[IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf-6man-icmpv6-reflection-12: (with DISCUSS and COMMENT)
Tal Mizrahi <tal.mizrahi.phd@gmail.com> Thu, 04 December 2025 10:44 UTC
Return-Path: <tal.mizrahi.phd@gmail.com>
X-Original-To: ipv6@mail2.ietf.org
Delivered-To: ipv6@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 8CF10953D619 for <ipv6@mail2.ietf.org>; Thu, 4 Dec 2025 02:44:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.099
X-Spam-Level:
X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d-puw5sdhPhu for <ipv6@mail2.ietf.org>; Thu, 4 Dec 2025 02:44:07 -0800 (PST)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 013F9953D610 for <ipv6@ietf.org>; Thu, 4 Dec 2025 02:44:06 -0800 (PST)
Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-b735ce67d1dso98169666b.3 for <ipv6@ietf.org>; Thu, 04 Dec 2025 02:44:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1764845046; x=1765449846; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=lRIcAAspW1tz2yALvHEapmnoFc5+H/U+7hKYzl+9eYQ=; b=PKflDUugAqdLEOM/luDUJ1M9VPNkwkR1mvQp4s35wRZPD6qRsC0eDrfA0cl9Qy60mT 7lfuqqXL1fzuWMAPN/mIzB00fkrNI7FsGremrTCre0Px9D/aKuFBaS2bkiUqpWywHWK/ x/3dibVbAw/fOSq0lGtnfLrxVSiFeCmsrVSUwIoimiOxliAT/aXtBAxtahq672I+YWbW TyVDnolTmdLazmSSXaOgP8RDxngtpcBNqhpDC1dROLVRWL/2UJlfrw2mFEHW19uDnSZl Cb7jjEFIds6ukyzWX1QtwwVpNJMoQDuCV/ximS5yiPnYDUhhGCZAHokNxK3+LiwPObKg WQMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764845046; x=1765449846; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=lRIcAAspW1tz2yALvHEapmnoFc5+H/U+7hKYzl+9eYQ=; b=bkSuW+uV7ZRYreJ51w5Ex5JF8aMF8tq03ijGTCDJL8MnLFIrlgO8XnjPOUiUav/zzQ AnGTLO+sjDO1/XX3F9xNTzgOv1sMYxlS57jRDhAMcK0gEGR/CFuYxw4JM0bZcj8HqtxM b+eWVnvKkh1Meo4znIwA+FR+lJ1WwdW64MAv6hEdWfFF1q7x9SlsH5p+vZCUFtmME88L AnWdUdgRbLkMeQtuf9/6TaZ6ZUancZ7PW+L2WfRqFifLbaHKTndOrcWEeS5zf40qWs+T WZIX/Px7tA8KQQcwkLDYnJl1lBZ5D6ljTxsne+aFIo5JDsu8+m1DhbpcD3eCYpqyMVj8 ePnQ==
X-Forwarded-Encrypted: i=1; AJvYcCWDOiX1akhhGgXv5f7WZZ7tlQeU8J+T6Sggd4czWGisXtgEqm/pADFvD1wa7IpK/x2f88RU@ietf.org
X-Gm-Message-State: AOJu0Yxa/3by89jHJdodHQaqP/y0eJt91G6u6RzjczMc94i2R8BPQnVM gppWxooOBbqOHMF6Gv0+PO77HlGQZm5buZ08QaAjN4TY+sPxc4kU2B8fAucXAeaCux9J+R+Wjic FweOkGtvKMqJ/FLyetO2jQJRGRYSIiEQ=
X-Gm-Gg: ASbGnctREPAS0ik3e47e2RIsoIWjEjOi8NxfJeWF0X3cFoth3x43L0tur4TxsdsKjE3 Pso6rj31YAUG332GYZxIYKqiV+eUbA4lu1pQLeFKR819QKUp9eCpQWtKGiMVgeBCG5SJhdF7ThP vty8Lq9z6pAY1o176OLybi0b048vfszO5yfyM6L+R5It+mJjKmz0CtmMTMpOrRINftfW+BCsTUb 2W1cYe1wkqa0NPbbkm9OjNv5AFlPdgOKAQHAUXxD1/DMxkDnJGrmYacyvCmCc79aL3WQNFltW1t Oq0klPr2pqL8cHUMHYJojm5Rv97CPQ==
X-Google-Smtp-Source: AGHT+IE1C3nToLbmP8RbRxkOSgix0GZU8p/SL0vhFng4077Jt8co7UcO03l7+hYHCgCSLpnJTr5AYyjiUkjpax2ppz8=
X-Received: by 2002:a17:907:3e14:b0:b73:6bd8:ebde with SMTP id a640c23a62f3a-b79ec70783bmr268770966b.53.1764845045679; Thu, 04 Dec 2025 02:44:05 -0800 (PST)
MIME-Version: 1.0
References: <176337540917.746218.10256767027957503254@dt-datatracker-5bd94c585b-wk4l4> <DM4PR84MB23107217C6B1FB7540D01974F4D7A@DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM> <CABUE3X=1TjckNEx9XY7EQJRLQD18g0Fp6tDhQ63aLuthtnTm5Q@mail.gmail.com> <1f398574-40ba-454b-822a-fc1718d7a8ac@erg.abdn.ac.uk>
In-Reply-To: <1f398574-40ba-454b-822a-fc1718d7a8ac@erg.abdn.ac.uk>
From: Tal Mizrahi <tal.mizrahi.phd@gmail.com>
Date: Thu, 04 Dec 2025 12:43:54 +0200
X-Gm-Features: AWmQ_bkg6Br7UUd_eEKTjuRNp0JTqamSFjrkzTxQGfNud8ZpKCeixFZ0Dk-P4VE
Message-ID: <CABUE3XmsaQ_Aek6iSCRBxUNVXxN79MNt1x6Q6ZEUFbQx6ecsBg@mail.gmail.com>
To: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: JKMOU62IQGPTXVXQ7TXAWYQC4UBMXSR7
X-Message-ID-Hash: JKMOU62IQGPTXVXQ7TXAWYQC4UBMXSR7
X-MailFrom: tal.mizrahi.phd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ipv6.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "6man-chairs@ietf.org" <6man-chairs@ietf.org>, "draft-ietf-6man-icmpv6-reflection@ietf.org" <draft-ietf-6man-icmpv6-reflection@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf-6man-icmpv6-reflection-12: (with DISCUSS and COMMENT)
List-Id: "IPv6 Maintenance Working Group (6man)" <ipv6.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/A66lTAdcGaehLil22CVy958-YnM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Owner: <mailto:ipv6-owner@ietf.org>
List-Post: <mailto:ipv6@ietf.org>
List-Subscribe: <mailto:ipv6-join@ietf.org>
List-Unsubscribe: <mailto:ipv6-leave@ietf.org>
Hi Gorry,
Thanks for the quick response.
Please see inline, marked [TM]
On Thu, Dec 4, 2025 at 11:40 AM Gorry Fairhurst <gorry@erg.abdn.ac.uk> wrote:
>
> On 04/12/2025 06:09, Tal Mizrahi wrote:
>
> Hi Gorry,
>
> Regarding the 3 DISCUSS points that you raised, we would like to
> confirm that you would be fine with the following:
>
> DISCUSS point 1: Rate limiting issue - as Ron suggested, we can
> rephrase the text to explain that rate limiting is as defined in
> RFC4443 and rfc8335bis. Please let us know if such an update addresses
> your concern.
>
> Thanks for contacting me.
>
> The current text reads:
>
> "
>
> As specified in [I-D.ietf-intarea-rfc8335bis], in order to protect
> local resources, implementations SHOULD rate-limit incoming ICMP
> Extended Echo Request messages. "
>
> Given the importance of this, I was hoping the document would explicitly refer to the text in RFC4443, for example this text:
>
> In order to limit the bandwidth and forwarding costs incurred by originating ICMPv6 error messages, Section 2.4 of RFC 4443 requires that "an IPv6 node MUST limit the rate of ICMPv6 error messages it originates.
[TM] Since the current document does not use ICMPv6 error messages, I
would prefer not to explicitly mention error messages to avoid
confusion. Would the following text update work?
OLD:
As specified in [I-D.ietf-intarea-rfc8335bis], in order to protect
local resources, implementations SHOULD rate-limit incoming ICMP
Extended Echo Request messages. "
NEW:
In order to limit the bandwidth and forwarding costs incurred by
processing and/or originating ICMPv6 messages, rate-limiting
mechanisms are employed in accordance with the requirements defined in
[I-D.ietf-intarea-rfc8335bis] and [RFC 4443].
>
> (This text could further refer to section 2.4 for more detail if you so wish.)
>
> Although, off-topic I plan to also note this as a comment to I-D.ietf-intarea-rfc8335bis.
>
> DISCUSS points 2,3: please let us know if Ron's clarifications below
> make sense to you.
>
> Point 2: What is the value of the Hop Limit field in the returned packet header? - Please could the document explain whether the value would be decremented during the receiver packet processing at the probed node, or was it the value as received?
>
> This is clear, thank you for pointing me to this text:
>
> "
>
> The reply message includes a copy of the request message, starting
> from its IPv6 header, as it was when it arrived at the probed node."
>
> Point 3: Are the received Extension Headers included in the returned packet header when receiving this message type: i.e., - is the EH Chain present in the returned packet header?
>
> (I was asking if it reflected copy of the packet included these headers, i.e., the copied packet is BEFORE it processed on reception). I now do understand.
>
> For me, it would be really helpful to add a sentence with a clarifying example that avoids people asking this "obvious" question as they read the text, e.g., "This copied message includes the IPV6 header (that has the node's address and the received value of the Hop Limit) and the extension header chain".
[TM] Does the following update make sense?
OLD:
...the reply includes the reflected request message starting from the IPv6
header and up to and including the ICMP Extension Header, as shown in
Figure 1.
NEW:
...the reply includes the reflected request message starting from the IPv6
header and up to and including the ICMP Extension Header, as shown in
Figure 1. This reflected message includes the IPv6 header as received
by the probed node, including, for example, the received value of the
Hop Limit and the received IPv6 extension headers.
Thanks,
Tal.
>
> Thanks,
> Tal.
>
> Thanks for also addressing my additional comments, I look forrward to finalising this,
>
> Best wishes,
>
> Gorry
>
> On Wed, Nov 19, 2025 at 5:33 PM Bonica, Ron <ronald.bonica@hpe.com> wrote:
>
> Gorry,
>
> Thanks for the review. Comments inline....... RB>
>
> Ron
>
>
> ________________________________
> From: Gorry Fairhurst via Datatracker <noreply@ietf.org>
> Sent: Monday, November 17, 2025 5:30 AM
> To: The IESG <iesg@ietf.org>
> Cc: 6man-chairs@ietf.org <6man-chairs@ietf.org>; draft-ietf-6man-icmpv6-reflection@ietf.org <draft-ietf-6man-icmpv6-reflection@ietf.org>; furry13@gmail.com <furry13@gmail.com>; ipv6@ietf.org <ipv6@ietf.org>
> Subject: Gorry Fairhurst's Discuss on draft-ietf-6man-icmpv6-reflection-12: (with DISCUSS and COMMENT)
>
> Gorry Fairhurst has entered the following ballot position for
> draft-ietf-6man-icmpv6-reflection-12: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://urldefense.com/v3/__https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/__;!!NEt6yMaO-gk!GICYLiQ3amnoXQ0ZDsy3iLlE-5Z-R-g0zSTQjpS6V0eAnXsbawGeOTocyAnelLfORwI7iUQpoNlFIKs$
> for more information about how to handle DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-6man-icmpv6-reflection/__;!!NEt6yMaO-gk!GICYLiQ3amnoXQ0ZDsy3iLlE-5Z-R-g0zSTQjpS6V0eAnXsbawGeOTocyAnelLfORwI7iUQpzLhS-iw$
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> Thank you for the work that has been put into this document.This new variant of
> ICMP looks like it could have application to transport layer measurements of
> path traversal, and debugging network problems.
>
> Please find below some blocking DISCUSS points (that may be trivial to address):
>
> As noted in
> https://urldefense.com/v3/__https://datatracker.ietf.org/doc/statement-iesg-handling-ballot-positions-20220121/__;!!NEt6yMaO-gk!GICYLiQ3amnoXQ0ZDsy3iLlE-5Z-R-g0zSTQjpS6V0eAnXsbawGeOTocyAnelLfORwI7iUQpaRUXr08$ ,
> a DISCUSS ballot is a request to have a discussion on the points below; I
> really think that the document would be improved with a change here, but can be
> convinced otherwise.
>
> (1) This “document asserts “SHOULD rate-limit incoming ICMP Extended Echo
> Request messages“, whereas RFC 4443 requires “an IPv6 node MUST limit the rate
> of ICMPv6 error messages it originates”, albeit the RFC follows with some
> discussion of how to achieve that required rate limiting.
>
> RB> We would be happy to remove that sentence and replace it with the following:
>
> RB> This document complies with all RFC 4443 and [I-D.ietf-intarea-rfc8335bis] requirements. Network operators should do likewise as they deploy the features described in this document.
>
>
> (2) What is the value of the Hop Limit field in the returned packet header? -
> Please could the document explain whether the value would be decremented during
> the receiver packet processing at the probed node, or was it the value as
> received?
>
> RB> The document is clear on this point. See the following text in Section 1:
>
> "The reply message includes a copy of the request message, starting
> from its IPv6 header, as it was when it arrived at the probed node."
>
>
> (3) Are the received Extension Headers included in the returned packet header
> when receiving this message type: i.e., - is the EH Chain present in the
> returned packet header?
>
> RB> First, let me make sure that I understand your question. Are you asking if the IPv6 header that carries the ICMP Extended Echo Reply will have extension headers?
>
> If so, the answer to that question is a matter of local policy and is beyond the scope of this document. This document's scope is limited to the contents of the ICMP Extended Echo Request and Reply messages.
>
> Local policy determines which extension headers are attached to every IPv6 message that the probed node sends. The same local policy applies to ICMP Extended Echo Response messages.
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> These are non-blocking comments:
> * Please change the reference to RFC 3022, to minstead ention NAT66 rather than
> the IPv4 NAPT RFC [RFC 3022].
>
> RB> Ketan recommends that we remove the entire sentence. So the reference is also removed
>
> * Please say more about how to use the response received: The packet carrying
> the message (or the message itself) could be modified in transit - despite the
> “MUST NOT” modify requirement, because this is required, but not enforceable,
> and therefore the interpretation of the response ought to consider this. Please
> also read and consider the TSV-ART review by Kyle Rose on manipulation in the
> network:
> https://urldefense.com/v3/__https://datatracker.ietf.org/doc/review-ietf-6man-icmpv6-reflection-11-tsvart-lc-rose-2025-10-15/__;!!NEt6yMaO-gk!GICYLiQ3amnoXQ0ZDsy3iLlE-5Z-R-g0zSTQjpS6V0eAnXsbawGeOTocyAnelLfORwI7iUQpVEfDq2A$
> * I think in describing the expected usage, it would be very helpful to mention
> the use of IPv6 NAT64, and note that NAT64 the response expected from a probed
> destinationnode that is actually an IPv4 host.
>
> RB> Might it be helpful to add the following guidance: Middle-boxes MAY discard, but SHOULD NOT modify the ICMP Extended Echo Request / Response packets.
>
>
- [IPv6]Gorry Fairhurst's Discuss on draft-ietf-6ma… Gorry Fairhurst via Datatracker
- [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf… Bonica, Ron
- [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf… Tal Mizrahi
- [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf… Gorry Fairhurst
- [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf… Tal Mizrahi
- [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf… Tal Mizrahi
- [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf… Gorry Fairhurst
- [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf… Tal Mizrahi
- [IPv6]Re: Gorry Fairhurst's Discuss on draft-ietf… Gorry Fairhurst