[IPv6]Re: Warren Kumari's Discuss on draft-ietf-6man-hbh-processing-18: (with DISCUSS and COMMENT)

Warren Kumari <warren@kumari.net> Thu, 30 May 2024 16:22 UTC

Return-Path: <warren@kumari.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56248C15109E for <ipv6@ietfa.amsl.com>; Thu, 30 May 2024 09:22:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UCKLlEmILTey for <ipv6@ietfa.amsl.com>; Thu, 30 May 2024 09:22:50 -0700 (PDT)
Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80685C1E0D63 for <ipv6@ietf.org>; Thu, 30 May 2024 09:22:50 -0700 (PDT)
Received: by mail-lf1-x132.google.com with SMTP id 2adb3069b0e04-52b7b829bc7so1306804e87.2 for <ipv6@ietf.org>; Thu, 30 May 2024 09:22:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari.net; s=google; t=1717086168; x=1717690968; darn=ietf.org; h=cc:to:subject:message-id:date:in-reply-to:from:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=0WQ3bWj61ldf3FXuFUToDSvh6YozYjlExdY6I6qo10Q=; b=YrVjpFBNDjnOCWLculAgjaK7hxBF4vTxhuiAv+0huteOAEovgwCI7qfnq8TIJ0V996 bb5dedYx/RgazF0HFxnCPzW+SWq8VDZoEboL/wsIPnrsoFXAme391A7JscDil72Xf8xi xRzwRZWayA077HMSq+wBhwUG7QxaSntci13v7IymSK3lh7cqPEUXWeyOwQau3CflM6xy WfQ28OxzqHO16ScV3HDtXaWAZXMB4pRqWx98zfqR1H9fFYK/l4tMAAUuYrX1CAvxLm9j u8Lol+CtBZuz08bIBlY8EJrLCGkBBq2O1RjQjTohEcLClR7Jfu7HN7xN8ijjHp4juDF7 YfCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717086168; x=1717690968; h=cc:to:subject:message-id:date:in-reply-to:from:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0WQ3bWj61ldf3FXuFUToDSvh6YozYjlExdY6I6qo10Q=; b=Zcw8944qjpXpZu0I0taFiJ8K35GkeBs0xGp0ncgAWz0WEquKZEGr2qCychlJtAijPb iy06bjRCBuapi+4ioR0VaS2eiath67VZWOcSyfcb9c6kapck5pZ2HFJ+fd6J4D04//Zb DqrH5AqNbzOYNXyw3T9oM9isujQO09CEaTpWv1tVoQyz3x5jXadhwPswQnozVtPj7szF bAN2YGruo6Qmm2SXzM5a7qH1/HbBOoM/F7HTpxkbwVblqIW/usWp4lTc+xNzYBEZbNV3 HhXUD4591Ry58XGXKUo7T8LfWaBq7uYH9fJSpMS173MXcZMllwchdp8Tr4MMTC5QT6tL ROXQ==
X-Forwarded-Encrypted: i=1; AJvYcCU/WcHxEe8BECgfQtO7a5RA+hD7SdFtrR5V+CtotFA+3Bplp141DMCR7rCKCybrZORwRkN6DnBnM9lbUqsA
X-Gm-Message-State: AOJu0YwD935WCpizhRmEoWzCMpXiSz/livbwvbYhGNNhCw3jcZ8bHnMA qBtbPgEnQ2/G5XR+FtgcXUyjtJASWF7gsR1kEUovezS6SEdDp3Whzz1uulDREjfR1lBsUEny/C1 8OJbuRaWkikTxEKcdABTHbfk0SsTQH+TUCw4Lmw==
X-Google-Smtp-Source: AGHT+IGJvgiVJDk+cR+nAP99id4PooQLMzd7S3oLT4HZKf04VRDRw9feONboYjQuLxy6yCHCtB3FQvpZaJxgPBl+UZo=
X-Received: by 2002:ac2:498e:0:b0:52b:61e7:29c5 with SMTP id 2adb3069b0e04-52b7d48afd8mr1874983e87.66.1717086167959; Thu, 30 May 2024 09:22:47 -0700 (PDT)
Received: from 649336022844 named unknown by gmailapi.google.com with HTTPREST; Thu, 30 May 2024 11:22:47 -0500
Mime-Version: 1.0
References: <171701998302.4837.5999563238399491967@ietfa.amsl.com> <72C0C27E-CF00-48DA-BF21-6536D36FB32B@gmail.com>
From: Warren Kumari <warren@kumari.net>
In-Reply-To: <72C0C27E-CF00-48DA-BF21-6536D36FB32B@gmail.com>
X-Superhuman-ID: lwtgra7m.cc85533a-18c1-4b14-8f1a-e92b3c968462
X-Superhuman-Draft-ID: draft002b38ce44eceeec
X-Mailer: Superhuman Desktop (2024-05-29T21:09:55Z)
Date: Thu, 30 May 2024 11:22:47 -0500
Message-ID: <CAHw9_iJHzDecrRFDse3j=NzSPLbxh-7ga2QRa2mtVPAa7KBHzg@mail.gmail.com>
To: Bob Hinden <bob.hinden@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000001734d40619ae4757"
Message-ID-Hash: 6WQV5ZTGJMK6I5F5NDMB6RNTJ4DUJNUR
X-Message-ID-Hash: 6WQV5ZTGJMK6I5F5NDMB6RNTJ4DUJNUR
X-MailFrom: warren@kumari.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ipv6.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: 6man Chairs <6man-chairs@ietf.org>, IESG <iesg@ietf.org>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, IPv6 List <ipv6@ietf.org>, draft-ietf-6man-hbh-processing@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [IPv6]Re: Warren Kumari's Discuss on draft-ietf-6man-hbh-processing-18: (with DISCUSS and COMMENT)
List-Id: "IPv6 Maintenance Working Group (6man)" <ipv6.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/wDjc_luona4ZSVgexa2MjB_RAuU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Owner: <mailto:ipv6-owner@ietf.org>
List-Post: <mailto:ipv6@ietf.org>
List-Subscribe: <mailto:ipv6-join@ietf.org>
List-Unsubscribe: <mailto:ipv6-leave@ietf.org>

On Wed, May 29, 2024 at 8:17 PM, Bob Hinden <bob.hinden@gmail.com> wrote:

> Warren,
>
> Comments below.
>
> Bob & Gorry
>
> On May 29, 2024, at 2:59 PM, Warren Kumari via Datatracker <noreply@ietf.
> org> wrote:
>
> Warren Kumari has entered the following ballot position for
> draft-ietf-6man-hbh-processing-18: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
> Please refer to https://www.ietf.org/about/groups/iesg/statements/
> handling-ballot-positions/ for more information about how to handle
> DISCUSS and COMMENT positions.
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-6man-hbh-processing/
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> Apologies for the late-breaking DISCUSS.
>
> :-(
>
> I am unclear on the following text:
> "If a router does not process the Hop-by-Hop Options header, it MUST
> forward the packet normally based on the remaining Extension Header(s)
> after the Hop-by-Hop Option header (i.e., a router MUST NOT drop a packet
> solely because it contains an Extension Header carrying Hop-by-Hop
> options).".
>
> As noted in the document, many networks do not currently follow this
> behavior, and it appears that in some cases this is because the network has
> chosen to filter packets with Hop-by-Hop options. It is unclear to me if
> this is intended to prohibit this behavior. Operators may need to perform
> this filtering -- for example, their "border" router may need to filter
> packets containing HbH options to protect interior devices which have not
> yet been upgraded (or similar). I'm **assuming** that you are not trying to
> prohibit vendors providing the ability to filter HbH packets, but this is
> not clear.
>
> The draft is attempting to reduce this behavior (dropping packets because
> they contain the HBH options), and to make it the default to forward
> packets with HBH option headers instead of dropping the packet.
>
> Note that RFC8200 doesn’t mention dropping packets, just not processing
> the options based on local configuration:
>
> NOTE: While [RFC2460] required that all nodes must examine and process the
> Hop-by-Hop Options header, it is now expected that nodes along a packet's
> delivery path only examine and process the Hop-by-Hop Options header if
> explicitly configured to do so.
>
> We do understand, that nodes will continue to do this and that an IETF
> specification can’t change that. What do you suggest?
>
> We could say something to the effect that some nodes will drop packets
> containing HBH options to protect other routers who can’t process them
> safely. Or something similar.
>

Yup, that would work. Mostly I don't want people to think that the "a
router MUST NOT drop a packet solely because it contains an Extension
Header carrying Hop-by-Hop options" prohibits a router implementation is
not allowed to have a filter which matches on HbH.
For example, this should still be allowed…:
filter protect-old-legacy-routers {
    term vendor_foo_falls_over_on_hbh {
        from {
            extension-header hop-by-hop;
        }
        then discard;
    }
}


> I don't really understand the interplay between Section 5.1.1
> (Configuration Enabling Hop-by-Hop Header Processing) and Section 5.2
> (Hop-by-Hop Options Processing). S 5.1.1 notes that "Section 4 of [RFC8200]
> allows a router to control its processing of IPv6 Hop-by-Hop options by
> local configuration." and that "it is now expected that nodes along the
> path only examine and process the Hop-by-Hop Options header if explicitly
> configured to do so.", but Section 5.2 says: "A router SHOULD NOT therefore
> be configured to process the first Hop-by-Hop option if this adversely
> impacts the aggregate forwarding rate." The
> "[a] router SHOULD NOT ..." text sounds like it is trying to change the
> default from "nodes along the path only examine and process the Hop-by-Hop
> Options header if explicitly configured to do so" into "they normally
> should, unless this adversely impacts the aggregate forwarding rate.". If
> that is the intent, this should be clearer.
>
> Yes, we can make that clearer, I can see how it is confusing.
>


Ok, thanks.


> Looking at the text, the second paragraph in 5.2 should probably be moved
> the earlier section 5.1.1 about configuration. That paragraph is saying
> don’t create configuration to process an option if it can’t be done at full
> forwarding rate. Or maybe it is obvious and should be removed.
>
> Actually, I find really difficult to figure out what *exactly* has changed
> from RFC8200. Section 5 says "This section describes several changes to
> [RFC8200].", but the actual changes are not particularly clear (modulo the
> "Option Type identifiers" changes, which are nice and clear).
>
> RFC8200 doesn’t say a lot about processing HBH options except for:
>
> The Hop-by-Hop Options header is not inserted or deleted, but may be
> examined or processed by any node along a packet's delivery path, until the
> packet reaches the node (or each of the set of nodes, in the case of
> multicast) identified in the Destination Address field of the IPv6 header.
> The Hop-by-Hop Options header, when present, must immediately follow the
> IPv6 header. Its presence is indicated by the value zero in the Next Header
> field of the IPv6 header.
>
> NOTE: While [RFC2460] required that all nodes must examine and process the
> Hop-by-Hop Options header, it is now expected that nodes along a packet's
> delivery path only examine and process the Hop-by-Hop Options header if
> explicitly configured to do so.
>
> This draft is expanding on these two paragraph on how HBH options should
> be processed (basically Section 5). We could add some text that says that
> clearly.
>

Thank you!


> BTW, Section 6 is clear that it is updating Section 4.8 of [RFC8200].
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> Many of comments you raised below were also raised in other IESG reviews,
> especially John Scudders. The authors are working on an update that
> resolves them.
>


Awesome, thank you!


> I initially had this as part of the DISCUSS, but moved it to a comment
> instead. I find this bit of text ambiguous (or at least unclear): "A router
> SHOULD NOT therefore be configured to process the first Hop-by-Hop option
> if this adversely impacts the aggregate forwarding rate. A router SHOULD
> process additional Hop-by-Hop options, if configured to do so, providing
> that these also do not adversely impact the aggregate forwarding rate."
> This could be read as: 1: The router should be configured to skip the first
> HbH option, but should process the additional ones. 2: The router should
> process the first HBH option, but unless there is explicit configuration it
> should ignore the rest. The
> "SHOULD NOT" vs "SHOULD" and double-negatives makes this hard to read, and
> also makes it sounds like there are expected to be a number configuration
> knobs here
> (First vs Subsequent HbH options).
>
> A similar problem occurs here:
> "If a router is unable to process any Hop-by-Hop option (or is not
> configured to do so), it SHOULD behave in the way specified for an
> unrecognized Option Type when the action bits were set to "00" " I'm
> assuming you mean "If a router either unable (or configured) to not process
> any Hop-by-Hop option ..." ?
>
> and then again here:
> "If a router is unable to process further Hop-by-Hop options (or is not
> configured to do so), the router SHOULD skip the remaining options using
> the
> "Hdr Ext Len" field in the Hop-by-Hop Options header. " I think that the
> document would benefit greatly from some clarity here -- I'm assuming that
> the intent is only a single configuration knob, but it's really not clear...
>
> Is this duplication, or is there a meaningful difference in these two
> sentences
> (destination vs host): "It is expected that the Hop-by-Hop Options header
> will be processed by the destination. Hosts SHOULD process the Hop-by-Hop
> Options header in received packets."?
>
> I don't really understand some of the SHOULDs in Section 6 -- e.g: "New
> Hop-by-Hop options SHOULD be designed to ensure the router can process the
> options at the full forwarding rate." -- what router? I have a Cisco 2509
> sitting in a rack in my basement. It has very different processing
> characteristics to an M40 or modern Cisco or a Linux box, and they way that
> they process HbH packets differs wildly. I agree with the sentiment, but
> not how this is worded. I think that this should be clarified, or at least
> the SHOULD should become a should...
>
> The Uppercase SHOULD/MUST was changed to lower case based on Roman
> Danyliw's review. That is in -18 we just published.
>


Ta!


> Nits:
>
> Thanks, we will fix..
>


Ta!

Thank you, and apologies again for the lateness of the ballot.
W


> 1: "The reason behind this includes:" - reasons, include? 2: "or that
> forward packets" - forwards. 3: "The Router Alert Option [RFC2711] is an
> exception that can result in processing in the control plane, see Section
> 5.2.1." - perhaps "that can require processing by the control plane"? Or
> perhaps I don't understand what this is trying to say. 4: "When an ICMP
> Parameter Problem, Code 2, message is delivered to the source, the source
> can become aware that at least one node on the path has failed to recognize
> the option." - I don't have a suggestion, but
> "the source can become aware" make it sound like this is an information
> leakage issue, and not the actual intent of the ICMP Code. 5: "The Router
> Alert Option could have a potential for use with new functions that have to
> be processed in the control plane." - "The Router Alert Option could
> potentially be used by new functions that have to be processed in the
> control plane." ? 6: "An implementation that does recognize the Router
> Alert Option, SHOULD verify that a" - drop the comma. 7: The document sets
> an expectation that if a packet includes a single Hop-by-Hop option that
> packet will be forwarded across the network path." - there is a random
> closing quote. 8: "If a subset of packets in a flow were to include
> Hop-by-Hop options, this could introduce a potential to increase the
> number" - could potentially ?
>
>