IETF Logo Mail Archive

RE: Proposal for changing how IPv6 Hop-by-Hop Options are processed

Ron Bonica <rbonica@juniper.net> Mon, 07 December 2020 18:43 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B3D03A0114 for <ipv6@ietfa.amsl.com>; Mon, 7 Dec 2020 10:43:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=nJId415v; dkim=pass (1024-bit key) header.d=juniper.net header.b=W/wcGFwT
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2hAJKIDygEOb for <ipv6@ietfa.amsl.com>; Mon, 7 Dec 2020 10:43:49 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E2FA3A00F7 for <ipv6@ietf.org>; Mon, 7 Dec 2020 10:43:49 -0800 (PST)
Received: from pps.filterd (m0108158.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 0B7ISkuM018596; Mon, 7 Dec 2020 10:43:37 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=JfoSSphzk20vd0QOf9TRBU9WuyJgnu2wE+1JacsFlFU=; b=nJId415vaWWM2mdWi2BgteIUKpna3ihYqi8NHZ+Zde019jf/KCFiKJPmGeNhQ2d1DA4E HhTNjdQKLtA+EBjqbDGNflaIvtRh+bJH2Q0Vrnkz8xRa2MKJbe7Z7ALC7HJiXgVSEp5i 1DK1D/9NwBvNydWMBoNRDghci7s0VdVgjWoHfyEXNwA2v1SZBxgvDli1tGDOEv2DJIwr 5N3wtJA6j/NbNvKAsjpbLvf5FHm5zS9u/SZ8LP3lTJQATBVy08rysLvdKTgfFRFAnczT Kj/hHJcP1XusAMg19GqLRf/sqKrYG5EUISvaATaGg4PnWXZeNeyKWjBhU6BD/xnnsIWM Eg==
Received: from nam11-dm6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2177.outbound.protection.outlook.com [104.47.57.177]) by mx0a-00273201.pphosted.com with ESMTP id 3586sujypj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 07 Dec 2020 10:43:37 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=imH5r1zOifnbC+LA0jnSLMGoYeUqvL5QIW1z56V7A66Ql/r3DdWV4n6oHIjmLJkpyUKj5BTVnF1i+8lfkBho/YK0XioyDPSyd5iOKIuIbz2rPAKqrZB1bFlLU36v8KaTOHGxwxmyyCnb37nOjc32v/VTW7Rcpt2zWY4p/uKpkpvD0o1yObT08yP4IZIMOVc2W4RvizIswBTN1tnaCYfPTlVD91+U/nEuisdrki7Edkj0Sqi1IqpzfBpKOfuFCQqRB0zG+rzasMRQnKv9ZGXUOtkJcSm5zGggANQtbT5ttzZB5JVJx5GPxf9Vn+UD9KoQsbj45m1lDC9E+76MUxperw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JfoSSphzk20vd0QOf9TRBU9WuyJgnu2wE+1JacsFlFU=; b=NDTfRHJs8K+RiW5bKWTrZZm+BGgFmZnnEeDlhCSASV3OQ3DX6m8+l1z2A5xgAdQU06HNQzJUmeDPgZ3pHHEMtHBVT4KTf2W2JDqTqMFx6Dn330L4ACmYTbGACBn6MfnJ270QtOu7GmWbMgYnhyu6XdE/bLpPNy3n0EhAzxHEcLiycC8+wkzeaPPpRV2ymZKAqm2rJ2aJ4paVTfyp3dai/x87yOhphqEF9X0bthpgzwv6J9fv65VO33SLhqgq9t+J+FR44UrxzLogbuDAkLq48yKWPcJltWDjffwQ2J9s5BncRyEUuAnCpVAzhgZydhmtiN+DFlMAEsvORttavspYew==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JfoSSphzk20vd0QOf9TRBU9WuyJgnu2wE+1JacsFlFU=; b=W/wcGFwTZQsbrtLPCzGYoGda7HvCbiVUobXj8jH9q53WpMRYeXcTaH9zO9DsfwyyTdYi/q8qtIqdGCw0X+/mBaYK9YMZ1OJTuffG5ApDsNTy+n0hDPnOzLWnCrLvYsW4daBgB6s/x4NhNgWkbUWK815FHWnAbzXuMw5WLPSgXG4=
Received: from DM6PR05MB6348.namprd05.prod.outlook.com (2603:10b6:5:122::15) by DM6PR05MB6345.namprd05.prod.outlook.com (2603:10b6:5:131::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.8; Mon, 7 Dec 2020 18:43:35 +0000
Received: from DM6PR05MB6348.namprd05.prod.outlook.com ([fe80::a435:88ed:7e2a:4fe6]) by DM6PR05MB6348.namprd05.prod.outlook.com ([fe80::a435:88ed:7e2a:4fe6%5]) with mapi id 15.20.3654.012; Mon, 7 Dec 2020 18:43:35 +0000
From: Ron Bonica <rbonica@juniper.net>
To: tom petch <ietfc@btconnect.com>, Tom Herbert <tom@herbertland.com>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>
CC: Haoyu Song <haoyu.song@futurewei.com>, Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
Subject: RE: Proposal for changing how IPv6 Hop-by-Hop Options are processed
Thread-Topic: Proposal for changing how IPv6 Hop-by-Hop Options are processed
Thread-Index: AQHWycpNKtwY5Rzb+U6ZqVgjoB88g6nmKayAgAAMb4CAAHd7gIAAamsAgAAH0FCAAAtSgIAABwNwgARn+gCAAGKVcA==
Date: Mon, 07 Dec 2020 18:43:35 +0000
Message-ID: <DM6PR05MB63488DD511A4ACACBE9249CAAECE0@DM6PR05MB6348.namprd05.prod.outlook.com>
References: <160703668657.9405.8891046478566468162@ietfa.amsl.com> <C573A554-9221-49C2-94AB-E552F1BA69E4@gmail.com> <8360e9919d46478cb471ccbafe923c7a@huawei.com> <DM6PR13MB27623A5EEB29F8294C3291C89AF10@DM6PR13MB2762.namprd13.prod.outlook.com> <a6c1a352-5f31-3c4b-9b75-50a64f82c925@erg.abdn.ac.uk> <CALx6S37zOXx5T=3wACpiif91dGnpykUEcpX9DhQ9cH2zD_jGFQ@mail.gmail.com>, <DM6PR05MB6348F883A7D6076685001E90AEF10@DM6PR05MB6348.namprd05.prod.outlook.com> <AM7PR07MB624870E297D4972A26C5D3B6A0F10@AM7PR07MB6248.eurprd07.prod.outlook.com>, <DM6PR05MB634817ACBB9EC3E4DBA58BC6AEF10@DM6PR05MB6348.namprd05.prod.outlook.com> <AM7PR07MB624848F03F74991622202FB9A0CE0@AM7PR07MB6248.eurprd07.prod.outlook.com>
In-Reply-To: <AM7PR07MB624848F03F74991622202FB9A0CE0@AM7PR07MB6248.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.5.0.60
dlp-reaction: no-action
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2020-12-07T18:43:33Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=0633b888-ae0d-4341-a75f-06e04137d755; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=9db234a0-a90e-41b7-972a-c8ad6b60013d; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=2
authentication-results: btconnect.com; dkim=none (message not signed) header.d=none;btconnect.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [173.79.115.7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 9c687155-c9ef-443d-95b7-08d89ae00114
x-ms-traffictypediagnostic: DM6PR05MB6345:
x-microsoft-antispam-prvs: <DM6PR05MB6345E89B8DB94A473458CE29AECE0@DM6PR05MB6345.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: S31FZ3BXi6PTyc35UMAtT8TXPm2PGqnTZ4wfZEHHyEZpRMYCPEv2Xpp4hl1AxKuWz609qY9Pp5YHk1Ty7wt4RjimbWOseQuJ60xwiYsSQnpVkEFHxxN/g2ykpfL72gomrNWvirW1HaXib+lQL7ukS24u7dHwsgRGO7z9MmY28ZhS6MLV27NO3Xo4CFG+xDug+Dg8irJ+BHMtY6hpgeNhMDVPc2pTINdY+Iz7kf/eX88B+B5DGxPtrfBCuPYIfzWuKuKpdZ+3iXbiMB7TBWDcTAGFSEb5lbAfRY4DbRfQZYUeqDNqJqdd+vOHIjdvHdK2JTIH1PEwvp/YcQiq0L102Hk037jTKMTNEdvrP43H7O9Cn3AmMsE+1M+ZF4N/R/hDg+Get507pinI/zBMzlizZw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR05MB6348.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(376002)(366004)(39860400002)(396003)(86362001)(64756008)(52536014)(66446008)(76116006)(26005)(55016002)(6506007)(66476007)(8936002)(66556008)(478600001)(8676002)(186003)(9686003)(7696005)(316002)(54906003)(5660300002)(71200400001)(4326008)(966005)(53546011)(33656002)(110136005)(83380400001)(296002)(66946007)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: qhx8jKTMAEn80WpdyuWhXbkkIdr9VWvMd5SbXwomwqsOqh2XzxeVOU8uBDZbuzSCadHDpbuoOUaCJALeFMAksS4oya5L/NQ9DeBaMW1I446SITavvAciS1CXzElFPy2WP2u5ncaLRJbu4r/8LbV+on8jxfE4PDfZ0BMQBRLfQv52iG0nqa8iYbD2CZrzai9xjUYWIMTj/q06n9bn4mKV1Rj3Mk6yp06OgE2DHs/YokBcQUAYoM8q+2wboE6HovWPK5lhhSeg61R87x75OBWo4TvxYFNnGl93ni9lQTKDdb53lzE1zZ7ikWgYpTUY4g+5HjA7YW+uS59mtm12yC+RpAVn7HxDV45/3r/OJfb9IrJAFbZl1Ewoj/hYHC8hxqy/R904IArw2yvY4bpyhwqgAp+UGzmL6atZlWFbgzijR4mnd3XEVk2y13bTqBobrWFndkEo+SClxXRQSg1Un8L356YDvOV78+/v366HB5N0I0/BW0nDq1q04AZ57IDX4la5t+qdrAuCqbbNkEp2Da+AG6ObNHb72hcAJBJBhagMhIsYLotcpD+MK6f3DWRiaYhYA48IFasR4rvh/1xnMqTi6xtEPsesa+E+PNEkmxv84ay5N+OLvsmnmt3h4w9kcAydfoF1OHbsQaTLjHItEFEg9POaKGYOB56CKeBsr47Q7rYrTt8yJuUkVGhCE5WdBdk5a26cIqvPIS2rURUEz0GisvVBTLCWPAvRB3X4n1saL5VbFhzFlonVpQHMmGJ3D77b/vvlq7gyawo0UzkJ170vupOstcZIf6Y1YJMgBz5uw54PxqkrljSPPWNM+bc4BxP8lGdNbW98E3gp/5Av3InOu95V+eIJmIkpbO1r31h2pXpoJcHxiXrXMxvlXXqAqmtMvsSM0VXeT4fFTCiq6CD71NOBFLMUDA4jNc+OYjFp7xoyyvIVSS7UOaA4G20boqsJ+9dhfAl2/wdbMFS3is91SpkQ+kzrZv6gv21vhzxftv4=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR05MB6348.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9c687155-c9ef-443d-95b7-08d89ae00114
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Dec 2020 18:43:35.3353 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 59M8S6UKc6xDf/0OjOM/0M6T9pe3rVqKA1e8+qGgeduXrgUkESZ9IWCdw2xUmmkLnHLw5AHLGAszMh08Lm/DPQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB6345
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.343, 18.0.737 definitions=2020-12-07_16:2020-12-04, 2020-12-07 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxlogscore=999 clxscore=1015 malwarescore=0 priorityscore=1501 adultscore=0 impostorscore=0 suspectscore=0 phishscore=0 lowpriorityscore=0 mlxscore=0 spamscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012070119
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/rPayGLhsIzKKqlDtzb9QOjN3_yo>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2020 18:43:51 -0000

Tom,

Signaling MSD is different from signaling the maximum number of options in an HBH header.

SR paths are confined to SR domains that have SR signaling capabilities. By contrast, IPv6 delivery paths can span many domains whose signaling capabilities are unpredictable.

                                       Ron



Juniper Business Use Only

-----Original Message-----
From: tom petch <ietfc@btconnect.com> 
Sent: Monday, December 7, 2020 7:46 AM
To: Ron Bonica <rbonica@juniper.net>; Tom Herbert <tom@herbertland.com>; Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Cc: Haoyu Song <haoyu.song@futurewei.com>; Bob Hinden <bob.hinden@gmail.com>; IPv6 List <ipv6@ietf.org>
Subject: Re: Proposal for changing how IPv6 Hop-by-Hop Options are processed

[External Email. Be cautious of content]


From: Ron Bonica <rbonica@juniper.net>
Sent: 04 December 2020 17:30

Tom,

When you say MSD, do you mean the SPRING Maximum SID Depth? Or are you referring to Bob's MTU Option?

<tp>
Ron,

Apologies for the ambiguity.  I meant the SR usage as signalled by OSPF, BGP-LS and such like.  I should have remembered how many different meanings that the RFC-Editor finds for this abbreviation!

Tom Petch
                                                                            Ron


Juniper Business Use Only

-----Original Message-----
From: tom petch <ietfc@btconnect.com>
Sent: Friday, December 4, 2020 12:03 PM
To: Ron Bonica <rbonica@juniper.net>; Tom Herbert <tom@herbertland.com>; Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Cc: Haoyu Song <haoyu.song@futurewei.com>; Bob Hinden <bob.hinden@gmail.com>; IPv6 List <ipv6@ietf.org>
Subject: Re: Proposal for changing how IPv6 Hop-by-Hop Options are processed

[External Email. Be cautious of content]


From: ipv6 <ipv6-bounces@ietf.org> on behalf of Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>
Sent: 04 December 2020 16:52

Folks,

The following are a few things we can all agree on:

- The maximum length of an HBH Options header is 2,048  bytes.
- A source node can encode hundreds of options in 2,048 bytes.
- Given today's technology, it would be impractical to design an ASIC that can process hundreds of options.
- When an ASIC encounters a packet with more options than it can process, the best thing it can do is to drop the packet

Having established that hundreds of options are too many, we are left with the following questions:

- Should each node determine the maximum number of options that it can process, or should there be a global maximum?
- If there should be a global maximum, what should that maximum value be?

If we leave each node to determine the maximum number of options that it can process, source nodes will need to discover the maximum number of options that can be used on each path. This should remind us of PMTU Discovery. We have all seen that movie. It has  a very sad ending.

<tp>
On the other hand, I have been surprised at the enthusiasm for signalling MSD.  I do not know what the deployment is like but my sense is that it will become widespread so a different approach to PMTU Discovery might have succeeded, as might  a different approach here, one which does not open up scope for DoS attacks.

Tom Petch

If we can agree that each node should support at least a global maximum number of HBH options, we are faced with the following dilemma:

- If we pick a constant that is too small, we may not be able to support future use-cases
- If we pick a constant that is too large, low-cost processors may not be able to support it

I think that even low-cost processors can handle 2 or 3 options without blowing their processing budgets. Maybe we should consider a global maximum value somewhere between 1 and 4?

                                                                                               Ron



Juniper Business Use Only

-----Original Message-----
From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of Tom Herbert
Sent: Friday, December 4, 2020 10:55 AM
To: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Cc: Haoyu Song <haoyu.song@futurewei.com>; IPv6 List <ipv6@ietf.org>; Bob Hinden <bob.hinden@gmail.com>
Subject: Re: Proposal for changing how IPv6 Hop-by-Hop Options are processed

[External Email. Be cautious of content]


On Fri, Dec 4, 2020 at 2:34 AM Gorry Fairhurst <gorry@erg.abdn.ac.uk> wrote:
>
> I see lots of thoughts - all of which might help see us through 
> towards some conclusions.
>
> Just on (1). Whether one HBH option si enough, might depend on the 
> use-case.
>
Gorry,

-----------------------------------------------------------

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/ipv6__;!!NEt6yMaO-gk!Rd8Iqrir3dTnmgearoikghlTU2xxSWui2yCSEkmM856ZZ_DVSF8dkDKtbXMZIKL6$
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email