IETF Logo Mail Archive

Re: [Int-area] I-D Action: draft-herbert-ipv4-udpencap-eh-00.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 05 March 2019 19:42 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC15F13113E for <int-area@ietfa.amsl.com>; Tue, 5 Mar 2019 11:42:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x7VrWtZ4k_ku for <int-area@ietfa.amsl.com>; Tue, 5 Mar 2019 11:42:05 -0800 (PST)
Received: from mail-pg1-x532.google.com (mail-pg1-x532.google.com [IPv6:2607:f8b0:4864:20::532]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 333EF131305 for <int-area@ietf.org>; Tue, 5 Mar 2019 11:42:05 -0800 (PST)
Received: by mail-pg1-x532.google.com with SMTP id h8so6330337pgp.6 for <int-area@ietf.org>; Tue, 05 Mar 2019 11:42:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=KzqGt6oq1WjkMXjiEo3gg+VUlnvacoGSGD+4dl8c80g=; b=b1TBMAvQajnt2g443OINZiUCD6zWYGkK4N+Ll18FZKRrv/E0qaxXIWbT9myBqUHbKf JpvVMoSj1jwG+11HWNoVj+BinHfux3wzlE1HhQ3wLJrgrETwRHb52xCTF73cnRK8Y2K6 MvbS74OUuc9jqyLY6LNAfOH52Hc7bppPihUv4j79lnCZgY8xlJtlMv3zhDqGbLoutoWD 3icPGL8FA52Vk/u7at1cJvYwlOubJU1S2sccwIPmLw6euL5Lh4LbVYwmO9v/LKm/agVv 7Sk5iV2QcKgfI/XVO7uzSl7YOM6qVtI2mWmKxnOLLwEneOV1iCtXVkUrUqiB0KRF8Ybp Nb8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=KzqGt6oq1WjkMXjiEo3gg+VUlnvacoGSGD+4dl8c80g=; b=CwRajxaqPoPOGJCjS9inC6WxNAHmI7idP+A55JZgPdzrNn6Ge4AESihK5A4mBKiwAD /+Q1IicFbAyuTPCcYxgE6tafC96NP3efyZdXTSL2vPvgq+wjnVhBsexpkakBMY9YiKwd F09IAkC8y5wRvjsWOOkDeB/FZA4Jz7qO1QVxbxYpcrH6ZE71ntNJezsj/t1XbqtynwMx K3GyJPCfXJIEeJ5eClPkrM7MU19QtSL/LBf0SV2qo8P1hm7fn/VURltq5SU5YZROg2Zn JAVP44BfcwOuKPqYwsHR3yQkVrnfSHALFjdXAX2ELKHE5UXEtl7UgRGLnJczeyr9IS9n Y+bA==
X-Gm-Message-State: APjAAAW2hl8G1e9mc0YXwPH/gaM5IRDv+ET1aKSsSxDGRG56YyHKu03b lZ61vP/jGmX0UyYpP7LQgqC6UCun
X-Google-Smtp-Source: APXvYqywHtCa6V/pGP9jpBAP3C9LN7xVFlUaNEXaRJkRZ/eNa7gTmxGgi4+fvGtWEwZCuNfzJsvK+Q==
X-Received: by 2002:a17:902:4181:: with SMTP id f1mr2965500pld.280.1551814924293; Tue, 05 Mar 2019 11:42:04 -0800 (PST)
Received: from [192.168.178.30] ([118.148.79.176]) by smtp.gmail.com with ESMTPSA id o2sm21099614pfa.76.2019.03.05.11.42.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 05 Mar 2019 11:42:03 -0800 (PST)
To: Tom Herbert <tom@herbertland.com>
Cc: int-area <int-area@ietf.org>
References: <155129875566.13940.2872169346710477964@ietfa.amsl.com> <946a3fea-79e7-893c-3b2c-f54fa634339b@gmail.com> <CALx6S36_2z6X1fJ1=0ZzVw_MqxbJETx-w6aMGbzUcJiTJfpeSQ@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <53f932cc-c6a2-b166-ee0d-d662368f2865@gmail.com>
Date: Wed, 06 Mar 2019 08:41:59 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version: 1.0
In-Reply-To: <CALx6S36_2z6X1fJ1=0ZzVw_MqxbJETx-w6aMGbzUcJiTJfpeSQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/AQKf1CGMHqrNMj59Tz2Q-ivbUyM>
Subject: Re: [Int-area] I-D Action: draft-herbert-ipv4-udpencap-eh-00.txt
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2019 19:42:08 -0000

On 06-Mar-19 05:42, Tom Herbert wrote:
> Hi Brian,
> 
> On Mon, Mar 4, 2019 at 5:37 PM Brian E Carpenter
> <brian.e.carpenter@gmail.com> wrote:
>>
>> Hi,
>>
> Hi Brian,
> 
> Thanks for the comments!
> 
>> This is an interesting draft, but I must say I have serious doubts about
>> the IETF working on any significant update to IPv4 at the IP header level,
>> or of any such updates ever making it into the operational network.
>>
> 
> I understand the concern. It's probably true that extension headers in
> IPv4 wouldn't be very usable in today's Internet. Undoubtedly, many
> middleboxes would block them. But that's not because middleboxes are
> concerned about a threat of extension headers in IPv4, it's more
> because some middleboxes drop packets with any protocols they don't
> understand (pretty much leaving only TCP and UDP as being usable
> protocols on the Internet). There are some potential mitigations to be
> pointed out:
> 
> - IPv4 already supports at least two extension headers, namely ESP and
> AH. They might not be called extension headers, but they have the same
> format and function as IPv6 cognates.
> - There's no concept of HBH options in IPv4 as needing to be processed
> by every node in the path, so the relaxed processing requirement of
> RFC8200 can be set from the start without legacy issues.
> - This doesn't actually change IP header, it is just enabling new
> values in the protocol field. In a host implementation this is very
> straightforward and in some ways it's a simplification to to be more
> like IPv6.
> - UDP encapsulation of extension headers could serve to make extension
> headers transparent to middleboxes.
> - It is conceivable to only allow extension headers in UDP
> encapsulation thereby eliminating the problem of making a core update
> to IPv4. IPv4 extension headers would be defined as part of an
> encapsulation protocol.
> - IPv4 extension headers could be another use case for limited domains.
> 
>> On the other hand, I think the idea of a UDP encapsulation of extension
>> headers is very interesting. I'm not sure I understand all the implications
>> yet, and I'm not sure why the format can't be defined simply by a normative
>> reference to RFC8200. The idea of having a duplicate format definition
>> is a bit scary.
> 
> Some implications are described in the document. When encapsulating
> transport packets within UDP the IP header for the encapsulated
> transport header needs to be deterministic, how to deal with NAT and
> encapsulated transport checksum needs a solution. Intermediate nodes
> parsing HBH embedded options is tricky since that requires them to
> inspect UDP payloads and potential modify the payload. For that, a
> magic number is used to minimize the possibility of misinterpretation
> of UDP payload type. If you think of other implications please bring
> them up.
> 
> I'm not sure what the comment on duplicate format definition refers
> to. Perhaps this is about the the description of extension headers for
> IPv4 in the draft?

Yes. I'd rather see them defined as IPv6 extension headers patched for
IPv4, with no duplication of other parts of the definitions. Otherwise
there'll be a risk of them drifting apart.

   Brian    
> 
> Thanks,
> Tom
> 
> 
> 
> 
>>
>> Regards
>>    Brian Carpenter
>>
>> On 28-Feb-19 09:19, internet-drafts@ietf.org wrote:
>>>
>>> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>>>
>>>
>>>         Title           : IPv4 Extension Headers and UDP Encapsulated Extension Headers
>>>         Author          : Tom Herbert
>>>       Filename        : draft-herbert-ipv4-udpencap-eh-00.txt
>>>       Pages           : 27
>>>       Date            : 2019-02-27
>>>
>>> Abstract:
>>>    This specification defines extension headers for IPv4 and a method to
>>>    encapsulate extension headers in UDP to facilitate transmission over
>>>    the Internet. The goal is to provide a uniform and feasible method of
>>>    extensibility that is shared between IPv4 and IPv6.
>>>
>>>
>>> The IETF datatracker status page for this draft is:
>>> https://datatracker.ietf.org/doc/draft-herbert-ipv4-udpencap-eh/
>>>
>>> There are also htmlized versions available at:
>>> https://tools.ietf.org/html/draft-herbert-ipv4-udpencap-eh-00
>>> https://datatracker.ietf.org/doc/html/draft-herbert-ipv4-udpencap-eh-00
>>>
>>>
>>> Please note that it may take a couple of minutes from the time of submission
>>> until the htmlized version and diff are available at tools.ietf.org.
>>>
>>> Internet-Drafts are also available by anonymous FTP at:
>>> ftp://ftp.ietf.org/internet-drafts/
>>>
>>> _______________________________________________
>>> I-D-Announce mailing list
>>> I-D-Announce@ietf.org
>>> https://www.ietf.org/mailman/listinfo/i-d-announce
>>> Internet-Draft directories: http://www.ietf.org/shadow.html
>>> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>>>
>

v2.23.0 | Report a Bug | By Email