Re: AD reviews of draft-ietf-6man-rpl-option and draft-ietf-6man-rpl-routing-header
JP Vasseur <jpv@cisco.com> Thu, 28 July 2011 18:47 UTC
Return-Path: <jpv@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D683111E810D for <ipv6@ietfa.amsl.com>; Thu, 28 Jul 2011 11:47:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.446
X-Spam-Level:
X-Spam-Status: No, score=-102.446 tagged_above=-999 required=5 tests=[AWL=0.152, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RLRBufesrKFR for <ipv6@ietfa.amsl.com>; Thu, 28 Jul 2011 11:47:08 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id B8E8C5E801D for <ipv6@ietf.org>; Thu, 28 Jul 2011 11:47:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=jpv@cisco.com; l=19496; q=dns/txt; s=iport; t=1311878827; x=1313088427; h=subject:mime-version:from:in-reply-to:date:cc:message-id: references:to; bh=uq9arg+53MQuuC/KQN2ZyIAvTGzhBrKDPdeVJy7L9GE=; b=l2hN+F+OVSxzDe3pg6CaqFL6O9H21KDI0cJQ9FExT5mWZSw0yaGrJDXu cIze2U028sQs9QPoh0gk9QXT0MZjVocTkHnshu4thtd2syYb2ntA067Hw Fw9V0dt/3eQxGmQw5/irj3z5HJelGFjZcZnKcfXZOXVGj3BeYYzipSSrz w=;
X-IronPort-AV: E=Sophos;i="4.67,283,1309737600"; d="scan'208,217";a="7492987"
Received: from mtv-core-2.cisco.com ([171.68.58.7]) by rcdn-iport-6.cisco.com with ESMTP; 28 Jul 2011 18:47:07 +0000
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by mtv-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id p6SIl3cX020770; Thu, 28 Jul 2011 18:47:06 GMT
Received: from xfe-sjc-212.amer.cisco.com ([171.70.151.187]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 28 Jul 2011 11:47:05 -0700
Received: from dhcp-13dd.meeting.ietf.org ([10.21.90.36]) by xfe-sjc-212.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 28 Jul 2011 11:47:05 -0700
Subject: Re: AD reviews of draft-ietf-6man-rpl-option and draft-ietf-6man-rpl-routing-header
Mime-Version: 1.0 (Apple Message framework v1244.3)
Content-Type: multipart/alternative; boundary="Apple-Mail=_6DAFB831-8A15-4D44-8BBC-5CBCAC6AB82C"
From: JP Vasseur <jpv@cisco.com>
In-Reply-To: <4E31A280.1040504@piuha.net>
Date: Thu, 28 Jul 2011 14:47:04 -0400
Message-Id: <B69650D9-8F1A-4097-BA22-C6FEB91AEA9B@cisco.com>
References: <4DFBC587.9090807@piuha.net> <4E31A280.1040504@piuha.net>
To: Jari Arkko <jari.arkko@piuha.net>
X-Mailer: Apple Mail (2.1244.3)
X-OriginalArrivalTime: 28 Jul 2011 18:47:05.0325 (UTC) FILETIME=[BEF671D0:01CC4D56]
Cc: IETF IPv6 Mailing List <ipv6@ietf.org>, Jonathan Hui <jhui@archrock.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jul 2011 18:47:22 -0000
Thanks a lot Jari, sorry for the delay, Jonathan and I just had a discussion and will send a proposal this week. Thanks. JP. On Jul 28, 2011, at 1:55 PM, Jari Arkko wrote: > JP, Jonathan, > > Has there a been response to the two reviews from June? I'd like to move > these drafts forward... > > Jari > > Jari Arkko kirjoitti: > > I have reviewed this draft. Some of the issues from the other draft > > are visible in this one as well, and I saw two additional substantive > > issues: > > > > - we need to specify the behavior with regards to the data in this > > option better > > - the text about processing packets in RPL border routers should be > > written in a different manner > > > > Both of these should be easily addressed, however. Please revise the > > draft and we can send the draft to IETF Last Call. > > > > Here are my comments in more detail: > > > >> Datagrams being forwarded within a RPL domain MUST include a RPL > >> Option. For datagrams sourced within a RPL domain, the RPL Option > >> MAY be included in the datagram itself. > > > > I'm not sure I understand the difference or its motivation. Do you > > really mean that a packet might not have the option until it hits the > > first router? Or are you just talking about something that happens > > internally on a host, but on the wire all packets would still have the > > option? Also, since the tunnel (or something else) is used to include > > the option for datagrams sourced outside the RPL domain, wouldn't it > > be easier to just say this: > > > > "Datagrams sent between nodes within an RPL domain MUST include an RPL > > Option." > > > >> For datagrams sourced > >> outside a RPL domain, IPv6-in-IPv6 tunneling, as specified in > >> [RFC2473 <http://tools.ietf.org/html/rfc2473>] SHOULD be used to > >> include a RPL Option. > > > > This text should be aligned with whatever conclusion we will have for > > the issue that I raised with the other document. > > > >> To help avoid IP-layer fragmentation, the RPL Option has a maximum > >> size of RPL_OPTION_MAX_SIZE octets and links within a RPL domain > >> SHOULD have a MTU of at least 1280 + 44 (outer IP header, Hop-by-Hop > >> Option header, Option header) + RPL_OPTION_MAX_SIZE + (additional > >> extension headers or options needed within RPL domain). > >> > > > > There's a same MTU issue here as in the other document. > > > >> The action taken by using the RPL Option and the potential set of > >> sub-TLVs carried within the RPL Option MUST be specified by the RFC > >> of the protocol that use that option. No TLVs are defined in this > >> document. > >> > > > > I think you should define the behavior when a node encounters a > > sub-TLV that it does not recognize. E.g., ignore and move on to the > > next sub-TLV. Or do you want a stricter policy? In any case, for > > future extensions it will be necessary to know how they are treated by > > legacy RPL nodes. > > > >> In very specific cases, IPv6-in-IPv6 tunneling may be undesirable due > >> to the added cost and complexity required to process and carry a > >> datagram with two IPv6 headers. [I-D.hui-6man-rpl-headers > >> <http://tools.ietf.org/html/draft-ietf-6man-rpl-option-03#ref-I-D.hui-6man-rpl-headers>] > >> describes > >> how to avoid using IPv6-in-IPv6 tunneling in such specific cases and > >> the risks involved. > >> > > > > Again, the same comments as in the other draft. Please delete this > > paragraph. > > > >> For datagrams exiting the RPL domain, RPL Border Routers MUST remove > >> the RPL Option from the datagram. If the RPL Option was included > >> using tunneled mode and the RPL Border Router serves as the tunnel > >> end-point, removing the outer IPv6 header serves to remove the RPL > >> Option as well. Otherwise, the RPL Border Router assumes that the > >> RPL Option was included using transport mode and MUST remove the RPL > >> Option from the IPv6 Hop-by-Hop Option header. > >> > > > > The part about removing the RPL option even in a non-tunneled case > > relates to the issue of supporting that particular mode of operation. > > > > But in addition, I wonder if you should write the above text not in > > terms of packet modification operations but rather in terms of > > forwarding decision outcomes. Like this, for instance: > > > > "For datagrams destined to the RPL Border Router the router processes > > the packet in the usual way. For instance, if the RPL Option was > > included using tunneled mode and the RPL Border Router serves as the > > tunnel end-point, the router removes the outer IPv6 header, at the > > same removing the RPL Option as well. Datagrams destined elsewhere > > within the same RPL domain are forwarded to the right interface. > > Datagrams destined outside the RPL domain are dropped." > > > >> 6. Usage of the RPL Option > >> > >> The RPL Option is only for use within a RPL domain. RPL routers MUST > >> process and include the RPL Option when forwarding datagrams to other > >> nodes within the RPL domain. Routers on the edge of a RPL domain > >> MUST remove the RPL Option when forwarding datagrams to nodes outside > >> the RPL domain. > > > > What is it that this section says that is not already covered by > > sections 2 and 5: > > > > Sect 2: Datagrams being forwarded within a RPL domain MUST include a > > RPL Option. > > > > Sect 5: ... serves as the tunnel end-point, removing the outer IPv6 > > header serves to remove the RPL Option as well. Otherwise, the RPL > > Border Router assumes that the RPL Option was included using transport > > mode and MUST remove the RPL Option from the IPv6 Hop-by-Hop Option > > header. > > > >> This option may be used to mount several potential attacks since > >> routers may be flooded by bogus datagram containing the RPL option. > >> It is thus RECOMMENDED for routers to implement a rate limiter for > >> datagrams using the RPL Option. > >> > > > > Please open this up a bit. What specific danger does flooding by bogus > > datagrams and RPL options cause? What would be the default settings > > for the rate limiter? > > > >> Opt Data Len: 8-bit field indicating the length of the option, in > >> octets, excluding the Option Type and Opt Data Len fields. > >> > >> Down 'O': 1-bit flag as defined in Section 11 of > >> [I-D.ietf-roll-rpl > >> <http://tools.ietf.org/html/draft-ietf-6man-rpl-option-03#ref-I-D.ietf-roll-rpl>]. > >> > >> > >> Rank-Error 'R': 1-bit flag as defined in Section 11 of > >> [I-D.ietf-roll-rpl > >> <http://tools.ietf.org/html/draft-ietf-6man-rpl-option-03#ref-I-D.ietf-roll-rpl>]. > >> > >> > >> Forwarding-Error 'F': 1-bit flag as defined in Section 11 of > >> [I-D.ietf-roll-rpl > >> <http://tools.ietf.org/html/draft-ietf-6man-rpl-option-03#ref-I-D.ietf-roll-rpl>]. > >> > >> > >> RPLInstanceID: 8-bit field as defined in Section 11 of > >> [I-D.ietf-roll-rpl > >> <http://tools.ietf.org/html/draft-ietf-6man-rpl-option-03#ref-I-D.ietf-roll-rpl>]. > >> > >> > >> SenderRank: 16-bit field as defined in Section 11 of > >> [I-D.ietf-roll-rpl > >> <http://tools.ietf.org/html/draft-ietf-6man-rpl-option-03#ref-I-D.ietf-roll-rpl>]. > >> > >> > >> Values within the RPL Option are expected to change en-route. > > > > This specification needs to describe what the behavior of a router is > > with the content of the option. I think this is easy, you should just > > add to the end: "The processing shall follow the rules described in > > Section 11.2 of [roll-rpl]. > > > > As an aside, the entire Section 11 is marked in roll-rpl as > > non-normative. I don't think that's actually right as far as 11.2 > > goes, because it contains tons of MUSTs and SHOULDs. Perhaps you want > > to fix that in AUTH48... > > > > Jari > > > > > >
- AD review of draft-ietf-6man-rpl-option Jari Arkko
- AD reviews of draft-ietf-6man-rpl-option and draf… Jari Arkko
- Re: AD reviews of draft-ietf-6man-rpl-option and … JP Vasseur
- Re: AD review of draft-ietf-6man-rpl-option Jonathan Hui
- Re: AD review of draft-ietf-6man-rpl-option Jari Arkko
- Re: AD review of draft-ietf-6man-rpl-option Jonathan Hui
- Re: AD review of draft-ietf-6man-rpl-option JP Vasseur
- Re: AD review of draft-ietf-6man-rpl-option Jari Arkko