Re: [spring] We don't seem to be following our processes (Re: Network Programming - Penultimate Segment Popping)

Sander Steffann <> Fri, 06 December 2019 15:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9BE731200B1; Fri, 6 Dec 2019 07:12:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8myZsDccP_LQ; Fri, 6 Dec 2019 07:12:55 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6163F1200C5; Fri, 6 Dec 2019 07:12:55 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 092334B; Fri, 6 Dec 2019 16:12:53 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; h= x-mailer:references:in-reply-to:date:date:subject:subject :mime-version:content-type:content-type:message-id:from:from :received:received; s=mail; t=1575645170; bh=fswxa8gHjX9eqShi2gx vrkkiPBoLr8q2MNVXFI2d3N8=; b=fzlZLr1kt8XMfYc6PSGKdI0vMLXFhBr6ART rHNy1rXvzzVjhFHGh9bQcIUgSY2PnlVBz8ZcDUbZwpGcMYRsjVqNBBDtxqvQeACt v5H10kJxoiK4I0jxUnzt+mXQck/qCPpU3abfwGbuTFsnz4jKJpK5YTtex6oReweX mdDwlch8=
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10026) with ESMTP id CgEVR7KmDF8v; Fri, 6 Dec 2019 16:12:50 +0100 (CET)
Received: from [IPv6:2a02:a213:a300:ce80:6075:199d:31e0:cdef] (unknown [IPv6:2a02:a213:a300:ce80:6075:199d:31e0:cdef]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by (Postfix) with ESMTPSA id EB31749; Fri, 6 Dec 2019 16:12:49 +0100 (CET)
X-Clacks-Overhead: GNU Terry Pratchett
From: Sander Steffann <>
Message-Id: <>
Content-Type: multipart/signed; boundary="Apple-Mail=_11F47E7E-ECB8-4145-8638-321712A3F9E5"; protocol="application/pgp-signature"; micalg=pgp-sha256
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3594.4.19\))
Date: Fri, 6 Dec 2019 16:12:48 +0100
In-Reply-To: <>
Cc: Enno Rey <>, rtg-ads <>, Fernando Gont <>, SPRING WG <>, 6man <>, "" <>
To: Ole Troan <>
References: <> <> <> <> <> <> <> <> <> <> <> <>
X-Mailer: Apple Mail (2.3594.4.19)
Archived-At: <>
Subject: Re: [spring] We don't seem to be following our processes (Re: Network Programming - Penultimate Segment Popping)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 06 Dec 2019 15:12:58 -0000

Hi Ole,

> If I own and manage three routers, R1 -- R2 -- R3.
> You are saying that if R1 sends a packet to R3, it is not allowed to off-load some functions to R2?
> Going to be difficult to do stuff like service chaining then.

This bit I don't mind that much, but what about:

R1 -- R2 -- [open internet] -- R3
R1 -- [open internet] -- R2 -- R3
or even
R1 -- [open internet] -- R2 -- [open internet] -- R3

And what if you're an ISP and R1 is your customer's device? It is in your routing domain but not in your administrative domain. What then?

> When putting in the restrictions in RFC8200, which makes a lot of sense on the open Internet, it was always clear that there could and would be exceptions to this. Those are the ones we are discussing now.

This has never been clear to me. Quite the opposite actually…
There was a reason the text discussing this was tightened while RFC8200 was still a draft.

> Conflating the two use cases and claiming that the arguments for why it's a bad idea on the open Internet also applies to a limited domain, only serves to polarise the debate.

The problem is in the definition (and viability) of a domain.

> My suspicion is that the header insertion argument is a straw-man.

Not to me. I care about my packets not being mangled by a third party (my ISP). If there is a way that they can mangle the packet and restore it to its original 100% of the time before a box outside the ISP network is able to see it (for debugging or whatever) then I don't mind. I care about observable behaviour, and whether my ISP uses MPLS, SR or something else isn't my problem. But the moment the packet leaves their network it'd better be exactly as I sent it. And the way the domain is defined, as well as the operator experience with limited domains, points to potential leaks.