Re: [v6ops] Spencer Dawkins' No Objection on draft-ietf-v6ops-pmtud-ecmp-problem-04: (with COMMENT)
Tim Chown <tjc@ecs.soton.ac.uk> Fri, 16 October 2015 08:01 UTC
Return-Path: <tjc@ecs.soton.ac.uk>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A164C1B304A; Fri, 16 Oct 2015 01:01:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.23
X-Spam-Level:
X-Spam-Status: No, score=-1.23 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_NEUTRAL=0.779, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ATQ4WXMTV3IP; Fri, 16 Oct 2015 01:01:08 -0700 (PDT)
Received: from falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [IPv6:2001:630:d0:f102::25e]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D6611B3049; Fri, 16 Oct 2015 01:01:07 -0700 (PDT)
Received: from falcon.ecs.soton.ac.uk (localhost [127.0.0.1]) by falcon.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id t9G80pHB021984; Fri, 16 Oct 2015 09:00:51 +0100
X-DKIM: Sendmail DKIM Filter v2.8.2 falcon.ecs.soton.ac.uk t9G80pHB021984
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=ecs.soton.ac.uk; s=201304; t=1444982451; bh=svhHc6015RcTOKYM7bZUwogulkE=; h=Mime-Version:Subject:From:In-Reply-To:Date:Cc:References:To; b=P7Hdo/lZCJ7sZr3tpeA46lEzYfzH9GDx6J86kWScgkX3W1Xp61PZW60Z+rOMfWSgB 2Vx877KiD0nVSqTBPDL/nKDxY6a7P7v+u2UtxKwW3QXJpEsOVMogRdnigLYL1A9HDx 8c0pyk903LyQyszLy2pYKmcFMNnyUP/yGkPEvk5E=
Received: from gander.ecs.soton.ac.uk (gander.ecs.soton.ac.uk [2001:630:d0:f102::25d]) by falcon.ecs.soton.ac.uk (falcon.ecs.soton.ac.uk [2001:630:d0:f102::25e]) envelope-from <tjc@ecs.soton.ac.uk> with ESMTP (valid=N/A) id r9F90p0608107903dJ ret-id none; Fri, 16 Oct 2015 09:00:51 +0100
Received: from 20010a88d51011.ipv6.customer.clara.net (20010a88d51011.ipv6.customer.clara.net [IPv6:2001:a88:d510:1101:7592:f905:231:a3d4] (may be forged)) (authenticated bits=0) by gander.ecs.soton.ac.uk (8.13.8/8.13.8) with ESMTP id t9FK6ADf021521 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Oct 2015 21:06:10 +0100
Content-Type: multipart/alternative; boundary="Apple-Mail=_0EF6FF4A-0856-4B7C-846E-5454D310A0EF"
Mime-Version: 1.0 (Mac OS X Mail 9.0 \(3094\))
From: Tim Chown <tjc@ecs.soton.ac.uk>
In-Reply-To: <CAKKJt-c3ORnrqV-RvnmF7O75qeZFVDs7ZDE6BXedASJ2X5tx7Q@mail.gmail.com>
Date: Thu, 15 Oct 2015 21:06:12 +0100
Message-ID: <EMEW3|efb074931bcaf9f17e6288fe898ea75er9F90p03tjc|ecs.soton.ac.uk|2F7D0142-5BE8-4FD4-A012-2AC0497B6D1A@ecs.soton.ac.uk>
References: <20151013165903.19562.54680.idtracker@ietfa.amsl.com> <561F5A20.7040209@cisco.com> <CAKKJt-c3ORnrqV-RvnmF7O75qeZFVDs7ZDE6BXedASJ2X5tx7Q@mail.gmail.com> <2F7D0142-5BE8-4FD4-A012-2AC0497B6D1A@ecs.soton.ac.uk>
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
X-Mailer: Apple Mail (2.3094)
X-ECS-MailScanner: Found to be clean, Found to be clean
X-smtpf-Report: sid=r9F8g9060810790300; tid=r9F90p0608107903dJ; client=relay,ipv6; mail=; rcpt=; nrcpt=5:0; fails=18
X-ECS-MailScanner-Information: Please contact the ISP for more information
X-ECS-MailScanner-ID: t9G80pHB021984
X-ECS-MailScanner-From: tjc@ecs.soton.ac.uk
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/6kl6z1LJZIN3HEMUAO1OxVc503Q>
Cc: v6ops list <v6ops@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-v6ops-pmtud-ecmp-problem.all@ietf.org
Subject: Re: [v6ops] Spencer Dawkins' No Objection on draft-ietf-v6ops-pmtud-ecmp-problem-04: (with COMMENT)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Oct 2015 08:01:10 -0000
Hi, > On 15 Oct 2015, at 13:56, Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> wrote: > > Hi, Benoit, > > On Thu, Oct 15, 2015 at 2:47 AM, Benoit Claise <bclaise@cisco.com <mailto:bclaise@cisco.com>> wrote: > Spencer, > > Spencer Dawkins has entered the following ballot position for > draft-ietf-v6ops-pmtud-ecmp-problem-04: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html <https://www.ietf.org/iesg/statement/discuss-criteria.html> > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-v6ops-pmtud-ecmp-problem/ <https://datatracker.ietf.org/doc/draft-ietf-v6ops-pmtud-ecmp-problem/> > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > In section 3, "Mitigation", I'm reading this. > > Mitigation of the potential for PTB messages to be mis-delivered > involves ensuring that an ICMPv6 error message is distributed to the > same anycast server responsible for the flow for which the error is > generated. Ideally, mitigation could be done by the mechanism hosts > ^^^^^^^ > use to identify the flow, by looking into the payload of the ICMPv6 > message (to determine which TCP flow it was associated with) before > making a forwarding decision. Because the encapsulated IP header > occurs at a fixed offset in the ICMP message it is not outside the > realm of possibility that routers with sufficient header processing > capability could parse that far into the payload. Employing a > mediation device that handles the parsing and distribution of PTB > messages after policy routing or on each load-balancer/server is a > possibility. > Most of the document is about using other mitigations that make this > mitigation unnecessary, but it's still a bit odd to see Deep Packet > Inspection characterised as "ideally", now that RFC 7258 is now BCP 188, > and we've chartered TCPINC to make that DPI fail as often as possible. > >From a resource consumption point of view, the ideal situation would be NOT to distribute the PTB message to all anycast servers. This is a fact. Therefore, I don't have a problem with "ideally" in this context. After all, this document is not a spec on using DPI. > > I agree with your observation. I would think that in order for something to be ideal, it should be possible (ideally we should be able to send packets at greater than the speed of light, but we can't, so. Ideally we should be able to send the PTB only to the place it needs to go, but we can't, so). None of the mitigations are ‘ideal’. But the document is useful for noting the problem,describing it well, and discussing wha *could* be done. Tim > > But I'm a TSV guy who is poking at this because of RFC 7258, so if the SEC folk don't care, I'm fine. > > Spencer > > Regards, Benoit > > Could that one word go away? > > I see in email that Fred asked if any reviews were needed before > submitting this draft for publication, and David Black suggested reviews > from INT and TSV, and that made it as far as the shepherd writeup, but > I'm not seeing a request for review popping up in TSV (at least not with > "PMTUD" and "V6OPS" in an e-mail). I don't have concerns about this > particular draft, but I wish it hadn't slipped through that particular > crack. > > Yes, Fred copied TSVWG and TSVAREA on his note asking for guidance, and > yes, there was an IETF Last Call, so I'm not hitting "Defer" to chase > that. Just something to watch for, in the future. > > And yes, Martin and I have a call set up to talk with the TSVdir triage > team next week ... > > > . > > > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops
- [v6ops] Spencer Dawkins' No Objection on draft-ie… Spencer Dawkins
- Re: [v6ops] Spencer Dawkins' No Objection on draf… Benoit Claise
- Re: [v6ops] Spencer Dawkins' No Objection on draf… Spencer Dawkins at IETF
- Re: [v6ops] Spencer Dawkins' No Objection on draf… Tim Chown
- Re: [v6ops] Spencer Dawkins' No Objection on draf… joel jaeggli