Single Packet Contains Two Routing Headers (was: [spring] draft-ietf-spring-srv6-network-programming-04: Section 2)

Ron Bonica <rbonica@juniper.net> Thu, 17 October 2019 16:02 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 867091200B6; Thu, 17 Oct 2019 09:02:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hCe4uCzevIcZ; Thu, 17 Oct 2019 09:02:23 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63916120901; Thu, 17 Oct 2019 09:02:23 -0700 (PDT)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x9HG1CRD022992; Thu, 17 Oct 2019 09:02:21 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : content-type : mime-version; s=PPS1017; bh=mgVkLLb2bIOGfers0fnEmIG49YVW9GNWau3Nsiu92Mc=; b=KMB+EbVkYZnCgWSpHqSympnVcMUvwoj4UEVcAgS/FX0sym7YE5C8cEcTAYaJ/k3i0lqS zEkilxM0zzX9otEawzaw2lIxYJ0uzY9H5tRoyen/8GlUcXshjsZZm+OIs/F5867y56Wy j+c+MH9Z+a358pK6bsWQ7Qb57JTQrEMunntYLfNUPOuJDAQ/ZWxeleZfUE9oGEDL0ou3 E5ZmJnwXTQacTFxLZABFqyMFweLT5Tsz7T4Ol8kTWuMoeUBVeMxCFpNPUt+BWiywPTPv q0wQqMykp0rk67+Gt6bocEmSZ9qgZXQG5/TXO61orp4nKN5E6BL0juYd39qZ4kn4hZWy TQ==
Received: from nam02-bl2-obe.outbound.protection.outlook.com (mail-bl2nam02lp2058.outbound.protection.outlook.com [104.47.38.58]) by mx0a-00273201.pphosted.com with ESMTP id 2vnuksuc6g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 17 Oct 2019 09:02:20 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mwahFGxW6IFFp814f2gKUieHIwWDou9NnscWzLrtSK79FHoL+9IpLsibgleuMj4FMtnw+xrAWuwHGc6/I0z0T96GxTVJKMMDGKAwjXy+rrXo7U7rHNdhoV2Gf3j1MHqNkM+nWJYgv1KOfAjhD7VXEtkPq4kaoOfL1hW2PFgyDbFUkczJyylRbg/Ghueh8iKfuUKXrHHVey6Eo32eyB6QYmP4Sbtuq2g/WfrXsRKi6yn3QV+/0jaa+Dc2UmE0p0y/+duIO7GqE/rrP/sQedjxDLu/YIr5zLifk4nS4l1XDWfnkPwwyp6G5b3Dka1Xq45JjqB0nAPlgs/W64a3xOT3Ng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mgVkLLb2bIOGfers0fnEmIG49YVW9GNWau3Nsiu92Mc=; b=h+5AlCSrKebFYgH4VbMh9ItqBqYD1PrpYHGvqb15vTgpZn8KKSBTgyPU0JG6m5t7Gc8QZt0xhc8Pma3xa4zToj/OZMaW6sK7UoWhbDW9WVCskLwN2gXsCb2BiLCc7E3lubBZcTpYypJ/IxRo1km/HJ/HAsMI1vIpRqEv3o3m55jsYFXk8n1p8V8SgsI7v5WJF+H9Q9vz1mgOrzfE6SuGx2Mvstu4VARs5GXZ6RbrWi/XlKpbgPdD8L7ZSEMKQ9WWIc1LKop0qZ3UNeC6GLP9svYeB7bg2hrXHIFewa3WrozKonW2jLbFdubUEYNNc/nnUB+o2Jjoe/akeiVpDhaZfQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
Received: from BN7PR05MB5699.namprd05.prod.outlook.com (20.176.28.88) by BN7PR05MB5827.namprd05.prod.outlook.com (20.176.29.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2367.14; Thu, 17 Oct 2019 16:02:18 +0000
Received: from BN7PR05MB5699.namprd05.prod.outlook.com ([fe80::c9d9:5faf:5aee:ee8d]) by BN7PR05MB5699.namprd05.prod.outlook.com ([fe80::c9d9:5faf:5aee:ee8d%6]) with mapi id 15.20.2367.016; Thu, 17 Oct 2019 16:02:18 +0000
From: Ron Bonica <rbonica@juniper.net>
To: "Pablo Camarillo (pcamaril)" <pcamaril@cisco.com>, SPRING WG List <spring@ietf.org>, 6man <6man@ietf.org>
Subject: Single Packet Contains Two Routing Headers (was: [spring] draft-ietf-spring-srv6-network-programming-04: Section 2)
Thread-Topic: Single Packet Contains Two Routing Headers (was: [spring] draft-ietf-spring-srv6-network-programming-04: Section 2)
Thread-Index: AdWFAY6w9Lp0/GdVR5OsDTjnAS049Q==
Date: Thu, 17 Oct 2019 16:02:18 +0000
Message-ID: <BN7PR05MB5699C34C9DBBF34404DF8EDBAE6D0@BN7PR05MB5699.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-10-14T18:27:36.3999673Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=c3ca4e2c-ed8a-46a9-9328-a26a4f92bd79; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
dlp-product: dlpe-windows
dlp-version: 11.2.0.14
dlp-reaction: no-action
x-originating-ip: [108.28.233.91]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ea2ee712-b50a-417f-6b0f-08d7531b631b
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: BN7PR05MB5827:
x-microsoft-antispam-prvs: <BN7PR05MB5827450E64FA8CB2073E20BAAE6D0@BN7PR05MB5827.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 01930B2BA8
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(376002)(39860400002)(396003)(366004)(346002)(189003)(199004)(478600001)(86362001)(476003)(2906002)(6116002)(81166006)(8936002)(790700001)(8676002)(53546011)(6506007)(55016002)(6306002)(54896002)(9686003)(3846002)(25786009)(66066001)(26005)(236005)(186003)(486006)(33656002)(14454004)(81156014)(7736002)(71190400001)(74316002)(64756008)(76116006)(66946007)(66556008)(66446008)(52536014)(71200400001)(5660300002)(316002)(66476007)(99286004)(256004)(6436002)(102836004)(110136005)(7696005)(14444005); DIR:OUT; SFP:1102; SCL:1; SRVR:BN7PR05MB5827; H:BN7PR05MB5699.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: qhhF4Fyyu7rOtx95tvm7wHPHZZPmbp+jCBGLeY4bxvCcTYjUnLMo/OXLbTxCoVRSRo0QwCemlUAyOdsKqPLQ/0FnnHc5zJCyeYbAPGJtJtKDxFGNS6e/7tCpX7BowFjeIz3iAR+oxbzsJ0n/Mo8I76iYlVqiqV3IU9XQKSJ+9NEctz0Vy3+kHpAnc4rpt8LnmtQF7Gqqnhv61vdLgHkFvpBpdAgh7JHzQ8YJ3YupCZM1Q32tQQPqQ+nv6O+ORRIMPczPU7h38ilYxdxgcG6oJCCRWx0Ztorgo+t63p//XIepJ03ujF55pAteBf26BSidwQ9UowF0oxwGskA4TjbvOsEU76H0iqipr1WdP34iR3vwPL5zyJOSnWWUuP5EwSFssBm5IWAg6qeOB6j0gdyYp/R1NLzf8/n4o2YgAqoknaI=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN7PR05MB5699C34C9DBBF34404DF8EDBAE6D0BN7PR05MB5699namp_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: ea2ee712-b50a-417f-6b0f-08d7531b631b
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Oct 2019 16:02:18.5769 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: UjEwLvVuEQXmBiNjdiV10xtYt5cbCZgsxpXm8hSAnCkmpt7uDol9Jus2yOb55BE75mk5uUyUKRkq8hDsnVlvFQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR05MB5827
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-10-17_05:2019-10-17,2019-10-17 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 bulkscore=0 mlxscore=0 adultscore=0 mlxlogscore=999 priorityscore=1501 lowpriorityscore=0 spamscore=0 clxscore=1015 impostorscore=0 suspectscore=0 phishscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1910170144
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/D8O2McPBBz2xdYZQd6AJ8wLh3F4>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Oct 2019 16:02:27 -0000

Pablo,

The two excerpts from RFC 8200, quoted below, should be understood in the context of Postel's Rule. That is, "be conservative in what you send and tolerant in what you receive".

RFC 8200 says that a single packet should not include two Routing headers. So, in keeping with the first part of Postel's Rule, the IETF should never publish a specification that violates that rule, unless it updates or obsoletes RFC 8200.

RFC 8200 also says that if an implementation receives a packet that includes two Routing headers, it should attempt to process it. This is in keeping with the second part of Postel's Rule.

Your statement in draft-ietf-spring-srv6-network-programming goes well beyond the second part of Postel's rule. It doesn't say, "If a poorly behaved implementation sends you a packet that includes two Routing headers, attempt to process them". It says, "We assume that the SRH may be present multiple times inside each packet".

There is a big difference.

                                                                                      Ron






Juniper Business Use Only
From: Pablo Camarillo (pcamaril) <pcamaril@cisco.com>
Sent: Thursday, October 17, 2019 5:41 AM
To: Ron Bonica <rbonica@juniper.net>; SPRING WG List <spring@ietf.org>
Subject: Re: [spring] draft-ietf-spring-srv6-network-programming-04: Section 2

Ron,

The intent is to define SIDs and their processing as general as possible to accept whatever is received as per RFC8200. This is a reminder of that fact.

Cheers,
Pablo.

From: Ron Bonica <rbonica@juniper.net<mailto:rbonica@juniper.net>>
Date: Wednesday, 16 October 2019 at 01:43
To: "Pablo Camarillo (pcamaril)" <pcamaril@cisco.com<mailto:pcamaril@cisco.com>>, SPRING WG List <spring@ietf.org<mailto:spring@ietf.org>>
Subject: RE: [spring] draft-ietf-spring-srv6-network-programming-04: Section 2

Pablo,

I am sure that you have read RFC 8200 carefully enough to have noticed the following text:


"Each extension header should occur at most once, except for the Destination Options header, which should occur at most twice (once before a Routing header and once before the upper-layer header).

This rule addresses the number of extension headers of any given type that can appear in a single packet. A packet that contains one IP header and two routing headers would violate this rule.

You quote the following text, also from RFC 8200, omitting the final sentences:


"IPv6 nodes must accept and attempt to process extension headers in any order and occurring any number of times in the same packet, except for the Hop-by-Hop Options header, which is restricted to appear immediately after an IPv6 header only.  Nonetheless, it is strongly advised that sources of IPv6 packets adhere to the above recommended order until and unless subsequent specifications revise

that recommendation."

Is it your intent to ignore the strong advice of RFC 8200 without offering any justification?

                                                                                                 Ron




Juniper Business Use Only
From: Pablo Camarillo (pcamaril) <pcamaril@cisco.com<mailto:pcamaril@cisco.com>>
Sent: Tuesday, October 15, 2019 12:45 PM
To: Ron Bonica <rbonica@juniper.net<mailto:rbonica@juniper.net>>; SPRING WG List <spring@ietf.org<mailto:spring@ietf.org>>
Subject: Re: [spring] draft-ietf-spring-srv6-network-programming-04: Section 2

Ron,

That sentence is there on purpose. RFC8200:
   IPv6 nodes must accept and attempt to process extension headers in
   any order and occurring any number of times in the same packet

I will update that sentence in the next revision of the draft to make it more formal and include the normative reference:
"As per [RFC8200], multiple occurrences of the SRH might be present in the same IPv6 header."

Cheers,
Pablo.


From: spring <spring-bounces@ietf.org<mailto:spring-bounces@ietf.org>> on behalf of Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org<mailto:rbonica=40juniper.net@dmarc.ietf.org>>
Date: Monday, 14 October 2019 at 20:28
To: SPRING WG List <spring@ietf.org<mailto:spring@ietf.org>>
Subject: [spring] draft-ietf-spring-srv6-network-programming-04: Section 2

Authors,

In Section 2 of draft-ietf-spring-srv6-network-programming-04, you say:

"SRH: Segment Routing Header as defined in  [I-D.ietf-6man-segment-routing-header].  We assume that the SRH may be present multiple times inside each packet."

Did you mean to remove the final sentence?

                                     Ron



Juniper Business Use Only