IETF Logo Mail Archive

Re: New Version Notification for draft-herbert-6man-icmp-limits-01.txt

Tom Herbert <tom@herbertland.com> Tue, 16 May 2017 21:09 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8D1812F280 for <ipv6@ietfa.amsl.com>; Tue, 16 May 2017 14:09:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q8Gwpv466cQj for <ipv6@ietfa.amsl.com>; Tue, 16 May 2017 14:09:02 -0700 (PDT)
Received: from mail-qk0-x22e.google.com (mail-qk0-x22e.google.com [IPv6:2607:f8b0:400d:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 287F71294F7 for <6man@ietf.org>; Tue, 16 May 2017 14:04:06 -0700 (PDT)
Received: by mail-qk0-x22e.google.com with SMTP id a72so140837588qkj.2 for <6man@ietf.org>; Tue, 16 May 2017 14:04:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Zky+J/Y1gZ5lD1RmIvjm+TV/F/38hbVb0aJVYQovXcE=; b=bVdMizZa/baem/9IyysC8g8GFuQb/e5dCFHSFD5oyyZ0TflNB74Q8wkpW2+1uwd/f7 ksYMGlVx+amiWtYThzNF08CpwYyMvSsYqm+7Pcs3yVjCWEGjlZYpZ1UDoPD+6KtM5rKX Fw617ZgH+fuKNNyvTtsMDS4BU4/dhXozYNcU4482uowCtLC/GZ++sM0y0X1tkGsemnsA TXwKfl8irWyp9HjZZy6JVjCzsE2uoUgUxy3omQ+HAmkHzbQaqHKRipVommqizJyVJhUS UiQAD6PBLoDDTO9CFzY+FcDibEjJKTNARG+1+g1nfs9LUYPrAV02KeGAEM+EaA8FvLNA 9wzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Zky+J/Y1gZ5lD1RmIvjm+TV/F/38hbVb0aJVYQovXcE=; b=UimQ6bo6YyKEIPG512Lo1Eg+ED8q2pUSzqeHPKzKyORCVD3V+DokJlJNZLNNA7LsNd yiZCpDxjCjVBlUkE/lyyyMIwQhEk9JE/kzNY+7csanM/CUSpukgvyt1Sm/LOp/BNWdB7 dlBrx5PHnSv9xMnvh+pxsZCdJtPhWpaWZ3vtBICQQZoPPa/v5qtlEQ8AoVuUSO2HDumd 4ZPlhVwUEmRKNSy5m8T6Vc0UPtVSjmtZGRd/f0L7znxhzB9ib55UVk2bzkm2tPByMcbD kTxAmO3hxwda2dkaQhdoYWV0W5t7EfLLkBx20aMvXscPLN5cXcHYZnC3sRbGm4xown6m a6EA==
X-Gm-Message-State: AODbwcCz7Ebn5/FxXvikZ2hQdHSqdCwu/wV+LdyJPFwSuHYfJMeWDg67 cMI52YS/0PpBPNhlJuQpeqlwM4eTHg==
X-Received: by 10.55.154.143 with SMTP id c137mr11569055qke.177.1494968645309; Tue, 16 May 2017 14:04:05 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.97.10 with HTTP; Tue, 16 May 2017 14:04:04 -0700 (PDT)
In-Reply-To: <BLUPR0501MB205163C6A42CA608D5A9B616AEE60@BLUPR0501MB2051.namprd05.prod.outlook.com>
References: <149445467475.16592.8251449526718380823.idtracker@ietfa.amsl.com> <CALx6S362u-h8sY2b75JNTM9Q79o4WtuMYjwb_6qCjoKRMT3TJA@mail.gmail.com> <BLUPR0501MB20516F352D73979BADF94CC1AEE10@BLUPR0501MB2051.namprd05.prod.outlook.com> <CALx6S37i6EmG=QLXemjGG=zeRSHRPE_WuFVNaP_w27PkYUUzMQ@mail.gmail.com> <BLUPR0501MB205123058A1945806A149F0AAEE10@BLUPR0501MB2051.namprd05.prod.outlook.com> <CALx6S36zo_aPRxN8ZheOy2JA-iOAhD-6m-SY-jxk5H0+2t_53Q@mail.gmail.com> <BLUPR0501MB205163C6A42CA608D5A9B616AEE60@BLUPR0501MB2051.namprd05.prod.outlook.com>
From: Tom Herbert <tom@herbertland.com>
Date: Tue, 16 May 2017 14:04:04 -0700
Message-ID: <CALx6S35h-=5tuzA0x27rivKqYegeW=bSAXx9-g005Gb4U07fPg@mail.gmail.com>
Subject: Re: New Version Notification for draft-herbert-6man-icmp-limits-01.txt
To: Ron Bonica <rbonica@juniper.net>
Cc: "6man@ietf.org" <6man@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/H-vWjuyTO0fFffd3p0rWN4yVWYk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 May 2017 21:09:04 -0000

On Tue, May 16, 2017 at 9:52 AM, Ron Bonica <rbonica@juniper.net> wrote:
> Tom,
>
> I was confused before reading your response. Now I a profoundly confused :-/
>
> In your example, I think that the header stack looks like this:
>
> A) payload
>         3) data
>         2) TCP header (8 bytes)
>         1) IPv6 header (40 bytes)
> B) Geneve
>         3) Geneve header (260 bytes)
>         2) UDP Header (8 bytes)
>         1) IPv6 Header (40 bytes)
>
>
> It doesn't contain any IPv6 extension headers at all. A transit router, acting  as a middlebox, needs to see the TCP header, but can't because the TCP header is 340 bytes into the packet. So, we send an ICMPv6 Parameter Problem.
>
> Do I have that much right?
>
Yes, that is correct. Looking at the definition of Parameter Problem
in RFC1122 it seems the use here is okay even though the problem might
not specifically be about  IP layer.

Tom

>                                                                                       Ron
>
>
>> -----Original Message-----
>> From: Tom Herbert [mailto:tom@herbertland.com]
>> Sent: Monday, May 15, 2017 5:28 PM
>> To: Ron Bonica <rbonica@juniper.net>
>> Cc: 6man@ietf.org
>> Subject: Re: New Version Notification for draft-herbert-6man-icmp-limits-
>> 01.txt
>>
>> On Mon, May 15, 2017 at 10:53 AM, Ron Bonica <rbonica@juniper.net>
>> wrote:
>> > Tom,
>> >
>> > I may be parsing your response incorrectly.. Can you provide an example
>> where encapsulations elicit a Headers Too Long error code?
>>
>> It would be the case because of encapsulation a device is unable to parse the
>> headers it wants (typically would be down to transport headers). For
>> instance in Geneve, the maximum header length is 260 bytes. Adding UDP
>> outer header and using it for IPv6/IPv6 encapsulation gets the headers
>> before the inner transport header up to
>> 348 bytes. That in itself may exceed a parsing buffer. A few more extension
>> headers, SFC, or nested encapsulation could push the headers over 512
>> bytes that would probably exceed the parsing buffer sizes of many devices.
>> So The Headers Too Long could be sent in this case.
>> Implementing a fallback might be hard since there may be multiple sources
>> of the headers, but at least this might give some visibility to packet drops
>> happening.
>>
>> Tom
>>
>> >
>> >
>> > Ron
>> >
>> >>
>> >> > 2) Same comment for Sections 3.3 and 3.4
>> >> > 3) I'm not sure that I get the difference between Extension Header
>> >> > Chain
>> >> Too Long (Section 3.3) and Headers Too Long (Section 3.5). Are you
>> >> saying that there is a case where 3.5 will be true and 3.3 will be false?
>> >>
>> >> Headers too long could be caused by and reference encapsulation
>> >> headers as the culprit, it's not specific to extension headers.
>> >>
>> >

v2.23.0 | Report a Bug | By Email