Re: SRH insertion vs SRH insertion + encapsulation
Mark Smith <markzzzsmith@gmail.com> Sun, 08 September 2019 04:10 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B36E01201E4; Sat, 7 Sep 2019 21:10:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.498
X-Spam-Level:
X-Spam-Status: No, score=-0.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9hoLxH0lrc1q; Sat, 7 Sep 2019 21:10:09 -0700 (PDT)
Received: from mail-oi1-x22c.google.com (mail-oi1-x22c.google.com [IPv6:2607:f8b0:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA26D120121; Sat, 7 Sep 2019 21:10:09 -0700 (PDT)
Received: by mail-oi1-x22c.google.com with SMTP id k20so8109497oih.3; Sat, 07 Sep 2019 21:10:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KrH+wNZTEt6G+5CiZnfZ7xzp8/VXdgEqweibVwkZfNM=; b=RC4gKP5TZLDY38YGvAWdgnbWoLAL4edAO4bbMza45fBJrZhFvz5z5kG24LI2zDJNvU 26YXcB17qZvqeJd4yvw4Fw6ETFLTvkmuT0tks7ZvngWap6Cm9Aa48Jh4TPUxaF37hEE4 DSSBj5/zvDhdNjjERTQVPrmK53Th63Qn4alL19fc68DDbhf8E5XyRTC8EnfSiF3uOXvY uzzF+fR/I2XTtnzhuObfZDfKSLFyPjbbs01YCowP90LRRqFErnhNuw7iJn6XGVwjLRKg vN8JlobYtd8wMNkrbaGBT6Kd6d8IZ71iJ09ht7AW9m6KIV6iMQBTVnPxtckI5sILsTr8 jTLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KrH+wNZTEt6G+5CiZnfZ7xzp8/VXdgEqweibVwkZfNM=; b=kp8jB/ggeq7JdwOER7nE9G7OwVR6Xu9VGmTvOq5OTA4XBGrVR1xNkhlvnxOG8Ke+zX ppRryNErtSUvNUBIfZzmOa2q3Ctxe0HxgtLNuWN/3KsA7R6hCAAc5TaIGU9MJvlFAkuo Y4MDYGGbe1WThxDxAh+k2ngenD03h8/zxE+2jfr/PIp51A6zMhwJoexO/UCrrgre+TlD CPt0OFsCkTL0Jxhttj5suKsE7peFGmMo5dax0Le0mrJcTikRSKpx+ZGhHoq/alCE5Caf bCqMFDLhEaWh+dR0fbZ1ewLkyJbkdhNdDdTdFuyR463oBlC5DMlfzcHmqrVzkQwW8kMq uLAQ==
X-Gm-Message-State: APjAAAVqI36FHcmki3J2Wx7yd/ghQvwkrPpTPkD3hPMWOPi3VpYXQMlM +1B7KeTj2Rk+LIzpdtmIR+30cYCbDHTMoaGxixA=
X-Google-Smtp-Source: APXvYqwz50meQn4vQ1LKYX9+hwlhTjHttQZ7o9epsZgmlYaXaABgZJi2I6GOGxRdxdFrb2x8v1/j+g2/H9aJykoSMHU=
X-Received: by 2002:aca:c088:: with SMTP id q130mr12930509oif.54.1567915809152; Sat, 07 Sep 2019 21:10:09 -0700 (PDT)
MIME-Version: 1.0
References: <BYAPR05MB5463306B3328F460C2417764AEB50@BYAPR05MB5463.namprd05.prod.outlook.com> <32ED6621-3D17-4EC8-AC11-AFE64F05E6A9@employees.org>
In-Reply-To: <32ED6621-3D17-4EC8-AC11-AFE64F05E6A9@employees.org>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Sun, 08 Sep 2019 14:09:57 +1000
Message-ID: <CAO42Z2ynig8-1S6o3JLj0bjHK9f5k+ia+5bf2kGWMhAgt3H9wQ@mail.gmail.com>
Subject: Re: SRH insertion vs SRH insertion + encapsulation
To: Ole Troan <otroan@employees.org>
Cc: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, Robert Raszuk <robert@raszuk.net>, draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d7a4c7059202d83c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/4IuIkk0R6K8dMLcbkqTLlvP5Gow>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Sep 2019 04:10:12 -0000
On Sun, 8 Sep 2019, 12:32 Ole Troan, <otroan@employees.org> wrote: > Ron, > > IMHO, EH insertion modifies the semantics of the IPv6 source address. > Today, the IPv6 source address indicates the source of an IP packet and * > *ALL** of its contents. If transit routers are allowed to insert > extension headers, downstream routers can no longer identify the source of > a packet and all of its contents. > > > > Granted, in some cases, transit routers are allowed to modify a packet > (e.g., Hop Count, DHCP, mutable options). But there is a big difference > between changing a field whose value is know to me mutable and inserting a > new option. > > > 6296? > I don't agree with RFC 6296 and NAT in general because of the operational problems it causes and has caused me.* The caveat with RFC 6296 is that it is Experimental, not Standards Track. I don't think people should use it, however with that RFC they will hopefully consistently do something they shouldn't do. In comparison to anonymous EH insertion, at least the NPT box overstamps the packet source address in the inside to outside direction, so in one direction it isn't anonymous. If you're troubleshooting from that side there is no ambiguity, because the NPT box will look like the packet's original source host. If you're troubleshooting from the inside, the location of the NPT box is going to known, likely at the network/Internet edge. EH insertion is far worse, because it's entirely anonymous. * "The Trouble With NAT", using a set of operational Network Critical Success Factors as criteria. https://blog.apnic.net/author/mark-smith/ > And I am pointing that out because of what feels like moral righteousness > and hypocrisy to me, not because I think header insertion is a good idea or > even doable. > > Ole >
- SRH insertion vs SRH insertion + encapsulation Robert Raszuk
- Re: SRH insertion vs SRH insertion + encapsulation Fernando Gont
- Re: SRH insertion vs SRH insertion + encapsulation Mark Smith
- Re: SRH insertion vs SRH insertion + encapsulation Robert Raszuk
- Re: SRH insertion vs SRH insertion + encapsulation Robert Raszuk
- Re: SRH insertion vs SRH insertion + encapsulation Nick Hilliard
- Re: SRH insertion vs SRH insertion + encapsulation Robert Raszuk
- Re: SRH insertion vs SRH insertion + encapsulation Mark Smith
- Re: SRH insertion vs SRH insertion + encapsulation Robert Raszuk
- Re: SRH insertion vs SRH insertion + encapsulation Fernando Gont
- RE: SRH insertion vs SRH insertion + encapsulation Ron Bonica
- Re: SRH insertion vs SRH insertion + encapsulation Fernando Gont
- Re: SRH insertion vs SRH insertion + encapsulation Brian E Carpenter
- Re: SRH insertion vs SRH insertion + encapsulation Ole Troan
- Re: SRH insertion vs SRH insertion + encapsulation Brian E Carpenter
- Re: SRH insertion vs SRH insertion + encapsulation Mark Smith
- Re: SRH insertion vs SRH insertion + encapsulation Sander Steffann
- Re: SRH insertion vs SRH insertion + encapsulation Ole Troan
- RE: SRH insertion vs SRH insertion + encapsulation Ron Bonica
- Re: SRH insertion vs SRH insertion + encapsulation Fernando Gont
- Re: SRH insertion vs SRH insertion + encapsulation Fernando Gont
- Re: SRH insertion vs SRH insertion + encapsulation Ole Troan
- Re: SRH insertion vs SRH insertion + encapsulation Robert Raszuk
- RE: SRH insertion vs SRH insertion + encapsulation Ron Bonica
- RE: SRH insertion vs SRH insertion + encapsulation Manfredi (US), Albert E
- Re: SRH insertion vs SRH insertion + encapsulation Ole Troan
- Re: SRH insertion vs SRH insertion + encapsulation Fernando Gont
- Re: SRH insertion vs SRH insertion + encapsulation Fernando Gont
- Re: SRH insertion vs SRH insertion + encapsulation Fernando Gont
- RE: SRH insertion vs SRH insertion + encapsulation Ron Bonica