/QHdMV2n2M8fxSBWgc7BmqvbNPxfVF69ze9KhtuEWUzmtmgDSpKLYWHFxezGA66KWXA
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(366004)(39860400002)(396003)(376002)(5660300002)(2616005)(53546011)(66476007)(316002)(30864003)(44832011)(6512007)(83380400001)(4326008)(54906003)(36756003)(26005)(71200400001)(8676002)(66556008)(6506007)(8936002)(99936003)(66446008)(66574015)(66616009)(478600001)(6916009)(66946007)(64756008)(6486002)(86362001)(76116006)(186003)(2906002)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?Z0lRVnRObkZKRDgrOE42YXBSV3hkRTJyUlgyTlZ2ZGs3V1A1K3hJbGpjZDlo?= =?utf-8?B?ZGpxU3pXNDdvNDlua0tYalF2d2RSYlpwOTdQMDRVTVZMeTl6MkxFOXZ6dlBX?= =?utf-8?B?dWZJOXU1K1JpelhlYnlUTFk1YTE3MGp5YlpMckxLYUpBdzVBd3BoL2I2TUxM?= =?utf-8?B?Vy8xZDlxQi9yVysyUDc3b3J5VzBYU3JaY0ZhOGNxWjhrNndlcmN5N2I3aHly?= =?utf-8?B?MmsyRmU3RXVvcUl6eTVUYzV2RFZocjlEd1hZNFFrSUFFMDB1eDUwYW1zQmVv?= =?utf-8?B?a0NMbVZkRmdqS2l2YzFtVG5iTVkyRVloRkhvUjluaGZjV3JXNWo2Mlo3L1dV?= =?utf-8?B?WU90QlVmdDdXOGVoY1F3ZFRYNkcraWNLVDVPZ3JzSkNMQzhJY3RtdGcwZWpV?= =?utf-8?B?djNEUnA1VVFJa0hTMDFjcURzOGRQVmJCV3hyNkpmZXpwbVlsK21kQnZLZzZG?= =?utf-8?B?eEtPTUNrZmZTZDM2d1p4aGdyNnlKY3luVmxRNFYxd1NXQ2xCSXJpOG5HZGk0?= =?utf-8?B?dWpKQmNnb01KTXFyVHk2a09vUHVrUUxacmNqRkRrUlFZNFhhR0loSnh1dG51?= =?utf-8?B?YWhuMFJ2a2hzWXkvT0ZFMGhwR1g3VEZKVjJWZ2ljQk9ZRExjM2tXN0EzUGNn?= =?utf-8?B?aE1lYW0zNFA2c1BWUVAzVkpwL0t0R0FKK3ZENU80UU5mWTc3OTI0QzJmeXl3?= =?utf-8?B?cURoQnlnVjJ4dFhTdmhaWUkyS25TUFozYmNnNFBHb1pTaTFmT3NWNzl3dDFB?= =?utf-8?B?WHp6b2l5cXNBM1JJeVJrR0pvaC8wUVIrV1lMKy9XbUY5K2E2cEZLeDZKaWE3?= =?utf-8?B?VlRlbkc4NjFIUEtLR1Q2NEFlV21QUVh2TkJub0FQWVlFREFRSDZyYnFRSEVr?= =?utf-8?B?N080bnlMRUEvUlh1MGxjcnFRaVVtbUc2RmxNbzdXWTFaUTRWUGsxc1FiY2Js?= =?utf-8?B?ejhuQXJGeXZQS2tpRFZZRFM1WTdTZWxiMnBzcUY0c2RuaFlGTTBwNUhZMHQr?= =?utf-8?B?dVM3SlVZem9TbUhxdCtHVElLaDJ0d25jbnNMZk5PUjBnS2lqa013UEd1SUgw?= =?utf-8?B?dTVrejRxZUw5TklUNCtucmwveHNPRWRjUFhoYk5VRHR2ZzdTQXlWMVJ3TXc1?= =?utf-8?B?SWFlRU5yU0RFSWdaUUxVTTNOU3U2N2ZMT0lJb040TGFpWDFlRDFwNENvNFRP?= =?utf-8?B?aXlweHY3czNhQ21CT2lMUGdNVVFvZGV3QURXOWdodmJYb2V6WEFiUlJ0NGNN?= =?utf-8?B?TkcvUFIxc3g4Uk9GdWcveXNvd0l0NXdWTDV1dGxnRjRmeWlMMzdHeWlYZTNj?= =?utf-8?B?WGNyb3ZlbGhLYWQwbWs4b1RrdjFqaTJrMTh4MHpPL1k2UHBZNHlhclowOEFD?= =?utf-8?B?aGtzTVlIbUhzcDZOMWZyTzBNaU5uZW9ESk1TZHNHMkpLMC9IcnVCZjF2d0hE?= =?utf-8?Q?+nFmX2B7?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/x-pkcs7-signature"; boundary="=-OJE3P4I22qAI8qeFarzG"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 310670e6-07b5-4e24-df17-08d8b9757272
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Jan 2021 16:48:55.4297 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 8dwOK+1ntir6DKFOtPctLrHw1dAjd9oEBpFvsXatOS7G9I/puuBV061J5WA3snYlb5cBeFlMXfnuUeEzGXRFEgYIQlbqfnKLwT33nGTdwo0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4171
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/ZIuArRodeGhV9ZTsPIfJSfIFHWA>
Subject: Re: [Idr] Magnus Westerlund's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jan 2021 16:49:04 -0000

Hi,

I understand that you are considering this an improvements. However, from my
perspective this document fails massively the alone on an island test. No one
can implement this without having the specification from an operator for what
they actually want to establish. 

This in its turn makes it impossible to answer if there are issues or not and
additional configuration are needed for things like UDP zero-checksum, ECN, ICMP
processing etc. All these nitty gritty details that can make a tunnel work good
or not from an upper layer protocol perspective. 

So after some discussion with the rest of the IESG I have decided to go to
Abstain on this document. 

Cheers

Magnus Westerlund


On Tue, 2021-01-12 at 16:21 +0000, John Scudder wrote:
> Hi Magnus,
> 
> I’ve read your comments a few times and given them some thought. As best I can
> determine, your biggest concern is that there are assumptions made about the
> forwarding plane, that aren’t signaled. I can see that this might pose real
> problems with deployments running across the big-I Internet, traversing
> uncoordinated infrastructure. This is presumably the same as tunnel deployment
> across uncoordinated infrastructure now. It seems to me though, that in the
> scope we’ve restricted applicability to (see Section 11), it’s reasonable to
> assume that the infrastructure is NOT uncoordinated. We are trying to provide
> an incremental improvement over configuring tunnels by hand. I agree a “do no
> harm” principle is good, and I *think* we’ve done no harm compared to the
> status quo.
> 
> I sympathize with your goals here:
> 
> > But, I think the document needs to go in
>  
> > either of two directions here. The first is to be specific on combinations
> > of
> > tunnel and outer encapsualtion and document the assumptions about
> > capabilities
> > and requirements on the network deployment to use these zero-checksum as
> > well as
> > ECN field processing. The other direction is to make this into a framework,
> > but
> > then you are going to have to discuss these matters in the abstract and
> > likely
> > need to have signalling indicate what the egress will do in regards. 
> 
> But it seems to me that (if I understand you correctly) this is a big scope
> increase that’s likely to set us back quite a long time, and comes down to
> perfect being the enemy of good. :-/
> 
> However, I might well still be misunderstanding you. If so, I think a voice
> call might be a better way forward than continuing to iterate in email. If
> you’d like to go that route, please unicast me with some times that work for
> you? (I’m in U.S. Eastern Time.)
> 
> Thanks,
> 
> —John
> 
> > On Dec 7, 2020, at 8:38 AM, Magnus Westerlund <
> > magnus.westerlund@ericsson.com> wrote:
> > 
> > On Fri, 2020-12-04 at 20:38 +0000, John Scudder wrote:
> > > Hi Magnus,
> > > 
> > > For now I’d like to talk just about your zero-checksum point (quoted below
> > > but
> > > I’ll top-post my comments). It seems to me that the expected deployment
> > > model
> > > for tunnel-encaps, detailed in Section 11 and further strengthened after
> > > my
> > > discussion with Roman, exactly corresponds with "single administrative
> > > control” or "closely cooperating network administrations”. Here’s the
> > > Section
> > > 11 text from the current candidate version 21, after the modification:
> > > 
> > >   The Tunnel Encapsulation attribute is defined as a transitive
> > >   attribute, so that it may be passed along by BGP speakers that do not
> > >   recognize it.  However the Tunnel Encapsulation attribute MUST be
> > >   used only within a well-defined scope, for example, within a set of
> > >   Autonomous Systems that belong to a single administrative entity.
> > > 
> > > Whether it would be nice to add a “should we use UDP checksums or not”
> > > sub-TLV 
> > > anyway, as an additional bell and whistle, is up for discussion. But I
> > > don’t
> > > think it’s mandated by RFC 7510.
> >  
> > The above text clarifies the scope of this document. I think there are ways
> > of
> > avoiding a TLV for RFC 7510 usages, however, I think that this is in fact
> > through documenting the assumption in regards to this protocol usage. 
> > 
> > My point is that this document do need per tunnel protocol sections where
> > these
> > aspect can be considered in this context of this tunnel configuration
> > mechanism.
> > I am a bit uncertain in my understanding about how this BGP attribute is
> > used.
> > However, it looks to me that a decapsulator will basically tell those other
> > entities in the other AS that it cooperates with that you can establish a
> > tunnel
> > to the decapsulator in relation to a set of routes. However, if that is the
> > correct understanding then a number of assumptions are made. I think in the
> > context of RFC7510 you are assuming that zero-checksum is either MAY or MUST
> > be
> > used for this to work. If it is the later then you also put a requirement on
> > the
> > receiver of these attributes to not establish a tunnel if it thinks the
> > requirements in RFC7510 for zero-checksum is not met. 
> > 
> > To conclude I don't think you get away from discussing these aspects in the
> > document. However, it can be so that there exist no need for defining
> > additional
> > sub-tlvs for the aspects I brought up. But, I think the document needs to go
> > in
> > either of two directions here. The first is to be specific on combinations
> > of
> > tunnel and outer encapsualtion and document the assumptions about
> > capabilities
> > and requirements on the network deployment to use these zero-checksum as
> > well as
> > ECN field processing. The other direction is to make this into a framework,
> > but
> > then you are going to have to discuss these matters in the abstract and
> > likely
> > need to have signalling indicate what the egress will do in regards. 
> > 
> > From my perspective not discussing zero-checksum and ECN behavior leaves
> > implementors unaware of relevant implementation requirements. And if a
> > missmatch
> > occurrs those who sees the downside is likely not the nodes that causes the
> > issue. For the wrong ECN behaviors this has just casued a change in end-to-
> > end
> > network flow behaviors as CE marks might be dropped in the egress. For zero-
> > checksum tunnels usage where the underlying network is corrupting enough
> > packets
> > these affects those endpoints that receives corrupt packets. 
> > 
> > Cheers
> > 
> > Magnus
> > 
> > 
> > > Thanks,
> > > 
> > > —John
> > > 
> > > > On Dec 4, 2020, at 5:43 AM, Magnus Westerlund <
> > > > magnus.westerlund@ericsson.com> wrote:
> > > > 
> > > > My impression for example when it comes to zero-checksum for IPv6/UDP is
> > > > used
> > > > widely with little consideration about the potential issues. However,
> > > > this
> > > > work
> > > > is done in a WG for inter domain routing. Thus, the general context is
> > > > inter
> > > > domain routing, and that pushes the zero-checkum usage from within a
> > > > single
> > > > domain into multiple ones. Thus, the risk for errors that checksum would
> > > > detect
> > > > is different and also the potential impact of failure to verify is
> > > > different.
> > > > Thus, there might actually exist a configuraiton need for this if one
> > > > intended
> > > > to pay attention to what might be written into the user plane
> > > > specification.
> > > > Here actually we do have an issue with RFC 7510:
> > > > 
> > > > So your document states: 
> > > > 
> > > >  MPLS-in-UDP [RFC7510] is also supported, but an
> > > >  Encapsulation sub-TLV for it is not needed since there are no
> > > >  additional parameters to be signaled.
> > > > 
> > > > While if you go read Section 3.1 of RFC 7510 it states the following in
> > > > regards
> > > > to zero-checksum:
> > > > 
> > > >  The UDP checksum MUST be implemented and MUST be used in accordance
> > > >  with [RFC768] and [RFC2460] for MPLS-in-UDP traffic over IPv6 unless
> > > >  one or more of the following exceptions applies and the additional
> > > >  requirements stated below are complied with.  There are three
> > > >  exceptions that allow use of UDP zero-checksum mode for IPv6 with
> > > >  MPLS-in-UDP, subject to the additional requirements stated below in
> > > >  this section.  The three exceptions are:
> > > > 
> > > >  a.  Use of MPLS-in-UDP in networks under single administrative
> > > >      control (such as within a single operator's network) where it is
> > > >      known (perhaps through knowledge of equipment types and lower-
> > > >      layer checks) that packet corruption is exceptionally unlikely
> > > >      and where the operator is willing to take the risk of undetected
> > > >      packet corruption.
> > > > 
> > > >  b.  Use of MPLS-in-UDP in networks under single administrative
> > > >      control (such as within a single operator's network) where it is
> > > >      judged through observational measurements (perhaps of historic or
> > > >      current traffic flows that use a non-zero checksum) that the
> > > >      level of packet corruption is tolerably low and where the
> > > >      operator is willing to take the risk of undetected packet
> > > >      corruption.
> > > > 
> > > >  c.  Use of MPLS-in-UDP for traffic delivery for applications that are
> > > >      tolerant of misdelivered or corrupted packets (perhaps through
> > > >      higher-layer checksum, validation, and retransmission or
> > > >      transmission redundancy) where the operator is willing to rely on
> > > >      the applications using the tunnel to survive any corrupt packets.
> > > > 
> > > >  These exceptions may also be extended to the use of MPLS-in-UDP
> > > >  within a set of closely cooperating network administrations (such as
> > > >  network operators who have agreed to work together in order to
> > > >  jointly provide specific services).  Even when one of the above
> > > >  exceptions applies, use of UDP checksums may be appropriate when VPN
> > > >  services are provided over MPLS-in-UDP; see Section 6.
> > > > 
> > > >  As such, for IPv6, the UDP checksum for MPLS-in-UDP MUST be used as
> > > >  specified in [RFC768] and [RFC2460] for tunnels that span multiple
> > > >  networks whose network administrations do not cooperate closely, even
> > > >  if each non-cooperating network administration independently
> > > >  satisfies one or more of the exceptions for UDP zero-checksum mode
> > > >  usage with MPLS-in-UDP over IPv6.
> > > > 
> > > > So this indicate to me that there is a significant likelyhood that for
> > > > the
> > > > intended usage of these tunnel encapsulations would not qualify for the
> > > > exceptions and should use checksums. If that needs signalling or not is
> > > > the
> > > > next
> > > > question. That comes back to how the configuring node knows about
> > > > capabilities
> > > > and how one can resolve lack of a capability when signalled. 
> 
>