IETF Logo Mail Archive

Re: SRH insertion vs SRH insertion + encapsulation

Sander Steffann <sander@steffann.nl> Sun, 08 September 2019 21:28 UTC

Return-Path: <sander@steffann.nl>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16FBE1200CC; Sun, 8 Sep 2019 14:28:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=steffann.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bem73jZ1ANXd; Sun, 8 Sep 2019 14:28:51 -0700 (PDT)
Received: from mail.sintact.nl (mail.sintact.nl [83.247.10.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7231120013; Sun, 8 Sep 2019 14:28:50 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.sintact.nl (Postfix) with ESMTP id 04C7D4B; Sun, 8 Sep 2019 23:28:48 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=steffann.nl; h= x-mailer:references:in-reply-to:date:date:subject:subject :mime-version:content-type:content-type:message-id:from:from :received:received; s=mail; t=1567978124; bh=KdLFUYm6rU1FmWvKN9O DQ65OzlojR78X1LPSUhQFQig=; b=P0Q0MYFlaxBt7JMl3RcbVw0toqLO+aHXeNd uR1TvRCr95GH1XSBQrVTVB6ZXN5WslIIxmBGCSwzrzF+7W9PUiM/+dISfSEclHLe I/thF2ljB3KwkTxtzBUOvPK/FAoi7YSJ3+vbV0NDLmPGiVwnetHvps95h51+r1Bf SuXSagqE=
X-Virus-Scanned: Debian amavisd-new at mail.sintact.nl
Received: from mail.sintact.nl ([127.0.0.1]) by localhost (mail.sintact.nl [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id oAEfHxgJxR9m; Sun, 8 Sep 2019 23:28:44 +0200 (CEST)
Received: from [IPv6:2a02:a213:a300:ce80:206b:c952:7206:e870] (unknown [IPv6:2a02:a213:a300:ce80:206b:c952:7206:e870]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail.sintact.nl (Postfix) with ESMTPSA id 7982C3C; Sun, 8 Sep 2019 23:28:44 +0200 (CEST)
X-Clacks-Overhead: GNU Terry Pratchett
From: Sander Steffann <sander@steffann.nl>
Message-Id: <AE02B5E2-646F-49DD-B4BC-EA0AA9E548A0@steffann.nl>
Content-Type: multipart/signed; boundary="Apple-Mail=_31F3E51D-42F6-4E45-AB4C-F2F599403AEC"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Subject: Re: SRH insertion vs SRH insertion + encapsulation
Date: Sun, 08 Sep 2019 23:28:39 +0200
In-Reply-To: <CAO42Z2ynig8-1S6o3JLj0bjHK9f5k+ia+5bf2kGWMhAgt3H9wQ@mail.gmail.com>
Cc: Ole Troan <otroan@employees.org>, Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>, "6man@ietf.org" <6man@ietf.org>, Robert Raszuk <robert@raszuk.net>
To: Mark Smith <markzzzsmith@gmail.com>
References: <BYAPR05MB5463306B3328F460C2417764AEB50@BYAPR05MB5463.namprd05.prod.outlook.com> <32ED6621-3D17-4EC8-AC11-AFE64F05E6A9@employees.org> <CAO42Z2ynig8-1S6o3JLj0bjHK9f5k+ia+5bf2kGWMhAgt3H9wQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/T5du1-hPDqlpJ5QZcfzGSRQVuN0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Sep 2019 21:28:53 -0000

Hi Mark,

> 6296?
> 
> I don't agree with RFC 6296 and NAT in general because of the operational problems it causes and has caused me.*
> 
> The caveat with RFC 6296 is that it is Experimental, not Standards Track. I don't think people should use it, however with that RFC they will hopefully consistently do something they shouldn't do.
> 
> In comparison to anonymous EH insertion, at least the NPT box overstamps the packet source address in the inside to outside direction, so in one direction it isn't anonymous. If you're troubleshooting from that side there is no ambiguity, because the NPT box will look like the packet's original source host.
> 
> If you're troubleshooting from the inside, the location of the NPT box is going to known, likely at the network/Internet edge.
> 
> EH insertion is far worse, because it's entirely anonymous.

Thank you for that summary. I agree with it.

I'm just sad we're having this discussion over and over again. My personal opinion is that at some point the WG chairs should declare this rehashing of the same discussion as out of scope and move on. The problems with EH insertion have been discussed, the fact that domain/scope limiting doesn't work in practice (especially for those who need to debug the results) and RFC 8200 has been reached. Why the *($#&(* are we still wasting everybody's time beating this dead horse?

Cheers,
Sander

v2.23.0 | Report a Bug | By Email