Re: AD Evaluation: draft-ietf-6man-oversized-header-chain

On 10/02/2013 08:50 PM, Tom Taylor wrote: > Just a trivial change: "including" -> "subject to" Agreed. But I can fix it this after IETF LC or even durng AUTH48. Thanks! Best regards, -- Fernando Gont SI6 Networks e-mail: fg...@si6networks.com PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25

Re: AD Evaluation: draft-ietf-6man-oversized-header-chain

Just a trivial change: "including" -> "subject to" On 02/10/2013 1:14 PM, Ronald Bonica wrote: Brian, This works for me. So, the complete list of changes follows. Do these work for you? Ron CHANGES === ... OLD> A host that receives a first-fragme

New Version Notification - draft-ietf-6man-oversized-header-chain-08.txt

A new version (-08) has been submitted for draft-ietf-6man-oversized-header-chain: http://www.ietf.org/internet-drafts/draft-ietf-6man-oversized-header-chain-08.txt Sub state has been changed to AD Followup from Revised ID Needed The IETF datatracker page for this Internet-Draft is: https

New Version Notification - draft-ietf-6man-oversized-header-chain-08.txt

A new version (-08) has been submitted for draft-ietf-6man-oversized-header-chain: http://www.ietf.org/internet-drafts/draft-ietf-6man-oversized-header-chain-08.txt The IETF datatracker page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-6man-oversized-header-chain

I-D Action: draft-ietf-6man-oversized-header-chain-08.txt

Vishwas Manral Ronald P. Bonica Filename: draft-ietf-6man-oversized-header-chain-08.txt Pages : 13 Date: 2013-10-02 Abstract: The IPv6 specification allows IPv6 header chains of an arbitrary size. The

I-D Action: draft-ietf-6man-oversized-header-chain-08.txt

Vishwas Manral Ronald P. Bonica Filename: draft-ietf-6man-oversized-header-chain-08.txt Pages : 13 Date: 2013-10-02 Abstract: The IPv6 specification allows IPv6 header chains of an arbitrary size. The

RE: AD Evaluation: draft-ietf-6man-oversized-header-chain

Brian, Thanks much. We will produce an updated draft version ASAP. Ron > -Original Message- > From: Brian Haberman [mailto:br...@innovationslab.net] > Sent: Wednesday, October 02, 2013 1:17 PM > To: draft-ietf-6man-oversized-

Re: AD Evaluation: draft-ietf-6man-oversized-header-chain

Ron, On 10/2/13 1:14 PM, Ronald Bonica wrote: > Brian, > > This works for me. So, the complete list of changes follows. Do these work > for you? > Works for me! Brian signature.asc Description: OpenPGP digital signature I

RE: AD Evaluation: draft-ietf-6man-oversized-header-chain

ytes. Limiting the header chain length to 1280 bytes ensures that the header chain length does not exceed the IPv6 minimum MTU [RFC 2460]. -Original Message- > From: Brian Haberman [mailto:br...@innovationslab.net] > Sent: Wednesday, October 02, 2013 12:36 PM > To: draft-iet

Re: AD Evaluation: draft-ietf-6man-oversized-header-chain

Hi Ron, On 10/2/13 12:23 PM, Ronald Bonica wrote: > Hi Brian, > > So, merging in you last set of comments, the next draft version will include > the changes listed below. Please tell me if these work for you. > > Ron > > OLD> >For example, assume that a

RE: AD Evaluation: draft-ietf-6man-oversized-header-chain

[RFC 2460]. -Original Message- > From: Brian Haberman [mailto:br...@innovationslab.net] > Sent: Wednesday, October 02, 2013 11:23 AM > To: draft-ietf-6man-oversized-header-chain....@tools.ietf.org > Cc: 6man WG > Subject: Re: AD Evaluation: draft-ietf-6man-oversized-header-chain &

Re: AD Evaluation: draft-ietf-6man-oversized-header-chain

sday, October 01, 2013 3:16 PM >> To: draft-ietf-6man-oversized-header-chain@tools.ietf.org; 6man WG >> Subject: AD Evaluation: draft-ietf-6man-oversized-header-chain >> >> All, >> I have completed my AD evaluation for draft-ietf-6man-oversized- >> header-c

RE: AD Evaluation: draft-ietf-6man-oversized-header-chain

Brian, Thanks for the review. Please see responses, inline. > -Original Message- > From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of > Brian Haberman > Sent: Tuesday, October 01, 2013 3:16 PM > To: draft-ietf-6man-oversized-header-chain@tools

Re: AD Evaluation: draft-ietf-6man-oversized-header-chain

On 10/2/13 1:57 AM, Fernando Gont wrote: > Hi, Brian, > > On 10/01/2013 04:16 PM, Brian Haberman wrote: >> 1. The 2nd paragraph of Section 4 (Motivation) could be made more >> clear. For example, you could indicate if the example first >> fragment does or does not match the stateless firewall ru

Re: AD Evaluation: draft-ietf-6man-oversized-header-chain

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Brian, On 10/01/2013 04:16 PM, Brian Haberman wrote: > 1. The 2nd paragraph of Section 4 (Motivation) could be made more > clear. For example, you could indicate if the example first > fragment does or does not match the stateless firewall rule.

AD Evaluation: draft-ietf-6man-oversized-header-chain

All, I have completed my AD evaluation for draft-ietf-6man-oversized-header-chain. I found the document to be concise and well-written. Thank you. I only have a few things I would like to see addressed prior to starting an IETF Last Call on this document. 1. The 2nd paragraph of

I-D Action: draft-ietf-6man-oversized-header-chain-07.txt

Vishwas Manral Ronald P. Bonica Filename: draft-ietf-6man-oversized-header-chain-07.txt Pages : 13 Date: 2013-09-10 Abstract: The IPv6 specification allows IPv6 header chains of an arbitrary size. The

Re: Detailedl review of draft-ietf-6man-oversized-header-chain-06

It's normal practice in other WGs I've worked with (e.g, AVT, MMUSIC). If you name the registry exactly as shown on the IANA page, implementors can always search for it. A URL is transitory, as the text vs. XML discussion shows. On 06/09/2013 8:01 PM, Fernando Gont wrote: On 09/06/2013 05:13

Re: Detailedl review of draft-ietf-6man-oversized-header-chain-06

On 07/09/2013 12:01, Fernando Gont wrote: > On 09/06/2013 05:13 PM, Brian E Carpenter wrote: >>> This puzzles me. If the URL is removed prior to publication, I guess one >>> has to navigate IANA's site, or Google for he registry?? >> Yes. In the ext-transmit draft, we just put the names of the >> r

Re: Detailedl review of draft-ietf-6man-oversized-header-chain-06

On 09/06/2013 05:13 PM, Brian E Carpenter wrote: >> This puzzles me. If the URL is removed prior to publication, I guess one >> has to navigate IANA's site, or Google for he registry?? > > Yes. In the ext-transmit draft, we just put the names of the > registries. Doesn't that make things ("slight

Re: Detailedl review of draft-ietf-6man-oversized-header-chain-06

On 07/09/2013 00:28, Fernando Gont wrote: > On 09/06/2013 08:42 AM, t.petch wrote: >> They are not saying:-( >> >> In >> draft-leiba-cotton-iana-5226bis-03 >> the nearest they come to saying, as far as I can see, how a document >> should reference a registry is >> >> " Providing a URL to prec

RE: Detailedl review of draft-ietf-6man-oversized-header-chain-06

[mailto:ie...@btconnect.com] > Sent: Friday, September 06, 2013 7:42 AM > To: Brian E Carpenter; Ronald Bonica > Cc: 6man > Subject: Re: Detailedl review of draft-ietf-6man-oversized-header- > chain-06 > > Original Message - > From: "Brian E Carpenter" > To:

Re: Detailedl review of draft-ietf-6man-oversized-header-chain-06

On 09/06/2013 08:42 AM, t.petch wrote: > > They are not saying:-( > > In > draft-leiba-cotton-iana-5226bis-03 > the nearest they come to saying, as far as I can see, how a document > should reference a registry is > > " Providing a URL to precisely identify the registry helps IANA >

Re: Detailedl review of draft-ietf-6man-oversized-header-chain-06

Original Message - From: "Brian E Carpenter" To: "Ronald Bonica" Cc: "6man" Sent: Thursday, September 05, 2013 9:00 PM > Hi Ron, > > That looks good to me, thanks! > > Regards >Brian > > On 06/09/2013 04:13, Ronald Bonica wrote: > > Brian, > > > > Would the following edits address

RE: Detailedl review of draft-ietf-6man-oversized-header-chain-06

gmented. -Original Message- > From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of > Brian E Carpenter > Sent: Wednesday, September 04, 2013 6:21 PM > To: 6man > Subject: Detailedl review of draft-ietf-6man-oversized-header-chain-06 > > The 6man ch

Re: Detailedl review of draft-ietf-6man-oversized-header-chain-06

ntent, might still be unable to correctly process > fragmented packets, even if the IPv6 header chain is not fragmented. > > > >> -----Original Message- >> From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of >> Brian E Carpenter >> Sent: W

Detailedl review of draft-ietf-6man-oversized-header-chain-06

The 6man chairs asked me to make an additional detailed review of draft-ietf-6man-oversized-header-chain-06. The main point of the draft is to point out the problems caused by fragmented header chains and to update RFC 2460 to require that the entire header chain is in the first fragment. This

RE: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of > Brian E Carpenter > Sent: Saturday, August 31, 2013 9:29 PM > To: Fernando Gont > Cc: 6man > Subject: Re: Definition of Extension Header in draft-ietf-6man- > oversized-header-chain-05.txt (was Re: I-D Action: draft-

RE: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

03, 2013 1:44 PM > To: Brian E Carpenter; Fernando Gont > Cc: 6man > Subject: RE: Definition of Extension Header in draft-ietf-6man- > oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man- > oversized-header-chain-05.txt) > > Brian, > > I tend to agree. &

I-D Action: draft-ietf-6man-oversized-header-chain-06.txt

Vishwas Manral Ronald P. Bonica Filename: draft-ietf-6man-oversized-header-chain-06.txt Pages : 13 Date: 2013-09-03 Abstract: The IPv6 specification allows IPv6 header chains of an arbitrary size. The

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

Fernando, thanks, that's fine! cheers, Ole On Sep 3, 2013, at 14:01 , Fernando Gont wrote: > On 09/03/2013 08:22 AM, Ole Troan wrote: I would prefer a normative reference to the ext-transmit document for the definition of extension headers. >>> >>> I have no problem with that

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

On 09/03/2013 08:22 AM, Ole Troan wrote: >>> >>> I would prefer a normative reference to the ext-transmit >>> document for the definition of extension headers. >> >> I have no problem with that option... However, the thing is that >> the reference is not normative in nature (i.e., IMHO it would b

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

be an "informational reference" >>>>> rather than an authoritative one... (you don't need to read >>>>> draft-ietf-6man-ext-transmit to understand >>>>> draft-ietf-6man-oversized-header-chain-05.txt). For instance, >>>>

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

ut it, that'd be an "informational reference" >>>> rather than an authoritative one... (you don't need to read >>>> draft-ietf-6man-ext-transmit to understand >>>> draft-ietf-6man-oversized-header-chain-05.txt). For instance, >>>> the I

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

t; than an authoritative one... (you don't need to read >>> draft-ietf-6man-ext-transmit to understand >>> draft-ietf-6man-oversized-header-chain-05.txt). For instance, the IANA >>> registry itself is not a normative reference. >> >> Logically, you're

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

erence" rather >> than an authoritative one... (you don't need to read >> draft-ietf-6man-ext-transmit to understand >> draft-ietf-6man-oversized-header-chain-05.txt). For instance, the IANA >> registry itself is not a normative reference. > > Logically, you&#

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

informational reference" rather > than an authoritative one... (you don't need to read > draft-ietf-6man-ext-transmit to understand > draft-ietf-6man-oversized-header-chain-05.txt). For instance, the IANA > registry itself is not a normative reference. Logically, you're

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

As noted, I'm open to any of the two options. That said, would a normative ref to draft-ietf-6man-ext-transmit be really appropriate/correct? If you think about it, that'd be an "informational reference" rather than an authoritative one... (you don't need to read draft-ie

Re: Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

Hi Fernando, I'm biased, but I'd prefer the reference (your first suggestion), unless the ext-transmit draft gets stuck in the process, in which case you could make an editorial change later, even up to AUTH48. BTW check the IANA URL too; I think you had a pointer to a .txt file, but these days I

Definition of Extension Header in draft-ietf-6man-oversized-header-chain-05.txt (was Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt)

On 08/31/2013 04:58 PM, Brian E Carpenter wrote: > >> 3. Terminology >> >>For the purposes of this document, the terms Extension Header, Header >>Chain, First Fragment, and Upper-layer Header are used as follows: >> >>Extension Header: >> >> Extension Headers are defined in Sect

Re: I-D Action: draft-ietf-6man-oversized-header-chain-05.txt

Hi, > 3. Terminology > >For the purposes of this document, the terms Extension Header, Header >Chain, First Fragment, and Upper-layer Header are used as follows: > >Extension Header: > > Extension Headers are defined in Section 4 of [RFC2460]. > [IANA-PROTO] provides a

I-D Action: draft-ietf-6man-oversized-header-chain-05.txt

Vishwas Manral Ronald P. Bonica Filename: draft-ietf-6man-oversized-header-chain-05.txt Pages : 13 Date: 2013-08-31 Abstract: The IPv6 specification allows IPv6 header chains of an arbitrary size. The

RE: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt

lso represent extension headers. -Original Message- > From: Fernando Gont [mailto:fg...@si6networks.com] > Sent: Tuesday, August 13, 2013 5:32 PM > To: Ronald Bonica > Cc: Brian E Carpenter; ipv6@ietf.org > Subject: Re: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt

RE: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt

ack > -Original Message- > From: Brian E Carpenter [mailto:brian.e.carpen...@gmail.com] > Sent: Tuesday, August 13, 2013 5:09 PM > To: Ronald Bonica > Cc: ipv6@ietf.org > Subject: Re: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt > > On 14/08/2013 09

Re: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt

On 08/13/2013 06:01 PM, Ronald Bonica wrote: > Brian, > > Good point. I will add MIPv6, Shim6 and 2 for experimental use in the next > version. > > But is "No Next Header" really a header? For the purposes of this document, I > don't think that it is. Why not just avoid counting, note that som

Re: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt

t;> Sent: Tuesday, August 13, 2013 4:51 PM >> To: ipv6@ietf.org >> Subject: Re: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt >> >>> Currently, six extension header types are defined. [RFC2460] >> Not true. Please see Section 4 of draft-ietf-6man-ext-transmit f

RE: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt

> From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of > Brian E Carpenter > Sent: Tuesday, August 13, 2013 4:51 PM > To: ipv6@ietf.org > Subject: Re: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt > > > Currently, six extension header types ar

Re: I-D Action: draft-ietf-6man-oversized-header-chain-04.txt

> Currently, six extension header types are defined. [RFC2460] Not true. Please see Section 4 of draft-ietf-6man-ext-transmit for a complete list including references. I make it eleven, if you include experimental values, without counting "No Next Header". Regards Brian

I-D Action: draft-ietf-6man-oversized-header-chain-04.txt

Vishwas Manral Ronald P. Bonica Filename: draft-ietf-6man-oversized-header-chain-04.txt Pages : 13 Date: 2013-08-13 Abstract: The IPv6 specification allows IPv6 header chains of an arbitrary size. The

Re: I-D Action: draft-ietf-6man-oversized-header-chain-03.txt

ized IPv6 Header Chains > Author(s) : Fernando Gont > Vishwas Manral > Ronald P. Bonica > Filename : draft-ietf-6man-oversized-header-chain-03.txt > Pages : 12 > Date

RE: I-D Action: draft-ietf-6man-oversized-header-chain-03.txt

m: i-d-announce-boun...@ietf.org [mailto:i-d-announce- > boun...@ietf.org] On Behalf Of internet-dra...@ietf.org > Sent: Monday, July 15, 2013 2:08 PM > To: i-d-annou...@ietf.org > Cc: ipv6@ietf.org > Subject: I-D Action: draft-ietf-6man-oversized-header-chain-03.txt > >

I-D Action: draft-ietf-6man-oversized-header-chain-03.txt

Vishwas Manral Ronald P. Bonica Filename: draft-ietf-6man-oversized-header-chain-03.txt Pages : 12 Date: 2013-07-15 Abstract: The IPv6 specification allows IPv6 header chains of an arbitrary size. The

Re: [6MAN] [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

All, I support the ideas expressed in this draft. In the early part of this century, while working for an equipment supplier that designed their own packet processing chips, I was involved with the design of a packet processing chipset that could handle (even small IP packets) at line rate on 10

Re: [6MAN] [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

On Jun 14, 2013, at 6:00 PM, Warren Kumari wrote: > > On Jun 14, 2013, at 2:56 PM, Doug Barton wrote: > >> On 06/14/2013 01:39 AM, t.petch wrote: >>> - Original Message - >>> From: "Doug Barton" >>> To: >>> Sent: Thursday, June 13, 2013 9:23 PM On 06/13/2013 01:17 AM, Randy Bus

Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

: "v6...@ietf.org WG" ; IETF IPv6 Mailing List Sent: Friday, June 14, 2013 3:15 PM Subject: Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain) On Fri, Jun 14, 2013 at 2:19 PM, Tony Hain wrote: Focus on the real operational requirement

Re: [6MAN] Re: [6MAN] Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

On Jun 14, 2013, at 6:31 PM, Doug Barton wrote: > On 06/14/2013 03:00 PM, Warren Kumari wrote: >> I've already mentioned this in one of the N (where is is becoming >> distressingly large) threads on this > > Yeah, you would be one of those "more knowledgeable" folks I was referring > to. :)

Re: [6MAN] Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

On 06/14/2013 03:00 PM, Warren Kumari wrote: I've already mentioned this in one of the N (where is is becoming distressingly large) threads on this Yeah, you would be one of those "more knowledgeable" folks I was referring to. :) --

Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

On Fri, Jun 14, 2013 at 2:19 PM, Tony Hain wrote: > Focus on the real operational requirement (firewall functionality), then > make sure that the constraint automatically tracks evolution in firewall > functionality. Getting there leads to L4 in the first fragment, and > anything > else leads to

Re: [6MAN] Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

On Jun 14, 2013, at 2:56 PM, Doug Barton wrote: > On 06/14/2013 01:39 AM, t.petch wrote: >> - Original Message - >> From: "Doug Barton" >> To: >> Sent: Thursday, June 13, 2013 9:23 PM >>> On 06/13/2013 01:17 AM, Randy Bush wrote: > FWIW, I don't think anyone has proposed "if the ch

Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

On 06/14/2013 02:19 PM, Tony Hain wrote: While guidance is useful to establish a consistent-behavior baseline across vendors and deployments, care must be taken to avoid the trap of precluding innovation and evolution. Well-meaning limits based on current hardware capabilities will become doctrin

RE: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

Doug Barton wrote: > >>... > >> I agree with Randy, providing guidance on this topic will be very > >> helpful, and BCP is the right category. > >> > >> As for what the number should be, if 256 is in the 80th percentile or > >> higher of Warren's survey, that should be fine. A few vendors who are >

Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 15/06/2013 04:23, Ray Hunter wrote: ... > What about nested Generic Packet Tunneling in IPv6 [rfc2473]? > > That'll add another 48 octets per nesting level. [fresh IPv6 tunnel > header + destination options including IPv6 Tunnel Hop Limit] > > On the one hand I can see they'll be really useful

Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

Ray, On 15/06/2013 01:25, Ray Hunter wrote: ... > > I've come across a couple of problematic standardised options already > defined that don't appear to have individual length limits below the > overall generic limit of 256 octets per option (derived from the "Opt > Data Len" field being 1 octet)

Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

On 06/14/2013 01:39 AM, t.petch wrote: - Original Message - From: "Doug Barton" To: Sent: Thursday, June 13, 2013 9:23 PM On 06/13/2013 01:17 AM, Randy Bush wrote: FWIW, I don't think anyone has proposed "if the chain is larger than X, then drop". i am saying that i am telling my

Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

> Tom Taylor > 14 June 2013 17:06 > > Best answer I can see is that the limit applies except for routers > supporting specific features. Corollary is that not all routers will > do so, and people defining such features should be aware of that. > > Tom Taylor > Ray

Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 14/06/2013 10:21 AM, Ray Hunter wrote: Tom Taylor 14 June 2013 15:58 On 14/06/2013 9:25 AM, Ray Hunter wrote: ... I've been trawling through various standards trying to identify sane extension header combinations myself. I've come across a couple of pro

Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

> Tom Taylor > 14 June 2013 15:58 > On 14/06/2013 9:25 AM, Ray Hunter wrote: >> > ... > >> I've been trawling through various standards trying to identify sane >> extension header combinations myself. >> >> I've come across a couple of problematic standardised opt

Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 14/06/2013 9:25 AM, Ray Hunter wrote: ... I've been trawling through various standards trying to identify sane extension header combinations myself. I've come across a couple of problematic standardised options already defined that don't appear to have individual length limits below the o

Re: Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

Sander Steffann wrote: > Hi, > >> My question to th wg is: >> >> 1) Do we want to limit the size of the IPv6 header chain? > > I think it is necessary yes. > >> 2) If so, which limit should we pick? > > I think there are two conditions here: > - The full layer-4 header must be within this limit,

Re: [v6ops] Limiting the size of the IPv6 headerchain (draft-ietf-6man-oversized-header-chain)

- Original Message - From: "Doug Barton" To: Sent: Thursday, June 13, 2013 9:23 PM > On 06/13/2013 01:17 AM, Randy Bush wrote: > >> FWIW, I don't think anyone has proposed "if the chain is larger than X, > >> then drop". > > > > i am saying that i am telling my neighbor that, if the heade

Re: Discussion about header chains (was Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain))

On 2013-06-13 14:02, Joe Touch wrote: [..] >> peeking at >> http://www.iana.org/assignments/ipv6-parameters/ipv6-parameters.xml >> 'act' and noting there are a few protocols that have act != 00 that >> might be affected by this. > > Agreed. > > I'm not sure why the table includes HBH and DO in th

Re: Discussion about header chains (was Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain))

On 6/13/2013 1:54 PM, Jeroen Massar wrote: On 2013-06-13 13:17, Joe Touch wrote: [..] And, for some options, if the option in question is not supported, the packet should be dropped -- i.e., you cannot just "ignore the hbh header" (at east in theory). Why not? Is there any HBH header that is

Re: Discussion about header chains (was Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain))

On 2013-06-13 13:17, Joe Touch wrote: [..] >>> And, for some >>> options, if the option in question is not supported, the packet should >>> be dropped -- i.e., you cannot just "ignore the hbh header" (at east in >>> theory). >> >> Why not? Is there any HBH header that is crucial for operation of IP

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 06/13/2013 01:17 AM, Randy Bush wrote: FWIW, I don't think anyone has proposed "if the chain is larger than X, then drop". i am saying that i am telling my neighbor that, if the header length is larger than X, it is likely that their packet will not propagate. it's an ops bcp statement, not

Re: Discussion about header chains (was Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain))

On 6/13/2013 12:02 AM, Jeroen Massar wrote: On 2013-06-12 14:58, Fernando Gont wrote: Jeroen, On 06/12/2013 11:44 PM, Jeroen Massar wrote: with the exception of the HBH header, correct. I got tired of writing that each time I was repeating myself. the HBH is an issue to itself. expect those

Re: [Int-area] [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On Jun 13, 2013 1:18 AM, "Randy Bush" wrote: > > > FWIW, I don't think anyone has proposed "if the chain is larger than X, > > then drop". > > i am saying that i am telling my neighbor that, if the header length is > larger than X, it is likely that their packet will not propagate. it's > an ops

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

> FWIW, I don't think anyone has proposed "if the chain is larger than X, > then drop". i am saying that i am telling my neighbor that, if the header length is larger than X, it is likely that their packet will not propagate. it's an ops bcp statement, not a statement of ipv6 protocol definition.

Re: Discussion about header chains (was Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain))

On 2013-06-12 14:58, Fernando Gont wrote: > Jeroen, > > On 06/12/2013 11:44 PM, Jeroen Massar wrote: >>> with the exception of the HBH header, correct. I got tired of writing that >>> each time I was repeating myself. >>> the HBH is an issue to itself. expect those packets to be severely rate >>

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 13/06/2013 10:06, Joe Touch wrote: > > > On 6/12/2013 2:44 PM, Jeroen Massar wrote: >> Unless the router in question knows what that HBH header will do (read: >> it was implemented when the definition of that header was defined) or >> what it should do with it, it won't be able to do anything

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

Agreed. Let's ask some "running code" people some input about the practical constraints. /as On 6/12/13 6:21 PM, Ray Hunter wrote: >>> So a limit of 128 would currently probably be ok, but I personally would >>> prefer the limit to be a bit higher just to have some extra margi

Re: [v6ops] [6MAN] Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

In message <6fae3df4-b5b4-4f21-9098-761523745...@kumari.net>, Warren Kumari writes: > > On Jun 12, 2013, at 2:44 PM, Robert Elz wrote: > > > Date:Wed, 12 Jun 2013 19:49:08 +0200 > > From:Gert Doering > > Message-ID: <20130612174908.gt2...@space.net> > > = > > > | Loop

Re: [6MAN] Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 06/13/2013 01:59 AM, Joe Touch wrote: > FWIW, I added INTAREA, because I don't consider potentially killing off > IPv6 header extensions as merely maintenance (6man) or operational (v6ops). We're trying to do exactly the opposite: try to define under which constraints we can expect them to work

Re: [6MAN] Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

FWIW, I added INTAREA, because I don't consider potentially killing off IPv6 header extensions as merely maintenance (6man) or operational (v6ops). Joe On 6/12/2013 3:45 PM, Warren Kumari wrote: BTW: Who added every basically single IETF list to this thread? --

RE: draft-ietf-6man-oversized-header-chain-02 (was Re: Re: draft-ietf-6man-ext-transmit-01)

From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of Nalini Elkins I suppose what I am thinking is that since there are no "IETF Police", then the only "teeth" there are in the standards is the ability to say "this is not compliant". That is not a trivial thing. People pay

Re: [6MAN] Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On Jun 12, 2013, at 6:07 PM, sth...@nethelp.no wrote: >>> However, anything that says "if the chain is >X, then drop" is broken, >>> period. >> >> FWIW, I don't think anyone has proposed "if the chain is larger than X, >> then drop". > > On the other hand - I, as an operator, may well decide to

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 06/13/2013 12:25 AM, Joe Touch wrote: >> I want to recommend hosts not to send such packets. Hence it looks like >> std track. > > Telling them they SHOULD NOT is BCP. It's a configuration, and it's > compliant with the existing standard AFAICT, so since it's not a change > per se it wouldn't b

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 6/12/2013 3:19 PM, Fernando Gont wrote: On 06/13/2013 12:07 AM, Joe Touch wrote: On 6/12/2013 2:44 PM, Fernando Gont wrote: just to be clear I'm not against the IETF documenting e.g. in a BCP, what the longest expected header chain should be. Well, that seems more std track than bcp to

Re: [6MAN] Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On Jun 12, 2013, at 2:44 PM, Robert Elz wrote: > Date:Wed, 12 Jun 2013 19:49:08 +0200 > From:Gert Doering > Message-ID: <20130612174908.gt2...@space.net> > > | Loop back to about 50 messages earlier in this thread, > > I don't generally read this list (any more) - just

Re: Re: Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

Brian E Carpenter wrote: > On 12/06/2013 11:58, Sander Steffann wrote: >> Hi, >> >>> My question to th wg is: >>> >>> 1) Do we want to limit the size of the IPv6 header chain? >> I think it is necessary yes. >> >>> 2) If so, which limit should we pick? >> I think there are two conditions here: >>

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 06/13/2013 12:07 AM, Joe Touch wrote: > > On 6/12/2013 2:44 PM, Fernando Gont wrote: >>> just to be clear I'm not against the IETF documenting e.g. in a BCP, >>> what the longest expected header chain should be. >> >> Well, that seems more std track than bcp to me. > > If it's an operational r

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 06/13/2013 12:07 AM, sth...@nethelp.no wrote: >>> However, anything that says "if the chain is >X, then drop" is broken, >>> period. >> >> FWIW, I don't think anyone has proposed "if the chain is larger than X, >> then drop". > > On the other hand - I, as an operator, may well decide to drop su

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

Joe, an IPv6 router compliant with RFC2460 does not inspect the header chain. >>> >>> That cannot be true; there are headers after IPv6 but before fragmentation >>> that are hop-by-hop. >> >> with the exception of the HBH header, correct. I got tired of writing that >> each time I was rep

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

Hi, Ole, On 06/12/2013 11:53 PM, Ole Troan wrote: >> IIRC, someone reported that Cisco ASA drop v6 packets with extension >> headers by default. > > I think you'll find that the Cisco ASA isn't marketed as a router either, it > is a firewall. Agreed. >>> just to be clear I'm not against t

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 6/12/2013 2:44 PM, Fernando Gont wrote: just to be clear I'm not against the IETF documenting e.g. in a BCP, what the longest expected header chain should be. > Well, that seems more std track than bcp to me. If it's an operational recommendation (SHOULD because that's all that routers

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

> > However, anything that says "if the chain is >X, then drop" is broken, > > period. > > FWIW, I don't think anyone has proposed "if the chain is larger than X, > then drop". On the other hand - I, as an operator, may well decide to drop such packets. Steinar Haug, AS 2116

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 6/12/2013 2:44 PM, Jeroen Massar wrote: Unless the router in question knows what that HBH header will do (read: it was implemented when the definition of that header was defined) or what it should do with it, it won't be able to do anything with it anyway. Thus just ignoring/skipping it, hec

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 6/12/2013 2:36 PM, Ole Troan wrote: Joe, an IPv6 router compliant with RFC2460 does not inspect the header chain. That cannot be true; there are headers after IPv6 but before fragmentation that are hop-by-hop. with the exception of the HBH header, correct. I got tired of writing that

Discussion about header chains (was Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain))

Jeroen, On 06/12/2013 11:44 PM, Jeroen Massar wrote: >> with the exception of the HBH header, correct. I got tired of writing that >> each time I was repeating myself. >> the HBH is an issue to itself. expect those packets to be severely rate >> limited. > > I am wondering why if your box c

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

Fernando, >>> However, anything that says "if the chain is >X, then drop" is broken, >>> period. At some point, if you want to play "IPv6 router", you need to earn >>> the title. >> >> an IPv6 router compliant with RFC2460 does not inspect the header chain. >> >> I'm not aware of any router th

Re: [v6ops] Limiting the size of the IPv6 header chain (draft-ietf-6man-oversized-header-chain)

On 06/12/2013 11:25 PM, Ole Troan wrote: >> However, anything that says "if the chain is >X, then drop" is broken, >> period. At some point, if you want to play "IPv6 router", you need to earn >> the title. > > an IPv6 router compliant with RFC2460 does not inspect the header chain. > > I'm not

  1   2   3   >