IETF Logo Mail Archive

Re: I-D Action: draft-voyer-6man-extension-header-insertion-02.txt

"Darren Dukes (ddukes)" <ddukes@cisco.com> Tue, 05 December 2017 14:59 UTC

Return-Path: <ddukes@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDB011294E7; Tue, 5 Dec 2017 06:59:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.52
X-Spam-Level:
X-Spam-Status: No, score=-14.52 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ob0UJdCthbpC; Tue, 5 Dec 2017 06:59:14 -0800 (PST)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FC0D127599; Tue, 5 Dec 2017 06:59:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10014; q=dns/txt; s=iport; t=1512485954; x=1513695554; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=KKAvFru8TmRG7PjssrlqOL58KdGzkulJBgiXwAy9V2o=; b=U7izsS2gtxhJ0QY7DK4L0HlrYlY+xCUdllvkgOQ5nQdU5lRCvYiSRB8g EuEGCxNWN+wkciFakv452YqSD8nQ5a2L9nrg9XHEtUI0w+TeDc2rojyL6 dzSFhlIc1wyjUZtiPRmL4XAXsLdGVMYccHMS1iqBmyQNTczdD9c74cQBz U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AaAgDgsyZa/51dJa1cGQEBAQEBAQEBAQEBAQcBAQEBAYM9Zjk1JweDeYogjnqBfYFahxqODoIVChgNhRYCGoUsPxgBAQEBAQEBAQFrKIUjAQEBAwEBIRE6CxACAQgYAgImAgICHwYLFRACBAENBQkLiXcDFRCobYInhzkNgxgBAQEBAQEBAQEBAQEBAQEBAQEBAQEdgQ+COYIKgVaBaSmDAoJrOQ8YgVYXgn4xgjIFojk9Aod0iCOEeoIWY4UuizGKPoJDPT+IJwIRGQGBOQEfOYFNbxUWJCoBgX4JgkkcgWd4AQGJE4EUAQEB
X-IronPort-AV: E=Sophos;i="5.45,364,1508803200"; d="scan'208";a="318304155"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Dec 2017 14:58:56 +0000
Received: from XCH-ALN-018.cisco.com (xch-aln-018.cisco.com [173.36.7.28]) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id vB5Ewu4E011378 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 5 Dec 2017 14:58:56 GMT
Received: from xch-aln-017.cisco.com (173.36.7.27) by XCH-ALN-018.cisco.com (173.36.7.28) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Tue, 5 Dec 2017 08:58:55 -0600
Received: from xch-aln-017.cisco.com ([173.36.7.27]) by XCH-ALN-017.cisco.com ([173.36.7.27]) with mapi id 15.00.1320.000; Tue, 5 Dec 2017 08:58:55 -0600
From: "Darren Dukes (ddukes)" <ddukes@cisco.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, "draft-voyer-6man-extension-header-insertion@ietf.org" <draft-voyer-6man-extension-header-insertion@ietf.org>
CC: 6man <ipv6@ietf.org>
Subject: Re: I-D Action: draft-voyer-6man-extension-header-insertion-02.txt
Thread-Topic: I-D Action: draft-voyer-6man-extension-header-insertion-02.txt
Thread-Index: AQHTZ894JnM3BSQwJEyx3S1oM1NaEaM1R/MA
Date: Tue, 05 Dec 2017 14:58:55 +0000
Message-ID: <69A89FE5-2D6E-4CD1-9DEB-ECE3346296AC@cisco.com>
References: <151120281628.21912.1099097760493570225@ietfa.amsl.com> <4ca3fd6b-4cd6-f6ac-ce03-415c2c9a4c3c@gmail.com>
In-Reply-To: <4ca3fd6b-4cd6-f6ac-ce03-415c2c9a4c3c@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.27.0.171010
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.64.35]
Content-Type: text/plain; charset="utf-8"
Content-ID: <C038A2BB9D8C55408EA67BC438EB1F4F@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/F9AjjGKx4ajnFh_ptkfE4rInmt4>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Dec 2017 14:59:17 -0000

Brian, thanks for starting the thread.  There has been a lot of conversation on this topic now for quite some time, and most recently on this thread, with some good explanations… I see the following:
 
1 – RFC8200 has some non-normative text stating non-source nodes do not insert extension headers. Neither RFC2460 nor RFC8200 disallow an intermediate node from inserting SRH.
    - RFC2460 section 4 did not exclude insertion of SRH’s
    - Errata ID: 4657 suggested some text from Fernando disallowing insertion, however the disposition of that Errata was “Held for Document Update”
    - RFC8200 closed Errata 4657 and there is no normative statement disallowing extension header insertion, rather the suggestion.
2 – Others, including yourself, have provided some constructive suggestions/comments that can be expanded upon in upcoming revisions.  We’ll work toward that.

Thanks
  Darren

On 2017-11-27, 5:31 PM, "Brian E Carpenter" <brian.e.carpenter@gmail.com> wrote:

    Hi,
    
    I'm probably repeating myself, but it seems clear that this draft
    in its present form will never get anywhere. Firstly I will try to
    justify this statement, and secondly I'll try to make some
    constructive suggestions.
    
    I. The problems with the current draft:
    
    I.1. No RFC is allowed to have more than five authors without
    an extremely good reason. If six or seven people have contributed 
    roughly equal amounts you might just be able to persuade the
    RFC Editor to list everybody, but 18? Never.
    https://tools.ietf.org/html/rfc7322#section-4.1.1
    
    I.2. More serious is the tone, which starts with the Abstract.
    "The network operator and vendor community has clearly indicated..."
    is, to put it mildly, out of place in an IETF document. We work
    by facts and rough consensus, not by declarations by vested
    interests. I think a lot of people will simply stop reading
    the draft after that sentence.
    
    The tone needs to be rational and factual argument about why
    the proposed mechanism is both desirable and harmless. The
    abstract needs to be a factual summary.
    
    I.3. A detail is that since this draft recommends ignoring
    a rule in RFC 8200, it needs to be aimed at the standards
    track with Updates: 8200.
    
    I.4. Another detail is that in some places the draft seems
    to assume that only segment routing headers will be
    candidates for insertion. That may be true today, but
    probably not for ever.
    
    II. Constructive suggestions.
    
    I understand that the idea is to propose that this rule
    in https://tools.ietf.org/html/rfc8200#section-4 :
    
    "  Extension headers (except for the Hop-by-Hop Options header) are not
       processed, inserted, or deleted by any node along a packet's delivery
       path, until the packet reaches the node (or each of the set of nodes,
       in the case of multicast) identified in the Destination Address field
       of the IPv6 header."
    
    MAY be ignored within an administrative domain for packets that
    terminate within that domain. If that's the intention, I think
    there are several logical steps in the argument that need to
    be laid out. A lot of the ideas are already in the draft; this
    is mainly about making a clear and logical case that the whole
    community can understand.
    
    1. Introduction, outline of use cases [1].
    2. Precise definition of a domain and of its boundary, ingresses and egresses.
    3. Explanation of how the class of packets eligible for header insertion are identified [2].
    4. Explanation of how the well-known issues are avoided (PMTUD, fragmentation, IPSec).
    5. Clear statement of what header manipulations are allowed and which devices may perform them.
    6. Precise statement of which text in RFC 8200 is updated.
    7. Security considerations 
    
    [1] More details on use cases could be an appendix. 
    
    [2] https://tools.ietf.org/html/draft-voyer-6man-extension-header-insertion-02#section-3 
    is IMHO correct as far as transit packets go. But it
    should be presented as a mainstream part of the proposal,
    not as an example.
    
    I hope this is helpful.
       Brian Carpenter
    
    
    
    On 21/11/2017 07:33, internet-drafts@ietf.org wrote:
    > 
    > A New Internet-Draft is available from the on-line Internet-Drafts directories.
    > 
    > 
    >         Title           : Insertion of IPv6 Segment Routing Headers in a Controlled Domain
    >         Authors         : Daniel Voyer
    >                           Daniel Bernier
    >                           John Leddy
    >                           Clarence Filsfils
    >                           Darren Dukes
    >                           Stefano Previdi
    >                           Stefano Salsano
    >                           Antonio Cianfrani
    >                           David Lebrun
    >                           Olivier Bonaventure
    >                           Prem Jonnalagadda
    >                           Milad Sharif
    >                           Hani Elmalky
    >                           Ahmed Abdelsalam
    >                           Robert Raszuk
    >                           Arthi Ayyangar
    >                           Dirk Steinberg
    > 	Filename        : draft-voyer-6man-extension-header-insertion-02.txt
    > 	Pages           : 14
    > 	Date            : 2017-11-20
    > 
    > Abstract:
    >    The network operator and vendor community has clearly indicated that
    >    IPv6 header insertion is useful and required.  This is notably the
    >    case when the entire journey of the packet remains in its source
    >    domain.  In such a context, it does not matter where the extension
    >    header is inserted.  The source domain may decide to place the IPv6
    >    extension header insertion where it suits its best: at the source of
    >    the packet or at any midpoint within the source domain.
    > 
    > 
    > 
    > The IETF datatracker status page for this draft is:
    > https://datatracker.ietf.org/doc/draft-voyer-6man-extension-header-insertion/
    > 
    > There are also htmlized versions available at:
    > https://tools.ietf.org/html/draft-voyer-6man-extension-header-insertion-02
    > https://datatracker.ietf.org/doc/html/draft-voyer-6man-extension-header-insertion-02
    > 
    > A diff from the previous version is available at:
    > https://www.ietf.org/rfcdiff?url2=draft-voyer-6man-extension-header-insertion-02
    > 
    > 
    > Please note that it may take a couple of minutes from the time of submission
    > until the htmlized version and diff are available at tools.ietf.org.
    > 
    > Internet-Drafts are also available by anonymous FTP at:
    > ftp://ftp.ietf.org/internet-drafts/
    > 
    > _______________________________________________
    > I-D-Announce mailing list
    > I-D-Announce@ietf.org
    > https://www.ietf.org/mailman/listinfo/i-d-announce
    > Internet-Draft directories: http://www.ietf.org/shadow.html
    > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
    >

v2.23.0 | Report a Bug | By Email