Re: [IPv6] Removing extension headers from packets (revisited)
Mark Smith <markzzzsmith@gmail.com> Sat, 19 August 2023 00:35 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DB2EC151524 for <ipv6@ietfa.amsl.com>; Fri, 18 Aug 2023 17:35:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.603
X-Spam-Level:
X-Spam-Status: No, score=-1.603 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 28fii0zLqk3h for <ipv6@ietfa.amsl.com>; Fri, 18 Aug 2023 17:35:43 -0700 (PDT)
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAA0EC151080 for <6man@ietf.org>; Fri, 18 Aug 2023 17:35:43 -0700 (PDT)
Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-5236b2b4cdbso1865552a12.3 for <6man@ietf.org>; Fri, 18 Aug 2023 17:35:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692405342; x=1693010142; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=IM6UU5i042Lk0PYMUHVMRT0t/N1cqb11hoHqnZ6/Yps=; b=WQa1QU8fz7ezDNkeF/nDGU2VtDseezghIYSkeqi3Ke+0VxQUr1HY7LOQxOQ9UxAvhY T83gqs0l39H8D8aDoYiUlxsTOyf43glrSqns/FklvBwYdfs9zWdU+lqeB7jXdhIl+Q+v nKwl4TUtXRhtEbizTaWL2EhSWtVD7VIOxcRqRslH2Iy8bQYkhNFLA8/5yzXc316/fxA2 WMVlRtiv8fMtfZp3YIg8GA4qogoiAKtG6emYRzxv9uhrxWVxjBMj5yGVletwL7eo0+8k /qyCbg9/Z94bLO8Q01z1b3ya0rMObAZ1a8Ync43eWtDtLx6juytcGVqDV0Eu6UILb7vX Io4A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692405342; x=1693010142; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=IM6UU5i042Lk0PYMUHVMRT0t/N1cqb11hoHqnZ6/Yps=; b=WKeDwYLm8gDUDieZzhik5CIHyIatsx++/0w3hHp2vKavaFuXC54V57cG7wYWPj7jBz 2r6nyueYGok49M3IiiVsqKGJsde6SYBro2UB26lNhKKWVNR2g3uUhJLRAwkRcenp+KFN S28YSVu7zaTIu+EYRsyH7fxj/hIgSIiz9VPZr6MkR+T9J69iR+OnKahnq8XMlpKKjy8t O+Y9vAql09FclIhqc1n3BzBqPSJ/tEGxMDCNyWerZajd3QMF5WE8BLB7b9iieBxP4eXA NSsYSMUEyNxphK3z7QEFJ/fqjJpfh2p9/mG9sMos9ZrouTv3fD+QdwoDkbPKTVjCTUTF klKQ==
X-Gm-Message-State: AOJu0Yxsgq3qzVU7TfndtWHgR7nvtcx/ACr8SS/Nw0Vi3ZhhARTg/pNN PCEH8UFen7v901PSDrqo/xknhb4HAoJsmg1JHsFNuc03
X-Google-Smtp-Source: AGHT+IEK0FxA7Ks8FgmhdJUIQBxwv2I6u8ZOhf0pmUV6uliCb3g1hQIBbUTA0R1prbyd2T3UwhWzSRqYcR8czz7kO2I=
X-Received: by 2002:aa7:cf09:0:b0:523:a45f:419a with SMTP id a9-20020aa7cf09000000b00523a45f419amr479987edy.41.1692405341624; Fri, 18 Aug 2023 17:35:41 -0700 (PDT)
MIME-Version: 1.0
References: <CALx6S36gQBgNAp-Poq3pRupGWUh0iA8M546=S=vUp5cQK_82TQ@mail.gmail.com> <CAO42Z2zAf4EAKhX1ZJC1KUk4DXcNZykA82hdUfo64h45q8DVUQ@mail.gmail.com> <CALx6S36pk0+YjdjgNvWCsAjF5NVmQLnp8pKc30uOb1DZmcfasQ@mail.gmail.com> <CAO42Z2zmxiGANzdB6RdrfgGLfH_Q-D7-U_JGJ0V++3ms8nGxOg@mail.gmail.com> <CALx6S37BYjhShGhHbg8qK4Fxeubrep7BGzRBmrHD9DcBcToxPw@mail.gmail.com> <620318f4-d6ae-3c29-c5f1-93797363d47c@joelhalpern.com> <ZN79+XuBZnSSdL4y@faui48e.informatik.uni-erlangen.de> <95A2754C-B6D8-43DB-AE61-7B8C6EF6457E@employees.org> <ZN8ccT3ihsuQIPq+@faui48e.informatik.uni-erlangen.de> <B9795357-CD00-4FEC-B537-40CBD7C6B264@employees.org> <4890cd3e-9be6-ca0c-967d-57201d754ef0@joelhalpern.com> <8A2D1C35-47AF-481D-9346-FC675562A742@employees.org> <CALx6S366Rkps35=Ash-dPq_O2sKqfnhoq_G62Xuyt7qxBRdiNw@mail.gmail.com>
In-Reply-To: <CALx6S366Rkps35=Ash-dPq_O2sKqfnhoq_G62Xuyt7qxBRdiNw@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Sat, 19 Aug 2023 10:35:14 +1000
Message-ID: <CAO42Z2xJQFJy+EBb8kybhL82v8n02pOYViiSzo10oL7uZca=eQ@mail.gmail.com>
To: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org>
Cc: Ole Troan <otroan=40employees.org@dmarc.ietf.org>, 6MAN <6man@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/DgeTRvxlu2zdNm-PAnxIKEGDm5A>
Subject: Re: [IPv6] Removing extension headers from packets (revisited)
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Aug 2023 00:35:47 -0000
On Sat, 19 Aug 2023, 03:50 Tom Herbert, <tom=40herbertland.com@dmarc.ietf.org> wrote: > > > > On Fri, Aug 18, 2023, 9:19 AM Ole Troan <otroan=40employees.org@dmarc.ietf.org> wrote: >> >> > That code makes lots of assumptions. First, it assumes a software router. Second, it assumes there is exactly one EH to be removed, and it is in a position that is known a priori. And many other bits and pieces. >> >> It would be hard to not understand that what I gave was purely a concept and not “code”. >> The HBH header is always at a fixed position. And I think we are far enough down the path of allowing a HBH option to require for it to limit itself to a single option. >> >> The point though, stands, the claim that header removal cannot be allowed in standards because it is hard to do in hardware seems very weak. > > > I'll post a draft shortly, but I think the requirements are something like: > > An HBH EH (that immediately follows IPv6 header) MAY be removed unless the packet contains an Auth EH It's going to be quicker to generalise and say all IPv6 fields are mutable, which implicitly means EHs can be inserted or removed in-flight (i.e. mutable next-header field) and that field definitions are only suggestions, unless the AH header is present.. c.f. SPRING CSID redefines the Destination Address (singular) field to carry multiple destinations. Also remove any of the IPv6 fields being included in the transport layer checksums. Probably a layer violation in the first place anyway and a carry over from when IP was part of the TCP protocol. Finally, deprecate ICMPv6 unless the AH is protecting the packet for which the ICMPv6 message is going to be generated. Although we don't care much for operators here, receiving no ICMPv6 message would be more useful than receiving a misleading inaccurate one when it isn't possible to easily tell if the received ICMPv6 message is accurate. The principle of least astonishment demands being frank about what actually is and isn't allowed, rather than piecemeal modifications to RFC 8200 hidden away in a variety of other RFCs. > > A routing header MAY be removed if: > > - The final destination has been set in the DA > - And there are no extension headers that preceed the routing header (except if it is immediately preceeded by a HbH header that is also being removed) > - And the packet does not contain an Auth EH > > Additionally, for segment routing header, maybe the SRH SHOULD NOT be removed if it contains options > > Tom > >> >> O. >> -------------------------------------------------------------------- >> IETF IPv6 working group mailing list >> ipv6@ietf.org >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >> -------------------------------------------------------------------- > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
- [IPv6] Removing extension headers from packets (r… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Vasilenko Eduard
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Michael Richardson
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Bob Hinden
- Re: [IPv6] Removing extension headers from packet… Ole Trøan
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Bob Hinden
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] [EXTERNAL] Re: Removing extension head… Manfredi (US), Albert E
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] [EXTERNAL] Re: Removing extension head… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Michael Richardson
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Mike Simpson
- Re: [IPv6] Removing extension headers from packet… Pascal Thubert (pthubert)
- Re: [IPv6] Removing extension headers from packet… Pascal Thubert (pthubert)
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- [IPv6] sendmsg() for HBH ? Re: Removing extension… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Pascal Thubert (pthubert)
- Re: [IPv6] Removing extension headers from packet… Michael Richardson
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Ole Trøan
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Ole Trøan
- Re: [IPv6] Removing extension headers from packet… Mike Simpson
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Shihang(Vincent)
- Re: [IPv6] Removing extension headers from packet… Stewart Bryant
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Tim Chown
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Toerless Eckert
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Tom Herbert
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… JINMEI Tatuya / 神明達哉