Re: [Stackevo-discuss] New Version Notification for draft-welzl-irtf-iccrg-tcp-in-udp-00.txt

Joe Touch <> Mon, 28 March 2016 21:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E8C5312D116; Mon, 28 Mar 2016 14:27:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4NucbIFEprS1; Mon, 28 Mar 2016 14:27:50 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2400512D0BD; Mon, 28 Mar 2016 14:27:50 -0700 (PDT)
Received: from [] ( []) (authenticated bits=0) by (8.13.8/8.13.8) with ESMTP id u2SLQpcc024245 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 28 Mar 2016 14:26:54 -0700 (PDT)
To: Tom Herbert <>, Alexandre Petrescu <>
References: <> <> <> <> <> <> <> <> <>
From: Joe Touch <>
Message-ID: <>
Date: Mon, 28 Mar 2016 14:26:51 -0700
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
Archived-At: <>
Cc:, "" <>,
Subject: Re: [Stackevo-discuss] New Version Notification for draft-welzl-irtf-iccrg-tcp-in-udp-00.txt
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IP Stack Evolution Discussion List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 28 Mar 2016 21:27:52 -0000

On 3/25/2016 10:05 AM, Tom Herbert wrote:
>> On another hand, this problem of multiplexing at multiple levels makes
>> > it that there is no 'traceroute' program that meaningfully reports
>> > number of hops through tunnels.  This is a universal tool for network
>> > debugging, maybe as loved as ping is.
>> >
> I believe
> is the proposed solution for that.

I would not recommend that doc as an example of how to handle this issue
- it has more than a few issues:

- the reason that IP hopcounts of payloads should not be decremented in
a tunnel is because hopcount is a measure of time at routers, not time
in links. Because a tunnel is a link, the encapsulated packets
experience no forwarding themselves. This has nothing to do with whether
the source and dest IP are in the same IP subnet (end Sec 1).

- TTLs are decremented when forwarding; it makes no sense to decrement
the outer TTL upon encapsulation. That decrement happens later in the
path inside the tunnel. Otherwise, a packet whose hopcount is 0 might be
discarded at the ingress, even though it can legitimately reach its
destination over the tunnel link.

- The decrement of the inner packet might be done to correspond to the
cost of the link itself, as noted. In that case, the error goes back to
the inner packet's source host -- never to the tunnel ingress. ICMPs go
to the tunnel ingress if the encapsulation header TTL falls below zero
along the tunnel path only.

- RFC1122 does not ensure that there is enough information to relay
tunnel ICMPs back to the origin source. Packets could be fragmented to
traverse the tunnel (lacking an inner header altogether) or could have
too much encapsulation to allow that.

These issues are all discussed in intarea-tunnels, which should have
been cited there. FWIW.