Re: draft-ietf-6man-udpchecksums-02.txt
Marshall Eubanks <marshall.eubanks@gmail.com> Wed, 14 March 2012 14:57 UTC
Return-Path: <marshall.eubanks@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 303B721F87B0 for <ipv6@ietfa.amsl.com>; Wed, 14 Mar 2012 07:57:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.233
X-Spam-Level:
X-Spam-Status: No, score=-103.233 tagged_above=-999 required=5 tests=[AWL=-0.234, BAYES_00=-2.599, J_CHICKENPOX_46=0.6, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q+rlJcktEklg for <ipv6@ietfa.amsl.com>; Wed, 14 Mar 2012 07:57:26 -0700 (PDT)
Received: from mail-lb0-f172.google.com (mail-lb0-f172.google.com [209.85.217.172]) by ietfa.amsl.com (Postfix) with ESMTP id A2D1E21F864C for <6man@ietf.org>; Wed, 14 Mar 2012 07:57:25 -0700 (PDT)
Received: by lbol12 with SMTP id l12so1007815lbo.31 for <6man@ietf.org>; Wed, 14 Mar 2012 07:57:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=9ddrJtMrSrjpXhnrP7TGYVEUVqBfNt1grl5uuLao/x4=; b=LGet0cO0VCy/p+SHN14pud7zA7+H3PMiLfy2eMQE7/YzO2szn9BLf5QuYe8JFVcMDt 2VuLnb2VNGRPhHTtyHhgGmfQjBMFQ0shh89w8TOAKzCViUZv1iZG6qGoBxGbVJpI8k43 bJ8pE9rCuKhFZWjY86pVHQwL0yYvxzxR0+5AMfxiHTh7MuENdMRyTu3giBevT1r6S+sl r6jdMMb8jg6p1rXNqka8H7jjZmF7gw+Z3ewQuLH6eyDKOzNg48geoHH8WCKP5szRSgfO mqkT04SmqjjJcPc9gdvDaQ5gl46/xx3VnGC1l4KNSb5vRrB+rkqCufuOQb2tCZu7f9kP kOxg==
MIME-Version: 1.0
Received: by 10.112.84.233 with SMTP id c9mr1101406lbz.1.1331737044515; Wed, 14 Mar 2012 07:57:24 -0700 (PDT)
Received: by 10.112.115.98 with HTTP; Wed, 14 Mar 2012 07:57:24 -0700 (PDT)
In-Reply-To: <Pine.GSO.4.60.1203140817510.11981@dee.erg.abdn.ac.uk>
References: <4F5F0B41.8070705@erg.abdn.ac.uk> <4F5FB248.6030407@erg.abdn.ac.uk> <CAJNg7VLg7tWvH=MO8N976tJwcYJDsHekN6WDTftm3H7xKBKUuQ@mail.gmail.com> <Pine.GSO.4.60.1203140817510.11981@dee.erg.abdn.ac.uk>
Date: Wed, 14 Mar 2012 10:57:24 -0400
Message-ID: <CAJNg7V+b1gEf1TOtBAgpHVpcHyxNSQW+QWKgQKbJdstRra8rFA@mail.gmail.com>
Subject: Re: draft-ietf-6man-udpchecksums-02.txt
From: Marshall Eubanks <marshall.eubanks@gmail.com>
To: gorry@erg.abdn.ac.uk
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Wed, 14 Mar 2012 08:12:03 -0700
Cc: 6man@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Mar 2012 14:57:27 -0000
Dear Gorry; A few matters in-line. On Wed, Mar 14, 2012 at 4:31 AM, <gorry@erg.abdn.ac.uk> wrote: > > See in-line: > > > On Tue, 13 Mar 2012, Marshall Eubanks wrote: > >> Dear Gorry; >> >> Thanks for the read. >> >> On Tue, Mar 13, 2012 at 4:47 PM, Gorry Fairhurst <gorry@erg.abdn.ac.uk> >> wrote: >>> >>> >>> Marshall & Philip, I've read the new draft, and have a few new comments. >>> Hope these are helpful - happy to discuss if this seems useful. >>> >>> Best wishes, >>> >>> Gorry >>> >>> ---- >>> BOILER PLATE: >>> - Please an Updates line:goprry >>> "Updates RFC2460 (if approved)" >>> >>> ---- >>> Section 3: >>> "there is no additional >>> benefit and indeed some cost to nodes to both compute and check the >>> UDP checksum of the outer (encapsulating) header." >>> >>> - I do not think this sentence is really true, and I think it's >>> important that we do get this right. I suggest there ARE benefits in >>> performing a UDP integrity check for IPv6, see Section 3 of >>> I-D.ietf-6man-udpzero. However, I agree that omitting this check can >>> reduce the forwarding cost for systems that perform the check in >>> software. >> >> >> How about >> >> there is both a benefit and a cost to compute and check the >> UDP checksum of the outer (encapsulating) header. In certain cases, >> where reducing >> the forwarding cost is important, such as for systems that perform the >> check in software, >> the cost may outweigh the benefit; this document describes a means to >> avoid that cost, in >> the case where there is an inner header with a checksum. >> >> > Looks good. > >> >>> ---- >>> Section 3: >>> "to set the checksum field of the >>> outer header only to 0 and skip both the sender and receiver >>> computation." >>> >>> - Could we insert a "UDP transport" between "outer" and "header" above, >>> so there can be no confusion with the network layer headers. >> >> >> OK >> >>> >>> ---- >>> Section 4: >>> "In Section 5.1 of [I-D.ietf-6man-udpzero], the authors propose nine >>> (9) constraints on the usage of a zero checksum for UDP over IPv6. >>> We agree with the restrictions proposed, and in fact proposed some of >>> those restrictions ourselves in the previous version of the current >>> draft. These restrictions are incorporated into the proposed changes >>> below." >>> >>> - This reads rather like a paper. ietf-6man-udpzero is also a working >>> group document, and I would like to think we can find better language. >>> I suggest something like: >>> >>> "Section 5.1 of [I-D.ietf-6man-udpzero], identifies 9 requirements >>> that introduce constraints on the usage of a zero checksum for >>> UDP over IPv6. This document is intended to satisfy these >>> requirements." >>> >> >> This WFM, >> >>> ---- >>> Section 4: >>> "inspection firewall devices or other middleboxes actually checking" >>> - remove "actually"? >> >> >> WFM >> >>> >>> ---- >>> Section 4: >>> "This is would be an issue also for legacy systems >>> which have not implemented the change in the IPv6 specification. So >>> in any case, there may be packet loss of lightweight tunneling >>> packets because of mixed new-rule and old-rule nodes." >>> >>> - Seems like it could be improved. I suggest: >>> "This would be an issue also for any legacy IPv6 system >>> that has not implemented the change to the IPv6 specification. In >>> this case, the system will discard the zero-checksum UDP >>> packets, and should log this as an error." >>> >> >> This is not a prescription, but an observation (i.e. we can't say >> SHOULD log this as an error here). >> > The existing spec says systems should log it as an error. > Yes. My point was just that I didn't want to say >>> packets, and SHOULD log this as an error." as we are not prescribing anything for systems that have not been updated. If they are going to update, they should update to the new standard. > >> How about >> >> "This would be an issue also for any legacy IPv6 system >> that has not implemented the change to the IPv6 specification. In >> this case, the system should discard the zero-checksum UDP How about s/system/system (according to RFC 2460)/ just to make the point clear. >> packets, and log this as an error." >> > OK > >> >>> ---- >>> Section 4: >>> " As an example, we discuss how can errors be detected and " >>> ^^^ >>> - remove "can" >> >> >> ACK >> >>> >>> ---- >>> Section 4: >>> "Note that other (non-tunneling) protocols may have >>> different approaches." >>> - suggest replace add: >>> ", but these are not the topic of this update." >>> >> >> WFM >> >>> ---- >>> Section 4: >>> "The control packets can >>> also contain any negotiation that is necessary to set up the >>> endpoint/adapters to accept UDP packets with a zero checksum." >>> - this needs to be enabled for each flow, so please add: >>> "The control packets may >>> also carry any negotiation that is necessary to set up the >> >> >> how about >> >> s/that is necessary to set up the/required to enable the/ >> >>> endpoint/adapters to identify the set of ports that >>> need to enable reception UDP datagrams with a zero >>> checksum." >>> > Better. > > >>> ---- >>> Section 4: >>> "Only UDP packets containing tunneled packets should have a UDP >>> checksum equal to zero." >>> - Please use keywords. e.g. >>> "A system MUST NOT set the UDP checksum to zero in packets that do >>> not contain tunneled packets." >>> >> >> OK >> >>> ---- >>> Section 4: >>> "We note that >>> these outcomes not equally likely, as most require multiple bit >>> errors with errored bits in separate fields. " >>> - It seems wrong to suggest that single bit inversions are a likely >>> cause of residual errors at the transport layer. I do not think this is >>> the case. I suggest direct replacement of a sequence of bytes is a >>> likely form of corruption. Suggest you omit the second part of the >>> sentence? >> >> >> OK. Note that there is a missing "are" before "not," which I have also >> fixed. >> > Thanks > > >>> >>> ---- >>> Section 4: >>> " If it is some >>> other application, with very high probability, the application >>> will not recognize the contents of the packet." >>> - I disagree - it all comes down to applications design. The detection >>> is only if the app is defined this way, since the transport does not >>> know, etc. RFC 5405 provides recommended best current practice for >>> applications in general. >> >> >> Do you have alternate text ? How about s/will not/may not/ ? >> > Applications are recommended to verfiy the context of the packets they > receive using UDP, as described in RFC 5405. Applications that verify the > context of a datagram are expected to have a high probability of discarding > corrupted data. [I-D.ietf-6man-udpzero] presents examples of cases where > corruption can inadvertantly impact application state. > > WFM > >>> >>> ---- >>> Section 4: >>> - I think the wording of this section needs to be tightened.It would be >>> good to see more of a focus on what needs to be implemented, rather than >>> discussing the guidance provided in the other working group document. >>> >>> If the guidance itself needs to be updated, then it would be good to >>> explore this - We'd be happy to update the text and guidance if there is >>> something more that should be said. >>> >>> ---- >>> Section 5: >>> " outer encapsulating packet of a lightweight tunneling protocol." >>> - is it intentional to permit this only for *lightweight* tunneling >>> protocols? - The initial request was for *any* tunneling protocol that >>> meets the requirements. >> >> >> s/lightweight // >> >> I am not sure why we say "lightweight tunneling protocols" - I think >> that is a legacy from previous discussions. I don't think that there >> is a definition of what "lightweight" means , and propose changing >> most occurrences of it to simple "tunneling protocols." >> > Seems good. > >>> >>> ---- >>> Section 5: >>> "UDP >>> endpoints that implement this solution MUST change their behavior and >>> not discard UDP packets received with a 0 checksum on the outer >>> packet of tunneling protocols." >>> - I think we really should add a few words about being enabled only for >>> the set of ports that are supported by system for use by tunneling >>> protocol(s). >>> >> >> OK >> >>> ---- >>> >>> Section 5: >>> "its behavior should be as specified originally." >>> - replace "should be as specified originally", by "is not updated and >>> uses the method specified in RFC2460". >>> >> >> OK >> >>> ---- >>> Section 6: >>> " The persistence of this issue among a significant number of >>> protocols being developed in the IETF requires a definitive policy." >>> - Is this a recommendation for more work, or a statement of the >>> motivation for this document. I was not sure. >> >> >> The latter. I will adjust the text to make that clear. >> >>> >>> ---- >>> Section 6: >>> - I think it could be useful to include the points in section 6 possibly >>> also as a part of ietf-6man-udpzero. What do you think? >>> >> >> OK by me. >> >>> >>> ---- >>> I'd suggest we add a normative citation to RFC 5405, stating that this >>> provides the IETF guidance on the design of applications using UDP and >>> includes guidelines on the usage of checksums by application designers. >>> >>> - Possibly best placed in the introduction, indicating that this >>> document adds to this for the case of tunneling applications. >> >> >> OK. I will reference section 3.4 >> >> Thanks again ! >> >> Regards >> Marshall >> >>> >>> ---- >>> >>> >>> -- >>> Prof Gorry Fairhurst, School of Engineering, University of Aberdeen. >>> The University of Aberdeen is a charity registered in Scotland, >>> No SC013683. >>> -------------------------------------------------------------------- >>> IETF IPv6 working group mailing list >>> ipv6@ietf.org >>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >>> -------------------------------------------------------------------- >> >> > > Looks like we agree on all the important points, which may be a sign that it > is worth polishing the text and asking for WG accepatnce? > That was my intention. I can get a revision out early in IETF week. Thanks again. Regards Marshall > Gorry
- draft-ietf-6man-udpchecksums-02.txt Gorry Fairhurst
- Re: draft-ietf-6man-udpchecksums-02.txt Marshall Eubanks
- Re: draft-ietf-6man-udpchecksums-02.txt gorry
- Re: draft-ietf-6man-udpchecksums-02.txt Marshall Eubanks
- Re: draft-ietf-6man-udpchecksums-02.txt gorry
- List name? [Re: draft-ietf-6man-udpchecksums-02.t… Brian E Carpenter
- Re: List name? [Re: draft-ietf-6man-udpchecksums-… Brian Haberman