Re: COntrolled-domains (was Re: Alvaro Retana's Discuss on draft-ietf-6man-rfc2460bis-09: (with DISCUSS and COMMENT))
"Stefano Previdi (sprevidi)" <sprevidi@cisco.com> Tue, 11 April 2017 19:30 UTC
Return-Path: <sprevidi@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59C5312F28E; Tue, 11 Apr 2017 12:30:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4y78SB1rba5X; Tue, 11 Apr 2017 12:30:45 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A842712F4EA; Tue, 11 Apr 2017 12:30:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3564; q=dns/txt; s=iport; t=1491939041; x=1493148641; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=l3Pc8l+l2Xf6NeA+YVOTr9MW2s067WvJEFcat7FYm/I=; b=YUAs9NPKpuAwM+1Frh5OlChK9CLWB8zToiMRuKu3Cg3kRZEwWZscSdBB hvTHdM7Y+E8LTB5r5W3RVOZuG3JuzkCVCC0neVdAfwIN4Q8MY5NqYpHc1 YnKFmNWX/itEvbQ72nZz48bZGR7WVKno8lYLNjOVBXCLMmc1AaVpdIPOa k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AvAgD8Le1Y/49dJa1cGQEBAQEBAQEBAQEBBwEBAQEBg1OBbAeDX4oTkU+IGo0+gg+GJAIag0k/GAECAQEBAQEBAWsohRUBAQEBAgEjEUUFCwIBCA4KAgIfBwICAh8RFRACBA4FiXgDDQipJ4ImhzANgz0BAQEBAQEBAQEBAQEBAQEBAQEBAQEdgQuFRYIFgmuCUYIFF4JvLoIxBZxEOwGOG4RCCoF1hS6KF4sBiH8BHziBBVsVUgGEfoFKdQGIR4ENAQEB
X-IronPort-AV: E=Sophos;i="5.37,186,1488844800"; d="scan'208";a="231720556"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Apr 2017 19:30:40 +0000
Received: from XCH-RTP-006.cisco.com (xch-rtp-006.cisco.com [64.101.220.146]) by rcdn-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id v3BJUetm032637 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 11 Apr 2017 19:30:40 GMT
Received: from xch-rtp-010.cisco.com (64.101.220.150) by XCH-RTP-006.cisco.com (64.101.220.146) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 11 Apr 2017 15:30:39 -0400
Received: from xch-rtp-010.cisco.com ([64.101.220.150]) by XCH-RTP-010.cisco.com ([64.101.220.150]) with mapi id 15.00.1210.000; Tue, 11 Apr 2017 15:30:39 -0400
From: "Stefano Previdi (sprevidi)" <sprevidi@cisco.com>
To: Fernando Gont <fgont@si6networks.com>
CC: Brian E Carpenter <brian.e.carpenter@gmail.com>, "draft-ietf-6man-rfc2460bis@ietf.org" <draft-ietf-6man-rfc2460bis@ietf.org>, 6man WG <ipv6@ietf.org>, Suresh Krishnan <suresh.krishnan@ericsson.com>, The IESG <iesg@ietf.org>, "6man-chairs@ietf.org" <6man-chairs@ietf.org>
Subject: Re: COntrolled-domains (was Re: Alvaro Retana's Discuss on draft-ietf-6man-rfc2460bis-09: (with DISCUSS and COMMENT))
Thread-Topic: COntrolled-domains (was Re: Alvaro Retana's Discuss on draft-ietf-6man-rfc2460bis-09: (with DISCUSS and COMMENT))
Thread-Index: AQHSstk8UKTsYk5j+0KPn9Wc4Vlca6HA0ZIA
Date: Tue, 11 Apr 2017 19:30:39 +0000
Message-ID: <EE2A2303-724A-4AAF-B7B7-8711003E22EA@cisco.com>
References: <149159039616.11195.17680235063548847108.idtracker@ietfa.amsl.com> <95820C53-D993-490D-9CE6-0BF5CC169CE9@ericsson.com> <3BD2F772-D731-4A63-8090-B8B820FE10AE@jisc.ac.uk> <E4DBEB77-E608-4C06-B4EF-32D0114EEC24@cisco.com> <51BC7360-A314-4A06-B160-0C3F21FB0B17@jisc.ac.uk> <808fb664-7f48-ae20-2405-9f875c03d605@gmail.com> <A480258F-FCDD-4340-A9DF-A0A58AED86EE@cisco.com> <935698ca-d56d-adf8-c3d9-c8ea9fa07989@gmail.com> <dabad278-fc6c-b483-2bac-0565e5f3ee06@si6networks.com>
In-Reply-To: <dabad278-fc6c-b483-2bac-0565e5f3ee06@si6networks.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.61.161.35]
Content-Type: text/plain; charset="utf-8"
Content-ID: <F9715E96F729A345BF34E3F28CB6968B@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/43gpV74KxzKTNrEBHJ3ii9ieUjk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2017 19:30:46 -0000
> On Apr 11, 2017, at 5:33 PM, Fernando Gont <fgont@si6networks.com> wrote: > > On 04/11/2017 02:39 PM, Brian E Carpenter wrote: >> On 11/04/2017 19:11, Stefano Previdi (sprevidi) wrote: >>> >>>> On Apr 10, 2017, at 10:24 PM, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: >>>> >>>> Excuse front posting, but the interleaving is getting a bit distracting in itself. >>>> >>>> My considered opinion is that pretending to forbid "examine" is just laughable, >>>> since we know that middleboxes make it their job to examine packet headers. >>>> So it's pointless to state it; take it out (but leave in the reference to 7045). >>>> >>>> The word "process" is too vague - and has been too vague since RFC 1883. >>>> So take that out too. (Clearly, a middlebox that can examine a header >>>> can process it - but so what? That doesn't affect the contents of the >>>> packet.) >>>> >>>> What we can meaningfully prohibit in the context of Internet-wide interop >>>> is "insert, modify or delete”. >>> >>> >>> we don’t have a definition of “internet-wide” and we may well end up in another loop tying to agree what it means. >>> >>> The simplest approach is to add an exception which consists of a controlled/closed domain (for which we do have a definition). >> >> Unfortunately, we don't, as I discovered when I proposed such an >> approach to allow local use of the IPv6 Flow Label. "Internet-wide" >> on the other hand seems completely clear to me. Any node to any node. > > My understanding is that the "controlled domains" that R people talk > about is a different thing: they talk about controlled domains regarding > who inserts/removes EHs, rather than src/dst addresses of th packets. > > If packets still have internet-wide srd/dst addresses, then packets > require internet-wide interoperability. as described in draft-voyer-6man-extension-header-insertion, the controlled domain is the domain where the packet is sourced _and_ (please, note the “and”) destined. IOW, both SA and DA belong to the domain under the same control and within that domain all boxes that the packet will traverse are also under the same control. draft-voyer-6man-extension-header-insertion also gives a couple of examples. s. > > P.S.: This is a side comment -- as noted before, I'm against > "applicability statements" on rfc2460 for a bunch of reasons. > > Thanks, > -- > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > >
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Fernando Gont
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Brian E Carpenter
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Fernando Gont
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Stefano Previdi (sprevidi)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Brian E Carpenter
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Tim Chown
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Suresh Krishnan
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Alvaro Retana (aretana)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Stefano Previdi (sprevidi)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Alvaro Retana (aretana)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Tim Chown
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Fernando Gont
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Brian E Carpenter
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Stefano Previdi (sprevidi)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Brian E Carpenter
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Mark Smith
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Stefano Salsano
- COntrolled-domains (was Re: Alvaro Retana's Discu… Fernando Gont
- Re: COntrolled-domains (was Re: Alvaro Retana's D… Stefano Previdi (sprevidi)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… otroan
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… otroan
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Alvaro Retana (aretana)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Mark Smith
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Stefano Previdi (sprevidi)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Brian E Carpenter
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Alvaro Retana (aretana)
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Bob Hinden
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Brian E Carpenter
- Re: Alvaro Retana's Discuss on draft-ietf-6man-rf… Bob Hinden
- Alvaro Retana's Discuss on draft-ietf-6man-rfc246… Alvaro Retana