IETF Logo Mail Archive

Re: CRH and RH0

Tom Herbert <tom@herbertland.com> Wed, 13 May 2020 02:29 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C521E3A0CEB for <ipv6@ietfa.amsl.com>; Tue, 12 May 2020 19:29:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fpAD7bNANvnY for <ipv6@ietfa.amsl.com>; Tue, 12 May 2020 19:29:07 -0700 (PDT)
Received: from mail-ej1-x636.google.com (mail-ej1-x636.google.com [IPv6:2a00:1450:4864:20::636]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA2793A0C6F for <6man@ietf.org>; Tue, 12 May 2020 19:29:06 -0700 (PDT)
Received: by mail-ej1-x636.google.com with SMTP id se13so6186944ejb.9 for <6man@ietf.org>; Tue, 12 May 2020 19:29:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=O9fzv6AyYAkz1qC62ArbIUDgagmv5DpdMf5xpkXWpmY=; b=z8Wn4IoMx9W2+xnWU/JqmhvLPSkzhEIfvefkQAV0WI60Kqzv1c73GwiobqaG7vtu6b XJtmd7qRMrwS/oR4lki/iV0z1YrMRp9rC3uHJ9UtraXuVm+gKh2+KscF3grJV0C/cxyX jsIBvMJoDGHdTwUE+FBnzNrepClkJFy5IcHiFgGpGEKhlUtAB1JhGHjjBoMORKjFOOce eHNZVEKAxSeboOyutU8vTOuS8kmqq9hcHzO27fwGds3sN3+RQfQjmTzmFY9jA8xjTUgC 9O9RJJ3DMi9Ef6nZj6qgkQzRZO5vjuAihDd4SrDi9WhzwifDR5VeA5UphSOYEUYwR+Nu hc2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=O9fzv6AyYAkz1qC62ArbIUDgagmv5DpdMf5xpkXWpmY=; b=D/ONPP2JULXADQIKsC2HiBUys1CZ4v7Y2vHKuXpABU20ZOAzB0oxUyk8AkerGcmlDs +JDkHEOtxwmB2BUEWwlSd2E+ZzIZWuQCSHCih5AlF3137slmxP+PTF+1GPtuqYpnwlZC 1tSdbU5x2idNqcNdDOpQDL25ct+B6oOaZeGtedmdQ2rNh1cxgQxvAbFRH1syu/QVFltB rcaeDMZbnV3/D8OEokmHKJweWyYvzfbGS0B2UwQ6Nqz0h+XtalByX+L7EkDwUy9Dhklc mkuHv4wec+aiUmnCGlvTgyDQV7tpXEPo8F5eAKJSLPAHvU7PBpY6BybPWBntEptV+CKB gyuA==
X-Gm-Message-State: AGi0PuaVhOpMUqu4+5Apb+XQQ13LWeRWCSXvznbCjddvirwwYDPln1rZ DQnnbBsLFu+V+7ghsjj8ExP+842vmBermAgT+lxYaQ==
X-Google-Smtp-Source: APiQypKqPPaqvtpN55z1Mg0t42arsjoLlFPxwMF5nalof6cAm1FF+WTWDxk7qbT1v8bBbKwd/XpjDxOzddELfsMSEoQ=
X-Received: by 2002:a17:907:7210:: with SMTP id dr16mr19925463ejc.197.1589336944862; Tue, 12 May 2020 19:29:04 -0700 (PDT)
MIME-Version: 1.0
References: <4EDFE9A2-A69C-4434-BB0A-960C2453250F@cisco.com> <DM6PR05MB6348FE6E3A45320C2A47EB66AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <8068EBE1-38DD-411E-A896-EB79084BBCC4@cisco.com> <DM6PR05MB6348326B0F72A009DB4F7746AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <942AF8C7-079E-4C81-95AB-F07A182E8F19@employees.org> <DM6PR05MB63483621F4AD3DEACA6FAF35AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com>
In-Reply-To: <DM6PR05MB63483621F4AD3DEACA6FAF35AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com>
From: Tom Herbert <tom@herbertland.com>
Date: Tue, 12 May 2020 19:28:52 -0700
Message-ID: <CALx6S35h261urCC8scgLP2mks_kZCf9Ov2oHsTK+wLqas0KXng@mail.gmail.com>
Subject: Re: CRH and RH0
To: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>
Cc: "otroan@employees.org" <otroan@employees.org>, 6man <6man@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/WIo1DUJdCDrufMrVhnk0O6-biyM>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 May 2020 02:29:10 -0000

On Tue, May 12, 2020 at 2:36 PM Ron Bonica
<rbonica=40juniper.net@dmarc.ietf.org> wrote:
>
> Ole, Darren,
>
> The CRH is a general purpose Routing header that operates inside of a network domain. In the sense that it is a general purpose routing header, it replaces RH0. In the sense that it is restricted to a network domain, it does not replace RH0.

Ron,

Not to nit-pick, but doesn't CRH require a specific control plane to
be useful which would make it less than general purpose? I don't
believe RH0 had such a requirement. Also there's the RH in RFC6554
that has a similar goal in compressing the addresses in the routing
header, but doesn't seem to require additional control plane logic
either. I think these might be worth referencing.

Tom
.
>
> If adding these two sentences will cause you to support the draft, or at least not object to it, I will happily add them!
>
> Are these the only objections?

It would seem the goals of CRH are very similar to RFC6554 in
compressing the addresses in the routing header. I think this might be
worth referencing.
>
>                                                                                     Ron
>
>
>
> Juniper Business Use Only
>
> -----Original Message-----
> From: otroan@employees.org <otroan@employees.org>
> Sent: Tuesday, May 12, 2020 4:38 PM
> To: Ron Bonica <rbonica@juniper.net>
> Cc: Darren Dukes (ddukes) <ddukes@cisco.com>; 6man <6man@ietf.org>
> Subject: Re: CRH and RH0
>
> [External Email. Be cautious of content]
>
>
> Hi Ron,
>
>
> > The answer to your question is a bit nuanced. My goals were to build a general purpose routing header that overcomes the RH0's limitations. Those being:
> >
> >       - Its size
> >       - Its security issues
> >
> > Now, is that a replacement for RH0? In one way, yes. RH0 and CRH are both general purpose routing headers. In another sense, no. RH0 is meant to traverse network boundaries. But RFC 5095 taught us that letting routing header traverse network boundaries might not be a wonderful idea. So, CRH is restricted to a network domain.
>
> If CRH could be a RH0 replacement, you would have to show how the tag distribution mechanism would work across the Internet?
> RH0 was supported in every IPv6 node, given the requirement for a tag->IPv6 address (or is it forwarding method) mapping, I can't quite see how that would be done in a general enough fashion for CRH?
>
> I don't think RFC5095 taught us that source routing cannot be done across the Internet.
> In fact I don't see how the CRH draft prevents the RFC5095 attack to happen inside of the CRH limited domain.
> Just send a packet with a list of tag#0, tag#1, tag#0, tag#1 and you have the same amplification attack.
>
> > And now I return to my original question. When engineering students read the CRH RFC in 25 years, will they really care what my motivation was? Why should we burden them with this detail?
>
> To the contrary. Take the motivations and intentions behind IPv6. We have spent thousands of emails trying to decode what the original intensions with EHs and their limitations were, why the minimum MTU was 1280, recently I saw a thread about the reasons for why TTL/HL and protocol/next header was swapped between v4 and v6. If your protocol is successful, the original napkin it was designed on will become legend. ;-)
>
> Best regards,
> Ole
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email