IETF Logo Mail Archive

Re: Comments on draft-herbert-ipv6-update-dest-ops

Fred Baker <fredbaker.ietf@gmail.com> Mon, 20 August 2018 19:00 UTC

Return-Path: <fredbaker.ietf@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BBB7130FD6 for <ipv6@ietfa.amsl.com>; Mon, 20 Aug 2018 12:00:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OQwWEsTc9f3K for <ipv6@ietfa.amsl.com>; Mon, 20 Aug 2018 12:00:11 -0700 (PDT)
Received: from mail-oi0-x22b.google.com (mail-oi0-x22b.google.com [IPv6:2607:f8b0:4003:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEB71130F7C for <ipv6@ietf.org>; Mon, 20 Aug 2018 12:00:11 -0700 (PDT)
Received: by mail-oi0-x22b.google.com with SMTP id q11-v6so27672815oic.12 for <ipv6@ietf.org>; Mon, 20 Aug 2018 12:00:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=gHT4mP7ZVtTtiGk4780LGya6tlxcp+Wv8LuTfTN7BY8=; b=BCrWw3I+CBQBAbysk31bzh9OsHWFxXcSFBcvovNAzGDeK0nXh8FDVlwhyTwv6bSe7W L5tXSp4ls4lsa/umuwxusfGU8CZin8pB5TLRaZWiOFmnevz/LUKy35CWjCzKdL9m3aI9 5VJupGeUBrklZqV9xJAYSEYtfOO0bIqVmh8mDGRZjQnyoIgf+rYKPiL8wMnjvOa7t6hQ IwmIw/3JWGFrOjUsYZmWWc5OAp6ev6Ta46FbNHvZJesj+tK+RAWs6TiWvIvpYjzOtcs0 XWEXymxx1rU9gPZM79AQjscM0k3zIsv0BZ04xT5yR5BIvbVhFyHvfsiSg9a8dLkuU55Q 9sbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=gHT4mP7ZVtTtiGk4780LGya6tlxcp+Wv8LuTfTN7BY8=; b=HIIeNtXeBuQf92UWJPnt392K5Qddgz7fYofIkZjTvRHPKb2pYdCcjbZwgm6hSffSmN fdPb39KAOgTymfz16YPGeA2KRKWNy5cUOVFD+qZdIPtetKyHjeVUEJ8kuVkxjjoLed27 KeuLkm+5I//iu32xRj+fCjMMdhkn7PKOHVjQptLDpuj1k8OH+5fKk3HRuYJQVPdy8ZLK wYptN1U8qNtwWROHIOMcu8I/QQMcJMkDD2oiDJeIqNu7MVJHZ5QKoQ559IQMwUSkrDm+ fStvV+fKa6Xth6gF+cO7qQ+YwEFSFsbYY7Ml2bf5YXHTsuXGs1rHgjV4AYEEh9ItnaXH Fk9A==
X-Gm-Message-State: AOUpUlG4zGiQ7P3k8Jjz1V9VXtNa3+jjo4Gj5BbACqpZ75gUTEn5Znoa odg7hnNQUI2wxtYK8vtdHBk=
X-Google-Smtp-Source: AA+uWPwn1ah1sXe5CuJsa2lQjV1Ot+2nNoEmdXBTCmcVrEHGnvHBgEmgu5wxLDo8hiliMvsWFtI/LQ==
X-Received: by 2002:aca:be56:: with SMTP id o83-v6mr15363113oif.301.1534791610184; Mon, 20 Aug 2018 12:00:10 -0700 (PDT)
Received: from ?IPv6:2600:8802:5600:1546::104a? ([2600:8802:5600:1546::104a]) by smtp.gmail.com with ESMTPSA id x126-v6sm14622670oig.15.2018.08.20.12.00.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Aug 2018 12:00:08 -0700 (PDT)
From: Fred Baker <fredbaker.ietf@gmail.com>
Message-Id: <3EDB470F-3B52-4410-8E7F-21C0C503CACB@gmail.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_FD91FD0B-503B-46C8-B870-AAC3C5C1431C"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Subject: Re: Comments on draft-herbert-ipv6-update-dest-ops
Date: Mon, 20 Aug 2018 12:00:06 -0700
In-Reply-To: <f0be4512-b05c-0975-97e2-454a500c8c37@joelhalpern.com>
Cc: Ole Troan <otroan@employees.org>, Tom Herbert <tom@herbertland.com>, "C. M. Heard" <heard@pobox.com>, 6man <ipv6@ietf.org>
To: "Joel M. Halpern" <jmh@joelhalpern.com>
References: <CACL_3VF+EoKOEF-TkB3179UsmN_Yhaqt60jh_h2d2GLnE0EWDA@mail.gmail.com> <CALx6S356TVnbnZ_zp5+aK_x-DmMJUTidw0Wzbc3Tn=cscTd7VA@mail.gmail.com> <CACL_3VGUUs1FS4Qog6pzJ2WZyir2-keEVZTU6opzXQ4t0M-XUw@mail.gmail.com> <CALx6S35q5EqZt26KSPTGHBXZpzaNYyFBO9UxVNsi4is1BxUHrQ@mail.gmail.com> <CACL_3VGfMj6DjAWsxib6Hw_x=5X3CWASKU1oiGqvFdksDuFXDw@mail.gmail.com> <CALx6S37c_WCa+A3aD7X-rq-kj_RTGfGur8HVekt_LWTg6Os18g@mail.gmail.com> <F01E55CE-0E88-47BF-A30B-B83A0B7F5F0F@employees.org> <f0be4512-b05c-0975-97e2-454a500c8c37@joelhalpern.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ZXTSgL2ISgjUT-b5oLuphw9fkO0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Aug 2018 19:00:20 -0000

From my perspective, a tunnel endpoint is a destination. If we want any given destination, an example of which is a tunnel endpoint, to not process some set of options, I would suggest that we simply don't put those options into the header. The question isn't whether the endpoint should process them; it's whether the option is appropriate and useful.

> On Aug 20, 2018, at 9:07 AM, Joel M. Halpern <jmh@joelhalpern.com> wrote:
> 
> I can see two sides to this.  On the one hand, we want tunnel termination logic to be fast and effecient.  Requiring that it have only the necessary information, and not other random things, is part of our tool kit for achieving that.
> 
> On the other hand, the outer IP header, in the case of v6, is clearly destined for the tunnel terminator.  And the IPv6 spec is very clear that certain kinds of processing for IPv6 destination options are mandatory at such a destination.  For example, retunring an error if ther eia an unknown IPv6 destination option with the bit set to force errors.
> 
> Clearly, doing the checks for that is more expensive.  Equally, it seems to be clearly required by our current specs.
> 
> Yours,
> Joel
> 
> On 8/20/18 11:40 AM, Ole Troan wrote:
>>> On 20 Aug 2018, at 17:05, Tom Herbert <tom@herbertland.com> wrote:
>>> 
>>> The negative converse also seems to be true. If an implementation does
>>> not support parsing of Destantion Options before the Routing header,
>>> then the node probably doesn't support parsing of any Destination
>>> Options. This becomes an issue in router implementations that
>>> terminate tunnels int the network with intent to and forward the
>>> tunneled packets. For instance FD.io VPP supports VXLAN, LISP, SR-IPIP
>>> among other encapsulations, AFAICT if the implementation receives an
>>> encapsulated packet addressed to the node that has a Destination
>>> Option (second type that follows any Routing header), either the
>>> packet is either dropped or the Destination options are ignored.
>> [wearing the VPP committer hat]
>> VPP as a tunnel endpoint does not parse destination options. In fact at least for rfc2473 tunnels I believe it would drop packets containing one. I am not convinced you can use one implementation’s behavior to support your argument (or not). At least from a VPP perspective I would add destination option header support, as soon as there were any options that made sense to support. (And I am not convinced the tunnel encap limit option is one of them.). I certainly wouldn’t build an implementation that blindly processed destination options, if there were any to support.
>> Cheers
>> Ole
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

--------------------------------------------------------------------------------
The fact that there is a highway to hell and a stairway to heaven is an interesting comment on projected traffic volume...

v2.23.0 | Report a Bug | By Email