IETF Logo Mail Archive

Re: draft-wang-6man-flow-label-reflection

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 14 November 2014 21:13 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC5F61A8759 for <ipv6@ietfa.amsl.com>; Fri, 14 Nov 2014 13:13:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EImNlFcHtgKl for <ipv6@ietfa.amsl.com>; Fri, 14 Nov 2014 13:13:00 -0800 (PST)
Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82B041A1A55 for <ipv6@ietf.org>; Fri, 14 Nov 2014 13:13:00 -0800 (PST)
Received: by mail-wi0-f170.google.com with SMTP id r20so656335wiv.1 for <ipv6@ietf.org>; Fri, 14 Nov 2014 13:12:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=VfISgfROObpuwN/EI4B0O/22HcfUsbAdp2yvHOFRR4c=; b=wCkVBR7e8p9SgYcn+mfwiZG8YqmnoFHho5cWeuJwHUFnBbr+Vc7w0U/KCxdKm4mOH7 goDoIqshc0BKeZgugdcCGhq02GFmDFWn1oSJ+7TkkL6SvQaUSmic5iUh4OQtHPTq0UEX TBcUV9HHGO83JcRL45C1wNH130rAaZt1v/xKnjydW3LB2rtlTFm7YUoXbAl2BA0Dbf/i EW3Ah7miU4eda+DcS0p3HU3RzTOgQoWDCZr8u5P6ZtNonh2kGvF/gXoIfMJvrENgtQMQ cSBOqpclzIgdKMDn4k+VU2SvgJf6Q3nKSRDxAok/7lpaLtU721K+rzzMoGcl+0RoIDZM ohlg==
X-Received: by 10.194.236.200 with SMTP id uw8mr17796515wjc.50.1415999579347; Fri, 14 Nov 2014 13:12:59 -0800 (PST)
Received: from [31.133.163.84] (dhcp-a354.meeting.ietf.org. [31.133.163.84]) by mx.google.com with ESMTPSA id gs9sm41011643wjc.47.2014.11.14.13.12.57 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 14 Nov 2014 13:12:58 -0800 (PST)
Message-ID: <54667064.4040001@gmail.com>
Date: Sat, 15 Nov 2014 10:13:08 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Jeroen Massar <jeroen@massar.ch>
Subject: Re: draft-wang-6man-flow-label-reflection
References: <5465C0AC.10801@massar.ch> <5D36713D8A4E7348A7E10DF7437A4B923AF75421@nkgeml512-mbx.china.huawei.com> <54664B07.3040308@bogus.com> <54665178.2060905@gmail.com> <54666DB7.6090802@massar.ch>
In-Reply-To: <54666DB7.6090802@massar.ch>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ipv6/RT1AwXrtvfhqgaDcf4RnE1DC03g
Cc: 6man WG <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Nov 2014 21:13:03 -0000

On 15/11/2014 10:01, Jeroen Massar wrote:
> On 2014-11-14 20:01, Brian E Carpenter wrote:
>> On 15/11/2014 07:33, joel jaeggli wrote:
>>> On 11/14/14 7:52 AM, Sheng Jiang wrote:
>>>> Hi, Jeroen,
>>>>
>>>> We can certainly add some consideration in the future version
>>>> regarding to ICMPv6 and "Packet too big". However, could you be more
>>>> specific what your concern is regarding to ICMPv6 and flow label
>>>> reflection?
>>>>
>>>> BTW, the v6ops draft you mentioned does not have any discussion
>>>> regarding to flow label.
>>> 20 bits alone isn't enough to identify a flow, certainly not when the
>>> source has changed. I have more flows then that on a single path.
>> For load balancing, that doesn't really matter too much, but if you
>> were really trying to identify flows individually, you have to use
>> {src-addr, flow-label} just by the definition of the flow label. With
>> a reflected label that isn't safe, because the rule that the source
>> must ensure that {src-addr, flow-label} is unique cannot be guaranteed
>> by the reflector.
> 
> And also note that any router on the path is allowed (they "MAY") per
> the RFC to overwrite the label if they see fit.

Once the label is set, that is not true (but there is an exception for
paranoid firewalls). In reality the field can be forged, but so can
anything in the IPv6 header.

> The primary use of the Flow Label seems to be Load Balancing, but load
> balancing does not work as doing that based on src/flow-label or just
> flow-label breaks ICMPv6 PTBs.

That case is broken with or without the flow label.

> As such, the primary use case of Flow Labels is broken. Thus making that
> field useless.

No, it's stateless load balancing with fragmentation that's broken.

   Brian

v2.23.0 | Report a Bug | By Email