IETF Logo Mail Archive

Re: End-to-end (was Re: Non-Last Small IPv6 Fragments)

Tom Herbert <tom@herbertland.com> Wed, 16 January 2019 15:42 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EE08130DE4 for <ipv6@ietfa.amsl.com>; Wed, 16 Jan 2019 07:42:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.041
X-Spam-Level:
X-Spam-Status: No, score=-2.041 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D12gvqDCc4Mj for <ipv6@ietfa.amsl.com>; Wed, 16 Jan 2019 07:42:04 -0800 (PST)
Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 014411200D7 for <ipv6@ietf.org>; Wed, 16 Jan 2019 07:42:03 -0800 (PST)
Received: by mail-qt1-x836.google.com with SMTP id l11so7669472qtp.0 for <ipv6@ietf.org>; Wed, 16 Jan 2019 07:42:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SkHY/NWnuWiX/ImfBL8osKd//kFO5FB0kqjU8I4CHPg=; b=VxYokDxoIqr+lxHFHMuTNU6HPgPYlzn6uUN+mo4S3iO1iAn5soSkTNxKyUthewXu9k o3q3ccjRtrE4F0f96UK43ydrzVbMS06n3V9R1GNOWCpvBGhBHYUNjgrzocCVbUOMGfw1 T93/X0GXGG9ZIYC4lr0wPmAhJ0L2yh2PztGlu4mEy/dKop6DqwXBrjt2a7uZbeZQYYLF fPHc1AdQE+h6Rf6X2ITxTzebdnRoguyYLfM6zmz/IHB+hYzJ85MEXoXoT+gzU9sPRzKf m/+jMoOiW5NuxBeNPuAIwJHhtVjfy0w8Q6mr10Qg4gdvACbj0//I2mUw3VPSLCIj+nqJ y8Xg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SkHY/NWnuWiX/ImfBL8osKd//kFO5FB0kqjU8I4CHPg=; b=ij4OGNPLXtTqpIsq1wdnxzOqU32kv6Q6hOzlahPTPaPD5ZOoed1lrcg0EoxfbnaZCa jLFakF+NbyztIkPXLqORn2dFrqO8YResbe9wCqmCxmsh7vgRUtFhSvQG3lg6KvzI7gCZ Mde9RE5Gk0qyYTY2UcweAD8ZAiTKoJ6FuA9EAGjdasP43KFUBZ9u86dopxw9F02JFMbp yEqk3Fc+5flT5J+aabB6+ATR4/rXolFBW+GzJ+E43ifDSjnsc3RKEFnorEZznHeELZjG evmOeJIHBT4rtPgbtLYrZWtl7SGnyrOtX0VPhnAjgKjU6WtbO/5L1648SRSDmKARG60J 6z7w==
X-Gm-Message-State: AJcUukclZIudh1pRtWF1ht1cfg4LXjOIRjcfDYabOlc9xHl4pXMWKHO0 Rzzg/PTFz92VTFE9lk7CnSuR4KU0whqNBSEhROEcc/l/
X-Google-Smtp-Source: ALg8bN4dSrUJMQZVZXi5ZlwJMebkGMcwgZZvxyxGyMQsKCqScwo67+E40CDrpGRiirdNB03XznMvupM/fbqMuN1dJnQ=
X-Received: by 2002:aed:38c6:: with SMTP id k64mr7082135qte.97.1547653322704; Wed, 16 Jan 2019 07:42:02 -0800 (PST)
MIME-Version: 1.0
References: <CAOSSMjV0Vazum5OKztWhAhJrjLjXc5w5YGxdzHgbzi7YVSk7rg@mail.gmail.com> <6aae7888-46a4-342d-1d76-10f8b50cebc4@gmail.com> <EC9CC5FE-5215-4105-8A34-B3F123D574B9@employees.org> <4c56f504-7cd7-6323-b14a-d34050d13f4e@foobar.org> <9E6D4A6E-8ABA-4BAB-BEC5-969078323C96@employees.org> <CAAedzxpdF+yhBXfnwUcaQb-HkgdaqXRU3L+S7v8sS1F0OkwM9A@mail.gmail.com> <78a8a0e0-8808-364c-41f7-f81f90362432@gont.com.ar> <CALx6S37YnSbOUgVoWEA46aN88a3CfERWemhQKi_GOrP_g+=rFQ@mail.gmail.com> <308d9dff-87c4-cc63-6792-fcbfce722d1e@gont.com.ar> <CALx6S34kseXuKrrbB44=wz7OQBysUmbJh++N79Da9Kx1rseAUw@mail.gmail.com> <3f87c4ec-636a-790e-0a6a-0a6b4c2f3a35@foobar.org> <046F449C-E19E-4891-968E-975A03162364@lists.zabbadoz.net> <e7a1d5d2-7d7d-00fd-a178-fc2c7f25a167@foobar.org> <251b73fd-d08b-018c-4a24-c524dafbe25b@gmail.com> <e8786213-b1ac-0a8d-093d-579ce84dc126@foobar.org> <9b0c0ead-752f-fa8a-56b5-1a400ba16d22@huitema.net> <CALx6S35H0QYo6cs+7c0gFoysxhL7fmQSNW=BOrya_A4AY6H3JA@mail.gmail.com> <2db935ba-36e1-93b8-08d5-4a0c1e902d71@si6networks.com>
In-Reply-To: <2db935ba-36e1-93b8-08d5-4a0c1e902d71@si6networks.com>
From: Tom Herbert <tom@herbertland.com>
Date: Wed, 16 Jan 2019 07:41:51 -0800
Message-ID: <CALx6S34C4UuQWK2fzdkZ7F0ZaEgmaLWzH582PVpEx-XN6FywNA@mail.gmail.com>
Subject: Re: End-to-end (was Re: Non-Last Small IPv6 Fragments)
To: Fernando Gont <fgont@si6networks.com>
Cc: Christian Huitema <huitema@huitema.net>, "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, IPv6 List <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/dV6cXJXJWmjICpUYf_xzryeQezI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jan 2019 15:42:07 -0000

On Tue, Jan 15, 2019 at 11:52 PM Fernando Gont <fgont@si6networks.com> wrote:
>
> On 15/1/19 19:42, Tom Herbert wrote:
> [....]
> > packets. This uses a modifiable HBH options and is completely
> > idependent of the transport layer.
>
> You cannot use HBH in the public Internet. Well, you can... but there
> high chances your packets will be dropped.
>
Fernando,

By that same thinking we can't use any extension headers at all, any
transport protocol other then TCP (and maybe UDP), ICMP, the TCP
authentication option, TCP fast open, UDP options, or even IPv6 on the
Internet. None these will universally pass through the Internet. But
it's also true that not all such packets are dropped, there are a lot
of networks where these will work and they do conform to the
standards.

We have some workarounds for the problem. We can follow the IPv6 happy
eyeballs approach: if an application see that packets aren't making it
to a destination, then fallback back to using a more rudimentary
protocol with higher probability of success but less service offered
to the user. Encrypting as much of the packet as possible, including
transport layer headers like QUIC does, also helps-- what the network
can't see, it can ossify.

As for HBH, RFC8200 relaxed the requirement that intermediate nodes
need to process them. If a node just wants to get to the transport
layer it can skip over the EH very with a few simple operations. I see
no excuse for new devices being deployed to systematically drop HBH or
destination options EHs. If they are  doing that then their
implementation does not comply with the IPv6 standard and we shouldn't
have any compunction about publically calling them out on that.

Tom

> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>

v2.23.0 | Report a Bug | By Email