Re: [Apn] Issues to be closed #19-#21

["Pengshuping (Peng Shuping)" <pengshuping@huawei.com>]

Hi David,

Thank you! As we also discussed on the previous issues 13-15, https://mailarchive.ietf.org/arch/msg/apn/kFMAX6airI2sVbzmDZhalV1litE/, we will use APN header which includes APN ID and/or APN Parameters, while the APN ID is mandatory and the APN Parameters are optional as stated in this draft https://datatracker.ietf.org/doc/html/draft-li-apn-header-00#page-3.

You are right that when the APN Parameters are also carried it will bring additional complexity which we'd better carefully look into. We would also like to explore more about the use cases of using the APN Parameters.

So shall we close this issues as well as the issues 13 and 14 based on these discussions? Thank you!

Best regards,
Shuping


From: Black, David [mailto:David.Black@dell.com]
Sent: Monday, January 10, 2022 11:13 PM
To: Pengshuping (Peng Shuping) <pengshuping@huawei.com>; apn <apn@ietf.org>
Cc: rtgwg@ietf.org; ta-miyasaka@kddi.com; ted.ietf@gmail.com; Black, David <David.Black@dell.com>
Subject: RE: Issues to be closed #19-#21

> 19. Is that "structured attribute" more accurate than "tag"? How resulting resolution complexity will compare with 5-tuples being used? From: David Black #19
> https://github.com/APN-Community/Issues/issues/19 [github.com]<https://github.com/APN-Community/Issues/issues/19%20%5bgithub.com%5d>

Based on discussion of prior issues, if the term "tag" will continue to be used, then the drafts need to be clear that the parameters are not part of the tag - the structure is tag+parameters.

The rest of the response below is clear, although "one place" glosses over what has to be done because the presence of parameters adds complexity.  The router/node has to look at not only the tag, but also the parameters in order to figure out what to do - that's the additional complexity.  I would suggest taking a hard look at which routers/nodes have to process parameters, in contrast to just using the tag for lookup.

Thanks, --David

From: Pengshuping (Peng Shuping) <pengshuping@huawei.com<mailto:pengshuping@huawei.com>>
Sent: Monday, January 10, 2022 2:56 AM
To: apn
Cc: rtgwg@ietf.org<mailto:rtgwg@ietf.org>; ta-miyasaka@kddi.com<mailto:ta-miyasaka@kddi.com>; ted.ietf@gmail.com<mailto:ted.ietf@gmail.com>; Black, David
Subject: Issues to be closed #19-#21


[EXTERNAL EMAIL]
Hi all,

All the issues to be closed are going to be listed in this link https://github.com/APN-Community/Issues/issues [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIXsfiBLf$>.

Following the issues we posted in the last week, we post our responses to the issues #19-#21 this week. Please either leave your comments in the mailing list or directly in the github, so we can finally close these issues. Thank you!


19. Is that "structured attribute" more accurate than "tag"? How resulting resolution complexity will compare with 5-tuples being used? From: David Black #19
https://github.com/APN-Community/Issues/issues/19 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/19__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIcxyXFAx$>

The "structured attribute" (i.e. the APN Header) is defined in this draft https://datatracker.ietf.org/doc/html/draft-li-apn-header-00#page-3 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-li-apn-header-00*page-3__;Iw!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIcuG6RVm$>. The APN header option is going to be located in one place in the packet header such as an IPv6 extension header - Hop-by-hop Options header. To resolve this APN header, only one place in the packet header needs to be checked against. While since 5-tuples are located in the various places in the packet header, especially in IPv6 data plane when IPv6 extension headers exist the transport layer information is being pushed further deep, these will make the resolution of the 5 tuples very hard and more complex than that of the APN header.


20. Does APN ID carry a piece of information that is potentially semantically *richer* than the five tuple and making that available to path elements that would not otherwise have that data? From: Ted Hardie #20
https://github.com/APN-Community/Issues/issues/20 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/20__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIRN25Q7H$>

The path elements that are not aware of APN or do not support APN will not be able to process the APN header since there are no corresponding configurations. The APN ID will only be processed in the nodes that are already enforced with policies against the APN ID.


21. How can the edge routers estimate APN ID and parameters (latency, bandwidth, etc.) just from 5-tuple? Is there any interface or API between application and APN domain controller? From: Takuya Miyasaka #21
https://github.com/APN-Community/Issues/issues/21 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/21__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlITuRpWtI$>

The edge routers will perform based on the configurations which indicates the matching relationship between the 5-tuple and the APN ID and/or parameters. The configurations could be enforced by the APN domain controller, which may be based on the agreements established between the services and the network operators, as illustrated in https://datatracker.ietf.org/doc/html/draft-li-apn-framework-04#section-6 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-li-apn-framework-04*section-6__;Iw!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIczz87RN$>.


Best Regards,
Shuping



From: Apn [mailto:apn-bounces@ietf.org] On Behalf Of Pengshuping (Peng Shuping)
Sent: Tuesday, January 4, 2022 9:48 AM
To: apn <apn@ietf.org<mailto:apn@ietf.org>>
Cc: jri.ietf@gmail.com<mailto:jri.ietf@gmail.com>; Bob Hinden <bob.hinden@gmail.com<mailto:bob.hinden@gmail.com>>; kaduk@mit.edu<mailto:kaduk@mit.edu>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: [Apn] Issues to be closed #16-#18

Hi all,

All the issues to be closed are going to be listed in this link https://github.com/APN-Community/Issues/issues [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIXsfiBLf$>.

Following the issues we posted in the last week, we post our responses to the issues #16-#18 this week. Please either leave your comments in the mailing list or directly in the github, so we can finally close these issues. Thank you!


16. What is the mechanism that forces this attribute to be stripped at the network operator's boundary? From: Alissa Cooper/ Benjamin Kaduk/ Jana Iyengar #16
https://github.com/APN-Community/Issues/issues/16 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/16__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIe48r1rd$>

This draft https://datatracker.ietf.org/doc/draft-li-apn-framework/ [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-li-apn-framework/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIQiSze2B$> specifies that the APN marking will be encapsulated in the outer tunnel encapsulation and removed together with the tunnel encapsulation at the end of each tunnel.


17. Is this literally a mechanism for creating and sharing arbitrary metadata about arbitrary aggregates across arbitrary boundaries, which creates as much or more room for trouble? From: Jana Iyengar #17
https://github.com/APN-Community/Issues/issues/17 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/17__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIdHCPSnX$>

APN works within a single operator's limited and controlled domain(s). There could be multiple domains within this operator, which is a normal deployment case. The APN attributes are encapsulated in the outer tunnel header to trigger the policy enforcement for the network service provisioning in a flexible and efficient way in the various nodes along the tunnel.


18. Could the flow label be used for APN, which is designed for similar purpose? From: Bob Hinden #18
https://github.com/APN-Community/Issues/issues/18 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/18__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIVwcX1MJ$>

Using the IPv6 Flow Label for ECMP (RFC6438) has turned out to be the most widely deployed usage of the IPv6 flow label, even in the tunnel mode. In order to make the IPv6 Flow Label usable for other services, we would have a lot to do first before we could start reusing it.


Best Regards,
Shuping


From: Apn [mailto:apn-bounces@ietf.org] On Behalf Of Pengshuping (Peng Shuping)
Sent: Tuesday, December 28, 2021 8:54 AM
To: apn <apn@ietf.org<mailto:apn@ietf.org>>
Cc: Black, David <David.Black@dell.com<mailto:David.Black@dell.com>>; kaduk@mit.edu<mailto:kaduk@mit.edu>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: [Apn] Issues to be closed #13-#15

Hi all,

All the issued to be closed is going to be listed in this link https://github.com/APN-Community/Issues/issues [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIXsfiBLf$>.

Following the issues we posted in the last week, we post our responses to the issues #13-#15 this week. Please either leave your comments in the mailing list or directly in the github, so we can finally close these issues. Thank you!


13. Is opaque used solely wrt privacy of info from which APN ID is derived? Is that just opaque lookup based on ID? From: David Black #13
https://github.com/APN-Community/Issues/issues/13 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/13__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIYHl0M9r$>

In this draft https://datatracker.ietf.org/doc/html/draft-li-apn-framework-04 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-li-apn-framework-04__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIcWKAqqF$>, it states that "the APN attribute is acquired based on the existing information in the packet header such as 5-tuple and QinQ (S-VLAN and C-VLAN) at the edge devices of the APN domain".


There is also a requirement [REQ 1d] in 5.1. APN Attribute Conveying Requirements,
https://datatracker.ietf.org/doc/html/draft-li-apn-framework-04#section-5.1 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-li-apn-framework-04*section-5.1__;Iw!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIYpKqzdL$>
[REQ 1d].  APN ID MUST be acquired from the existing available information of the packet header without interference into the payload.


14. What is opaque lookup? Which parameters are supposed to use? What exactly are you looking? From: David Black #14
https://github.com/APN-Community/Issues/issues/14 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/14__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIVzL-bBm$>

The opaque lookup means about the lookup using APN ID. The APN ID itself does not have any privacy info but only a string of bits used by the network devices to perform policy enforcements locally.


15. Is opaque contradictory to the APN parameters? Does such a "treat as opaque" case actually use the full richness of attributes? From: Zhang Zhaohui/Benjamin Kaduk #15
https://github.com/APN-Community/Issues/issues/15 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/15__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIX0R8ql3$>

Opaque is for the APN ID. The APN parameters are used to express more detailed requirements on the network. It is not contradictory.


**********************************************
Happy New Year to All! :)
**********************************************

Best Regards,
Shuping


From: Apn [mailto:apn-bounces@ietf.org] On Behalf Of Pengshuping (Peng Shuping)
Sent: Monday, December 20, 2021 9:39 AM
To: apn <apn@ietf.org<mailto:apn@ietf.org>>
Cc: gregory.mirsky@ericsson.com<mailto:gregory.mirsky@ericsson.com>; jri.ietf@gmail.com<mailto:jri.ietf@gmail.com>; eckelcu@cisco.com<mailto:eckelcu@cisco.com>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: [Apn] Issues to be closed #10-#12

Hi all,

All the issued to be closed is going to be listed in this link https://github.com/APN-Community/Issues/issues [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIXsfiBLf$>.

Following the issues we posted in the last week, we post our responses to the issues #10-#12 this week. Please either leave your comments in the mailing list or directly in the github, so we can finally close these issues. Thank you!


10. Is APN designed for a single domain or multiple domains? From: Charles Eckel #10
https://github.com/APN-Community/Issues/issues/10 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/10__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIc81TItm$>

APN is designed for a single operator's limited and controlled domain(s). There could be multiple domains within this operator. At the provider edge node of each domain, the APN attribute could be used to steer the traffic into corresponding network services such as an explicit SRv6 path.


11. Is it a normal case that 1 SP has multiple domains? From: Greg Mirsky #11
https://github.com/APN-Community/Issues/issues/11 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/11__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIV1DPJFW$>

Yes, it is a very normal case that one SP has multiple domains under its administration, especially when the network scale is large.


12. Is that the entire value of these APN tunnels is to communicate information across domains? From: Jana Iyengar #12
https://github.com/APN-Community/Issues/issues/12 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/12__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIZqiICj_$>

We would not call these tunnels are APN tunnels. They are the normal tunnels such as SRv6 policies or MPLS tunnels. APN attributes are encapsulated in the outer tunnel header to trigger the policy enforcement for the network service provisioning in a flexible and efficient way in the various nodes along the tunnel.


**********************************************
How time flies! Another Christmas is coming.
Merry Christmas to all! :)
**********************************************

Best Regards,
Shuping


From: Apn [mailto:apn-bounces@ietf.org] On Behalf Of Pengshuping (Peng Shuping)
Sent: Monday, December 13, 2021 9:59 AM
To: apn <apn@ietf.org<mailto:apn@ietf.org>>
Cc: ted.ietf@gmail.com<mailto:ted.ietf@gmail.com>; rick@tropicalstormsoftware.com<mailto:rick@tropicalstormsoftware.com>; watsonbladd@gmail.com<mailto:watsonbladd@gmail.com>; kaduk@mit.edu<mailto:kaduk@mit.edu>; farinacci@gmail.com<mailto:farinacci@gmail.com>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: [Apn] Issues to be closed #5-#9

Hi all,

All the issued to be closed is going to be listed in this link https://github.com/APN-Community/Issues/issues [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIXsfiBLf$>.

Following the issues we posted in the last week, we post our responses to the issues #5-#9 this week. Please either leave your comments in the mailing list or directly in the github, so we can finally close these issues. Thank you!


5. If the APN is trying to make app get better service for it from the network, how does it do that? Especially when every app want better service? From: Dino Farinacci #5
https://github.com/APN-Community/Issues/issues/5 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/5__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIYWdLi16$>

Following the APN framework as defined in the https://datatracker.ietf.org/doc/html/draft-li-apn-framework-04 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-li-apn-framework-04__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIcWKAqqF$>, the traffic are tagged with APN ID at the network edge, against which the traffic can be steered into the network services such as SRv6 policies that can satisfy their various SLA requirements.


6. What is the problem domain of APN? What is the problem APN is trying to solve? From: Rick Taylor #6
https://github.com/APN-Community/Issues/issues/6 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/6__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIWvnNRiC$>

In this problem statement draft https://datatracker.ietf.org/doc/html/draft-li-apn-problem-statement-usecases-04 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-li-apn-problem-statement-usecases-04__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIbJcimeS$>, the three challenges that APN is trying to target at are listed as followings,

1.         Challenges of lack of fine-granularity service information

2.         Challenges of Traditional Differentiated Service Provisioning

3.         Challenges of Supporting New 5G and Edge Computing Technologies


Several concrete use cases that could benefit from APN have also been recorded in IETF drafts and presented in previous meetings.

l  https://tools.ietf.org/html/draft-liu-apn-edge-usecase [tools.ietf.org]<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-liu-apn-edge-usecase__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlITkFeaL3$>

l  https://tools.ietf.org/html/draft-zhang-apn-acceleration-usecase [tools.ietf.org]<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-zhang-apn-acceleration-usecase__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIcRf5H8g$>

l  https://tools.ietf.org/html/draft-yang-apn-sd-wan-usecase [tools.ietf.org]<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-yang-apn-sd-wan-usecase__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIapArk2n$>


The work items to be covered were presented in the following slides,
https://datatracker.ietf.org/meeting/111/materials/slides-111-apn-8-apn-work-items-00 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/meeting/111/materials/slides-111-apn-8-apn-work-items-00__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIY1e4-bJ$>.


7. Why do we need an abstract container for service info across all tunneling mechanisms? From: Watson Ladd #7
https://github.com/APN-Community/Issues/issues/7 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/7__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIXDe7AZv$>

As presented in the APN BoF @IETF111, from this use case we can see that the carried information can be used to trigger the IOAM performance measurement or perform fine-granular traffic steering at the edge of the intermediate domain without the need to further resolve the 5-tuple of the inner packets.
https://datatracker.ietf.org/meeting/111/materials/slides-111-apn-apn-use-cases-01 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/meeting/111/materials/slides-111-apn-apn-use-cases-01__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIVm-Mh2C$>


8. Do we have a protocol mechanism to enforce what's in the APN marking and when it's removed? From: Benjamin Kaduk #8
https://github.com/APN-Community/Issues/issues/8 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/8__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIXtZtitz$>

The draft https://datatracker.ietf.org/doc/draft-li-apn-header/ [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-li-apn-header/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIYmbOT3g$> specifies the APN header which includes the APN ID and/or parameters, that is, the APN marking.


This draft https://datatracker.ietf.org/doc/draft-li-apn-framework/ [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-li-apn-framework/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIQiSze2B$> specifies that the APN marking will be encapsulated in the outer tunnel encapsulation and removed together with the tunnel encapsulation at the end of each tunnel.


9. How large is the space of APN attributes? If the existing field is enough to identify and individual (e.g. by physical port), could the attribute carry a user identifier? From: Ted Hardie #9
https://github.com/APN-Community/Issues/issues/9 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/9__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIS7iK_mI$>

The draft https://datatracker.ietf.org/doc/draft-li-apn-header/ [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-li-apn-header/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIYmbOT3g$> specifies two types of APN ID which have different lengths. APN is not used to identify individuals. Usually a physical port can be used to identify a group of users, and the user group ID can be carried in APN.


Best Regards,
Shuping


From: Pengshuping (Peng Shuping)
Sent: Tuesday, December 7, 2021 9:45 AM
To: apn <apn@ietf.org<mailto:apn@ietf.org>>
Cc: rtgwg@ietf.org<mailto:rtgwg@ietf.org>; Lars Eggert <lars@eggert.org<mailto:lars@eggert.org>>; 'sergey.fomin@nokia.com' <sergey.fomin@nokia.com<mailto:sergey.fomin@nokia.com>>; 'Bernier, Daniel' <daniel.bernier@bell.ca<mailto:daniel.bernier@bell.ca>>
Subject: Issues to be closed #1-#4

Hi all,

All the issued to be closed is going to be listed in this link https://github.com/APN-Community/Issues/issues [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIXsfiBLf$>.

In the following weeks, we are going to post our responses to the issues. Please either leave your comments in the mailing list or directly in the github, so we can finally close these issues. Thank you!


1. What happens to a flow if a hop can't meet the APN requirements? From: Lars Eggert #1
https://github.com/APN-Community/Issues/issues/1 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/1__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIeQYvTSn$>

As described in https://datatracker.ietf.org/doc/html/draft-li-apn-framework-04#section-5 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-li-apn-framework-04*section-5__;Iw!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIa1oz0aW$>, the APN requirements include APN Attribute Conveying Requirements and APN attribute Handling Requirements.

In the APN attributes, the carrying of the APN parameters is optional as stated in https://datatracker.ietf.org/doc/html/draft-li-apn-header-00#section-3 [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-li-apn-header-00*section-3__;Iw!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIWIwCH_i$>. The typical APN parameters are the network performance requirements such as bandwidth, latency, etc.

If a hop cannot meet the APN requirements, which would mean that the hop cannot handle the APN attributes, then it will be up to the local configuration. We can explore more on this topic, but generally the flow needs to be forwarded without any interruption, probably in a default mode.


2. Does APN introduce a new data plane when it is supposed to work with any data plane? From: Sergey Fomin #2
https://github.com/APN-Community/Issues/issues/2 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/2__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIfRjH1cf$>

APN does not introduce a new data plane. APN uses and makes necessary extensions to the existing data plane to carry the APN header as defined in https://datatracker.ietf.org/doc/draft-li-apn-header/ [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-li-apn-header/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIYmbOT3g$>. The encapsulation example on the IPv6 data plane is suggested in https://datatracker.ietf.org/doc/draft-li-apn-ipv6-encap/ [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-li-apn-ipv6-encap/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIUeaF5zN$>.


3. Do we need to define a new data plane to carry this info, while you could use existing mechanisms? From: Sergey Fomin #3
https://github.com/APN-Community/Issues/issues/3 [github.com]<https://urldefense.com/v3/__https:/github.com/APN-Community/Issues/issues/3__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIQYmUQ1D$>

Some extensions may be needed. For example, new IPv6 HBH or DOH options would need to be defined to carry the APN header in the IPv6 data plane.
In https://datatracker.ietf.org/doc/draft-peng-apn-scope-gap-analysis/ [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-peng-apn-scope-gap-analysis/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIW--BTjt$>, we listed existing mechanisms and made some analysis and comparisons.


4. Is it expected that the APN ID and parameters be "normalized' (standardized) or be defined domain specific From: Daniel Bernier #4

The draft https://datatracker.ietf.org/doc/draft-li-apn-header/ [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-li-apn-header/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIYmbOT3g$> specifies the APN header which includes the APN ID and parameters. APN works within an operator's controlled and limited domain, so the APN ID and parameters can be defined as domain specific.


Best Regards,
Shuping



From: Architecture-discuss [mailto:architecture-discuss-bounces@ietf.org] On Behalf Of Pengshuping (Peng Shuping)
Sent: Monday, December 6, 2021 9:17 AM
To: apn <apn@ietf.org<mailto:apn@ietf.org>>
Cc: architecture-discuss@iab.org<mailto:architecture-discuss@iab.org>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: [arch-d] Issues to be closed

Dear all,

Following the summary report on the APN@IETF112 [1], we list the questions/comments we received during the BoF as recorded in the meeting minutes [2] as below. Please have a look at these questions and let us know if there are any other key questions being missed out.

We are going to start answering these questions and try to close them one by one. Your attention and participation into the discussions are very welcomed. The tool would be the Github issue tracker. If you have better suggestion please let us know. Thank you!

[1] https://mailarchive.ietf.org/arch/msg/apn/OoOgezkAAbd2uFrY2Mk4ZxSbVzM/ [mailarchive.ietf.org]<https://urldefense.com/v3/__https:/mailarchive.ietf.org/arch/msg/apn/OoOgezkAAbd2uFrY2Mk4ZxSbVzM/__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIbqu3yqG$>
[2] https://datatracker.ietf.org/meeting/111/materials/minutes-111-apn-00.txt [datatracker.ietf.org]<https://urldefense.com/v3/__https:/datatracker.ietf.org/meeting/111/materials/minutes-111-apn-00.txt__;!!LpKI!yJIExWhun1_fZVhM8-Ol3eb4f2JEhZp1sfXdYPGSC3O7IGryFkpeworlIR8txJSw$>

Part 1: General Questions

1.       What happens to a flow if a hop can't meet the APN requirements?

2.       Does APN introduce a new data plane when it is supposed to work with any data plane?

3.       Do we need to define a new data plane to carry this info, while you could use existing mechanisms?

4.       Is it expected that the APN ID and parameters be "normalized' (standardized) or be defined domain specific?

5.       If the APN is trying to make app get better service for it from the network, how does it do that? Especially when every app want better service?

6.       What is the problem domain of APN? What is the problem APN is trying to solve?

7.       Why do we need an abstract container for service info across all tunneling mechanisms?

8.       Do we have a protocol mechanism to enforce what's in the APN marking and when it's removed?

9.       How large is the space of APN attributes? If the existing field is enough to identify and individual (e.g. by physical port), could the attribute carry a user identifier?

Part 2: APN Domain

10.   Is APN designed for a single domain or multiple domains?

11.   Is it a normal case that 1 SP has multiple domains?

12.   Is that the entire value of these APN tunnels is to communicate information across domains?

Part 3: Opaque

13.   Is opaque used solely wrt privacy of info from which APN ID is derived? Is that just opaque lookup based on ID?

14.   What is opaque lookup? Which parameters are supposed to use? What exactly are you looking?

15.   Is opaque contradictory to the APN parameters? Does such a "treat as opaque" case actually use the full richness of attributes?

Part 4: Security/Privacy

16.   What is the mechanism that forces this attribute to be stripped at the network operator's boundary?

17.   Is this literally a mechanism for creating and sharing arbitrary metadata about arbitrary aggregates across arbitrary boundaries, which creates as much or more room for trouble?

Part 5: Flow Label

18.   Could the flow label be used for APN, which is designed for similar purpose?

Part 6: 5 Tuple

19.   Is that "structured attribute" more accurate than "tag"? How resulting resolution complexity will compare with 5-tuples being used?

20.   Does APN ID carry a piece of information that is potentially semantically *richer* than the five tuple and making that available to path elements that would not otherwise have that data?

21.   How can the edge routers estimate APN ID and parameters (latency, bandwidth, etc.) just from 5-tuple? Is there any interface or API between application and APN domain controller?

Part 6: Diffserv

22.   Why copying inner TOS to outer TOS and using existing equipment is not enough?

23.   Is APN able to express such "policies" so that a developer does not hardcode DSCP bits with a Excel spreadsheet on its desk to know what mapping means what?

Part 7: Network Slicing

24.   Is APN similar to or the same as Network Slice, just with a different name?

25.   Is the gap that existing approaches, e.g., Network Slice, only provide limited granularity but APN an unlimited one?

26.   Is slicing more general because addressing MULTI operator scenarios?

Part 8: DetNet

27.   What does APN bring that isn't already being done within DetNet?

Part 9: Open Mic

28.   What does the APN architecture add that isn't in existing IETF architectures and solutions?

29.   Why do we need an agnostic mechanisms instead of just hacking into existing mechanism individually? This adds to why having a single WG to focus on a technology agnostic mechanism would be useful before various data plane encapsulations are developed separately?

30.   If a problem does exist it does not have to be solved in the data plane, it could be the management plane.

31.   What different treatment will the network give my traffic if I'm in finance vs. marketing?

32.   Is there violation of the user's privacy/security?

Part 10: Chairs Summary (may overlap with previous questions as a summary)
33.   Why APN is needed when there are multiple existing mechanisms, just as DetNet and Network Slicing?
34.   How privacy affects APN, especially about accidental breach of privacy and subversion of decapsulation?
35.   Use cases need to explain more about what is needed from the APN attribute and what policies are applied in the network. We need more detailed "killer" use case examples.
36.   The APN attribute should not become a way of carrying arbitrary metadata. It is not clear at this stage what information needs to be in the APN attribute versus what information could be in the APN attribute.
37.   We also need more understanding of how APN is relevant in encrypted environments.
38.   Should APN be applied to multiple transport/underlay protocols or should it be better to pick just one and use it in all APN-enabled networks?

Best Regards,
Shuping