IETF Logo Mail Archive

Re: Comments on <draft-gont-6man-rfc6564bis-01>

Bob Hinden <bob.hinden@gmail.com> Mon, 26 October 2015 15:49 UTC

Return-Path: <bob.hinden@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A31DD1B4D41; Mon, 26 Oct 2015 08:49:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vJ0K1zLT0NIP; Mon, 26 Oct 2015 08:49:42 -0700 (PDT)
Received: from mail-qg0-x233.google.com (mail-qg0-x233.google.com [IPv6:2607:f8b0:400d:c04::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF1BE1B4D3F; Mon, 26 Oct 2015 08:49:41 -0700 (PDT)
Received: by qgbb65 with SMTP id b65so122534972qgb.2; Mon, 26 Oct 2015 08:49:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to; bh=wYZ/tcqZCjo+d5MIjkwc3duOWJfBreMxqJHOVIWf1d0=; b=N5feoT+maW4/fgP8L45CmqaMcEZUW3FmB+bWoWNVyGjaLUhaDXM3Id+vmHGA/5jZ6j 7tbV+N7CBugEN/CajRzymnnbiBL9sepm4J1wet2S5BSFLOZwWjmDjQxOVHYIK7LhVB8M J4LAd1htFBCLnSGnIFiFkFN/RKPvEYCc45k4bfL57oVQY0v38qkUuZhD76QfRMPX78bn Z9TUSAnqur/3+z9vJZKJUX77HBMXCFgkRMf2Dftewz/gorpVB3wZg024uziTVXuWmvKq f0f9E3Fdj8U5QMqUoV1qqc/P+SDa6fJWJazfDoX3lB5KbiBS0gQoVMv4C5nCdG/YMuSE t1mg==
X-Received: by 10.140.242.209 with SMTP id n200mr13258204qhc.59.1445874581053; Mon, 26 Oct 2015 08:49:41 -0700 (PDT)
Received: from [10.0.0.24] (c-71-202-19-53.hsd1.ca.comcast.net. [71.202.19.53]) by smtp.gmail.com with ESMTPSA id f1sm13167155qhe.42.2015.10.26.08.49.39 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 26 Oct 2015 08:49:40 -0700 (PDT)
Subject: Re: Comments on <draft-gont-6man-rfc6564bis-01>
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Content-Type: multipart/signed; boundary="Apple-Mail=_A04C4272-E352-4BBF-A904-F342990D779F"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.5.2
From: Bob Hinden <bob.hinden@gmail.com>
In-Reply-To: <20151024124803.GA4053@virgo.local>
Date: Mon, 26 Oct 2015 08:49:38 -0700
Message-Id: <372F6293-A02F-4ABA-B132-152E1B82DC07@gmail.com>
References: <5ABE9F3B-FD35-4288-B7AE-A154A4DF384C@gmail.com> <20151024124803.GA4053@virgo.local>
To: Hagen Paul Pfeifer <hagen@jauu.net>
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/s6dG7kiSFYU1R01zrNGDCDonDvk>
Cc: IPv6 List <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>, draft-gont-6man-rfc6564bis@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Oct 2015 15:49:44 -0000

Hagan,

> On Oct 24, 2015, at 5:48 AM, Hagen Paul Pfeifer <hagen@jauu.net> wrote:
> 
> * Bob Hinden | 2015-10-23 15:52:21 [-0700]:
> 
> Hey Bob!
> 
>> I have read this draft a few times, and I guess I don’t really see how this
>> draft changes anything from RFC6554.
> 
> The difference from 6554 - An IPv6 Routing Header for Source Routes with the
> Routing Protocol for Low-Power and Lossy Networks - is enormously! ;-) Just
> kidding.

Sorry about that :-)

> 
> Let me explain the difference from a user (kernel, software) point of view.
> With 6564 the kernel do *not* know how to interpret a unknown/upcoming
> extension header or protocol. Say Next Header is 666 how to interpret this? As
> a 6564 uniform extension header? As a legacy extension header? As a protocol?
> Right, the kernel has no information about the type and the required
> treatment. What the kernel normally do is a treatment as a protocol and
> looking for the registered proto handler.  If 666 is not a registered
> transport protocol the kernel will drop the packet, generate icmp, whatever.
> Simple defining a shiny uniform extension header is only half of the coin.

OK, so the other change is the allocation of a protocol value.  The document says this in the start of Section 5, but there isn’t an allocation request is the IANA considerations section.  I think that is why I missed it.

I still don’t see how this changes the core problem of knowing how to process new unknown extension headers.  Even with what is proposed in this draft, if an implementation sees a subtype value it don’t know about, it will still won’t know how to process it.  It may or may not decide to drop it.  If it’s trying to do some sort of security validation, I suspect it will default to dropping.  I see this draft as just pushing the problem down a level to the subtype, from the next header.  The core problem remains.

I wish there was some solution to introducing new headers (extension and transport) to the Internet.  It’s an unfortunate problem not limited to IPv6 extension headers, but I don’t think the approach in this draft will make any material difference.  New headers and IANA registries IMHO won’t change anything.

> 
> The only way to solve this issue is to provide the kernel a *guaranteed
> promise* that a extension header is formated in the uniform extension format.
> This can only be done by providing a unique next-header value. The kernel now
> must *not* know the particular new encapsulated extension header and their
> meaning.  The most important characteristic is that the kernel is now in the
> ability to ignore unknown extension header and jump over their because the
> kernel know that the Universal Extension Header implement a TLV like encoding
> (hdr_ext_len).
> 
> It is all about *knowing* in advanced if a particular header is encoded as a
> Universal Extension Header or not.
> 
> Pseudo Code (only some known ext header supported to point to the problem):

Nice pseudo code :-)

Bob

> 
> func process_header() {
> 	while (more_ext_header) {
> 		switch (next_header) {
> 			case EXT_HOP_HOP:
> 					hdr_size = process_ext_hop_hop();
> 					break;
> 			case EXT_ROUTING:
> 					hdr_size = process_ext_routing();
> 					break;
> 			case EXT_FRAGMENT:
> 					hdr_size = process_ext_fragment();
> 					break;
> 			case EXT_UNIVERSAL_HEADER():
> 					hdr_size = process_ext_universal();
> 					break;
> 			default:
> 					// hdr processing ends here
> 					return treat_as_transport_protocol();
> 		}
> 
> 		packet_ptr += size_of_known_ext_hdr;
> 	}
> }
> 
> func process_ext_universal() {
> 		switch (subtype) {
> 				case EXT_NEW_BACK_TO_FUTURE:
> 						process_ext_back_to_future();
> 					  break;
> 				default:
> 						// unknown extension header
> 						// do nothing, simple ignore it
> 						// great!
> 					  break;
> 		}
> 
> 		// We know the extact len of the
> 		// ext hdr, for known AND unknown (upcoming)
> 		// universal extension header, because they are
> 		// always encoded in hdr_ext_len - really great!
> 		return hdr->hdr_ext_len;
> }
> 
> func process_ext_hop_hop() {
> 		// do hop-by-hop processing here
> 		//
> 		// We return the exact length of this header, we must
> 		// known the length and format in advance.
> 		return EXT_HEADER_KNOWN_LENGTH
> }
> 
> 
> I hope the text/pseudo-code was understandable! ;)
> 
> 
> Cheers and a nice weekend,
> 
> Hagen

v2.23.0 | Report a Bug | By Email