Re: [EXT] Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 14 February 2017 23:34 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44A2A129977; Tue, 14 Feb 2017 15:34:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tThZqLDYgpXJ; Tue, 14 Feb 2017 15:34:55 -0800 (PST)
Received: from mail-it0-x242.google.com (mail-it0-x242.google.com [IPv6:2607:f8b0:4001:c0b::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12BE51289B0; Tue, 14 Feb 2017 15:34:55 -0800 (PST)
Received: by mail-it0-x242.google.com with SMTP id r141so7949195ita.1; Tue, 14 Feb 2017 15:34:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=BsDxUdwSZ4IbhcIDWw+T4my2mrFK/sH4nNJX0F9KIcM=; b=KNP38UVhTQW+iSA5o+4Z68e/mm0Jtx1458KeKrd8O2QbMjnn4Oy8a7SwfXL9Fg+mvn JONdfc7yqHEvRUmhZscVMB9zlFwgR1ICtvjrMHJ2DD6MqZKsky5ZVEWDKnzou/aLh3Zx IkqMo/UvVRK+h7vyVrAbc9MME9TGYJWeYXgQzlexn4+m6cNFKqVAtx/e9D96SrORpBrj p2zJomfJISZ2B3DmjZjFxANxWi/J7BWAPRUCcgw3CtC6sP26UDisbxSzalrGtOgmvO7L H+RjvHWvFoP6fSTEVGBvbgbFHfmUays21r/Qcq7+JLLWUkN9OtW0xLK8UAsowqHwqpXB KvmQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=BsDxUdwSZ4IbhcIDWw+T4my2mrFK/sH4nNJX0F9KIcM=; b=reLnRH1QNhtfz7yS/T7vQnP/GiuFYbDKYTYaEyPyrlvmswXTB6mDd7dKPeo1HyJyop bJqQ4SgcJ0peFIsVL/BWMvjRM61+Bq9yGhEFW1/zESXfQqwOKWe1OxtmRPioGKXIyVI/ MmyMFx0uTT2YtB/4rYL2uye3XQg4lix8mUle1BJMrSCqMj9nxUrmwj+985OSdyAnpNiL nQNtLqxNBudN+LEnh2C5v2HiDZ1WLEhj2TIBieS+snP1RBxMyWkCcQ7/RULXtHZnKxyU mCT19EEg3l6hHlqnvHJ4N3EZzdK6FY2BfskWu+zCrjFGMpKUuRzPOoSnH33Q7DwNcQ3j 15ow==
X-Gm-Message-State: AMke39l69Y3K+8vMHQj9ycKeuSavd9LIGJvZBQLIuo0rjonkQWd34MBSD8eQ6bVsQYsymA==
X-Received: by 10.99.199.69 with SMTP id v5mr35559369pgg.90.1487115294259; Tue, 14 Feb 2017 15:34:54 -0800 (PST)
Received: from [192.168.178.21] ([118.148.78.74]) by smtp.gmail.com with ESMTPSA id t22sm3165060pfa.114.2017.02.14.15.34.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 14 Feb 2017 15:34:53 -0800 (PST)
Subject: Re: [EXT] Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard
To: David Mozes <davidm@mellanox.com>, Tal Mizrahi <talmi@marvell.com>, Mark Smith <markzzzsmith@gmail.com>
References: <67ab3d39d55840c8a207e2104e6020cd@IL-EXCH01.marvell.com> <CAO42Z2zcc-wCtdbs4VFSu-yWUT0u2PX8r+wpe3Jsj-4vVZUwwg@mail.gmail.com> <eeaa0cc49e104cc68c5b2ae23c44e355@IL-EXCH01.marvell.com> <HE1PR0501MB21381B97CAB3707DB7D20F31B6580@HE1PR0501MB2138.eurprd05.prod.outlook.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <7415f49b-0669-4291-99e2-49d21a3c0299@gmail.com>
Date: Wed, 15 Feb 2017 12:34:52 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1
MIME-Version: 1.0
In-Reply-To: <HE1PR0501MB21381B97CAB3707DB7D20F31B6580@HE1PR0501MB2138.eurprd05.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/gGWtb_D4CsHr1zr3weddE3Cmp5A>
Cc: "draft-ietf-6man-rfc2460bis@tools.ietf.org" <draft-ietf-6man-rfc2460bis@tools.ietf.org>, "6man@ietf.org" <6man@ietf.org>, IETF Discussion list <ietf@ietf.org>, "6man-chairs@ietf.org" <6man-chairs@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Feb 2017 23:34:57 -0000

David, Tal,

Note that if a HbH option is tagged "1 - Option Data may change en-route"
it is excluded from AH anyway. But if you insert an option, or extend
its length while modifying it, you will break all forms of PMTUD.

Regards
   Brian

On 15/02/2017 03:27, David Mozes wrote:
> Hi * ,
> I am also supporting the insertion of in-band telemetry like INT along with the  actual data packet .
> It is for sure a valid use case for the modern networking including data center. 
> There are several proposals how to embedded telemetry information   some of them are with in nvo3 tannling protocols 
> (Vxlan-GPE,Geneve) Spring and other  . 
> I think that ipv6 hbh is the "cleanest"  way to add such info.
> 	1) I don't see any and advantages on the other  proposals (NVO3 ,SPRING) over IPV6 hbh.
> 	2))As far as security In the IPsec community, AH is pretty much considered deprecated, a failed experiment.They  are  prefer to use   ESP for authentication as well.
>  
> The postal system and the letter is very nice e example  . I will treat the adding ipv6-hbh info as stamps on the envelops ,since we are not touching  the data gram itself just the envelope
> 
> Thx
> David
> -----Original Message-----
> From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Tal Mizrahi
> Sent: Tuesday, February 14, 2017 3:37 PM
> To: Mark Smith <markzzzsmith@gmail.com>
> Cc: draft-ietf-6man-rfc2460bis@tools.ietf.org; 6man@ietf.org; IETF Discussion list <ietf@ietf.org>; 6man-chairs@ietf.org
> Subject: RE: [EXT] Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard
> 
> Hi Mark,
> 
> I certainly agree that hop-by-hop insertion/modification introduces potential security vulnerabilities.
> Therefore, as I pointed out below, I would recommend to tackle this by defining something along the lines of “Hop-by-hop extensions can be inserted/removed/modified/processed by intermediate nodes *if* [……..] and the possible consequences are [……..]”
> 
> For example, hop-by-hop handling can be restricted only to a single administrative domain, or only to tunnels (as in the zero checksum case). 
> 
> Regards,
> Tal.
> 
>> -----Original Message-----
>> From: Mark Smith [mailto:markzzzsmith@gmail.com]
>> Sent: Monday, February 13, 2017 6:07 PM
>> To: Tal Mizrahi
>> Cc: 6man@ietf.org; IETF Discussion list; draft-ietf-6man- 
>> rfc2460bis@tools.ietf.org; 6man-chairs@ietf.org
>> Subject: [EXT] Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> 
>> (Internet Protocol, Version 6 (IPv6) Specification) to Internet 
>> Standard
>>
>> External Email
>>
>> ----------------------------------------------------------------------
>> Hi,
>>
>>
>>
>> On 14 February 2017 at 00:43, Tal Mizrahi <talmi@marvell.com> wrote:
>>> Hi,
>>>
>>>
>>>
>>> Good discussion regarding the text about the hop-by-hop extension.
>>>
>>>
>>>
>>> In my opinion there is a valid use case for intermediate nodes that 
>>> insert/remove/modify/process hop-by-hop extensions. Examples: IOAM, INT.
>>>
>>> Since there is a use case, I believe we need explicit text about 
>>> intermediate handling of hop-by-hop extensions.
>>>
>>
>>
>> Imagine you sent a letter through the postal system, and the postal 
>> system wanted to add information to that letter, that is then to be 
>> removed before the letter arrives at its final destination.
>>
>> The postal system have at least two choices as to how to add that information.
>> They could:
>>
>> (a) unstick your envelope's seal, insert the information, reseal the 
>> envelope so well you can't tell and send it on its way, some how 
>> flagging to a destination device within the postal system that this 
>> specific envelop needs to be openned, a specific page removed, and then resealed.
>>
>> (b) take a new envelope with new internal postal system source and 
>> destination address information, insert your letter without touching it 
>> in addition to the new information, and then sending it on its way.
>>
>> Imagine that the information to be added by the postal system is 
>> printed on the same type of paper and is written in the same font as 
>> you've chosen to use to write your letter.
>>
>> Have a think about these two methods, what could fail with each of 
>> them, and what the consequences may be if any of those failures occur.
>> Have a think of the benefits of each method, and whether they're worth 
>> it compared to the failure mode costs and consequences for the method.
>>
>>>
>>>
>>> This [somewhat] reminds me of the discussion a few years ago about 
>>> the IPv6/UDP zero checksum. The WG ended up defining that “Zero 
>>> checksum is permitted in IPv6/UDP *if* [……..] and the possible consequences are [……..]”.
>>>
>>>
>>
>> That is a far more trivial change to the packet - it is allowing a 
>> value in an existing field that was formerly prohibited, and nodes that 
>> did not understand that value would drop the packet because that is 
>> what they had been specified to do if they received this prohibited value. In other words, existing implementations '
>> behaviour when this formerly unexpected value was encountered had 
>> already been specified and deployed.
>>
>>
>>>
>>> I would argue that regarding hop-by-hop extension handling we also 
>>> need to define that “Hop-by-hop extensions can be 
>>> inserted/removed/modified/processed by intermediate nodes *if* [……..] 
>>> and the possible consequences are [……..]”.
>>>
>>
>> Some things that are possible to do in theory shouldn't be done in 
>> practice, because the consequences when their implementations fail can 
>> be severe and outweigh the benefits.
>>
>> In theory, inserted EHs will be removed 100% of the time. In practice 
>> they won't be, because implementations can have bugs and they can also 
>> fail in unexpected ways e.g., hardware faults.
>>
>> Regards,
>> Mark.
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>