IETF Logo Mail Archive

Re: [6tisch] tagging join traffic wih DSCP: why inside IP header?

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Tue, 14 November 2017 07:27 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B0CB124B18 for <6tisch@ietfa.amsl.com>; Mon, 13 Nov 2017 23:27:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.52
X-Spam-Level:
X-Spam-Status: No, score=-14.52 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LEDUFfRGoCa9 for <6tisch@ietfa.amsl.com>; Mon, 13 Nov 2017 23:27:48 -0800 (PST)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AE7B128DF3 for <6tisch@ietf.org>; Mon, 13 Nov 2017 23:27:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=25276; q=dns/txt; s=iport; t=1510644468; x=1511854068; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=w9PRW8YViNmnaOqarZaBBYi80hN20eXE0PSXx6clv7Q=; b=FfV/6at8tUp+xAvytmpfHL8C+0BfZFBzid/l4wJJc9+8l7zHT9MZejcd qMvpkKCFw/DkJjI6THHG5xL3YMEofUZSol9127O+fc8emmEhj0UIg2H7n a8a4ri7dUmOwL47MRLKxKPiTZQustUtzuAxvHAO1CPDWFhzpnxrhbMSDv 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CYAQAgmgpa/5pdJa1RChkBAQEBAQEBAQEBAQEHAQEBAQGCRHJkbicHg3eZToF9llAQggEKJYE3g18CGoRMQBcBAQEBAQEBAQFrKIUeAQEBAQMjClwCAQgRBAEBKAMCAgIwFAkIAgQBEgiJNmQQqxSCJ4sRAQEBAQEBAQEBAQEBAQEBAQEBAQEBHYM0ggeBVYFpgyqEbAUOLx+CX4JjBaItAodqjRCCHoYIiyWMaokRAhEZAYE4ASEBNYFbF3oVgy0JhFZ3hheBMoERAQEB
X-IronPort-AV: E=Sophos; i="5.44,393,1505779200"; d="scan'208,217"; a="30587590"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Nov 2017 07:27:47 +0000
Received: from XCH-ALN-002.cisco.com (xch-aln-002.cisco.com [173.36.7.12]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id vAE7RlTM008692 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 14 Nov 2017 07:27:47 GMT
Received: from xch-rcd-001.cisco.com (173.37.102.11) by XCH-ALN-002.cisco.com (173.36.7.12) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Tue, 14 Nov 2017 01:27:46 -0600
Received: from xch-rcd-001.cisco.com ([173.37.102.11]) by XCH-RCD-001.cisco.com ([173.37.102.11]) with mapi id 15.00.1320.000; Tue, 14 Nov 2017 01:27:46 -0600
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Thomas Watteyne <thomas.watteyne@inria.fr>, "6tisch@ietf.org" <6tisch@ietf.org>
Thread-Topic: [6tisch] tagging join traffic wih DSCP: why inside IP header?
Thread-Index: AQHTXRQOkXA3VPJ770+1uJQzOJ8GOaMTc7vw
Date: Tue, 14 Nov 2017 07:27:46 +0000
Deferred-Delivery: Tue, 14 Nov 2017 07:27:04 +0000
Message-ID: <a44b79f6e15f49589a6c4a77726eb3ef@XCH-RCD-001.cisco.com>
References: <CADJ9OA_cKxWZLvfpNXhjNgL1HurfdK-Oqj1M-wU9pK5t+1kU4g@mail.gmail.com>
In-Reply-To: <CADJ9OA_cKxWZLvfpNXhjNgL1HurfdK-Oqj1M-wU9pK5t+1kU4g@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.68.217.26]
Content-Type: multipart/alternative; boundary="_000_a44b79f6e15f49589a6c4a77726eb3efXCHRCD001ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/LpXjRY4z1I4Fdh3E9ZUk1-t1qZY>
Subject: Re: [6tisch] tagging join traffic wih DSCP: why inside IP header?
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Nov 2017 07:27:50 -0000

Hello Thomas :

I agree it is non-obvious. Here’s why I ended up with that recommendation:


1)      The IP in IP 6LoRH in RFC8138 was designed for the minimal encapsulation as opposed to a generic one, basically a place holder for the outer addresses to be added and removed easily, and meltdown avoidance with a hop limit; everything else is defaulted. This was just an artifact to pass the 6MAN logo. Seems that since then, the law has been bended but that’s another story. Its format is as follows:

     0                   1                   2
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-       ...      -+
    |1|0|1| Length  | 6LoRH Type 6  |  Hop Limit    | Encaps. Address  |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-       ...      -+

                       Figure 14: The IP-in-IP-6LoRH

As you see, there is not provision to transport traffic class in that encoding. To transport the TC in outer IP in IP, we’d need to specify a new 6LoRH type for richer IP in IP. Can be done, but quite a bit of hassle. When you asked, I translated “with a minimum changes in mind” and answered accordingly.


2)      In the particular case of the join packet from the join proxy upwards, there is probably no IP in IP, unless an extra encapsulator finds a reason to do so (https://datatracker.ietf.org/doc/html/draft-ietf-roll-useofrplinfo-19#page-17); in the general case of IP in IP, the encapsulator may or may not be the source of the packet; for an encapsulated join, it would not be. So for the generic case of a packet that has to be encapsulated, we’d have to set rules on whether the encapsulator echoes the inned TC in the outer TC. Again, hassle, hassle. Not having an outer TC gives back the control to the source, the JP in our case. At the expense of extra complexity in a node that care whether there is a TC, and which has to dig down to IPHC. Not that hard though.

Makes sense?

Pascal


From: 6tisch [mailto:6tisch-bounces@ietf.org] On Behalf Of Thomas Watteyne
Sent: mardi 14 novembre 2017 14:44
To: 6tisch@ietf.org
Subject: [6tisch] tagging join traffic wih DSCP: why inside IP header?

Pascal,

During the WG meeting yesterday, we discussed using DSCP bits as a way to identify join request/reply messages. We talked about mapping, in the minimal-security spec, the different DSCP values to scheduling behavior.

But you indicated the DSCP bits would be in the inside IPv6 header. That doesn't make sense to me, can you please provide more info? The outside IPv6 header looks to me like the right place to put the bits.

Thomas

--
_______________________________________

Thomas Watteyne, PhD
Research Scientist & Innovator, Inria
Sr Networking Design Eng, Linear Tech
Founder & co-lead, UC Berkeley OpenWSN
Co-chair, IETF 6TiSCH

www.thomaswatteyne.com<http://www.thomaswatteyne.com>
_______________________________________

v2.23.0 | Report a Bug | By Email