IETF Logo Mail Archive

Re: [Int-dir] [Last-Call] Intdir telechat review of draft-ietf-masque-connect-ip-10

"touch@strayalpha.com" <touch@strayalpha.com> Thu, 20 April 2023 20:38 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: int-dir@ietfa.amsl.com
Delivered-To: int-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF29FC152D9D; Thu, 20 Apr 2023 13:38:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.315
X-Spam-Level:
X-Spam-Status: No, score=-6.315 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vQa6bRelIK5A; Thu, 20 Apr 2023 13:38:28 -0700 (PDT)
Received: from server217-2.web-hosting.com (server217-2.web-hosting.com [198.54.115.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E32F3C152D94; Thu, 20 Apr 2023 13:38:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=4JiWj4H/Y/VAXqmTqv1eTc/slEmhihqiHJLmMSR3akw=; b=zmzUrgAn4KNZuUQlk+wVpnJTOe c/9iVtA4fbNxsZDvHBXslL4M18Owyi5DE+9s9r99y1de4n67yaf6tVqkTSoF+T5Dv2nDMxZqPeqQ7 sJSrcJRIdy8w1SP8fj02YXeSnDZEt/kGEGPx1eD9LBfILeLhJp8l81Mytn210zHwUWXBtbqULfYZk FmdeGNb+6OKiFjmeDj5k7wvaCsDMAZ1QqA30kI6YNHarKHU3EfzgxUJjKdIYRzYzYCZzeimsKGBdm GJQw+LHclwvFaLx7i9gaD8TKrJub6IvaDv5dptIhRjKS4deMUAQPeZrPQFKS6bCHrjAPdv2z2mGRH HgpNQN/A==;
Received: from [172.58.208.248] (port=39046 helo=smtpclient.apple) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <touch@strayalpha.com>) id 1ppb2d-00CFPa-2G; Thu, 20 Apr 2023 16:38:11 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_8BF01729-4747-474B-926B-028CD2550918"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.500.231\))
From: "touch@strayalpha.com" <touch@strayalpha.com>
In-Reply-To: <CAM4esxRE8W2V=FaXPP+gEd4rMQN+P38b-+Yyk6aqbfkAY=rHJA@mail.gmail.com>
Date: Thu, 20 Apr 2023 13:37:55 -0700
Cc: David Schinazi <dschinazi.ietf@gmail.com>, Magnus Westerlund <magnus.westerlund@ericsson.com>, "int-dir@ietf.org" <int-dir@ietf.org>, "draft-ietf-masque-connect-ip.all@ietf.org" <draft-ietf-masque-connect-ip.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "masque@ietf.org" <masque@ietf.org>
Message-Id: <7E22ED44-B417-4299-8E41-8B30F1F41024@strayalpha.com>
References: <168152936276.58402.12408511926010382248@ietfa.amsl.com> <CAPDSy+5ZOnK02VgJY7giVD0uNM4ao7-gHXUhrf6BG9RWxzC+RQ@mail.gmail.com> <19AB5170-D789-491C-B748-7AD5CE26B58C@strayalpha.com> <DU0PR07MB8970FC2DDE02B2BBB78D6E33959D9@DU0PR07MB8970.eurprd07.prod.outlook.com> <CAPDSy+72wpWzsQur=Bsvf7bUAxCAzq=OnXDS6Uxr7-k-3ZS-0Q@mail.gmail.com> <DA3F26DF-5B5F-4045-AA67-2BDEDCCA7975@strayalpha.com> <CAPDSy+7cf=ONtQw4Sfy4u51i6txk9K7axhyz6nx=_vic35DWtQ@mail.gmail.com> <4F486987-90BB-480A-9A0E-2E09BC4F1B72@strayalpha.com> <CAPDSy+7+TykbJpa56ysQpdHt3B=ei_oCFzOy7T7Sqx=dp9YADQ@mail.gmail.com> <930DECBA-D4DF-4379-A296-A6B6BAAB8A98@strayalpha.com> <41E77484-6685-420F-ADCA-0313331B02FA@strayalpha.com> <CAPDSy+7Lr=tqdVF+PPizLsSCXheRsLUfAVx9GyzpPySo791Ztg@mail.gmail.com> <19845D9D-97BB-4080-BC96-2E8E6F693EB5@strayalpha.com> <CAM4esxRE8W2V=FaXPP+gEd4rMQN+P38b-+Yyk6aqbfkAY=rHJA@mail.gmail.com>
To: Martin Duke <martin.h.duke@gmail.com>
X-Mailer: Apple Mail (2.3731.500.231)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-dir/oZ2Q1JmoFW2tDV9B13Nvb04q-5o>
Subject: Re: [Int-dir] [Last-Call] Intdir telechat review of draft-ietf-masque-connect-ip-10
X-BeenThere: int-dir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This list is for discussion between the members of the Internet Area directorate." <int-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-dir>, <mailto:int-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-dir/>
List-Post: <mailto:int-dir@ietf.org>
List-Help: <mailto:int-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-dir>, <mailto:int-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Apr 2023 20:38:32 -0000

Hi, Martin,

I don’t think this document should repeat requirements stated elsewhere. That invites confusion as to where this spec ends and the router requirement reminders begin. At best, it might mention that requirements in RFC1812 apply to routers implemented in conjunction with this tunnel.

It’s also stated inversely - that these might not apply to implementations that don’t include a router. It’s the converse - these apply only to implementations that *additionally* implement a router. Implementing a router should not be implied as part of the mechanism.

That section also misstates IP TTL decrement:
   When IP proxying endpoints forward IP packets between different
   links, they will decrement the IP Hop Count (or TTL) upon
   encapsulation, but not upon decapsulation.  
Again, tunnels shouldn’t be doing this. Encapsulation isn’t what decrements a TTL; forwarding is. That happens in the router, which may or may not be included in tunnel implementation. It never happens between to hosts, if that’s where this tunnel’s packets ultimately go.

The remainder of this section discusses what to do, but it’s never clear that all the discussion applies to the router that is outside the scope of the tunnel, not part of the tunnel itself. It actually specifically talks about IP proxying endpoints that operate as routers - again implying that being a router is part of the spec.

—
It might be possible to word this in ways that do not imply routing as part of the tunnel, but it’s not there yet.

Joe

—
Dr. Joe Touch, temporal epistemologist
www.strayalpha.com

> On Apr 20, 2023, at 1:05 PM, Martin Duke <martin.h.duke@gmail.com> wrote:
> 
> Hi Joe,
> 
> Thanks for all the time you have put into this exchange.
> 
> I'm taking a close look at Section 7. IIUC, the router function language you refer to is in Section 7.2. Section 7.2 begins by saying
> 
> "The requirements in this section are a repetition of requirements that apply to IP routers in general, and might not apply to implementations of IP proxying that rely on external software for routing."
> 
> Is the common-sense reading of this that it's not "part of the tunnel spec", and therefore that this won't complicate draft-ietf-intarea-tunnels needlessly?
> 
> Martin
> 
> On Thu, Apr 20, 2023 at 11:28 AM touch@strayalpha.com <mailto:touch@strayalpha.com> <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote:
>> Hi, David,
>> 
>> I’m fine with how the congestion control issue has been resolved.
>> 
>> I think the doc should include some discussion of how it would be used, which can include a router bundled with implementations.
>> 
>> However, my advice to the INTAREA ADs is that router functions must not be included *as part of the tunnel spec*. I don’t want to have to add this to draft-ietf-intarea-tunnels as a counterexample or with updates.
>> 
>> Joe
>> 
>> —
>> Dr. Joe Touch, temporal epistemologist
>> www.strayalpha.com <http://www.strayalpha.com/>
>> 
>>> On Apr 20, 2023, at 10:26 AM, David Schinazi <dschinazi.ietf@gmail.com <mailto:dschinazi.ietf@gmail.com>> wrote:
>>> 
>>> Hi Joe,
>>> 
>>> Thank you for the very productive discussion around this draft. We've landed the majority of your feedback as changes into the document that are reflected in draft-ietf-masque-connect-ip-12. However, there remain two points:
>>> 1) inclusion of text that applies to routers that we see as important implementer advice instead of implementation-specific advice about TUN interfaces
>>> 2) whether disabling congestion control is a MAY or a SHOULD
>>> And for those, we're going to have to agree to disagree. The conversation was definitely interesting, but at this point I don't think we'll reach agreement on them.
>>> 
>>> Thanks,
>>> David
> -- 
> last-call mailing list
> last-call@ietf.org
> https://www.ietf.org/mailman/listinfo/last-call

v2.23.0 | Report a Bug | By Email