IETF Logo Mail Archive

Re: Path MTU Hop-by-Hop Option

Fernando Gont <fgont@si6networks.com> Wed, 24 October 2018 03:36 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F240B130DE0 for <ipv6@ietfa.amsl.com>; Tue, 23 Oct 2018 20:36:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RkqsqSt5j2VK for <ipv6@ietfa.amsl.com>; Tue, 23 Oct 2018 20:36:40 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8F9E12D4F2 for <ipv6@ietf.org>; Tue, 23 Oct 2018 20:36:39 -0700 (PDT)
Received: from [192.168.0.104] (unknown [80.30.179.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id E5986864CD; Wed, 24 Oct 2018 05:36:32 +0200 (CEST)
Subject: Re: Path MTU Hop-by-Hop Option
To: Tom Herbert <tom@herbertland.com>
Cc: Carsten Bormann <cabo@tzi.org>, Bob Hinden <bob.hinden@gmail.com>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, IPv6 List <ipv6@ietf.org>
References: <153972960647.9465.12295361632444928551.idtracker@ietfa.amsl.com> <E97952C5-3E3C-4EC1-B414-BDA8717FD7DF@gmail.com> <24F21185-0E76-449D-B9C7-729DD8CD30EE@tzi.org> <4a8602d4-7bbd-1ce0-7c25-5149f2f8d1ec@si6networks.com> <CALx6S37GG_UDpyJqd61OMXgLCCoEJuXsN5WvkNERdGcUQp0X4A@mail.gmail.com>
From: Fernando Gont <fgont@si6networks.com>
Openpgp: preference=signencrypt
Autocrypt: addr=fgont@si6networks.com; prefer-encrypt=mutual; keydata= xsFNBE5so2gBEACzBQBLUy8nzgAzSZn6ViXT6TmZBFNYNqTpPRvTVtUqF6+tkI+IEd9N2E8p pXUXCd0W4dkxz6o7pagnK63m4QSueggvp881RVVHOF8oTSHOdnGxLfLeLNJFKE1FOutU3vod GK/wG/Fwzkv9MebdXpMlLV8nnJuAt66XGl/lU1JrNfrKO4SoYQi4TsB/waUQcygh7OR/PEO0 EttiU8kZUbZNv58WH+PAj/rdZCrgUSiGXiWUQQKShqKnJxLuAcTcg5YRwL8se/V6ciW0QR9i /sr52gSmLLbW5N3hAoO+nv1V/9SjJAUvzXu43k8sua/XlCXkqU7uLj41CRR72JeUZ4DQsYfP LfNPC98ZGTVxbWbFtLXxpzzDDT8i3uo7w1LJ2Ij/d5ezcARqw01HGljWWxnidUrjbTpxkJ9X EllcsH94mer728j/HKzC9OcTuz6WUBP3Crgl6Q47gY5ZIiF0lsmd9/wxbaq5NiJ+lGuBRZrD v0dQx9KmyI0/pH2AF8cW897/6ypvcyD/1/11CJcN+uAGIrklwJlVpRSbKbFtGC6In592lhu7 wnK8cgyP5cTU+vva9+g6P1wehi4bylXdlKc6mMphbtSA+T3WBNP557+mh3L62l4pGaEGidcZ DLYT2Ud18eAJmxU3HnM8P3iZZgeoK7oqgb53/eg96vkONXNIOwARAQABzSVGZXJuYW5kbyBH b250IDxmZ29udEBzaTZuZXR3b3Jrcy5jb20+wsGBBBMBAgArAhsjBQkSzAMABgsJCAcDAgYV CAIJCgsEFgIDAQIeAQIXgAUCTmylpQIZAQAKCRCuJQ1VHU50kv7wD/9fuNtTfxSLk3B3Hs3p ixTy8YXVjdkVwWlnJjFd7BOWmg7sI+LDhpjGfT6+ddOiwkumnvUZpObodj4ysH0i8c7P4C5t F9yu7WjklSlrB5Rth2CGChg5bKt541z2WHkFFxys9qBLmCSYDeKQkzLqhCjIUJizY2kOJ2GI MnSFDzJjhSFEh//oW830Y8fel1xnf/NVF+lBVtRMtMOfoWUqDjvP3sJ1G4zgkDCnF0CfncLx +hq2Mv26Uq9OTzvLH9aSQQ/f067BOkKAJKsfHdborX4E96ISTz57/4xECRSMr5dVsKVm4Y// uVIsb+L5z+a32FaiBZIAKDgnJO7Z8j6CV5e5yfuBTtX52Yi9HjYYqnYJGSDxYd6igD4bWu+7 xmJPHjkdqZgGV6dQIgiUfqkU+s5Cv350vK48CMaT/ZLo2BdsMhWsmaHmb+waePUMyq6E4E9x 9Js+EJb9ZiCfxS9exgieZQpet1L36IvhiwByvkQM009ywfa30JeMOltUtfLi5V06WQWsTzPL 5C+4cpkguSuAJVDTctjCA0moIeVDOpJ8WH9voQ4IeWapQnX35OIoj1jGJqqYdx65gc1ygbyx b8vw+pJ9E5GLse5TQnYifOWpXzX9053dtbwp/2OVhU4KLlzfCPCEsoTyfu9nIZxdI2PMwiL5 M85BfjX4NmwBLmPGoM7BTQRObKNoARAAqqXCkr250BchRDmi+05F5UQFgylUh10XTAJxBeaQ UNtdxZiZRm6jgomSrqeYtricM9t9K0qb4X2ZXmAMW8o8AYW3RrQHTjcBwMnAKzUIEXXWaLfG cid/ygmvWzIHgMDQKP+MUq1AGQrnvt/MRLvZLyczAV1RTXS58qNaxtaSpc3K/yrDozh/a4pu WcUsVvIkzyx43sqcwamDSBb6U8JFoZizuLXiARLLASgyHrrCedNIZdWSx0z0iHEpZIelA2ih AGLiSMtmtikVEyrJICgO81DkKNCbBbPg+7fi23V6M24+3syHk3IdQibTtBMxinIPyLFF0byJ aGm0fmjefhnmVJyCIl/FDkCHprVhTme57G2/WdoGnUvnT7mcwDRb8XY5nNRkOJsqqLPemKjz kx8mXdQbunXtX9bKyVgd1gIl+LLsxbdzRCch773UBVoortPdK3kMyLtZ4uMeDX3comjx+6VL bztUdJ1Zc9/njwVG8fgmQ+0Kj5+bzQfUY+MmX0HTXIx3B4R1I1a8QoOwi1N+iZNdewV5Zfq+ 29NlQLnVPjCRCKbaz9k6RJ2oIti55YUI6zSsL3lmlOXsRbXN5bRswFczkNSCJxJMlDiyAUIC WOay7ymzvgzPa+BY/mYn94vRaurDQ4/ljOfj6oqgfjts+dJev4Jj89vp8MQI3KJpZPEAEQEA AcLBZQQYAQIADwUCTmyjaAIbDAUJEswDAAAKCRCuJQ1VHU50km4xEACho45PZrUjY4Zl2opR DFNo5a6roTOPpgwO9PcBb3I5F8yX2Dnew+9OhgWXbBhAFq4DCx+9Gjs43Bn60qbZTDbLGJ/m 8N4PwEiq0e5MKceYcbetEdEUWhm5L6psU9ZZ82GR3UGxPXYe+oifEoJjOXQ39avf9S8p3yKP Diil0E79rn7LbJjMcgMLyjFg9SDoJ6pHLtniJoDhEAaSSgeV7Y745+gyMIdtQmrFHfqrFdjq D6G0HE+Z68ywc5KN67YxhvhBmSycs1ZSKAXv1zLDlXdmjHDHkU3xMcB+RkuiTba8yRFYwb/n j62CC4NhFTuIKOc4ta3dJsyXTGh/hO9UjWUnmAGfd0fnzTBZF8Qlnw/8ftx5lt4/O+eqY1EN RITScnPzXE/wMOlTtdkddQ+QN6xt6jyR2XtAIi7aAFHypIqA3lLI9hF9x+lj4UQ2yA9LqpoX 6URpPOd13JhAyDe47cwsP1u9Y+OBvQTVLSvw7Liu2b4KjqL4lx++VdBi7dXsjJ6kjIRjI6Lb WVpxe8LumMCuVDepTafBZ49gr7Fgc4F9ZSCo6ChgQNLn6WDzIkqFX+42KuHz90AHWhuW+KZR 1aJylERWeTcMCGUSBptd48KniWmD6kPKpzwoMkJtEXTuO2lVuborxzwuqOTNuYg9lWDl7zKt wPI9brGzquUHy4qRrA==
Message-ID: <7de0cfd8-340a-7f85-f28e-9ebc054cfe4a@si6networks.com>
Date: Wed, 24 Oct 2018 05:14:44 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <CALx6S37GG_UDpyJqd61OMXgLCCoEJuXsN5WvkNERdGcUQp0X4A@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/j3LfeRc-bqjH8P05R5es_jbcLnQ>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2018 03:36:43 -0000

On 10/24/18 3:57 AM, Tom Herbert wrote:
> On Tue, Oct 23, 2018 at 11:03 AM, Fernando Gont <fgont@si6networks.com> wrote:
>> On 10/17/18 6:49 AM, Carsten Bormann wrote:
>>> On Oct 17, 2018, at 00:55, Bob Hinden <bob.hinden@gmail.com> wrote:
>>>>
>>>> This document specifies a new Hop-by-Hop IPv6 option that is used to
>>>>   record the minimum Path MTU
>>>
>>> A while ago I proposed something similar to collect information about adaptation layer fragmentation MTUs (information about which is truly not available in any other way):
>>>
>>> https://tools.ietf.org/html/draft-bormann-intarea-alfi-04
>>>
>>> (I also only looked at the Internet layer here — leaving it as an exercise to put in transport/application protocol support.)
>>>
>>> After mulling an initial version of the proposal, there was pretty much consensus that hop-by-hop options were not really available on the Internet.  So I put in an alternative way to collect the information, see above if you are interested.  Then at some point SPUD came along and I was hoping that would lead to a framework within in which this information could be better handled.
>>>
>>> Maybe it’s time to pull the old draft out again.  The hop-by-hop option problem of course hasn’t gone away.
>>
>> IPv6 EHs are not readily available on the public IPv6 Internet. See
>> RFC7872. While not included in RFC7872, my measurements indicate that
>> the same applies even to IPsec EHs. :(
> 
> Fernando,
> 
> If I'm reading RFC7872 correctly, it is more accurate to say that the
> drop rates for EH vary between 12% and 55% depending on type and
> destination. We cannot say that EH always works on the Internet, but
> neither is it correct to say that EH never works on the Internet.
> Success rate is somewhere in between.

Can you depend on something that fails in 10% (or more) of cases?



> While the data in RFC7872 is objective, the conclusions being drawn
> are not. I think there are two possible conclusions 1) Success rate of
> EH is abysmal, EH is a failure and should be deprecated, and the
> would-be contents of EH need to be moved to other layers somehow

Tags aside, the reality is that if you need the the would-be contents to
be reliable, you'd put them else where. Not that I like it... but
whatever my personal taste is, it doesn't solve problems by itself.

(see what happened to ip options... the ipv6 eh case is worse).



> 2) EH
> support is less than desirable, but this is a current condition that
> may be improve over time with new deployments, protocol
> clarifications, definition of some "useful" options. 

Yes, it could improve. One never knows. Me, my gut feeling is that's
unlikely.


> IMO, until EH is
> officially deprecated, it is entirely appropriate to define new uses
> such as the Path MTU Option here.

No matter how EHs are flagged, we're doing engineering. It works, or it
doesn't. (as unfortunate as that may be).

To me, it all looks like they are reliable in controlled domains (within
your network, where you control everything), but not elsewhere (public
Internet)

> Since we know up front that the
> option might not always be viable on the Internet, the mechanism will
> need a fallback;

If the fall-back "just works" why not keep it simple?


> but the need for a fallback is hardly unique: IPv6
> falls back  IPv4 via happy eyeballs, UDP falls back to TCP when
> firewalls block UDP, etc.

I'd compare such a fall-back with e.g. retrying TCP connections without
the ECN bits set. When doing the fall-back, you lose the benefits of
ECN. - but I would expect that in most EH cases, loosig the
functionality is not a viable option. e.g., what would the fall-back be
for IPsec packets that get blackholed?   (I tel you *my* workaround: I
tunel over TLS over a transport protocol.. don't even bother to try to
do IPsec in the general case)

Just to make my point clear:not that I like the situation. BUt
pretending it doesn't exist doesn't make it go away.

Cheers,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email