IETF Logo Mail Archive

Re: Updating to RFC6434 to deal with 8200-style header insertion by IPIP

Tim Chown <Tim.Chown@jisc.ac.uk> Tue, 07 November 2017 11:20 UTC

Return-Path: <tim.chown@jisc.ac.uk>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C66C13FDD5 for <ipv6@ietfa.amsl.com>; Tue, 7 Nov 2017 03:20:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.32
X-Spam-Level:
X-Spam-Status: No, score=-4.32 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jisc.ac.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ci7tiXbt8efI for <ipv6@ietfa.amsl.com>; Tue, 7 Nov 2017 03:20:22 -0800 (PST)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [146.101.78.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 296E813FDCC for <ipv6@ietf.org>; Tue, 7 Nov 2017 03:20:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc.ac.uk; s=mimecast20170213; t=1510053620; h=from:subject:date:message-id:to:cc:mime-version:content-type:content-transfer-encoding:in-reply-to:references; bh=N0MYsdv6tcwGrdbGSG+FDT/IkmHrq1bDHPEfPLCTrlc=; b=Zq36sC1o3HXomEO0d5gVD7bL+QRyBfqN26Odwgvh4MbuyXQDe/tdZIWEpHvvlhOsZdAkrI8C3TdJVXUzKeU0GMjteNBNCU3yHuGOZN21LgN8pq+Osr0w7l3p7e22a3kZJjQREFmTmSm3QfZ83LtdMyzVkwE9/yKfVh2BX7Sp70Q=
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01lp0209.outbound.protection.outlook.com [213.199.154.209]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-93-zSYEtncAOdmd3_MindqvVA-1; Tue, 07 Nov 2017 11:20:16 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com (10.163.188.14) by AM3PR07MB1140.eurprd07.prod.outlook.com (10.163.188.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.218.6; Tue, 7 Nov 2017 11:20:14 +0000
Received: from AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::f008:dc81:4b84:fd23]) by AM3PR07MB1140.eurprd07.prod.outlook.com ([fe80::f008:dc81:4b84:fd23%14]) with mapi id 15.20.0218.005; Tue, 7 Nov 2017 11:20:14 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
CC: Fernando Gont <fernando@gont.com.ar>, "C. M. Heard" <heard@pobox.com>, 6man WG <ipv6@ietf.org>, Michael Richardson <mcr+ietf@sandelman.ca>
Subject: Re: Updating to RFC6434 to deal with 8200-style header insertion by IPIP
Thread-Topic: Updating to RFC6434 to deal with 8200-style header insertion by IPIP
Thread-Index: AQHTU4K/vqPz1IcGUEyBNF2bHgm6GqMHrANIgAAZpoCAAQgTgA==
Date: Tue, 07 Nov 2017 11:20:14 +0000
Message-ID: <49F3820E-A9A8-41C4-B6D0-EAEAE0941769@jisc.ac.uk>
References: <CACL_3VETxNVQ+YD5j6ZiWjycQ=ojAuWwB23offNdVKm+S9c_7A@mail.gmail.com> <23308.1509623865@obiwan.sandelman.ca> <CACL_3VFrcombGczXU6Zz=Pk1u2GE=wGG-r+yEefdHai1REqXmQ@mail.gmail.com> <c8911f45-2afc-9d26-c0a8-1017d034a251@gmail.com> <1e62fab6-c434-a474-e53b-e4c7f2d83de0@gont.com.ar> <5cb2b9fd-8546-31fd-d984-d161aef16349@gmail.com>
In-Reply-To: <5cb2b9fd-8546-31fd-d984-d161aef16349@gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.4.7)
x-originating-ip: [2001:a88:d510:1101:edda:61ec:7313:b139]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM3PR07MB1140; 20:UjmahmNy1pGlx8CMvL85SLxJje1Kf81v571TjxP81d1CKuuC4rMtIToiO+1ES9BA5Hw1GYinHXlX8imnnZPawVeIemCubsfgJnTBWWYH/szsONige2YZFiCOvRfMla5aG6j3fShO3Hm1A3vpdBoMOaW+u8tBxqJW/UwyqV6zQoM=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 13965f50-593f-40ba-2d5a-08d525d18454
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(2017052603199); SRVR:AM3PR07MB1140;
x-ms-traffictypediagnostic: AM3PR07MB1140:
x-exchange-antispam-report-test: UriScan:(100324003535756);
x-microsoft-antispam-prvs: <AM3PR07MB1140ED2C9E3D8912E3AF15DED6510@AM3PR07MB1140.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231021)(100000703101)(100105400095)(6041248)(201703131423075)(201702281529075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123555025)(20161123560025)(20161123562025)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:AM3PR07MB1140; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:AM3PR07MB1140;
x-forefront-prvs: 0484063412
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(189002)(24454002)(199003)(6246003)(53546010)(3280700002)(42882006)(966005)(86362001)(97736004)(81166006)(316002)(36756003)(54906003)(8676002)(8936002)(81156014)(39060400002)(5660300001)(83716003)(6916009)(2950100002)(5250100002)(14454004)(57306001)(3660700001)(82746002)(786003)(2906002)(6436002)(50226002)(305945005)(2900100001)(6306002)(6506006)(106356001)(68736007)(229853002)(99286004)(74482002)(6486002)(6512007)(101416001)(50986999)(93886005)(25786009)(72206003)(6116002)(102836003)(4326008)(8656006)(53936002)(189998001)(7736002)(76176999)(478600001)(33656002)(105586002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM3PR07MB1140; H:AM3PR07MB1140.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-ID: <004DC191035313438F58C92A36FCA5B6@eurprd07.prod.outlook.com>
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: 13965f50-593f-40ba-2d5a-08d525d18454
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Nov 2017 11:20:14.0669 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM3PR07MB1140
X-MC-Unique: zSYEtncAOdmd3_MindqvVA-1
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/J3C4U0-3iYB7JAZIw2mx7fBuwuE>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Nov 2017 11:20:26 -0000

Hi,

> On 6 Nov 2017, at 19:35, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
> 
> Hi Fernando,
> 
> On 07/11/2017 07:02, Fernando Gont wrote:
>> On 11/02/2017 04:33 PM, Brian E Carpenter wrote:
>>> On 03/11/2017 04:26, C. M. Heard wrote:
>>>> On Thu, Nov 2, 2017, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>>>> 
>>>>> 
>>>>> C. M. Heard <heard@pobox.com> wrote:
>>>>>> On Wed, 01 Nov 2017, Michael Richardson wrote:
>>>>>>> Yet we skip other extension headers in order to find the ULP.
>>>>> 
>>>>>> Not so. An end node that encounters an unrecognized extension header
>>>>> is
>>>>> 
>>>>> Both AH and IPIP are well known and recognized extension headers.
>>> 
>>> AH is an extension header. "IPIP" isn't. It's Protocol 41, and Protocol 41
>>> is otherwise known as IPv6. (That's why it's also called IPPROTO_IPV6).
>>> In RFC8200 terms that makes it an "upper-layer header". Strictly speaking,
>>> RFC8200 doesn't specify what to do with an unrecognized upper-layer header.
>> 
>> Based on the std, anything that is unknown is an EH. In the context of
>> RFC8200/FC2460, there's only:
>> 
>> * Known EHs
>> * Known ULP
>> * Unknown EHs
> 
> Yes, that's what the text says but I wish we'd fixed it in 8200 to
> acknowledge that there is a 4th case (Unknown ULP) and that it
> cannot be distinguished from the 3rd case. Acknowledging that is
> much better than ignoring it. I'm happy with Ole's suggestion that
> this (and the resulting ICMP 1 behaviour) should be mentioned in
> 6434bis - as a clarification, not a new invention.

This seems a reasonable approach to me.  Would you like to propose text, Brian?

> I also agree that there are enough potential issues in unexpected
> IPv6-in-IPv6 that is deserves its own draft.

I’d agree. The same with header insertion for that matter. Focus on the issues and how/if they can be mitigated and in which contexts.

Tim

> 
> Regards
>   Brian
> 
>> with the last one being the default branch :-)
>> 
>> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email