Re: Review of draft-ietf-6man-rfc1981bis-02
Bob Hinden <bob.hinden@gmail.com> Wed, 07 September 2016 20:51 UTC
Return-Path: <bob.hinden@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6745312B197 for <ipv6@ietfa.amsl.com>; Wed, 7 Sep 2016 13:51:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vGud3wWiTTri for <ipv6@ietfa.amsl.com>; Wed, 7 Sep 2016 13:51:06 -0700 (PDT)
Received: from mail-it0-x229.google.com (mail-it0-x229.google.com [IPv6:2607:f8b0:4001:c0b::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2DF012B196 for <6man@ietf.org>; Wed, 7 Sep 2016 13:51:05 -0700 (PDT)
Received: by mail-it0-x229.google.com with SMTP id i184so220846765itf.1 for <6man@ietf.org>; Wed, 07 Sep 2016 13:51:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:mime-version:from:in-reply-to:date:cc:message-id:references :to; bh=l8I0/9RqNS/ulNUU6iT4LSmq7fdgCLXhc5eg9Q2vRxU=; b=ylg2DOPZLkgW8QC5aga1DV6xQAb1hKnPebeYrWDuOAMebL7tKFW7dC/dWbUk5hLcXz iTqjSWIDW/phN5Iif2rilw47hl3YNSMh5JSgvWPyc0+CkLWXthMUGL/lq7PXUMFO5+1i CWwRSuQwB0gg24kLE3L1uAQvM5SX2RaZa6LKF/w0MBMDsXJuwU9J+vwynRj4fATwbljh sBQlMPC0HD4Xea4lX5E0Qj18Qn1biS46GOIJq1tNaP1TInJIj13xAkCP24ofd64TYBdT /xM6wJ3aBp8dbRoZs1H1GOUG77mlKps2fGMGsJEEXYigUITVT6h8PgU78+HaGR+w86gx Fzyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date:cc :message-id:references:to; bh=l8I0/9RqNS/ulNUU6iT4LSmq7fdgCLXhc5eg9Q2vRxU=; b=XOvDjcxK2lm+U04mmKr/WPcqUVMZ2W80+CqBasXCmrxnmaxuGXucKGF5J5d3wRpP97 ka16IJ1PIpT1H69+hUIskmWUicBndhkihvv/0OeMHoy7jk4HAbIEXwYsxaRwfuvF9tcE ez2sO7rOAyTC6WiG3tp7n5Oyzc1/cPgZxQXiWM0GKq/UwUlm5RRcfddCue53TpP8H44Y vp85d4JGpBWP1x4ZMZVPNIovD56ucUiBL1R3bitaDpm/2xr/5u1hj2Op0DZ2X3qome6l ESgYPrO4vI8rI3PSej2SOEWZbUQjVazmC+wWJYpaExvugbkscifhlnBaTXwfCbLtgKaG jafQ==
X-Gm-Message-State: AE9vXwPZXyNtUBdnQsa+dKnL2aLPSlUV/MafTE69R7rHulEDDNLXo1fJC0+REWN0B3sMrQ==
X-Received: by 10.36.111.209 with SMTP id x200mr9368697itb.59.1473281464934; Wed, 07 Sep 2016 13:51:04 -0700 (PDT)
Received: from [172.16.224.219] ([209.97.127.34]) by smtp.gmail.com with ESMTPSA id u185sm4148589itc.3.2016.09.07.13.51.03 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 07 Sep 2016 13:51:03 -0700 (PDT)
Subject: Re: Review of draft-ietf-6man-rfc1981bis-02
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Content-Type: multipart/signed; boundary="Apple-Mail=_F924E90F-2EC7-4B5A-802C-579F79BE0665"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail
From: Bob Hinden <bob.hinden@gmail.com>
In-Reply-To: <89394068-B340-4B04-BA26-A3876E53F66C@jisc.ac.uk>
Date: Wed, 07 Sep 2016 13:51:01 -0700
Message-Id: <D153BB4B-1684-4F9C-9A19-A0BEB7E64BE1@gmail.com>
References: <89394068-B340-4B04-BA26-A3876E53F66C@jisc.ac.uk>
To: Tim Chown <Tim.Chown@jisc.ac.uk>
X-Mailer: Apple Mail (2.2104)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/JvaTbR8eJd94gLuJdILIq5vhXJQ>
Cc: "6man@ietf.org" <6man@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2016 20:51:08 -0000
Tim,
Thanks for the review.
The changes to RFC1981 were intended to be limited to only include two things:
Remove Note about a Packet Too Big message reporting a next-
hop MTU that is less than the IPv6 minimum link MTU. This
was removed from [I-D.ietf-6man-rfc2460bis].
Include a link to RFC4821 along with a short summary of what
it does.
Most of your comments are on the original text and go well beyond this. I don’t think they are in scope.
I also note that this is currently at Draft Standard, so questions about implementations have already been answered.
Comments below.
Thanks,
Bob
> On Jul 18, 2016, at 4:00 AM, Tim Chown <Tim.Chown@jisc.ac.uk> wrote:
>
> Hi,
>
> Ole asked for a review of draft-ietf-6man-rfc1981bis-02.
>
> Overall, the document looks close to being ready. But an important open question is whether PMTUD meets all the criteria for promotion to IS, as per RFC6410, i.e. that it has "a high degree of technical maturity and by a generally held belief that the specified protocol or service provides significant benefit to the Internet community” and it has "widespread deployment and successful operational experience”. The question is on the word “successful”, given the robustness issues of PTB message transmission and receipt.
I think it does meet the criteria. There are clearly issues with ICMP on the Internet, but the mechanism defined here works fine as long as ICMP are returned. This document describes specifies PMTUD.
>
> Related, one general comment is the level to which PLPMTUD (RFC4821) is ‘pushed’ in this document. It is mentioned in Section 1, but then not elsewhere in the document, where Packetization Layer PMTUD issues are discussed in a few places, e.g. Section 5.1 paragraph 2 which seems to suggest not using the 4821 approach. Some consistency might be desirable here?
It is not being “pushed” it is being noted. The intent as noted above was to add a note about PLPMTUD, not rewrite RFC1981.
If someone want to write a new draft contrasting the two approaches and make recommendations about how PMTUD and PLPMTUD along with other techniques should be used, that would be useful. However, I don’t think it should be in RFC1981bis.
>
> There is a large "Implementation Issues" section (Section 5), from the node’s perspective, but not much that I can see on handling of PMTUD-related messages (PTB) by nodes on a path from the reporter to the original packet sender. There’s a little on this in the Security Considerations. Is there, for example, value in adding a reference to RFC4890 somewhere, and that failure of sites to adhere to 4890 is a reason for using the 4821 approach?
As described above, I think this is out of scope. There was a lot of discussion on the list on how PLPMTUD should be cited, that resulted in the current text.
>
> Other comments:
I didn’t see any comments about the changes as noted above, they appear to be about the rest of RFC1981.
>
> Section 1:
>
> p.3 does the minimal implementation text belong here, or in the IPv6 Node Requirements document (which is also under revision)?
>
> p.3 after the “Nodes not implementing…” paragraph, is it worth noting that use of 1280 MTU gives some level of robustness/predictability at the expense of reduced performance? A 1280 MTU is being used in practice in a number of scenarios/deployments. And in 2460-bis we have text that discourages fragmentation and prefers transmission of 1280 MTU non-fragmented packets (section 5, penultimate paragraph).
>
> p.3 the note here on PLPMTUD (RFC4821) is appropriate, but as stated above, is this sentiment carried consistently through the rest of the document? As it stands, it seems this note was parachuted in here, without other parts of 1981bis being updated to reflect the addition.
>
> p.3 further, is use of one, either, or both approaches recommended, given the vagueness of the text about “delivery of ICMP messages not being assured” (for some value of “assured”)? e.g. RFC4821 says it relaxes the requirements of RFC1981 and “resolves robustness problems”, but the text here doesn’t go further. Does it need to?
>
> Section 4:
>
> p.6 do we have confidence that the 5 minute ‘MUST’ here is observed in common implementations? (I don’t know, but if moving to IS we should check on existing practice?)
>
> Section 5:
>
> p.7 Second para in 5.1, as above, the text isn’t wholly in sync with advice on use of RFC4821?
>
> p.7 last para of 5.1, in 2460-bis we say unnecessary fragmentation is “discouraged”. A reference to [FRAG] is used, but is dated; there was also draft-bonica-6man-frag-deprecate-02, which expresses sentiment but was considered too “drastic" to be adopted by 6man.
>
> p.8 if ND is mentioned here, should we cite RFC6980 on not fragmenting ND messages?
>
> p.8 there’s mention here of RH0, which of course is deprecated; there are other valid RH types though, but this text needs updating to remove reference to RH0. It might also be worth adding a pointer here to the text in 2460-bis about not by default using the reverse path from any RH to send an ICMP message back to the sender (section 8.4 of 2460-bis)?
>
> p.10 In 5.4, TCP layer interactions, referencing RFC7414 might be useful reinforcement.
>
> p.10 do we have examples of the 10 minute rule on stale PMTU information being implemented, and feedback from that? (Again, I don’t know, but…)
>
> p.11 there’s more packetization layer commentary here in the bottom half of the page; again how does this sit with RFC4821?
>
> p.12 is it worth a Transport Area person reviewing the examples of other transport protocols given here, and adding more topical examples?
>
> Section 6:
>
> p.13 while a ‘malicious party’ may cause problems by stopping a ‘victim’ receiving Packet Too Big messages, failure of sites to adhere to RFC4890 is probably a more likely cause. Should this be mentioned somewhere?
>
> p.13 is it worth adding a note about nodes on a path inserting an EH potentially causing PTB messages to go to the original source and not the ‘offender’ that made the packet too big?
>
> Tim
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
- Review of draft-ietf-6man-rfc1981bis-02 Tim Chown
- Re: Review of draft-ietf-6man-rfc1981bis-02 Bob Hinden
- Re: Review of draft-ietf-6man-rfc1981bis-02 Tim Chown
- Re: Review of draft-ietf-6man-rfc1981bis-02 Bob Hinden
- Re: Review of draft-ietf-6man-rfc1981bis-02 Tim Chown
- Re: Review of draft-ietf-6man-rfc1981bis-02 Bob Hinden
- Re: Review of draft-ietf-6man-rfc1981bis-02 Tim Chown