IETF Logo Mail Archive

RE: SRH insertion vs SRH insertion + encapsulation

"Manfredi (US), Albert E" <albert.e.manfredi@boeing.com> Mon, 09 September 2019 21:23 UTC

Return-Path: <albert.e.manfredi@boeing.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3E9312001A; Mon, 9 Sep 2019 14:23:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zPbTZpTGZEjZ; Mon, 9 Sep 2019 14:23:01 -0700 (PDT)
Received: from clt-mbsout-01.mbs.boeing.net (clt-mbsout-01.mbs.boeing.net [130.76.144.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DA0A1200C7; Mon, 9 Sep 2019 14:23:01 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by clt-mbsout-01.mbs.boeing.net (8.14.4/8.14.4/DOWNSTREAM_MBSOUT) with SMTP id x89LMwIL003880; Mon, 9 Sep 2019 17:22:58 -0400
Received: from XCH16-01-10.nos.boeing.com (xch16-01-10.nos.boeing.com [144.115.66.5]) by clt-mbsout-01.mbs.boeing.net (8.14.4/8.14.4/UPSTREAM_MBSOUT) with ESMTP id x89LMuZ2003868 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=FAIL); Mon, 9 Sep 2019 17:22:56 -0400
Received: from XCH16-01-11.nos.boeing.com (144.115.66.39) by XCH16-01-10.nos.boeing.com (144.115.66.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1713.5; Mon, 9 Sep 2019 14:22:55 -0700
Received: from XCH16-01-11.nos.boeing.com ([fe80::c57c:39bc:4c0a:384b]) by XCH16-01-11.nos.boeing.com ([fe80::c57c:39bc:4c0a:384b%4]) with mapi id 15.01.1713.004; Mon, 9 Sep 2019 14:22:55 -0700
From: "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>
To: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, Ole Troan <otroan@employees.org>
CC: draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>, "6man@ietf.org" <6man@ietf.org>, Robert Raszuk <robert@raszuk.net>
Subject: RE: SRH insertion vs SRH insertion + encapsulation
Thread-Topic: SRH insertion vs SRH insertion + encapsulation
Thread-Index: AQHVZWzACYxp4FaAyUuopH9NpA6sl6cgklmAgAALDQCAAKsQAIAARcAAgAJsEwCAAC7NgIAAFngA//+cSGA=
Date: Mon, 09 Sep 2019 21:22:55 +0000
Message-ID: <262d8e6441254000abd5fa7e637d975c@boeing.com>
References: <BYAPR05MB5463306B3328F460C2417764AEB50@BYAPR05MB5463.namprd05.prod.outlook.com> <32ED6621-3D17-4EC8-AC11-AFE64F05E6A9@employees.org> <BYAPR05MB5463AD77FA21C76C5A68E68BAEB70@BYAPR05MB5463.namprd05.prod.outlook.com> <5A25A20C-3BE3-4CD0-8558-2FC6E1BE717A@employees.org> <BYAPR05MB5463C4A5FB802D9ED1A84A01AEB70@BYAPR05MB5463.namprd05.prod.outlook.com>
In-Reply-To: <BYAPR05MB5463C4A5FB802D9ED1A84A01AEB70@BYAPR05MB5463.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [144.115.204.6]
x-tm-snts-smtp: 28BEBC6F42B40F768ABA33225E2B6D07A4A7545725A04344889C2F820F27A7B92000:8
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-GCONF: 00
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/OhZ5cYnY5bjS-A_PZxbTDRxltvs>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2019 21:23:05 -0000

Me too.

The only reason that the Italian postal worker would/should open the outer packet would be if the outer packet had her name, at her ufficio postale, as its destination address. But that would be an example of IP in IP encapsulation, where the source address had been placed on the outer packet as ACME London, when ACME London shipped the packet to a specific ufficio postale.

The only exception to who opens packets, other than the destination host, should be firewalls. For example, Ronaldo's aunt lives in an apartment building, and asks the portiere to please open all packages addressed to her. As would firewalls into enterprise networks. Otherwise, the network in the middle should not do this?

Seems a confusing analogy.

Bert

-----Original Message-----
From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of Ron Bonica
Sent: Monday, September 09, 2019 16:10
To: Ole Troan <otroan@employees.org>
Cc: draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>; 6man@ietf.org; Robert Raszuk <robert@raszuk.net>
Subject: RE: SRH insertion vs SRH insertion + encapsulation

Ole,

I am a little worried about the Italian postal worker in your example. She opened the outer box, which should have had the following return address:

- ACME Shipping, Boston, USA

She knows and trusts the ACME Staff in Boston, so she eats the Jelly Belly's. But the people in Boston didn't put the Jelly Belly's in the box. Some guy in London did.

So now, any trust that she had bestowed upon the ACME staff in Boston has been usurped by a stranger in London.

                                                                    Ron


Juniper Business Use Only

-----Original Message-----
From: Ole Troan <otroan@employees.org> 
Sent: Monday, September 9, 2019 2:49 PM
To: Ron Bonica <rbonica@juniper.net>
Cc: Robert Raszuk <robert@raszuk.net>; Mark Smith <markzzzsmith@gmail.com>; draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>; 6man@ietf.org
Subject: Re: SRH insertion vs SRH insertion + encapsulation

Dear Ron,

I think we both have used up our posting quota for long into next year, but I'll one more on this topic.

> There is a big difference between translating a packet’s source/destination address and adding something to a packet. The best way to explain this difference is with an analogy.
>  
> Assume the following:
>  
> 	• I, Ronald, am conversing with an Italian speaker through a translator
> 	• I say to the Italian speaker, through the translator, “your shoe is untied”
>  
> It is OK for the translator to tell the Italian speaker, “Aldo says that your shoe is untied”. He has translated my name into Italian, but not changed the message.
>  
> It is not OK for the translator to tell the Italian speaker, “Aldo says that your shoe is untied, and that you are ugly “.  If he were to do that, he would be originating a message and attributing it to me.

Translating the source address and/or destination address on the Internet is of course much worse than if a header inserted packet leaked.
Translation breaks fundamental parts of the Internet architecture, which has shaped the unidirectional centralized network we have been forced into today.

I do think you are attacking a strawman though. I don't think many, apart from Fernando is talking about changing 8200. I.e the ground rules for end to end IPv6.
The only realistic option for "header insertion" is within a limited domain.

A more fitting analogy would be something like:

- Ronald wants to ship a Birthday parcel to his aunt in Rome. He delivers the packet to the ACME shipping company in Boston
- The shipping company puts the parcel into a bigger sturdier box and gets it loaded onto the first ship bound for Europe.
- When arriving in London the European arm of ACME opens the outer box and slips a big bag of jelly babies in there and close the box up again.
- ACME's box then travel to Rome by train, and arrives to the Italian postal service.
- The Italian postal employee opens the box, eats the jellybabies and take Ron's birthday parcel to his aunt.

Of course if Ron had just shipped the parcel himself directly with the Best Effort Real Internet Inc company, it would have in half the time at half the cost, but the Italian postman would not have gotten any jelly babies...

Cheers,
Ole

PS: For unknown reasons Bassett Jellybabies are really hard to get hold of outside of the UK. Apparently because everyone else thinks the frosting looks like mold.
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email