[v6ops] IPv6 Extension Headers in the Real World
Fernando Gont <fernando@gont.com.ar> Tue, 30 September 2014 04:51 UTC
Return-Path: <fernando@gont.com.ar>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A16301A0146 for <v6ops@ietfa.amsl.com>; Mon, 29 Sep 2014 21:51:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4HXDXEYczW1E for <v6ops@ietfa.amsl.com>; Mon, 29 Sep 2014 21:51:07 -0700 (PDT)
Received: from web01.jbserver.net (web01.jbserver.net [IPv6:2a00:8240:6:a::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B9751A0145 for <v6ops@ietf.org>; Mon, 29 Sep 2014 21:51:07 -0700 (PDT)
Received: from [186.134.2.155] (helo=[192.168.1.6]) by web01.jbserver.net with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.84) (envelope-from <fernando@gont.com.ar>) id 1XYpOw-0006A3-DC; Tue, 30 Sep 2014 06:51:03 +0200
Message-ID: <542A36AC.9030203@gont.com.ar>
Date: Tue, 30 Sep 2014 01:50:52 -0300
From: Fernando Gont <fernando@gont.com.ar>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2
MIME-Version: 1.0
To: IPv6 Operations <v6ops@ietf.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/VwC03ftYEVitrIHOrXDl9wKtmTE
Cc: "draft-gont-v6ops-ipv6-ehs-in-real-world@tools.ietf.org" <draft-gont-v6ops-ipv6-ehs-in-real-world@tools.ietf.org>, V6ops Chairs <v6ops-chairs@tools.ietf.org>
Subject: [v6ops] IPv6 Extension Headers in the Real World
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Sep 2014 04:51:09 -0000
Folks,
Earlier in September we published a revision of our I-D "IPv6 Extension
Headers in the Real World"
(<https://tools.ietf.org/html/draft-gont-v6ops-ipv6-ehs-in-real-world>).
At this point in time, we're interested in knowing whether our I-D is of
value for the IPv6 ops community, such that we can decide whether to
continue working/improving it. Additionally, if there's anything you
think we've missed in the document, we'd like to hear from you.
Overall, our I-D is meant to provide a reality-check with respect to the
issues surrounding IPv6 Extension Headers and their use on the public
Internet. More specifically, its goals are:
1) Provide data regarding support of IPv6 EHs in the real world.
This is interesting data to refer people to (e.g., folks
developing protocols) regarding the extent to which IPv6 EHs
are usable on the public Internet (at least with web, mail, and
name servers).
2) Summarize the issues associated with IPv6 EHs (performance, security,
etc.)
This is of use for folks concerned with the issues surrounding
IPv6 EHs, and covers practical issues.
3) Summarizes the implications of the aforementioned filtering.
For example, if you're designing a protocol that is meant to
work on the public Internet, you may want to provide some fall-back
mechanism that does not employ IPv6 EHs.
Yet another of the implications is the security issue that has
been discussed on-list: if e.g. IPv6 fragments are dropped and you
can be tricked into generating them, you may be subject to a DoS
attack.
4) Flag possible further work
Here we try to flag areas where the further work may be needed,
such as adding fall-back mechanisms to some existing protocols,
or avoiding the use of IPv6 EHs where possible.
Thanks!
Best regards,
--
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
- [v6ops] IPv6 Extension Headers in the Real World Fernando Gont
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Brian E Carpenter
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Warren Kumari
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Merike Kaeo
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Tim Chown
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Doug Barton
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Lorenzo Colitti
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Metzler, Dan J
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Tim Chown
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Fred Baker (fred)
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Metzler, Dan J
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Fernando Gont
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Fernando Gont
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Tim Chown
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Jen Linkova
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Joe Touch
- Re: [v6ops] IPv6 Extension Headers in the Real Wo… Fernando Gont