Hi Lucy, > -----Original Message----- > From: Lucy yong [mailto:[email protected]] > Sent: Monday, March 09, 2015 1:36 PM > To: Templin, Fred L; Ronald Bonica; [email protected] > Subject: RE: [Int-area] comment on draft-ietf-intarea-gre-ipv6 > > Hi Templin, > > > Hi Lucy, > > > > Also, you say: > > > > > [Lucy] RFC2473 is about IPv6 in IPv6, i.e., IPv6 as a delivery network > > > for IPv6 traffic. > > > > but that is not correct. RFC2473 is about "Generic Packet Tunneling in > > IPv6", which could include encapsulation of IPv4, IPv6, or other > > network protocols - and not just > > IPv6 within IPv6 encapsulation. > > [Lucy] You are right. It has that generalization although very > > focusing on IPv6. The misdelivery and corruption issues are concern > > there too. The draft is very old (1998). IPv6 was barely deployed then. We > > should address or document these issues if we are > working on it now. > > RFC2460 is even older still - but, that does not necessarily mean we should > go back and add a checksum field to the IPv6 header. Like > RFC2460, RFC2473 is a standard and has been for a long time. So, if we don't > like it we would need to go back and deprecate it, right? > [Lucy] I did not say that the time is a problem. It seems that there is a > concern on RFC2473 and nobody looked at this since 1998 when > IPv6 was barely deployed, (I would be wrong, new to int-are), I agree that we > can correct/enhance a RFC if it is useful protocol and > have a problem.
There was a lot of discussion on whether IPv6 should include a header checksum back in the very earliest days, and it turned out to be one of the fundamental design points of the protocol. That means that upper layer protocols need to include a pseudo header in their checksums that covers the IPv6 header. However, when you have tunnels within tunnels, the outermost encapsulation may not be covered by a pseudo header checksum of the inner protocol. This can potentially be addressed by Tom's proposal of leveraging the GRE key field as a weak integrity check to protect against mis-delivery. You should see by now why I say that 'draft-ietf-intarea-gre-ipv6' and RFC2473 are in the same boat - the former is simply one operational mode of the latter. Thanks - Fred [email protected] > Regards, > Lucy > > Thanks - Fred > [email protected] > > > Thanks, > > Lucy > > > > Thanks - Fred > > [email protected] > > > > > -----Original Message----- > > > From: Int-area [mailto:[email protected]] On Behalf Of > > > Templin, Fred L > > > Sent: Monday, March 09, 2015 7:52 AM > > > To: Lucy yong; Ronald Bonica; [email protected] > > > Subject: Re: [Int-area] comment on draft-ietf-intarea-gre-ipv6 > > > > > > > > > > > > > -----Original Message----- > > > > From: Lucy yong [mailto:[email protected]] > > > > Sent: Sunday, March 08, 2015 10:05 AM > > > > To: Templin, Fred L; Ronald Bonica; [email protected] > > > > Subject: RE: [Int-area] comment on draft-ietf-intarea-gre-ipv6 > > > > > > > > Hi Templin, > > > > > > > > > > > > > -----Original Message----- > > > > > From: Int-area [mailto:[email protected]] On Behalf Of > > > > > Lucy yong > > > > > Sent: Thursday, March 05, 2015 12:09 PM > > > > > To: Ronald Bonica; [email protected] > > > > > Subject: Re: [Int-area] comment on draft-ietf-intarea-gre-ipv6 > > > > > > > > > > Hi Ron, > > > > > > > > > > RFC2784 has this statement: See [RFC1122] for requirements relating > > > > > to the > > > > > delivery of packets over IPv4 networks. > > > > > Does this apply to over IPv6 networks? > > > > > > > > > > Since IPv6 header does not have checksum, if a packet is > > > > > mis-delivered to GRE decapsulator, will that cause a concern? This is > > > > > not a concern when IPv4 network is the delivery network. > > > > > > > > In terms of header integrity checks, they are very much in the same > > > > boat as RFC2473. > > > > But, somehow that got standardized. > > > > [Lucy] RFC2473 is about IPv6 in IPv6, i.e., IPv6 as a delivery > > > > network for IPv6 traffic. Since IPv6 packets and upper layer > > > > applications have to follow RFC2460, i.e., protect the misdelivery > > > > and corruption, so that is OK if there is only such kind of tunnel > > > > in IPv6. GRE-in- > > > > IPv6 is deferent. They can't be in the same boat. If there are > > > > various network protocols that are tunneled over a same IPv6 > > > > network, > > > it > > > > will have a problem due to packet misdelivery and corruption. IMO: the > > > > draft needs to document these. > > > > > > Oh, I thought you were concerned about lack of an integrity check > > > for the encapsulating > > > IPv6 header. Are you saying that (in the RFC2473 case at least) it > > > is OK to omit an integrity check for the encapsulating IPv6 header > > > as long as there is an integrity check for the encapsulated IP header? > > > But, somehow that is not OK for draft-ietf-intarea-gre-ipv6? > > > > > > Thanks - Fred > > > [email protected] > > > > > > > Thanks, > > > > Lucy > > > > > > > > Thanks - Fred > > > > [email protected] > > > > > > > > > Thanks, > > > > > Lucy > > > > > > > > > > > > > > > -----Original Message----- > > > > > From: Ronald Bonica [mailto:[email protected]] > > > > > Sent: Thursday, March 05, 2015 11:57 AM > > > > > To: [email protected]; Lucy yong > > > > > Subject: RE: [Int-area] comment on draft-ietf-intarea-gre-ipv6 > > > > > > > > > > Hi Lucy, > > > > > > > > > > The goal of this draft is *not* to prove the GRE behaves > > > > > identically with IPv6 as it does with IPv4. In fact, its goal is to > > > > > point out the differences. > > > > > > > > > > Can you think of any differences between the two GRE environments > > > > > that we have failed to point out? > > > > > > > > > > > > > > > Ron > > > > > > > > > > > > > > > > > > > > > > Message: 1 > > > > > > Date: Wed, 4 Mar 2015 15:25:54 +0000 > > > > > > From: Lucy yong <[email protected]> > > > > > > To: "[email protected]" <[email protected]> > > > > > > Subject: [Int-area] comment on draft-ietf-intarea-gre-ipv6 > > > > > > Message-ID: > > > > > > <2691CE0099834E4A9C5044EEC662BB9D4545BB21@dfweml701- > > > > > > chm> > > > > > > Content-Type: text/plain; charset="us-ascii" > > > > > > > > > > > > Hi, > > > > > > > > > > > > If this draft is to document the protocol of gre in IPv6 exact > > > > > > same as of gre in > > > > > > IPv4 and update rfc2784, IMHO, it should point out the gre > > > > > > application behavior differences in IPv4 network and IPv6 network. > > > > > > The exact same protocol does not mean the same behavior for an > > > > > > application since IPv4 and > > > > > > IPv6 networks have different behaviors such as header checksum. > > > > > > > > > > > > Thanks, > > > > > > Lucy > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > Int-area mailing list > > > > > [email protected] > > > > > https://www.ietf.org/mailman/listinfo/int-area > > > > > > _______________________________________________ > > > Int-area mailing list > > > [email protected] > > > https://www.ietf.org/mailman/listinfo/int-area _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
