RE: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery for IP version 6) to Internet Standard

"Templin, Fred L" <Fred.L.Templin@boeing.com> Tue, 07 February 2017 20:14 UTC

Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 121C41294C7; Tue, 7 Feb 2017 12:14:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NbOFWVzHs_w0; Tue, 7 Feb 2017 12:14:49 -0800 (PST)
Received: from phx-mbsout-02.mbs.boeing.net (phx-mbsout-02.mbs.boeing.net [130.76.184.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EAE6129471; Tue, 7 Feb 2017 12:14:49 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by phx-mbsout-02.mbs.boeing.net (8.14.4/8.14.4/DOWNSTREAM_MBSOUT) with SMTP id v17KEmD7021247; Tue, 7 Feb 2017 13:14:48 -0700
Received: from XCH15-06-08.nw.nos.boeing.com (xch15-06-08.nw.nos.boeing.com [137.136.238.222]) by phx-mbsout-02.mbs.boeing.net (8.14.4/8.14.4/UPSTREAM_MBSOUT) with ESMTP id v17KEemE021141 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=OK); Tue, 7 Feb 2017 13:14:40 -0700
Received: from XCH15-06-08.nw.nos.boeing.com (2002:8988:eede::8988:eede) by XCH15-06-08.nw.nos.boeing.com (2002:8988:eede::8988:eede) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Tue, 7 Feb 2017 12:14:39 -0800
Received: from XCH15-06-08.nw.nos.boeing.com ([137.136.238.222]) by XCH15-06-08.nw.nos.boeing.com ([137.136.238.222]) with mapi id 15.00.1178.000; Tue, 7 Feb 2017 12:14:39 -0800
From: "Templin, Fred L" <Fred.L.Templin@boeing.com>
To: "otroan@employees.org" <otroan@employees.org>, Joe Touch <touch@isi.edu>
Subject: RE: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery for IP version 6) to Internet Standard
Thread-Topic: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery for IP version 6) to Internet Standard
Thread-Index: AQHSgX24aUQDcUzHwUaWWd7FFympqaFd+j3Q
Date: Tue, 7 Feb 2017 20:14:39 +0000
Message-ID: <619f0dc52a514f07a70b44126aeb66f3@XCH15-06-08.nw.nos.boeing.com>
References: <148599312602.18643.4886733052828400859.idtracker@ietfa.amsl.com> <1859B1D9-9E42-4D65-98A8-7A326EDDE560@netapp.com> <f8291774-409e-2948-3b29-83dbb09d39d9@si6networks.com> <63eaf82e-b6d5-bff5-4d48-479e80ed4698@gmail.com> <2d36e28c-ee7d-20fc-3fec-54561e520691@si6networks.com> <C0A114C1-5E4A-4B8E-A408-55AF1E30873F@netapp.com> <3A5429F6-0EA6-436A-AF30-E55C9026F456@employees.org> <8cf1fe7d-bdfd-5e81-e61f-55d9ecd5d28a@isi.edu> <7E9AB9E8-3FCB-4475-BEEB-F18CFC4BC752@employees.org> <8076a1ea-182d-9cbe-f954-3e50f0fc53d9@isi.edu> <E11F9A4D-DE9E-4BFD-8D0D-252842719FC5@employees.org>
In-Reply-To: <E11F9A4D-DE9E-4BFD-8D0D-252842719FC5@employees.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [137.136.248.6]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-TM-AS-MML: disable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/GuPuiur_MCMshwYLeS7flbjvAH8>
Cc: 6man WG <ipv6@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "draft-ietf-6man-rfc1981bis@ietf.org" <draft-ietf-6man-rfc1981bis@ietf.org>, "tsv-area@ietf.org" <tsv-area@ietf.org>, "Eggert, Lars" <lars@netapp.com>, "6man-chairs@ietf.org" <6man-chairs@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2017 20:14:51 -0000

Hi Ole and Joe,

Also not to be lost in this discussion is the potential for spoofed ICMP messages
that would report a size that is either too large or too small.

Thanks - Fred

> -----Original Message-----
> From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of otroan@employees.org
> Sent: Tuesday, February 07, 2017 12:07 PM
> To: Joe Touch <touch@isi.edu>
> Cc: 6man WG <ipv6@ietf.org>rg>; ietf@ietf.org; draft-ietf-6man-rfc1981bis@ietf.org; tsv-area@ietf.org; Eggert, Lars
> <lars@netapp.com>om>; 6man-chairs@ietf.org
> Subject: Re: Last Call: <draft-ietf-6man-rfc1981bis-04.txt> (Path MTU Discovery for IP version 6) to Internet Standard
> 
> Joe,
> 
> [...]
> 
> >>> If by "supports" you mean "doesn't work", then yes. That's why we now
> >>> have PLPMTUD.
> >>>
> >> PLMTUD is unfortunately not a (complete) replacement of PMTUD.
> >
> > PLMTUD is a directive to protocols above the IP layer; it isn't a single protocol, so it wouldn't replace anything.
> >
> >>
> >>>> Looking just at our specifications, we cannot state that PLMTUD can replace PMTUD. Take RFC2473 (IPv6 tunnelling) for
> example.
> >>>>
> >>> See draft-ietf-intarea-tunnels, esp. v03 Section 5.5.2
> >>>
> >>> (yes, that doc has expired while we're preparing the 04 update, which
> >>> should be issued shortly)
> >>>
> >> Is this the paragraph you are referring to?
> >>
> >>    PLPMTUD requires a separate,
> >>    direct control channel from the egress to the ingress that provides
> >>    positive feedback; the direct channel is not blocked by policy
> >>    filters and the positive feedback ensures fail-safe operation if
> >>    feedback messages are lost [RFC4821].
> >>
> > That is nowhere near section 5.5.2.
> 
> No, but it was unfortunately all that was written about how to use PLMTUD for tunnels.
> 
> > 5.5.2 indicates places where RFC2473 has errors, esp. in how it interprets the MTU of the tunnel as being defined by the MTU of the
> path within the tunnel, rather than by the tunnel egress reassembly limit.
> >
> >> I'm very much in favour of working on better ways of doing Path MTU discovery.
> >> A blanket statement of "use "PLMTUD" seems very premature though.
> >>
> > The point is that this document fails to indicate the current state of PMTUD. It correctly notes that:
> >    An extension to Path MTU Discovery defined in this document can be
> >    found in [
> > RFC4821
> > ].  It defines a method for Packetization Layer Path
> >    MTU Discovery (PLPMTUD) designed for use over paths where delivery of
> >    ICMP messages to a host is not assured.
> >
> >
> >
> > IMO, it fails to note that this case - where ICMP messages are assured along a path - is effectively a unicorn except within systems
> maintained by a single entity.
> >
> >> RFC1981 has 70 citations:
> >>
> >> http://www.arkko.com/tools/allstats/citations-rfc1981.html
> >>
> >>
> >> Could you expand on your view of how this pertains to advancing RFC1981?
> >>
> > It's called last call input. My input is that this document needs to be more realistic in noting that, for all intents, ICMP-based MTU
> discovery isn't viable and that other methods need to be *expected*, not just that they're available.
> 
> Right, but if you are correct that ICMP-based MTU discovery is not viable then this document should not be advanced.
> At the same time for many protocols we have nothing else. An operator can break any protocol if that's their policy. And that's the
> breakage we're talking about here, not any issues with the protocol specification.
> 
> There is a philosophical aspect of this. (Which I'm not the best person to represent as I skipped my University studies in philosophy
> and used the student loan to buy a motorcycle... (and only read the art of motorcycle maintenance years later) )
> This is a tussle. The IETF specifies protocols under the assumption that operators treat those protocols largely as specified. The 5-10%
> failure of PMTUD messages may be caused by misconfiguration, misunderstanding or mis-intent... Many of our protocols are suffering
> from the same fate. Should the IETF adjust all its protocols to be as middlebox friendly as possible? You can make this argument about
> IPv6 fragments, any packet with IPv6 extension headers, IPv4 fragments. Or anything but TCP port 443/80 and UDP port 53 for that
> matter. Are we as the IETF going to continue standardising protocols to work as best as they possible can, ignoring protocol abuse, or
> are we going to bend over and do whatever it takes to make it work for those 5-10% who've actively broken the protocol? What about
> the 90-90% where the protocols work as expected?
> 
> Best regards,
> Ole
>