IETF Logo Mail Archive

Re: Offset Indicating option

Brian E Carpenter <brian.e.carpenter@gmail.com> Mon, 26 September 2011 20:06 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9650B1F0CCD for <ipv6@ietfa.amsl.com>; Mon, 26 Sep 2011 13:06:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.578
X-Spam-Level:
X-Spam-Status: No, score=-103.578 tagged_above=-999 required=5 tests=[AWL=0.021, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ctUPf431V8A1 for <ipv6@ietfa.amsl.com>; Mon, 26 Sep 2011 13:06:07 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id 1AC191F0CC8 for <ipv6@ietf.org>; Mon, 26 Sep 2011 13:06:07 -0700 (PDT)
Received: by yxt33 with SMTP id 33so5752670yxt.31 for <ipv6@ietf.org>; Mon, 26 Sep 2011 13:08:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=V7IVR/Zonorek0x8aa/LTLH/DaN8K+TSg3qxfjkXTOQ=; b=LbBLXtYhLx6yOBmFVh3+60csKxAMx1t5i8xUIpoFEDkyPwcCJgAfqM1xBMvt3VnZEL OOSi0Wp/sMGTWt3vbwtcScBsXBjvvIaSoaqlpZwmCkZEAS8V+pXL0fMRYG/bM5DpD5ne /caor8J/9bIwrNVZS4loOg/4urt+gX/h/oUFo=
Received: by 10.150.74.7 with SMTP id w7mr6854048yba.284.1317067730448; Mon, 26 Sep 2011 13:08:50 -0700 (PDT)
Received: from [130.216.38.124] (stf-brian.sfac.auckland.ac.nz. [130.216.38.124]) by mx.google.com with ESMTPS id n3sm946113anl.6.2011.09.26.13.08.47 (version=SSLv3 cipher=OTHER); Mon, 26 Sep 2011 13:08:49 -0700 (PDT)
Message-ID: <4E80DBCD.1040308@gmail.com>
Date: Tue, 27 Sep 2011 09:08:45 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: John Leslie <john@jlc.net>
Subject: Re: Offset Indicating option
References: <4E7FDEFA.6060808@gmail.com> <20110926143849.GH2931@verdi>
In-Reply-To: <20110926143849.GH2931@verdi>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: 6man <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Sep 2011 20:06:07 -0000

On 2011-09-27 03:38, John Leslie wrote:
> Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>> draft-zhang-6man-offset-option-01 proposes an idea for how to make it
>> easier for a node that needs to skip over an IPv6 header chain to do
>> so quickly...
> 
>    Alas, Brian, this strikes me as a rather bad idea -- introducing
> ambiguity and almost inviting gaming the system so that the same packet
> looks different to a DPI device and the actual destination.

I don't understand that comment. There's no ambiguity in the
packet - it may contain the option, but if it does, the option
isn't ambiguous. Any node is at liberty to ignore it, including
a DPI device that wants to inspect all the headers (which a
paranoid firewall presumably would).

> 
>    IMHO, any node interested in such details of the payload should be
> prepared to run at wire speed -- with a dedicated pipeline element if
> anyone were so foolish as to perform this in the "backbone".

Why? It's a design tradeoff, and the option suggests a different
tradeoff point.

    Brian

v2.23.0 | Report a Bug | By Email