IETF Logo Mail Archive

RE: RFC 8200: The Devil's Paragraph

Ron Bonica <rbonica@juniper.net> Sun, 01 March 2020 00:27 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E5833A1683 for <ipv6@ietfa.amsl.com>; Sat, 29 Feb 2020 16:27:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=D97PLlm1; dkim=pass (1024-bit key) header.d=juniper.net header.b=dirlqN8v
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fZ7KdKckX4MH for <ipv6@ietfa.amsl.com>; Sat, 29 Feb 2020 16:27:12 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A525D3A1682 for <ipv6@ietf.org>; Sat, 29 Feb 2020 16:27:12 -0800 (PST)
Received: from pps.filterd (m0108161.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 0210Nwk9014721; Sat, 29 Feb 2020 16:27:08 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=TIC2PzD9PHB3iCTJFxdoWDCZHGuj44iOzyZNoga4jok=; b=D97PLlm1w57zKkTrRQWmR0egA8MMWnJbgZpHR67cs4ynRpfeF18RkWTcHlESUKApJNy2 zahEd9qNsoYRW1zrYXhTFdaQv63RyQdh+IrMwe8xoqHQRiwU8V6wqekXLrMvMQFFl6ZL yCEWsNJBYEeY+1snyBpHk9h3JRQHrDUOp8CchHg/8Tkku4WyVHWjpbF80B9hrftkxPG2 7xQvLrKozucBzL4IFYju9PsB03z3rVyK+AvTWGNXw7k/R6Nf0jVQdzBmBpuR1VUbH1pd Z1HTugFteomz7ImkV4Hxhvf+p53czvmDDZX1iOvv5F7rLukJ8EGkpvYqMadEanw6VX0M 0w==
Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2168.outbound.protection.outlook.com [104.47.56.168]) by mx0b-00273201.pphosted.com with ESMTP id 2yfxnu07r1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 29 Feb 2020 16:27:08 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gpVlWD15PXIs+yNNfSbUTf5sPkvmjTPjeBmBRKWLjL6WeCGURH53huOLU2WUphywBzD1EZ4Owv1wHhH0tp9ni8xfOkaeR48pmHWmJfgCXq3CwrK3OtPKup2zU9wa0C98uVZq1rpkZyERQz9TOl8k0aYjb4E+FySccMngPR1PzVgL5Utqtkkf2am8hnUqqRFzw3tFoVA7oc0jwuMyBUHkx4a5qHf/KTzvIZnJHOaK1SMuQXAwKJZ9DkoBdsK9CEbXTOe/ikJTPScbZ44SAvGuhLDbvzyDiqV1aHLCOXOKmj7IbflqWQlL1gHkWNprSLeoqXY/P/ZM5ffqeuI3d52nwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=TIC2PzD9PHB3iCTJFxdoWDCZHGuj44iOzyZNoga4jok=; b=FT1nriujAWtYLE7C/P//iqdS0iLZxvNsVsSsrg26LVxwDt5zPVMt9zUogNzjyX+yva2mua4rqAh6l7JKtjbeEfkRgTrx2Dhi9hRuLutkEkn+HDsClNBrRCyxqdW9O0OedAcAKWlGpEkAgkqoAHEaAIbdtd8APDRU+hhESAEnur8nrLbnF1omPDJucskgJ8sOhSQJ+p474F5h9cyRts7G05n5w57YywyPOnv42WG7/4sh0VAdRMNZErFA0DD8pM2NDuQZdWExerns22MsvHcX4eYn4hcW4xY9KexOr1Seo/oN7N4A6fPx3q8iYlL2Gmi3ikV499xRmbQ8Ok/a0aegPQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=TIC2PzD9PHB3iCTJFxdoWDCZHGuj44iOzyZNoga4jok=; b=dirlqN8vvU5baM3DmbEcrs4dDTG82wVKxz8WtIKqCxoFH7kOAIshhfSgkaw0yz4IFUgFuJygMCJds0sN/mIxofSs1OmXz5I80//F4rEFhe82FcUlNiEXMq+1TPSbgdszizQq1Yb9komUmASJrfu+RR4CJdfS4+GBe3YF/vOekAc=
Received: from BN8PR05MB6337.namprd05.prod.outlook.com (2603:10b6:408:53::17) by BN8PR05MB6081.namprd05.prod.outlook.com (2603:10b6:408:47::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.5; Sun, 1 Mar 2020 00:27:06 +0000
Received: from BN8PR05MB6337.namprd05.prod.outlook.com ([fe80::e08e:a84b:f83e:ab4f]) by BN8PR05MB6337.namprd05.prod.outlook.com ([fe80::e08e:a84b:f83e:ab4f%3]) with mapi id 15.20.2793.009; Sun, 1 Mar 2020 00:27:06 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Mark Smith <markzzzsmith@gmail.com>, "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>
CC: 6man WG <ipv6@ietf.org>
Subject: RE: RFC 8200: The Devil's Paragraph
Thread-Topic: RFC 8200: The Devil's Paragraph
Thread-Index: AdXtumtaGL8ofvSqSLGz+XutPVT3kgAtoJqAAAG1y4AACgWJAAAvt6sg
Date: Sun, 01 Mar 2020 00:27:05 +0000
Message-ID: <BN8PR05MB6337F7D6B3D8A9C54122E972AEE60@BN8PR05MB6337.namprd05.prod.outlook.com>
References: <DM6PR05MB63482DDA36EEA130FF988178AEEB0@DM6PR05MB6348.namprd05.prod.outlook.com> <CAJE_bqebweDDxmMt_C-y+5jdpGs9WpG+nOOvxfn0iQGw2gZq0g@mail.gmail.com> <949cfc153e654e9bb47582034a21872f@boeing.com> <CAO42Z2xz5J6CEzode_T7LaBJ8VWFWVr4Zq5DsqjJ3t_sAHbT1A@mail.gmail.com>
In-Reply-To: <CAO42Z2xz5J6CEzode_T7LaBJ8VWFWVr4Zq5DsqjJ3t_sAHbT1A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4;MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2020-03-01T00:27:04.2518736Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=acbbb14b-8843-4470-b560-850d5259f1b1; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
dlp-product: dlpe-windows
dlp-version: 11.4.0.45
dlp-reaction: no-action
x-originating-ip: [108.28.233.91]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 6f7acf2b-f456-44ba-9fec-08d7bd77459a
x-ms-traffictypediagnostic: BN8PR05MB6081:
x-microsoft-antispam-prvs: <BN8PR05MB6081957AA8A3D99127067259AEE60@BN8PR05MB6081.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0329B15C8A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(136003)(396003)(376002)(346002)(39860400002)(189003)(199004)(316002)(66946007)(4326008)(5660300002)(53546011)(6506007)(55016002)(66476007)(110136005)(7696005)(76116006)(26005)(81166006)(81156014)(71200400001)(2906002)(966005)(66446008)(478600001)(86362001)(8936002)(186003)(64756008)(66556008)(33656002)(52536014)(66574012)(8676002)(9686003); DIR:OUT; SFP:1102; SCL:1; SRVR:BN8PR05MB6081; H:BN8PR05MB6337.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uDC875qWE43kFkPY+IeuXIwfC2gJYQLpjg4TqcI9pOrq91e2uJanedTYIQUinRQX+IfTqzUMq0mFtsfpy6CbBg0jkcXtG9+r3hQij4xhNTKhMPbP0OlH9TsuPl6vk48bl6LhMU5esxPYwKMkmbOQDzWHgB3ZCMR3GOSWA6DKAyCnbFiK4Wtk61liElnlR/XqocCniYFDYQeDDwDhlo4xpSG7po1GXTnKe6hmHgvUiTJoK5YFjHXR5wxkSroLLbani0wE00VREjcC6XUy1FXMDuB4c+zqZw526XnK+QUb/z+qyJOXCkviUKRmRh/CkYyArwUke++14ILxSOrNMyyqtknE38JoiRPNBqiuy/+CeRKibbG1w+mTXSK6RIukhjuxK/2t9Oe2Fnv3DcE3AYFugeERICw4nunPMomww7KryYC6uPxZqwrDvHjDiTh5PilY+LrjEmY1LqWmAFaSuhn8BRdeEXe2OvjMfWJi7TmlSygRLjHelAH3JScFrQJjAkKBuSMkkt38Wdy2w4csCi3QEQ==
x-ms-exchange-antispam-messagedata: tGwMpkOJsGi9t2ExKi4YbkvU2kgWUZi+O1LNZVm6mGZY7r/S5UOr3wJynqp19M3VZVifsQDPMAV0rYn1UirNHrBuiYHCXQwGyrbJR5JYHCpFB1+b0pT1aZgDW+3wUcAhhyvG8gXDetvqJANKaG7AMQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 6f7acf2b-f456-44ba-9fec-08d7bd77459a
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Mar 2020 00:27:05.9725 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7uFCuQCNgt+iVWhELmy2soEvAeSDISLH+h3GYXZCyHoa+ANcsIbTvWDewBx7q5PqxM4woPvgp2iWg83F0MgMhw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR05MB6081
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-02-29_09:2020-02-28, 2020-02-29 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxscore=0 lowpriorityscore=0 bulkscore=0 spamscore=0 clxscore=1011 mlxlogscore=999 adultscore=0 suspectscore=0 phishscore=0 malwarescore=0 impostorscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2001150001 definitions=main-2003010000
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/5TeaJsZE7wdlj6SuGBXdmQpdOWc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Mar 2020 00:27:15 -0000

Mark,

The low order bits of the Destination Address in the outer IPv6 header represent an instruction. That instruction determines:

- which payload types will be processed and which will be dropped. For example, END.DT6 passes IPv6 payloads but drops IPv4
- how the payload will be processed after de-encapsulation. For example, END.DT6 can determine which IPv6 Virtual Routing and Forwarding table will be used to forward the packet.

This isn't entirely in keeping with RFC 4291, but at this point, what's one more variation from the IPv6 architecture.

                                                                 Ron




Juniper Business Use Only

-----Original Message-----
From: Mark Smith <markzzzsmith@gmail.com> 
Sent: Friday, February 28, 2020 8:31 PM
To: Manfredi (US), Albert E <albert.e.manfredi@boeing.com>
Cc: Ron Bonica <rbonica@juniper.net>; 6man WG <ipv6@ietf.org>
Subject: Re: RFC 8200: The Devil's Paragraph

On Sat, 29 Feb 2020 at 07:44, Manfredi (US), Albert E <albert.e.manfredi@boeing.com> wrote:
>
> Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org> wrote:
>
> > "Extension headers cannot be added to a packet after it has left the its source node and extension headers cannot be removed from a packet until it has arrived at its ultimate destination".
>
> Which is the way I always interpreted the paragraph. The word "processed" I guess causes problems, although I'm not sure if they are real, or just people trying to get away with something.
>
> For what it's worth, in this case where the "penultimate node" must do something strange, before the packet can be delivered to its intended destination, my own approach has always been to address the packet TO THE PENULTIMATE NODE, and then that router knows what to do with it.


Yes.

I'm wondering what the value is of leaving the outer IPv6 tunnel header there is after the SRHectomy.

If the outer IPv6 tunnel header (with a DA of the "penultimate node") and the SRH and every other EH for the "penultimate node" were processed and removed at that node, leaving the original inner IPv6 packet to be then sent on, we'd have an operation as old as the hills known as "decapsulation".


> This violates nothing. Given that the "penultimate node" has to be 
> specifically configured for this job anyway, it doesn't seem like such 
> an approach limits flexibility or anything else. (Unless I missed 
> something critically imnportant in the long thread.)
>
> Bert
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: 
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/ipv6
> __;!!NEt6yMaO-gk!UfGZliRyo0nsRSEHcIvoN3rZGF6BYm5GpuPHjoeROAwByKWRzXDGC
> _wPPtcHcd0E$
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email