Re: [v6ops] IPv6 Extension Headers in the Real World
Fernando Gont <fernando@gont.com.ar> Fri, 03 October 2014 19:03 UTC
Return-Path: <fernando@gont.com.ar>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BD431A88B1 for <v6ops@ietfa.amsl.com>; Fri, 3 Oct 2014 12:03:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IY_KFCY7AuA8 for <v6ops@ietfa.amsl.com>; Fri, 3 Oct 2014 12:03:37 -0700 (PDT)
Received: from web01.jbserver.net (web01.jbserver.net [IPv6:2a00:8240:6:a::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25B3E1A88AE for <v6ops@ietf.org>; Fri, 3 Oct 2014 12:03:37 -0700 (PDT)
Received: from [2001:5c0:1000:a::17] by web01.jbserver.net with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.84) (envelope-from <fernando@gont.com.ar>) id 1Xa88X-0006qm-ER; Fri, 03 Oct 2014 21:03:29 +0200
Message-ID: <542EF2F9.10204@gont.com.ar>
Date: Fri, 03 Oct 2014 16:03:21 -0300
From: Fernando Gont <fernando@gont.com.ar>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2
MIME-Version: 1.0
To: Joe Touch <touch@isi.edu>, "Metzler, Dan J" <dan-metzler@uiowa.edu>, Tim Chown <tjc@ecs.soton.ac.uk>
References: <542A36AC.9030203@gont.com.ar> <542C81B7.10601@isi.edu> <99A3738D-954C-4A75-8055-E30D0D73DD80@ecs.soton.ac.uk> <EMEW3|fe883999a173b6d6b6b574badb6ebb53q90Niq03tjc|ecs.soton.ac.uk|99A3738D-954C-4A75-8055-E30D0D73DD80@ecs.soton.ac.uk> <542C8595.6080809@isi.edu> <CAKD1Yr2JB6V61D+JcUR2qj6-AGEAQr+Jn0eOUPSLEOKXZ1cEqw@mail.gmail.com> <9062DD5BB047BF4C96BCE0CB9DA96D1B4DE1C0C7@ITSNT440.iowa.uiowa.edu> <E69F8B2A-C8F9-4978-B2F8-0F6C74619BA0@ecs.soton.ac.uk> <EMEW3|0e9b5822392d744642b47f8f3cb94f76q91ED603tjc|ecs.soton.ac.uk|E69F8B2A-C8F9-4978-B2F8-0F6C74619BA0@ecs.soton.ac.uk> <542D695A.3070506@isi.edu> <9062DD5BB047BF4C96BCE0CB9DA96D1B4DE22159@ITSNT440.iowa.uiowa.edu> <542EAFEF.30607@gont.com.ar> <542EF0BA.2070604@isi.edu>
In-Reply-To: <542EF0BA.2070604@isi.edu>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/T9szW5ur1euKDbDiw3EqV0fe5kc
Cc: "draft-gont-v6ops-ipv6-ehs-in-real-world@tools.ietf.org" <draft-gont-v6ops-ipv6-ehs-in-real-world@tools.ietf.org>, IPv6 Operations <v6ops@ietf.org>, V6ops Chairs <v6ops-chairs@tools.ietf.org>
Subject: Re: [v6ops] IPv6 Extension Headers in the Real World
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Oct 2014 19:03:44 -0000
On 10/03/2014 03:53 PM, Joe Touch wrote: > On 10/3/2014 7:17 AM, Fernando Gont wrote: >> And you certainly do not want the "here's what we saw", "here's how we'd >> like you to filter packets with EHs", "here's what the IETF should >> consider when designing new protocols", because they tend to be rather >> orthogonal, and also targeted at different communities. -- the guy >> doing the packet filtering is likely different from the guy developing >> new protocols, etc. > > The coupling of these determines how you act. It determines whether you > can filter safely, only when under threat or in a particular > environment, or should not filter under any circumstances. Have you checked the eh-filtering I-D (drfat-gont-opsec-ipv6-eh-filtering)? Because it has all that analysis in the document itself > And that's why it's dangerous to split these out. These should not be > targeted at different communities without a single, coherent context of > both what is known to happen, what the risks are, and the recommendations. That's all in one I-D. OTOH, the I-D of the subject line is about empirical observations. > Ultimately, we need an Internet whose behavior is coherent, not based on > potentially interfering communities perceived as being orthogonal. You want have coherent Internet, because even when we can provide advice, at the end of the day its each operator's business what they do with their own network. -- in the same way that some networks break PMTUD, while others don't. Thanks, -- Fernando Gont e-mail: fernando@gont.com.ar || fgont@si6networks.com PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
- [v6ops] IPv6 Extension Headers in the Real World Fernando Gont
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Brian E Carpenter
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Warren Kumari
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Merike Kaeo
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Tim Chown
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Doug Barton
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Lorenzo Colitti
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Metzler, Dan J
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Tim Chown
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Fred Baker (fred)
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Metzler, Dan J
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Fernando Gont
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Fernando Gont
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Tim Chown
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Jen Linkova
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Fernando Gont