IETF Logo Mail Archive

Re: A long HBH Options question

Ole Troan <otroan@employees.org> Tue, 21 August 2018 20:08 UTC

Return-Path: <otroan@employees.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC0EA130EC5 for <ipv6@ietfa.amsl.com>; Tue, 21 Aug 2018 13:08:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8KaHzctFev2V for <ipv6@ietfa.amsl.com>; Tue, 21 Aug 2018 13:08:37 -0700 (PDT)
Received: from accordion.employees.org (accordion.employees.org [198.137.202.74]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32EAE130ED4 for <6man@ietf.org>; Tue, 21 Aug 2018 13:08:37 -0700 (PDT)
Received: from astfgl.hanazo.no (30.51-175-112.customer.lyse.net [51.175.112.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by accordion.employees.org (Postfix) with ESMTPSA id DACD32D51D5; Tue, 21 Aug 2018 20:08:34 +0000 (UTC)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by astfgl.hanazo.no (Postfix) with ESMTP id 9BCF04480D5; Tue, 21 Aug 2018 22:08:32 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Subject: Re: A long HBH Options question
From: Ole Troan <otroan@employees.org>
In-Reply-To: <CO1PR05MB443761AE84025D23B163738AE310@CO1PR05MB443.namprd05.prod.outlook.com>
Date: Tue, 21 Aug 2018 22:08:32 +0200
Cc: "6man@ietf.org" <6man@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <34926054-58F9-484E-B04C-965D9E933F6F@employees.org>
References: <CO1PR05MB443761AE84025D23B163738AE310@CO1PR05MB443.namprd05.prod.outlook.com>
To: Ron Bonica <rbonica@juniper.net>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/oLyWQCbSh_aIQLfhMa3NySv5fzY>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Aug 2018 20:08:40 -0000

Ron,

> According to RFC 8200:
> 
>  "The Option Type identifiers are internally encoded such that their
>   highest-order 2 bits specify the action that must be taken if the
>   processing IPv6 node does not recognize the Option Type:
> 
>      00 - skip over this option and continue processing the header.
> 
>      01 - discard the packet.
> 
>      10 - discard the packet and, regardless of whether or not the
>           packet's Destination Address was a multicast address, send an
>           ICMP Parameter Problem, Code 2, message to the packet's
>           Source Address, pointing to the unrecognized Option Type.
> 
>      11 - discard the packet and, only if the packet's Destination
>           Address was not a multicast address, send an ICMP Parameter
>           Problem, Code 2, message to the packet's Source Address,
>           pointing to the unrecognized Option Type."
> 
> Also according to RFC 8200:
> 
> "While [RFC2460] required that all nodes must examine and
>   process the Hop-by-Hop Options header, it is now expected that nodes
>   along a packet's delivery path only examine and process the
>   Hop-by-Hop Options header if explicitly configured to do so."
> 
> So, let's assume that:
> 
> - A packet contains an HBH option and the high-order bits of the HBH Option type are "10".
> - The packet traverses Router A and Router B on route to its destination
> - Router A is not configured to process HBH options
> - Router B is configured to process HBH options
> - Neither Router A nor Router B recognize the HBH option contained by the above-mentioned packet.
> 
> I think that RFC 8200 requires the following behavior:
> 
> - Router A forwards the packet to Router B, without examining the HBH Options header
> - Router B discards the packet, because it doesn't recognize the option.
> 
> Is this the required behavior? If so, does this behavior cause cognitive dissonance for anybody else?

Expected behaviour.
You might recall we had this exact discussion a few years ago.
A consequence of relaxing the HBH processing rules is that mandatory options no longer has the “safety catch”, and that not configuring every router on the path to process it, would be a configuration error.
E.g. take the jumbo HBH option. It’s pretty obvious that it’s a configuration error, and router A wouldn’t be able to forward those packets anyway.

> I am thinking that the "act" bits are meaningless in the HBH extension header. This discussion may also be applicable to draft-herbert-ipv6-update-dest-ops.

I hope not, but feel free to bring enlightenment.

Cheers,
Ole

v2.23.0 | Report a Bug | By Email