Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)
"cb.list6" <cb.list6@gmail.com> Tue, 11 June 2013 03:21 UTC
Return-Path: <cb.list6@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33CD321E80AA; Mon, 10 Jun 2013 20:21:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_13=0.6, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DS12SHYStC6Q; Mon, 10 Jun 2013 20:21:52 -0700 (PDT)
Received: from mail-wi0-x22b.google.com (mail-wi0-x22b.google.com [IPv6:2a00:1450:400c:c05::22b]) by ietfa.amsl.com (Postfix) with ESMTP id D7E6721E804E; Mon, 10 Jun 2013 20:21:51 -0700 (PDT)
Received: by mail-wi0-f171.google.com with SMTP id hj3so1285574wib.10 for <multiple recipients>; Mon, 10 Jun 2013 20:21:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=eQM5XbXHLdIOu6p/EbHOUf0nOaLUtiyrHS6aRkrArHo=; b=Fan0UdZuYNnVq2a9HZfIFPTkG2R626BrsUvXcqjxEoxOqhq1iGUELOZNCS8PbY8Jx/ KYNUy8RbX/OrCVzNhlegeWRYssep5LBlKZt7I9qRtZabctjUQCAC2TIsKOFckH3SU9+w 7tZrmOb9Ga68zN+BDca+uVKXr149hm+D4KY+pCQiAQAn5pFU7FRIufdujYHHI7yoEnmp maOlpKWn5XoBeCFy1c64idT6c6KQAI9dua74izYlFyHZemxoyBbN2RvfaJrQRH77foAj oTgGonkllftaksLcZqjfqIddhX3ZqfLUGONO/u6ammO6fFpeQFz4T3bLjOAfL/EajcgH y2Gw==
MIME-Version: 1.0
X-Received: by 10.194.172.66 with SMTP id ba2mr6977513wjc.22.1370920911033; Mon, 10 Jun 2013 20:21:51 -0700 (PDT)
Received: by 10.194.56.231 with HTTP; Mon, 10 Jun 2013 20:21:50 -0700 (PDT)
Received: by 10.194.56.231 with HTTP; Mon, 10 Jun 2013 20:21:50 -0700 (PDT)
In-Reply-To: <51B6876A.9020202@si6networks.com>
References: <51B6876A.9020202@si6networks.com>
Date: Mon, 10 Jun 2013 20:21:50 -0700
Message-ID: <CAD6AjGRuSShUNWE=Dy_e+Y3sVAro-nwyvD8wYy11wN=MfsTXDg@mail.gmail.com>
From: "cb.list6" <cb.list6@gmail.com>
To: Fernando Gont <fgont@si6networks.com>
Content-Type: multipart/alternative; boundary="089e01184dd4eada1004ded86549"
Cc: IPv6 Ops WG <v6ops@ietf.org>, 6man@ietf.org
Subject: Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2013 03:21:53 -0000
On Jun 10, 2013 7:23 PM, "Fernando Gont" <fgont@si6networks.com> wrote: > > Folks, > > We're currently editing the aforementioned I-D. So far, the I-D just > required that the entire IPv6 header chain be present in the first fragment. > > Based on recent/ongoing discussions on the 6man and v6ops lists, there > seems to be quite a few folks pushing the idea of limiting the size f > the IPv6 header chain to some value (typically in the order of a few > hundred bytes). > > An earlier version of draft-ietf-6man-oversized-header-chain limited the > header chain to 1280 bytes, but this requirement was later removed. > > However, since then a number of folks have produced real world data > which indicates that packets "won't make it to the destination node" if > the header chain is larger than a few hundred bytes, and I believe that, > overall, our understanding of the problem and situation has increased > since then. > > My question to th wg is: > > 1) Do we want to limit the size of the IPv6 header chain? > > 2) If so, which limit should we pick? > It's not the size, it is how you use it. I would suggest "common types" be permitted (tcp, udp, sctp, icmpv6, frag, esp, ah) while anything else must be behind an esp. This ensures all parties agree that further arbitrary headers will only be processed by the concenting end systems. CB > Thanks! > > Best regards, > -- > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
- Re: [v6ops] Limiting the size of the IPv6 header … Gert Doering
- Re: [v6ops] Limiting the size of the IPv6 header … Robert Elz
- Re: [v6ops] Limiting the size of the IPv6 header … Nick Hilliard
- Re: [v6ops] [6MAN] Re: Limiting the size of the I… Warren Kumari
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- [v6ops] Limiting the size of the IPv6 header chai… Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … cb.list6
- Re: [v6ops] Limiting the size of the IPv6 header … Brian E Carpenter
- Re: [v6ops] Limiting the size of the IPv6 header … cb.list6
- Re: [v6ops] Limiting the size of the IPv6 header … Brian E Carpenter
- Re: [v6ops] Limiting the size of the IPv6 header … cb.list6
- Re: [v6ops] Limiting the size of the IPv6 header … Jared Mauch
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Nalini Elkins
- Re: [v6ops] Limiting the size of the IPv6 header … Randy Bush
- Re: [v6ops] [6MAN] Re: Limiting the size of the I… Warren Kumari
- Re: [v6ops] Limiting the size of the IPv6 header … Nalini Elkins
- Re: [v6ops] Limiting the size of the IPv6 header … Randy Bush
- Re: [v6ops] Limiting the size of the IPv6 header … Nalini Elkins
- Re: [v6ops] [6MAN] Re: Limiting the size of the I… Warren Kumari
- Re: [v6ops] Limiting the size of the IPv6 header … Brian E Carpenter
- Re: [v6ops] Limiting the size of the IPv6 header … Sander Steffann
- Re: [v6ops] Limiting the size of the IPv6 header … Mark Andrews
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Gert Doering
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Gert Doering
- Re: [v6ops] Limiting the size of the IPv6 header … Brian E Carpenter
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Ole Troan
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … Ole Troan
- Re: [v6ops] Limiting the size of the IPv6 header … Jeroen Massar
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Ole Troan
- [v6ops] Discussion about header chains (was Re: L… Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … sthaug
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Ole Troan
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] Limiting the size of the IPv6 header … Ray Hunter
- Re: [v6ops] [6MAN] Re: Limiting the size of the I… Warren Kumari
- Re: [v6ops] Limiting the size of the IPv6 header … Joe Touch
- Re: [v6ops] Limiting the size of the IPv6 header … Fernando Gont
- Re: [v6ops] [6MAN] Re: Limiting the size of the I… Joe Touch
- Re: [v6ops] [6MAN] Re: Limiting the size of the I… Fernando Gont
- Re: [v6ops] [6MAN] Re: Limiting the size of the I… Mark Andrews
- Re: [v6ops] Limiting the size of the IPv6 header … Arturo Servin
- Re: [v6ops] Limiting the size of the IPv6 header … Brian E Carpenter
- Re: [v6ops] Discussion about header chains (was R… Jeroen Massar
- Re: [v6ops] Limiting the size of the IPv6 header … Randy Bush
- Re: [v6ops] [Int-area] Limiting the size of the I… cb.list6
- Re: [v6ops] Discussion about header chains (was R… Joe Touch
- Re: [v6ops] Discussion about header chains (was R… Jeroen Massar
- Re: [v6ops] Discussion about header chains (was R… Joe Touch
- Re: [v6ops] Discussion about header chains (was R… Jeroen Massar
- Re: [v6ops] Limiting the size of the IPv6 header … Ray Hunter
- Re: [v6ops] Limiting the size of the IPv6 header … Tom Taylor
- Re: [v6ops] Limiting the size of the IPv6 header … Ray Hunter
- Re: [v6ops] Limiting the size of the IPv6 header … Tom Taylor
- Re: [v6ops] Limiting the size of the IPv6 header … Ray Hunter
- Re: [v6ops] Limiting the size of the IPv6 header … Brian E Carpenter
- Re: [v6ops] Limiting the size of the IPv6 header … Brian E Carpenter
- Re: [v6ops] Limiting the size of the IPv6 headerc… Tony Hain
- Re: [v6ops] Limiting the size of the IPv6 headerc… Lorenzo Colitti
- Re: [v6ops] Limiting the size of the IPv6 headerc… Bill Jouris