[GTER] [LAC-TF] Fwd: RFC 9288 on Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers

Douglas Fischer fischerdouglas at gmail.com
Mon Aug 22 10:34:12 -03 2022 

Inevitável pensar se isso irá refletir positiva ou negativamente no LDP
over IPv6 passando sobre "Internet"(roteadores de trânsito DFZ).

Em qui., 18 de ago. de 2022 às 23:47, Fernando Gont <fgont at si6networks.com>
escreveu:

> Estimad at s,
>
> Se acaba de publicar el RFC 9288, sobre "Recommendations on the
> Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit
> Routers" que escribi junto a Will Liu.
>
> El mismo se encuentra disponible en:
> https://www.rfc-editor.org/rfc/rfc9288
>
> En lo que hace al RFC, creo cre su principal valor esta en analiar que
> cosas dependen de los Extension Headers (EHs), y que cosas podrian
> lelgar a romperse si se descartan paquetes con determinados EHs.
>
> Es topico es mas que interesante. Ya en su momento publicamos RFC 7872
> (https://www.rfc-editor.org/rfc/rfc7872) analizando como se dropean los
> paquetes con IPv6 EHs en la Internet publica, asi como tambien
> publicamos RFC 9098 (https://www.rfc-editor.org/rfc/rfc9098.html),
> analizando los motivos que hay para droppearlos.
>
> Mas recientemente se ha vuelto a despertar el interes en medir hasta que
> punto se droppean -- supongo que motivados por la esperana/deseo de
> algunos que la realidad sea diferente.
>
>
> Trabaje en este RFC (RFC9288) unos 7 años. -- mucho tiempo! Tiene un
> valor particular para mi, porque inclusive luego de haber trabajado
> tanto tiempo, estuve a punto de perderlo, por no tener tiempo de
> trabajar con el.
>
> Al final, los planetas se alinearon :-), y pude salvarlo justito antes
> de que se perdiera..
>
> El trabajo de Ingenieria de Internet que se hace de la region se hace en
> muy buena medida a puro pulmon... Ya que no ha cambiado mucho la
> situacion en lo que respecta a la participacion desde la region.
>
> Por tal motivo, mi agracedimiento a Guillote y Nelivien (socios
> fundamentales), y a Diego Maradona, a quien evidentemente este documento
> va dedicado.
>
> Estos tipos entendieron todo:
>
> * https://www.youtube.com/watch?v=6e9WLX2aKbE
> * https://www.youtube.com/watch?v=JwqAG4XWLpQ
>
>
> P.S.: https://youtu.be/9Y9Iq9hoRdM?t=89
>
>
> Saludos cordiales,
> --
> Fernando Gont
> SI6 Networks
> Segurola y Habana 4310 7mo piso
> Ciudad Autonoma de Buenos Aires
> Argentina
> Email: fgont at si6networks.com
> URI: https://www.si6networks.com
>
>
>
>
> -------- Forwarded Message --------
> Subject: RFC 9288 on Recommendations on the Filtering of IPv6 Packets
> Containing IPv6 Extension Headers at Transit Routers
> Date: Thu, 18 Aug 2022 16:21:47 -0700 (PDT)
> From: rfc-editor at rfc-editor.org
> To: ietf-announce at ietf.org, rfc-dist at rfc-editor.org
> CC: rfc-editor at rfc-editor.org, drafts-update-ref at iana.org, opsec at ietf.org
>
> A new Request for Comments is now available in online RFC libraries.
>
>                  RFC 9288
>
>          Title:      Recommendations on the Filtering of
>       IPv6 Packets Containing IPv6 Extension Headers
>   at Transit Routers         Author:     F. Gont,
>                      W. Liu
>          Status:     Informational
>          Stream:     IETF
>          Date:       August 2022
>          Mailbox:    fgont at si6networks.com,
>                      liushucheng at huawei.com
>          Pages:      33
>          Updates/Obsoletes/SeeAlso:   None
>
>          I-D Tag:    draft-ietf-opsec-ipv6-eh-filtering-10.txt
>
>          URL:        https://www.rfc-editor.org/info/rfc9288
>
>          DOI:        10.17487/RFC9288
>
> This document analyzes the security implications of IPv6 Extension
> Headers and associated IPv6 options. Additionally, it discusses the
> operational and interoperability implications of discarding packets
> based on the IPv6 Extension Headers and IPv6 options they contain.
> Finally, it provides advice on the filtering of such IPv6 packets at
> transit routers for traffic not directed to them, for those cases
> where such filtering is deemed as necessary.
>
> This document is a product of the Operational Security Capabilities for
> IP Network Infrastructure Working Group of the IETF.
>
>
> INFORMATIONAL: This memo provides information for the Internet community.
> It does not specify an Internet standard of any kind. Distribution of
> this memo is unlimited.
>
> This announcement is sent to the IETF-Announce and rfc-dist lists.
> To subscribe or unsubscribe, see
>    https://www.ietf.org/mailman/listinfo/ietf-announce
>    https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
>
> For searching the RFC series, see https://www.rfc-editor.org/search
> For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk
>
> Requests for special distribution should be addressed to either the
> author of the RFC in question, or to rfc-editor at rfc-editor.org.  Unless
> specifically noted otherwise on the RFC itself, all RFCs are for
> unlimited distribution.
>
>
> The RFC Editor Team
> Association Management Solutions, LLC
>
> _______________________________________________
> IETF-Announce mailing list
> IETF-Announce at ietf.org
> https://www.ietf.org/mailman/listinfo/ietf-announce
> _______________________________________________
> LACTF mailing list
> LACTF at lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lactf
> Cancelar suscripcion: lactf-unsubscribe at lacnic.net
>


-- 
Douglas Fernando Fischer
Engº de Controle e Automação

More information about the gter mailing list