[Int-area] Warren Kumari's Yes on draft-ietf-intarea-frag-fragile-15: (with COMMENT)
Warren Kumari via Datatracker <noreply@ietf.org> Wed, 07 August 2019 21:58 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: int-area@ietf.org
Delivered-To: int-area@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BF4F41200DF; Wed, 7 Aug 2019 14:58:15 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Warren Kumari via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-intarea-frag-fragile@ietf.org, Joel Halpern <joel.halpern@ericsson.com>, Joel Halpern <jmh@joelhalpern.com>, intarea-chairs@ietf.org, jmh@joelhalpern.com, int-area@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.100.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Warren Kumari <warren@kumari.net>
Message-ID: <156521509577.8240.8098670537067900006.idtracker@ietfa.amsl.com>
Date: Wed, 07 Aug 2019 14:58:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/yZloVzZ35lIoUbrynJMAE3Rksws>
Subject: [Int-area] Warren Kumari's Yes on draft-ietf-intarea-frag-fragile-15: (with COMMENT)
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 21:58:16 -0000
Warren Kumari has entered the following ballot position for draft-ietf-intarea-frag-fragile-15: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-intarea-frag-fragile/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- It's very seldom that I ballot Yes on a document for which I'm not the Responsible AD, but this is important enough that I'm doing so; unfortunately there are are some bits which make me uncomfortable though, and so I spent a while in the unusual situation of trying to decide between DISCUSS and YES - after looking at the author list and responsible AD I'm sure that my comments will be considered, and so I'm balloting Yes. 1: "Legacy protocols that depend upon IP fragmentation SHOULD be updated to remove that dependency." I really don't like the SHOULD here -- while I fully agree that legacy protocols should be update, the RFC2119 usage feels weird - it's unclear exactly who it is aimed at (everyone? the people who wrote the legacy protocols? some mythical cleanup author?) 2: I'm unclear why IP-in-IP tunnels are called out at the top / in the Introduction. There is a whole section (Packet-in-Packet Encapsulations) where I think it would go better -- I see no harm in having people have to read down to there to note this. 3: "NOTE 2: A non-fragmentable packet can be fragmented at its source. However, it cannot be fragmented by a downstream node. An IPv4 packet whose DF-bit is set to 0 is fragmentable. An IPv4 packet whose DF-bit is set to 1 is non-fragmentable. All IPv6 packets are also non-fragmentable." I have a few issues with this: 3.1: I'm not really sure a non-fragmentable packet can be fragmented at its source -- the packet *can* be fragmented but I'd say that that is before it has become non-fragmentable. It's entirely possible that I'm missing something obvious here, but a skim of 791 didn't show me what.... 3.2: This may be a corner case, but some tunneling gear seems happy to ignore the DF bit when it is doing reassembly on the far side of the tunnel -- the logic seems to be that as long as what goes into the tunnel matches what comes out it doesn't matter what actually happens *inside* the tunnel. 3.3: Related to this - most tunneling gear (and many firewalls) allow you to clear the DF bit in packets -- for example, cisco has the 'crypto ipsec df-bit clear' command, Junos allows you to do 'services ipsec-vpn rule myvpn term stomp_on_df then clear-dont-fragment-bit;', iptables lets you 'iptables -t mangle -A POSTROUTING -j DF --clear' 3.2 and 3.3 are common enough that I think that they deserve mention. 4: What do you mean by middle box in section 6.3? Yes, I know what is commonly called a middlebox, but I don't know of a good reference -- as an example, I've got some honkin' big routers which do stateless firewall filtering -- these are covered by 3.7, but are they also middleboxes, and if not, why not?! (Note, my personal belief is that they aren't, but I cannot really point to why, other than "I know a middlebox when I see one". There is a discussion on some of this in "Why Operators Filter Fragments and What It Implies" (draft-taylor-v6ops-fragdrop-02), but this also uses the term middlebox without defining it. Nits: A: Whlie -- While
- [Int-area] Warren Kumari's Yes on draft-ietf-inta… Warren Kumari via Datatracker
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Joe Touch
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Fernando Gont
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Tom Herbert
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Warren Kumari
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Bob Hinden
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Geoff Huston
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Warren Kumari
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Tom Herbert
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Geoff Huston
- Re: [Int-area] Warren Kumari's Yes on draft-ietf-… Tom Herbert