IETF Logo Mail Archive

Re: [spring] CRH is not needed - Re: How CRH support SFC/Segment Endpoint option?

John Scudder <jgs@juniper.net> Tue, 26 May 2020 21:27 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D7643A084B; Tue, 26 May 2020 14:27:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=CL68a+IE; dkim=pass (1024-bit key) header.d=juniper.net header.b=HAcXE0Oh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id opmSGj5PdG34; Tue, 26 May 2020 14:27:38 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 367F93A0844; Tue, 26 May 2020 14:27:37 -0700 (PDT)
Received: from pps.filterd (m0108161.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04QLD2Kg008869; Tue, 26 May 2020 14:27:36 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=4AhfnK3Xi7Tx0ZYOpLH3649UPkez5N4ssxHFMWhhQJ8=; b=CL68a+IEjI8qbL9mpDUmYSS8BvtFjQEjV+XYdFZQccVbjQ8k/gfqqDT4+q8YNfCASTh/ dt3q0nyQsGEKIzgmViYkCKbaU6luabtDE7HWj9Ksee0Ls7luIG3YXnspu6xtL+2+R94Y FTJqiVP2VJEtw/AMsEIAWtn/pdn7M9pxv5S0hq5sAtJA4AzoYdGPwYaLpQiPArknE2tt YbvKDNAIZs6I3vZGbIbYkUbALqYi04ojAu9lypFUmhq2Ilpa+ekvrwR3JFPnFE1swasT 9AKbKirPEXa/bhTHZRbiBphvjiepIjoijWAHKdPEMWmAY6gE2dQuXSt7c7sR3oXAWKU9 xA==
Received: from nam12-bn8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2174.outbound.protection.outlook.com [104.47.55.174]) by mx0b-00273201.pphosted.com with ESMTP id 3172xyn1bh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 26 May 2020 14:27:36 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RCK84r+KALSeCayLJCHb+H2xhopKgfSXXd0QG/hrF0ZY01iSFf+FQigqRYvL3Ha4qyd12hHwBkjtsee8wRAXamUBDyjpJ04etN1CqeSGDQ4ae0m57WG/Le9ZaBN7WYhrGnIcFC98IAmKjjkVR8vDRhILHfXcce46pcu+Tdtc6aYbtDUCQCNrLzilkDDarapCFxJ8VqUnuuomDHJYp3SZC57+iP5a5q9aJYGzAL2RPPG5YskI/DsCTopouJbnBpuwiNa2MPMeKqr5N1OGJ0ZZz1HpEdumwtel9xG8HxXqKwy36j6vWDZdoaBG21HOtP7EOIK+FAYc0W+vXOYP8iaZAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4AhfnK3Xi7Tx0ZYOpLH3649UPkez5N4ssxHFMWhhQJ8=; b=jEuOe5PhNqg9xCJ0A/I4EuiJgtaEyQ5nlpUiyd+6fn/eBLz2SKwOelSzI4E1POviyu7Q+aZ0HTlD3l6QXdTCCUVnnsc/tRjjFUiqVKg9Ud+k9goL61+YuPxy1elpxY2w/O7c31yCVOXR/xMcd1r2xldQmBcY22PBzTbw6xY0L4zHqTrfjWCQCwhXWnZrtZvTwIMqRX02997Ppv6nmv0pI7kEJnYRXtfkoZvixxb1rdJomqQUFjTP756h/NboJhg+yqjIaj1aLDfG7GJ6xj2n5TMMiGbTdCzvCj+b9rAldwwTQ8hvkHMDcyrxwCWNIig3BpbqUkIqd9ag3N4W8en9CQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4AhfnK3Xi7Tx0ZYOpLH3649UPkez5N4ssxHFMWhhQJ8=; b=HAcXE0Ohi2MIP+O1TBuQ6S6MMI+KxHfI9dIw2kEFbJ58M+GxUdrSfBaUJoJzpuzub39DjhH6NqQOImkTZ4/eyr4QAwvu/qrQAusJD8Iw8AykT0w0/p52IqxUkgeumfUbd6hH77qU+rVSdUxeSzSFJ6EC9nvomY09icxbDQu+pTQ=
Received: from BL0PR05MB5076.namprd05.prod.outlook.com (2603:10b6:208:83::12) by BL0PR05MB4596.namprd05.prod.outlook.com (2603:10b6:208:5f::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3045.7; Tue, 26 May 2020 21:27:32 +0000
Received: from BL0PR05MB5076.namprd05.prod.outlook.com ([fe80::499e:c613:2d2:b09f]) by BL0PR05MB5076.namprd05.prod.outlook.com ([fe80::499e:c613:2d2:b09f%7]) with mapi id 15.20.3045.009; Tue, 26 May 2020 21:27:32 +0000
From: John Scudder <jgs@juniper.net>
To: Robert Raszuk <robert@raszuk.net>
CC: Sander Steffann <sander@steffann.nl>, Ron Bonica <rbonica@juniper.net>, 6man <6man@ietf.org>, "Zafar Ali (zali)" <zali@cisco.com>, "spring@ietf.org" <spring@ietf.org>
Subject: Re: [spring] CRH is not needed - Re: How CRH support SFC/Segment Endpoint option?
Thread-Topic: [spring] CRH is not needed - Re: How CRH support SFC/Segment Endpoint option?
Thread-Index: AQHWM2iKHTGjzhu8xUiU5Ns4LfPFf6i6baWAgAAkhgD//9++gIAAItQA///1HQCAACPkAP//6qoAAASDrID//+B1AIAAI10A///iLgCAAC3qAP//7UUAgAAHZICAAAJfAIAADpMAgAAJJgCAAALrgA==
Date: Tue, 26 May 2020 21:27:32 +0000
Message-ID: <B1E3177B-620B-4087-93A5-86F58D434AE5@juniper.net>
References: <CAOj+MMHRAuT1931reBLe-1UQ5gac4RmCtybk-OXn03atoAjDkA@mail.gmail.com> <5265F3D0-BAB8-41E3-B932-85ED4DEDA468@steffann.nl> <DB768488-AC2B-4B2B-A2FC-F8E07B88356C@juniper.net> <CAOj+MMH-26mc-rSQAOTmNWBBESor66EsnaqUgGyXMCJYyAtE=A@mail.gmail.com>
In-Reply-To: <CAOj+MMH-26mc-rSQAOTmNWBBESor66EsnaqUgGyXMCJYyAtE=A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.80.23.2.2)
authentication-results: raszuk.net; dkim=none (message not signed) header.d=none;raszuk.net; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.241.13]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 7fe97bd3-e4ca-4d6d-babe-08d801bb99ef
x-ms-traffictypediagnostic: BL0PR05MB4596:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BL0PR05MB4596F76E4E81CF39604B3A27AAB00@BL0PR05MB4596.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-forefront-prvs: 041517DFAB
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: +kBCbRWhvsXJ7zwaLZ+gPokO6HF/jDLb2OiIpjEU6bDJFJfl3xT8TKaabFHlQZ/tQ00Ou+RTUPP/72tq/HeIhld6SwVL27vV5W1AJWVzenOeyuvvNHQlwhPSglt0IIgf3OaAnmJPQJvHImqZQ9HVvGllq4QqRPKhaNFg0MIrK1Qz30ThyrQPczY7tMaduulYnwVJjCc41qJ1I4JU+/0p/0KvSsX74TXem4oYIP8eNYuIR+tNMPYHqWhnlrPWicISx+kEkbFKX1eUzvMJkbuyFbMMtYDFxweUdC/XOzHI/SbWDTRupow/+bkH/eeRdMgL
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR05MB5076.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(136003)(346002)(376002)(396003)(366004)(5660300002)(66574014)(4326008)(33656002)(2906002)(71200400001)(53546011)(6506007)(2616005)(4744005)(478600001)(6916009)(6512007)(76116006)(66946007)(64756008)(54906003)(66556008)(66476007)(8676002)(36756003)(86362001)(186003)(26005)(6486002)(316002)(8936002)(66446008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: fhx6cJnHkO1P3S/herG9qlPCd1/YqCeZpVZo/5GG/GthsPQNfOwBqB+6FLZ6QBBet/tyiyBX3MByIqH3nIw2YXH6l7lR+uQixyjG257T1QGZXkjmjIlVCdY7t8JXW7d0d1V/AvoGQNWTqYlyPZl1eJPWs6zZlco3rX2mONG+Q9fpMqmOxawcM6pPQbG22nRA9nx2dWUWI4NfDuDTps7kVHsUPTjdkAOYCRVFRVRsgTUtXjbjQv2V5pzv0wVcE/mryhmpy4pGU9fnx2JMMy6lr5FkJAUV+dUXX7+mW8NW9WyR5veyp/Ag0I25jW/dBuj9kXCye2zIC75DINqVQ/S8Elh3u3AzXkwHPhIpVFS5aiqtHV6bg/58k0dWEyaBdN1KCVgWtKgQ7rJ9IkKm+vKLsgN0tQAICZT3tMc6Apx1JRfoGc6ypRNvPeVysbNh4J8UDdaI703Dxw7ssk69UbsL97QqO1g0Qw7N8ZLuz/AbmnX93wd0zCm9Tv91BnFT1Qqm
Content-Type: multipart/alternative; boundary="_000_B1E3177B620B408793A586F58D434AE5junipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 7fe97bd3-e4ca-4d6d-babe-08d801bb99ef
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 May 2020 21:27:32.4263 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: y+McwhsHGQxdosCROB9wdYwcoJ1S+i/+O9lEXmRegeQP+ig5yxOHnoqledtPpUWk
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR05MB4596
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-05-26_02:2020-05-26, 2020-05-26 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 spamscore=0 impostorscore=0 mlxlogscore=808 suspectscore=0 lowpriorityscore=0 priorityscore=1501 adultscore=0 phishscore=0 bulkscore=0 cotscore=-2147483648 clxscore=1015 mlxscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2005260164
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/9BzgACtm0nPjY6I7WnP5q_oLgRg>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 May 2020 21:27:39 -0000

Robert,

On May 26, 2020, at 5:17 PM, Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>> wrote:

- In what context have we spent so many emails discussing "escaping packets to the Internet" or protecting infrastructure (SID addresses from "entering your network from Internet" ?

The difference is between packets that transit your network en route to their final destination vs. ones that are targeted at your network. The former is what Sander was talking about, they are no threat, the latter potentially are a threat.

—John

v2.23.0 | Report a Bug | By Email