IETF Logo Mail Archive

Re: END SID Without SRH

Ole Troan <otroan@employees.org> Fri, 14 June 2019 06:52 UTC

Return-Path: <otroan@employees.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9A8612004A for <ipv6@ietfa.amsl.com>; Thu, 13 Jun 2019 23:52:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m5hD8Qkroach for <ipv6@ietfa.amsl.com>; Thu, 13 Jun 2019 23:52:45 -0700 (PDT)
Received: from bugle.employees.org (accordion.employees.org [IPv6:2607:7c80:54:3::74]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF9F9120118 for <ipv6@ietf.org>; Thu, 13 Jun 2019 23:52:45 -0700 (PDT)
Received: from astfgl.hanazo.no (30.51-175-112.customer.lyse.net [51.175.112.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bugle.employees.org (Postfix) with ESMTPSA id E2D65FECBECE; Fri, 14 Jun 2019 06:52:43 +0000 (UTC)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by astfgl.hanazo.no (Postfix) with ESMTP id 6635E1758E9A; Fri, 14 Jun 2019 08:52:39 +0200 (CEST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Subject: Re: END SID Without SRH
From: Ole Troan <otroan@employees.org>
In-Reply-To: <CAO42Z2wgZ8gE1pTDy2xbxetdLqf8EWpKRmbi=n7qfgEALwVmVQ@mail.gmail.com>
Date: Fri, 14 Jun 2019 08:52:38 +0200
Cc: David Farmer <farmer@umn.edu>, 6man WG <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <BBB1A2A3-DE78-4E97-B193-9B6980B82358@employees.org>
References: <BYAPR05MB42456C75487CF9283A0ED1D0AE100@BYAPR05MB4245.namprd05.prod.outlook.com> <CAO42Z2y_D-xe+tX9n-KQYjnk5bkYXibO0Zs3E=JfAWWMZnJcSA@mail.gmail.com> <3030A68F-6CE1-4179-930C-D60BEB73063A@employees.org> <CAO42Z2yLkCRNXKp8KKnqh8VRRo6p1dx4h0-gyLBFZ=Jq0xQj2w@mail.gmail.com> <0C40BEFF-B050-40A1-BCB7-F76ADF18E3E0@employees.org> <BYAPR05MB42457C37AE7DC3F4CACC8FD7AEEC0@BYAPR05MB4245.namprd05.prod.outlook.com> <B254E985-A848-4FC4-868D-E2F04CF7E0DB@cisco.com> <104B106B-8130-4931-9DBF-2FE5C5633CB0@gmail.com> <B0D2092F-CC6E-4990-857B-E88229FA80AF@cisco.com> <277E6E14-8FD4-45A3-9350-E30B82C0FA86@gmail.com> <CAN-Dau1MDKpFrmmDFpj3s4cZYwFyB0KnWMrc-yjw_m5mO_8REw@mail.gmail.com> <CAO42Z2wgZ8gE1pTDy2xbxetdLqf8EWpKRmbi=n7qfgEALwVmVQ@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/nzdJyhJyUVbN0ZpMeC3Ftx7hkbc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jun 2019 06:52:49 -0000

Mark,

[snip]

> pWhat's a "regular IPv6 destination"?
> 
> It would need to be explicitly defined now, because it has been implicit.
> 
> It's one thing to encode function or service destinations in IPv6
> addresses. That's is done and supported in IPv6 with anycast and
> multicast.
> 
> When the packet arrives at that function or service destination
> encoded in an anycast or multicast address, it is processed as per the
> instructions encoded in the chain of EH and upper layer headers in the
> packet. For example, even though the use of TCP with multicast doesn't
> make sense, once the multicast packet holding the TCP segment has
> arrived at a node with the multicast address, the node is to hand the
> TCP segment to the TCP module.
> 
> It's quite a different thing to encode packet processing in the
> destination address that contradicts or ignores the instructions
> encoded in the chain of EH and upper layer headers. I think this might
> be a more significant change to the IPv6 packet processing model and
> operation than we realise.
> 
> RFC 8200 is very clear and explicit on multiple occasions about
> following the processing encoded in the EH chain and upper layer
> headers when the packet arrives at the destination device that holds
> the matching DA:

I think that' a way too literal interpretation of 8200.

Especially in the context of routers.
A remote node cannot expect that any combination of the local nodes's destination address and header chain will be processed.
A router will not process your protocol 89 packet on any DA. In the VPP MAP-E implementation, the BR address is a "service address", and will drop anything that isn't protocol 4 (as well as any packet with extension header).

Best regards,
Ole







> 
> 4.  IPv6 Extension Headers
> 
> ...
> 
> "Extension headers (except for the Hop-by-Hop Options header) are not
>   processed, inserted, or deleted by any node along a packet's delivery
>   path, until the packet reaches the node (or each of the set of nodes,
>   in the case of multicast) identified in the Destination Address field
>   of the IPv6 header." (For context for the next two quotes.)
> 
> ...
> 
> "At the destination node, normal demultiplexing on the Next Header
>   field of the IPv6 header invokes the module to process the first
>   extension header, or the upper-layer header if no extension header is
>   present.  The contents and semantics of each extension header
>   determine whether or not to proceed to the next header. ***Therefore,
>   extension headers must be processed strictly in the order they appear
>   in the packet***; a receiver must not, for example, scan through a
>   packet looking for a particular kind of extension header and process
>   that header prior to processing all preceding ones."
> 
> ...
> 
> 4.1.  Extension Header Order
> 
> ...
> 
>  "IPv6 nodes must accept and attempt to process extension headers in
>   any order and occurring any number of times in the same packet,
>   except for the Hop-by-Hop Options header, which is restricted to
>   appear immediately after an IPv6 header only.  Nonetheless, it is
>   strongly advised that sources of IPv6 packets adhere to the above
>   recommended order until and unless subsequent specifications revise
>   that recommendation."
> 
> ...
> 
> Regards,
> Mark.
> 
> 
> 
>> Thanks
>> --
>> ===============================================
>> David Farmer               Email:farmer@umn.edu
>> Networking & Telecommunication Services
>> Office of Information Technology
>> University of Minnesota
>> 2218 University Ave SE        Phone: 612-626-0815
>> Minneapolis, MN 55414-3029   Cell: 612-812-9952
>> ===============================================
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email