IETF Logo Mail Archive

RE: New Version Notification for draft-herbert-6man-icmp-limits-01.txt

Ron Bonica <rbonica@juniper.net> Mon, 22 May 2017 14:10 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 435AB12EAB0 for <ipv6@ietfa.amsl.com>; Mon, 22 May 2017 07:10:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kiRHTUTJ7Nc2 for <ipv6@ietfa.amsl.com>; Mon, 22 May 2017 07:09:59 -0700 (PDT)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0134.outbound.protection.outlook.com [104.47.42.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 650EF12EAA9 for <6man@ietf.org>; Mon, 22 May 2017 07:09:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Ta7Z+Qzjl1B2zBs6SU28NxNovCtdmI2qTwdBASz2oSI=; b=NGhoW16VHMO+UkX1+IBMgeCtKlALLfaQ70C0GJh898GVuO3eKZsrK2mwJfDOWNVtI8ANfTcUgW6znv8JQE9jpElHrBk2M4yKr7Jt8HxGkj/+CP4CxQC2diEbnfRamjpG3vpr5SMPlPhEHHYdYURkWK47Dc2IdyxQt7P3jS5cj5U=
Received: from BLUPR0501MB2051.namprd05.prod.outlook.com (10.164.23.21) by BLUPR0501MB2052.namprd05.prod.outlook.com (10.164.23.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1124.5; Mon, 22 May 2017 14:09:56 +0000
Received: from BLUPR0501MB2051.namprd05.prod.outlook.com ([10.164.23.21]) by BLUPR0501MB2051.namprd05.prod.outlook.com ([10.164.23.21]) with mapi id 15.01.1124.007; Mon, 22 May 2017 14:09:56 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Mark Smith <markzzzsmith@gmail.com>
CC: Tom Herbert <tom@herbertland.com>, "6man@ietf.org" <6man@ietf.org>
Subject: RE: New Version Notification for draft-herbert-6man-icmp-limits-01.txt
Thread-Topic: New Version Notification for draft-herbert-6man-icmp-limits-01.txt
Thread-Index: AQHSydvj2CNgsdR2N0SNyPfQvMZ6VaH1duKggAAhBwCAABvukIAAPKEAgAFC5PCAAEjSAIAB0s1wgAFOJoCAAs09sIAA13mAgAIxMBA=
Date: Mon, 22 May 2017 14:09:56 +0000
Message-ID: <BLUPR0501MB205124119EB2B1C66B81CF7EAEF80@BLUPR0501MB2051.namprd05.prod.outlook.com>
References: <149445467475.16592.8251449526718380823.idtracker@ietfa.amsl.com> <CALx6S362u-h8sY2b75JNTM9Q79o4WtuMYjwb_6qCjoKRMT3TJA@mail.gmail.com> <BLUPR0501MB20516F352D73979BADF94CC1AEE10@BLUPR0501MB2051.namprd05.prod.outlook.com> <CALx6S37i6EmG=QLXemjGG=zeRSHRPE_WuFVNaP_w27PkYUUzMQ@mail.gmail.com> <BLUPR0501MB205123058A1945806A149F0AAEE10@BLUPR0501MB2051.namprd05.prod.outlook.com> <CALx6S36zo_aPRxN8ZheOy2JA-iOAhD-6m-SY-jxk5H0+2t_53Q@mail.gmail.com> <BLUPR0501MB205163C6A42CA608D5A9B616AEE60@BLUPR0501MB2051.namprd05.prod.outlook.com> <CALx6S35h-=5tuzA0x27rivKqYegeW=bSAXx9-g005Gb4U07fPg@mail.gmail.com> <BLUPR0501MB20510CD93958FB03CF9B2687AEE40@BLUPR0501MB2051.namprd05.prod.outlook.com> <CALx6S348t=8SFwP4UNi5rQcqeV=LboTo8757KXU0_f0R6-VouA@mail.gmail.com> <BLUPR0501MB2051AE244DAAFC7160EC847EAEFA0@BLUPR0501MB2051.namprd05.prod.outlook.com> <CAO42Z2zZ9Vf53ovSW2BSEixAZeBQ8yAn9XzO4MSEPH6J8gcR9w@mail.gmail.com>
In-Reply-To: <CAO42Z2zZ9Vf53ovSW2BSEixAZeBQ8yAn9XzO4MSEPH6J8gcR9w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.241.13]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BLUPR0501MB2052; 7:bdLbKyrnjBj27o+yQKBqGi6dCOhIdtX7JGvXOFk4LcKqMB1TeDhSqadx8ywaYlsTMt3qBfESCEeRR/+YsBmxM7a55d/aVdRBiBprFPGHfOiF1oGk5Vk/CBefvKEVcut6xFlOHFiI5FnEUYr5ejd+n5A/R6TpnRNnyhKCut6VNxEbqKOGKhn2gauHvMqvLcrfwtawk8Wm8e/dK1Lhm21H69ohwVO5BdxGuKWIc6iWOEmDfOaZaM2qrHnbl8S6IggV4F8e8TpOHbNQuLofx37JLFGR7XPyctUOzRYHpanucsLPhmKRH9N40bBzCBRNN8swSLVnga2HhrVBjX2+32Gqkw==
x-ms-traffictypediagnostic: BLUPR0501MB2052:
x-ms-office365-filtering-correlation-id: 11c8d807-9891-4083-41ea-08d4a11c39ad
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081); SRVR:BLUPR0501MB2052;
x-microsoft-antispam-prvs: <BLUPR0501MB205221A9686A70CC4A45569BAEF80@BLUPR0501MB2052.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(138986009662008);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(6055026)(6041248)(20161123562025)(20161123560025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123558100)(6072148); SRVR:BLUPR0501MB2052; BCL:0; PCL:0; RULEID:; SRVR:BLUPR0501MB2052;
x-forefront-prvs: 03152A99FF
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39410400002)(39850400002)(39840400002)(39400400002)(39450400003)(39860400002)(199003)(377454003)(13464003)(24454002)(189002)(229853002)(2950100002)(50986999)(1411001)(76176999)(54356999)(7696004)(6916009)(53546009)(102836003)(189998001)(74316002)(7736002)(3660700001)(966005)(305945005)(5660300001)(122556002)(230783001)(33656002)(38730400002)(2900100001)(8936002)(8676002)(81166006)(6246003)(110136004)(15650500001)(93886004)(77096006)(86362001)(55016002)(4326008)(66066001)(25786009)(54906002)(9686003)(6306002)(53936002)(3846002)(3280700002)(39060400002)(6436002)(6506006)(99286003)(478600001)(6116002)(2906002); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR0501MB2052; H:BLUPR0501MB2051.namprd05.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 May 2017 14:09:56.4113 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR0501MB2052
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Wt-1ZnKuYJYJFstnw5zBCEi4a3E>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 May 2017 14:10:01 -0000

Mark,

Strictly speaking, Destination Unreachable is appropriate whenever a packet is discarded for any reason other than congestion. But according to that reasoning, you don't need an ICMP Packet Too Big message. The PTB error could be reported  by Destination Unreachable message with a PTB error code.

In reality, we need the ICMP PTB message because of its special status. That is, people know that they MUST NOT filter ICMP PTB's because filtering may cause black-holing. I am thinking that Header Too Long (HTL)  is akin to PTB. If HTL information hitchhikes on an existing ICMP message, that message should probably be PTB.

But then again, a new ICMP message may be required.

                                                                   Ron


> -----Original Message-----
> From: Mark Smith [mailto:markzzzsmith@gmail.com]
> Sent: Sunday, May 21, 2017 12:29 AM
> To: Ron Bonica <rbonica@juniper.net>
> Cc: Tom Herbert <tom@herbertland.com>; 6man@ietf.org
> Subject: Re: New Version Notification for draft-herbert-6man-icmp-limits-
> 01.txt
> 
> On 21 May 2017 at 01:49, Ron Bonica <rbonica@juniper.net> wrote:
> > Hi Tom,
> >
> > Destination Unreachable isn't appropriate because the destination *is*
> reachable. The problem is that the header is too long.
> 
> It seems a DU is appropriate, going by what RFC4443 says, because the cause
> of the failure isn't congestion:
> 
> 
> "A Destination Unreachable message SHOULD be generated by a router, or
>    by the IPv6 layer in the originating node, in response to a packet
>    that cannot be delivered to its destination address for reasons other
>    than congestion.  (An ICMPv6 message MUST NOT be generated if a
>    packet is dropped due to congestion.)"
> 
> 
> (I looked it up because this discussion made me curious if a DA - Admin
> prohibited was making a positive confirmation of the destination's existence,
> and the prohibition was on being able to reach it. It seems not, which is
> better for security.)
> 
> Regards,
> Mark.
> 
> 
> 
> >
> > It seems like we are identifying an new constraint, the Path Maximum
> Header Length (PMHL). In some respects, PMHL is similar to PMTU. When
> PMTU is violated, we send an ICMP PTB to the source IP stack. The source IP
> modifies its estimate of the PMTU, informs upper layers (if appropriate) and
> fragments subsequent packets (if appropriate).
> >
> > What should happen when PMHL is violated? Does the source IP stack
> need to be informed? If so, what will the source IP stack do with the
> information? Or is really an upper layer application that needs to be
> informed?
> >
> >
> > Ron
> >
> >
> >
> >
> >> -----Original Message-----
> >> From: Tom Herbert [mailto:tom@herbertland.com]
> >> Sent: Thursday, May 18, 2017 4:51 PM
> >> To: Ron Bonica <rbonica@juniper.net>
> >> Cc: 6man@ietf.org
> >> Subject: Re: New Version Notification for
> >> draft-herbert-6man-icmp-limits- 01.txt
> >>
> >> On Wed, May 17, 2017 at 6:03 PM, Ron Bonica <rbonica@juniper.net>
> wrote:
> >> > Tom,
> >> >
> >> > The ICMP Parameter Problem message normally indicates that there is
> >> > a
> >> problem with an IP Parameter. In the example below, you use it to
> >> indicate that a middle box has a problem with the IP payload. This
> >> seems to be overloading the Parameter Problem message.
> >> >
> >> Hi Ron,
> >>
> >> Would Destination Unreachable message be appropriate then?
> >>
> >> Tom
> >>
> >> >
> >> > Ron
> >> >
> >> >
> >
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email