Re: Please review: 6MAN WG Adoption call: draft-baker-6man-hbh-header-handling-03
Mark Smith <markzzzsmith@gmail.com> Wed, 21 October 2015 00:38 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 538BC1ACEC3 for <ipv6@ietfa.amsl.com>; Tue, 20 Oct 2015 17:38:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.498
X-Spam-Level:
X-Spam-Status: No, score=-0.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Py8mOVS2jq6z for <ipv6@ietfa.amsl.com>; Tue, 20 Oct 2015 17:37:59 -0700 (PDT)
Received: from mail-vk0-x229.google.com (mail-vk0-x229.google.com [IPv6:2607:f8b0:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D8A21ACEC6 for <ipv6@ietf.org>; Tue, 20 Oct 2015 17:37:59 -0700 (PDT)
Received: by vkfw189 with SMTP id w189so20433599vkf.2 for <ipv6@ietf.org>; Tue, 20 Oct 2015 17:37:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=HrZLfs8ugOMSf0HsWQwJ2n3RCuKaWaVoyYh43o6XeWo=; b=yfedYZOEoWAzqv66jTD/pwb/Aafp2O0kxosJ5Dr1oOzGLUrNWP3GW4wgKqp/bk99nH 8AauCalE1GzZsKSIKeYmP0wPZ379pYIRKO2gv25K50sEfUC3wzITDvxty/5IQ1/DAE4U XFc7FRuSG+Nf7Ti5tFP1S1YS2NRltMIEShvfr7MlPzanxLI1erpiRJx5u6MunfOvk6UB yBzsOqtdgNBUVAksJ5S2PA6+xGj/5MKBB8oQ3IDb0FPWS47LC8caOYfDl/lIAwMMPWYD W4y/dJgtPzt02GCTVQr4178gazEPNFHY01uZHdBqddTfZCZyvE6vsUT3WQFVaeg32Hja EFwg==
MIME-Version: 1.0
X-Received: by 10.31.49.67 with SMTP id x64mr4122460vkx.133.1445387878202; Tue, 20 Oct 2015 17:37:58 -0700 (PDT)
Received: by 10.103.67.194 with HTTP; Tue, 20 Oct 2015 17:37:58 -0700 (PDT)
Received: by 10.103.67.194 with HTTP; Tue, 20 Oct 2015 17:37:58 -0700 (PDT)
In-Reply-To: <876554748.317330.1445348055127.JavaMail.yahoo@mail.yahoo.com>
References: <CAO42Z2z=Ge-mSmK5fzmtRki1w9YaFpnaehuy6Wy1WUygV9+1CQ@mail.gmail.com> <876554748.317330.1445348055127.JavaMail.yahoo@mail.yahoo.com>
Date: Wed, 21 Oct 2015 11:37:58 +1100
Message-ID: <CAO42Z2zO+HSum28psFeXksRXbRfZ_xRfdx1vh7y=rh9hQFjPcg@mail.gmail.com>
Subject: Re: Please review: 6MAN WG Adoption call: draft-baker-6man-hbh-header-handling-03
From: Mark Smith <markzzzsmith@gmail.com>
To: nalini.elkins@insidethestack.com
Content-Type: multipart/alternative; boundary="001a1143fc920b038d0522929706"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/mHunCTRAMVB_MdAsKwkW7gUyEOg>
Cc: 6man Chairs <6man-chairs@tools.ietf.org>, 6man WG <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2015 00:38:00 -0000
On 21 Oct 2015 12:34 am, <nalini.elkins@insidethestack.com> wrote: > > > > >The unicast source address in a packet indicates the source of all information in a packet - the packet originator. > > >If a device in the network adds information, such as extension headers, the unicast source address value has lost some if its meaning, because it now doesn't identify the source of all >of the contents of the packet. > > >The packet is now a "multi-source" packet, rather than a single or "uni-source" packet, yet only the first of the packet content sources is available in the packet's unicast source >address field. > > >Any mechanisms that depend on a source address identifying the single and original source of the packet, such as PMTUD, may now fail. > > On networks today, you will see "third party reset". That is, a middle box sending a reset to a destination address with what appears to be the unicast source address of the originator. But, it is not actually sent by that source address but by a box in the middle. Just saying, the source address does not in all cases indicate the packet originator. And, I am not talking about MITM. This situation can happen today if there are too many retransmits, for example. > > Not saying we want to perpetuate this kind of behavior. (Terse because I'm on a train) We shouldn't, and if we get to the point where addresses are cryptography authenticated, that won't work. That is of course an example of source address spoofing. If you were to try to trouble shoot that, without being aware there is a device in the network spoofing source addresses, you'd spend a lot of time suspecting and investigating a device that wasn't at fault.
- Re: Please review: 6MAN WG Adoption call: draft-b… Brian E Carpenter
- Please review: 6MAN WG Adoption call: draft-baker… otroan
- Re: Please review: 6MAN WG Adoption call: draft-b… Fernando Gont
- Re: Please review: 6MAN WG Adoption call: draft-b… Mark Smith
- Re: Please review: 6MAN WG Adoption call: draft-b… nalini.elkins
- Re: Please review: 6MAN WG Adoption call: draft-b… Mark Smith
- Re: Please review: 6MAN WG Adoption call: draft-b… Bless, Roland (TM)
- Re: Please review: 6MAN WG Adoption call: draft-b… Suresh Krishnan
- RE: Please review: 6MAN WG Adoption call: draft-b… Greg Daley
- Conclusion: 6MAN WG Adoption call: draft-baker-6m… otroan
- RE: Please review: 6MAN WG Adoption call: draft-b… Panos Kampanakis (pkampana)