IETF Logo Mail Archive

RE: FW: New Version Notification for draft-bonica-6man-ext-hdr-update-00.txt

Ron Bonica <rbonica@juniper.net> Tue, 10 March 2020 18:17 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3144D3A07B5 for <ipv6@ietfa.amsl.com>; Tue, 10 Mar 2020 11:17:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=EDz6K+MQ; dkim=pass (1024-bit key) header.d=juniper.net header.b=HmAYms6u
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M_2osjgYEVxN for <ipv6@ietfa.amsl.com>; Tue, 10 Mar 2020 11:17:51 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E0E43A07B3 for <6man@ietf.org>; Tue, 10 Mar 2020 11:17:50 -0700 (PDT)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 02AI65Sp014513; Tue, 10 Mar 2020 11:17:49 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=SRIo5dvYd8PaS+ikVZIgCmt8pVb6HffXJ1hNeexNZqo=; b=EDz6K+MQCNzUUCgweKiCJ69uzQ7jyC70QM+7URc4e42IocItmRJZr4nqpWd1/6j6ypmN Q910GB9CXFrfhNBOHsXKOoc4zGtwlmNcpznsOrNlaOw3MG65s0tvBzCV4vasNTvvNgdT gCCJv/f+jubjcPTPKBlo4VBUKOOCAtn5MFFUrHBdwRb1bXnKo8LKr/4zV1Jg05FIOHiL KQ7cRWgz2udtg+ukhYgeAAPubz8Va+GJt6/lDhP3eTZX2oV7rfvD0U8arrjwhhIImYss OX3ZlDBL0vsevfPa7S3M2076QvvERPCN1XLcpMT9U8dFxBIkbi5VCQZg7LBn4Ycde8nz ow==
Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2173.outbound.protection.outlook.com [104.47.58.173]) by mx0a-00273201.pphosted.com with ESMTP id 2ymbguwftg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Mar 2020 11:17:48 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mTPjYhUweBymBkNG0ICouhiweM9AecsxM3pIbLJ01FpbElgaN5B1uWOOdIZaizJ/mHRwWSW0zckkdvsfy7N5sU0CWr+xUaBvrac4OL5ZG2vuvD41e5Q5RmtFyZRXHVI9XxvIPul1XdDXxRuMcsWMsdNrupxBgl3p208NYRVIV532zTCimO373PQ85Q+sdXNDe1fdMJIOXNIzI66S0QAuK3vGi+cy+2b5yQzl1ER/Ppi2H1m3jzPJfEXOQ6aVyX/Z/H67ow6n005r0/724NPI0EzUuwMVD5/wJA4Rrc74/6TFljX9BTk0KIcyHwTBJFWYVfZ1kizRe1OivyzsR+3GUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=SRIo5dvYd8PaS+ikVZIgCmt8pVb6HffXJ1hNeexNZqo=; b=a+Jjh3Bu0kzY9oZaB0zE/EqZY6HppMlxX2CKs7KLX7BzhZWKTKHsNZxFJjQxuArezQPK1xp7gn+Ukl6zawTxse8ZKKxtsudChXPfWNkVSbj9aW3QhULY1N6DRRaEfxnHnlTxYFwEMlzrrdXuV54SyOp0jYLW22pAfXt+9qniMJFls1hBNHqvRkp3x/fhVCHP69o4fwilHptuABtxdRfB6aEFTRuRkFt+YxbUHpp5CddmEtay4qn1ik1bitxkKBaasVT7kMyOc9nPqBjvhf+tWZyBA/nbva9AlHwYesjRGHOqUZUTOrTdlpqeLrn4slwsAfkDPtfxQ3x2wYM0Wy+kPA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=SRIo5dvYd8PaS+ikVZIgCmt8pVb6HffXJ1hNeexNZqo=; b=HmAYms6uoCWX7jaXft9kGo2lIgl9mBro5GWaJeFI2pqvAnVT1fry5taH1WdOhQ6hcu/GpSR5RAg3FNOttTP1oTeHswCkzpeiMpR9dQ6Bgjg3osRiwHPl9VQaS3RHboPOwFbXTAz9FPN+UQETxz/oHhwrPvh68sFEHwrHsfMZWVU=
Received: from DM6PR05MB6348.namprd05.prod.outlook.com (2603:10b6:5:122::15) by DM6PR05MB6394.namprd05.prod.outlook.com (2603:10b6:5:121::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2814.9; Tue, 10 Mar 2020 18:17:46 +0000
Received: from DM6PR05MB6348.namprd05.prod.outlook.com ([fe80::cdd:ea54:f213:7e02]) by DM6PR05MB6348.namprd05.prod.outlook.com ([fe80::cdd:ea54:f213:7e02%5]) with mapi id 15.20.2814.007; Tue, 10 Mar 2020 18:17:46 +0000
From: Ron Bonica <rbonica@juniper.net>
To: 神明達哉 <jinmei@wide.ad.jp>, Fernando Gont <fgont@si6networks.com>, Bob Hinden <bob.hinden@gmail.com>, Brian Carpenter <brian.e.carpenter@gmail.com>
CC: "6man@ietf.org" <6man@ietf.org>
Subject: RE: FW: New Version Notification for draft-bonica-6man-ext-hdr-update-00.txt
Thread-Topic: FW: New Version Notification for draft-bonica-6man-ext-hdr-update-00.txt
Thread-Index: AQHV9AhbWXNBavTkA0C57Gt2H9SAiqg8KOsAgASyCICAAUZwUA==
Date: Tue, 10 Mar 2020 18:17:45 +0000
Message-ID: <DM6PR05MB634825C61A287AC750D63E03AEFF0@DM6PR05MB6348.namprd05.prod.outlook.com>
References: <158353447828.2200.2179752221027492910@ietfa.amsl.com> <DM6PR05MB634802D2B3B114D265423654AEE30@DM6PR05MB6348.namprd05.prod.outlook.com> <CAJE_bqdpshr2S3b+LXRuLwLDwWQisa+d7jPknjnYEsiq=5kjfg@mail.gmail.com>
In-Reply-To: <CAJE_bqdpshr2S3b+LXRuLwLDwWQisa+d7jPknjnYEsiq=5kjfg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4;MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2020-03-10T18:17:35.9224348Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=19232448-dcf6-410d-a1c8-ccba40be7748; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
dlp-product: dlpe-windows
dlp-version: 11.4.0.45
dlp-reaction: no-action
x-originating-ip: [108.28.233.91]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 7b110e22-041a-4bef-00d5-08d7c51f553f
x-ms-traffictypediagnostic: DM6PR05MB6394:
x-microsoft-antispam-prvs: <DM6PR05MB63944978391E335A08A346D6AEFF0@DM6PR05MB6394.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 033857D0BD
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(346002)(136003)(366004)(39860400002)(396003)(376002)(199004)(189003)(71200400001)(66946007)(478600001)(66476007)(64756008)(52536014)(66556008)(66446008)(53546011)(6506007)(81156014)(8676002)(2906002)(5660300002)(8936002)(86362001)(81166006)(110136005)(76116006)(186003)(9686003)(15650500001)(33656002)(4326008)(26005)(55016002)(316002)(7696005); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR05MB6394; H:DM6PR05MB6348.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: F/Fgotwe64PosARL6RRBp9wsvQMd5hv+88incevcw5s0597ZYx9yunDQsCaeyZtTxjDzORIjT9rDbr3Uyie/1LnifJ9ZayiP0pgmhAVa9lkQDEEOr3SyTL84obWpwTlj0m8UF/evyxaAEUsivGVXL3OVPCmverJoVtjWaUGFfqzPvXjYSs4elI0SYhzjsn/bPS0kVOzbJ73xHlh+/IXQiSu1hSVhd7nXSBdPqz2KO15I/G7EbuhKlfHVY5FYOLAjcmUlYVDRWqediQhGDiBb3vdBpQm+toszpVjhNBeTl5/Ph2KFsrSj+GBO6+63+kGM3H0a5FFkLnwG3tBDrfCgq5AbtE/1xNZVo7cI0vJ3F98QVKKN1Y2veYhDYGWC+wjtTwjqBtyjQrax/SGBvKEJfP6/FuorUA4BNrdGx9BzmUTVbcCMZRrbuqes3BZMlfl4
x-ms-exchange-antispam-messagedata: kHclRdPWoCf7pTrOnViUUnIS2AnwH7Lpmn2EkoB8MeXfI1R9z1HX8ZJRFvcLTzVLoirJuVTArAJdRHr83g7CqA29HwnuNg0QgbkP3BE5VsgzUG6DU8BUtjjOz2F6mrG+3qRPoeW6Z1y6udldVZlt6g==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 7b110e22-041a-4bef-00d5-08d7c51f553f
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Mar 2020 18:17:45.9755 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PzEOtKm4R0XoJhsNwoXL8fTej4Tb00+wSJOrivKtWSdAx8wZf/xIwg3meke0707h5+2Iz2ge6lVbR+AnWXQr0w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB6394
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-03-10_12:2020-03-10, 2020-03-10 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 impostorscore=0 malwarescore=0 mlxscore=0 phishscore=0 clxscore=1015 priorityscore=1501 spamscore=0 bulkscore=0 suspectscore=0 adultscore=0 mlxlogscore=999 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2001150001 definitions=main-2003100109
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/vFxV5JEuzPWrYxsS3PfixV48NSM>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Mar 2020 18:17:53 -0000

Jinmei,

Thanks for this thoughtful review. Look for an updated version as soon as the submission tool reopens.

 Comments inline..

                                   Ron


Juniper Business Use Only

-----Original Message-----
From: 神明達哉 <jinmei@wide.ad.jp> 
Sent: Monday, March 9, 2020 6:25 PM
To: Ron Bonica <rbonica@juniper.net>
Cc: 6man@ietf.org
Subject: Re: FW: New Version Notification for draft-bonica-6man-ext-hdr-update-00.txt

At Fri, 6 Mar 2020 22:45:22 +0000,
Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org> wrote:

> Please review and comment.

I've noticed the latest version is 02, which I've read and on which I'm making comment below.

First off, I think a clarification like this draft is necessary to prevent future confusion.

- Section 2 (and throughout the draft)

   o  Destination node - An IPv6 destination node receives an IPv6
      packet and delivers its payload to an upper-layer protocol.  If a
      packet contains a Routing header, its destination address may
      represent an interface that belongs to a node other than the
      destination node.

   This definition is clear, but I think it's better to say something
   like "final destination (node)" or "ultimate destination (node)",
   since the word "destination" has been one major point of the entire
   confusion.  If we keep the phrase of bare "destination" (even if
   the definition given in this section is clear without ambiguity)
   I'm afraid it could still confuse not-so-careful readers.

[RB] I agree. In the definition that you quote above, we should change the term "Destination Node" to "Final Destination Node" or "Ultimate Destination node.

[RB] However, this exposes a larger problem. Today, RFC 8200 uses the term "destination node" in an inconsistent manner. In Sections 2 and 3, the term refers to the ultimate destination. In Section 4, it refers to segment endpoints. 

[RB] I wonder if we should clean this up while we are thinking about the problem.

   packet's delivery path.  The following headers can be processed by
   any segment egress node, including the destination node:

   o  Destination Options header.
   [...]

   A destination options header can be "processed" by an intermediate
   segment egress node only when it appears before a routing header.
   (I'm not sure if this should be noted in the text of the draft,
   though).

[RB] Note 2 in Section 4.1 makes this clear. But since you and Fernando both raised the same point, maybe we should say it again.


- Section 3.2

   The following headers can be processed by the destination node only:
   o  The Fragment header.
   o  The Authentication header.
   o  The Encapsulating Security Payload header.

  I'm not sure if we need to list these explicitly.  While it may be
  quite unlikely in practice, it's still possible we have a new type
  of extension header.  If and when that happens this list will become
  non-comprehensive.  Secondly, if these headers happen to appear
  before a routing header, it's not necessarily prohibited for these
  headers to be "processed" in segment egress nodes (including
  intermediate ones) of the routing header.  In practice, that would
  cause some kind of trouble (like AH verification failure) and would
  be useless, but in my understanding it's not necessarily prevented
  by RFC8200.  If we want to cover such corner cases we'll probably
  need to discuss whether the header ordering follows the recommended
  order as described in Section 4.1 of RFC8200, and/or discuss such
  weird cases separately.

  I'm not necessarily opposed to it, but if the main focus is to fix
  the obvious bug of RFC8200, by essentially separating "inserted, or
  deleted" from this text:

    Extension headers (except for the Hop-by-Hop Options header) are not
    processed, inserted, or deleted by any node along a packet's delivery
    path, until the packet reaches the node (or each of the set of nodes,
    in the case of multicast) identified in the Destination Address field
    of the IPv6 header.

  and clarifying "EHs are not inserted or deleted until the packet
  arrives at the final destination node", then I'm not sure if we'd
  rather touch this tricky side issue.

[RB] I understand what you are saying. Bob Hinden made the same comment in a private email. I will try to reword that section, making a distinction between per-hop, per-segment, and per-path options without enumerating them.

- Section 3.2

  As for the word "processing", I agree it's ambiguous and I'm not
  very happy about it, but I'm not sure if this draft should try to
  clarify it beyond that it doesn't include "inserting or deleting".

[RB] I understand what you are saying. Brian Carpenter made the same comment in a private email. I will add two definitions in the terminology section, one for EH processing, and one for EH inspection.

- Section 4

   o  Semantic corruption - Insertion of an extension header can change
      the meaning of a packet.
   o  Semantic corruption - Deletion of an extension header can change
      the meaning of a packet.

  Can these be more specific?  "change the meaning of a packet" sounds
  vague, and in some sense it could also be the case, e.g., in
  "processing" a HbH or Destination options header.

[RB] Agree. Look for more text in the next revision.

--
JINMEI, Tatuya

v2.23.0 | Report a Bug | By Email