IETF Logo Mail Archive

Re: [Spud] Putting Network-Layer Information in the Network Layer

Toerless Eckert <eckert@cisco.com> Fri, 10 July 2015 20:45 UTC

Return-Path: <eckert@cisco.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECDAF1A0091 for <spud@ietfa.amsl.com>; Fri, 10 Jul 2015 13:45:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B90NsrgUSlA7 for <spud@ietfa.amsl.com>; Fri, 10 Jul 2015 13:45:19 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF5731A007A for <spud@ietf.org>; Fri, 10 Jul 2015 13:45:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5442; q=dns/txt; s=iport; t=1436561119; x=1437770719; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=7+umUlnepzqFaCY6uKOE/VqnBrrXDhwK6Rd7gGTu2kg=; b=EKCWsZ5AtZszIEh0oKGRaXBUYFlbiSJsAl4npf7njvezccwe2PdwtEIO DPJw+SabAzBX+kMCklQzKhopzFnlDH8jRL3p3COu7YHbVog3en7A5ROFP cFpXX0zPglCtJcVgfbq4aJ2XI1QnaAK2BmakChAzXI4ZevUzUwZeaeYC+ A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0A1BQBfLqBV/5xdJa1bDoMEVGC9IwqFdwKBSjwQAQEBAQEBAYEKhCQBAQICAQEBNzQLEAsSBgklDwUTIhQTG4gTDc99AQEBAQEBAQEBAQEBAQEBAQEBAQEBF4tLhQYHgxeBFAWNHIQsgmmMAwGBP4QYkxQmggwcgRVeHjEBAYEEJYEgAQEB
X-IronPort-AV: E=Sophos;i="5.15,449,1432598400"; d="scan'208";a="167467602"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by alln-iport-6.cisco.com with ESMTP; 10 Jul 2015 20:45:17 +0000
Received: from mcast-linux1.cisco.com (mcast-linux1.cisco.com [172.27.244.121]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id t6AKjGSA012378 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 10 Jul 2015 20:45:16 GMT
Received: from mcast-linux1.cisco.com (localhost.cisco.com [127.0.0.1]) by mcast-linux1.cisco.com (8.13.8/8.13.8) with ESMTP id t6AKjFxE024623; Fri, 10 Jul 2015 13:45:15 -0700
Received: (from eckert@localhost) by mcast-linux1.cisco.com (8.13.8/8.13.8/Submit) id t6AKjEI1024621; Fri, 10 Jul 2015 13:45:14 -0700
Date: Fri, 10 Jul 2015 13:45:14 -0700
From: Toerless Eckert <eckert@cisco.com>
To: Joe Touch <touch@isi.edu>
Message-ID: <20150710204514.GA23837@cisco.com>
References: <176C39DB-16F3-4E46-9A1D-22290A38FBA6@tik.ee.ethz.ch> <CALx6S37Eo6eAE4GTkAWGe+w0ZhDHyuMym7+txgjai5GRw+pgiQ@mail.gmail.com> <7158BF85-8731-40A0-9920-36D21D73D7F2@trammell.ch> <CALx6S37w1J=v48gFCH18E-3UZyfC28_d_LTuKjC5VHtXC0eu2Q@mail.gmail.com> <5A64B99E-89C5-4D5C-BFF2-C5F0C25EC35D@trammell.ch> <559D8301.2020604@isi.edu> <006C9182-7352-4086-AF18-785AEFD44979@trammell.ch> <559EB134.2090905@isi.edu> <CB3FEFD0-1FE0-49D4-A650-349218ABD00A@trammell.ch> <559FFD93.8010307@isi.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <559FFD93.8010307@isi.edu>
User-Agent: Mutt/1.4.2.2i
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/OSgP8pIK6foHDK884XAqaHlLsFM>
Cc: Brian Trammell <ietf@trammell.ch>, spud@ietf.org, Mirja =?iso-8859-1?Q?K=FChlewind?= <mirja.kuehlewind@tik.ee.ethz.ch>, Tom Herbert <tom@herbertland.com>
Subject: Re: [Spud] Putting Network-Layer Information in the Network Layer
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>, <mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>, <mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jul 2015 20:45:21 -0000

IMHO, IP options do not get us anywhere.

I want a solution that works against the lowest common denominator
of APIs for applications that i have across not only platfornms,
but also application development environments. I have UDP APIs on
a lot more SDKs that UDP + IP options. I bet if i looked, i wouldn't
find IP optoins in a lot of interpreted language SDKs.

Even if supported by language SDK, its an OS issue whether IP optoins
are supported. I remember that some investigation for a project we did
2? years back now resulted in us finding that at C level system APIs,
android for example was not supporting IP router alert for a UDP socket
for IPv6, even though it supported it for IPv4 (i hope i remember these
details correctly). And its just one example.

If all of this stuff is fine, i am totally not persuaded that IP
options are going to be accepted by network operators. There is no
way to guarantee to a network operator that packets with IP options are
NOT punted and cause performance impacts.

We went through this exercise with ECN, and still haven't moved ahead.
After 10 years or so. Where is the stealth data-collection facility in
eg: firefox that tries randomn ECN flows not only to see whether they
pass through, but also checking latency & jitter to validate that
these ECN packets where not punted in routers when they did pass through ?

I am not saying we shouldn't have a glorified plan for STUN that ALSO
includes the architecture for doing it correctly for the
1980's Internet architecture, but please lets not make this plan A.

The Internet architecture has evolved on so many fronts. Can we not
learn in the network/transport layer structure too how to get the
best solutions for reality ?

Just saying.

Toerless

On Fri, Jul 10, 2015 at 10:14:59AM -0700, Joe Touch wrote:
> Hi, Brian,
> 
> On 7/10/2015 3:44 AM, Brian Trammell wrote:
> > 
> >> On 09 Jul 2015, at 19:36, Joe Touch <touch@isi.edu> wrote:
> ...
> >> IPv4 options can be jumped over in one step using the IHL field.
> > 
> > yes, |set| = 1.
> 
> Well, it's actually also because the offset is in the default header and
> nowhere else. The number of options varies, as does the length of many
> options.
> 
> >> There's
> >> no such field for IPv6 - routers have to walk the chain of headers one
> >> by one.
> > 
> > Right. It seems to me the way out of this (which is not just a 
> > problem for boxes that want to muck about in transport protocols, but
> > ones thatwant to properly process hop by hop options) would be to
> > define a new(small) set of IPv6 options headers that themselves would
> > (1) not be combinable and (2) have a fixed length, allowing the
> > next-header field to be _treated_ in constant time / with relatively
> > few gates as the IHL field.
> 
> There are several hurdles, not the least of which is that the length of
> HBH options can change in transit.
> 
> You don't really need a fixed length to solve this, or even a fixed set.
> The options can even be mutable.
> 
> What you really need is a "jump to transport" header that comes before
> all the others, and that is maintained by any device that adds, deletes,
> or changes the length of an option.
> 
> The real problem there isn't doing that; its knowing whether you've
> traversed a router that obeys those rules without dropping packets at
> routers that don't. That would kill IPv6.
> 
> > I haven't followed 6man, though I presume this approach or
> > approaches like it have been discussed there ad nauseam.
> 
> See above.
> 
> > The fixed-lengthness of these new v6 options headers would make them 
> > problematic for freely extensible options, though one could use these
> > to stick common fast path options in the "fixed" point of the header,
> > and otherwise point to space elsewhere in the packet for things that
> > can happen slowly. You eat the cost of following pointers and doing
> > the more expensive deframing only if you need to in this case.
> 
> The real issue, AFIACT, is detecting the behavior of legacy devices that
> wouldn't know to follow these rules - without having them drop the
> packet because it is an unknown option (i.e., you can set "drop if
> unknown", but that would be bad; if you don't set that bit, then you
> can''t detect when changes occur easily).
> 
> >>>> I suspect you'll find that IP options are basically a non-starter except
> >>>> for research purposes.
> >>>
> >>> For the story on the v4 side, do you know of anything newer than
> >>> Fonseca et al "IP Options are Not and Option" (tech report version at
> >>> http://www.eecs.berkeley.edu/Pubs/TechRpts/2005/EECS-2005-24.pdf)? It's
> >>> ten years old -- but given where the engineering effort has gone during
> >>> that decade, I doubt strongly much has changed here.
> >>
> >> Not much. Those old studies have been used in other WGs to drive
> >> documents (IMO, unfortunately).
> > 
> > I've been thinking about whether it would be worth the effort to do
> > an updated IP options transparency study.
> 
> The IETF has a persistent problem with extensibility. Vendors don't make
> money supporting capabilities not in current use, but that ossifies the
> protocols badly.
> 
> Joe
> 
> _______________________________________________
> Spud mailing list
> Spud@ietf.org
> https://www.ietf.org/mailman/listinfo/spud

v2.8.7 | Report a Bug | By Email