IETF Logo Mail Archive

Re: [EXTERNAL] Re: Limited Domains:

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 16 April 2021 23:43 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CB513A3ACC for <ipv6@ietfa.amsl.com>; Fri, 16 Apr 2021 16:43:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d1cUTMCCdhjk for <ipv6@ietfa.amsl.com>; Fri, 16 Apr 2021 16:43:19 -0700 (PDT)
Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFB4A3A3AC9 for <6man@ietf.org>; Fri, 16 Apr 2021 16:43:19 -0700 (PDT)
Received: by mail-pf1-x434.google.com with SMTP id g16so6048571pfq.5 for <6man@ietf.org>; Fri, 16 Apr 2021 16:43:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=uYq0AT432LaS3aMAQ1x+aWVEpI290vZxU6l4iEXac5U=; b=AU7hibAjRSMNXmDygZ+9Y0n2bC3qTbtWQTBJ/KYiBIe/JUf4Ke3yNzesAu7zQiFNQK 10MvOB8Crlr6K3Ugrd+kp71v5qQg8+EV41q6+Hw+PXhnZPv5HH0jBUFrC1c3Jj8/2/xF RAog0Nulls+0zQEXEAwr3ujDBaUzEhyyyS6fDj1vBQNEkpTRDy2OurhvNUMsjmcXMr0u nwVzuKjyexp711TFrVVZetjQqOYCWRaesxrTpsKOqmyNKuZsiAHHaw7fSmYIadKf0Bfh U2CGalySWbSkK9+4SDnrif00ap8YE4ytDAaswsGlN4drShIUFQCuxwtD+rFXqdA/Gyft Bsxg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=uYq0AT432LaS3aMAQ1x+aWVEpI290vZxU6l4iEXac5U=; b=SLYmUTeIbdLz6NRNaw4gw1v+x6pTOGuRNtJrtkwGvSOA3+lpZ9gD4KKJFbjC6z9e4i /0YWzB+T1+rpCEiZNe07854wOX2anfDbywNbRngczdi8WlsMbootOyOkRkLIJ62ZoqOU 3Zw4UT1RyC/6KA29Oqk0nqrJ2MOPd9QFO3T4/VJChXLUjmRV3ZYs0I0wk4wmpZelE07y AzKQILSzyJQn38nMdmnRxbP5R2zSoezdzgrb8SRQa6IIA+74KXhbRbpWxF2EkvKI5QE0 YpDyWckJmM2v/uxkcgwYTAakbSGP0QpVm3MJncLZZHlLzUEMKPN1uM3ujeSBpL/9Kt7r ilYA==
X-Gm-Message-State: AOAM531yYVRuCE+2FtJGNNz6QUd1mUlGnr6eXcXqyZ1RIK2qQEQhpp4l 0gfIylW1hFkMZqdJoFWo5DnuNkHLosvMOA==
X-Google-Smtp-Source: ABdhPJwFUmNe2f2wQFrkPuuE3ruCkefUqdhIh4w6rdMSfiMkmA0ZLLUmurpM+8v1in4Qqn0Zs7EHUA==
X-Received: by 2002:a05:6a00:d41:b029:241:6449:e96 with SMTP id n1-20020a056a000d41b029024164490e96mr9817452pfv.75.1618616598459; Fri, 16 Apr 2021 16:43:18 -0700 (PDT)
Received: from [192.168.178.20] ([151.210.131.14]) by smtp.gmail.com with ESMTPSA id m20sm4723752pfk.133.2021.04.16.16.43.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 16 Apr 2021 16:43:17 -0700 (PDT)
Subject: Re: [EXTERNAL] Re: Limited Domains:
To: Robert Raszuk <robert@raszuk.net>, "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>
Cc: "6man@ietf.org" <6man@ietf.org>
References: <BL0PR05MB5316991D4124AD85BC69392AAE709@BL0PR05MB5316.namprd05.prod.outlook.com> <1697a0f8-b3cd-9f7d-d610-305b5305c9a1@gmail.com> <4077E736-0092-44C6-80D1-E094F468C00C@gmail.com> <12878114-5c26-86f9-89c3-bcfa10141684@gmail.com> <CALx6S35NBfVJmjqVwhNV3nui2avUOXn6ySMG3cxx2AvGkwr_Ow@mail.gmail.com> <08A6C3D2-A81C-413A-81B3-EFAAA9DBCCE5@cisco.com> <5b68beb6-a6f9-828b-5cca-9c5ec2bfbea7@foobar.org> <126B0A5E-B421-4B1F-AAEB-ABD48FFA4289@cisco.com> <CALx6S35yxqAqWJVhav-=+TB2ZyYttAFfsLNs6Btt+QUx__aQ1w@mail.gmail.com> <9b22cfe4-22eb-3977-2d25-79eb61370291@gmail.com> <17DC585D-3378-42BF-8CD0-67676BF0CFD3@gmail.com> <CAOj+MMG2wy-ag=O7vQO+GkoW+OcAr6CN38vsMU9X0bh=LhF2wA@mail.gmail.com> <57d84a666ee94eeea600377b862d2ed7@boeing.com> <CAOj+MMFAauP-XEVBxgMk1khKPeeS0k6d4P_+-GUc14XuCkunTQ@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <c05fb52b-78c9-a43f-d1fd-6c4b6477d5fe@gmail.com>
Date: Sat, 17 Apr 2021 11:43:14 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <CAOj+MMFAauP-XEVBxgMk1khKPeeS0k6d4P_+-GUc14XuCkunTQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ba4TXw5i5-6uYp_mXkxKCy1CVLs>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Apr 2021 23:43:25 -0000

On 17-Apr-21 10:25, Robert Raszuk wrote:
> 
>> My main view is, if the domain is truly limited, firewalled or even air gapped, then what is the motivation to seek approval in a standards body?
> 
> Spot on ! 

On that argument the SPRING WG should never have been chartered and the 6MAN WG should never have approved RFC8754. Also, we should never have defined diffserv in 1998. And NAT, of course, would be excluded by definition, and RFC1918 from 1996 would need to be obsoleted.
 
> If someone (vendor or operator) is to seek to deploy some functionality limited to his own network new ethertype should be allocated and then he is free to do whatever needed. 
> 
> Otherwise I do not subscribe to this limited domain vs Internet limitation of any IETF spec. I have never seen for the Internet ethertype any way to scope it not to be send over the limited domain boundary.

But we keep on defining limited domain protocols regardless of that problem. Please do read the RFC (https://www.rfc-editor.org/rfc/rfc8799.html). Don't imagine that this issue is ever going to disappear. I believe that the deeper problem is that IETF dogma is to pretend that this issue does not exist.

The problem with the current flow label proposal is of course exactly what you say: it forks the definition of the IPv6 packet, so could only coexist with the Internet-wide flow label if all the routers in the domain check whether the origin or destination of every packet is internal or external.

Regards,
   Brian

> Best,
> R.
> 
> 
> On Sat, Apr 17, 2021 at 12:12 AM Manfredi (US), Albert E <albert.e.manfredi@boeing.com <mailto:albert.e.manfredi@boeing.com>> wrote:
> 
>     From: ipv6 <ipv6-bounces@ietf.org <mailto:ipv6-bounces@ietf.org>> On Behalf Of Robert Raszuk
> 
>     > I think this this thread nicely demonstrates that we need to first define what a "limited domain" is. 
>     >
>     > To some it seems to be 1980s definition of an IGP network boundary. More modern folks would consider as "limited domain" a set of IGP ASNs areas interconnected by p2p BGP still under the same administration. 
>     >
>     > For me "limited domain" is an arbitrary collection of sites anywhere in the world using Internet for inter-connectivity.
> 
>     Good point! Whereas to me, "limited domain" means, only inside this platform.
> 
>     > So any protocol which claims to be defined for "limited domain" and which claims that it is backwards compatible with nodes not supporting it is equal to allow it to traverse Internet.
> 
>     "Backwards compatible" may mean different things to different people, and it seem dubious in this case (because flow label is to be a random value, per IPv6). My main view is, if the domain is truly limited, firewalled or even air gapped, then what is the motivation to seek approval in a standards body?
> 
>     Bert
> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email