Re: [v6ops] [Last-Call] Tsvart last call review of draft-ietf-v6ops-ipv6-ehs-packet-drops-05

Fernando Gont <> Thu, 08 April 2021 00:03 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 884963A2F69; Wed, 7 Apr 2021 17:03:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id oeY3ewy91e4V; Wed, 7 Apr 2021 17:03:35 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 579553A2F66; Wed, 7 Apr 2021 17:03:35 -0700 (PDT)
Received: from [] (unknown []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id D4539280405; Thu, 8 Apr 2021 00:03:29 +0000 (UTC)
To: Tom Herbert <>, "Rob Wilton (rwilton)" <>
Cc: Gorry Fairhurst <>, IPv6 Operations <>, "" <>, "" <>, "" <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
From: Fernando Gont <>
Message-ID: <>
Date: Wed, 7 Apr 2021 21:03:26 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [v6ops] [Last-Call] Tsvart last call review of draft-ietf-v6ops-ipv6-ehs-packet-drops-05
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 08 Apr 2021 00:03:41 -0000

Hi, Tom,

On 7/4/21 12:20, Tom Herbert wrote:
> Given that hosts are the ones creating extensions headers and other
> packet formats, hosts have a vested interest in how routers are
> dealing with their packets. Even before this document was created, we
> have long known that extensions headers might be dropped and have been
> working on mitigations to reduce the number of drops which are already
> addressing some of the reasons that packets with EH. For instance,
> consider draft-hinden-6man-hbh-processing-00; this is a proposal to
> limit the number of HBH options to exactly one. The idea is that
> routers will make it feasible for routers packets that have HBH
> options, with the trade off of specifically limiting the extensibility
> of the protocol. The problem is there is no data that indicates this
> proposal would have the desired effect; we don't if routers would
> start accepting packets that are limited to one HBH option.

What does that proposal have to do with this document?

> So my fundamental concern with this draft is that it is an entirely
> qualitative description of a well known problem, however a qualitative

No. It is not a well known problem. If you look at 
draft-hinden-6man-hbh-processing, itś clear that their assumption is 
that limiting the number of EHs or options solves the problem. Whereas 
our document essentially notes that to a large extent the problem has to 
do with the overall EH-chain length -- it doesn't matter if the 
EH-chain: it doesn matter whether you have one long EH, multiple small 
ones, one large EH with one large option, one large EH with many small 
options, or any combination of them.

The fact that youŕe raising this issue and that thereś a belief that 
there'ś a clear and easy way to make EHs work probes that itś certainly 
not a well known problem.

I can also say that I have consulted for different operators, and they 
were not even aware about this issue.

> analysis is insufficient input for moving extension headers forward.

Please read the Abstract:
    This document summarizes the operational implications of IPv6
    extension headers specified in the IPv6 protocol specification
    (RFC8200), and attempts to analyze reasons why packets with IPv6
    extension headers are often dropped in the public Internet.

and the disclaimer:

2.  Disclaimer

    This document analyzes the operational challenges represented by
    packets that employ IPv6 Extension Headers, and documents some of the
    operational reasons why these packets are often dropped in the public
    Internet.  This document is not a recommendation to drop such
    packets, but rather an analysis of why they are dropped.

If you want to embark in the project of "moving Ehs forward", getting 
whatever data you need for that, etc., thatś totally fine.

> In the draft, there are several reasons suggested as to why routers
> might drop packets, however there is no indication of the relative
> occurrence frequency of these. Also, there are parameterizations
> mentioned such as in the state that routers might drop if the chain is
> "too long", there is no analysis on exactly what "too long" commonly

We discussed this one to death: Thatś impossible to tell. Itś 
implementation dependent, and the information may not even be public.

> and deployment thereby providing actionable data. Note this is not the
> same as making recommendations, I am just asking for the operational
> data as part of the analysis from which we could derive guidance or
> new protocol requirements.

You are asking for a different document. If you want that data, I 
encourage you to start the experiment, and submit an I-D with the results.

Some of us did that homework for the data that we considered useful, and 
provided it to the community in RFC7872. If that data is not enough, I 
certainly encourage you to work on that. But thatś a project thatś 
totally unrelated to this document.

Fernando Gont
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492