IETF Logo Mail Archive

RE: CRH and RH0

Ron Bonica <rbonica@juniper.net> Wed, 13 May 2020 15:36 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E4BA3A0DA7 for <ipv6@ietfa.amsl.com>; Wed, 13 May 2020 08:36:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.272
X-Spam-Level:
X-Spam-Status: No, score=-2.272 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.173, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=uHQCmb66; dkim=pass (1024-bit key) header.d=juniper.net header.b=e0AatLaa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yIsotA8cxFxH for <ipv6@ietfa.amsl.com>; Wed, 13 May 2020 08:36:00 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E26B3A0DA4 for <6man@ietf.org>; Wed, 13 May 2020 08:36:00 -0700 (PDT)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04DFROW7032736; Wed, 13 May 2020 08:35:53 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=0pH4dxGN7MIw+6qpMxTKH+jYAbhNCFSYaoZBG9bNBxc=; b=uHQCmb661fGAlPL16DN2hn7Tw3Lro9giErAVd7u82LQKN/YJ/n5ow+/9WTIDmuhu0WnL YcpwzUY+p52GdGALfttCh/NbN/qzLHgXVDpCs+KMlzsGj2/cWZ9fcfawi1CmO6du/5DS Nbr93xYTEYyjGGd+GkOCcYF1PTcWOZQjBOFF4Xqkj0mvfaZ7lI51hL8s88nSCBjnT6S/ upLxXZKFRM7pbfHEnD+Nph5kncoK7v4N451oVZJGekUgRIefVmGahC9AdAuDBiXBvKSe wr5LnmDKji0UZ26aIHj+FibCOMzmkHr7bLvv9vYZkJX0ndWefdmxOGispPwT5L0z6vL0 WQ==
Received: from nam12-mw2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2040.outbound.protection.outlook.com [104.47.66.40]) by mx0b-00273201.pphosted.com with ESMTP id 3100yfhu1h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 13 May 2020 08:35:52 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cu2jHyXTasAFCshNg+NGW+8/rLaTh50QGm+MUrNJ8cn7IwTbQPV+6aRLJ/b0OeLPaAXtFBCOoNOCqYre9OnfJ5kK7eFeA+9HOsdGWKhvxQPc17HDjRVFwQNWvQm97ijGjmeOZRILW4tdvTwNXmjVS1YXh9C++JtcknIQX21Y6WF7ifvZkvo6Yr0bjDxLeoXlcf9rvjYfb7A5TZvlXpt8aB5kyaImPVFi08u8kIiF7v/Fz91a87nKERQTtEBFvyhp0NmDgs6L3ujwm7XtawCXXi6a4arYVMIMOZHGFBxAc3xmdJDhm0NlLu+m10ofPcajnl9gDkl58bMKa+k14fvrLw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0pH4dxGN7MIw+6qpMxTKH+jYAbhNCFSYaoZBG9bNBxc=; b=SY21lCV9OWR39fxQQMIueTXP0QpWyy3tLlTPHmUpheCyuh13XBvvqp+dY6WduxGimsioH8YSfaOsJbIAz7QmuBOebeCq5+cJ4B+q7ZWmZ41TT/kjZekmrT1ITUftcqnjlcetPiWJlhM6JhlJ+9L0ea5c2yvsQuFyJ3LKIR/f25LrpkW7Aw7nDQTl5oZJhHS8NJ2Ipl+4zCcoOILuzFmkCPWzJWLyYRArD5aT4MwVy0JEWkJXtBo4PMohF4hNtWgb93EUM1GAa/KN6NSpsOSPPMd4YtoZc08J3mO7Tqrt/04KB/1e8NZ/2QiHPOxaO6PgvywS+x9A8cU2NXgRIPBpnw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0pH4dxGN7MIw+6qpMxTKH+jYAbhNCFSYaoZBG9bNBxc=; b=e0AatLaaMvysZwv3yQMtIPoizTzJW4aAJtvEyvOryFzYnFJNwgohuigiKyiVjwjnRNtTVWTfTBiFF3Oc42S/NUEzbwdI1CgBH3DkDxy2d7+OTvuVdoE8fBv80axmK3KgzIle6QWYyCgj8IfIuMc6P8k2YwGWo81jIUp8PixQiTA=
Received: from DM6PR05MB6348.namprd05.prod.outlook.com (2603:10b6:5:122::15) by DM6PR05MB5722.namprd05.prod.outlook.com (2603:10b6:5:5c::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.13; Wed, 13 May 2020 15:35:49 +0000
Received: from DM6PR05MB6348.namprd05.prod.outlook.com ([fe80::c020:3bf5:7230:75e3]) by DM6PR05MB6348.namprd05.prod.outlook.com ([fe80::c020:3bf5:7230:75e3%4]) with mapi id 15.20.3000.016; Wed, 13 May 2020 15:35:49 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Tom Herbert <tom@herbertland.com>
CC: "otroan@employees.org" <otroan@employees.org>, 6man <6man@ietf.org>
Subject: RE: CRH and RH0
Thread-Topic: CRH and RH0
Thread-Index: AQHWKIrekPzaF/ez9Eqx/n5++hge6KikxRdQgAAHSoCAAAawsIAAFmwAgAAOYhCAAFOGAIAA14eg
Date: Wed, 13 May 2020 15:35:49 +0000
Message-ID: <DM6PR05MB6348A8585DFA7CC2C8DED99AAEBF0@DM6PR05MB6348.namprd05.prod.outlook.com>
References: <4EDFE9A2-A69C-4434-BB0A-960C2453250F@cisco.com> <DM6PR05MB6348FE6E3A45320C2A47EB66AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <8068EBE1-38DD-411E-A896-EB79084BBCC4@cisco.com> <DM6PR05MB6348326B0F72A009DB4F7746AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <942AF8C7-079E-4C81-95AB-F07A182E8F19@employees.org> <DM6PR05MB63483621F4AD3DEACA6FAF35AEBE0@DM6PR05MB6348.namprd05.prod.outlook.com> <CALx6S35h261urCC8scgLP2mks_kZCf9Ov2oHsTK+wLqas0KXng@mail.gmail.com>
In-Reply-To: <CALx6S35h261urCC8scgLP2mks_kZCf9Ov2oHsTK+wLqas0KXng@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2020-05-13T15:35:40Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=0633b888-ae0d-4341-a75f-06e04137d755; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=6bddf4b6-d71b-451b-b853-1d08c7f3fc6c; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=2
dlp-product: dlpe-windows
dlp-version: 11.4.0.45
dlp-reaction: no-action
authentication-results: herbertland.com; dkim=none (message not signed) header.d=none;herbertland.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [108.28.233.91]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: acc2b19b-ed41-4deb-2da2-08d7f7535043
x-ms-traffictypediagnostic: DM6PR05MB5722:
x-microsoft-antispam-prvs: <DM6PR05MB5722E3F0327406B749B22B11AEBF0@DM6PR05MB5722.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 0402872DA1
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: iLIdnvVwzB2tBgrE6pTMIus25v1CIZ7RUmxw9FEDiLoZ6GjA09yr5HO2gqBzgEnu0OzezuUb0/OjQDfQlBsAG7I92VxzLl+7Bh0alk3SqBVBUI9xPcLmLH20UkFyq5I5Zp4AkdL2FjS6TFlGhJS//Q7DFVoEQTTgM4loFUv717f/IAzmTjFKXi7p9ywXvup7P4LRtXKprpkOtfP66/Eky96zzyMgYOE1prtcPNr4szA4E/IwGiBKx/5Bkb1tI2O7OcezsvbyQ3e/dBu7qGwIa/wDRbbRmzenVqDfbH3KBONTji/XZIM+KJMlDBLNGVlnEUUZg7Ia2MyG+Xx/988dIKaGcqdKBE0Muh3W38xcyQzUdmbq4fnQjdVUfH1zbq7ByiPYXN2h85RWYiHQJ1TiP1YF9uOpfj1mXJqlbZtnoK+r9F8D6ycmur2XvepuwKfvfLuI5ib2y6dnlj9VtEUjL+L6dJBZFyHUeWz6ScPdBdd/8fV7fTgL7Oc6JUfFZofcil4wf12iRZ1lcw4WoeZ3yv9UsQnU82qj0Ygi3/9f+WpDbSY9okRJvvrAu/kiAs3dZCIOKkTd++hGtbV+z3IEeyPZXB0C2x4Z3y0QeH8Crew=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR05MB6348.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(376002)(39860400002)(346002)(366004)(136003)(396003)(33430700001)(6916009)(186003)(4326008)(2906002)(53546011)(33440700001)(6506007)(478600001)(9686003)(7116003)(71200400001)(86362001)(52536014)(76116006)(8676002)(33656002)(26005)(966005)(7696005)(316002)(55016002)(64756008)(66556008)(54906003)(66446008)(8936002)(66476007)(66574014)(5660300002)(66946007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: FV7mV3uuPZZK7Do86G0Ew9wQXgxHIJ1juJebbVvwT5u3CEVqFg0OKCUZMToRBz+Tq6CuD/xTHZPSvVZyF7NB/RdsR7R2+fWZj0ON2teoxW/rlH86icXwUYTK7ps4nw6wM5oBZ/YYIndQTgIJaUgt8xolntmQn8Vzz6rOAcut9wDsr4wNFh4oQq9mHAlEHX/V/oTxhlOnTgDRUxbD59CxEhhuqqJTJUwGTyOAx3yIseoFmiPkma8C1HJiCLxCJwTe5C3LTL8W67CC0qTkiDnTdJWA4+A//+nyc0/cMWFrhyfUgeJgp5Pbb5SyzjRxjbeu2kj75t9Iq7lNrvWDVpyutATSFc1h6B7+xb3S92O5tqCF6SBmDAbQ8Nrwm+LdYDzPNhQWViCslXBpxUNqb4JIpggvSPYRX6zfKrvoK8LlsrY7ODoXqhOz0I188kMplyz9tlYzIhnP8FPCe9xgtAM8ZfumZDscKXrxJNCvFvRJOy3tTr+0t0xSPJgQlzAmA15i
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: acc2b19b-ed41-4deb-2da2-08d7f7535043
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 May 2020 15:35:49.5341 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4PnGChSIfJ5bbov1MM4b21EsgeV/TXRwlguRFzi7VqoBVdrfM1La1Gj7OzKp4KNUkcXBs5dAK7Mj07qBTvUdLg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB5722
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.676 definitions=2020-05-13_06:2020-05-13, 2020-05-13 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 phishscore=0 impostorscore=0 mlxlogscore=999 malwarescore=0 mlxscore=0 cotscore=-2147483648 bulkscore=0 lowpriorityscore=0 clxscore=1015 priorityscore=1501 spamscore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2005130137
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/V1THxK_pKWtV34t8ed33VsAr29c>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 May 2020 15:36:07 -0000

Tom,

CRH is unique in that it requires a CRH-FIB. However, it doesn't require an special control plane support. The CRH-FIB can be created:

- by configuration (CLI)
- by a controller 
- by a IGP

I would still argue that CRH is a "general purpose" solution because:

- It is applicable in a wide variety of use-cases
- It doesn't rely on anything other than IPv6 cannon (e.g., RFC 8200, RFC 4291) and what is specified in the CRH draft.

It's just another tool in the IPv6 tool box.

                                                                                                         Ron


Juniper Business Use Only

-----Original Message-----
From: Tom Herbert <tom@herbertland.com> 
Sent: Tuesday, May 12, 2020 10:29 PM
To: Ron Bonica <rbonica@juniper.net>
Cc: otroan@employees.org; 6man <6man@ietf.org>
Subject: Re: CRH and RH0

[External Email. Be cautious of content]


On Tue, May 12, 2020 at 2:36 PM Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org> wrote:
>
> Ole, Darren,
>
> The CRH is a general purpose Routing header that operates inside of a network domain. In the sense that it is a general purpose routing header, it replaces RH0. In the sense that it is restricted to a network domain, it does not replace RH0.

Ron,

Not to nit-pick, but doesn't CRH require a specific control plane to be useful which would make it less than general purpose? I don't believe RH0 had such a requirement. Also there's the RH in RFC6554 that has a similar goal in compressing the addresses in the routing header, but doesn't seem to require additional control plane logic either. I think these might be worth referencing.

Tom
..
>
> If adding these two sentences will cause you to support the draft, or at least not object to it, I will happily add them!
>
> Are these the only objections?

It would seem the goals of CRH are very similar to RFC6554 in compressing the addresses in the routing header. I think this might be worth referencing.
>
>                                                                                     
> Ron
>
>
>
> Juniper Business Use Only
>
> -----Original Message-----
> From: otroan@employees.org <otroan@employees.org>
> Sent: Tuesday, May 12, 2020 4:38 PM
> To: Ron Bonica <rbonica@juniper.net>
> Cc: Darren Dukes (ddukes) <ddukes@cisco.com>; 6man <6man@ietf.org>
> Subject: Re: CRH and RH0
>
> [External Email. Be cautious of content]
>
>
> Hi Ron,
>
>
> > The answer to your question is a bit nuanced. My goals were to build a general purpose routing header that overcomes the RH0's limitations. Those being:
> >
> >       - Its size
> >       - Its security issues
> >
> > Now, is that a replacement for RH0? In one way, yes. RH0 and CRH are both general purpose routing headers. In another sense, no. RH0 is meant to traverse network boundaries. But RFC 5095 taught us that letting routing header traverse network boundaries might not be a wonderful idea. So, CRH is restricted to a network domain.
>
> If CRH could be a RH0 replacement, you would have to show how the tag distribution mechanism would work across the Internet?
> RH0 was supported in every IPv6 node, given the requirement for a tag->IPv6 address (or is it forwarding method) mapping, I can't quite see how that would be done in a general enough fashion for CRH?
>
> I don't think RFC5095 taught us that source routing cannot be done across the Internet.
> In fact I don't see how the CRH draft prevents the RFC5095 attack to happen inside of the CRH limited domain.
> Just send a packet with a list of tag#0, tag#1, tag#0, tag#1 and you have the same amplification attack.
>
> > And now I return to my original question. When engineering students read the CRH RFC in 25 years, will they really care what my motivation was? Why should we burden them with this detail?
>
> To the contrary. Take the motivations and intentions behind IPv6. We 
> have spent thousands of emails trying to decode what the original 
> intensions with EHs and their limitations were, why the minimum MTU 
> was 1280, recently I saw a thread about the reasons for why TTL/HL and 
> protocol/next header was swapped between v4 and v6. If your protocol 
> is successful, the original napkin it was designed on will become 
> legend. ;-)
>
> Best regards,
> Ole
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: 
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/ipv6
> __;!!NEt6yMaO-gk!VCsmnDZrlJb72chjZsxpFTzE3HDirD3f2dZKrrUJjn1YVZWUhae_u
> jIzFjntGXzC$
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email