Re: [v6ops] [Last-Call] Tsvart last call review of draft-ietf-v6ops-ipv6-ehs-packet-drops-05
Tom Herbert <tom@herbertland.com> Wed, 10 March 2021 02:03 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 140F33A1649 for <v6ops@ietfa.amsl.com>; Tue, 9 Mar 2021 18:03:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fk0KRcgS11_G for <v6ops@ietfa.amsl.com>; Tue, 9 Mar 2021 18:03:29 -0800 (PST)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6FE473A1644 for <v6ops@ietf.org>; Tue, 9 Mar 2021 18:03:29 -0800 (PST)
Received: by mail-ed1-x534.google.com with SMTP id m9so24794094edd.5 for <v6ops@ietf.org>; Tue, 09 Mar 2021 18:03:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=z3s0MbOU5ccn1w0R7ade0g93YSVTNRiaImKH3kX2Thg=; b=wytDc5/iWZf4rtm5kX8RlxxDuTWIP9ywCGLM/MIzEtugqyPy2MwQ5l264TeJeC6vha 0RqCNbKe0NMZ8Hx+gA4K9TWanqshkjROCw/hjWcCg9oQz+AJC/OHWNJ2PcNcfLc8Fl1e Te8haZP6wNvmHhyi6Jg4Xmx7OzDE9+fxUgJVUsmSYBNIK1480Op/GMVzRUuyz/P5W3xs cOxZE47+Hkh6dFLkf86XctmjSjNs6ebXh4tbp+UuLDmD/PKryqaYIURjqVek4EnCrHvj 2CWTlJA/3Btc3NEqbUNgaVlPCuvg0iPXqIImoo37c9n6ktPCK/XybeWvFXc3cHEMV80S e+Zw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=z3s0MbOU5ccn1w0R7ade0g93YSVTNRiaImKH3kX2Thg=; b=m8uiG6OxExxYt2wxHBBLDCdGurlMtO4GsDvuq08sR5lSlACNcqFJnZnxe7NbN3zMCa y647UPlsUWDUbl34abzrszBcwNrd6JVzEBY3oMmXr51FLDu9KOcTDvXFUA9wXc2dqYgL MgdgprnwNDaOTrODWAtyLeRGkQ7FYYJnX+pusdxwoILgV8/zv5t9RkOfiz4TDQFX2ErK uccplsWxIlooMAQFIkIfrR7VpAf+QL3DETorwteflkBJf7T5SYjyR4h2VcYd+xpUD1+4 PoKSMgHLHqr0QzIAzdq1DHYYFJFW7UdxXZYO8dPUMfAvVsWCKNAG/HtkRPDA5GSMFWD+ 5FVA==
X-Gm-Message-State: AOAM531hCYU/qR6E9C7NXoecIUyHy/P2BgbdvkXXbpmW0VM9W8+XpLEy FQpqGyrb2y/kujx/b4qj60P2EZnWKV02T9h8IQrkjg==
X-Google-Smtp-Source: ABdhPJyv7ZDXAutSdOyY0+GBbxwjM8YXnNXleXaJnZy38oD84M58zLIAJ+YCm1CCaFJ+8imRtr736gx8ZqLgDqGSDbw=
X-Received: by 2002:a05:6402:1115:: with SMTP id u21mr547769edv.383.1615341807704; Tue, 09 Mar 2021 18:03:27 -0800 (PST)
MIME-Version: 1.0
References: <161366727749.10107.14514005068158901089@ietfa.amsl.com> <0e377231-c319-2157-30a0-759e2f96a692@gmail.com> <5f464f17-85ed-f105-35f9-02f35d04aed2@si6networks.com> <CALx6S364zGbq_HZNNVEaJHnHccuk4Zau2DXhmaVYbwnYQc-5bw@mail.gmail.com> <1847e8e3-543f-5deb-dd14-f7c7fa3677db@si6networks.com> <CALx6S34TPppMRJrOvyJ05LLeRvv+S51pQHJnzZDKk-qOdsF0AA@mail.gmail.com> <e41f3484-f816-e185-2d99-94323c8da732@si6networks.com> <CALx6S34qSxGijVcs229bAL5gMhMvMNYUXm3yEmrg6wxUiUAiaA@mail.gmail.com> <bf83d228-25bc-21bb-f984-d58ead6bf492@si6networks.com> <CALx6S35Kh-QAXJDAucuw5Wty37MBiwS=pqQknMZ+15b7D5Sn8A@mail.gmail.com> <34e78618-cb28-71a1-a9d3-7aec38032659@si6networks.com> <CAO42Z2zqD9_d2Fbr25Y2CV1GdzYKd167yf5DHeHna7V66pF65A@mail.gmail.com> <0bd316ac-1789-f4c6-d280-943ad6e60309@si6networks.com> <CALx6S34dMEEJ+OPUu_=FW1Y5AQuvAaHzBPEe448S7rfbMmHN_w@mail.gmail.com> <CEFDF511-9255-4913-840D-50CCBC2B7B17@gmail.com> <CALx6S36_w+zxyUt0DzQ9NKBs+SAPZDNhs_sqLBwi+qneOPSS5A@mail.gmail.com> <ef2bd4f5-3b1e-b88c-ec8f-dd9a2f9a60ba@si6networks.com>
In-Reply-To: <ef2bd4f5-3b1e-b88c-ec8f-dd9a2f9a60ba@si6networks.com>
From: Tom Herbert <tom@herbertland.com>
Date: Tue, 09 Mar 2021 19:03:13 -0700
Message-ID: <CALx6S349X7fQR=9Dj+n5X7ovXsSjLYibv-C-+bL0nkWsYP5NGA@mail.gmail.com>
To: Fernando Gont <fgont@si6networks.com>
Cc: Fred Baker <fredbaker.ietf@gmail.com>, Mark Smith <markzzzsmith@gmail.com>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, IPv6 Operations <v6ops@ietf.org>, draft-ietf-v6ops-ipv6-ehs-packet-drops.all@ietf.org, last-call@ietf.org, tsv-art@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/1ctd3zHP_i76XZ1ffh61099UESQ>
Subject: Re: [v6ops] [Last-Call] Tsvart last call review of draft-ietf-v6ops-ipv6-ehs-packet-drops-05
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Mar 2021 02:03:31 -0000
On Tue, Mar 9, 2021 at 4:03 PM Fernando Gont <fgont@si6networks.com> wrote: > > On 9/3/21 19:07, Tom Herbert wrote: > [...] > > > > Yes, ACLs on transport layer ports are common requirements, however > > the problem arises from related requirements that arise due to the > > limitations of routers to be able to locate the transport layer > > information in a packet. An example of such an implied requirement > > from this draft is "don't send packets with IPv6 header chains that > > are too long because some routers can't parse deep enough into packets > > to find the transport layer ports due to implementation constraints > > (like limited size parsing buffer)". > > You seem to be reading more from the document than what we actually said > in the document. > > There are no requirements in this document. We simply explain things > operators need to do, what are the associated limitations in real-world > devices, and what's the likely outcome. > > That's not an implied requirement, but simply a description of facts. > It's obvious that the implied or at least inferred requirement is that if a host wants to increase the probability of packets making it to the destination then they should not make header chains too long. This would also be an obvious interoperability requirement, i.e. if I make my header chains too long then packets will be dropped and my host stack is not interoperable with some elements in the network. > > > > While the rationale for the > > requirement may make sense, the problem, at least from the host stack > > perspective of trying to send packets with low probability they'll be > > dropped, is that a requirement that "don't IPv6 header chains that are > > too long" is is useless without any quantification as exactly to what > > "too long" might be. > > "too long" for the processing device(s). You don't know what devices > will process your packets, hence cannot even guess what "too long" might > mean. > > What you know for sure is that the longer the chain, the lower the > chances of your packets surviving -- as per RFC7872. > That seems to me more like an assumption than a proven fact. To prove it we'd need the data that correlates the length of the chain with probability of drop, or alternatively, one could survey common router implementations' capabilities and similarly extrapolate the correlation. If we had this data then we could derive a meaningful quantified requirement for both what routers are expected to process and what hosts can expect. RFC7872 doesn't really have sufficient data to make this correlation, and besides that it is not current. In any case, this draft qualitatively describes why routers are droppings. Which I suppose is good, but, given that information, I don't see much that helps host developers that are sending packets in the network and are trying to go beyond sending packets that conform to the least common denominator of plain TCP/IP. Tom > Thanks, > -- > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > >
- [v6ops] Tsvart last call review of draft-ietf-v6o… Gorry Fairhurst via Datatracker
- Re: [v6ops] Tsvart last call review of draft-ietf… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Brian E Carpenter
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Tsv-art] Tsvart last call review of … Gorry Fairhurst
- Re: [v6ops] [Last-Call] Tsvart last call review o… Brian E Carpenter
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Tsv-art] Tsvart last call review of … Fernando Gont
- Re: [v6ops] Tsvart last call review of draft-ietf… Nick Hilliard
- Re: [v6ops] Tsvart last call review of draft-ietf… Gorry Fairhurst
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Nick Hilliard
- Re: [v6ops] [Last-Call] Tsvart last call review o… Nick Hilliard
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Nick Hilliard
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Nick Hilliard
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Nick Hilliard
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fred Baker
- Re: [v6ops] [Last-Call] Tsvart last call review o… Nick Hilliard
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Mark Smith
- Re: [v6ops] [Last-Call] Tsvart last call review o… Joseph Touch
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Joseph Touch
- Re: [v6ops] [Last-Call] Tsvart last call review o… Mark Smith
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fred Baker
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Rob Wilton (rwilton)
- Re: [v6ops] [Last-Call] Tsvart last call review o… Nick Hilliard
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Brian E Carpenter
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Rob Wilton (rwilton)
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Timothy J. Salo
- Re: [v6ops] [Last-Call] Tsvart last call review o… Tom Herbert
- Re: [v6ops] [Last-Call] Tsvart last call review o… Fernando Gont
- Re: [v6ops] [Last-Call] Tsvart last call review o… Brian E Carpenter