Re: [Int-area] [EXTERNAL] Re: "Identification Extension for the Internet Protocol" question
"Templin (US), Fred L" <Fred.L.Templin@boeing.com> Mon, 27 November 2023 21:18 UTC
Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43A89C15152E for <int-area@ietfa.amsl.com>; Mon, 27 Nov 2023 13:18:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=boeing.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zy-PPDFOXWrO for <int-area@ietfa.amsl.com>; Mon, 27 Nov 2023 13:18:46 -0800 (PST)
Received: from clt-mbsout-02.mbs.boeing.net (clt-mbsout-02.mbs.boeing.net [130.76.144.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CDC8C15152B for <int-area@ietf.org>; Mon, 27 Nov 2023 13:18:46 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by clt-mbsout-02.mbs.boeing.net (8.15.2/8.15.2/DOWNSTREAM_MBSOUT) with SMTP id 3ARLIfnl001339; Mon, 27 Nov 2023 16:18:45 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=boeing.com; s=boeing-s1912; t=1701119925; bh=kkmiDtEY2Hp9PZgW82cHDdjha0ZAqANr0YhhFr6EJec=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=N0WLk0BodRyDh9I3V5TbCQ5QSqDv2egdAwxmnxXCaNGK/upesu/FwMqeXg009gTcV ZWlBEjD6/WI1wfvs7KSy5XWpSsdzFFNCTnw8G7hJkzanQSF4Zy1zBRbCx3yX0zkQUZ jR/Fq37To91QFQpUBhwQxKCOpwnQQB26giCLyEcPmrq8ktj0BfjfVm6uPD/wlBncbQ fpgyYXzfm4GO5vKx8RSn4TC0GO5NCQpE8laE6dVGwqPRL+7JGpM5uCRAxBUSainFm8 QQ8mvC4fOnrauzz8uVLMvjfOjLjUvyV4xpbLoahXkBlwnrpc5chAxqC1q5J6tLsl8L 3Hqfj/+J1zMng==
Received: from XCH16-07-11.nos.boeing.com (xch16-07-11.nos.boeing.com [144.115.66.113]) by clt-mbsout-02.mbs.boeing.net (8.15.2/8.15.2/8.15.2/UPSTREAM_MBSOUT) with ESMTPS id 3ARLId12001307 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 27 Nov 2023 16:18:39 -0500
Received: from XCH16-07-10.nos.boeing.com (144.115.66.112) by XCH16-07-11.nos.boeing.com (144.115.66.113) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.34; Mon, 27 Nov 2023 13:18:38 -0800
Received: from XCH16-07-10.nos.boeing.com ([fe80::e065:4e77:ac47:d9a8]) by XCH16-07-10.nos.boeing.com ([fe80::e065:4e77:ac47:d9a8%2]) with mapi id 15.01.2507.034; Mon, 27 Nov 2023 13:18:38 -0800
From: "Templin (US), Fred L" <Fred.L.Templin@boeing.com>
To: Tom Herbert <tom@herbertland.com>
CC: int-area <int-area@ietf.org>
Thread-Topic: [EXTERNAL] Re: "Identification Extension for the Internet Protocol" question
Thread-Index: AdohVPZrR8Q1pGq9T76iSQds3s2C/gAVk8WAAA5qz1D//6XnAIAAggLg
Date: Mon, 27 Nov 2023 21:18:37 +0000
Message-ID: <5c5ffc998c4842eebc4e125fa2e95ccd@boeing.com>
References: <094c53a9ba324c5f85eed1884dcc8aaa@boeing.com> <CALx6S34BPWqmMcp7LTngCyCqWP8U9JK4Lzxyjk1VAqDZeHsu6Q@mail.gmail.com> <49a3541d59364a9cb63e7a1099887874@boeing.com> <CALx6S36W14+_QZHk_6iBr4+eHmq5Zuxq2dxWKE+rSqZStx44+A@mail.gmail.com>
In-Reply-To: <CALx6S36W14+_QZHk_6iBr4+eHmq5Zuxq2dxWKE+rSqZStx44+A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [137.137.12.6]
x-tm-snts-smtp: 2D69374112A03FAA7A93F6B1D06C307EF0D7CAA244566C08E359006E709BC76A2000:8
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-GCONF: 00
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/R5n94wkY0uOhgVO_FVBPWXKXnns>
Subject: Re: [Int-area] [EXTERNAL] Re: "Identification Extension for the Internet Protocol" question
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Internet Area WG Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Nov 2023 21:18:50 -0000
I will take a swing at what I have in mind, run it up the flagpole in 6man, and see what happens there. Thanks - Fred > -----Original Message----- > From: Tom Herbert <tom@herbertland.com> > Sent: Monday, November 27, 2023 1:01 PM > To: Templin (US), Fred L <Fred.L.Templin@boeing.com> > Cc: int-area <int-area@ietf.org> > Subject: Re: [EXTERNAL] Re: "Identification Extension for the Internet Protocol" question > > EXT email: be mindful of links/attachments. > > > > On Mon, Nov 27, 2023 at 12:42 PM Templin (US), Fred L > <Fred.L.Templin@boeing.com> wrote: > > > > Tom, > > > > > > I think the best way forward would be to simply define a HBH option > > > > that includes an Identification extension to the standard Fragment > > > > Header, as per my draft -05: > > > > > > > Hi Frad, > > > > > > The problem with that is that the correct processing of the Fragment > > > Header would depend on a HBH option, so that HBH can't be ignored by > > > the receiving host lest the fragment header is incorrectly processed. > > > So the HBH option high order bits can't be 00 (skip when unknown). > > > > If the source has some sort of operational assurance that the destination will > > recognize the HBH option, then it should be OK to include the option even if > > the high order bits are 00. And, that is plenty good enough for me. > > Fred, > > Unfortunately, that probably wouldn't be good enough for IETF. IP is > an inherently stateless protocol and receiver processing must be > correctly done just based on a packet's contents; we can never assume > that there is external context needed to correctly process IP packets. > Introducing statefulness into IP makes it a best effort protocol (this > is the first time someone's suggested this) that might work almost all > the time-- like maybe 99.999%. But, 99.999% isn't 100% and that is > enough to say the protocol isn't robust. In practice, at full Internet > scale, someone, somewhere will inevitably see that some operation > assurance fails-- when that happens it cannot lead to detrimental > behaviors. If you can account for all possible behaviors and show that > there are no detrimental behaviors in the edge condition, then the > protocol might be considered robust. > > Tom > > > > > Thanks - Fred > > > > > -----Original Message----- > > > From: Tom Herbert <tom@herbertland.com> > > > Sent: Monday, November 27, 2023 11:31 AM > > > To: Templin (US), Fred L <Fred.L.Templin@boeing.com> > > > Cc: int-area <int-area@ietf.org> > > > Subject: [EXTERNAL] Re: "Identification Extension for the Internet Protocol" question > > > > > > EXT email: be mindful of links/attachments. > > > > > > > > > > > > On Mon, Nov 27, 2023 at 9:24 AM Templin (US), Fred L > > > <Fred.L.Templin@boeing.com> wrote: > > > > > > > > Hi Tom, > > > > > > > > > -----Original Message----- > > > > > From: Tom Herbert <tom@herbertland.com> > > > > > Sent: Monday, November 27, 2023 9:00 AM > > > > > To: Templin (US), Fred L <Fred.L.Templin@boeing.com> > > > > > Cc: int-area <int-area@ietf.org> > > > > > Subject: Re: "Identification Extension for the Internet Protocol" question > > > > > > > > > > On Mon, Nov 27, 2023 at 8:01 AM Templin (US), Fred L > > > > > <Fred.L.Templin@boeing.com> wrote: > > > > > > > > > > > > Hi Tom, > > > > > > > > > > > > > -----Original Message----- > > > > > > > From: Tom Herbert <tom@herbertland.com> > > > > > > > Sent: Friday, November 24, 2023 11:33 AM > > > > > > > To: Templin (US), Fred L <Fred.L.Templin@boeing.com> > > > > > > > Cc: int-area <int-area@ietf.org> > > > > > > > Subject: Re: "Identification Extension for the Internet Protocol" question > > > > > > > > > > > > > > On Wed, Nov 22, 2023 at 10:57 AM Templin (US), Fred L > > > > > > > <Fred.L.Templin@boeing.com> wrote: > > > > > > > > > > > > > > > > Tom, please have another look at the draft – it gets the job done without requiring any new kinds of IPv6 extension headers, > HBH > > > > > options, > > > > > > > etc,: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://datatracker.ietf.org/doc/draft-templin-intarea-ipid-ext/ > > > > > > > > > > > > > > Hi Fred, > > > > > > > > > > > > > > From the draft: "For an advanced Identification, this specification > > > > > > > permits the source to include a second Fragment Header immediately > > > > > > > following the first such that the two are bonded together to create a > > > > > > > conceptual IPv6"-- How would this be processed for a legacy receiver > > > > > > > that doesn't understand these headers are to be bonded? > > > > > > > > > > > > > > From the draft: "For the second Fragment Header, only the Next Header > > > > > > > field is interpreted as a control field that MUST encode the value N > > > > > > > corresponding to the next header to follow while the remaining 7 > > > > > > > octets are interpreted as an Identification Extension."-- This is > > > > > > > repurposing fields in a standard protocol header. Even if it > > > > > > > functionally works, this can break diagnostics and debugging tools in > > > > > > > deployment. > > > > > > > > > > > > How would it be if instead of repurposing the fragmentation control fields > > > > > > in the second Fragment Header we instead make them to be identical copies > > > > > > of the same fields that occurred in the first Fragment Header? Then, the > > > > > > Identification field in the first FH would contain the low-order 4 octets > > > > > > while the Identification field in the second FH would contain the > > > > > > high-order 4 octets of an 8-octet (64-bit) extended Identification, > > > > > > while the fragmentation control fields are identical? I would ideally > > > > > > like to be able to support Identification extension all the way out to > > > > > > 128bits, but I would be happy with 64bits for now. > > > > > > > > > > Hi Fred, > > > > > > > > > > I think the question to be asked is what happens if we send two > > > > > Fragment Headers to a host that is conformant with RFC8200 but unaware > > > > > of the proposed semantics. I don't believe this would "just work" and > > > > > probably a receiver would re-assemble the based on the first header > > > > > resulting in an ill-formed fragment which I suppose would most likely > > > > > timeout since reassembly wouldn't complete. Is the behavior > > > > > deterministic? Are there security ramifications? etc. > > > > > > > > OK, I am willing to let this go. It might be worth adding something to an > > > > "EH limits" draft saying what should be done with IPv6 packets that contain > > > > more than one Fragment Header - should they simply be dropped, for instance? > > > > > > > > > > > IMO, defining a new Hop-by-Hop option for fragmentation still seems > > > > > > > more palatable. > > > > > > > > > > > > This kind of comes back full circle to where this began, where in draft versions > > > > > > -05 and before my original proposal was to use a HBH option for Identification > > > > > > extension maintained separately from the Fragment Header: > > > > > > > > > > > > https://datatracker.ietf.org/doc/draft-templin-intarea-ipid-ext/05/ > > > > > > > > > > > > Are you suggesting to go back to that approach? > > > > > > > > > > > > > General comments: > > > > > > > > > > > > > > Defining a new Hop-by-Hop option for fragmentation still seems more > > > > > > > palatable to me. > > > > > > > > > > > > Oh, so maybe what you are suggesting is a "full service" HBH option that > > > > > > includes not only the (extended) Identification but also the same type of > > > > > > fragmentation control fields that occur in the Fragment Header? So, in > > > > > > other words, to support the fragmentation operation one would use this > > > > > > new HBH option instead of (and not in addition to) the standard FH? If > > > > > > so, I get the picture but I wonder how it would work. IPv6 extension > > > > > > header order is: > > > > > > > > > > > > IPv6 header > > > > > > Hop-by-Hop Options header > > > > > > Destination Options header (note 1) > > > > > > Routing header > > > > > > Fragment header > > > > > > Authentication header (note 2) > > > > > > Encapsulating Security Payload header (note 2) > > > > > > Destination Options header (note 3) > > > > > > Upper-Layer header > > > > > > > > > > > > So, if fragmentation controls occurred in the HBH header, wouldn't it > > > > > > foul up any intermediate destinations that may be named in a Routing > > > > > > Header that follows? Even if we made it as a Destination Option and > > > > > > not a HBH, the Routing Header still occurs internally to each fragment, > > > > > > right? Can you picture a way to orchestrate the fragmentation and > > > > > > reassembly processes at the HBH level that would not impede > > > > > > Routing Header processing? Or, maybe as long as the headers > > > > > > still appear in the same order as above everything just works out? > > > > > > > > > > > > > > > > Yes, you are correct. Fragmentation in HBH with a Routing Header > > > > > wouldn't work. Destination options might be the only robust way. > > > > > > > > There are two places where Destination Options can occur - immediately > > > > before the Routing Header (note 1 above) or immediately before the > > > > Upper-Layer header (note 3 above). The first alternative runs into the > > > > same problem as for HBH, and the second alternative both requires > > > > altering Next Header field contents and also occurs after any security > > > > headers whereas fragmentation should occur before the security > > > > headers. > > > > > > > > I think the best way forward would be to simply define a HBH option > > > > that includes an Identification extension to the standard Fragment > > > > Header, as per my draft -05: > > > > > > > Hi Frad, > > > > > > The problem with that is that the correct processing of the Fragment > > > Header would depend on a HBH option, so that HBH can't be ignored by > > > the receiving host lest the fragment header is incorrectly processed. > > > So the HBH option high order bits can't be 00 (skip when unknown). We > > > could make the HBH option type 01 to ensure the destination host knows > > > about the new semantics of the Frag header or drops the packet. The > > > problem with that is that any router in the path that doesn't > > > understand the new option could potentially drop the packet. This > > > doesn't work in Destination Options before the routing header either, > > > if we set the type to 01 then in DestOpts before the routing header > > > then intermediate nodes may drop the packet. > > > > > > I believe the best chance to add an alternative fragmentation in the > > > IP layer is to define a new Destination option (not before the routing > > > header), high order bits 01, contain the real NextHeader value, and > > > set the DestOpts NextHeader to 47. If the destination host doesn't > > > recognize the option then it will drop the packet, and if the option > > > is supported by the destination host then reassembly can occur and the > > > next header in the reassembled packet following the Destination > > > Options is from the NextHeader field of the option (in the first > > > fragment). If any routers in the path attempt to skip over the > > > Destination options header looking for the transport layer, like they > > > might do for port filtering, then they won't be able to do anything > > > with data after the DestOpts since its type is "no next header" (47). > > > > > > One problem with this approach is that Auth and ESP header come before > > > Destination Options in RFC8200 ordering recommendation, we'd really > > > want the DestOps containing a fragment option to come before them > > > (like at the same position in recommended ordering as Frag Header). I > > > don't believe this is a show stopper because the ordering and number > > > of occurrences of EH are only recommendations in RFC8200, but there > > > should be some thought into any potential ramifications if this path > > > is taken. > > > > > > Tom > > > > > > > https://datatracker.ietf.org/doc/draft-templin-intarea-ipid-ext/05/ > > > > > > > > and let fragmentation and reassembly operate at the same levels > > > > they always have. What do you think? > > > > > > > > > > > IMO, it would be better to discuss IPv4 and IPv6 in separate drafts. > > > > > > > For instance, the changes you're suggesting for IPv6 would be under > > > > > > > the auspices of 6man. IPv4 changes I suppose fall under int-area. I > > > > > > > also suspect it's more likely that an extended ID would be accepted > > > > > > > into IPv6 than IPv4. > > > > > > > > > > > > I would not be opposed to splitting the document if it would help > > > > > > forward progress. > > > > > > > > > > > > > Also, I would suggest just focusing on what's needed for a larger > > > > > > > Fragment Identification to IP; I think there might be an argument to > > > > > > > be made for that. In particular, I suggest removing discussions or > > > > > > > references to IP Parcels or OMNI as they don't seem essential to the > > > > > > > goal of a larger fragment identifier. > > > > > > > > > > > > I could see removing the references to IP parcels and OMNI, but I > > > > > > think we still need to define the new PTB Code values since the > > > > > > control messaging aspects of what is being proposed are equally > > > > > > as important as the Identification extension itself. Can we keep at > > > > > > least that much in a new reduced-scope draft that would go to 6man? > > > > > > > > > > Sure, maybe it could be listed some use cases as informative > > > > > references. It's going to be easier for your readers if a draft like > > > > > this is self-contained and doesn't require a working knowledge outside > > > > > of IPv4 or IPv6 protocol. > > > > > > > > Maybe a non-normative appendix? > > > > > > > > Thank you - Fred > > > > > > > > > Tom > > > > > > > > > > > > > > > > > > > > > > Thank you - Fred > > > > > > > > > > > > > Tom > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you – Fred > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > From: Templin (US), Fred L <Fred.L.Templin=40boeing.com@dmarc.ietf.org> > > > > > > > > Sent: Tuesday, November 21, 2023 7:14 PM > > > > > > > > To: Tom Herbert <tom@herbertland.com>; Templin (US), Fred L <Fred.L.Templin@boeing.com> > > > > > > > > Cc: int-area <int-area@ietf.org> > > > > > > > > Subject: RE: [EXTERNAL] Re: "Identification Extension for the Internet Protocol" question > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Tom, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >The bar for creating any new EH is high. If the data needs to be read or modified by routers then Hop-by-Hop Options is > > > appropriate, > > > > > if > > > > > > > it's only read at the end host or intermediate nodes then Destination Options should be used. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The Identification needs to be included in the Per-Fragment headers, so I guess that means it needs to be “Hop-by-Hop > Option”, > > > right? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks - Fred > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > From: Tom Herbert <tom@herbertland.com> > > > > > > > > Sent: Tuesday, November 21, 2023 4:22 PM > > > > > > > > To: Templin (US), Fred L <Fred.L.Templin=40boeing.com@dmarc.ietf.org> > > > > > > > > Cc: Templin (US), Fred L <Fred.L.Templin@boeing.com>; int-area <int-area@ietf.org> > > > > > > > > Subject: [EXTERNAL] Re: "Identification Extension for the Internet Protocol" question > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > EXT email: be mindful of links/attachments. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, Nov 21, 2023, 2:45 PM Templin (US), Fred L <Fred.L.Templin=40boeing.com@dmarc.ietf.org> wrote: > > > > > > > > > > > > > > > > Tom, I am going to circle back again to where this all started many draft versions ago. Based on > > > > > > > > > > > > > > > > my read of RFC6564 and how that was then taken up in RFC8200, it looks like the barrier would > > > > > > > > > > > > > > > > be very high to specify any new extension header that does not begin with the two 1-octet > > > > > > > > > > > > > > > > fields “Next Header” and “Hdr Ext Len”. The reason for that specification is to ensure backwards > > > > > > > > > > > > > > > > compatibility for widely-deployed hardware in the rare event that a new extension header would > > > > > > > > > > > > > > > > be defined. So, going back to what I said in earlier draft versions, wouldn’t it be better if we just > > > > > > > > > > > > > > > > put the Identification extension in a Hop-by-Hop option instead of defining a new Fragment > > > > > > > > > > > > > > > > Header type? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Fred, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The bar for creating any new EH is high. If the data needs to be read or modified by routers then Hop-by-Hop Options is > > > appropriate, if > > > > > it's > > > > > > > only read at the end host or intermediate nodes then Destination Options should be used. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Tom > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Fred > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > From: Int-area <int-area-bounces@ietf.org> On Behalf Of Templin (US), Fred L > > > > > > > > Sent: Tuesday, November 21, 2023 1:30 PM > > > > > > > > To: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org> > > > > > > > > Cc: int-area <int-area@ietf.org> > > > > > > > > Subject: Re: [Int-area] [EXTERNAL] Re: "Identification Extension for the Internet Protocol" question > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Tom, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 4 bytes per packet worth of wasted transmission is a pain point experienced by all nodes on > > > > > > > > > > > > > > > > the local (shared) transmission media as well as along the networked path – not just for the > > > > > > > > > > > > > > > > original source and final destination. Conversely, an odd-sized roadblock in the middle of a > > > > > > > > > > > > > > > > path of otherwise 8-octet-aligned stepping stones is a processing anomaly experienced only > > > > > > > > > > > > > > > > by the forwarding nodes and end systems on the path. And, how bad would that be, really? > > > > > > > > > > > > > > > > There is currently no hardware logic that recognizes the IPv6 Extended Fragment Header > > > > > > > > > > > > > > > > (since it does not yet exist) and software logic can easily be made to step around an 8-octet > > > > > > > > > > > > > > > > alignment anomaly until ASICs begin to emerge that can do it more efficiently. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > So, I say we bend the rules and make the IPv6 Extended Fragment Header as the sole > > > > > > > > > > > > > > > > exception IPv6 extension header that does not support 8-octet alignment. All it would > > > > > > > > > > > > > > > > take is an update to RFC8200, but we already have to do that in order to define a new > > > > > > > > > > > > > > > > extension header type. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Fred > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > From: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org> > > > > > > > > Sent: Tuesday, November 21, 2023 1:11 PM > > > > > > > > To: Templin (US), Fred L <Fred.L.Templin@boeing.com> > > > > > > > > Cc: int-area <int-area@ietf.org> > > > > > > > > Subject: [EXTERNAL] Re: [Int-area] "Identification Extension for the Internet Protocol" question > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > EXT email: be mindful of links/attachments. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, Nov 21, 2023, 12:15 PM Templin (US), Fred L <Fred.L.Templin=40boeing.com@dmarc.ietf.org> wrote: > > > > > > > > > > > > > > > > Tom, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >The text you quoted says why we can't do that. If a frag header length is not a multiple of eight bytes then the alignment > > > > > requirements > > > > > > > for all subsequent extension headers and the payload are not met. >This potentially breaks a receiving implementation that relies > on > > > > > > > alignment. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I both do and don’t understand why this limitation applies here. Currently, no IP protocol number exists for the IPv6 Extended > > > > > Fragment > > > > > > > Header, so currently no receiving implementations recognize it. So, why can’t we define one special-case IPv6 extension header > that > > > > > bends > > > > > > > the rules? As implementations are deployed to recognize it, they will naturally accommodate the discontinuity in 8-octet aligned > > > > > extension > > > > > > > headers. > > > > > > > > > > > > > > > > Fred, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The problem isn't with the new header, it's the effects on existing extension headers that might follow it. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > With modern architectures, I would think that saving the network transmission overhead of 4 wasted octets per message > would > > > > > outweigh > > > > > > > the processing drawbacks in having a discontinuity in 8-octet alignment. Especially since no implementations currently exist. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 4 bytes is 0.3% of minimum 1280 bytes MTU. I don't believe that is significant enough savings to diverge from the long > established > > > > > > > requirements of the standard. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Tom > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Fred > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > From: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org> > > > > > > > > Sent: Tuesday, November 21, 2023 12:04 PM > > > > > > > > To: Templin (US), Fred L <Fred.L.Templin@boeing.com> > > > > > > > > Cc: int-area <int-area@ietf.org> > > > > > > > > Subject: [EXTERNAL] Re: [Int-area] "Identification Extension for the Internet Protocol" question > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > EXT email: be mindful of links/attachments. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, Nov 21, 2023, 11:44 AM Templin (US), Fred L <Fred.L.Templin=40boeing.com@dmarc.ietf.org> wrote: > > > > > > > > > > > > > > > > Section 8 of "Identification Extension for the Internet Protocol" proposes a new IPv6 extension > > > > > > > > header called the "Extended Fragment Header" that includes a 96-bit (12 octet) Identification > > > > > > > > field making the total length of the extension header 128-bits (16 octets): > > > > > > > > > > > > > > > > https://datatracker.ietf.org/doc/draft-templin-intarea-ipid-ext/ > > > > > > > > > > > > > > > > However, the only reason for the 96-bit Identification field was to make the whole > > > > > > > > extension header be an integral multiple of 8 octets - what would be preferable would > > > > > > > > be to have only a 64-bit Identification field and limit the Extended Fragment Header as > > > > > > > > a whole to 96-bits (12 octets) which is not a multiple of 8 octets. > > > > > > > > > > > > > > > > The IPv6 Fragment Header is unique among IPv6 extension headers in that it does not > > > > > > > > include a "Hdr Ext Len" field that tells the length of the header in 8-octet units. This > > > > > > > > means that implementations must be able to determine its length (8 octets) solely > > > > > > > > based on the IP protocol number "44". The proposed IPv6 Extended Fragment Header > > > > > > > > would likewise not include a "Hdr Ext Len" field and would use a new IP protocol > > > > > > > > number to be assigned by IANA, with the IP protocol number determining the > > > > > > > > extension header length. > > > > > > > > > > > > > > > > RFC8200, Section 4 states: > > > > > > > > > > > > > > > > "Each extension header is an integer multiple of 8 octets long, in > > > > > > > > order to retain 8-octet alignment for subsequent headers." > > > > > > > > > > > > > > > > But, can an exception be made for the proposed IPv6 Extended Fragment Header > > > > > > > > with a 64-bit Identification field, making the total extension header length 12 octets > > > > > > > > which is not a integer multiple of 8? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hi Fred, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The text you quoted says why we can't do that. If a frag header length is not a multiple of eight bytes then the alignment > > > requirements > > > > > for > > > > > > > all subsequent extension headers and the payload are not met. This potentially breaks a receiving implementation that relies on > > > > > alignment. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Tom > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thank you - Fred > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > > > Int-area mailing list > > > > > > > > Int-area@ietf.org > > > > > > > > https://www.ietf.org/mailman/listinfo/int-area > > > > > > > > > > > >
- [Int-area] "Identification Extension for the Inte… Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Tom Herbert
- Re: [Int-area] "Identification Extension for the … Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Tom Herbert
- Re: [Int-area] [EXTERNAL] Re: "Identification Ext… Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Tom Herbert
- Re: [Int-area] [EXTERNAL] Re: "Identification Ext… Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Tom Herbert
- Re: [Int-area] "Identification Extension for the … Eric Vyncke (evyncke)
- Re: [Int-area] "Identification Extension for the … Tom Herbert
- Re: [Int-area] "Identification Extension for the … Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Tom Herbert
- Re: [Int-area] "Identification Extension for the … Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Templin (US), Fred L
- Re: [Int-area] "Identification Extension for the … Tom Herbert
- Re: [Int-area] [EXTERNAL] Re: "Identification Ext… Templin (US), Fred L
- Re: [Int-area] [EXTERNAL] Re: "Identification Ext… Tom Herbert
- Re: [Int-area] [EXTERNAL] Re: "Identification Ext… Templin (US), Fred L