IETF Logo Mail Archive

Re: proposed text for header injection revision 05

Mark Smith <markzzzsmith@gmail.com> Sat, 23 July 2016 02:21 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65A6012D8F9 for <ipv6@ietfa.amsl.com>; Fri, 22 Jul 2016 19:21:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.2
X-Spam-Level:
X-Spam-Status: No, score=-1.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Eav_d--xyhOM for <ipv6@ietfa.amsl.com>; Fri, 22 Jul 2016 19:21:35 -0700 (PDT)
Received: from mail-vk0-x22c.google.com (mail-vk0-x22c.google.com [IPv6:2607:f8b0:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C0D9812D8F4 for <6man@ietf.org>; Fri, 22 Jul 2016 19:21:34 -0700 (PDT)
Received: by mail-vk0-x22c.google.com with SMTP id s189so179859966vkh.1 for <6man@ietf.org>; Fri, 22 Jul 2016 19:21:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=pBSFea4Shkg98hcNEgc/Pz7Iy7QW0w4h+YVjbx0yNOw=; b=heol+hws0cJbCXTo9XNDk5pPEu7/xi+EPquf5A4bRz9ACqTg2wXf53lhO4sT6iQIq0 2nYUSEC33BCLW0LLQ640GZO+dHmZv4hH+nn2roJlGODwtYtMerrQo6lH3CWlCKgSchNH HofT+MDWlwAIaoF3iUdVSKh/pcaoFvAsL2+qxUtlYlkZI/m1oDGVXgt1iFijvT9de7g4 IBXuvMW5d67E7/fdr7U5q5V8RMoIAaRdpq+nfeM2Z8DF03P9NTuEKfbM8SOwVzOYFWFO HmSYfMduVXLx8ox7y89EiL0WU5UjPshijIZbDvV6fr83mbDWRn0glZvjhUdK3a3Isbtc myWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=pBSFea4Shkg98hcNEgc/Pz7Iy7QW0w4h+YVjbx0yNOw=; b=GUvkXX9hG2ujfeWnDBEZpQjqEWpIf1P8IkfXee3fqiYtph/w6AmZEkOH2gzmokK77+ dvoXqHhkVfMzpdTEp2IjkB8HpfcnHg0HGVGHSGEI3uGEQQZSNnQ6dXnXB1eeaLFF623d 8pMDmPeDgk8hIo9C+7kTj+JuCFnq37go995/szqjPZLBqNygsS2KtKJnBiwRhdSIa88D +34jCMnEQIWkGVN1PUxHg1pkRb4tKDyAkeolGlz1dxN1crPCTAoSeDV/J7CPCIAYUeMV 8N4b/grwkuVQOWsMYXqyNMDtKLC+Z1hpZIPYEEO7B8FBHBpbQlW1hPgIuIlDeEKNytZI m2nQ==
X-Gm-Message-State: AEkoouvLRMPULzh3HiNqJge2dUhjKs+nv0s+qLFXf8cBlOfGC5iDMhefEN/IocdQ+CMkPKN8wY/Kw3YJNiwkRQ==
X-Received: by 10.176.2.242 with SMTP id 105mr3578427uah.140.1469240493654; Fri, 22 Jul 2016 19:21:33 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.159.39.233 with HTTP; Fri, 22 Jul 2016 19:21:04 -0700 (PDT)
In-Reply-To: <CABdyVt4tcMX=OpG80KddKG+_5S3nXvKQtmN_8V25R3RqcDrokA@mail.gmail.com>
References: <26582.1468923195@obiwan.sandelman.ca> <F9BF1C40-1369-405E-9392-908F34A4339B@cisco.com> <e9b319da-e2ba-3015-b5eb-026541c0cb16@gmail.com> <2EBFA6F2-00A3-45E1-BE0E-3531AF75726A@employees.org> <787AE7BB302AE849A7480A190F8B933008DE9E22@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAFU7BATEa6E92rF8XXNw7cAF4ye70n783FMm4t=mfjg-OGFZEA@mail.gmail.com> <0445fd4c-3d96-73f5-035e-570f165faf9b@gmail.com> <614711c4-9e69-3ddc-67f2-0d20394169ad@si6networks.com> <aafab4fe-103e-d97a-cc40-0a092e32ccb1@gmail.com> <3edee5c1-3444-bc7d-31e5-1bb29810e857@si6networks.com> <CAJE_bqdtkGDLoaa8bK9apLCEwBUZw+bzseqPPHGHoXcGZxieOA@mail.gmail.com> <CABdyVt6GM-HJ-MGMb3eRMrRdeWWvTD-Tat+i8r8Dyjkz9-=pfA@mail.gmail.com> <CAO42Z2zOm_mw-B5twAC=CazZnP4eDnxaDYEXfgefgi-zPjWd7g@mail.gmail.com> <CABdyVt4tcMX=OpG80KddKG+_5S3nXvKQtmN_8V25R3RqcDrokA@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Sat, 23 Jul 2016 11:51:04 +0930
Message-ID: <CAO42Z2zB-SKsQez54L8Cs8f0Aierf=_J5CjWJy2bEaXDzfgysg@mail.gmail.com>
Subject: Re: proposed text for header injection revision 05
To: Hemant Singh <hemantietf@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ekYlRmYldjmCCEu0FnuZ87va9PY>
Cc: "Mark Townsley (townsley)" <townsley@cisco.com>, Michael Richardson <mcr+ietf@sandelman.ca>, "6man@ietf.org" <6man@ietf.org>, 神明達哉 <jinmei@wide.ad.jp>, Fernando Gont <fgont@si6networks.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jul 2016 02:21:36 -0000

On 23 July 2016 at 09:40, Hemant Singh <hemantietf@gmail.com> wrote:
> Sorry, my bad for including "intentional".   It's just ambiguous related to
> the term "processed" which is not clear and called out by many others as
> ambiguous.

I think the claim of ambiguity is dubious. Processing is what
computers do, and these devices are specialised computers. If the word
'processing' hasn't been clarified, then it means performing any
actions on the EHs.

I think this is what actually happened:

1. Some people thought the way to solve their problem was to insert
EHs into existing, in flight packets
2. They didn't consult RFC2460 to see if was acceptable to do that
3. They now want a loophole created in RFC2460bis to accommodate
behaviour that isn't permitted, claiming that RFC2460 is ambiguous.

I have two fundamental objections:

- I've dealt with devices that silently change packets or frames in
flight, intentionally or in error, and know how hard they can be to
troubleshoot. Packets that are not modified in flight in any way at
all would be the ideal, because if the packet that arrived wasn't the
packet sent, then something is broken in the network, and network
processing of packets would be no more than look at a value or values
in the packet fields and then perform the small set of actions
necessary to forwarding them.+

- i don't agree with trying to make non-compliant behaviour compliant
by creating a spec loophole using a claimed ambiguity, when an
understanding of the meaning of the words "examine" and "processed"
are fundamental to the field of computing and networking. The heart of
a computer is the Central Processing Unit!

I understand people have work they've put effort into that would be
non-compliant if this loophole isn't created. However, just because
the work exists doesn't mean it now has to be accommodated in the
specifications.

I think the discussion about what and what not to put in regarding
what inserting EHs breaks also shows that this area is not fully
understood or investigated. I think that is also another sign that the
consequences of inserting EHs into existing packets isn't known and
complete. It think it needs to be properly understood and documented,
and then if the benefits are worth the drawbacks, the specification
could be updated to permit it.


Regards,
Mark.

+ If you look at the early versions of IP (e.g., RFC675, various
IENs), for versions 1 through 3 (1974 through 1978) it seems the only
modification of packets that is permitted in the network is
fragmentation (which isn't really modification, rather it is
replacement of one packet with the creation of multiple new packets
carrying the original packet's data). There is no TTL field or hop
count field. I think that indicates that during that design period
there was an expectation that packets were not to be modified in
flight at all, which is the simplest thing to do - just look at them
and forward them, no modification required. TTL or Hop Count fields
are a reasonable safety measure, however they're per-packet overhead
and additional per-hop processing to mitigate what should be a short
lived and transient state of a loop. Ideally, if entirely loop free
routing protocols had been invented (which was probably the
expectation between 1974 and 1978), there'd be no need to have and pay
the price of TTL or Hop Count fields in each and every packet and the
cost of modifying them at each hop.



> Hemant
>
> On Fri, Jul 22, 2016 at 7:37 PM, Mark Smith <markzzzsmith@gmail.com> wrote:
>>
>>
>> I haven't seen any evidence of international ambiguity. Brian found an
>> email from Steve Deering explicitly stating that if you want to add an EH to
>> a packet you add it via encapsulation within another IPv6 packet.
>>
>> The following is not ambiguous.
>>
>> "With one exception, extension headers are not examined or processed by
>> any node along a packet's delivery path, until the packet reaches the node
>> (or each of the set of nodes, in the case of multicast) identified in the
>> Destination Address field of the IPv6 header."
>>
>> For those claiming it is, you must explain to the rest of us how you
>> insert EHs with out "examining" or "processing" the existing EHs.
>>
>>
>

v2.23.0 | Report a Bug | By Email