IETF Logo Mail Archive

Re: Comments on draft-herbert-ipv6-update-dest-ops

Tom Herbert <tom@herbertland.com> Mon, 20 August 2018 20:18 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F83E128CF3 for <ipv6@ietfa.amsl.com>; Mon, 20 Aug 2018 13:18:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7lByQvJOZrn5 for <ipv6@ietfa.amsl.com>; Mon, 20 Aug 2018 13:17:59 -0700 (PDT)
Received: from mail-qt0-x22d.google.com (mail-qt0-x22d.google.com [IPv6:2607:f8b0:400d:c0d::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37FA2127332 for <ipv6@ietf.org>; Mon, 20 Aug 2018 13:17:59 -0700 (PDT)
Received: by mail-qt0-x22d.google.com with SMTP id o15-v6so11691674qtk.6 for <ipv6@ietf.org>; Mon, 20 Aug 2018 13:17:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=ZWlmLXZwSnbGrAcHDR2iWhHy9vRCF2LDrB9VXSZanh4=; b=plq1n4JZ5SfjsyzICZYBWWZPRB84PgLW4SjCmrbY8QtypicNQkVDAKemaIoZK6qXmK ChLlnEtWdfwGK/FlO1ZOW2QRhZn+D92O80ZFgMYSxlMmpf+4JXbiLHPKq7sVFEITyU87 96OYpVRIH9Jo3PK2nmZ0xZ2YSjAdkNZvr/wmJ2/i4P6lJStqN9xb7hYm8V732nN7gCp2 ldgrgc4d9aRvZtOr86Qh0j3pXngjX1fkBQU312EqTA/TGExlzHzWR23imdmrEsHLS8Vy 8t6ADUE2pkngxniUS4zpv3b0qnEGRjgoINJL72xfgvZGsc+iBly+/4kP8Xfomsp2BKmr Wp/w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=ZWlmLXZwSnbGrAcHDR2iWhHy9vRCF2LDrB9VXSZanh4=; b=JVBdeRqhAZDUkN+RkXT2YbiOk/EiqR6KiUy2YUuLk7K68zOcHaDqTnRzQQc19DaDW+ IiLM8f7fWuYS5Yake8JP0JQJHfTTRZY/sjM/3O+Vxr1MhRxYB1FFZf6o4fEYUCYwD/+E 3DqARMJLddRYDCswv2pqk7txpGagbBsoXyIXDilZXkqCPbseTLSEMqxEeNIVr00TzvT8 bNybHOQSEAdluHlPcR6jziPD4xegnL0mzEaVGwamvklyNkxF8wBYRuHB3O8Rc7P1w4Tv xzLFeyAfnuLbAUNW+RAnDT6+sMayvR6LTPLXcAJ1Z8T/6Cq8NnW+TNebrEGYkqPiPURp d2Tw==
X-Gm-Message-State: AOUpUlEG71aDq0n6hld1qkZzgkba96cMopS3J06/Fe6Pjjhxt0povldl orAVU+9j0CmKi7avCU1NbEDJz2bhBRkLLMuxwSuVui8P
X-Google-Smtp-Source: AA+uWPwF0huChMDuz+7IVDnzL3rq8TlHSM6DpmqwWyeMG4Bvdxf6F3WficRX6cAgrDgRCOAWJEPlUkIk1GowyM2kflM=
X-Received: by 2002:ac8:22ac:: with SMTP id f41-v6mr45617629qta.197.1534796278153; Mon, 20 Aug 2018 13:17:58 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:ac8:3312:0:0:0:0:0 with HTTP; Mon, 20 Aug 2018 13:17:57 -0700 (PDT)
In-Reply-To: <837265C7-AF4A-4E78-A7B4-5D4AE5C38C8A@employees.org>
References: <CACL_3VF+EoKOEF-TkB3179UsmN_Yhaqt60jh_h2d2GLnE0EWDA@mail.gmail.com> <CALx6S356TVnbnZ_zp5+aK_x-DmMJUTidw0Wzbc3Tn=cscTd7VA@mail.gmail.com> <CACL_3VGUUs1FS4Qog6pzJ2WZyir2-keEVZTU6opzXQ4t0M-XUw@mail.gmail.com> <CALx6S35q5EqZt26KSPTGHBXZpzaNYyFBO9UxVNsi4is1BxUHrQ@mail.gmail.com> <CACL_3VGfMj6DjAWsxib6Hw_x=5X3CWASKU1oiGqvFdksDuFXDw@mail.gmail.com> <CALx6S37c_WCa+A3aD7X-rq-kj_RTGfGur8HVekt_LWTg6Os18g@mail.gmail.com> <F01E55CE-0E88-47BF-A30B-B83A0B7F5F0F@employees.org> <CALx6S35mAnjCw=0Jmz7Niacobw2QmKkUxNJPJ-CNVok_4dAOeQ@mail.gmail.com> <EDE97FE5-B72A-4ED5-A4B0-F143A0F23C3A@employees.org> <CALx6S35mZQ1HyDS3EWLZXJtT0ViXNJt1L_v3QqrKH9n7zDOM1g@mail.gmail.com> <837265C7-AF4A-4E78-A7B4-5D4AE5C38C8A@employees.org>
From: Tom Herbert <tom@herbertland.com>
Date: Mon, 20 Aug 2018 13:17:57 -0700
Message-ID: <CALx6S37mE6wXGk9jkkJeG_tuSA8x157wgCGqh-QxW-3Kws1ZnQ@mail.gmail.com>
Subject: Re: Comments on draft-herbert-ipv6-update-dest-ops
To: Ole Troan <otroan@employees.org>
Cc: "C. M. Heard" <heard@pobox.com>, 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/DPRdukxDW5UuOmTqdACyoCqG9tA>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Aug 2018 20:18:02 -0000

On Mon, Aug 20, 2018 at 12:07 PM, Ole Troan <otroan@employees.org> wrote:
> Tom,
>
>> Consider the folling scenario:
>>
>> Someone is developing a new Destination Option that might be of
>> interest for use with tunnels and might even become one of those
>> options "that makes sense to support" . Maybe it's an option for the
>> aforementioned insitu-OAM, or maybe a general packet CRC, etc. The
>> developer dutifully uses experimental option type 0x1e for the type
>> value of their option to test it. In particular, the action taken if
>> the option is unknown to a receiver is to skip over it. They made that
>> choice because that allows incremental deployment of the support for
>> the option in any combination supporting sending side or receivers. In
>> other words, they don't want a flag day for the option that requires
>> all nodes to support the new option.
>>
>> Now they go to test backwards comapatbility of the option by sending
>> it to a node that hasn't been updated to receive it. If the receiving
>> node is a Linux system, then the option is ignored and the tunneled
>> packet is processed as before-- expected behavior per the spec.
>> However, if it's sent to a VPP node then the packet is dropped-- not
>> expected. Even if this doesn't lead to incorrectness, it does breaks
>> interoperability and violates "be liberal in what you receive". This
>> net effect is that this makes development, test, and pilot deployment
>> of new options really hard. Just implementing the TLV loop, even if
>> the implementation doesn't process any of them, would resolve this.
>
> Absolutely. The set of _optional_ destination options would benefit from this approach.
> Of which we have none. I’d much rather just implement new options as they come available (if they ever will)

Ole,

I'm not sure what "comes available" mean here. Does that mean VPP
would only support TLVs parsing once one becomes standardized and the
VPP maintainers think is worth supporting? As shown in the scenario
above, with that approach its difficult to develop optional TLVs if
implementations don't properly skip over them.

> If I get time, I’ll try to do some performance measurements on what the actual cost is for a software based system.
>
Our testing in Linux showed that the performance hit is heavily
dependent on the number of TLVs to be processed. Processing a small
number of TLVs was fairly inconsequential relative the rest of the
header processing. A a packet filled with tiny TLVs so that a single
MTU sized packet has hundreds of them will kill performance on any
software or hardware system and really has no other practical purpose
other than to be a DOS attack. This why we needed to add limits in
RFC6434bis. In Linux, the default  limit of number of options a stack
will process is eight.

Tom

> Best regards,
> Ole

v2.23.0 | Report a Bug | By Email