IETF Logo Mail Archive

Re: [v6ops] draft-elkins-6man-ipv6-diagnostic-header (Was: draft minutes ietf 81, 3 meetings...)

nalini.elkins@insidethestack.com Mon, 15 August 2011 13:13 UTC

Return-Path: <nalini.elkins@insidethestack.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04BF421F8B84 for <v6ops@ietfa.amsl.com>; Mon, 15 Aug 2011 06:13:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.673
X-Spam-Level:
X-Spam-Status: No, score=-1.673 tagged_above=-999 required=5 tests=[AWL=0.326, BAYES_00=-2.599, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8e8f7gdv4wEY for <v6ops@ietfa.amsl.com>; Mon, 15 Aug 2011 06:13:14 -0700 (PDT)
Received: from nm22.access.bullet.mail.sp2.yahoo.com (nm22.access.bullet.mail.sp2.yahoo.com [98.139.44.149]) by ietfa.amsl.com (Postfix) with SMTP id D005621F8B83 for <v6ops@ietf.org>; Mon, 15 Aug 2011 06:13:13 -0700 (PDT)
Received: from [98.139.44.102] by nm22.access.bullet.mail.sp2.yahoo.com with NNFMP; 15 Aug 2011 13:13:59 -0000
Received: from [98.139.44.91] by tm7.access.bullet.mail.sp2.yahoo.com with NNFMP; 15 Aug 2011 13:13:59 -0000
Received: from [127.0.0.1] by omp1028.access.mail.sp2.yahoo.com with NNFMP; 15 Aug 2011 13:13:59 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 605012.13370.bm@omp1028.access.mail.sp2.yahoo.com
Received: (qmail 64962 invoked by uid 60001); 15 Aug 2011 13:13:59 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1313414039; bh=Ath8T3NgdwUpZdjAnKPPzwoGwMOahRIdm09A+pI1E5k=; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=nlrhqeO0v6nXV4iDK85cbGXK1A5FuptvN6rsPzp8nMe2Do1mLCtwLPY99bq+wFxXLcSICWnpYsdyrWySdM5W3IYQ4/ylVm0YiMnyVnkoxPX5u10X/NwXeoSLLseahIFDfvlraFSqvjgS2xwlLknWsYrTQMRoRpZA1mJIyXxFDl8=
X-YMail-OSG: M8xL74oVM1kgPzPiUYs.uSc98xOJyPVkjVuSKdXSg6dm4kc L5MuoNCXVdZ.gsC76c3mZpyw.AmM.MRY2GZHoqSWiJyqopCFKWUJoy8tz1Ay O.XvQM4ncCRWq0Tq_Mi_qhDtdaLbhbOOhb3Oi_bOP_1N6DO2ho4iVwVmNsgM PSNb0xpq1cn3YHTVJ_OYyJdGV7SvPnMwj3iUjHCwL8.EW13NrJ9nhG1ssyfD 5xYvl_LTAcKU7Hosk.a9_HLQUFVJ_R.tbeKUwYon9wcLWlWcwlYfySzXTQ.k M16pqtBkTSgpDx26brhQQp.GaFQaN96qPExFMvnvLt9acbdiMGh8PErCAMBI sIQ4q9OJY4UPVxaLLwnwuxoBuEmSQTgIhYdeqmoWbaZRh7bOG4MRQYBQxY_P rMMphdgNilYflnXmw.bVArgl2HfZAGGTKhjfB3DCfKuUoGPappv8ahCLxtkt L4luR.A--
Received: from [24.6.68.48] by web2814.biz.mail.ne1.yahoo.com via HTTP; Mon, 15 Aug 2011 06:13:59 PDT
X-Mailer: YahooMailClassic/14.0.4 YahooMailWebService/0.8.113.313619
Message-ID: <1313414039.63643.YahooMailClassic@web2814.biz.mail.ne1.yahoo.com>
Date: Mon, 15 Aug 2011 06:13:59 -0700
From: nalini.elkins@insidethestack.com
To: v6ops@ietf.org
In-Reply-To: <4E48ECD8.6090200@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [v6ops] draft-elkins-6man-ipv6-diagnostic-header (Was: draft minutes ietf 81, 3 meetings...)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: nalini.elkins@insidethestack.com
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Aug 2011 13:13:15 -0000


--- On Mon, 8/15/11, Carlos Pignataro <cpignata@cisco.com> wrote:

> From: Carlos Pignataro <cpignata@cisco.com>
> Subject: Re: [v6ops] draft-elkins-6man-ipv6-diagnostic-header (Was: draft minutes ietf 81, 3 meetings...)
> To: v6ops@ietf.org
> Date: Monday, August 15, 2011, 2:54 AM
> 
> 
> On 8/15/2011 2:21 AM, Joel Jaeggli wrote:
> > 
> > On Aug 14, 2011, at 1:31 PM, nalini.elkins@insidethestack.com
> wrote:
> > 
> >> 
> >> I am working on contacting a number of our large
> corporate
> >> customers to weigh in on this topic.  I think
> that the biggest
> >> issue here is that when a large commercial network
> is having
> >> problems, anything that can help speed diagnostics
> is worth doing.
> >> Outages and poor performance can cost a great deal
> of money.
> >> 
> >> Situations such as comparing packets at various
> points on the
> >> network to determine packet loss is a necessary
> part of network
> >> problem determination.
> 
> I agree with this. To compare packets, we could potentially
> have the
> network protocol analyzer (e.g., Wireshark) compute a hash
> on invariant
> fields of the packet (i.e., exclude Hop Limit, etc), and
> present that as
> packet metadata that is not actually carried on the wire.
> This would
> work for packet traces not being instrumented. Would that
> help?
> 

Well, that is a really good idea that we had explored also.  Now, we ourselves make an intelligent packet analyzer and work with the WireShark folks.  If I look at this selfishly for having an extra selling point for my products, then I can say, 'Yes, we allow you to do this!  Buy my product!'  But, I was trying to be a good citizen and allow all to do this without our products.  Now, if our proposal is not adopted, then we will do the checksum or hash on the packets in our products as I think it is needed for diagnostics. 

This idea also helps technicians who have taken a trace at one point using multiple facilities - that is, WireShark and IBM mainframe CTrace.  Then, it is useful to have the IPID shown in sequence.

But, the idea of the hash or checksum leaves aside the case where you have only one trace at one point along the path.  Being able to view the sequence of packet transmission is useful even then.  

Also, I really feel that down the road here, the 32-bit IPID is going to run into scalability issues.  We are proposing a 64-bit IPID.   The IPID is also not standardized.  Some implementations use the same IPID for all connections, others use a different IPID for each connection. Some increment by 1, some by two.

Our other future thoughts, and agenda, if you will, is that as networks and traffic grow, more and more diagnostics and troubleshooting will have do be done by computer systems rather than humans.  So, we are looking at what metrics need to be saved for that.  I feel that the IPID is one such.  There are others such as TCP Window Scaling - but that belongs on another email list, so I did not want to bring that up.


> >> I am working to get the technicians from
> >> the corporations themselves to get onto this email
> list and tell
> >> their opinions themselves.
> >> 
> >> I wish that the IPID was in the main IPv6
> header.  That would be
> >> the best place for it.  That is not possible,
> so what we are
> >> looking at is doing our best under the
> circumstances.  One problem
> >> with having a Fragmentation Header generated is
> that it skews
> >> statistics on fragmentation.
> > 
> > I presume that if one is parsing that far into the
> optional headers,
> > that you can distinguish between a fragment header
> that has an offset
> > of zero and a more fragments flag of 0 which would
> indicate the
> > existence of a fragmentation header but that no other
> fragments exist
> > and the other possible combinations.
> 
> This would also be less disruptive as it's a known header
> instead of a
> new header (potentially for existing nodes.)
>

Now, actually, I am setting up a meeting with the IBM TCP/IP architects, as they are the host implementation that we work most closely with, to ask them what exactly would their stack do if they got a fragmentation header with 0 in the fragmentation header.  I wonder if that would cause any problems.

And, yes, the fragmentation header is known.  But, you know, we feel that diagnostics is very important and as we all grow in our sophistication and hopefully ability to do network diagnostics and recovery automatically, we may have other uses for a 'Diagnostic Header'.  We see the IPID as potentially the first use of this.
 
> Thanks,
> 
> -- Carlos.
> 
> > 
> >> Many corporate networks keep track of how much
> fragmentation is on
> >> their networks and if we generate a spurious
> indication, then this
> >> invalidates the real fragmentation.
> > 
> > should be straight forward to distinguish between the
> two use-cases.
> > 
> >> Nalini
> >> 
> >> 
> >> --- On Sun, 8/14/11, Carlos Pignataro <cpignata@cisco.com>
> wrote:
> >> 
> >>> From: Carlos Pignataro <cpignata@cisco.com>
> Subject: [v6ops]
> >>> draft-elkins-6man-ipv6-diagnostic-header (Was:
> draft minutes ietf
> >>> 81, 3 meetings...) To: v6ops@ietf.org
> Date: Sunday, August 14,
> >>> 2011, 10:03 AM Hi,
> >>> 
> >>> I believe there was one further point raised
> in regards to 
> >>> draft-elkins-6man-ipv6-diagnostic-header
> (though I don't recall
> >>> if it was at the mike by Andrew Y., in a
> corridor, or only in my 
> >>> head): the Heisenbug principle -- if this is
> used in debugging
> >>> (and diagnostics), the issue being studied or
> attempted to
> >>> reproduce alters its behavior or goes away
> when modifying the
> >>> packet (like compiling with different -o). I
> think this is one of
> >>> the most important arguments against this
> proposal. The use of
> >>> fragment header is interesting, a new header
> could show much more
> >>> pronounced deviation of observed behaviour
> than without it.
> >>> 
> >>> For completeness, I did ask some services
> escalation engineers
> >>> about how they use the ip-id in IPv4 for
> troubleshooting, and 
> >>> basically got two main uses for very corner
> case situations in:
> >>> i. identify middleboxes and their
> characteristics (by check IP ID
> >>> increment patterns, find if packets generated
> by the same box),
> >>> and ii. track set of packets along different
> points in the
> >>> network (e.g., back-to-back packets and see
> rate, drops, out of
> >>> order). But it's built into the v4 header.
> >>> 
> >>> Thanks,
> >>> 
> >>> -- Carlos.
> >>> 
> >>> On 8/2/2011 1:24 PM, Joel Jaeggli wrote:
> >>>> * Presentation - RFC for IPv6 IP
> identification field
> >>> (header) - Mike Ackerman
> >>>> http://tools.ietf.org/agenda/81/slides/v6ops-7.ppt 
> >>>> http://tools.ietf.org/html/draft-elkins-6man-ipv6-diagnostic-header
> >>>>
> >>>>
> >>>> 
> Fred B - Question for the group, do you use the IPID
> >>> in ipv4? (no
> >>>> respondants other than presenters)
> >>>> 
> >>>> Weg G - We use it all the time? I've never
> heard of
> >>> it...
> >>>> 
> >>>> Francis D - it's potentially a covert
> channel, also
> >>> why not use the
> >>>> fregmentation header?
> >>>> 
> >>>> Bob H - We diefintently want to hear if
> this is
> >>> useful. I don't know
> >>>> who puts this header in the packet?
> >>>> 
> >>>> Nalini ? - The host clearly
> >>>> 
> >>>> Andrei Y - typical use case for this
> header would be
> >>> to see if a
> >>>> middle box is modifying the packet.
> >>>> 
> >>>> Fred B - What I'm out of this discussion
> is that the
> >>> application isn't
> >>>> a bad one, it could be simulated in a
> fregment.
> >>>> 
> >>>> Fred Baker - Meeting complete, go to
> Lunch
> >>>
> _______________________________________________ v6ops
> mailing
> >>> list v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops
> >>> 
> >> _______________________________________________
> v6ops mailing list 
> >> v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops
> >> 
> > 
> > _______________________________________________ v6ops
> mailing list 
> > v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops
> > 
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>

v2.23.0 | Report a Bug | By Email