Re: Next steps on advancing core IPv6 specifications to full Internet standard
Mark Smith <markzzzsmith@gmail.com> Tue, 22 November 2016 11:38 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7499129AEE; Tue, 22 Nov 2016 03:38:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.499
X-Spam-Level:
X-Spam-Status: No, score=-1.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R8-jtKjwNvYg; Tue, 22 Nov 2016 03:38:08 -0800 (PST)
Received: from mail-ua0-x229.google.com (mail-ua0-x229.google.com [IPv6:2607:f8b0:400c:c08::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 958251295DD; Tue, 22 Nov 2016 03:38:08 -0800 (PST)
Received: by mail-ua0-x229.google.com with SMTP id 20so12103299uak.0; Tue, 22 Nov 2016 03:38:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=1OL4wrKK8Smi4L++bWrrAmNw6NmKdF07mYLIzUQ9gZw=; b=QdEt+cJGNzVry7lclGjtfXMdQlFCyDLiRgSUn0zMYdEQezSxER/p5F9wR/LP1PYIMA XCG/ZZaPyXQTwVSg1DQrCiM2M7QcItkqQLLvO3SyCO5vtaBuqXpx3QrV+1Hpbfe2CyvG GGWixMrBDadp8L8xxQHV9Xlp3hxoX6YyMZ030PwbIqJcsdf1vfIypSy9Gm4BLNgIyAEZ mbvkrUShfEmn1UewWW2i4dEJFFSI3zHi8dpZO8gUPR45q1LyZTzDXwGHhOAtD9dzXIOT zQXmC6Nx8eaKh/lRkZo1txIEbqQwWgM8J/ONK3d4nVWZh4oCfJrjPQ9Nrd+ZWZa9Hh0v 1JHw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=1OL4wrKK8Smi4L++bWrrAmNw6NmKdF07mYLIzUQ9gZw=; b=HzE1Lzk80pT1Xd86TNamPl5Fb+N3Jz4z+DIGkmZHV/IY5e87XmFpq6DwsNvoi5NugG dqQgjKVkryweUmFLO/Y8W8thZSxY+e8J8tP6lgZXivPvln8dy/QccSd8FD2j8eJY2zuu bIj+dig14iRMCiBFGwyXQX3KXzZFiJ0QP75sJ93eyUFvdwDumvrs6ktEoiVCNgwoAfUM +hpIBLQy/veEqb8cZRTze+lUQxJK04R+uWA771LYijnmnOg9qd/pDRJZnXV9atRb681J jL62q0dbfYFbFbWESFIxzbDw3l0S7rgsEE2FoPm3HhhkP1e6Zu10ZQoiXAvPoMrcisuS 6PNw==
X-Gm-Message-State: AKaTC006C3vGMUn/yd6dT19etbZeHO2O861S6RlgqByf8W9Pj4ROphaq1TMJn0B0mCngWb2sZ6qze1WV7ZDjvw==
X-Received: by 10.176.0.52 with SMTP id 49mr10125274uai.9.1479814687666; Tue, 22 Nov 2016 03:38:07 -0800 (PST)
MIME-Version: 1.0
Received: by 10.159.48.212 with HTTP; Tue, 22 Nov 2016 03:37:37 -0800 (PST)
In-Reply-To: <8C6FA5CE-E7F6-4D22-B897-7094BD719A12@jisc.ac.uk>
References: <451D4151-B805-4A2E-8BAC-B6627C0B669C@employees.org> <CAJE_bqczRSZYWC3tDLXvxRMzqnV9nDjYjUddyRHtwfpGEXvm5w@mail.gmail.com> <85517D4C-488E-4A05-9E2C-5D4604DF69B8@gmail.com> <CABdyVt421A8Lsy91TvNRg8w444X04tx-woY3gLj3U0-hxL53og@mail.gmail.com> <CALx6S34VKLPctnMrKQB+AxYFKHzDnYv9woLdqCbtYXgJ7sLy+w@mail.gmail.com> <CABdyVt4dm1bA4W_6ZsL_n4xF4J4Yc4eOGmPNpsn6-C-0ojPX5Q@mail.gmail.com> <8C6FA5CE-E7F6-4D22-B897-7094BD719A12@jisc.ac.uk>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Tue, 22 Nov 2016 22:37:37 +1100
Message-ID: <CAO42Z2zxiOkWtQ+ngDbTKHM8L_+ewfrLyoRdoU2=BgahgCxo7w@mail.gmail.com>
Subject: Re: Next steps on advancing core IPv6 specifications to full Internet standard
To: Tim Chown <Tim.Chown@jisc.ac.uk>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/1BfT9JblxJpQwFCOtyCcw5eDT7Y>
Cc: IPv6 List <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>, 神明達哉 <jinmei@wide.ad.jp>, Suresh Krishnan <suresh.krishnan@ericsson.com>, "6man-chairs@ietf.org" <6man-chairs@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Nov 2016 11:38:10 -0000
On 22 November 2016 at 21:02, Tim Chown <Tim.Chown@jisc.ac.uk> wrote: > Hi, > > On 22 Nov 2016, at 03:22, Hemant Singh <hemantietf@gmail.com> wrote: > > <snip> > > > So there’s a lot of vagueness about the whole SRH “insertion” issue, partly > in the spring WG, partly in 6man, and implementation(s) doing things that > are not (as yet, or perhaps never will be?) documented in the IETF. > This draft is well and truly doing it, despite the title. "Encapsulations for In-situ OAM Data" https://tools.ietf.org/html/draft-brockners-inband-oam-transport-02 "3.1.2. Procedure at the Ingress Edge to Insert the In-situ OAM Header" Imagine if one of those inserted EHs wasn't stripped at the edge of the OAM domain, because of an implementation bug or configuration error. These OAM EH inserted packets arrive at your network and breaks the application you're providing to a paying customer somewhere across the Internet. This paying customer is the one that constructed and originated the packet, and is identified by the source address. So you contact the customer identified by the source address asking them why are they inserting and sending OAM EHs to you. The say 'no, we are not, and send a packet capture to prove it. Since you're in Australia, and they're in Europe (or the US), there are now many different networks between them and you. How do you work out who is inserting these EHs and then not removing them? You spend days and weeks contacting *all* the ASNs between you and your customer (10 perhaps?), asking them if they're (a) inserting these EHs, (b) if they are, can they determine if their equipment is configured to remove them, and if it is (c) tell them they've got a bug and need to contact their vendor. While they're waiting for their vendor to fix the bug, they're probably not going to be very keen to switch off this wonderful feature that is working fine for them ... because they' actually don't suffer from any consequences of the EHs they've added but not removed. So you call up your customer, after they've suffered from a number of weeks of lost service from you. "Do you want the good news or bad news?" "The good news is we've found out where these EHs that are breaking your connections to us. The bad news is that while the people who are doing it have asked their vendor for a fix, they're refusing to switch it off, so you'll have to put up with it for the next 3 to 6 months." Customer says, "Unfortunately, I realise that it isn't your fault, however we can't put up with it for that long. We're going to have to cancel your service and go with somebody else." Now imagine if the one customer impacted was instead 10s of 1000s of non-technical, residential customers - like the ones Google, Netflix and Facebook have. Most of the above becomes impractical, and if this problem persists for more than a few days, it'll likely cost you 10s of 1000s of customers. I've had experience troubleshooting issues over the Internet that have effected my residential broadband customers (e.g., getting bogon filter routes removed from remote networks because we'd been allocated those addresses officially). That was a walk in the park compared to what the above scenario would be like - my customers could identify the website that they were trying to access. Silent insertion, meaning non-attributable insertion, and failed removal will be a nightmare to troubleshoot if those packets make it onto the Internet - and they will, just like RFC1918 addressed packets do. People who believe removal will always be performed successfully are living in the fantasy that devices always perform perfectly, never partially failing and programmers write perfect, bug free code. Regards, Mark.
- Next steps on advancing core IPv6 specifications … otroan
- Re: Next steps on advancing core IPv6 specificati… 神明達哉
- Re: Next steps on advancing core IPv6 specificati… Brian E Carpenter
- Re: Next steps on advancing core IPv6 specificati… Tim Chown
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… Bob Hinden
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… Mark Smith
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… Brian E Carpenter
- Re: Next steps on advancing core IPv6 specificati… David Farmer
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… Tom Herbert
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… 神明達哉
- Re: Next steps on advancing core IPv6 specificati… Brian E Carpenter
- Re: Next steps on advancing core IPv6 specificati… Brian E Carpenter
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… Bob Hinden
- Re: Next steps on advancing core IPv6 specificati… Tom Herbert
- Re: Next steps on advancing core IPv6 specificati… Mark Smith
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… Tim Chown
- Re: Next steps on advancing core IPv6 specificati… Mark Smith
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh
- Re: Next steps on advancing core IPv6 specificati… Hemant Singh