IETF Logo Mail Archive

Re: [v6ops] Operational Implications of IPv6 Packets with Extension Headers - Load Balancer

Brian Carpenter <brian.e.carpenter@gmail.com> Mon, 27 July 2020 10:21 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF0F63A183E; Mon, 27 Jul 2020 03:21:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GGawOxOyRKgF; Mon, 27 Jul 2020 03:21:39 -0700 (PDT)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CEDC3A0D45; Mon, 27 Jul 2020 03:21:39 -0700 (PDT)
Received: by mail-ej1-x632.google.com with SMTP id dk23so4619905ejb.11; Mon, 27 Jul 2020 03:21:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2sxkKdEOFzaq49yqRDETkn0hpFdE/iyQR7JykO5uLec=; b=fz0LZmjJNoMk8rH47yIf2+kUx/Z7UCUbAb6bR0BoCvhdYZpdD554tJMGYv1MyU7/+j yHsvkiUf6WXS6lO7iCl3igFa26AfRaujs+cdr8aVvjNNy9IUaP2v/lcACLzJCgqPNMBS oAOLadcYr5xwyex/9a56+b6Q8R3RtHR0rxlUvtIiRVXxA7zaq0gqFon9VtppQvYI0PrC GdtP7py45ooIyLTDXwnCZ6MbRCZR4H3C+gNNR1JA+eRB+Ny7rcCVSLj+7uZebwv0DqwS +7TtEMWZyTXNUaZzc3oGesU2AFeswJsWrnANhzLjKS+4Q1xqV1yNnu1EM+LvA1egChIW m5+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2sxkKdEOFzaq49yqRDETkn0hpFdE/iyQR7JykO5uLec=; b=OYZ4744RZ3Vl+TdAoA4MZRppQEYIKtL9Pj+EjkzTeuSbIGavCnZuIdLik6HNSY7VXS zgE6o0/nh1+WzSr2wCXw8Uu0a6D7xTsjLQO4T4mGNxxBR6srmB4h/SpeRsI5Ez3w7De0 kymFAOcF9r66quEd/cxXZoTz7/hOr/jrEwKh1nplp8qYMowum0Nkgy557469xFphHqe5 eHwRJZSYHqHyGmKe+Zwr5kMjlPsIL6Xd81nxDCZOJlpdeFuH+HxQ5V4ABrRtHgP9TWq3 dGkRxgOdQiL4ppLMP9OWEzPV8qMqcL61GJZsZqUJ7yTbdbvUXRhURCAXWF3yzF0MJqSD CpaA==
X-Gm-Message-State: AOAM530C87TRzkSfRh1t4/CzYspB/TspoBnANxzu9vvl3Vj7M7dI3n3y sDy2MZ4RSG8kU2f09xh9MRn/AFkEduW3fS3Kt6U=
X-Google-Smtp-Source: ABdhPJz7jMmxSX679/OEP7PMNcmVweG3FCjsJeTwGGJGl7S7W6rsQ7hSs1mkjMNjYoGnZJxLCallxodQwBXcmh1ezsY=
X-Received: by 2002:a17:906:1756:: with SMTP id d22mr20277300eje.29.1595845297513; Mon, 27 Jul 2020 03:21:37 -0700 (PDT)
MIME-Version: 1.0
References: <b380408712364589a45ab9f39ab6f764@huawei.com>
In-Reply-To: <b380408712364589a45ab9f39ab6f764@huawei.com>
From: Brian Carpenter <brian.e.carpenter@gmail.com>
Date: Mon, 27 Jul 2020 22:21:26 +1200
Message-ID: <CANMZLAYtX1AdfLU18qptiZA9YoqfdqJ3LMZa_gLQz--2ifePTg@mail.gmail.com>
To: Vasilenko Eduard <vasilenko.eduard@huawei.com>
Cc: Fernando Gont <fgont@si6networks.com>, IPv6 Operations <v6ops@ietf.org>, "draft-gont-v6ops-ipv6-ehs-packet-drops@ietf.org" <draft-gont-v6ops-ipv6-ehs-packet-drops@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000132c1905ab69b017"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/BkeGD7jE4u_Bzsza09LcA-7xqXk>
Subject: Re: [v6ops] Operational Implications of IPv6 Packets with Extension Headers - Load Balancer
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jul 2020 10:21:49 -0000

Why isn't the flow label reliable, now that it's set by the major client
o/s? But I agree, server load balancing is severely broken if the balancer
is incapable of parsing the header chain. That's a design error in the
balancer. See RFC7098 for discussion.

Regards
    Brian
    (via tiny screen & keyboard)

On Mon, 27 Jul 2020, 21:08 Vasilenko Eduard, <vasilenko.eduard@huawei.com>
wrote:

> Hi Fernando,
> Hence again, following the logic of this draft (the level of detalization
> that you have given to 5.1) - may be you need additional section 5.1.x:
> Load Balancer have to look into TCP/UDP ports. Moreover, it could not trust
> "Flow label" - it is not reliable practice for LB.
> Or alternatively you could say something about LB in section 5.1.2, but
> because it is a little special case - may be better to have separate 5.1.x
>
> Eduard
> -----Original Message-----
> From: v6ops [mailto:v6ops-bounces@ietf.org] On Behalf Of Fernando Gont
> Sent: 26 июля 2020 г. 8:46
> To: IPv6 Operations <v6ops@ietf.org>
> Cc: draft-gont-v6ops-ipv6-ehs-packet-drops@ietf.org
> Subject: [v6ops] Operational Implications of IPv6 Packets with Extension
> Headers (Fwd: New Version Notification for
> draft-gont-v6ops-ipv6-ehs-packet-drops-04.txt)
>
> Folks,
>
> We have posted a rev of our IETF I-D "Operational Implications of IPv6
> Packets with Extension Headers".
>
> The I-D is available at:
>
> https://www.ietf.org/internet-drafts/draft-gont-v6ops-ipv6-ehs-packet-drops-04.txt
>
> Your feedback will be appreciated.
>
> Thanks!
>
> Cheers,
> Fernando
>
>
>
>
> -------- Forwarded Message --------
> Subject: New Version Notification for
> draft-gont-v6ops-ipv6-ehs-packet-drops-04.txt
> Date: Sat, 25 Jul 2020 22:28:50 -0700
> From: internet-drafts@ietf.org
> To: Fernando Gont <fgont@si6networks.com>, Gert Doering <gert@space.net>,
> Geoff Huston <gih@apnic.net>, Warren Kumari <warren@kumari.net>, Nick
> Hilliard <nick@inex.ie>
>
>
> A new version of I-D, draft-gont-v6ops-ipv6-ehs-packet-drops-04.txt
> has been successfully submitted by Fernando Gont and posted to the IETF
> repository.
>
> Name:           draft-gont-v6ops-ipv6-ehs-packet-drops
> Revision:       04
> Title:          Operational Implications of IPv6 Packets with Extension
> Headers
> Document date:  2020-07-25
> Group:          Individual Submission
> Pages:          15
> URL:
>
> https://www.ietf.org/internet-drafts/draft-gont-v6ops-ipv6-ehs-packet-drops-04.txt
> Status:
> https://datatracker.ietf.org/doc/draft-gont-v6ops-ipv6-ehs-packet-drops/
> Htmlized:
> https://tools.ietf.org/html/draft-gont-v6ops-ipv6-ehs-packet-drops-04
> Htmlized:
>
> https://datatracker.ietf.org/doc/html/draft-gont-v6ops-ipv6-ehs-packet-drops
> Diff:
> https://www.ietf.org/rfcdiff?url2=draft-gont-v6ops-ipv6-ehs-packet-drops-04
>
> Abstract:
>     This document summarizes the security and operational implications of
>     IPv6 extension headers, and attempts to analyze reasons why packets
>     with IPv6 extension headers may be dropped in the public Internet.
>
>
>
>
> Please note that it may take a couple of minutes from the time of
> submission until the htmlized version and diff are available at
> tools.ietf.org.
>
> The IETF Secretariat
>
>
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>

v2.23.0 | Report a Bug | By Email