IETF Logo Mail Archive

Re: [v6ops] Operational Implications of IPv6 Packets with Extension Headers

Gyan Mishra <hayabusagsm@gmail.com> Tue, 22 September 2020 13:31 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 354B73A0D6C for <v6ops@ietfa.amsl.com>; Tue, 22 Sep 2020 06:31:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UZMpCaDY88gs for <v6ops@ietfa.amsl.com>; Tue, 22 Sep 2020 06:31:04 -0700 (PDT)
Received: from mail-ua1-x92d.google.com (mail-ua1-x92d.google.com [IPv6:2607:f8b0:4864:20::92d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2BC983A0DCA for <v6ops@ietf.org>; Tue, 22 Sep 2020 06:31:04 -0700 (PDT)
Received: by mail-ua1-x92d.google.com with SMTP id n2so5475009uaw.11 for <v6ops@ietf.org>; Tue, 22 Sep 2020 06:31:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=co58TEdaltPbpq3YeitsEnpuGNU+QHhvGCNwJlrZxZQ=; b=s9FXQdTyoYh8BSJADmwsntiZ8jPKDl3nB7eqJaTxvec9hMkVWdLE8mxKyU3IEERfX7 2pxoVABrg3GBE/V3R7T/CkRw3gO/XvPxHBuAzbQOGlEN5vSYGlp9X/uX8QZvGRh/749Y K/J2kZQKWn9L3w4c/NBHp9OyRFYkRx8S6dD+0S4vJh/Svl/b152ekeAC8kmWN4DMYU2O +jh68ASEBdek3ajF8Py/axzqyZrd2nEOw29XDwqSHjwNZjWphqk/zV8xPMsXGVLB2D5r BvBDJtoxcKqT/IydMiCf5G9wp51pYw2M9QTuZqm89Nr7IQ+uioacw0TgTNPqSP68Bxy6 GGUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=co58TEdaltPbpq3YeitsEnpuGNU+QHhvGCNwJlrZxZQ=; b=J3OsRZ2OFXoKlXbW8M4fmS2dNa9fYI6Dt0+ST+IF9Lt9/4gRuR340As5YrMYOc9tML QW25gSESJro/GWHtg4TGJF2la23UADYQbcj29MHTv/ALsJcvinP7Kju9P59SeCxS99tM tfEMc6kVGboqFQHnDEYOfnvVS9LHP97aGKQI43yOhcTmsweXlUClHN2mBvKxRSVgiieL nefUcytCJXBOjNRhlPi/ngoXiud+eOmVfNYPVOy3jAgFRy7Y7/Yzyu2XLIYoHrssGYJA M3gGVMpdJxANQKIexei6/iik+kgxjCx14rBTLjIZf/Lpd+zHspiaCxyun+OC+Z/XCWm9 zoRQ==
X-Gm-Message-State: AOAM533K0RI+uS8YEKItfWPVbADJ+bFYi7Fi8FH3v/RaNYRewPhie67n vdnNArBGt534QjowCN+bOOSAocAbY324nXQGaVYDDZNcagjbHw==
X-Google-Smtp-Source: ABdhPJyWzZxfvp/xJEUpuwr+6+UXrn5loW8sjyH8Y4IasQZcITt9k4+RNQ9K2aZ9OqKKMSrhSYJInWluD2L5/Ib9s6Y=
X-Received: by 2002:ab0:3885:: with SMTP id z5mr2927755uav.114.1600781463069; Tue, 22 Sep 2020 06:31:03 -0700 (PDT)
MIME-Version: 1.0
References: <b697ce45-3c95-f423-ffb7-34f5976496d9@si6networks.com> <F50F122E-158C-4B2F-803E-A443CD576DDC@employees.org> <4bd943dc-71e9-5799-ea60-3623b5f83a8a@si6networks.com> <CABNhwV2XT27i3kQ2EbTE+UxeO1RfupTbS6vWptiOi2a2kF8W5g@mail.gmail.com> <9859cad7-2d40-173e-fa34-b8c103cf612d@si6networks.com>
In-Reply-To: <9859cad7-2d40-173e-fa34-b8c103cf612d@si6networks.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Tue, 22 Sep 2020 09:30:52 -0400
Message-ID: <CABNhwV1SB2hCA2UeP7JUnkU=Tw2Mv3c6tB_bxvpbWC-dMatDtg@mail.gmail.com>
To: Fernando Gont <fgont@si6networks.com>
Cc: IPv6 Operations <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000782ed505afe6fa15"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/dS1lvj89YfeSm2GQNJuZKZvIjec>
Subject: Re: [v6ops] Operational Implications of IPv6 Packets with Extension Headers
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Sep 2020 13:31:06 -0000

On Mon, Sep 21, 2020 at 6:53 PM Fernando Gont <fgont@si6networks.com> wrote:

> Gyan,
>
>
>
> On 19/9/20 16:52, Gyan Mishra wrote:
>
> [....]
>
> >     In that sense, RFC6564 is unable to make any difference. Whether
>
> >
>
> >     providing such feature (common EH format for all EHs, from now on)
>
> >     would
>
> >
>
> >     have made a difference, is hard to tell... But I'd argue it wouldn't.
>
> >
>
> >
>
> >      So bottom line we don’t think there is any operational impact
>
> > related to eh drops due to operators filtering based on the catch-22
>
> > issue regarding hardware not being able to support the new EH TLV based
>
> > standard RFC 6584 to support “new extension headers” supporting new TLV
>
> > as we believe that new are maybe few and far between that bucket that
>
> > can impact fast path eh processing.
>
>
>
> I'm just saying that I don't think RFC6564 will have any sort of impact,
>
> for worse or better.
>
>
>
>
>
>
>
> > Based on the above we believe that
>
> > we are in that same boat as with eh headers use the same protocol number
>
> > name space thus impossible to have a complete list so not being able to
>
> > be processed.
>
>
>
> No.
>
>
>
> I'm saying that you cannot parse something that you don't know what it
>
> is. RFC6564 does not change that in any way.
>
> Gyan>. I think we are saying the same thing related to unknown eh headers
> using either protocol number name space and RFC 6564 does not improve or
> make it worse.  Can we add a normative reference to RFC 7045 related to eh
> processing issues with unknown headers types in protocol number name space
> and that RFC 6564 does not improve the situation.
>
>
>
>
>
> [...]
>
> >
>
> > Also from that perspective as well is not a reason for operators to drop
>
> > ant eh and an idea is to maybe just explicitly permit all the original
>
> > RFC 8200 standard eh and new RFC 6584 eh headers as a recommendation to
>
> > not just drop hbh and other headers that could end up being processed in
>
> > the slow path.  So instead of doing a drop xyz header followed by a
>
> > permit any you explicitly permit all RFC 8200 and RFC 6584 headers If
>
> > your platform supports.
>
>
>
> Please see draft-ietf-v6ops-ipv6-ehs-packet-drops. :-)


   Gyan> ok

>
>
>
> Thanks,
>
> --
>
> Fernando Gont
>
> SI6 Networks
>
> e-mail: fgont@si6networks.com
>
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>
>
>
>
>
>
>
>
>
> --

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *



*M 301 502-134713101 Columbia Pike *Silver Spring, MD

v2.23.0 | Report a Bug | By Email