IETF Logo Mail Archive

Re: SRH insertion vs SRH insertion + encapsulation

Fernando Gont <fgont@si6networks.com> Wed, 11 September 2019 11:03 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C8AD12088C; Wed, 11 Sep 2019 04:03:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.559
X-Spam-Level:
X-Spam-Status: No, score=-0.559 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_24_48=1.34, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iv7XX7QxIsaO; Wed, 11 Sep 2019 04:03:41 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 834A512089C; Wed, 11 Sep 2019 04:03:41 -0700 (PDT)
Received: from [192.168.8.100] (unknown [178.243.177.155]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id DDE3A8625E; Wed, 11 Sep 2019 13:03:35 +0200 (CEST)
From: Fernando Gont <fgont@si6networks.com>
Subject: Re: SRH insertion vs SRH insertion + encapsulation
To: Ole Troan <otroan@employees.org>, Ron Bonica <rbonica@juniper.net>
Cc: draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>, "6man@ietf.org" <6man@ietf.org>, Robert Raszuk <robert@raszuk.net>
References: <BYAPR05MB5463306B3328F460C2417764AEB50@BYAPR05MB5463.namprd05.prod.outlook.com> <32ED6621-3D17-4EC8-AC11-AFE64F05E6A9@employees.org> <BYAPR05MB5463AD77FA21C76C5A68E68BAEB70@BYAPR05MB5463.namprd05.prod.outlook.com> <5A25A20C-3BE3-4CD0-8558-2FC6E1BE717A@employees.org>
Openpgp: preference=signencrypt
Message-ID: <a8fc2793-3621-4172-c5c2-c9334860b288@si6networks.com>
Date: Tue, 10 Sep 2019 03:43:37 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <5A25A20C-3BE3-4CD0-8558-2FC6E1BE717A@employees.org>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/emq15YQeYWPOHQAO-Xds7_KGL6Y>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Sep 2019 11:03:49 -0000

On 9/9/19 21:49, Ole Troan wrote:
> Dear Ron,
> 
> I think we both have used up our posting quota for long into next year, but I'll one more on this topic.
> 
>> There is a big difference between translating a packet’s source/destination address and adding something to a packet. The best way to explain this difference is with an analogy.
>>  
>> Assume the following:
>>  
>> 	• I, Ronald, am conversing with an Italian speaker through a translator
>> 	• I say to the Italian speaker, through the translator, “your shoe is untied”
>>  
>> It is OK for the translator to tell the Italian speaker, “Aldo says that your shoe is untied”. He has translated my name into Italian, but not changed the message.
>>  
>> It is not OK for the translator to tell the Italian speaker, “Aldo says that your shoe is untied, and that you are ugly “.  If he were to do that, he would be originating a message and attributing it to me.
> 
> Translating the source address and/or destination address on the Internet is of course much worse than if a header inserted packet leaked.
> Translation breaks fundamental parts of the Internet architecture, which has shaped the unidirectional centralized network we have been forced into today.
> 
> I do think you are attacking a strawman though. I don't think many, apart from Fernando is talking about changing 8200. I.e the ground rules for end to end IPv6.

My argument is: let's call a lemon a lemon. Inserting EHs does break the
end-to-endness of IPv6.

If you want to do it, I'd expect:

1) A proposal that argues what problem they want to solve, and why they
don't solve it in a standards-compliant manner. You seem to imply that
"we have to allow EH-insertion of some sort", whereas I think the first
question is "should we, really?"

2) A document that, at the very least, contains an "Updates: RFC8200"
tag, such that the reader of RFC8200 is pointed to the document from
item "1)" above. As noted above, if you do "1)", you should really
change the text in RFC8200 such that s/must not/should not/.  If RFC8200
represents the consensus on the topic, and you want to deviate from
that, at the bare minimum your document should "Updates: RFC8200".

And to clarify the above: RFC8200 represents IETF consensus on this
topic. This is the reason why RFC8200 -- not because it's a sacred
document.

Besides, I will note that have always been keen to updating standards,
where deemed necessary. And when I've authored document, I've been
generous in including the "Update:" tags that would apply (see RFC8064,
for instance)



> The only realistic option for "header insertion" is within a limited domain.

I don't think we have "flavors" of IPv6 -- that, by itself, would be a
shift in the architecture. But in any case, I think this EH-insertion
thing (whether in a limited domain or not) would seem to me like out of
the scope of 6man.

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email