[IPv6]Re: Ketan Talaulikar's Discuss on draft-ietf-6man-icmpv6-reflection-15: (with DISCUSS)
Tal Mizrahi <tal.mizrahi.phd@gmail.com> Thu, 04 December 2025 08:02 UTC
Return-Path: <tal.mizrahi.phd@gmail.com>
X-Original-To: ipv6@mail2.ietf.org
Delivered-To: ipv6@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 97F39952A8FF for <ipv6@mail2.ietf.org>; Thu, 4 Dec 2025 00:02:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NTLQlZaMtWMx for <ipv6@mail2.ietf.org>; Thu, 4 Dec 2025 00:02:30 -0800 (PST)
Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 4FF4B952A8CA for <ipv6@ietf.org>; Thu, 4 Dec 2025 00:02:28 -0800 (PST)
Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-b735b89501fso56270366b.0 for <ipv6@ietf.org>; Thu, 04 Dec 2025 00:02:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1764835341; x=1765440141; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=yyGf3l5z/IPkFRVjheRfmFIoJO8PTOD326dlSfub6So=; b=NTWWsHFDZGnuqh0hCPoWbPXJQvoD693p3nNbA3Lx+7uuucd6PQPDnsfEHd1z6YvuyI 5HgdxpYI20ZNi5Fj9jvd0iQ+p46psSuvmL1+TXba3N9eHA51FBGPZ/ecQ8ON5zgCz86i vz04oFYZ4/AOD/jgMVFaWtgN/ZDI0J6H0WUkoJhPoPZWkTw0Amozulmj83ZlYv3z8X1w fL5/s9aKW0LF9zU+CazJogIeYCAnR2E4Dx+ZlC9Ubwu8Pa7DMoXaeYK/VzwMtMui/Xmk kTFyZMGw9j1rl6DNELxEk0a4pwRoH8eSxIgynxMy+ZuHSecpBr9Q6cB++n4Pr+cY4ygk C/RQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764835341; x=1765440141; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=yyGf3l5z/IPkFRVjheRfmFIoJO8PTOD326dlSfub6So=; b=iouPwXM0Z06I3kjoNnjbok4gBoZM+ALBJmznqE2u7EkxjBy+ucMZ5aLw75jlpEQGOV raCcEbDYBAYb+yNOOR3gPRD5JhSv6QYcoNfLBMCKbu8cWvFTAgVPG+0nZ0nqB/JC8Ixg VhMfgZrjm0M94SKlhZ4hlwLAyQqDrAWkMWXkSOhYvClZW40zFnJeM5iXVCXmJmyBAEY8 8Dluiu8mgra5og7XCPUJhCW50gvg7pm7XmakkJ4GoBAqzhrW+ByCDdULZH3KrjuJOqwi yOfDd7M5Tiu86tOjaNvRFTwHZQ/7l6mhB895rNDh9FV3sRq+mcwfu8eJjE3XBTD0f2C9 8o5Q==
X-Forwarded-Encrypted: i=1; AJvYcCUNLXJbfP5zwiHUBpiJY9Cs7I+N7DXt+f+86XWMTsFpvvoV1a4FkWlfBUQr3q5FnMdRkMxy@ietf.org
X-Gm-Message-State: AOJu0YzbFwsVgakAMg50WCtyGxGgcMPEUpk/hO0mZgySNn/9NaiP79ux JWwjrf0Im4w9UB+u9w1YSJjUB24KMI1HAr0fxpWBvHn2t2xG3ljcCpqx52t4+3HSvlAdup3svsI KUbH9E31m5Hg9IZPkCicfU+GQZtiDdu4=
X-Gm-Gg: ASbGncuzzCwdpqbJigR63CwwIE6E4PrEMChfV4R7M01XYllzkrbERUJy7M6X4RuSDzl xcgKp/pyn90eXctZNBO6xXSlk78UbITn0uQTA00/WDMumZddiEeqnjAtk9/acPFJLp2P+AO/eiG 07TIGr1rB8MLhF9hFj96V1XMGN4iQKf1xk56UvnWO+fWl9G0j3HmAN1bE9/gLKYg7WO7RpQUTdg fSs3BFC13BAEQVW41GZ8QOHNw0knP+ShapQmVAmTHuaswjG1MuQdrip79VdWhPIlP5btXQ=
X-Google-Smtp-Source: AGHT+IHrWVz6VhAjQUO2ksumFk6fcdEenkit0Dr/tAYDfcWNCIJJwllyOLEcn8pNNQFlICyxWPTe2FbU77lkID6mxQ4=
X-Received: by 2002:a17:907:3d8c:b0:b73:6dbc:39fc with SMTP id a640c23a62f3a-b79ec67cb74mr180791866b.30.1764835340856; Thu, 04 Dec 2025 00:02:20 -0800 (PST)
MIME-Version: 1.0
References: <176476785625.3997352.709554547453583554@dt-datatracker-5bd94c585b-wk4l4> <CAH6gdPyRy9gpiqv1yanXyXZS7f+aEyr0abhnPqyTM3fYokfNMA@mail.gmail.com>
In-Reply-To: <CAH6gdPyRy9gpiqv1yanXyXZS7f+aEyr0abhnPqyTM3fYokfNMA@mail.gmail.com>
From: Tal Mizrahi <tal.mizrahi.phd@gmail.com>
Date: Thu, 04 Dec 2025 10:02:09 +0200
X-Gm-Features: AWmQ_bn4BjeTBfQYJNorESdXezCaaenQgOMSTqkaYGQbuY72D1tQ5DROMh-Sg3Q
Message-ID: <CABUE3X=3XQs+jPWo6p1kzFHxdQX=3semdgXS3O6EUD24R9PavQ@mail.gmail.com>
To: Ketan Talaulikar <ketant.ietf@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: T47CORPYIMW4KA7GGFZ7H3BLXRISIAS7
X-Message-ID-Hash: T47CORPYIMW4KA7GGFZ7H3BLXRISIAS7
X-MailFrom: tal.mizrahi.phd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ipv6.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-6man-icmpv6-reflection@ietf.org, The IESG <iesg@ietf.org>, 6man-chairs@ietf.org, ipv6@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [IPv6]Re: Ketan Talaulikar's Discuss on draft-ietf-6man-icmpv6-reflection-15: (with DISCUSS)
List-Id: "IPv6 Maintenance Working Group (6man)" <ipv6.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/J-IbXSqGA2voSS0BP2ewsAxe5-g>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Owner: <mailto:ipv6-owner@ietf.org>
List-Post: <mailto:ipv6@ietf.org>
List-Subscribe: <mailto:ipv6-join@ietf.org>
List-Unsubscribe: <mailto:ipv6-leave@ietf.org>
Hi Ketan, Please see inline, marked [TM]. On Wed, Dec 3, 2025 at 3:59 PM Ketan Talaulikar <ketant.ietf@gmail.com> wrote: > > Hello Ron and Tal, > > Thanks for the updates that address most of my discussion points and > comments. Only the following remain. > > Please check inline below for brief clarifications based on the latest text On Wed, Dec 3, 2025 at 6:48 PM Ketan Talaulikar via Datatracker < noreply@ietf.org> wrote: > Ketan Talaulikar has entered the following ballot position for > draft-ietf-6man-icmpv6-reflection-15: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-6man-icmpv6-reflection/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Thanks to the authors and the WG for their work on this document. > > I have a few points that I would like to discuss with the authors/WG. > > Note: This ballot has been updated based on v15 of the document. The > original > numbering of points has been retained and points that are closed have been > deleted. > > <discuss-2> I am a bit confused by the very strict and exact check for the > message size against the payload size allowed in the Reflect-All object. > What > if (due to some reason), the extension header size were to change, or some > extension headers inserted/removed in flight? Regardless of whether those > things are allowed by RFC8200, they could be happening in the network. This > strict check in the spec prevents the detection of such changes - there > would > only be an error reported and that is not very helpful to know what has > changed. What would be the problem if the Reflect-All object carried space > sufficient for the exact originated payload but the responder is allowed > to put > in as much information as required to carry the payload in the response? > Am I > missing something else that warrants such a strict check? > KT> In the following text, I assume this is the size from the start of the ICMPv6 header until the end of the IPv6 packet. Is that correct? [TM] Right. The word "total" perhaps seems odd. Then the figure 1 got me confused since it gives the impression that the two IPv6 packets are of the same size which need not be the case because the IPv6 header chain on them need not be the same. E.g., the incoming packet may have some HBH and DOH but the response may or may not have them. [TM] If the word "total" is removed, would that clarify the issue? The total length of the ICMPv6 Extended Echo Reply message is equal to the total length of the corresponding request message, ... KT> In short, the maths and the checks are being made super complicated. Can't it be simplified such that the requester decides the size it wants reflected back by setting that length value in the Reflect-All object length and then the responder fills that space to the extent possible (less than or equal to) starting from the IPv6 header and upto/until the start of the Reflect-All object in the original request packet? [TM] Would the following update resolve the concern? OLD: The ICMPv6 Extended Echo Reply message also contains an ICMP Extension Structure. The ICMP Extension Structure MUST contain the 'Reflect All' object that the ICMPv6 Extended Echo Request message contained. The length of the ICMP Extension Structure in the reply message MUST be less than or equal to the length of the ICMP Extension Structure of the request message. Specifically, the ICMP Extension Structure in the reply can be shorter if the probed node's policy restricts the reply length or the reply size would exceed the MTU. Similarly, the length of the 'Reflect All' object in the reply message MUST be less than or equal to the length of the 'Reflect All' object in the request message. NEW: The ICMPv6 Extended Echo Reply message also contains an ICMP Extension Structure. The ICMP Extension Structure MUST contain the 'Reflect All' object that the ICMPv6 Extended Echo Request message contained. The length of the 'Reflect All' object in the reply message MUST be less than or equal to the length of the 'Reflect All' object in the request message. Specifically, the 'Reflect All' object in the reply can be shorter if the probed node's policy restricts the reply length or the reply size would exceed the MTU. > > <discuss-5> Section 5 says: > > If the 'Reflect All' object is sufficiently long, the reply message > includes > the initial octets of the 'Reflect All' object. A notable use case for > including arbitrary data in the object payload is the inclusion of a > transmission timestamp, similar to how conventional Ping utilities > incorporate > timestamps into the ICMP payload. If the initial octets of the 'Reflect > All' > object payload contain a timestamp and the object is long enough, the > timestamp > is reflected back to the probing node, enabling round-trip time > calculations. > > This kind of approach is a big problem for interoperability. If a > timestamp is > desired then it should be well specified as another ICMP Extension Header > object with a proper format. Let us please not publish specs with such > secret > and private communication channel ideas. > > Also, the text on what the responder needs to do is not clear. I believe > the > intention is that it will form a new ICMPv6 packet (without any extension > headers normally?) and in that encode the original IPv6 packet carrying the > ICMPv6 reflection request in the Reflect-All object payload - in doing so, > it > will take the contents of the request only until the start of the > Reflect-All > object. Am I correct? > KT> Could you please point me to a reference that describes where/how timestamp can be entered into the "arbitrary" data as indicated in the text below? A notable use case for including arbitrary data in the object payload is the inclusion of a transmission timestamp, similar to how conventional Ping utilities incorporate timestamps into the ICMP payload. If the initial octets of the 'Reflect All' object payload contain a timestamp and the object is long enough, the timestamp is reflected back to the probing node, enabling round-trip time calculations. [TM] The timestamp use case is not described in the RFC series to the best of my knowledge since it is an implementation issue that does not require interoperability. For example, the Ping implementation in iputils uses an 8 byte timestamp in Echo Request messages. Notably, the probed node in the Reflection utility is not aware of whether there is a timestamp in the request, and there is no specific functionality that is required from the probed node in this context. For example, if the timestamp is incorporated into the first 8 bytes of the object payload of the request, then as long as the Reflect-All object in the reply is long enough to include the first 8 bytes of the request's object payload, the probing node will get the timestamp back and will be able to use it as existing Ping utilities work today. Thanks, Ketan [TM] Cheers, Tal.
- [IPv6]Ketan Talaulikar's Discuss on draft-ietf-6m… Ketan Talaulikar via Datatracker
- [IPv6]Re: Ketan Talaulikar's Discuss on draft-iet… Ketan Talaulikar
- [IPv6]Re: Ketan Talaulikar's Discuss on draft-iet… Tal Mizrahi
- [IPv6]Re: Ketan Talaulikar's Discuss on draft-iet… Tal Mizrahi
- [IPv6]Re: Ketan Talaulikar's Discuss on draft-iet… Ketan Talaulikar
- [IPv6]Re: Ketan Talaulikar's Discuss on draft-iet… Tal Mizrahi
- [IPv6]Re: Ketan Talaulikar's Discuss on draft-iet… Ketan Talaulikar
- [IPv6]Re: Ketan Talaulikar's Discuss on draft-iet… Tal Mizrahi
- [IPv6]Re: Ketan Talaulikar's Discuss on draft-iet… Ketan Talaulikar