Thank you Tim for your review just in time before the IESG evaluation. I have just added your review to my ballot position.
Regards -éric -----Original Message----- From: Int-dir <[email protected]> on behalf of Tim Chown via Datatracker <[email protected]> Reply-To: Tim Chown <[email protected]> Date: Wednesday, 14 July 2021 at 17:24 To: "[email protected]" <[email protected]> Cc: "[email protected]" <[email protected]>, "[email protected]" <[email protected]>, "[email protected]" <[email protected]> Subject: [Int-dir] Intdir last call review of draft-ietf-opsec-ipv6-eh-filtering-08 Reviewer: Tim Chown Review result: Ready with Nits Hi, This draft provides an analysis of IPv6 Extension Headers and Options, discusses the implications of discarding packets containing them, and makes recommendations on configurable filtering policy for each EH and Option for transit routers. I have followed the development of this draft, though not in great detail, and was a co-author of RFC7872 on “Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World”, two other authors of which are the authors of this document. So I have familiarity with this strand of work. Overall I consider this document is Ready with Nits. General comments: The publication of IETF guidance in the area of IPv6 EH and Option handling/filtering, and speculation on the reasons behind the drops observed in RFC7872, has been somewhat controversial in the 6man and v6ops WGs. However, having had the observations published some time ago (separate to any recommendations), I would agree that it is now timely to publish this Informational document as it provides what I’d consider good guidance. The summary of existing EHs and Options presented in this draft is useful in itself. The style and format of the document is really nice, easy to follow, and well-written. I notice RFC6564 isn’t mentioned, should it be? Specific comments: P.3 “Since various protocols may use IPv6 EHs” It would be really nice to have a list of such protocols included in the document, so those choosing to set and implement policy can more clearly understand the impact of that policy. This comment also applies to 3.4.1.4 (p.9) P.4 “All standard IPv6 EHs” Do you mean the list in Table 1 here? “With respect to operational configurations” Perhaps say “policy” here as it is policy that provides the rationale for not just passing the packet as per 7045, and it MUST be configured policy that dictates a different handling. P.9 I assume you can also say that rate limiting will break protocols too? Should we say “Discarding or rate-limiting” in 3.4.1.4? p.17 Could we add a summary table for Options like we have for EHs? (There are some here that I’d forgotten existed and at least one I was unaware of…) Nits: P.7 and elsewhere Is it RHT0 etc or RTH0 ? All this time I’d thought RouTing Header :) p.8 Put the Types in order by code? Same on p.13 — Tim _______________________________________________ Int-dir mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-dir _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
