Re: [v6ops] FW: New Version Notification for draft-vyncke-v6ops-james-01.txt
Mark Smith <markzzzsmith@gmail.com> Sun, 20 March 2022 15:35 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C4F03A0DE8 for <v6ops@ietfa.amsl.com>; Sun, 20 Mar 2022 08:35:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.388
X-Spam-Level:
X-Spam-Status: No, score=0.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.998, HK_RANDOM_FROM=0.998, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ps7rtiKlGQlE for <v6ops@ietfa.amsl.com>; Sun, 20 Mar 2022 08:35:24 -0700 (PDT)
Received: from mail-pj1-x1032.google.com (mail-pj1-x1032.google.com [IPv6:2607:f8b0:4864:20::1032]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B1323A0DE6 for <v6ops@ietf.org>; Sun, 20 Mar 2022 08:35:24 -0700 (PDT)
Received: by mail-pj1-x1032.google.com with SMTP id mj15-20020a17090b368f00b001c637aa358eso14471435pjb.0 for <v6ops@ietf.org>; Sun, 20 Mar 2022 08:35:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=4EOvF3sE+1cEO8E/lW7Sa7ujocweLpLAhNcYLZo3BIU=; b=hzPZBsufR1ayzP/Ak9xlBFH8ORg7P9VArepwJGn2AgJCK326k+AtPTcU/ymXBGArri o9sRDk/PW/aWs1SQQInm88O+X3jqBSJcu03eUcitpn1guKQph3FbjpIsZ0saKwdyp6h/ 5fYhyzVI+196Xp6vbONmFY1Ia+TeG+0vTRbXVeuJ9JaNBfzzjFNjNTIHDsracMMVD20e vMVu6V2wbLram036MvlNhaP0otXRB5TKPiIi/ceVWjPgVVNf2avgApGdqo65tTfBd8sf 3dRkFT9O3rMz2mdkx73nHUOvi1RQehn0PACXnikzM0CZ83k0m+puwwEr44j0vGT5UcMa 3/hA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=4EOvF3sE+1cEO8E/lW7Sa7ujocweLpLAhNcYLZo3BIU=; b=0dlrIjy2Q36uNjEEqFK6xBf9x0UwxtfE91Hn1jbYATodZsqweTnF0DPdyEHFmuMzIN vJjqDXZ2KpZpkBKdvBsdfkk9px4vGcr2G76Mzfa5hoY3RVQtcwo090fjYRBaLCV7kZbf xT85xu/ksPUFWrSpIWXNNdy2qz4VL6q1FVn1QHIF1UdeOghcGa9ARCLSbUxX6FjCXelB 0xS5TfVRneDbPn7w5LOv5Iz5pChKwtC5EEDY9NbF4E6eXcvcH5Jy3H4D/Pku+1qDPrpA FGPkWZaaRj5LWZEQ6eyFZvB+RsKnZqkdlId3eYATS4AOHA2JIHFZJkwFNYfn1tiSsQeo HZFA==
X-Gm-Message-State: AOAM530IlMt2L4qWebv7ImiJMzA8bMVmXnAz0Oc4/HzOc2N2D2PySMfp 5l90gop2SJgp3wgRFNa55GZ+KKpfLUHiHRHFfn/Jszq4ioo=
X-Google-Smtp-Source: ABdhPJxXzSr2hILUCwahvkzoxpSI65K+SSGO06n+zoxdbuih9J5JAMpfTcHazoVVl9YHJaspnrVkhtNRsLIwWFeLfHs=
X-Received: by 2002:a17:90a:7147:b0:1bd:24ac:13bd with SMTP id g7-20020a17090a714700b001bd24ac13bdmr32201042pjs.70.1647790523154; Sun, 20 Mar 2022 08:35:23 -0700 (PDT)
MIME-Version: 1.0
References: <164775933228.16649.14547918925323593500@ietfa.amsl.com> <85F40C59-0FE2-4B44-871E-F9999959C06E@cisco.com> <CAO42Z2xZwzasdo-03gXn7OuE3K306dN=e4P1njE+ka7B5-j0-A@mail.gmail.com> <3646BDA2-4671-4E5C-8EC2-EDE84C29351D@cisco.com>
In-Reply-To: <3646BDA2-4671-4E5C-8EC2-EDE84C29351D@cisco.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Mon, 21 Mar 2022 02:34:55 +1100
Message-ID: <CAO42Z2yZSqF8sC6ZPcMqQ=+NyeoL977f1tiRAe7DBNdQ5GDyHg@mail.gmail.com>
To: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
Cc: v6ops list <v6ops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/Jzc85NmSaf7waxb-Istg9ZH8edk>
Subject: Re: [v6ops] FW: New Version Notification for draft-vyncke-v6ops-james-01.txt
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Mar 2022 15:35:30 -0000
Hi Eric, On Sun, 20 Mar 2022 at 23:06, Eric Vyncke (evyncke) <evyncke@cisco.com> wrote: > > Mark, > > > > Actually, the only reason was that we have assumed that as IPsec VPN works (albeit often over UDP encapsulation) accross the Internet, it was useless to test ESP 'fate' when crossing the global Internet. > > That's part of my interest. UDP encapsulation of ESP is to facilitate IPv4 NAT traversal (RFC3948), so UDP encapsulation of ESP shouldn't be necessary on the IPv6 Internet. It also relates to RFC6092, "Recommended Simple Security Capabilities in Customer Premises Equipment (CPE) for Providing Residential IPv6 Internet Service". That has a general recommended inbound default deny (as expected), however defaults to allowing IKE and ESP because they;re authenticated and encrypted protocols. Going by the Microsoft Xbox presentation, they have been assuming this residential CPE IKE/ESP default permit. So one perspective on testing ESP transparency could be that as residential CPE is supposed to allow it per RFC6092, so how successful is the Internet in carrying it? > > The cost of adding ESP on our next run is rather small of course and we would add it. > > Excellent. Thanks very much, Mark. > > Regards and thanks for reading our draft and commenting on it, > > > > -éric > > > > From: Mark Smith <markzzzsmith@gmail.com> > Date: Sunday, 20 March 2022 at 12:08 > To: Eric Vyncke <evyncke@cisco.com> > Cc: v6ops list <v6ops@ietf.org> > Subject: Re: [v6ops] FW: New Version Notification for draft-vyncke-v6ops-james-01.txt > > > > Hi, > > > > Any specific reason why ESP hasn't been/isn't being tested? > > > > One way to think of what ESP does is that it enforces through encryption the Internet transparency to packet payloads that should already exist. Blocking ESP is in a sense an assertion that the network doing the ESP blocking is stating that it is going to inspect packet payloads because it is forcing clear text packets. > > > > I'm also interested because this presentation from Microsoft about the Xbox One, from Nanog 59/2013, says that the Xbox One uses IPv6 + IPsec in transport mode. I haven't heard of any issues with Xbox and IPv6 + IPsec, however it could be useful to have a measure of IPv6 Internet ESP transparency. > > https://archive.nanog.org/sites/default/files/wed.general.palmer.xbox_.47.pdf > > Regards, > > Mark. > > On Sun, 20 Mar 2022, 18:03 Eric Vyncke (evyncke), <evyncke=40cisco.com@dmarc.ietf.org> wrote: > > The major changes are: > - adding measurements for destination options header with different lengths > - adding measurements about two (mainly IPv6) protocols, 59 (NoNextHeader) and 143 (Ethernet payload per RFC 8986) > - adding the source code repo > > Minor changes include typo fixes, change of the document flow, ... > > The authors are looking forward to discussing this document at IEPG on Sunday and V6OPS WG meeting. Comments and suggestions will be welcome. > > Regards > > -éric > > > -----Original Message----- > From: "internet-drafts@ietf.org" <internet-drafts@ietf.org> > Date: Sunday, 20 March 2022 at 07:55 > To: Raphaël Léas <raphael.leas@student.uliege.be>, Eric Vyncke <evyncke@cisco.com>, Eric Vyncke <evyncke@cisco.com>, Justin Iurman <justin.iurman@uliege.be>, Raphaël Léas <raphael.leas@student.uliege.be> > Subject: New Version Notification for draft-vyncke-v6ops-james-01.txt > > > A new version of I-D, draft-vyncke-v6ops-james-01.txt > has been successfully submitted by Éric Vyncke and posted to the > IETF repository. > > Name: draft-vyncke-v6ops-james > Revision: 01 > Title: Just Another Measurement of Extension header Survivability (JAMES) > Document date: 2022-03-20 > Group: Individual Submission > Pages: 17 > URL: https://www.ietf.org/archive/id/draft-vyncke-v6ops-james-01.txt > Status: https://datatracker.ietf.org/doc/draft-vyncke-v6ops-james/ > Html: https://www.ietf.org/archive/id/draft-vyncke-v6ops-james-01.html > Htmlized: https://datatracker.ietf.org/doc/html/draft-vyncke-v6ops-james > Diff: https://www.ietf.org/rfcdiff?url2=draft-vyncke-v6ops-james-01 > > Abstract: > In 2016, RFC7872 has measured the drop of packets with IPv6 extension > headers. This document presents a slightly different methodology > with more recent results. It is still work in progress. > > > > > The IETF Secretariat > > > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops
- [v6ops] FW: New Version Notification for draft-vy… Eric Vyncke (evyncke)
- Re: [v6ops] FW: New Version Notification for draf… Mark Smith
- Re: [v6ops] FW: New Version Notification for draf… Eric Vyncke (evyncke)
- Re: [v6ops] FW: New Version Notification for draf… Mark Smith
- [v6ops] Hurting routers ? Re: FW: New Version Not… Toerless Eckert