Re: [Tsv-art] [v6ops] [Last-Call] Tsvart last call review of draft-ietf-v6ops-ipv6-ehs-packet-drops-05

Fernando Gont <> Thu, 08 April 2021 02:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 159B33A34B1; Wed, 7 Apr 2021 19:46:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id JfXEiKtJd0Zi; Wed, 7 Apr 2021 19:46:28 -0700 (PDT)
Received: from ( [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0A19A3A34B4; Wed, 7 Apr 2021 19:46:27 -0700 (PDT)
Received: from [] (unknown []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 196B62802B1; Thu, 8 Apr 2021 02:46:17 +0000 (UTC)
To: Tom Herbert <>
Cc: "Rob Wilton (rwilton)" <>, Gorry Fairhurst <>, IPv6 Operations <>, "" <>, "" <>, "" <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
From: Fernando Gont <>
Message-ID: <>
Date: Wed, 7 Apr 2021 23:46:04 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [Tsv-art] [v6ops] [Last-Call] Tsvart last call review of draft-ietf-v6ops-ipv6-ehs-packet-drops-05
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Review Team <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 08 Apr 2021 02:46:33 -0000

On 7/4/21 21:30, Tom Herbert wrote:
> On Wed, Apr 7, 2021 at 5:03 PM Fernando Gont <> wrote:
>> Hi, Tom,
>> On 7/4/21 12:20, Tom Herbert wrote:
>> [....]
>>> Given that hosts are the ones creating extensions headers and other
>>> packet formats, hosts have a vested interest in how routers are
>>> dealing with their packets. Even before this document was created, we
>>> have long known that extensions headers might be dropped and have been
>>> working on mitigations to reduce the number of drops which are already
>>> addressing some of the reasons that packets with EH. For instance,
>>> consider draft-hinden-6man-hbh-processing-00; this is a proposal to
>>> limit the number of HBH options to exactly one. The idea is that
>>> routers will make it feasible for routers packets that have HBH
>>> options, with the trade off of specifically limiting the extensibility
>>> of the protocol. The problem is there is no data that indicates this
>>> proposal would have the desired effect; we don't if routers would
>>> start accepting packets that are limited to one HBH option.
>> What does that proposal have to do with this document?
> Because that proposal is ostensibly addressing a perceived reason for
> packets being dropped. 

That doesn't change what this document is doing *at all*. We're 
explaining what operators do at the time of this writing.

> If it's not really a problem, then by all means
> please chime in on 6man list where the draft is under discussion.

I did raise my concerns during the last 6man minutes. My comments should 
be in the meeting minutes.

>>> So my fundamental concern with this draft is that it is an entirely
>>> qualitative description of a well known problem, however a qualitative
>> No. It is not a well known problem. If you look at
>> draft-hinden-6man-hbh-processing, itś clear that their assumption is
>> that limiting the number of EHs or options solves the problem. Whereas
>> our document essentially notes that to a large extent the problem has to
> What exactly does "large extent " mean? Does that mean that at least
> 50% or some greater than that percentage of drops of packets with EH
> were dropped precisely because the header chains were too long?

That's not the topic that this document is addressing.

>> do with the overall EH-chain length -- it doesn't matter if the
>> EH-chain: it doesn matter whether you have one long EH, multiple small
>> ones, one large EH with one large option, one large EH with many small
>> options, or any combination of them.
> Perhaps, but again I ask for either data or references from vendors to
> verify that supposition.

Our document contains a reference to the very IEPG presentation that was 
done by a vendor.

>> The fact that youŕe raising this issue and that thereś a belief that
>> there'ś a clear and easy way to make EHs work probes that itś certainly
>> not a well known problem.
> That is not the only issue that is being addressed. There are also the
> suggested limits in RFC8504 for host processing, the mitigation in
> RFC8200 to allow intermediate nodes to ignore HBH options, and ICMP
> errors in RFC8883 that intermediate nodes drop packets including if
> header chains are too long.

Again: what does has to do with this document.

Please read the Abstract and the Disclaimer. That's what this document 
is about.

You want this document to be something that it has never been, and has 
never been meaning to be.

Fernando Gont
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492