Last Call Review of draft-ietf-opsec-ipv6-eh-filtering-08
review-ietf-opsec-ipv6-eh-filtering-08-intdir-lc-chown-2021-07-14-00
| Request | Review of | draft-ietf-opsec-ipv6-eh-filtering |
|---|---|---|
| Requested revision | No specific revision (document currently at 10) | |
| Type | Last Call Review | |
| Team | Internet Area Directorate (intdir) | |
| Deadline | 2021-06-28 | |
| Requested | 2021-06-15 | |
| Requested by | Éric Vyncke | |
| Authors | Fernando Gont , Will (Shucheng) LIU | |
| I-D last updated | 2021-07-14 | |
| Completed reviews |
Secdir Last Call review of -06
by Nancy Cam-Winget
(diff)
Tsvart Last Call review of -06 by Michael Scharf (diff) Genart Last Call review of -06 by Vijay K. Gurbani (diff) Rtgdir Last Call review of -06 by Stewart Bryant (diff) Intdir Last Call review of -08 by Tim Chown (diff) Secdir Telechat review of -08 by Nancy Cam-Winget (diff) |
|
| Comments |
The review should be done with a strong IPv6 background as well as an operational expertise: Jean-Michel Combes or Tim Chown would be a good fit but up to the chairs to decide of course Thank you -éric |
|
| Assignment | Reviewer | Tim Chown |
| State | Completed | |
| Request | Last Call review on draft-ietf-opsec-ipv6-eh-filtering by Internet Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/int-dir/-5BJJOLiWnsgEP39s1nol6SyOU4 | |
| Reviewed revision | 08 (document currently at 10) | |
| Result | Ready w/nits | |
| Completed | 2021-07-14 |
review-ietf-opsec-ipv6-eh-filtering-08-intdir-lc-chown-2021-07-14-00
Hi, This draft provides an analysis of IPv6 Extension Headers and Options, discusses the implications of discarding packets containing them, and makes recommendations on configurable filtering policy for each EH and Option for transit routers. I have followed the development of this draft, though not in great detail, and was a co-author of RFC7872 on “Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World”, two other authors of which are the authors of this document. So I have familiarity with this strand of work. Overall I consider this document is Ready with Nits. General comments: The publication of IETF guidance in the area of IPv6 EH and Option handling/filtering, and speculation on the reasons behind the drops observed in RFC7872, has been somewhat controversial in the 6man and v6ops WGs. However, having had the observations published some time ago (separate to any recommendations), I would agree that it is now timely to publish this Informational document as it provides what I’d consider good guidance. The summary of existing EHs and Options presented in this draft is useful in itself. The style and format of the document is really nice, easy to follow, and well-written. I notice RFC6564 isn’t mentioned, should it be? Specific comments: P.3 “Since various protocols may use IPv6 EHs” It would be really nice to have a list of such protocols included in the document, so those choosing to set and implement policy can more clearly understand the impact of that policy. This comment also applies to 3.4.1.4 (p.9) P.4 “All standard IPv6 EHs” Do you mean the list in Table 1 here? “With respect to operational configurations” Perhaps say “policy” here as it is policy that provides the rationale for not just passing the packet as per 7045, and it MUST be configured policy that dictates a different handling. P.9 I assume you can also say that rate limiting will break protocols too? Should we say “Discarding or rate-limiting” in 3.4.1.4? p.17 Could we add a summary table for Options like we have for EHs? (There are some here that I’d forgotten existed and at least one I was unaware of…) Nits: P.7 and elsewhere Is it RHT0 etc or RTH0 ? All this time I’d thought RouTing Header :) p.8 Put the Types in order by code? Same on p.13 — Tim