IETF Logo Mail Archive

RE: SRH insertion vs SRH insertion + encapsulation

Ron Bonica <rbonica@juniper.net> Wed, 11 September 2019 15:09 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1822712022C; Wed, 11 Sep 2019 08:09:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wrwhVPV0jy_u; Wed, 11 Sep 2019 08:09:37 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7662120220; Wed, 11 Sep 2019 08:09:37 -0700 (PDT)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x8BExplo032076; Wed, 11 Sep 2019 08:09:35 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=MjiSg4r0P0/frSQWRviQJUYBPNUGS+kuL/A5vFplfTg=; b=VcUJ2Ad58Bi0YArlNB7qd+4SKiHhtkvuRgOUwGPc4HceTO4q7XbmCH9M1+WfCgVt/0HF F8nCiDVmnF++t/vkn9Fss3ksZMRxx3a6CkMOJnTj4VXDLWqcvGw+MjYmUcSQWknONJzw vuaLYLowlXwSy1mZU+sOBHcTIlqVd67iApiTBEkqFaMY43ZyRGokTMvbP/oGbV81TQjQ l1KgSDp8eEeyX1KVUC2cp9WBhlWKGncQ8bXjGnQwbQmQYT846b+QgpsPmi1pW3wHzAGh X2NDm1pervAY/wqsCwvMbUbO0cjYOm0Ih6MpKk5DWJkRpd86SEloFdi/X6wRaDKDGx2J GQ==
Received: from nam01-bn3-obe.outbound.protection.outlook.com (mail-bn3nam01lp2055.outbound.protection.outlook.com [104.47.33.55]) by mx0a-00273201.pphosted.com with ESMTP id 2uxj9fskrs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 11 Sep 2019 08:09:35 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CDmJfv1sNof0KFqUwTIbq69FB6oPd5BFGlsT6FHyQh3/CTOUSJfc4DFjCQDCZ15iYbD2SzAgttSNVSwlFxZhOa+p3D6wZqL1Qq2TyioWHUxuFrNTbyhUt7jCOPFNuyvOUHrSwTH+DHcAHD4+J7/GDOJ5VhaarVoEPUyS+urgH8bc5qNjUQF130QQ7m9mdxwj6lnLY78YN4NTR7ZfPz6Dy8uqOUosBcHPUJdfMh7kuzn6cjGzQMmPC+1fIZOIqvcxKwgsQu79erEsIdIR1mv0ju4cighK2s3coN1ACpK37aVJkwIadNxOV+Pm0DzgYfXb5sx8pI+ALkFHpH+ltIlP+g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MjiSg4r0P0/frSQWRviQJUYBPNUGS+kuL/A5vFplfTg=; b=PduqA33JyvSzTBxKtHwP0ph1mYxs/sbCSyerk8hkyKrLaUokofmBoCc1QtN59NXt7sy3tbNGlA8hPTtQqECldGlVr3ATUV09iluAZWdqE0Co3XTiOWiW8S2NQCFxEx7gnxL/L48gvY8LcBzFZgmOYlxcUXLsLwCnO+GKCpbqhyJHwXbFjOGpqOPGppJmhJJvWM1A6XtviHeqci4q4f12cFyqJV1HWJuqHvykOT57b4LEwoPk8BIrNLhqNhOvre7TjdMlIVPJO8ihP7VjttBIlptF0M2Guv2X2oRbvsnCY4PF+sCZc5PxU6El/HTTukrPmjEBqYboM14oC0w/Kk+5fg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
Received: from BYAPR05MB5463.namprd05.prod.outlook.com (20.177.185.144) by BYAPR05MB5783.namprd05.prod.outlook.com (20.178.50.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.10; Wed, 11 Sep 2019 15:09:33 +0000
Received: from BYAPR05MB5463.namprd05.prod.outlook.com ([fe80::f4f2:f284:d49a:890a]) by BYAPR05MB5463.namprd05.prod.outlook.com ([fe80::f4f2:f284:d49a:890a%4]) with mapi id 15.20.2263.015; Wed, 11 Sep 2019 15:09:33 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Ole Troan <otroan@employees.org>
CC: Robert Raszuk <robert@raszuk.net>, Mark Smith <markzzzsmith@gmail.com>, draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Subject: RE: SRH insertion vs SRH insertion + encapsulation
Thread-Topic: SRH insertion vs SRH insertion + encapsulation
Thread-Index: AQHVZWy1LXGmyD5/0k6niKwz9Ahon6cgHQCAgAALDQCAAKiwwIAASCAAgAJm2BCAADQJgIAAD71ggAAf2wCAArasEA==
Content-Class:
Date: Wed, 11 Sep 2019 15:09:33 +0000
Message-ID: <BYAPR05MB54632ECA8D3B3D0C6B48E8F4AEB10@BYAPR05MB5463.namprd05.prod.outlook.com>
References: <BYAPR05MB5463306B3328F460C2417764AEB50@BYAPR05MB5463.namprd05.prod.outlook.com> <32ED6621-3D17-4EC8-AC11-AFE64F05E6A9@employees.org> <BYAPR05MB5463AD77FA21C76C5A68E68BAEB70@BYAPR05MB5463.namprd05.prod.outlook.com> <5A25A20C-3BE3-4CD0-8558-2FC6E1BE717A@employees.org> <BYAPR05MB5463C4A5FB802D9ED1A84A01AEB70@BYAPR05MB5463.namprd05.prod.outlook.com> <FAC93206-7820-4E26-8E06-EBAF210E7E4D@employees.org>
In-Reply-To: <FAC93206-7820-4E26-8E06-EBAF210E7E4D@employees.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-09-11T15:09:31.6595362Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=5fbf4a73-5791-4c74-9c59-5483dcd1e595; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
dlp-product: dlpe-windows
dlp-version: 11.2.0.14
dlp-reaction: no-action
x-originating-ip: [66.129.241.13]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 246a58f9-e789-4553-9ee8-08d736ca0d5b
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:BYAPR05MB5783;
x-ms-traffictypediagnostic: BYAPR05MB5783:
x-microsoft-antispam-prvs: <BYAPR05MB5783E9F0E268F5CBAEE16D6EAEB10@BYAPR05MB5783.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0157DEB61B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(39860400002)(366004)(396003)(346002)(376002)(136003)(13464003)(199004)(189003)(54906003)(66476007)(66556008)(66946007)(64756008)(66446008)(52536014)(102836004)(6116002)(66574012)(186003)(3846002)(6506007)(53546011)(66066001)(11346002)(446003)(6916009)(14454004)(486006)(476003)(5660300002)(6436002)(9686003)(55016002)(53936002)(4326008)(99286004)(25786009)(71190400001)(478600001)(2906002)(7736002)(305945005)(81166006)(81156014)(8676002)(74316002)(6246003)(7696005)(86362001)(8936002)(14444005)(256004)(229853002)(33656002)(316002)(71200400001)(76176011)(76116006)(26005); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB5783; H:BYAPR05MB5463.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 9Kt6GzfBnXIzQy9E1ydznfgdH7bFGM6uCs5WeN50+ZiZPgQc7SmXlaBBiov8GaRC+hFtPwx9BOYUwB3OUHDnw+roBP9Hv3V0TJTlwJ2wi8/hKedcJs4iC+K3WhV2dXLtTC6Itlhh7lENRNHlLkpfAYyMLVjHZziKYeuAdse1WtHwr4NRQcqT5LesBVBqScQqVKH0+5DtFEqXreXOIlLqZib9iHTWVqGxN/JzWOhpuZRempWXlPd1lvGSTRwc8R/gQfHmEI0oYBhop9rkbwZDvztebSgkKGsIL5u+GpgOTZpV4V73/rAjyMBOi3xvDKcrdE/TEzeCEETbWyutVn2GVCBo6sXLPROphfDeK6cEjknibLS2YyjrZGLvVkoxTWW2JpezjweiKtmUnDvnMxGB+c4PE4MUjDWpr2HtHNJe1so=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 246a58f9-e789-4553-9ee8-08d736ca0d5b
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Sep 2019 15:09:33.0467 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: GGA9RryPHkPO2+6XiEQBjkHxCmptSGPxG3VhEiZ23Zh2DpIBj2i9YpDSSMaoir/6xijykeaVW6Zuq+oa0dUAAg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB5783
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.70,1.0.8 definitions=2019-09-11_08:2019-09-11,2019-09-11 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 malwarescore=0 adultscore=0 priorityscore=1501 spamscore=0 mlxlogscore=999 bulkscore=0 lowpriorityscore=0 phishscore=0 clxscore=1015 mlxscore=0 suspectscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1906280000 definitions=main-1909110139
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/alYNmiRlPYOBdGGUGPBqZBY88EU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Sep 2019 15:09:40 -0000

So, the return address has one meaning in general, and another in the limited domain of ACME shipping.

I guess this is OK so long as packages addressed by ACME never leak out of ACME's limited domain.

Yeah, we have been around this track before.......

                                                        Ron



Juniper Business Use Only

-----Original Message-----
From: Ole Troan <otroan@employees.org> 
Sent: Monday, September 9, 2019 5:40 PM
To: Ron Bonica <rbonica@juniper.net>
Cc: Robert Raszuk <robert@raszuk.net>; Mark Smith <markzzzsmith@gmail.com>; draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>; 6man@ietf.org
Subject: Re: SRH insertion vs SRH insertion + encapsulation

Ron,

> I am a little worried about the Italian postal worker in your example. She opened the outer box, which should have had the following return address:
> 
> - ACME Shipping, Boston, USA
> 
> She knows and trusts the ACME Staff in Boston, so she eats the Jelly Belly's. But the people in Boston didn't put the Jelly Belly's in the box. Some guy in London did.
> 
> So now, any trust that she had bestowed upon the ACME staff in Boston has been usurped by a stranger in London.

Your concern for Italian postal workers is unfounded in this case.
ACME Boston addresses the outer box to the Rome post office whom was of course well informed that ACME London acts on behalf of ACME Boston.

Ole

> 
> Juniper Business Use Only
> 
> -----Original Message-----
> From: Ole Troan <otroan@employees.org> 
> Sent: Monday, September 9, 2019 2:49 PM
> To: Ron Bonica <rbonica@juniper.net>
> Cc: Robert Raszuk <robert@raszuk.net>; Mark Smith <markzzzsmith@gmail.com>; draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>; 6man@ietf.org
> Subject: Re: SRH insertion vs SRH insertion + encapsulation
> 
> Dear Ron,
> 
> I think we both have used up our posting quota for long into next year, but I'll one more on this topic.
> 
>> There is a big difference between translating a packet’s source/destination address and adding something to a packet. The best way to explain this difference is with an analogy.
>> 
>> Assume the following:
>> 
>> 	• I, Ronald, am conversing with an Italian speaker through a translator
>> 	• I say to the Italian speaker, through the translator, “your shoe is untied”
>> 
>> It is OK for the translator to tell the Italian speaker, “Aldo says that your shoe is untied”. He has translated my name into Italian, but not changed the message.
>> 
>> It is not OK for the translator to tell the Italian speaker, “Aldo says that your shoe is untied, and that you are ugly “.  If he were to do that, he would be originating a message and attributing it to me.
> 
> Translating the source address and/or destination address on the Internet is of course much worse than if a header inserted packet leaked.
> Translation breaks fundamental parts of the Internet architecture, which has shaped the unidirectional centralized network we have been forced into today.
> 
> I do think you are attacking a strawman though. I don't think many, apart from Fernando is talking about changing 8200. I.e the ground rules for end to end IPv6.
> The only realistic option for "header insertion" is within a limited domain.
> 
> A more fitting analogy would be something like:
> 
> - Ronald wants to ship a Birthday parcel to his aunt in Rome. He delivers the packet to the ACME shipping company in Boston
> - The shipping company puts the parcel into a bigger sturdier box and gets it loaded onto the first ship bound for Europe.
> - When arriving in London the European arm of ACME opens the outer box and slips a big bag of jelly babies in there and close the box up again.
> - ACME's box then travel to Rome by train, and arrives to the Italian postal service.
> - The Italian postal employee opens the box, eats the jellybabies and take Ron's birthday parcel to his aunt.
> 
> Of course if Ron had just shipped the parcel himself directly with the Best Effort Real Internet Inc company, it would have in half the time at half the cost, but the Italian postman would not have gotten any jelly babies...
> 
> Cheers,
> Ole
> 
> PS: For unknown reasons Bassett Jellybabies are really hard to get hold of outside of the UK. Apparently because everyone else thinks the frosting looks like mold.

v2.23.0 | Report a Bug | By Email