IETF Logo Mail Archive

Re: [IPv6] sendmsg() for HBH ? Re: Removing extension headers from packets (revisited)

"Shihang(Vincent)" <shihang9@huawei.com> Mon, 21 August 2023 07:55 UTC

Return-Path: <shihang9@huawei.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0BF9C14F736 for <ipv6@ietfa.amsl.com>; Mon, 21 Aug 2023 00:55:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.904
X-Spam-Level:
X-Spam-Status: No, score=-6.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m2e2Z-mNFaP8 for <ipv6@ietfa.amsl.com>; Mon, 21 Aug 2023 00:55:09 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3104C151079 for <6man@ietf.org>; Mon, 21 Aug 2023 00:55:08 -0700 (PDT)
Received: from lhrpeml100003.china.huawei.com (unknown [172.18.147.226]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4RTl5g1BnNz6J6pB; Mon, 21 Aug 2023 15:50:47 +0800 (CST)
Received: from kwepemi100022.china.huawei.com (7.221.188.126) by lhrpeml100003.china.huawei.com (7.191.160.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Mon, 21 Aug 2023 08:55:05 +0100
Received: from kwepemi500020.china.huawei.com (7.221.188.8) by kwepemi100022.china.huawei.com (7.221.188.126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Mon, 21 Aug 2023 15:55:03 +0800
Received: from kwepemi500020.china.huawei.com ([7.221.188.8]) by kwepemi500020.china.huawei.com ([7.221.188.8]) with mapi id 15.01.2507.031; Mon, 21 Aug 2023 15:55:03 +0800
From: "Shihang(Vincent)" <shihang9@huawei.com>
To: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org>, Toerless Eckert <tte@cs.fau.de>
CC: 6MAN <6man@ietf.org>
Thread-Topic: [IPv6] sendmsg() for HBH ? Re: Removing extension headers from packets (revisited)
Thread-Index: AQHZ0aebiLxPqljj/0OphdDuTU5cg6/vkyYAgATPOLA=
Date: Mon, 21 Aug 2023 07:55:03 +0000
Message-ID: <bb6b247e51574a66acb46dc5013a3856@huawei.com>
References: <CALx6S36gQBgNAp-Poq3pRupGWUh0iA8M546=S=vUp5cQK_82TQ@mail.gmail.com> <ZN8g05pO83NdLN90@faui48e.informatik.uni-erlangen.de> <CALx6S35RS4uKvaQ9G5R5BdffWKsmdUxR3KuwYqf8xtAKuTtqbw@mail.gmail.com>
In-Reply-To: <CALx6S35RS4uKvaQ9G5R5BdffWKsmdUxR3KuwYqf8xtAKuTtqbw@mail.gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.112.41.128]
Content-Type: multipart/alternative; boundary="_000_bb6b247e51574a66acb46dc5013a3856huaweicom_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/7tuvpLTH1oCON8vclqwISWGN9FA>
Subject: Re: [IPv6] sendmsg() for HBH ? Re: Removing extension headers from packets (revisited)
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Aug 2023 07:55:12 -0000

Hi Tom,
I wonder if the sendmsg() can set the EH header on a per-packet basis, with different extension headers for each packet? My understanding is that it is doable for UDP since the packetization is done at user space.  The ancillary data can be associated to each datagram. But I am not sure about TCP because the packetization is done by the kernel.

Thanks,
Hang

From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of Tom Herbert
Sent: Friday, August 18, 2023 10:14 PM
To: Toerless Eckert <tte@cs.fau.de>
Cc: 6MAN <6man@ietf.org>
Subject: Re: [IPv6] sendmsg() for HBH ? Re: Removing extension headers from packets (revisited)


On Fri, Aug 18, 2023, 12:42 AM Toerless Eckert <tte@cs.fau.de<mailto:tte@cs.fau.de>> wrote:
Btw:

Does anybody here know, what the current state of affairs is re.
OS-level unprivileged host applications using UDP or TCP (OS) sockets to be able
to insert HBH headers vis sendmsg() (particles) ?

I think to remember that a couple of years back, when i know some
folks looked last, not all the OSs (linux, android, windows, iOS/macos)
did support insertion of extension headers via sendmsg() for
UDP or TCP socket - unless the process had admin privileges.

Hi Toerless,

Yes, admin privileges are need to set EH in Linux. I have patches to fix that and am planning to push them at some point.


Not too difficult to fix IMHO, but if this problem still exists,
then i think it would help quite a bit if there was an IETF RFC
that clearly stated that HBH headers are meant to be something that
MUST be allowed for user (non-privileged) applications in support
of application-to-network signaling. Otherwise we may be dragged into
ongoing discussion of fear of risk with OS developers.

And of course, we have to persuade ourselves, that such a statement
would be appropriate - and write such an RFC.

Of course, this discussion is orthogonal to whether or not we want to
remove HBH headers along the path, but i for once think that any effort
to do cool future stuff with HBH is predicated on first agreeing that we want
OS-level unprivileged applications to unsert them. Otherwise we're just
again building some useless corner solution that will never get widely deployed.

Yes, fortunately OS support doesn't require and standards action.

Tom


Cheers
    Toerless

On Mon, Aug 14, 2023 at 01:12:40PM -0700, Tom Herbert wrote:
> Hi 6man,
>
> I know this topic of removing extension headers has been brought up
> before, but I think in light of some emerging use cases it might be
> worth revisiting.
>
> draft-herbert-fast and draft-media-hdr-wireless describe host to
> network signaling. Both of these use Hop-by-Hop extension headers
> (draft-media-hdr-wireless currently specifies using UDP options, but
> could be HBH). A common attribute of these is that the information in
> Hop-by-Hop options is only relevant in the local network of the
> source. More specifically, it might only be relevant to the first hop
> router in a provider network to process the options. After processing
> by that router, the Hop-by-Hop option just along for the ride, no
> other nodes in the path care about it and the end node probably
> doesn't care either.
>
> Segment routing has a similar property. Once the final segment is set
> in the Destination Address, the segment routing header contains no
> useful information to downstream nodes.
>
> In both these cases, as long as the destination is in the same domain
> as the sender, we expect things to work. For EH it's a statement of
> practicality because of perceived drop rates on the Internet, for
> segment routing it's inherent in the design for segment routing
> domains. So this raises the question, what happens if a sender sends
> to a destination out of its local domain and still wants services
> applied to packets while they're in the local domain, or what if
> segment routing is used to route a packet to an egress point in the
> segment routing domain that then traverses the Internet.
>
> Could it be acceptable for routers to remove HBH EH or routing header
> EH when a packet exits a limited domain? I realize this is contrary to
> RFC8200 and might be considered an architectural abomination, but on
> the other hand this might be a practical way to improve the
> deployability of extension headers without any material adverse side
> effects (other than packets being dropped which might happen anyway if
> packets with EH escaped the limited domain).
>
> Comments?
>
> Thanks,
> Tom
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org<mailto:ipv6@ietf.org>
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

--
---
tte@cs.fau.de<mailto:tte@cs.fau.de>

v2.23.0 | Report a Bug | By Email