IETF Logo Mail Archive

Re: [Apn] Further revised draft Charter

Adrian Farrel <adrian@olddog.co.uk> Fri, 20 January 2023 13:49 UTC

Return-Path: <adrian@olddog.co.uk>
X-Original-To: apn@ietfa.amsl.com
Delivered-To: apn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46774C152574 for <apn@ietfa.amsl.com>; Fri, 20 Jan 2023 05:49:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.795
X-Spam-Level:
X-Spam-Status: No, score=-2.795 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=olddog.co.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jOs3dI9-KVAE for <apn@ietfa.amsl.com>; Fri, 20 Jan 2023 05:49:41 -0800 (PST)
Received: from mta7.iomartmail.com (mta7.iomartmail.com [62.128.193.157]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9DCA1C14EB18 for <apn@ietf.org>; Fri, 20 Jan 2023 05:49:40 -0800 (PST)
Received: from vs3.iomartmail.com (vs3.iomartmail.com [10.12.10.124]) by mta7.iomartmail.com (8.14.7/8.14.7) with ESMTP id 30KDnXVC017910; Fri, 20 Jan 2023 13:49:33 GMT
Received: from vs3.iomartmail.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0DFF34604A; Fri, 20 Jan 2023 13:49:33 +0000 (GMT)
Received: from vs3.iomartmail.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EC1604604F; Fri, 20 Jan 2023 13:49:32 +0000 (GMT)
Received: from asmtp3.iomartmail.com (unknown [10.12.10.224]) by vs3.iomartmail.com (Postfix) with ESMTPS; Fri, 20 Jan 2023 13:49:32 +0000 (GMT)
Received: from LAPTOPK7AS653V ([148.252.129.177]) (authenticated bits=0) by asmtp3.iomartmail.com (8.14.7/8.14.7) with ESMTP id 30KDnVoM015737 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 20 Jan 2023 13:49:32 GMT
Reply-To: adrian@olddog.co.uk
From: Adrian Farrel <adrian@olddog.co.uk>
To: 'Mirja Kuehlewind' <ietf@kuehlewind.net>
Cc: 'Feng Yang' <yangfeng@chinamobile.com>, apn@ietf.org
References: <CAF4+nEFHcKBbc7J8v3yj_b6V1==4yUBOOhdazR2yrP75Gcd0mA@mail.gmail.com> <055a01d92b33$6c13be60$443b3b20$@com> <F0851BC5-42B4-4419-8638-6941FD5DD02E@kuehlewind.net> <05b801d92c02$df522680$9df67380$@com> <A4C86371-6DFF-454B-9C71-7448DE3F14B1@kuehlewind.net> <21586947.1120715.1674134825741@www.getmymail.co.uk> <0D45C5C6-5803-40A7-A6F4-C196DD16C09F@kuehlewind.net>
In-Reply-To: <0D45C5C6-5803-40A7-A6F4-C196DD16C09F@kuehlewind.net>
Date: Fri, 20 Jan 2023 13:49:31 -0000
Organization: Old Dog Consulting
Message-ID: <067001d92cd6$068b0d60$13a12820$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQGEgfInFnurhIWzvF1Gqu8rqha5hQIDVEkEAczBI5EB6oT2KwIaeUDLAWScLmsCxtvhJ67wod6w
Content-Language: en-gb
X-Originating-IP: 148.252.129.177
X-Thinkmail-Auth: adrian@olddog.co.uk
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=olddog.co.uk; h=reply-to :from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-type:content-transfer-encoding; s= 20221128; bh=TMrnmRD8kZ3cQ2Agmc15Cgwt1xEP3rmf99v5DdxQW4M=; b=0w+ TLDyDyMElp6kWH1uwMQsGOppgfNNEvACyNc3c6o1nh5G3s3t9akP5dNtqravR2Et z6NL2gq+a31kRAQTh83Ol2xhYe/SubFg3Lnhhc1BsTCzTPHICI4jppTcJ0RB/Ynt FgM29m5GEBLX9hNkmGO1UGqUvXJgdv2tdvCsDqc0OqbHNso/iuFyGCHcar/uJlnQ hBmuuNrkumVedj70nI8VZw0JkKK6BxdeAQmau/0dT5mIy66HcLa9K7QyykiFC1kD QBUnfusdhq3JhLN7MhHZ5nZst584L5l720Fdj2z8chCCjLssOflqAGJzNqutruVl S4WPuOo7yqEkXWvOAXg==
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSVA-9.1.0.2090-9.0.0.1002-27398.000
X-TM-AS-Result: No--39.902-10.0-31-10
X-imss-scan-details: No--39.902-10.0-31-10
X-TMASE-Version: IMSVA-9.1.0.2090-9.0.1002-27398.000
X-TMASE-Result: 10--39.902400-10.000000
X-TMASE-MatchedRID: jFqw+1pFnMzxIbpQ8BhdbGmJRrUz4kogkYC3rjkUXRJFms6YEs23D7+q 8INInMN788Nlh3h4mC9kzfH9/1gfNje96EFBYLpXnrsEDDAvkjqqrLYvPGNe6kGvnX7xl0psdVd Df+p3DnLPmrVKltGy2PS9Nd3X1KcroAx3RvpOvbh9Rz+ChTbKEAV54COoxb6XcJquQxzIpMCzq7 tqj2pPkSylx3BzwyzHmfhkF5Dl1bfnb+nFnHa3NCtPpXoicS5XGbJMFqqIm9y8/Gbbp+KDLyi73 dCM5p+1kOrWoP6MdoAwHAMM0nOJ5XibEU0Vaejn0e7jfBjhB8cWFWnBZiZ9Ec3J+h/wWLV9xaWG P2Id5WmdZwaCOYnJbpg+xMERr0NZpFPA9gan8yVWsaumxBhjtEhLan9zzSxmY083I0nczqXx4GB I3Be9iJpOFk2LkwGEjKK+nplqDija+vZaD4cRLi/T1r68E/jWYXk01g6vov8SLXKEgCHHCT88ny n5HOwBpsX84hgxtpotSrUZVTCyF2rCMAFDPKUmGqSG/c50XgNuRZHBDZPAdBFcjma+uKsH3OZ1F 18bHXawOZGGxenQl2LU2oe0LGwaqf8Hy2aCI2lH4a2iJdV4Mf3Mwv7J07DXoRBIy5J0l8BtzRhG hF5pwBt0ymbyxa8gAxOvE9DOFI9/9yzhvDVD2KroPbyANljgYTIx8XXCXve8GLW9IO2MLSwBU0J cTkhx5XT/7zGR+5hjKVAo+lJ3CvSSzAkeUvUq8Jb881FGn9lJziJDtUPgzfsfZb1yecRIt1sjCe 9Vi5sU9xlOy/C5qpt+1VCW3d+F7GX0c1UlalyeAiCmPx4NwFkMvWAuahr8trNGq+WQEvQFdbsG+ ieXxwtuKBGekqUpTQ+fygW0sJz0yB4Aoav+xlVoEXK0hBS3
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
Archived-At: <https://mailarchive.ietf.org/arch/msg/apn/Aea2xP3Mv6QowUxPVRwyNTCfzyc>
Subject: Re: [Apn] Further revised draft Charter
X-BeenThere: apn@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Application-aware Networking <apn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apn>, <mailto:apn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/apn/>
List-Post: <mailto:apn@ietf.org>
List-Help: <mailto:apn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apn>, <mailto:apn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jan 2023 13:49:46 -0000

Yeah, thanks Mirja.

It's good to draw out the two extremes.

On the one hand, using an existing field (or a combination of existing fields) is attractive because it doesn't require any changes to the encoding. But it has two draw-backs:
1. How well would we interact with existing implementations that already use those fields?
2. Can we manage to squeeze the desired information into those fields?

On the other hand, a new *tunnel* encapsulation tends to imply and end-to-end or edge-to-edge solution (a bit like NSH) without making information available to "regular" IP routers on the path. Now, there is the possibility of a new hop-by-hop encapsulation (such as GTP or Ethernet) that is sub-IP but carries the information. The trouble with that is that the information gets lost when you traverse a link that doesn't support the encoding.

We could, I think, spend quite a lot of time debating possible approaches, pros and cons, and the architectural implications. My reading of the proposed charter is to create a space to do exactly that. The charter text that Donald just circulated seems to imply that if the WG discovers that existing mechanisms or fields do the job, then that would be fine. I suppose it would also be fine if the WG discovered that the use cases don't justify further work, or that the architecture implied that a sub-IP solution would work.

Cheers,
Adrian

-----Original Message-----
From: Mirja Kuehlewind <ietf@kuehlewind.net> 
Sent: 20 January 2023 12:58
To: Adrian Farrel <adrian@olddog.co.uk>
Cc: Feng Yang <yangfeng@chinamobile.com>; apn@ietf.org
Subject: Re: [Apn] Further revised draft Charter

Hi Adrian,

Thanks for the further explanation. Right, NSH also impact the IP routing, however, without being an expert, I guess you could just address an explicit egress node. Having such a tunnel where the encapsulation IP header uses the egress address would also be more secure regarding privacy, as the packet could not “escape” the network without being decapsulated.

I guess using a single existing field like DCSP (or maybe also MPLS labels) or having a full-fleshed, generic and extensible tunnel encapsulation are the two extremes. However, it is still not clear to me if something in the middle is needed, how that would look like, or is even really feasible (or would you only get the worse of both worlds, like more complexity but still limited functionality).

Mirja



> On 19. Jan 2023, at 14:27, Adrian Farrel <adrian@olddog.co.uk> wrote:
> 
> You can do a lot with the NSH because it is a layer 3.5 encapsulation. But that comes at a price because the packet has to be built as IP to the next service function forwarder, NSH, original IP payload.
>  
> The NSH basically allows you to put quasi-arbitrary meta data with a packet, so it is not totally free to implement in hardware.
>  
> I'd say there are plus and minus points and it is worth looking at the benefits of a simple approach.
>  
> It may be worth asking why SFC deployments eschew the NSH in favour of MPLS, SRv6, or native IP in IP approaches.
>  
> Cheers,
> Adrian
>  
>  
> On 19/01/2023 14:14 CET Mirja Kuehlewind <ietf@kuehlewind.net> wrote:
>  
>  
> Hi Feng,
>  
> My understanding is that NSH provides such a clean and generic solution. What is missing?
>  
> Mirja
>  
>  
>  
> On 19. Jan 2023, at 13:38, Feng Yang <yangfeng@chinamobile.com> wrote:
> Hi Mirja,
>  
> Thanks for your suggestion.  
>  
> We have associated quite a lot information on the source IP, for example, location/address/user/services(mainly for user who paid will get better bandwidth resource gareentee), etc. Maybe there would be more in future. So I feel to reuse some existing field will create a more “discreted space” , thus even harder to handle.  
>  
> If there is a clean, generic mechanism, that will great simplify the solution and give more possbility on the service we can define.
>  
> BR,
>  
> 杨锋
> Feng Yang
>  
> 发件人: Apn [mailto:apn-bounces@ietf.org] 代表 Mirja Kuehlewind
> 发送时间: 2023年1月19日 00:37
> 收件人: Feng Yang
> 抄送: apn@ietf.org
> 主题: Re: [Apn] Further revised draft Charter
>  
> Hi Feng,
>  
> Why are not just using the DSCP field or, if you need to provide more information to the network nodes, Network Service Header (NSH) encapsulation?
>  
>  
> Mirja
>  
>  
>  
>  
>  
>  
> On 18. Jan 2023, at 12:53, Feng Yang <yangfeng@chinamobile.com> wrote:
>  
> Dear WG,
>  
> In the operator's network, we provide corresponding services for Internet services and bussiness services to meet the needs of a group of users with the same service requirements for the network, such as acceleration, and security for Internet services (e.g. SAVNet), and leased line for bussiness services,(e.g. slicing and service chaining).
>  
> Currently, we are distinguishing services by source IP address at our network edge devices. But the source addresses are discrete, we hope there is a way to transform the address from discrete space into a linear space , which will make it be easier for classification, so that the services and policies can be combined in a simple way. Eventually that can improve our efficiency and reduce costs. 
>  
> This actually solves the fundamental problem that ACLs are difficult to apply at scale, and facilitates us to aggregate services in a linear space and statically configure a number of matching conditions by means of planning.
>  
> I think this Charter clearly presents the work we would like to see, so I suggest it is best not to postpone APN Charter any longer, we should setup the WG first and discuss the actual work as soon as possible.
>  
> The Spring festival is coming on this weekend. Best wishes for everyone. J
>  
> BR,
>  
> 杨锋
> Feng Yang
>  
> 发件人: Apn [mailto:apn-bounces@ietf.org] 代表 Donald Eastlake
> 发送时间: 2023年1月18日 10:04
> 收件人: apn@ietf.org
> 抄送: apn-chairs@ietf.org
> 主题: [Apn] Further revised draft Charter
>  
> I've gotten some comments and I've re-read some of the AD DISCUSSES and comments. Based on that I've updated the draft Charter as attached. Comments are welcome. 
>  
> Thanks,
> Donald
> ===============================
>  Donald E. Eastlake 3rd +1-508-333-2270 (cell)
>  2386 Panoramic Circle, Apopka, FL 32703 USA
>  d3e3e3@gmail.com
> -- 
> Apn mailing list
> Apn@ietf.org
> https://www.ietf.org/mailman/listinfo/apn
> --
> Apn mailing list
> Apn@ietf.org
> https://www.ietf.org/mailman/listinfo/apn
> -- 
> Apn mailing list
> Apn@ietf.org
> https://www.ietf.org/mailman/listinfo/apn

v2.23.0 | Report a Bug | By Email