Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Version Notification for draft-gont-v6ops-ipv6-ehs-packet-drops-02.txt)
Fernando Gont <fgont@si6networks.com> Tue, 16 February 2016 08:49 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC46F1B2A44 for <v6ops@ietfa.amsl.com>; Tue, 16 Feb 2016 00:49:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IIldXNACfUcu for <v6ops@ietfa.amsl.com>; Tue, 16 Feb 2016 00:49:25 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2EE8C1B2AEC for <v6ops@ietf.org>; Tue, 16 Feb 2016 00:49:24 -0800 (PST)
Received: from [192.168.2.101] (unknown [181.165.125.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id BE8408527B; Tue, 16 Feb 2016 09:49:20 +0100 (CET)
To: Tom Herbert <tom@herbertland.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>
References: <20160204214639.14168.48254.idtracker@ietfa.amsl.com> <56B668C3.8090009@foobar.org> <CAO42Z2zfXymKK_jPUXnV+e-6-BxJBvui2EOi7XAdo-5o5vj2ag@mail.gmail.com> <56B67671.3010409@foobar.org> <CAO42Z2zXd17fNsArj-JFGNo+s7PtiwLKLaWPkkcHiEHybO49Fw@mail.gmail.com> <56B742AC.7010307@foobar.org> <CAO42Z2wQHftEMQUPPfjvz3d+j_5ag0hV0cP1FcufGDk27WbqNg@mail.gmail.com> <56B7B919.8090001@foobar.org> <56B83BB9.7040704@isi.edu> <56B8BA32.3010505@foobar.org> <56B8F12F.30307@isi.edu> <56B90B6C.9060105@si6networks.com> <56B90E16.1090402@gmail.com> <56B933A4.6060405@si6networks.com> <B9EACBEF-0C11-4BC9-BDC4-FC720EA38985@employees.org> <74B4E9A1-E6FE-40C0-9EC9-0C2C5172A246@employees.org> <6E0AE4AB-330D-4670-9EF0-21F8E43AC6CB@employees.org> <4044B8C3-844A-40E7-A98E-D26961FADD39@employees.org> <56BBE231.9030706@gmail.com> <CALx6S36+5GBfhshcQ3fWFp+E6kXQJ6VLX8cFrHAkUVrRK9J7+Q@mail.gmail.com> <56BD224F.1050406@gmail.com> <CALx6S37WQcTd=KbLb3YviehpWHS1XKJVYiZLtDazkWMm6jp=Xw@mail.gmail.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <56C2E038.7080003@si6networks.com>
Date: Tue, 16 Feb 2016 05:39:20 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <CALx6S37WQcTd=KbLb3YviehpWHS1XKJVYiZLtDazkWMm6jp=Xw@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/scMEvJ_uzwJl4rVAjIxJfCbKvJk>
Cc: IPv6 Operations <v6ops@ietf.org>
Subject: Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Version Notification for draft-gont-v6ops-ipv6-ehs-packet-drops-02.txt)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Feb 2016 08:49:29 -0000
On 02/12/2016 05:02 AM, Tom Herbert wrote: > On Fri, Feb 12, 2016 at 1:07 AM, Brian E Carpenter > <brian.e.carpenter@gmail.com> wrote: >> On 11/02/2016 22:57, Tom Herbert wrote: >> ... >>> Suppose we define an "EH chain length" extension header. This would >>> include the length of the chain starting from the first byte of the EH >>> and also a next header value for the header that follow the chain. >>> This EH could follow HBP. Network nodes can use this to skip over a >>> long chain to parse the transport header. The receiver would need to >>> validate the length and protocol are correct in order to prevent >>> someone from spoofing transport headers. >> >> https://tools.ietf.org/html/draft-zhang-6man-offset-option-01 >> >> But it doesn't help, because any middlebox that insists on trying >> to parse all the headers will not make use of this feature. >> > Right, but realistically if we want to send extension headers into the > Internet we can't wait an indefinite amount of time for every single > device to properly handle them. It seems that we'd want to apply a > happy eyeballs approach. If the offset option makes it more palatable > for some devices to forward packets with EH that could move things > forward by some amount. I also see a use case for this at the end > hosts, a ridiculously long chain could be a nice DOS attack and the > offset option might mitigate that. For instance, before processing the > chain we could verify if an encapsulated TCP packet refers to a valid > connection. Other things aside, this would be done by a totally different layer of code... layer-3 vs layer-4... -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Warren Kumari
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… sthaug
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… joel jaeggli
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Mark Smith
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Havard Eidnes
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… sthaug
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… sthaug
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… sthaug
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Mark Smith
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Mark Smith
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Mark Smith
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… joel jaeggli
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Mark Smith
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Mark Andrews
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- [v6ops] IPv6 EHs Packet Drops (Fwd: New Version N… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Gert Doering
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… sthaug
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Warren Kumari
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Warren Kumari
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Mark Smith
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Gert Doering
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Saku Ytti
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Matthew Walster
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Ackermann, Michael
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Sander Steffann
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Gert Doering
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Gert Doering
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Saku Ytti
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… otroan
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Joe Touch
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… 神明達哉
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Brian E Carpenter
- [v6ops] Flow label settings [was IPv6 EHs Packet … Brian E Carpenter
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Tom Herbert
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Enno Rey
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Enno Rey
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Mark Andrews
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Nick Hilliard
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] Flow label settings [was IPv6 EHs Pac… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] Flow label settings [was IPv6 EHs Pac… joel jaeggli
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Warren Kumari
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Fernando Gont
- Re: [v6ops] Flow label settings [was IPv6 EHs Pac… Brian E Carpenter
- Re: [v6ops] Flow label settings [was IPv6 EHs Pac… Fernando Gont
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Philip Homburg
- Re: [v6ops] IPv6 EHs Packet Drops (Fwd: New Versi… Warren Kumari
- Re: [v6ops] Flow label settings [was IPv6 EHs Pac… Tom Herbert
- Re: [v6ops] Flow label settings [was IPv6 EHs Pac… Brian E Carpenter