[ippm] Loopback bit in draft-brockners-inband-oam-data-05
Tom Herbert <tom@herbertland.com> Fri, 19 April 2019 18:59 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 107ED12032D for <ippm@ietfa.amsl.com>; Fri, 19 Apr 2019 11:59:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cvUzanO4h7kv for <ippm@ietfa.amsl.com>; Fri, 19 Apr 2019 11:59:13 -0700 (PDT)
Received: from mail-qt1-x82e.google.com (mail-qt1-x82e.google.com [IPv6:2607:f8b0:4864:20::82e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D87C12031C for <ippm@ietf.org>; Fri, 19 Apr 2019 11:59:13 -0700 (PDT)
Received: by mail-qt1-x82e.google.com with SMTP id i14so6324361qtr.10 for <ippm@ietf.org>; Fri, 19 Apr 2019 11:59:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=LzurZCx/khB7fV+LgAHXDkT7SlTp+/uBMpX22rlBXiw=; b=hDOcyZTOQDgc67fw2iGQ+tW75l48oVEYy7Gm7ALoNjKYIpZr3vnofXp6FK7KIe3eu1 7wy6jrT4o7Wh1ZRTpvaakwBSYXlX3pVnmwG3ZkTizjbNGJjlgXMClE5uxq0Am0GBpvy3 NASp+FQMFEcny1OettmZKpgkgaVLP6TGBavijZ7LPfEXBc+9DgdLr2pwlvLEk5ssXOg6 rv6f01NHHtdRfHSmFWl2m29jz1rlNTgfTfIQODcDrertPwDNa/wzYi7rl6EcgHcl6c9d oXb0lckqtdFKYxXoG8ireqaWLxcDABoKUCAVN1suHLK7mmgdXjeC4C79zxrJEChtITts 29WQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=LzurZCx/khB7fV+LgAHXDkT7SlTp+/uBMpX22rlBXiw=; b=eI5sTtGo5yKSyqS/F+Si7Yu9OZ2qaN4+eX8LaVUGiofhrdUxiRq9qE4qWrhyNWP8Jy 43XfIN/0bz8SU6yX5V89Ac7d04vCM+zt43MgAXRkHGDFq7p0M2e/05clziF3NnBoSaV+ yEeO258zWLKOEqjCl51XGLeco49aRjVcOv6VIFctLGjTNDnZgqxyV3izqL337NnWKbvd TC4XS+zGE8ki8KqjJjBi5zeDuEWYHUw934OJLN5/ildV4j6d7J74rC1gzk0umOFuSk7g uZ/mUG3wd9HaIHtxKGyzeel5momLEwA6+7hfFV8HhPerOflhAeClNYnj+bPLahUcuaRz VyNA==
X-Gm-Message-State: APjAAAVjzOdU1sgBZli7cuvqwFkoEUMuFFDfXUh1suws/ClhqTH8zZTX g7oGCN0EUXiAqvJ3VTNLhWefLzuefXkGz+RFidR1Q9uFGT0=
X-Google-Smtp-Source: APXvYqxqT2QlTYB6DMrCe+J7IDSCnk/+AaBl9myFXnFh2qE/CMipwi/TX75peMZs+vq0v7AAsdO19IfXEH54mmbTDk0=
X-Received: by 2002:aed:2196:: with SMTP id l22mr4731192qtc.226.1555700351988; Fri, 19 Apr 2019 11:59:11 -0700 (PDT)
MIME-Version: 1.0
From: Tom Herbert <tom@herbertland.com>
Date: Fri, 19 Apr 2019 11:59:00 -0700
Message-ID: <CALx6S34foq+HGcMaE2XG30MbFwPqoSSft2Us_agpYtT5vyS_uQ@mail.gmail.com>
To: IETF IPPM WG <ippm@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/IPi1UwFARzb_nuh1BIki4GBckB0>
Subject: [ippm] Loopback bit in draft-brockners-inband-oam-data-05
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Apr 2019 18:59:15 -0000
Hello, As I understand it, when the loopback bit is set intermediate nodes "create a copy of the received packet and send the copy back to the source of the packet". And the "source address is used as the destination address of the copied packet". This begs a few questions: - Wouldn't the copied packet take on the attributes of the orginal packet, so the that the receiver of it thinks its getting a packet to process all the way of the stack. For instance, if the original packet is TCP, wouldn't it look like the copied packet is a TCP packet being sent to the original source? It seems like the copied packet should be wrapped in ICMP or something like that to ensure it's processed as a control message. - How many transit nodes are expected to send back copies of these packets? It seems like it could be considerable number which might be used in a DOS reflection attack. - Wouldn't the loopback bit force the packet into a slow path to do the work of copying and sending back packets. This doesn't seem all that different from cases where ICMP needs to be sent and some routers don't support that. - Also, it looks like IOAM is intended to be done on loopback packets in the return path. I'm not sure how much value there is in that. The returned packet wouldn't have the same characteristics of an actual packet in the flow being sent back from the real peer destination, and in fact the return path might be very different and not even hit the same routers. A possilble alternative (or addition) I might suggest is to reflect the IOAM option at the destination. So, for instance, if a destination node receives a packet for a flow that contains the IOAM option, it can attach the option on response packets back to the source as being reflected. Option reflection may be a common concept as Path MTU option (draft-hinden-6man-mtu-option-00) and FAST (draft-herbert-fast-04) do this. This only requires additional work at end points, and because data is piggybacked on real data packets there is no overhead of additional out of band packets. Tom