IETF Logo Mail Archive

[ippm] Erik Kline's Discuss on draft-ietf-ippm-ioam-ipv6-options-09: (with DISCUSS and COMMENT)

Erik Kline via Datatracker <noreply@ietf.org> Thu, 01 December 2022 06:02 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: ippm@ietf.org
Delivered-To: ippm@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 123C0C1DF55F; Wed, 30 Nov 2022 22:02:55 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Erik Kline via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-ippm-ioam-ipv6-options@ietf.org, ippm-chairs@ietf.org, ippm@ietf.org, marcus.ihlar@ericsson.com, marcus.ihlar@ericsson.com
X-Test-IDTracker: no
X-IETF-IDTracker: 9.1.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Erik Kline <ek.ietf@gmail.com>
Message-ID: <166987457506.51565.101426441168688104@ietfa.amsl.com>
Date: Wed, 30 Nov 2022 22:02:55 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/-s3lr8oU-nQ-Ao4t95hizzMwYJE>
Subject: [ippm] Erik Kline's Discuss on draft-ietf-ippm-ioam-ipv6-options-09: (with DISCUSS and COMMENT)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.39
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Dec 2022 06:02:55 -0000

Erik Kline has entered the following ballot position for
draft-ietf-ippm-ioam-ipv6-options-09: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-ippm-ioam-ipv6-options/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

# Internet AD comments for draft-ietf-ippm-ioam-ipv6-options-09
CC @ekline

* Thanks to 6MAN chairs Bob, Ole, and Jen for their last-minute
  "IPv6 Directorate" reviews.  Some of their comments are reflected below.

* There was kind of leaning toward concluding that the rewriting of a
  Hop-by-Hop option's size was both against the spirit of RFC 8200 and
  not actually against the letter.  I'm not sure that's actually the case
  and so my biggest DISCUSS is this point (more below).

## Discuss

### S4

* I don't think the Incremental Trace Option is something that can be
  supported by current text in RFC 8200.  While is makes sense to have this
  behavior described in RFC 9197, I don't think IPv6 HbH can support it.

  My rationale for seeing this as a protocol violation is as follows.

    - RFC 8200 S4.2 says this about the on-path mutability bit and the
      expectations that result:

      """
      The third-highest-order bit of the Option Type specifies whether or
      not the Option Data of that option can change en route to the
      packet's final destination.  When an Authentication header is present
      in the packet, for any option whose data may change en route, its
      entire Option Data field must be treated as zero-valued octets when
      computing or verifying the packet's authenticating value.
      """

    - Specifically, only the Option Data (not Option Length) is allowed to
      change.  Any AH header, for example, would still have processed the
      entire option with only the Data being zeroed -- the existence of the
      option and the length of it would still have been part of the AH
      computation.

  Unless there's some misunderstanding here I think this option would need
  removing from the document.

* I think text needs to be added to make it clear that whatever options are
  used they MUST be added, though not necessarily "filled in", by the
  originator of the packet (the node bearing the interface assigned the
  outermost Source Address).

  The reasoning here again is the defined behavior of AH processing.  Any
  options, even on-path mutable ones, MUST be present in the Hop-by-Hop
  option when an AH is computed.


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


## Comments

### S5.1

* In C2: "domain SHOULD ensure that the addition of OAM information does not
  lead to fragmentation of the packet"

  This should probably be rephrased to be more IPv6-compatible (as there is
  no on-path fragmentation).  Perhaps:

  "does not lead to an ICMP Packet To Big error message being sent to the
  originator and the packet being dropped"

  or something to that effect.

* Also in C2: "exceeds the packet size beyond PTMU" in the domain, etc.

  It may be worth noting that any single node can only know the configured
  MTU of its outgoing links, and that this is why it MUST be a domain-managed
  parameter.

* C3 appears to create a requirement for some very deep packet inspection on
  IOAM domain egress.

  Also, if there's going to be talk of ICMPv6 you probably need to add a
  reference to RFC 4443.

* With respect to C4, I'd defer to the other IESG comments.

* C5: this seems like it might be important for a Standards Track feature?

  If it were Experimental, perhaps, then there could be text saying that
  learning how this might best be done was an expected outcome of the
  experiment?

v2.23.0 | Report a Bug | By Email