Re: [Int-area] Is IPv6 End-to-End? R.I.P. Architecture? (Fwd: Errata #5933 for RFC8200)
Tom Herbert <tom@herbertland.com> Thu, 27 February 2020 23:01 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7BD53A07BD for <int-area@ietfa.amsl.com>; Thu, 27 Feb 2020 15:01:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nj01U6ETC6Mb for <int-area@ietfa.amsl.com>; Thu, 27 Feb 2020 15:01:05 -0800 (PST)
Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54F043A07C2 for <int-area@ietf.org>; Thu, 27 Feb 2020 15:01:05 -0800 (PST)
Received: by mail-ed1-x52a.google.com with SMTP id m13so1052631edb.6 for <int-area@ietf.org>; Thu, 27 Feb 2020 15:01:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=bF1kEuNxJ+d8RRz7daKRJ1Ztxd7P6Cd+cpHxbO0SW70=; b=KCErvfL1WVSXds5/uoXXCCJT3aFlCLNqc1Dh6V3HaC8asAR2uhs92roTFpQqatn+4c FXeZ9dI/S71H35yra49HuV1lHFzD0Wj4i2DuGxyudrqeBBcotkBnofb1zE4W3J2HTGkb 492zCpRFiJfY5u4kYdSsvWArQuadsrhP38dVQbx2lbZ7RanDjCddbap1TlTjNDJfi6UJ WueTUzTjr+kvIs1nWTchZ9gO7Fquv08syiemXMfVjiPuiEWPp/iXpOYFCFTweKHi+5LC sirt3yVnI+wrRUwgfmnHC3heGS9hj56EsEsA3h3Yssqm9aRPegN70mXLOd5ixmMWddg1 ec1A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bF1kEuNxJ+d8RRz7daKRJ1Ztxd7P6Cd+cpHxbO0SW70=; b=Cd+DNn4DNOs5ke5/cPw2nuBUAgYDS7Lh8TQA3o78NfoWPimp/DI9ai08YYnAXiO08M b++QcqNmCAC1WDYVUV73Ga/MjmhZenwxwtNho2RyPoPI3LTzJ4bWQ3yeN8IPuPcKFQ+r rcyON7nJnTn+4wkllDMvaIIaTrsS32GvtntoYX2rU2PGf03TEHYLHLfH17hn0bCP3H/h 4c9vFmfjAz0sDUz4sGU+GAxw7SAaosq6e8MkicBeHYncTUnZOHswOQ9CjEhuY0hXQ8Jl lUysX+sGmmFAm+7QrECOtlNJ2lDMab1Sy+p8nkL5oWHPNcTTV2yIzgyFehVnEKAv8T91 5hTA==
X-Gm-Message-State: APjAAAXpCmlH1noo5CNsw6ioVFgRMwjefBQWrsmkP8shsurQFTNrZcjY XPb7GISwMNAUmhI3W10NvwWqqScEiVp05TUf4igisA==
X-Google-Smtp-Source: APXvYqwmHNCUSOArQQr0iezb6A3LiEC9Ob6azfxKaUbTts4m3E+ZkdyMBrISYTXPQymFWU3hB1qqsamxJCYDwelUgLI=
X-Received: by 2002:a05:6402:3132:: with SMTP id dd18mr884736edb.118.1582844463417; Thu, 27 Feb 2020 15:01:03 -0800 (PST)
MIME-Version: 1.0
References: <876c9105-3da4-e614-2db0-bea025b54663@si6networks.com> <7749f91f-03f1-cc14-bae8-5fe68c88879f@si6networks.com> <CALx6S36wN7VEi_rxLC1ETcTvkGaPhs20KhQrGWAGGTrCL5OT+g@mail.gmail.com> <d41a94f5ede994b9e14605871f9f7140@strayalpha.com>
In-Reply-To: <d41a94f5ede994b9e14605871f9f7140@strayalpha.com>
From: Tom Herbert <tom@herbertland.com>
Date: Thu, 27 Feb 2020 15:00:52 -0800
Message-ID: <CALx6S34n58pD4o5wyb7CDDLTH63OxksMDxKZr6uJN+NO0kVboQ@mail.gmail.com>
To: Joe Touch <touch@strayalpha.com>
Cc: Fernando Gont <fgont@si6networks.com>, architecture-discuss@iab.org, Internet Architecture Board <iab@iab.org>, Internet Area <int-area@ietf.org>, IETF-Discussion <ietf@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/h1XFt69gtm1GRhIZ19cW9r-W-sE>
Subject: Re: [Int-area] Is IPv6 End-to-End? R.I.P. Architecture? (Fwd: Errata #5933 for RFC8200)
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2020 23:01:15 -0000
On Thu, Feb 27, 2020 at 2:52 PM Joe Touch <touch@strayalpha.com> wrote: > > FWIW - there are separable issues here: > > - whether an IP header (or parts thereof) should be changed in transit > > AFAICT, the answer has always been yes, but limited to the hopcount/ttl in the base header and hop-by-hop options in the options/extension headers. > > - whether an IP header length can change in transit > > I see no reason why it can't become smaller, but if it can become larger then PMTUD and PLPMTUD don't work. > > So the question isn't just what is wanted, it's what is feasible. > Joe, Per the problem about making packets larger in the network, I'd point out that this is already common due to in-network tunneling. In any case, it's really the only interesting case here (as opposed to making packets smaller). Tom > Joe > > > > > On 2020-02-27 14:07, Tom Herbert wrote: > > Fernando, > > I think we need to be careful that IETF is labeled as a collection of > inflexible architectural purists. We know that standards conformance > is voluntary and we haven't seen the last time that someone, possibly > even a major vendor, will circumvent the system for their own > purposes. IMO extension header insertion is a great example of that. > On one hand we have people quoting IPv6 saying that it isn't allowed > per RFC8200-- period! And on other side there are proponents that see > a real need for it and believe they have clear use case-- at one > presentation in IETF a proponent bluntly stated that regardless of any > discussion in IETF they're going to do it! IMO, what we haven't seen, > was a real attempt to resolve and work out the engineering issues. > That's not for lack of trying-- for instance I proposed a direction to > try for an engineering compromise in draft-herbert-6man-eh-attrib-00, > but saw little discussion on that. > > Tom > > On Thu, Feb 27, 2020 at 1:43 PM Fernando Gont <fgont@si6networks.com> wrote: > > > Folks, > > If you haven't been following recent developments in the Spring WG, you > may be surprised about some of the work that is being pursued (or was > being pursued)- > > Such work has included proposing that some IPv6 routers insert and > remove routing headers en-route to the final destination. > > After many very heated and lengthy debates, some of this work was > dropped, but other remains (e.g. routers removing IPv6 EHs from packets > en-route to their final destination, part of what they call "PSP"). For > the most part, the proponents have argued that "we have implemented it, > and the industry wants it" -- as if we just have to rubberstamp what > they have done. > > On the technical side, the proponents have argued that: > > If a packet employs source routing (and hence its Destination > Address is modified en-route to direct the packet through each > of these "waypoints"), then any of such "waypoint" routers are > free to add or remove IPv6 extension headers at will. (No, not > encap/decap, but rather add/remove EHs from the IPv6 header > chain). > > That seems to me like a very major deviation from what's supposed to be > our current "architecture", where IPv6 is an end to end protocol. > Besides, it should be obvious that removal/insertion of EHs en-route > error reporting (since host typically check that the ICMP errors they > receive correspond to something that they actually sent). > > > A number of us have raised this a number of times, and at least some of > us feel that our concerns are being ignored. > > It would seem to me that these documents and decisions have a concrete > impact on our architecture, and that they are being pursued without any > proper oversight. There is also a widespread feeling that having one or > a few big vendors pushing these ideas might be playing a role here. > > (See, for instance: > > * https://mailarchive.ietf.org/arch/msg/ipv6/Er7LR_VrsJLko_QnqEKTXvPcpj4/ > > * https://mailarchive.ietf.org/arch/msg/ipv6/gG7Fbz0R030g55oW1mvckj0THwc/ > ) > > What I would expect is that all thes major changes to our existing > architecture and protocols would only done by formally updating existing > standards *if* deemed appropriate, as opposed to just trying to sneak > changes "when nobody is watching", or by having very curious > interpretations of our protocols and standards. > > I've raised the topic to our AD (Suresh), to the IAB, and on the arch-d > list before, but so far haven't been lucky or seen anything meaningful > happen in this area. > > I have also submitted an errata to make RFC8200 even more clear on the > topic, but it remains unprocessed. > > So my questions are: > > * On the technical area: > > + Is IPv6 an End To End protocol? Or is the IETF's stance that > routers are free to mangle with the packet structure as they please? > > + Was IPv6 designed that way? And if it wasn't, when/how was the > architecture changed? > > > * On the procedural area: > > + Where/how should IETF WGs seek for architecture-related advice? > > + What do do in situations like the above? Wait and see how things > evolve, and upon any formal decisions, just submit formal Appeals > if deemed necessary? (and after way too much energy consumed from > everyone) > > I would have expected that as soon as these issues were raised, > the offending text would be removed rightaway. But that wasn't > the case. And when the changes did happen, it wasn't without > an extraordinary waste of time and energy from all of us. > For instance, any work on IPv6 header insertion/deletion wouldn't > seem to fit within the charters of the 6man or spring wgs. > > > FWIW, this is not the first instance of issues surrounding the same > topic. It goes back to the rfc2460bis effort, when a similar set of > folks (too many from one big vendor) got to have 6man ship > what became RFC8200 with a noted "ambiguity", just to be able > to have some playground for EH insertion/deletion. And we only got > to improve on that during IETF LC: > > (see: > https://mailarchive.ietf.org/arch/msg/ipv6/Kp76SONpyqWneNgvtc8sh-fGAu0/) > > > Thoughts or advice on the technical and/or procedural aspects will be > appreciated. > > Thanks! > > Cheers, > Fernando > > > > > -------- Forwarded Message -------- > Subject: Errata #5933 for RFC8200 > Date: Thu, 27 Feb 2020 17:07:36 -0300 > From: Fernando Gont <fgont@si6networks.com> > To: Suresh Krishnan <suresh.krishnan@gmail.com> > CC: 6man@ietf.org <6man@ietf.org> > > Suresh, > > Two months ago I filled an errata on RFC8200 regarding the processing of > IPv6 extension headers. The errata is available here: > https://www.rfc-editor.org/errata/eid5933 > > While I believe that folks with a knowledge of Internet Protocols would > be able to interpret what is in RFC8200, given recent discussions on the > topic, and upon a re-read of the text, I believe a clarification is > warranted, such that we allow all sorts of curious interpretations of > the text. > > I send a heads-up on the 6man mailing list > (https://mailarchive.ietf.org/arch/msg/ipv6/6MPs25WvSMD6vVT0ekaMYjAwM6c/), > and the proposed text received the review of at least Brian Carpenter, > Ron Bonica, and Mark Smith. Their reviews are available on such thread. > > In the light that some folks seem to be pretending to leverage "the lack > of clarify" in RFC8200 (an Internet Standard) to violate it, I'd > appreciate that the reported errata be processed. > > Processing the aforementioned errata is key to many of the discussions > this and other WGs are having. > > Thanks, > -- > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org > https://www.ietf.org/mailman/listinfo/int-area > > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org > https://www.ietf.org/mailman/listinfo/int-area
- [Int-area] Is IPv6 End-to-End? R.I.P. Architectur… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Phillip Hallam-Baker
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Bernard Aboba
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joe Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Mark Andrews
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Phillip Hallam-Baker
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Phillip Hallam-Baker
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Christian Huitema
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Bernard Aboba
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Phillip Hallam-Baker
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Dino Farinacci
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Bernard Aboba
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joseph Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joseph Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Joseph Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Fernando Gont
- [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P. Ar… Guntur Wiseno Putra
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Robert Raszuk
- [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P. Ar… Guntur Wiseno Putra
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Phillip Hallam-Baker
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Tom Herbert
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Phillip Hallam-Baker
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Tom Herbert
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joseph Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Joseph Touch
- Re: [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P… Andrew Alston
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Joseph Touch
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Andrew Alston
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- Re: [Int-area] Is IPv6 End-to-End? R.I.P. Archite… Fernando Gont
- [Int-area] [arch-d] Is IPv6 End-to-End? R.I.P. Ar… Guntur Wiseno Putra