Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-ipv6-options
Justin Iurman <justin.iurman@uliege.be> Mon, 07 February 2022 13:07 UTC
Return-Path: <justin.iurman@uliege.be>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20B733A0E1A; Mon, 7 Feb 2022 05:07:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=uliege.be
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1fL3CeN_nuKI; Mon, 7 Feb 2022 05:07:13 -0800 (PST)
Received: from serv108.segi.ulg.ac.be (serv108.segi.ulg.ac.be [139.165.32.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE81B3A0E1D; Mon, 7 Feb 2022 05:07:11 -0800 (PST)
Received: from mbx12-zne.ulg.ac.be (serv470.segi.ulg.ac.be [139.165.32.199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by serv108.segi.ulg.ac.be (Postfix) with ESMTPS id 4FBA4200F807; Mon, 7 Feb 2022 14:07:09 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.11.0 serv108.segi.ulg.ac.be 4FBA4200F807
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uliege.be; s=ulg20190529; t=1644239229; bh=0dE17OjbTmsVrKWvITmMc26+P8ZjrtqTba6SUpigrc4=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:From; b=xTCnJONq+MEdo3Qx1JrAWZ3WUyJJxX4TMWqj2urERSoW8oRFfqB0VgVsIhGDO3U5V 5oouyuPHzEsQ1UmR2J0ud+Oui6FAk3YNfuQlWldk8xrxmAyy07gBl5/Tdm76cdKmz0 XYGhzcYYRGbrkt00j5un5lR8BE+Bd0WoT1//B/9+RHdWGB3sJrkzzJ2IWdeyfvIj6U AMYgx9LURg3FQWEim/1zXEKzh4+QjK87zBI9NKKbGk2yvPbkYHtWyl30MGRnK9ovAm QTTQhSs3uC+gZNvKAd9N5Vyd2+aIELUnL5517R+CX6iWu85jBb3Ellp+qE95vKHSeP K7BShCXB1ly4Q==
Received: from localhost (localhost [127.0.0.1]) by mbx12-zne.ulg.ac.be (Postfix) with ESMTP id 4251660415BA2; Mon, 7 Feb 2022 14:07:09 +0100 (CET)
Received: from mbx12-zne.ulg.ac.be ([127.0.0.1]) by localhost (mbx12-zne.ulg.ac.be [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 2WWp_VJYXM6U; Mon, 7 Feb 2022 14:07:09 +0100 (CET)
Received: from mbx12-zne.ulg.ac.be (mbx12-zne.ulg.ac.be [139.165.32.199]) by mbx12-zne.ulg.ac.be (Postfix) with ESMTP id DFC8A602244DF; Mon, 7 Feb 2022 14:07:08 +0100 (CET)
Date: Mon, 07 Feb 2022 14:07:08 +0100
From: Justin Iurman <justin.iurman@uliege.be>
Reply-To: Justin Iurman <justin.iurman@uliege.be>
To: "Frank Brockners (fbrockne)" <fbrockne@cisco.com>
Cc: Erik Kline <ek.ietf@gmail.com>, Marcus Ihlar <marcus.ihlar=40ericsson.com@dmarc.ietf.org>, IPv6 List <ipv6@ietf.org>, ippm@ietf.org
Message-ID: <2093190259.19857239.1644239228672.JavaMail.zimbra@uliege.be>
In-Reply-To: <CY4PR11MB167247C5F9335D3682523A19DA2B9@CY4PR11MB1672.namprd11.prod.outlook.com>
References: <AM0PR07MB41315DF88FF077CC72F474A6E2789@AM0PR07MB4131.eurprd07.prod.outlook.com> <CAMGpriWq4RKUDiM05afM0FQNMC8uCRV2HtQjZ-Yiiq8UP-+1JQ@mail.gmail.com> <1698496306.248840871.1640786935077.JavaMail.zimbra@uliege.be> <CY4PR11MB167247C5F9335D3682523A19DA2B9@CY4PR11MB1672.namprd11.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [139.165.223.37]
X-Mailer: Zimbra 8.8.15_GA_4018 (ZimbraWebClient - FF96 (Linux)/8.8.15_GA_4026)
Thread-Topic: WG Last Call for draft-ietf-ippm-ioam-ipv6-options
Thread-Index: AQHX/L29LTdhs/e+lki/fjsSOsrNhayG+7Fw1AtOaA4=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/nUMvLrmvycezQs4-R00RW5PaT9A>
Subject: Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-ipv6-options
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Feb 2022 13:07:20 -0000
Hi Frank, LGTM, thanks for this. I think this document is ready to progress. Justin On Feb 6, 2022, at 5:58 PM, Frank Brockners (fbrockne) fbrockne@cisco.com wrote: > Hi Justin, > > Sorry for the late response. I've just posted a revision > (https://datatracker.ietf.org/doc/draft-ietf-ippm-ioam-ipv6-options/07/) which > includes the two suggested changes below. > > Cheers, Frank > >> -----Original Message----- >> From: ippm <ippm-bounces@ietf.org> On Behalf Of Justin Iurman >> Sent: Wednesday, 29 December 2021 15:09 >> To: Erik Kline <ek.ietf@gmail.com> >> Cc: Marcus Ihlar <marcus.ihlar=40ericsson.com@dmarc.ietf.org>; IPv6 List >> <ipv6@ietf.org>; ippm@ietf.org >> Subject: Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-ipv6-options >> >> Hi ippm, 6man, >> >> I do believe this document is almost ready, though it probably needs a new >> version to address the following review comments. >> >> 1) In section 4 ("In-situ OAM Metadata Transport in IPv6"), third paragraph, it >> says: >> >> "In order for IOAM to work in IPv6 networks, IOAM MUST be explicitly >> enabled per interface on every node within the IOAM domain. Unless a >> particular interface is explicitly enabled (i.e., explicitly >> configured) for IOAM, a router MUST drop packets that contain >> extension headers carrying IOAM data-fields. This is the default >> behavior and is independent of whether the Hop-by-Hop options or >> Destination options are used to encode the IOAM data. This ensures >> that IOAM data does not unintentionally get forwarded outside the >> IOAM domain." >> >> I don't think "a router MUST drop packets" is correct. IOAM options are defined >> with type "00", i.e., skip over this option and continue processing the header. >> Instead, I would rather have something like "a router MUST ignore IOAM >> options". Indeed, you don't want a node to drop packets with IOAM options, >> when not configured, to keep consistency with the behavior of type "00". This is >> the role of a firewall to drop packets if it detects IOAM injections or IOAM >> leaks. >> >> New text suggestion: >> >> "In order for IOAM to work in IPv6 networks, IOAM MUST be explicitly >> enabled per interface on every node within the IOAM domain. Unless a >> particular interface is explicitly enabled (i.e., explicitly >> configured) for IOAM, a router MUST ignore IOAM Options. As >> additional security, IOAM domains SHOULD provide a mechanism to >> prevent injections at ingress or leaks at egress." >> >> Note that the last sentence could be omitted, as consideration #4 (see section >> 5.1) already talks about it. >> >> 2) Section 5.4.1 ("IPv6-in-IPv6 encapsulation") describes a hacky way to >> encapsulate packets. Instead of using the egress as the outer destination >> address, it uses the same destination address as the inner one. I understand the >> pros of such a technique (i.e., same forwarding path), but it goes against >> RFC2473 and, as a consequence, also against RFC8200. So, I don't think it should >> be part of a standard. Since the "normal" IPv6-in-IPv6 use case is implicitly >> included in the next section (5.4.2, "IP-in-IPv6 encapsulation with ULA"), I >> think >> section >> 5.4.1 could/should be dropped. >> >> Thanks, >> Justin >> >> On Dec 17, 2021, at 10:37 PM, Erik Kline ek.ietf@gmail.com wrote: >> > +6MAN WG, just as an FYI >> > >> > On Fri, Dec 17, 2021 at 7:39 AM Marcus Ihlar >> > <marcus.ihlar=40ericsson.com@dmarc.ietf.org> wrote: >> >> >> >> Hello IPPM, >> >> >> >> This email starts a Working Group Last Call on >> >> draft-ietf-ippm-ioam-ipv6-options. >> >> >> >> >> >> >> >> https://datatracker.ietf.org/doc/draft-ietf-ippm-ioam-ipv6-options/ >> >> >> >> https://datatracker.ietf.org/doc/html/draft-ietf-ippm-ioam-ipv6-optio >> >> ns-06 >> >> >> >> >> >> >> >> Please provide feedback by replying to this email with your reviews >> >> and if you think this document is ready to progress, by Friday, January 14. >> >> >> >> >> >> >> >> Best Regards, >> >> >> >> Marcus & Tommy >> >> >> >> _______________________________________________ >> >> ippm mailing list >> >> ippm@ietf.org >> >> https://www.ietf.org/mailman/listinfo/ippm >> > >> > -------------------------------------------------------------------- >> > IETF IPv6 working group mailing list >> > ipv6@ietf.org >> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >> > -------------------------------------------------------------------- >> >> _______________________________________________ >> ippm mailing list >> ippm@ietf.org > > https://www.ietf.org/mailman/listinfo/ippm
- [ippm] WG Last Call for draft-ietf-ippm-ioam-ipv6… Marcus Ihlar
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Erik Kline
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Justin Iurman
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Mark Smith
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Haoyu Song
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Mark Smith
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Haoyu Song
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Justin Iurman
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Frank Brockners (fbrockne)
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Marcus Ihlar
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Justin Iurman
- Re: [ippm] WG Last Call for draft-ietf-ippm-ioam-… Tommy Pauly