IETF Logo Mail Archive

Re: [v6ops] [OPSEC] Call for WG adoption - Recommendations on Filtering of IPv6 Packets Containing IPv6 Extension Headers

Ole Troan <otroan@employees.org> Mon, 13 October 2014 07:15 UTC

Return-Path: <otroan@employees.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29B3B1A88B4; Mon, 13 Oct 2014 00:15:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.235
X-Spam-Level:
X-Spam-Status: No, score=-6.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8qOcfZzA5CmF; Mon, 13 Oct 2014 00:15:08 -0700 (PDT)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 417191A1AC2; Mon, 13 Oct 2014 00:15:07 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqAEANF6O1StJssW/2dsb2JhbABb1xQCgSsBfYQDAQEDAR0dPxALDi0LVwaISQjDagEBAQEBAQEBAQEBAQEBAQEBAQEBAReQEjMHgy2BHgEEs1yCNIFFO4J5AQEB
X-IronPort-AV: E=Sophos;i="5.04,708,1406592000"; d="scan'208";a="204609670"
Received: from aer-iport-nat.cisco.com (HELO aer-core-3.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP; 13 Oct 2014 07:15:05 +0000
Received: from dhcp-10-61-101-249.cisco.com (dhcp-10-61-101-249.cisco.com [10.61.101.249]) by aer-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id s9D7F1WO028207 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 13 Oct 2014 07:15:05 GMT
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
From: Ole Troan <otroan@employees.org>
In-Reply-To: <alpine.DEB.2.02.1410130907280.14735@uplift.swm.pp.se>
Date: Mon, 13 Oct 2014 09:15:11 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <B499E06A-887A-4A9B-8FB9-EE2D3A1F9095@employees.org>
References: <201410101259128179113@gmail.com> <279945F5-9A00-41AB-903E-FF4F858CB387@employees.org> <alpine.DEB.2.02.1410130907280.14735@uplift.swm.pp.se>
To: Mikael Abrahamsson <swmike@swm.pp.se>
X-Mailer: Apple Mail (2.1990.1)
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/sLKO4oHbLdQWHiMuOkgcdJoaRqM
Cc: opsec <opsec@ietf.org>, v6ops <v6ops@ietf.org>
Subject: Re: [v6ops] [OPSEC] Call for WG adoption - Recommendations on Filtering of IPv6 Packets Containing IPv6 Extension Headers
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Oct 2014 07:15:09 -0000

>> shouldn't this be a draft authored by operators? giving operational recommendations coming out of... well, actual operations?
> 
> Well, another way of looking at this is that operators just want things to work as well as they can, so they need guidance from vendors and protocol designers.
> 
> Isn't this a BCOP style document? I believe at least one of the authors is active in one or more BCOP group.

the protocol designer's recommendation does appear pretty clear, RFC2460:

   "With one exception, extension headers are not examined or processed
   by any node along a packet's delivery path, until the packet reaches
   the node (or each of the set of nodes, in the case of multicast)
   identified in the Destination Address field of the IPv6 header."

my point is that I don't think the IETF should be making recommendations about how they should run their network, and certainly not make recommendations that are at odds with the functioning of the protocol.

cheers,
Ole

v2.23.0 | Report a Bug | By Email