IETF Logo Mail Archive

Re: [Int-dir] [Last-Call] Intdir telechat review of draft-ietf-masque-connect-ip-10

"touch@strayalpha.com" <touch@strayalpha.com> Thu, 20 April 2023 03:02 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: int-dir@ietfa.amsl.com
Delivered-To: int-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 339F7C151B21; Wed, 19 Apr 2023 20:02:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.316
X-Spam-Level:
X-Spam-Status: No, score=-1.316 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jUPYAcm8EJ2h; Wed, 19 Apr 2023 20:02:13 -0700 (PDT)
Received: from server217-2.web-hosting.com (server217-2.web-hosting.com [198.54.115.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35BC4C14CE25; Wed, 19 Apr 2023 20:02:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=AO58N1KKA+L4QTCeLXjccSr44Bc/OE5jt838anANIcU=; b=0sy4dmtjHa9+62rZ9ePJ51k/EM g8Xb9zOi7WVhq4Y73dOz59H9A2F/ut2eYf+H6zzPCRLoeTDT/we2E95Fvs0CO4PpVhWPhfl7XsbNN ffY6x4x8p/beeHtUXbqorz/3TgT7JYuuGx687xenIjFyesp3EgQponPTvPpwIMYwzpZfW5qgoA1tt P/0M8/ghQS8MQxF3dGvmZZ0NVnJEuyj+8zhE4daOKFihWIag0HJQudHk54Ab+nv2+93Z9UQCRr170 ulprn/QT18kINdKZnzhrjZyn1aMi3szZj1Sf48sJ2+zLfS/u4L08ns5Wdjpg6X9W93hHrqYIQGF1Q mXTXwTkA==;
Received: from [172.58.208.248] (port=28251 helo=smtpclient.apple) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <touch@strayalpha.com>) id 1ppKYh-00ABLM-8m; Wed, 19 Apr 2023 23:02:12 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_7BCEF051-9C98-46BD-8312-117EFE07F495"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.500.231\))
From: "touch@strayalpha.com" <touch@strayalpha.com>
In-Reply-To: <930DECBA-D4DF-4379-A296-A6B6BAAB8A98@strayalpha.com>
Date: Wed, 19 Apr 2023 20:01:52 -0700
Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>, "int-dir@ietf.org" <int-dir@ietf.org>, "draft-ietf-masque-connect-ip.all@ietf.org" <draft-ietf-masque-connect-ip.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "masque@ietf.org" <masque@ietf.org>
Message-Id: <41E77484-6685-420F-ADCA-0313331B02FA@strayalpha.com>
References: <168152936276.58402.12408511926010382248@ietfa.amsl.com> <CAPDSy+5ZOnK02VgJY7giVD0uNM4ao7-gHXUhrf6BG9RWxzC+RQ@mail.gmail.com> <19AB5170-D789-491C-B748-7AD5CE26B58C@strayalpha.com> <DU0PR07MB8970FC2DDE02B2BBB78D6E33959D9@DU0PR07MB8970.eurprd07.prod.outlook.com> <CAPDSy+72wpWzsQur=Bsvf7bUAxCAzq=OnXDS6Uxr7-k-3ZS-0Q@mail.gmail.com> <DA3F26DF-5B5F-4045-AA67-2BDEDCCA7975@strayalpha.com> <CAPDSy+7cf=ONtQw4Sfy4u51i6txk9K7axhyz6nx=_vic35DWtQ@mail.gmail.com> <4F486987-90BB-480A-9A0E-2E09BC4F1B72@strayalpha.com> <CAPDSy+7+TykbJpa56ysQpdHt3B=ei_oCFzOy7T7Sqx=dp9YADQ@mail.gmail.com> <930DECBA-D4DF-4379-A296-A6B6BAAB8A98@strayalpha.com>
To: David Schinazi <dschinazi.ietf@gmail.com>
X-Mailer: Apple Mail (2.3731.500.231)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-dir/lcmu8nqoEr2gDa98ZYKuqMZmUrs>
Subject: Re: [Int-dir] [Last-Call] Intdir telechat review of draft-ietf-masque-connect-ip-10
X-BeenThere: int-dir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This list is for discussion between the members of the Internet Area directorate." <int-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-dir>, <mailto:int-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-dir/>
List-Post: <mailto:int-dir@ietf.org>
List-Help: <mailto:int-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-dir>, <mailto:int-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Apr 2023 03:02:17 -0000

FWIW, as a concrete suggestion:

It might (or might not) be useful to bundle the tunnel software with user-space router software.

But the two are NOT directly related and this spec should not real with the user space router or its functions, IMO.

It definitely should NOT repeat requirements that are already in RFC1812 or RFC8200 regarding routers.

And I still claim this document needs to explain, even if conceptually, how this tunnel ties into router or host as a network interface, regardless of whether that network interface is accessed by an OS or user-space.

Joe
—
Dr. Joe Touch, temporal epistemologist
www.strayalpha.com

> On Apr 19, 2023, at 7:41 PM, touch@strayalpha.com wrote:
> 
> Hi, David,
> 
> See below..
> 
> Joe
> 
> —
> Dr. Joe Touch, temporal epistemologist
> www.strayalpha.com
> 
>> On Apr 19, 2023, at 2:16 PM, David Schinazi <dschinazi.ietf@gmail.com> wrote:
>> 
>> Hi Joe, I'm replying to your earlier email to discuss the points that are not about TCP-in-TCP, and will send a separate reply to the TCP-in-TCP discussion that's further in the thread.
>> David
>> 
>> On Wed, Apr 19, 2023 at 10:25 AM touch@strayalpha.com <mailto:touch@strayalpha.com> <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote:
>>> Hi, David,
>>> 
>>> More below…
>>> 
>>> Joe
>>> —
>>> Dr. Joe Touch, temporal epistemologist
>>> www.strayalpha.com <http://www.strayalpha.com/>
>>> 
>>>> On Apr 19, 2023, at 9:46 AM, David Schinazi <dschinazi.ietf@gmail.com <mailto:dschinazi.ietf@gmail.com>> wrote:
>>>> 
>>>> Thanks, more discussion inline.
>>>> David
> ...
>>> 
>>> All devices and processes that relay packets *between* interfaces need to make sure they decrement and check the TTL - that’s already in RFC1812. It is not the job of the tunnel to make sure that happens.
>> 
>> To be clear, I totally agree with you from a conceptual perspective. However, in practice, sometimes a piece of code ends up implementing both the link and the router.
> 
> Remember when you and others were claiming that how a tunnel connects to the OS or users is an implementation issue that doesn’t belong in the doc/spec?
> 
> I still disagree, because you need to explain HOW (semantically) you interface to the ultimate source or sink of the IP packets.
> 
> This, however, is a true implementation issue - and a bad one at that….
> 
>> We have that in our MASQUE implementation. Because of this, we want to tell implementers "hey if you also implement a router, remember to do router things!”.
> 
> Well, there’s “remember to connect this to a router *or a host*”. Then there’s how this would interact with other interfaces on that router or host - which you haven’t defined, and probably won’t make a lot of sense because you have back-to-back devices, one of which is well defined (the host or router where you implement this), and one that’s only partly explained. And there’s no good way to relate those two on the same device.
> 
> Which is yet another reason why this should not be deployed with the tunnel - even as an implementation. Include a user-space router or don’t, but please don’t half-do it.
> 
>> I reorganized this part of the doc to very clearly split the link side from the router side, and clearly acknowledge that we just repeat router requirements in case someone is implementing that:
>> https://github.com/ietf-wg-masque/draft-ietf-masque-connect-ip/pull/172
> 
> You can add an appendix that says “if you also want to connect this to a user land router, here’s how”. But again, you’re not implementing a user land router. You’re implementing something that isn’t really a router, but takes responsibility for some of the behavior of a router.
> 
> This simply doesn’t belong in this spec and should not be part of the tunnel definition at all. If you want to refer readers to an example, here’s one:
> https://ijarcce.com/upload/2017/june-17/IJARCCE 67.pdf <https://ijarcce.com/upload/2017/june-17/IJARCCE%2067.pdf>
> 
> I.e., showing readers how to tie this to a user-space router or a kernel router (as an example) is useful.
> 
> Including user space router functions as a requirement of a tunnel spec is incorrect.
> 
> Joe
> -- 
> last-call mailing list
> last-call@ietf.org
> https://www.ietf.org/mailman/listinfo/last-call

v2.23.0 | Report a Bug | By Email