Re: [Int-area] Is IPv6 End-to-End? R.I.P. Architecture? (Fwd: Errata #5933 for RFC8200)
Tom Herbert <tom@herbertland.com> Thu, 27 February 2020 22:07 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4F703A0D5D for <int-area@ietfa.amsl.com>; Thu, 27 Feb 2020 14:07:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hv7koIBFZHri for <int-area@ietfa.amsl.com>; Thu, 27 Feb 2020 14:07:47 -0800 (PST)
Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E27653A0D5A for <int-area@ietf.org>; Thu, 27 Feb 2020 14:07:46 -0800 (PST)
Received: by mail-ed1-x52d.google.com with SMTP id v28so873751edw.12 for <int-area@ietf.org>; Thu, 27 Feb 2020 14:07:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gtaCzPNatFatNGHtsYfFZYlBn7leRTn7/ueo3rL75aY=; b=eNB7IMlgdv+a9c/Q61OOnTUBHiF+wn2K+09q9tipWQ+nuDYpFUgJOVXOW/eT5IWKLN bl6+8TXd99/5g+kzFgBOGdof6CKI0zHOCJ0OBpEeJl8solw01jwdRMndEzmpVW/Jkc1N Qz3hZu1+LpxZYjZnxu/sQ94LEHhj6QLESNLPbPRd0UiiDpLEecWau1sTmMwols7dnW+R W5N50Me/z4Elkk/TWy3l5Go8QvwuXPQzQ8SEvaiC/3QCCmytckubAnFFe7qXf+ecuuwL o6DhO9jbkg5wGk87QWT63kH3vxJ4a7UjIchBJUokPgbHldfgX3bZ4xvWiJiG6Wxe4pzX QaAQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gtaCzPNatFatNGHtsYfFZYlBn7leRTn7/ueo3rL75aY=; b=IZgQaZAiaLZsb4r0TwOJXo5MsnO8yhiV4Dqdo6BLwNUFVtfPtbrKFQkeRT41O9K5Ky 6StYw1WvvLcF56JsSaTyIFz2/bO5SjIS07Bbs5dLUDNzgWz8H/uIgjTT3zt//6Ognhlo 1dAQ8iNy6958e+iDx3JmYRymEG6VdFEo0JFkT5hnQrbjj29TmWtRD5lI9CIiX6qzdh6F uP6R7qqgcce+Ir7u5B3bqdLCBTbpoKcsm93drgbz45nfmLOwi15fQRndS6u7fkCLwAV4 nju/LeTUcnlS46DHAKYGCnX1a7M8Qnz0Buv8Z0IoIX6X8O4esoahlBjZSeP94zb5Q8U3 2JRA==
X-Gm-Message-State: APjAAAVtJtB9zh1OMtZZeHnvrcmcfV5t1NmB1N8dn9Ffw7g4HGLaW3CA ybEmlE7xl8oKHW605wpfQNIhX9373pCemG3uQipGMw==
X-Google-Smtp-Source: APXvYqw1WBrsgdCUzoDt9RClPlKtOlzkEg0VekjqRvuv+jC8U015UnBEnCWX+a6pzHyqeB2B4mbIwWUuITwXOWVNNe4=
X-Received: by 2002:a17:906:4b10:: with SMTP id y16mr1080440eju.304.1582841265095; Thu, 27 Feb 2020 14:07:45 -0800 (PST)
MIME-Version: 1.0
References: <876c9105-3da4-e614-2db0-bea025b54663@si6networks.com> <7749f91f-03f1-cc14-bae8-5fe68c88879f@si6networks.com>
In-Reply-To: <7749f91f-03f1-cc14-bae8-5fe68c88879f@si6networks.com>
From: Tom Herbert <tom@herbertland.com>
Date: Thu, 27 Feb 2020 14:07:33 -0800
Message-ID: <CALx6S36wN7VEi_rxLC1ETcTvkGaPhs20KhQrGWAGGTrCL5OT+g@mail.gmail.com>
To: Fernando Gont <fgont@si6networks.com>
Cc: "ietf@ietf.org" <ietf@ietf.org>, Internet Architecture Board <iab@iab.org>, Internet Area <int-area@ietf.org>, architecture-discuss@iab.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/CQkbAbkPi5LWH8ooEyQQdydNfnw>
Subject: Re: [Int-area] Is IPv6 End-to-End? R.I.P. Architecture? (Fwd: Errata #5933 for RFC8200)
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2020 22:07:50 -0000
Fernando, I think we need to be careful that IETF is labeled as a collection of inflexible architectural purists. We know that standards conformance is voluntary and we haven't seen the last time that someone, possibly even a major vendor, will circumvent the system for their own purposes. IMO extension header insertion is a great example of that. On one hand we have people quoting IPv6 saying that it isn't allowed per RFC8200-- period! And on other side there are proponents that see a real need for it and believe they have clear use case-- at one presentation in IETF a proponent bluntly stated that regardless of any discussion in IETF they're going to do it! IMO, what we haven't seen, was a real attempt to resolve and work out the engineering issues. That's not for lack of trying-- for instance I proposed a direction to try for an engineering compromise in draft-herbert-6man-eh-attrib-00, but saw little discussion on that. Tom On Thu, Feb 27, 2020 at 1:43 PM Fernando Gont <fgont@si6networks.com> wrote: > > Folks, > > If you haven't been following recent developments in the Spring WG, you > may be surprised about some of the work that is being pursued (or was > being pursued)- > > Such work has included proposing that some IPv6 routers insert and > remove routing headers en-route to the final destination. > > After many very heated and lengthy debates, some of this work was > dropped, but other remains (e.g. routers removing IPv6 EHs from packets > en-route to their final destination, part of what they call "PSP"). For > the most part, the proponents have argued that "we have implemented it, > and the industry wants it" -- as if we just have to rubberstamp what > they have done. > > On the technical side, the proponents have argued that: > > If a packet employs source routing (and hence its Destination > Address is modified en-route to direct the packet through each > of these "waypoints"), then any of such "waypoint" routers are > free to add or remove IPv6 extension headers at will. (No, not > encap/decap, but rather add/remove EHs from the IPv6 header > chain). > > That seems to me like a very major deviation from what's supposed to be > our current "architecture", where IPv6 is an end to end protocol. > Besides, it should be obvious that removal/insertion of EHs en-route > error reporting (since host typically check that the ICMP errors they > receive correspond to something that they actually sent). > > > A number of us have raised this a number of times, and at least some of > us feel that our concerns are being ignored. > > It would seem to me that these documents and decisions have a concrete > impact on our architecture, and that they are being pursued without any > proper oversight. There is also a widespread feeling that having one or > a few big vendors pushing these ideas might be playing a role here. > > (See, for instance: > > * https://mailarchive.ietf.org/arch/msg/ipv6/Er7LR_VrsJLko_QnqEKTXvPcpj4/ > > * https://mailarchive.ietf.org/arch/msg/ipv6/gG7Fbz0R030g55oW1mvckj0THwc/ > ) > > What I would expect is that all thes major changes to our existing > architecture and protocols would only done by formally updating existing > standards *if* deemed appropriate, as opposed to just trying to sneak > changes "when nobody is watching", or by having very curious > interpretations of our protocols and standards. > > I've raised the topic to our AD (Suresh), to the IAB, and on the arch-d > list before, but so far haven't been lucky or seen anything meaningful > happen in this area. > > I have also submitted an errata to make RFC8200 even more clear on the > topic, but it remains unprocessed. > > So my questions are: > > * On the technical area: > > + Is IPv6 an End To End protocol? Or is the IETF's stance that > routers are free to mangle with the packet structure as they please? > > + Was IPv6 designed that way? And if it wasn't, when/how was the > architecture changed? > > > * On the procedural area: > > + Where/how should IETF WGs seek for architecture-related advice? > > + What do do in situations like the above? Wait and see how things > evolve, and upon any formal decisions, just submit formal Appeals > if deemed necessary? (and after way too much energy consumed from > everyone) > > I would have expected that as soon as these issues were raised, > the offending text would be removed rightaway. But that wasn't > the case. And when the changes did happen, it wasn't without > an extraordinary waste of time and energy from all of us. > For instance, any work on IPv6 header insertion/deletion wouldn't > seem to fit within the charters of the 6man or spring wgs. > > > FWIW, this is not the first instance of issues surrounding the same > topic. It goes back to the rfc2460bis effort, when a similar set of > folks (too many from one big vendor) got to have 6man ship > what became RFC8200 with a noted "ambiguity", just to be able > to have some playground for EH insertion/deletion. And we only got > to improve on that during IETF LC: > > (see: > https://mailarchive.ietf.org/arch/msg/ipv6/Kp76SONpyqWneNgvtc8sh-fGAu0/) > > > Thoughts or advice on the technical and/or procedural aspects will be > appreciated. > > Thanks! > > Cheers, > Fernando > > > > > -------- Forwarded Message -------- > Subject: Errata #5933 for RFC8200 > Date: Thu, 27 Feb 2020 17:07:36 -0300 > From: Fernando Gont <fgont@si6networks.com> > To: Suresh Krishnan <suresh.krishnan@gmail.com> > CC: 6man@ietf.org <6man@ietf.org> > > Suresh, > > Two months ago I filled an errata on RFC8200 regarding the processing of > IPv6 extension headers. The errata is available here: > https://www.rfc-editor.org/errata/eid5933 > > While I believe that folks with a knowledge of Internet Protocols would > be able to interpret what is in RFC8200, given recent discussions on the > topic, and upon a re-read of the text, I believe a clarification is > warranted, such that we allow all sorts of curious interpretations of > the text. > > I send a heads-up on the 6man mailing list > (https://mailarchive.ietf.org/arch/msg/ipv6/6MPs25WvSMD6vVT0ekaMYjAwM6c/), > and the proposed text received the review of at least Brian Carpenter, > Ron Bonica, and Mark Smith. Their reviews are available on such thread. > > In the light that some folks seem to be pretending to leverage "the lack > of clarify" in RFC8200 (an Internet Standard) to violate it, I'd > appreciate that the reported errata be processed. > > Processing the aforementioned errata is key to many of the discussions > this and other WGs are having. > > Thanks, > -- > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org > https://www.ietf.org/mailman/listinfo/int-area
- [Int-area] Is IPv6 End-to-End? R.I.P. Architectur… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Phillip Hallam-Baker
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Bernard Aboba
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Mark Andrews
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Phillip Hallam-Baker
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Phillip Hallam-Baker
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Christian Huitema
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Bernard Aboba
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Phillip Hallam-Baker
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Dino Farinacci
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Bernard Aboba
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joseph Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joseph Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Joseph Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P. Ar… Guntur Wiseno Putra
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P. Ar… Guntur Wiseno Putra
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Phillip Hallam-Baker
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Phillip Hallam-Baker
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Tom Herbert
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joseph Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Joseph Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Andrew Alston
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joseph Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Andrew Alston
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P. Ar… Guntur Wiseno Putra