Re: [shim6] How long is a shim6 header?

Brian E Carpenter <brian.e.carpenter@gmail.com> Mon, 04 November 2013 17:19 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: shim6@ietfa.amsl.com
Delivered-To: shim6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1EFE21E81F5 for <shim6@ietfa.amsl.com>; Mon, 4 Nov 2013 09:19:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.52
X-Spam-Level:
X-Spam-Status: No, score=-102.52 tagged_above=-999 required=5 tests=[AWL=0.079, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EmYAsEsnXTHE for <shim6@ietfa.amsl.com>; Mon, 4 Nov 2013 09:19:40 -0800 (PST)
Received: from mail-bk0-x22b.google.com (mail-bk0-x22b.google.com [IPv6:2a00:1450:4008:c01::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 92A5221E81F1 for <shim6@ietf.org>; Mon, 4 Nov 2013 09:11:00 -0800 (PST)
Received: by mail-bk0-f43.google.com with SMTP id mz11so2518196bkb.30 for <shim6@ietf.org>; Mon, 04 Nov 2013 09:10:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=gMBQqmBaN2bPQEIsYZQdjZR2zPC/dXC2dRCWhGwOOGA=; b=j44KtYfWNt66TINghuznGcqJUJCHoRJwMKjeE0xJGJOsJ2pMGuMzTwSjf8882z1VVZ Mh5XlNp3RNJ2pqQ/0BneJMzv24ULNaHhF/WgqfrYShaXkfjYpccmbK5wr39dlC1L9wf4 U/b6rYfmzEtmihzURZ4C60ZmX8aHdB1vkOPR4m1ti79Dk6VAclZC0nKy3/BNbfDFbTPR xAtC7Yo9WsXcQLJ1gVSWfvo0xTQvSdjHN/ICcyH4kwF96N2ODzKj0KiR26AG5V3WF7ux iMinM9abTVi+HbhiKPuqVyBabIBkpuT0nTDCLUDi5zEezcquZpacnMv9Bndn9EYgrJuz WA9g==
X-Received: by 10.204.107.140 with SMTP id b12mr13967bkp.58.1383585054995; Mon, 04 Nov 2013 09:10:54 -0800 (PST)
Received: from [31.133.165.38] (dhcp-a526.meeting.ietf.org. [31.133.165.38]) by mx.google.com with ESMTPSA id pn6sm16073777bkb.14.2013.11.04.09.10.52 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 04 Nov 2013 09:10:54 -0800 (PST)
Message-ID: <5277D51D.5070405@gmail.com>
Date: Tue, 05 Nov 2013 06:10:53 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Erik Nordmark <nordmark@sonic.net>
References: <52700435.6030606@gmail.com> <5270BB1D.6000004@uclouvain.be> <5274B62E.2090607@yahoo.fr> <52750E8A.90806@gmail.com> <5277CF2B.50701@sonic.net>
In-Reply-To: <5277CF2B.50701@sonic.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Cc: shim6@ietf.org
Subject: Re: [shim6] How long is a shim6 header?
X-BeenThere: shim6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SHIM6 Working Group Mailing List <shim6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shim6>, <mailto:shim6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/shim6>
List-Post: <mailto:shim6@ietf.org>
List-Help: <mailto:shim6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shim6>, <mailto:shim6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Nov 2013 17:19:45 -0000

On 05/11/2013 05:45, Erik Nordmark wrote:
> 
> Brian,
> 
> It isn't clear to me whether you are talking about the datapath case
> (where the shim6 header is followed by a ULP header and payload like
> TCP) or a control/signalling case, which has NO_NXT_HEADER.
> 
> In the datapath case the header is exactly 8 bytes.
> In the NO_NXT_HEADER things are variable length - but that isn't a
> concern for wirewalls since there is no next header to inspect.

That's an interesting point. I actually wonder how existing firewalls
respond to NO_NXT_HEADER. I think the answer may be disturbing.

The problem with most current firewalls is that they drop packets
with a shim6 header anyway.

Thanks
    Brian
> 
> Regards,
>    Erik
> 
> On 11/2/13 7:39 AM, Brian E Carpenter wrote:
>> Sure, I agree about 8 minimum: my suggestion was that 40 was a typical
>> *large* header.
>>
>> 1280 would be a complete disaster since firewalls will *never* be able
>> to deal with that at line speed. Please read
>> draft-wkumari-long-headers-02
>> to understand the concern. We missed this issue during the shim6 design,
>> I think.
>>
>> Regards
>>     Brian
>>
>> On 02/11/2013 21:22, Sébastien Barré wrote:
>>> Hi,
>>>
>>> the biggest extension headers are found in signalling packets, in
>>> particular those that carry locator information.
>>> Since any number of locators can be advertised to the peer, the Shim6
>>> signalling packet may grow up to 1280 bytes, the maximum allowed for
>>> shim6 (ref: rfc5533, section 5.1), including
>>> the IPv6 header. This leaves up to 1240 bytes for the Shim6 header.
>>>
>>> Now, this is for signalling. If you worry about payload packets only,
>>> then the Shim6 header is either simply absent (when ULIDs are used, the
>>> shim6 context at the receiver is looked up based on them), or it
>>> contains only a context tag and its size is then 8 bytes. (rfc5533,
>>> section 5.2)
>>>
>>> So, unless I miss something, the Shim6 minimum header size is 8 bytes,
>>> not 40.
>>>
>>> Hope this helps,
>>>
>>> Sébastien.
>>>>
>>>> -------- Original Message --------
>>>> Subject: [shim6] How long is a shim6 header?
>>>> Date: Wed, 30 Oct 2013 07:53:41 +1300
>>>> From: Brian E Carpenter <brian.e.carpenter@gmail.com>;
>>>> Organisation: University of Auckland
>>>> To: shim6-wg <shim6@ietf.org>;
>>>>
>>>> Hi,
>>>>
>>>> Does anyone have a quick answer to this question: how big is the
>>>> biggest SHIM6 extension header that is likely to occur in practice?
>>>>
>>>> As far as I can see, it's at least 40 bytes.
>>>>
>>>> The context for this question is draft-wkumari-long-headers.
>>>>
>>>> Regards
>>>>     Brian Carpenter
>>>>
>>>> _______________________________________________
>>>> shim6 mailing list
>>>> shim6@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/shim6
>>>>
>>>>
>>>>
>>>
>>>
>>
>> _______________________________________________
>> shim6 mailing list
>> shim6@ietf.org
>> https://www.ietf.org/mailman/listinfo/shim6
>>
> 
>