IETF Logo Mail Archive

Re: [spring] SRv6 Network Programming: ENH = 59

Ron Bonica <rbonica@juniper.net> Wed, 08 May 2019 17:18 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 592791202C7; Wed, 8 May 2019 10:18:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.71
X-Spam-Level:
X-Spam-Status: No, score=-2.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cjWy1yT7jrG0; Wed, 8 May 2019 10:18:37 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41580120178; Wed, 8 May 2019 10:18:25 -0700 (PDT)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x48H5QAr027065; Wed, 8 May 2019 10:18:23 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=vdyxW0QpLnKV26MlFFeqSAY8oyswweYqhkcVBX6/sgc=; b=cM4oY5PCpcZr7vVJwApqZ3Pc2dFyv3CRKuGKAFn1mzDgVgarHQcZDOSuiFcH7edIj9dC n5XfyUYCfFC6/cj9EpLSdKu+cC+FkDzAiALqlhYC5gT4rsZnBFBwCKlE7izc+zkgO4NM aTbFHtiFtCn3IEtBbJAK6En3W3OOOH2kKQLBwAC0w0gEAQL40LkRGjxwEYETRmZVcrbS JUU1zSPy3jsKmTN+oQtkEZuWf/ZVZSduF2D8L6CdyqJfv2w5aJNfRkuqZCusb0Mp7DCI hdpgfes02PjAP93UJp9RWndGvCyroAMT/oJOFPuhP67cT0f+zXjFek7dWOvyeAJ+iXuY dQ==
Received: from nam02-sn1-obe.outbound.protection.outlook.com (mail-sn1nam02lp2056.outbound.protection.outlook.com [104.47.36.56]) by mx0a-00273201.pphosted.com with ESMTP id 2sc1dn07g1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 08 May 2019 10:18:23 -0700
Received: from BYAPR05MB4245.namprd05.prod.outlook.com (20.176.252.26) by BYAPR05MB4661.namprd05.prod.outlook.com (52.135.233.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1878.19; Wed, 8 May 2019 17:18:20 +0000
Received: from BYAPR05MB4245.namprd05.prod.outlook.com ([fe80::e1e7:cf02:f236:ab29]) by BYAPR05MB4245.namprd05.prod.outlook.com ([fe80::e1e7:cf02:f236:ab29%7]) with mapi id 15.20.1878.019; Wed, 8 May 2019 17:18:20 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Bob Hinden <bob.hinden@gmail.com>, Tom Herbert <tom@herbertland.com>
CC: IPv6 List <ipv6@ietf.org>, SPRING WG <spring@ietf.org>
Thread-Topic: SRv6 Network Programming: ENH = 59
Thread-Index: AdUDo1cr1ntuHPleQoe8AvXX2JxkXgAgU5gAADSHkFAACAfBgAAcxCeAAAkV7AAAAcrPgAABRNiAAACWgYAAAMT+YA==
Content-Class:
Date: Wed, 08 May 2019 17:18:20 +0000
Message-ID: <BYAPR05MB42459C7A22F5AF2F1AB75CD1AE320@BYAPR05MB4245.namprd05.prod.outlook.com>
References: <BYAPR05MB4245988C3A47C3665BD91172AE300@BYAPR05MB4245.namprd05.prod.outlook.com> <AA81898A-9E6C-4AD5-9629-4BA283378A79@cisco.com> <BYAPR05MB4245AEA785C959D29E4ECE61AE310@BYAPR05MB4245.namprd05.prod.outlook.com> <58529f07-acfc-3678-5381-4ae271143a45@gmail.com> <94EF12FB-0598-4E76-9A60-0CF67096DD04@employees.org> <CALx6S360dJD4_YcqMMy9k8NOLNdy1UZPAzBNOw1WpAz6iYfWag@mail.gmail.com> <CAO42Z2wBL=h=MKLshKUJa4m6aqTSGn4XQgKao06wKvvreKpB8w@mail.gmail.com> <CALx6S36q+7L7=7m_TgFJL5BN1ryM=9Kgb3sND1Rw+Pmza5OVYQ@mail.gmail.com> <DD003840-92D2-4878-B1CC-CDCB18FA527B@gmail.com>
In-Reply-To: <DD003840-92D2-4878-B1CC-CDCB18FA527B@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.1.100.23
dlp-reaction: no-action
msip_labels: MSIP_Label_106ee314-308e-4f40-a474-5b984ee7b7ff_Enabled=True; MSIP_Label_106ee314-308e-4f40-a474-5b984ee7b7ff_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_106ee314-308e-4f40-a474-5b984ee7b7ff_Owner=rbonica@juniper.net; MSIP_Label_106ee314-308e-4f40-a474-5b984ee7b7ff_SetDate=2019-05-08T17:04:27.1428269Z; MSIP_Label_106ee314-308e-4f40-a474-5b984ee7b7ff_Name=Non-Juniper; MSIP_Label_106ee314-308e-4f40-a474-5b984ee7b7ff_Application=Microsoft Azure Information Protection; MSIP_Label_106ee314-308e-4f40-a474-5b984ee7b7ff_Extended_MSFT_Method=Manual; Sensitivity=Non-Juniper
x-originating-ip: [66.129.241.10]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6703eada-a530-436f-be06-08d6d3d92b6e
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(4618075)(2017052603328)(7193020); SRVR:BYAPR05MB4661;
x-ms-traffictypediagnostic: BYAPR05MB4661:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <BYAPR05MB46619702D5CA4E61517C42DFAE320@BYAPR05MB4661.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-forefront-prvs: 0031A0FFAF
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(366004)(136003)(376002)(346002)(396003)(13464003)(199004)(189003)(99286004)(86362001)(305945005)(19627235002)(6436002)(33656002)(26005)(7736002)(110136005)(54906003)(25786009)(68736007)(11346002)(446003)(476003)(486006)(316002)(229853002)(186003)(2906002)(4326008)(66066001)(73956011)(6306002)(256004)(55016002)(9686003)(76116006)(66446008)(64756008)(66556008)(66476007)(66946007)(52536014)(71190400001)(71200400001)(7696005)(5660300002)(74316002)(8676002)(966005)(53936002)(478600001)(6506007)(14454004)(53546011)(8936002)(81156014)(81166006)(3846002)(102836004)(6116002)(76176011)(6246003); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB4661; H:BYAPR05MB4245.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: aLgm2IP3asUqLIWMx6X1/Gal803W32XAGbs2MWa4boX0uincJwIkWGqN+VcX0YT97Ys/VtHN0urnd69cSXH2ute4umdzK3IeKWUToxKZX/Sy9zYalgraBQeFdtOtQvkUg657vzPuhEkWdQhDQVVucCuX4L+9kCrISaC28Qucz2KoRBxah9+n9L7sQFNc2vZkpAIRb8w4SeRQPIZqS7PJifiOacNEhMdMbaEinNRTv0jme8ho91BQXz2BJCMDQ++bQNk0svYlhiQ7xGRFSrV1Cg4mrrTVb6hqxShPTanmrnjwNNTz/Fgqbkd8C6j+OhCzLVcUQUPLsYT27OnofUzREW03hk3ajtOSzpJ+xqnnsgtUbYJKJSjdDpi7NXxAlE24+Cbtn9SMuvyVWkHj+xq2dNq9xd1CaJSX6BQGnqz+4YM=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 6703eada-a530-436f-be06-08d6d3d92b6e
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 May 2019 17:18:20.8226 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB4661
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-05-08_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=995 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1905080105
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/vwETgHioFPmf3hQQG672knLD_DU>
Subject: Re: [spring] SRv6 Network Programming: ENH = 59
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 May 2019 17:18:39 -0000

<adding the SPRING mailing list, because this is a SPRING draft>

Folks,

Sections 4.4 through 4.12 of draft-ietf-spring-srv6-network-programming-00 define a set of SIDs that have the following things in common:

- they are consumed by the egress node (SL == 0)
- they tell the egress node how to forward the payload into a VPN

If the payload is IPv4, the next-header value in the SRH must be IP4 (value 4).
If the payload is IPv6, the next-header value in the SRH must be IPv6 (value 41).
If the payload is Ethernet, the next-header value in the SRH must be No Next Header (value 59).

In the interest of consistency, we should probably allocate a new next-header value for Ethernet and use it.

                                                                              Ron



Non-Juniper

> -----Original Message-----
> From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of Bob Hinden
> Sent: Wednesday, May 8, 2019 12:42 PM
> To: Tom Herbert <tom@herbertland.com>
> Cc: IPv6 List <ipv6@ietf.org>; Bob Hinden <bob.hinden@gmail.com>
> Subject: Re: SRv6 Network Programming: ENH = 59
> 
> Tom,
> 
> > On May 8, 2019, at 9:24 AM, Tom Herbert <tom@herbertland.com> wrote:
> >
> > On Wed, May 8, 2019 at 8:48 AM Mark Smith <markzzzsmith@gmail.com>
> wrote:
> >>
> >> On Thu, 9 May 2019 at 00:57, Tom Herbert <tom@herbertland.com>
> wrote:
> >>>
> >>
> >> "If the Payload Length field of the IPv6 header indicates the
> >>   presence of octets past the end of a header whose Next Header field
> >>   contains 59, those octets must be ignored and passed on unchanged if
> >>   the packet is forwarded."
> > Mark,
> >
> > Right, so the first clause say that the No-next-header means there's
> > nothing beyond the header, but the second clause says that if there is
> > something beyond the header it's ignored. So "nothing" can actually be
> > "something" which seems to be contradiction. In practice, this sounds
> > like a wonderful opportunity for a covert channel. I would hope that a
> > receiver of packet with No-next-header followed by a 1000 bytes of
> > "nothing" views the packet with suspicion!
> 
> It’s also a great mechanism to tickle buffer overflow bugs.   I agree that
> packets like this are suspect, and this is also another good reason to not use
> “No-Next-Header” in SRv6 network programming.
> 
> Bob
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://urldefense.proofpoint.com/v2/url?u=https-
> 3A__www.ietf.org_mailman_listinfo_ipv6&d=DwIGaQ&c=HAkYuh63rsuhr6S
> cbfh0UjBXeMK-ndb3voDTXcWzoCI&r=Fch9FQ82sir-BoLx84hKuKwl-
> AWF2EfpHcAwrDThKP8&m=bmZxS1Pe-
> kZHulP5IPA1JPe52WUCDjqLHl0HWAnSazo&s=3N9-
> vv5gp4IjVHnDWJjKOQoLllRYO38bbwWNiuQJVok&e=
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email