> On Jan 18, 2019, at 7:39 AM, Tom Herbert wrote:
>
>> On Thu, Jan 17, 2019 at 9:24 PM Joe Touch wrote:
>>
>> When I call them (multihomed) hosts, I never would assume that the
>> experiment you propose would work. However, if I limit the paths to go
>> through only one of those boxes, trea
On Thu, Jan 17, 2019 at 9:24 PM Joe Touch wrote:
>
> When I call them (multihomed) hosts, I never would assume that the experiment
> you propose would work. However, if I limit the paths to go through only one
> of those boxes, treating it as the host it is, everything works fine.
>
> That’s why
..@ietf.org"
> Subject: Re: [Int-area] WGLC on draft-ietf-intarea-frag-fragile-05
> Message-ID:
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
> On Mon, 14 Jan 2019, Wassim Haddad wrote:
>
> > This email starts an Int-Area WG L
When I call them (multihomed) hosts, I never would assume that the experiment
you propose would work. However, if I limit the paths to go through only one of
those boxes, treating it as the host it is, everything works fine.
That’s why it IS a host. And why I don’t need new rules to understand o
On Thu, Jan 17, 2019 at 3:17 PM Joe Touch wrote:
>
>
>
> On Jan 17, 2019, at 1:09 PM, Tom Herbert wrote:
>
> Joe,
>
> When they attempt to do host processing on packets that don't belong
> to them they're not hosts.
>
>
> They are every host for whose packets they process.
>
> And when they do th
> On Jan 17, 2019, at 3:17 PM, Joe Touch wrote:
> ,,,
>
>> But, in that case we really need the specification of the protocol to
>> have a meaning discussion about it.
>
> RFC 791 and 1122 provide everything that is needed.
>
> It’s not new, it’s just not an “intermediate” node. Never was.
>
> On Jan 17, 2019, at 1:09 PM, Tom Herbert wrote:
>
> Joe,
>
> When they attempt to do host processing on packets that don't belong
> to them they're not hosts.
They are every host for whose packets they process.
> And when they do this, they impose a new
> requirement that hosts do not have
On Thu, Jan 17, 2019 at 12:48 PM Joe Touch wrote:
>
> Hi, Tom,
>
>
>
>
> On 2019-01-17 08:58, Tom Herbert wrote:
>
> On Thu, Jan 17, 2019 at 8:24 AM Joe Touch wrote:
>
>
> ...
> Hint - if a packet arrives on your interface with your IP address, you ARE a
> host.
>
> Joe,
>
> Conversley, if a pac
Hi, Tom,
On 2019-01-17 08:58, Tom Herbert wrote:
> On Thu, Jan 17, 2019 at 8:24 AM Joe Touch wrote:
>
>> ...
>> Hint - if a packet arrives on your interface with your IP address, you ARE a
>> host.
>>
>> Joe,
>>
>> Conversley, if a packet arrives on your interface that isn't destined
>> to
On Thu, Jan 17, 2019 at 8:24 AM Joe Touch wrote:
>
> Hi, Tom,
>
> On 2019-01-17 07:27, Tom Herbert wrote:
>
> On Thu, Jan 17, 2019 at 7:06 AM Joe Touch wrote:
>
>
> Hi Tom,
>
> On Jan 17, 2019, at 6:55 AM, Tom Herbert wrote:
> ...
>
> As I mentioned, in-network reassembly has not been specified,
Hi, Tom,
On 2019-01-17 07:27, Tom Herbert wrote:
> On Thu, Jan 17, 2019 at 7:06 AM Joe Touch wrote:
> Hi Tom,
>
> On Jan 17, 2019, at 6:55 AM, Tom Herbert wrote:
> ...
>
> As I mentioned, in-network reassembly has not been specified, only
> reassembly at end destinations has been.
> Hint -
On Thu, Jan 17, 2019 at 7:06 AM Joe Touch wrote:
>
> Hi Tom,
>
> > On Jan 17, 2019, at 6:55 AM, Tom Herbert wrote:
> >
> >> On Wed, Jan 16, 2019 at 10:20 PM Joe Touch wrote:
> >>
> >> Tom,
> >>
> >> On 1/14/2019 2:04 PM, Tom Herbert wrote:
> >>
> >> Hello. I have a couple of comments:
> >>
> >>>
Hi Tom,
> On Jan 17, 2019, at 6:55 AM, Tom Herbert wrote:
>
>> On Wed, Jan 16, 2019 at 10:20 PM Joe Touch wrote:
>>
>> Tom,
>>
>> On 1/14/2019 2:04 PM, Tom Herbert wrote:
>>
>> Hello. I have a couple of comments:
>>
>>> From the draft:
>> "Middle boxes SHOULD process IP fragments in a manne
On Wed, Jan 16, 2019 at 10:20 PM Joe Touch wrote:
>
> Tom,
>
> On 1/14/2019 2:04 PM, Tom Herbert wrote:
>
> Hello. I have a couple of comments:
>
> >From the draft:
> "Middle boxes SHOULD process IP fragments in a manner that is
> compliant with RFC 791 and RFC 8200. In many cases, middle boxes m
On Mon, 14 Jan 2019, Wassim Haddad wrote:
This email starts an Int-Area WG Last Call on the latest version of "IP
Fragmentation Considered Fragile” draft:
https://tools.ietf.org/html/draft-ietf-intarea-frag-fragile-05
Please respond to this email to support the document and/or send comments b
On 16/1/19 16:26, Tom Herbert wrote:
> Ron,
>
> A stateless firewall that maintains state is no longer a stateless
> firewall. Introducing state requires memory and additional logic that
> are at odds with the goal of cheap low end devices..
>
> A stateless firewall could just drop the first frag
FWIW...
On 1/16/2019 11:26 AM, Tom Herbert wrote:
> ...A stateless firewall could just drop the first fragment that
> contains the transport layer header and allow non first fragments to
> past. This achieves the filtering goal to prevent delivery of the
> reassmbled packet.
That works only if th
Tom,
On 1/14/2019 2:04 PM, Tom Herbert wrote:
> Hello. I have a couple of comments:
>
> >From the draft:
> "Middle boxes SHOULD process IP fragments in a manner that is
> compliant with RFC 791 and RFC 8200. In many cases, middle boxes must
> maintain state in order to achieve this goal."
>
> Thi
> Subject: Re: [Int-area] WGLC on draft-ietf-intarea-frag-fragile-05 (Tom
> Herbert)
>
> On Wed, Jan 16, 2019 at 11:40 AM Ron Bonica wrote:
> >
> > Inline…..
> >
> >
> >
> > From: Tom Herbert
> > Sent: Wednesday, January 16, 2019 2:27 PM
&
On Wed, Jan 16, 2019 at 11:40 AM Ron Bonica wrote:
>
> Inline…..
>
>
>
> From: Tom Herbert
> Sent: Wednesday, January 16, 2019 2:27 PM
> To: Ron Bonica
> Cc: int-area
> Subject: Re: [Int-area] WGLC on draft-ietf-intarea-frag-fragile-05 (Tom
> Herbert)
>
>
Inline…..
From: Tom Herbert
Sent: Wednesday, January 16, 2019 2:27 PM
To: Ron Bonica
Cc: int-area
Subject: Re: [Int-area] WGLC on draft-ietf-intarea-frag-fragile-05 (Tom Herbert)
On Tue, Jan 15, 2019, 6:17 PM Ron Bonica
mailto:rbon...@juniper.net> wrote:
Tom,
Please take a look at Sect
On Tue, Jan 15, 2019, 6:17 PM Ron Bonica Tom,
>
> Please take a look at Section 4.3 (Stateless Firewalls). How can the
> stateless firewall behave optimally without maintaining state?
>
Ron,
A stateless firewall that maintains state is no longer a stateless
firewall. Introducing state requires m
I'm OK with that.
> On Jan 15, 2019, at 5:45 PM, Ron Bonica wrote:
>
> Joel,
>
> Good point. Section 4.4 talks about how load-balancing causes load-balancers
> to behave badly. In a sense, ECMP just another kind of load-balancing. So, I
> can add a short section after 4.4 demonstrating how th
Tom,
Please take a look at Section 4.3 (Stateless Firewalls). How can the stateless
firewall behave optimally without maintaining state?
While flow labels may help in the case of load balancers, the don't help at all
in the case of stateless firewalls.
Brian,
Fair enough. You will see that text in the next draft version.
Ron
>
> Me too. I think the root of the problem is the word "compliant". To be
> compliant with the IP model, middleboxes should not exist. I think what the
> text is trying to
Joel,
Good point. Section 4.4 talks about how load-balancing causes load-balancers to
behave badly. In a sense, ECMP just another kind of load-balancing. So, I can
add a short section after 4.4 demonstrating how the same problem can impact
ECMP.
Ron
>
> If
Folks,
I am not aware of any IPR associated with this document.
Ron
>
> Please indicate if you are personally aware of any IPR that applies to
> draft-ietf-
> intarea-frag-fragile-xx?
> If so, has this IPR been disclosed in compliance with IETF IPR rul
On Mon, Jan 14, 2019 at 5:30 PM Brian E Carpenter
wrote:
>
> On 2019-01-15 11:04, Tom Herbert wrote:
> > Hello. I have a couple of comments:
> >
> >>From the draft:
> > "Middle boxes SHOULD process IP fragments in a manner that is
> > compliant with RFC 791 and RFC 8200. In many cases, middle box
On 2019-01-15 11:04, Tom Herbert wrote:
> Hello. I have a couple of comments:
>
>>From the draft:
> "Middle boxes SHOULD process IP fragments in a manner that is
> compliant with RFC 791 and RFC 8200. In many cases, middle boxes must
> maintain state in order to achieve this goal."
>
> This requ
Hello. I have a couple of comments:
>From the draft:
"Middle boxes SHOULD process IP fragments in a manner that is
compliant with RFC 791 and RFC 8200. In many cases, middle boxes must
maintain state in order to achieve this goal."
This requirement is confusing to me on several accounts. First o
I have re-read this document. I think it is a useful document that
captures that state of a complex tradeoff and makes effective
recommendations. I support publishing it as a BCP.
If the authors make further additions, adding a mention of ECMP as a
particular case of stateless load balancers
Dear all,
This email starts an Int-Area WG Last Call on the latest version of "IP
Fragmentation Considered Fragile” draft:
https://tools.ietf.org/html/draft-ietf-intarea-frag-fragile-05
Please respond to this email to support the document and/or send comments by
2019-01-28.
Please indicate
32 matches
Mail list logo