Re: [v6ops] Fwd: New Version Notification for draft-wkumari-long-headers-01.txt
Joe Touch <touch@isi.edu> Fri, 05 July 2013 13:33 UTC
Return-Path: <touch@isi.edu>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06FBF11E82F0 for <v6ops@ietfa.amsl.com>; Fri, 5 Jul 2013 06:33:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.287
X-Spam-Level:
X-Spam-Status: No, score=-106.287 tagged_above=-999 required=5 tests=[AWL=0.312, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VWABvA5gTrN4 for <v6ops@ietfa.amsl.com>; Fri, 5 Jul 2013 06:32:56 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by ietfa.amsl.com (Postfix) with ESMTP id 39D4A21F9943 for <v6ops@ietf.org>; Fri, 5 Jul 2013 06:32:56 -0700 (PDT)
Received: from [172.35.3.4] (pc3.shinagawaphvod2-unet.ocn.ne.jp [220.110.141.59]) (authenticated bits=0) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id r65DWcPH022244 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 5 Jul 2013 06:32:48 -0700 (PDT)
Message-ID: <51D6CAF6.6080007@isi.edu>
Date: Fri, 05 Jul 2013 06:32:38 -0700
From: Joe Touch <touch@isi.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6
MIME-Version: 1.0
To: Nick Hilliard <nick@inex.ie>
References: <20130703235521.17726.15468.idtracker@ietfa.amsl.com> <0BDA30D8-AEDC-4E18-8ACE-64A032305F07@kumari.net> <1372897534.35448.YahooMailNeo@web2802.biz.mail.ne1.yahoo.com> <CAD6AjGSGeNHPUs9+F6OOAeDOy_FZpTOGkH6viX_fENca4H8X0g@mail.gmail.com> <1372899240.80312.YahooMailNeo@web2803.biz.mail.ne1.yahoo.com> <51D614F6.4030000@isi.edu> <51D6A1C9.8030208@inex.ie> <51D6C2FF.4090103@isi.edu>
In-Reply-To: <51D6C2FF.4090103@isi.edu>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: v6ops@ietf.org
Subject: Re: [v6ops] Fwd: New Version Notification for draft-wkumari-long-headers-01.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jul 2013 13:33:02 -0000
PS - here's what *I* think would be required to fix this doc, at a minimum. - make it clear that this is about either NATs, L4 filtering (firewalls), or L4 port-based forwarding, not IP forwarding (the latter is a well-defined term and does not include L4 ports) - make the requirement about a network *device*, not a network *provider* - explain the corner cases in more detail you mention a few cases here, but it seems like you need to specify a length for nearly every protocol payload because you're claiming that you have enough information to handle the IP header, the IP options, and the next *header* (at least the most interesting parts of it). There are a bunch of cases that are common enough that they ought to be covered: IPv6 (just the inner IPv6? and its HBH?) IPv4 (any options?) GRE MPLS What about the TCP header? why stop at just the ports? might a future operator want to block traffic on whether it used authentication? or SACK? What about ICMP - why not also its payload? How far in? - explain what to do if the chain is too long to see what you want MUST forward seems the only viable alternative to me, but if you disagree, propose an alternate and justify it if you don't forward, then you ought to be sending ICMP errors (subject to rate control) - correct some of the other errors IPv6 has HBH headers for exactly the reasons you cite - to limit how much of the chain needed to be examined. What really changed is the desire for port-filtering and port-forwarding devices. IPv4 makes this simpler because the 'jump' to the end of the chain is in the header in a fixed location. This has nothing to do with ASIC vs. multicore software processing (e.g., on a NPU). It has to do with a fixed jump vs. a chain of jumps. ASICs and multicore software can either one, but the space cost is higher and variable, and the time cost is higher and variable. Joe
- [v6ops] Fwd: New Version Notification for draft-w… Warren Kumari
- Re: [v6ops] Fwd: New Version Notification for dra… Bill Jouris
- Re: [v6ops] Fwd: New Version Notification for dra… cb.list6
- Re: [v6ops] Fwd: New Version Notification for dra… cb.list6
- Re: [v6ops] Fwd: New Version Notification for dra… Bill Jouris
- Re: [v6ops] Fwd: New Version Notification for dra… Ted Lemon
- Re: [v6ops] New Version Notification for draft-wk… Ted Lemon
- Re: [v6ops] Fwd: New Version Notification for dra… Brian E Carpenter
- Re: [v6ops] Fwd: New Version Notification for dra… Gert Doering
- Re: [v6ops] Fwd: New Version Notification for dra… Mark Andrews
- Re: [v6ops] Fwd: New Version Notification for dra… Bill Jouris
- Re: [v6ops] Fwd: New Version Notification for dra… joel jaeggli
- Re: [v6ops] Fwd: New Version Notification for dra… joel jaeggli
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… sthaug
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Gert Doering
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Gert Doering
- Re: [v6ops] Fwd: New Version Notification for dra… Ray Hunter
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Gert Doering
- Re: [v6ops] Fwd: New Version Notification for dra… Gert Doering
- Re: [v6ops] Fwd: New Version Notification for dra… cb.list6
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Ivan Pepelnjak
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Nalini Elkins
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Ray Hunter
- Re: [v6ops] Fwd: New Version Notification for dra… Gert Doering
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Ray Hunter
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… sthaug
- Re: [v6ops] Fwd: New Version Notification for dra… Gert Doering
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… Joe Touch
- Re: [v6ops] New Version Notification for draft-wk… Michael H Lambert
- Re: [v6ops] New Version Notification for draft-wk… Joe Touch
- Re: [v6ops] Fwd: New Version Notification for dra… Nick Hilliard
- Re: [v6ops] Fwd: New Version Notification for dra… joel jaeggli
- Re: [v6ops] Fwd: New Version Notification for dra… joel jaeggli
- Re: [v6ops] Fwd: New Version Notification for dra… Brian E Carpenter