Re: Conflicting requirements for sending ICMPv6 and EH scan?
Mark Smith <markzzzsmith@gmail.com> Wed, 29 May 2019 01:59 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71387120019 for <ipv6@ietfa.amsl.com>; Tue, 28 May 2019 18:59:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.499
X-Spam-Level:
X-Spam-Status: No, score=-0.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id klwkbSgNHEA4 for <ipv6@ietfa.amsl.com>; Tue, 28 May 2019 18:59:16 -0700 (PDT)
Received: from mail-oi1-x230.google.com (mail-oi1-x230.google.com [IPv6:2607:f8b0:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5E491200EC for <ipv6@ietf.org>; Tue, 28 May 2019 18:59:15 -0700 (PDT)
Received: by mail-oi1-x230.google.com with SMTP id z65so711224oia.11 for <ipv6@ietf.org>; Tue, 28 May 2019 18:59:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6HFW6tJgXk/BVmKEniF2FNq2HQnGSZm7S3yktfd46kk=; b=GF3ngsRc6VbBcMR4acuSYJJeARg9PV0jgk/DMU9ghy5blC+ToLD7RsEv4fLWGJLkmQ EOyx5HLwIQ7oVGoVYYbCvrqRPGf16UULzcGO0lmec/3YphF3kbPG/zMWGbxEfYSNhlF4 GS/EiA5ZgYwJ7l04HenCXE4llk3nOpVlc1zJcNaGJFCd7Tpta7BfFcWeyXKrLFN2jZBn W4QDGfjRSPo4pFnAvlPRIPMMGV7PCAktyk3MlsMpZ271JcWR2sRoAgj8cTlRB2/2/BGl nKLIajsgDJclnkmv5EVB5+FwM+9hVQR7BsiXT17pf6Bw7gy3tuWokRZZI9zPxNqstHKK nmFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6HFW6tJgXk/BVmKEniF2FNq2HQnGSZm7S3yktfd46kk=; b=BpdLhDmDdeU42dYTrfxZlSIWLPuu+gGI/fpM1aIlY6FVA4rz/rQ20GPLHbwEjgH0Gy FqFOPBVE0uo+C9e94FGINdLbn0l/oVPZ9xGAd3r0UNG+wQCY9UD2L1xe0aoT+M3iXEpa DLUgzvo8K58LMnVZ/+xyeED01U7O7fB1TjGoltuAZFKdfbra42OAuASzPDwjgH/4rreR EpK3Dr79WcQpiJKr65col3Ene6r48ik0s72b1mYeiOiuyIEEPvzycZlxmPIaWtzjYQ8b nfNqqE0Zsdz1cpynRvos/CtWNk016r8nUdH7dMzFCS+IGD+bykgu0VQh0PsUYMAD3F8O TYtA==
X-Gm-Message-State: APjAAAXWYU0OT/nl7luotUbY1JGFz85+fREM9xb4vfDef8yJ0kodupwr VpUoW4PYZoZ+ERneYvXDEJEnHWubWxDjYC5ztVU=
X-Google-Smtp-Source: APXvYqxG8lx4H8AynB53lRNDgEIcLKFiAfrhYxlF6QaN8IYp8xfSUn0e40WXcJeQrzfCP7jrDIbR77goVPeeKDY8z/o=
X-Received: by 2002:aca:c187:: with SMTP id r129mr4483845oif.164.1559095155138; Tue, 28 May 2019 18:59:15 -0700 (PDT)
MIME-Version: 1.0
References: <CALx6S37wNpe=XweKh=Y6ARZ1nfjvySmK=km6+_UTDVFPujp7bA@mail.gmail.com> <C5EF34CD-8408-490F-A460-6D392495D218@employees.org> <CALx6S35M_iZpm3jhAf4s4QSWHd-kdM4+4ZW-NeVqZtNiTpK0JQ@mail.gmail.com> <50C4484A-790A-4960-966D-E947B625AF3E@employees.org> <CALx6S369+y9-MoAzjfL17p-xcFSW5c62ykgBzaJEy5UpdBz0Bg@mail.gmail.com> <A2B2BB45-D66D-4407-86F1-13331A78E8A6@employees.org> <CALx6S34-11bSJMUQ6pK8cZ5zEa+fUkQWNRZbCR7sVasQMzjong@mail.gmail.com> <C1F78071-CB87-4D57-967E-A1612392FADD@employees.org> <f5b7349b-f1c5-237f-2f7f-9403e0b80496@joelhalpern.com> <07E04DAC-A0F9-4D40-982C-B36FDAE59D0B@employees.org> <7c7b1175-50d1-eb07-cc9e-630d38af8ac1@si6networks.com>
In-Reply-To: <7c7b1175-50d1-eb07-cc9e-630d38af8ac1@si6networks.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Wed, 29 May 2019 11:58:48 +1000
Message-ID: <CAO42Z2zz7fONh_VMmn=us7JtfL0_nePA=EtQfnh_YpBkZARKVA@mail.gmail.com>
Subject: Re: Conflicting requirements for sending ICMPv6 and EH scan?
To: Fernando Gont <fgont@si6networks.com>
Cc: Ole Troan <otroan@employees.org>, "Joel M. Halpern" <jmh@joelhalpern.com>, 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/z0OO0GxFTvtU2vkXXE6mesEA4Gg>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2019 01:59:18 -0000
On Wed, 29 May 2019 at 10:35, Fernando Gont <fgont@si6networks.com> wrote: > > On 28/5/19 16:26, Ole Troan wrote: > > Joel, > > > >> (Trimmed.) > >> If you don't check for ICMP in the received message, couldn't one easily get two misbehaving boxes (each trying to use an option the other doesn't understand) bouncing ICMPs back and forth? Preventing that is the reason for the rule. > > > > Right. > > If host A includes in it's ICMP error messages an unknown to host B EH _ and_ host B includes an unknown to host A EH in it's ICMP error messages, you would get a loop. > > That I don't think we can fix, apart from stating though shalt not do that. > > We can: draft-gont-6man-rfc6564bis. ;-) > > The biggest problem is that with the current situation we have > essentially killed new transport protocols or extension headers. On the public Internet perhaps. Inside individual networks less so, and if the devices their operators have deployed block them, the operator is or should be in a position to fix that (or demand their device vendor give them a knob to fix it). > > Thanks, > -- > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
- Conflicting requirements for sending ICMPv6 and E… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Mikael Abrahamsson
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Fernando Gont
- Re: Conflicting requirements for sending ICMPv6 a… Ole Troan
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Ole Troan
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Ole Troan
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Ole Troan
- Re: Conflicting requirements for sending ICMPv6 a… Joel M. Halpern
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Ole Troan
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Fernando Gont
- Re: Conflicting requirements for sending ICMPv6 a… Mark Smith
- Re: Conflicting requirements for sending ICMPv6 a… Ole Troan
- Re: Conflicting requirements for sending ICMPv6 a… Fernando Gont
- RE: Conflicting requirements for sending ICMPv6 a… Ron Bonica
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- RE: Conflicting requirements for sending ICMPv6 a… Ron Bonica
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Fernando Gont
- Re: Conflicting requirements for sending ICMPv6 a… Tom Herbert
- Re: Conflicting requirements for sending ICMPv6 a… Mark Smith