Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard

Tal Mizrahi <talmi@marvell.com> Mon, 13 February 2017 13:43 UTC

Return-Path: <talmi@marvell.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 488EB129588; Mon, 13 Feb 2017 05:43:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iwBFVpYO1UaP; Mon, 13 Feb 2017 05:43:53 -0800 (PST)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C12DB1295A1; Mon, 13 Feb 2017 05:43:53 -0800 (PST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v1DDeAgM028006; Mon, 13 Feb 2017 05:43:53 -0800
Received: from il-exch01.marvell.com ([199.203.130.101]) by mx0a-0016f401.pphosted.com with ESMTP id 28j0ura9s4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 13 Feb 2017 05:43:52 -0800
Received: from IL-EXCH01.marvell.com (10.4.102.220) by IL-EXCH01.marvell.com (10.4.102.220) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 13 Feb 2017 15:43:48 +0200
Received: from IL-EXCH01.marvell.com ([fe80::5d63:81cd:31e2:fc36]) by IL-EXCH01.marvell.com ([fe80::5d63:81cd:31e2:fc36%20]) with mapi id 15.00.1210.000; Mon, 13 Feb 2017 15:43:48 +0200
From: Tal Mizrahi <talmi@marvell.com>
To: "6man@ietf.org" <6man@ietf.org>, IETF Discussion list <ietf@ietf.org>, "draft-ietf-6man-rfc2460bis@tools.ietf.org" <draft-ietf-6man-rfc2460bis@tools.ietf.org>, "6man-chairs@ietf.org" <6man-chairs@ietf.org>
Subject: Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard
Thread-Topic: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard
Thread-Index: AdKF/X9u+WIK+SvpTdCAbZfIxgfsEg==
Date: Mon, 13 Feb 2017 13:43:47 +0000
Message-ID: <67ab3d39d55840c8a207e2104e6020cd@IL-EXCH01.marvell.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.4.102.210]
Content-Type: multipart/alternative; boundary="_000_67ab3d39d55840c8a207e2104e6020cdILEXCH01marvellcom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-02-13_08:, , signatures=0
X-Proofpoint-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1612050000 definitions=main-1702130134
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/3hwWdtVSFL3RfivukKIbP6KzvH8>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Feb 2017 13:43:56 -0000

Hi,

Good discussion regarding the text about the hop-by-hop extension.

In my opinion there is a valid use case for intermediate nodes that insert/remove/modify/process hop-by-hop extensions. Examples: IOAM, INT.
Since there is a use case, I believe we need explicit text about intermediate handling of hop-by-hop extensions.

This [somewhat] reminds me of the discussion a few years ago about the IPv6/UDP zero checksum. The WG ended up defining that “Zero checksum is permitted in IPv6/UDP *if* [……..] and the possible consequences are [……..]”.

I would argue that regarding hop-by-hop extension handling we also need to define that “Hop-by-hop extensions can be inserted/removed/modified/processed by intermediate nodes *if* [……..] and the possible consequences are [……..]”.

Cheers,
Tal.


From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Mark Smith
Sent: Monday, February 13, 2017 3:52 AM
To: Brian E Carpenter
Cc: 6man@ietf.org; IETF Discussion list; Leddy, John; Pete Resnick; 神明達哉; Suresh Krishnan; draft-ietf-6man-rfc2460bis@tools.ietf.org; 6man-chairs@ietf.org
Subject: [EXT] Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard

________________________________


On 13 Feb. 2017 11:40 am, "Brian E Carpenter" <brian.e.carpenter@gmail.com<mailto:brian.e.carpenter@gmail.com>> wrote:
John,

On 13/02/2017 12:05, Leddy, John wrote:
> I’m trying to understand how a ban of this functionality would work.  Is it targeted at vendor products, precluding them from implementing the functionality?
It's targetted at interoperability across the Internet. We can never stop
people doing whatever they please inside a private domain, obviously.
As always, there are no protocol police.

> If there is a technical problem that can be solved by using EH insertion within a domain where there are no harmful side effects, it should be able to be used.
> In a software networking world where functionality is being deployed that is not from traditional network vendors; solutions that solve problems efficiently will get deployed.
We had a lot of this conversation in a slightly different form prior to
RFC 6437. It proved impossible to specify "local domain" rules that could
reach consensus. I think we'd have the same problem trying to write rules
for header insertion/deletion within a domain. But in any case, that isn't
the target for RFC2460bis: the target is the Internet.

We also know that this statement from RFC1918 hasn't been 100% effective:



   Because private addresses have no global meaning, routing information

   about private networks shall not be propagated on inter-enterprise

   links, and packets with private source or destination addresses

   should not be forwarded across such links.

and we still don't have enough deployment of BCP38 which would also help enforce that.

If it is possible to plug a device into the Internet I think it is better to assume somebody probably will (and you won't be there to stop them) and design to that assumption.

(All the recent "IoT" botnets and corresponding attacks are a result of assuming those devices will only be connected to Private Internets, and therefore they don't have to be individually "Internet proof" (conceptually similar to a "water proof" watch).)

Regards,
Mark.



    Brian

>
> John Leddy
>
> From: ietf <ietf-bounces@ietf.org<mailto:ietf-bounces@ietf.org>> on behalf of "Eric Vyncke (evyncke)" <evyncke@cisco.com<mailto:evyncke@cisco.com>>
> Date: Sunday, February 12, 2017 at 3:56 PM
> To: Suresh Krishnan <suresh.krishnan@gmail.com<mailto:suresh.krishnan@gmail.com>>, 神明達哉 <jinmei@wide.ad.jp<mailto:jinmei@wide.ad.jp>>
> Cc: "6man@ietf.org<mailto:6man@ietf.org>" <6man@ietf.org<mailto:6man@ietf.org>>, IETF Discussion list <ietf@ietf.org<mailto:ietf@ietf.org>>, Pete Resnick <presnick@qti.qualcomm.com<mailto:presnick@qti.qualcomm.com>>, "draft-ietf-6man-rfc2460bis@tools.ietf.org<mailto:draft-ietf-6man-rfc2460bis@tools.ietf.org>" <draft-ietf-6man-rfc2460bis@tools.ietf.org<mailto:draft-ietf-6man-rfc2460bis@tools.ietf.org>>, "6man-chairs@ietf.org<mailto:6man-chairs@ietf.org>" <6man-chairs@ietf.org<mailto:6man-chairs@ietf.org>>
> Subject: Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard
>
> Suresh, Jinmei and Fernando,
>
> I fully agree with you Suresh, the goal of an IETF last call is to get NEW discussion and to re-do the lengthy discussions we had on 6MAN WG.
>
> -éric
>
> From: ipv6 <ipv6-bounces@ietf.org<mailto:ipv6-bounces@ietf.org>> on behalf of Suresh Krishnan <suresh.krishnan@gmail.com<mailto:suresh.krishnan@gmail.com>>
> Date: Saturday 11 February 2017 at 07:11
> To: 神明達哉 <jinmei@wide.ad.jp<mailto:jinmei@wide.ad.jp>>
> Cc: "6man@ietf.org<mailto:6man@ietf.org>" <6man@ietf.org<mailto:6man@ietf.org>>, IETF Discussion list <ietf@ietf.org<mailto:ietf@ietf.org>>, Pete Resnick <presnick@qti.qualcomm.com<mailto:presnick@qti.qualcomm.com>>, Fernando Gont <fgont@si6networks.com<mailto:fgont@si6networks.com>>, "draft-ietf-6man-rfc2460bis@tools.ietf.org<mailto:draft-ietf-6man-rfc2460bis@tools.ietf.org>" <draft-ietf-6man-rfc2460bis@tools.ietf.org<mailto:draft-ietf-6man-rfc2460bis@tools.ietf.org>>, "6man-chairs@ietf.org<mailto:6man-chairs@ietf.org>" <6man-chairs@ietf.org<mailto:6man-chairs@ietf.org>>
> Subject: Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard
>
> Hi Jinmei,
>
> On Feb 10, 2017 1:23 PM, "神明達哉" <jinmei@wide.ad.jp<mailto:jinmei@wide.ad.jp><mailto:jinmei@wide.ad.jp<mailto:jinmei@wide.ad.jp>>> wrote:
> At Thu, 9 Feb 2017 18:30:11 -0300,
> Fernando Gont <fgont@si6networks.com<mailto:fgont@si6networks.com><mailto:fgont@si6networks.com<mailto:fgont@si6networks.com>>> wrote:
>
> While I largely agree with Fernando on everything he said, I have to
> admit most of the points are just repeated from the 6man discussion,
> and won't get us anywhere new by discussing these again at this point.
> I guess the only new input for the IETF last call is this:
>
>> 2) However, some folks came up with proposals to insert EH, on the basis
>> that "RFC2460 does not explicitly ban EH insertion". If there's people
>> arguing that, we clearly need to make this clear in the spec.
>>
>> 3) There was a consensus call, yes. When the call was made on the
>> mailing-list, the vast majority of supporters of "let's keep the
>> ambiguity" were folks from the same company as "2)". I have no idea if
>> this changes (or not) "consensus"... but this is clearly an important
>> datapoint.
> Although I don't want to point a finger at particular people or
> organizations without an evidence, I guess not a small number of 6man
> participants (not only those who explicitly spoke up here) suspected
> that the decision process was biased with the influence of a large and
> powerful organization and the process and resulting "consensus" was
> not really a fair one.  And I'm not an exception to it - in fact, it
> was so unbelievable to me that we can't clarify an ambiguity even when
> we were also open for future extensions, that I couldn't think of
> other reasons than a company agenda.
>
> Of course, it's quite possible that it was just a coincidence that
> many people with the same organization genuinely thought we should
> leave it ambiguous while many others strongly thought we should
> clarify it but few (if not no) people from that organization supported
> the clarification.  But I don't think we can prove it either way.
>
> But as Fernando said, I believe this point (and that several, and
> arguably more, participants suspected it) should be included in making
> the decision at the IESG and at the IETF last call.  And, whatever the
> decision, it would be more productive to move on after that and use
> our time for some other things.
>
> I am guessing that the people who spoke up during the WG process to not put in an outright prohibition would make their case along with their arguments here as well. We are only a week into a four week long last call.
>
> Thanks
> Suresh
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org<mailto:ipv6@ietf.org>
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org<mailto:ipv6@ietf.org>
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------