IETF Logo Mail Archive

Re: [netmod] Suresh Krishnan's Discuss on draft-ietf-netmod-acl-model-19: (with DISCUSS)

Mahesh Jethanandani <mjethanandani@gmail.com> Thu, 27 September 2018 22:36 UTC

Return-Path: <mjethanandani@gmail.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27E2A130F81; Thu, 27 Sep 2018 15:36:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l8JRU_YNJSfV; Thu, 27 Sep 2018 15:36:34 -0700 (PDT)
Received: from mail-pg1-x534.google.com (mail-pg1-x534.google.com [IPv6:2607:f8b0:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0B52129C6A; Thu, 27 Sep 2018 15:36:34 -0700 (PDT)
Received: by mail-pg1-x534.google.com with SMTP id b129-v6so2931565pga.13; Thu, 27 Sep 2018 15:36:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=+JMV5Fb2G1VnPDSoqLOFwhhUqvdQvoeDYU0M1E3hiF4=; b=gQnmNbUvSDfMWlX6Rs7CY7t2pJxzRj9hM2ZzRP9E/wbUADD46yadu6ny0iU6vl6cha wGXJ19+O5pVYbzJAJ74BaCDKGIlcY5yXf5sCARLh2Yc6TZURypMk2ns4wrK7EwjBzXKF 1J+Fha7aCiiQf+eaq+zOEgFBkmtCxMv66A+fLZFuGFKPJNGjPNs1h4UyTs+/7fyVtZRY qmHuHhfq8t20cRF3FKXAwp9LoE6sh92pnxVxExpp/a84Q0ZDEHD+pbCHEhERz9Y99/4I fhHr5bzk5hDOLuLugfY5PcETPxI60sXPkN5yB6PmA36LkN3oWcxh4QMRCpxFyHtbrSrT I8YA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=+JMV5Fb2G1VnPDSoqLOFwhhUqvdQvoeDYU0M1E3hiF4=; b=DG/HM1388TPBcaDMsm/iSDs+37QPNj4eGwHhnTbD171enZBgU3zMiBBBXzsPjReQSE r/ET2W9lhvm5KKiji8cO9yf5YFnss0XYkEDeiQi++1tjPz581QujJFduyFBjiMNz+21j QcEu/thaZzW/l/Jj5DeEeR+fRmsS/8s/IgB3V11AxOxnBCJ/9W5NRlMWMVvp5fmZKzKE RDu/eElaloZrODbK4r7bKKESDNkQ/22lLEIPhigYhCrVuF5UIXNVP0rlSmA/qFs6Y5/X tDh/0TmYyAFVfgp+OZKmeTuAQfjywd0h32NnnMOIlFXJtpAwXBWoJ5X1dwDpgGFkE0GW wxsw==
X-Gm-Message-State: ABuFfojCgrtY6cxcmPX/Hb1uCXcqMuOewzCjcL7BAbSiD+BEcItr3FvT QPq3wztwGoJjNNZg9lTsMZk=
X-Google-Smtp-Source: ACcGV62Mhw7ikUlDeXSvVKSC/SLrrigFelicCTcmFh9Fm9nFyKe8n77CcbX0w3M/OkACL+U3UnvUBA==
X-Received: by 2002:a63:3285:: with SMTP id y127-v6mr12344079pgy.104.1538087794346; Thu, 27 Sep 2018 15:36:34 -0700 (PDT)
Received: from [10.52.174.170] ([66.170.99.1]) by smtp.gmail.com with ESMTPSA id g88-v6sm9546521pfd.181.2018.09.27.15.36.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 27 Sep 2018 15:36:33 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Mahesh Jethanandani <mjethanandani@gmail.com>
In-Reply-To: <153802301104.21537.2286706947979489902.idtracker@ietfa.amsl.com>
Date: Thu, 27 Sep 2018 15:36:32 -0700
Cc: The IESG <iesg@ietf.org>, draft-ietf-netmod-acl-model@ietf.org, Kent Watsen <kwatsen@juniper.net>, netmod-chairs@ietf.org, netmod@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <85076E6C-5A97-4864-B7AE-1AEDEFF290C8@gmail.com>
References: <153802301104.21537.2286706947979489902.idtracker@ietfa.amsl.com>
To: Suresh Krishnan <suresh@kaloom.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/LiqhAaKRbaTvHRPIix3kVHSWI8g>
Subject: Re: [netmod] Suresh Krishnan's Discuss on draft-ietf-netmod-acl-model-19: (with DISCUSS)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Sep 2018 22:36:39 -0000


> On Sep 26, 2018, at 9:36 PM, Suresh Krishnan <suresh@kaloom.com> wrote:
> 
> Suresh Krishnan has entered the following ballot position for
> draft-ietf-netmod-acl-model-19: Discuss
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-netmod-acl-model/
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> This document is missing ACL handling for ICMPv6 (RFC4443) completely. As the
> ICMP types and codes are different for ICMP and ICMPv6 I think this model
> should be included to cover ICMPv6.

In offline discussions with Suresh, here is what we agreed I would do to address this DISCUSS:

- Update the rest-of-header field in ICMP grouping from ‘type uint32’ to ‘type binary’, as already agreed, to address Mirja’s DISCUSS. The field will be unbounded.
- Add a reference to RFC 4443 in the grouping.
- At this point the grouping should be able to cater to both icmpv4 and icmpv6 match requirements.

Thanks

Mahesh Jethanandani
mjethanandani@gmail.com

v2.23.0 | Report a Bug | By Email