IETF Logo Mail Archive

Re: [v6ops] draft-gont-v6ops-ipv6-ehs-in-real-world: clarification text

"Fred Baker (fred)" <fred@cisco.com> Sat, 18 April 2015 01:46 UTC

Return-Path: <fred@cisco.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DE061A1AA8 for <v6ops@ietfa.amsl.com>; Fri, 17 Apr 2015 18:46:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -114.511
X-Spam-Level:
X-Spam-Status: No, score=-114.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H9-lZ9tol3sK for <v6ops@ietfa.amsl.com>; Fri, 17 Apr 2015 18:46:49 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 838E51A1AA0 for <v6ops@ietf.org>; Fri, 17 Apr 2015 18:46:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2425; q=dns/txt; s=iport; t=1429321609; x=1430531209; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=HPxkdgX7LkN1szc1cGsPZVbg46cqqeXjMKXHfmrBz0o=; b=EORl83d2TZq+NjRSVsEyeoiXj9Ipwpm8dqDXJ59VG0UVlphf0YBCvAmZ ey/h7qc4ZGpb3FmAsbjPTHb6GnB9ZhXAsmabk8PL5FJvEcQ6vRcN9sF+e dICs1q79XqKSQMFZvj+LfTM3gPHNSwuGzHpSetl4M+Wqv9SzfBvF3Pz0i I=;
X-Files: signature.asc : 487
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AsBQCMtjFV/4MNJK1dgwyBIgwFgxLKcwKBO0wBAQEBAQF+hCABAQEDASNCFAULAgEIGCoCAjIlAgQOBQ6IFQiyf5UhAQEBAQEBAQEBAQEBAQEBAQEBAQEBF4sphHwHgmgvgRYFkSKBcIE0hnqBHZAfg04iggUdgVFvgUSBAAEBAQ
X-IronPort-AV: E=Sophos;i="5.11,598,1422921600"; d="asc'?scan'208";a="412809580"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by rcdn-iport-5.cisco.com with ESMTP; 18 Apr 2015 01:46:48 +0000
Received: from xhc-aln-x07.cisco.com (xhc-aln-x07.cisco.com [173.36.12.81]) by alln-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id t3I1kmcf011496 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Sat, 18 Apr 2015 01:46:48 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.151]) by xhc-aln-x07.cisco.com ([173.36.12.81]) with mapi id 14.03.0195.001; Fri, 17 Apr 2015 20:46:48 -0500
From: "Fred Baker (fred)" <fred@cisco.com>
To: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
Thread-Topic: [v6ops] draft-gont-v6ops-ipv6-ehs-in-real-world: clarification text
Thread-Index: AQHQeXmH6a8kE3wgqEqbL9cOqvPdJw==
Date: Sat, 18 Apr 2015 01:46:47 +0000
Message-ID: <41AF40EF-C4CB-41F7-8BC4-567A02A49FF4@cisco.com>
References: <552CD2CE.3070801@si6networks.com> <D1567F3B.43843%evyncke@cisco.com>
In-Reply-To: <D1567F3B.43843%evyncke@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.75.234.85]
Content-Type: multipart/signed; boundary="Apple-Mail=_E58F5FA8-1689-47C1-830E-EA25851B2374"; protocol="application/pgp-signature"; micalg="pgp-sha1"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/Cet4nM_p1mg_8WeFnzSE8PnKjZM>
Cc: Fernando Gont <fgont@si6networks.com>, "v6ops@ietf.org" <v6ops@ietf.org>, Merike Kaeo <merike@doubleshotsecurity.com>, "draft-gont-v6ops-ipv6-ehs-in-real-world@tools.ietf.org" <draft-gont-v6ops-ipv6-ehs-in-real-world@tools.ietf.org>
Subject: Re: [v6ops] draft-gont-v6ops-ipv6-ehs-in-real-world: clarification text
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Apr 2015 01:46:51 -0000

> On Apr 17, 2015, at 3:17 PM, Eric Vyncke (evyncke) <evyncke@cisco.com> wrote:
> 
> Your proposal is fine for me, but, I would suggest a slightly stronger
> text:
> "The results presented in this document indicate that in the scenarios
> where the corresponding measurements were performed, the use of IPv6
> extension headers can lead to packet drops. We note that
> packet drops occurring at transit networks is undesirable
> and it is hoped and expected that this situation will improve over time."
> 
> Should we say something around the lines of "... Undesirable except when
> Those packets cannot be forwarded without impacting the performance and
> the health of the network devices" ?

Well, question for you. If we follow RFC 2460, the router in the middle doesn’t know whether the header is there or not. The only systems that should have a performance impact are systems that parse to them or interpret them. I personally would like to believe that we aren’t making *other* systems more complex to save them. If this is being done in a firewall or load balancer, the limitations of the device aren’t primary, the correct operation of the protocol is. Would we be saying that it’s OK for a firewall to drop a packet because it doesn’t feel like dealing with it that day?

What specific devices did you have in mind? What would the argument be?

v2.23.0 | Report a Bug | By Email