RE: CRH and RH0

Ron Bonica <rbonica@juniper.net> Tue, 12 May 2020 22:23 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2238F3A0C58 for <ipv6@ietfa.amsl.com>; Tue, 12 May 2020 15:23:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.272
X-Spam-Level:
X-Spam-Status: No, score=-2.272 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.173, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=Ms482lRs; dkim=pass (1024-bit key) header.d=juniper.net header.b=ACdaGsga
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1T5gdwscbw9Z for <ipv6@ietfa.amsl.com>; Tue, 12 May 2020 15:23:19 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9A653A0C45 for <6man@ietf.org>; Tue, 12 May 2020 15:23:18 -0700 (PDT)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04CMH7UE028179; Tue, 12 May 2020 15:23:16 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=UmaZXNK3d1VcBL+7UxO9tGCBuGbuJ43WhLEVQGah1WM=; b=Ms482lRs1gyANpoAOYJ///X51ZaGb2Ut+LlUjRcXVbSxjmMKa81WNBHXv8G695zDc9vj gwiFGVkkHl9xnpH3M1+BucGy88TJh3sLhFz1IIC/N6r6FkMKnrkQbtPpWocM/h1jw3j7 AaZ+7G+Bur/xmSqEKQS6lRmhpPErFJvANuhlkGsjRIlnJJW2NTks3cIslrgtsfw9AnEr 3k99UiHT+YfCXLJvzn6qeCwR78B4imIiwDOrD3Qx+NfGrcsWVIJZhdo0jDUS4Jq6hNYL 2hYctDSj1G6rMqp3sSD4xsXPCio8JuHtHkla2tGYxeAdO845f21S/Jy68CiEyIbHcquI lg==
Received: from nam02-cy1-obe.outbound.protection.outlook.com (mail-cys01nam02lp2055.outbound.protection.outlook.com [104.47.37.55]) by mx0b-00273201.pphosted.com with ESMTP id 3100yfgc81-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 12 May 2020 15:23:16 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XXDdLZODL8PTu4/PJDCNz1w6XCP0vz6Gc/v3gdwW94r2w78YMAXoQGX1CW7Fu8RuPIBXJ8lRYmQ+/7a6ET1tm2zc/zfeqe+/TCFh/7GRzDm02TugK/S5D8PXbVCJJnG9AV2xPNP9f/lfM71wXTTmadBWAhFBWdvcjkbRkLNsJrnMy/0b0qOHhS3Zv5SZwoWvRk4BASVFH06uVmzWlonHn21jZA5jq3LXxYzS7U6sHp1MjPM1WOoxgPgIIflttEG4xz+u8LV3oxo0yshrA8A6UZEqp5BGm0POyR3D34WQCXuYj04wwaZX5PUSx9gqQhatMl5g/rQEFdd7JXznFuOFwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UmaZXNK3d1VcBL+7UxO9tGCBuGbuJ43WhLEVQGah1WM=; b=OhKWq2maFRueIKIWJTx1NwPso6yjaJu9LzqRkAGqu5oDjraLQpS2lFe5cOcYP3gY93llUB6r3IN61kIII7thvwDNYfGgz6L2jC3KB613FlIQ4ZyPFgwNBdlp8aBGr2M7gdAAxl7IZE5H4+0odCnAsr7m/ATn+mYRLq56dI1ohlILAwaiV1ODT6SUVohNtscSDux6CcULuTiiS9IKNROQhPECSM4ylo1BmT4MXfEodlfBXJjyOIEanZlPAAX549cZZe4KIEBOVIcJ0TR1yjTALdfGil1m9GjqZ5FlSV1USxXIg3R/QjNLI6/FITctRhd9fwh4AfV0VRqFrTY0o41SBA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UmaZXNK3d1VcBL+7UxO9tGCBuGbuJ43WhLEVQGah1WM=; b=ACdaGsgaZwlhbOR8sE+Kyq2Norv5jiRB0IJdp1kdIDzAnHTM4FEdBYd4D/fxyNufuxQBTHPPd6xABMZg8FfZesAIbS9XxQF/MhB1JdiJ+0ZIppUpbeOsYXRPuooNQqcB7S8S2EhfAzq/j0lLMQJSk69UWlMchmg2k87B3CMNY8k=
Received: from DM6PR05MB6348.namprd05.prod.outlook.com (2603:10b6:5:122::15) by DM6PR05MB4090.namprd05.prod.outlook.com (2603:10b6:5:90::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.11; Tue, 12 May 2020 22:23:14 +0000
Received: from DM6PR05MB6348.namprd05.prod.outlook.com ([fe80::c020:3bf5:7230:75e3]) by DM6PR05MB6348.namprd05.prod.outlook.com ([fe80::c020:3bf5:7230:75e3%4]) with mapi id 15.20.3000.016; Tue, 12 May 2020 22:23:14 +0000
From: Ron Bonica <rbonica@juniper.net>
To: "otroan@employees.org" <otroan@employees.org>
CC: 6man <6man@ietf.org>
Subject: RE: CRH and RH0
Thread-Topic: CRH and RH0
Thread-Index: AQHWKIrekPzaF/ez9Eqx/n5++hge6KikxRdQgAAHSoCAAAawsIAAFmwAgAAOYhCAAATmgIAAAbKwgAAC7gCAAANz0A==
Date: Tue, 12 May 2020 22:23:13 +0000
Message-ID: <DM6PR05MB63480871BD73F8D35A3D501AAEBE0@DM6PR05MB6348.namprd05.prod.outlook.com>
References: <4EDFE9A2-A69C-4434-BB0A-960C2453250F@cisco.com> <DM6PR05MB6348FE6E3A45320C2A47EB66AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <8068EBE1-38DD-411E-A896-EB79084BBCC4@cisco.com> <DM6PR05MB6348326B0F72A009DB4F7746AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <942AF8C7-079E-4C81-95AB-F07A182E8F19@employees.org> <DM6PR05MB63483621F4AD3DEACA6FAF35AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <6F11579E-0F8A-48EB-86EC-945E17C11BF4@employees.org> <DM6PR05MB6348345A76F32CE07392AA58AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <3C800B54-6E3B-483A-8FA0-50075043DFD1@employees.org>
In-Reply-To: <3C800B54-6E3B-483A-8FA0-50075043DFD1@employees.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2020-05-12T22:23:04Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=0633b888-ae0d-4341-a75f-06e04137d755; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=d7cb59ef-8ad3-442e-9c59-ab683fb8b08c; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=2
dlp-product: dlpe-windows
dlp-version: 11.4.0.45
dlp-reaction: no-action
authentication-results: employees.org; dkim=none (message not signed) header.d=none;employees.org; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [108.28.233.91]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 895e3363-36ce-4a55-2287-08d7f6c30fc9
x-ms-traffictypediagnostic: DM6PR05MB4090:
x-microsoft-antispam-prvs: <DM6PR05MB4090B760F36D00C546A06476AEBE0@DM6PR05MB4090.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0401647B7F
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jH4ZP8Y3YhWu+9oM45QiMl6+2muPITBUSULa0UC5JcIffsAtWBxQXOF848hL9qzuVM3UE61zTQL8EmAIAEUjWvmsZPXoRWOdwk+yDRSlNQ7CC0GVVTsv5N2rzPKoiSVgkzlhSTXsBb9oBKlYqeSwFTLmDUjwmaf6STW6YA7rnLR++D5GVbpdzpr2VjDgSKprr1hTNruKekL6DwQ4afDVoulGZDeVdlpYFGi4DL70kkJdKoz1AX0/LnFqfG/I4UIZH3CHci7GL6kBDHhRLBKN9LQ++tkfJMOwdPUHCyaraHqTMWJsisFGamrsDgPlu7aSD7QHW0crBML3UXdpUilOMg3XgtEhANT7+PeFOVp9V/fjCxWp0R9Tp2mOP61o+y9WbJBvV85GbOc4+65C3lmOsbPw9ag8SF8/9whzgeNBy6obmpxQqrAQcM7iZgHZNEL6Hl6vOyt0bsRDoxEZHui6Bi0oLU8dmbr4UbmvcQMrwHtVrHyD2KCVZn+BhCEJxdCPIyR+jlf+TA2BSp5tr+XXrQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR05MB6348.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(376002)(136003)(366004)(346002)(396003)(39860400002)(33430700001)(6506007)(66946007)(186003)(8936002)(33656002)(66446008)(66476007)(7116003)(2906002)(8676002)(4326008)(316002)(52536014)(76116006)(64756008)(66556008)(66574014)(9686003)(53546011)(86362001)(7696005)(55016002)(6916009)(5660300002)(33440700001)(478600001)(26005)(71200400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: 54ucEl3fGZyyB/hgJ+kRqJM7rHfEW1e78mqf2XNOCV2DkvjTKtA/zJzFWmNwsZhshFczwQE7Crv9lenDodra9J2M0bUhSIV/QUb1zUr07gTbAp9RL5aP7seWiKp4ZD71xJBKo/lZX0ZUoJugKsGo7NBeq2cXJr+PYI9qo8VxrpEoX/KH/lUTxZbWt0dXjjaYMDghudfVtNAmpJbOoD8FE8uvhkPvYgpfEDp41PLkqZwlnNWfukHtsrt6gDDS2anjpZIOP6WePrqgekZJ914HCh7a6oim0e4AmQ406dcFuA7tdbDeaAS+ZxHfnH3d2h00qzWZYZ5H5Vs9nMwIdRC7H3rbg0HDLFGqHmIMe4fhiLV+qoKcUNlWIelS4VLiRAFVv2o2VU5jIA/ywsHHTIm4Ueu5chEffrJtFRpnDHdNPt7VBd1RG5rcbwzhM4ywScm4w5hJ7JnQsymD5FF6Hp9QlYMXPi7c8PDCf8OQlsS5jJ9Q+5bGrr+pfOyundo+31yu
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 895e3363-36ce-4a55-2287-08d7f6c30fc9
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 May 2020 22:23:13.7491 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7XloWCaCYyxLptfFABPfcX2PzP4qssLo2kWAiD5Qdnt8p82B8xLAM77W7xTDSjpOe+JbEHMNlCCXS2iVL63bZA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB4090
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.676 definitions=2020-05-12_08:2020-05-11, 2020-05-12 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 phishscore=0 impostorscore=0 mlxlogscore=955 malwarescore=0 mlxscore=0 cotscore=-2147483648 bulkscore=0 lowpriorityscore=0 clxscore=1015 priorityscore=1501 spamscore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2005120167
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/5zaRMzDmQRu_qFZuNo_K4-skw44>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 May 2020 22:23:20 -0000

Ole,

The draft never claimed to be a replacement for RH0. It only claimed to address RH0's shortcomings.

                                                                                         Ron



Juniper Business Use Only

-----Original Message-----
From: otroan@employees.org <otroan@employees.org> 
Sent: Tuesday, May 12, 2020 6:04 PM
To: Ron Bonica <rbonica@juniper.net>
Cc: 6man <6man@ietf.org>
Subject: Re: CRH and RH0

[External Email. Be cautious of content]


Ron,

> What claim needs further substantiation?

Eh... the claim that CRH could be a RH0 replacement.
Not sure if that's something we'd want anyway, but I wasn't the one making that claim.
Nor did I think that was CRH's purpose.

To repeat:
If CRH could be a RH0 replacement, you would have to show how the tag distribution mechanism would work across the Internet?
RH0 was supported in every IPv6 node, given the requirement for a tag->IPv6 address (or is it forwarding method) mapping, I can't quite see how that would be done in a general enough fashion for CRH?

I don't think RFC5095 taught us that source routing cannot be done across the Internet.
In fact I don't see how the CRH draft prevents the RFC5095 attack to happen inside of the CRH limited domain.
Just send a packet with a list of tag#0, tag#1, tag#0, tag#1 and you have the same amplification attack.

Ole