IETF Logo Mail Archive

Re: [bess] Alvaro Retana's Discuss on draft-ietf-bess-srv6-services-10: (with DISCUSS and COMMENT)

Ketan Talaulikar <ketant.ietf@gmail.com> Sun, 20 March 2022 03:34 UTC

Return-Path: <ketant.ietf@gmail.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83D173A067A; Sat, 19 Mar 2022 20:34:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 4.137
X-Spam-Level: ****
X-Spam-Status: No, score=4.137 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, GB_SUMOF=5, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5tix_7g-m282; Sat, 19 Mar 2022 20:34:53 -0700 (PDT)
Received: from mail-vk1-xa33.google.com (mail-vk1-xa33.google.com [IPv6:2607:f8b0:4864:20::a33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A89CD3A0658; Sat, 19 Mar 2022 20:34:53 -0700 (PDT)
Received: by mail-vk1-xa33.google.com with SMTP id 134so4432192vkz.12; Sat, 19 Mar 2022 20:34:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=T/wxcRjGZJFQyZplbl8IMTDLfPO34/j/lZPnawr2Cw4=; b=RW5ASQ1sZLLUgjsYagAsmM1ttHOD6jc+90ukw2QRVWPcUDa6Jia73RCYxRFHl06BI3 RlxBqFpZi1Wa/e5OQOJBbqysf+9AWMSK6NWdwJ3Jhz6qUD6bGDv8U5VnWrZNO3zwh8Qc UzidlD51E47zoRc2D5il/Wg2KGAfDCE84MNlChaAV+hfawgAkm1JzIz6L3F2iefMsPl8 bbLPuZ1QZ763vpooqGjUbBeoz84aU0A0+nqqTG219FB8lrbiMrQ99lWiPT/LjKAAui+R t4gPrZaQkPN6KkxJgGFnaGIzzKAGKdhsz9ZoDxpGbmwwNgg/UZfJjlfFBdo2AyaLwPLf RGqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=T/wxcRjGZJFQyZplbl8IMTDLfPO34/j/lZPnawr2Cw4=; b=nUGTe+ivLwrpcbf6JB5xUj7DZ2CykQ/qtATL3/5hlOG9OD7P9mUh0fYiFcgHejqTQc btHCGQ+m7sJ67a+W9xVfYxu6OZBeUs0V5p+u2QySfndiF4mYsVT2g+Fg+80o6lwfzfIk +c1iGIixKSgnzrL+9iVQakC/+O8f/jnjFRHeNqM0VFReOxeBikHNRMqJKUuuSrBGVeqT tF61UoAHACOBac8hzE7OxbSuTgNVUEMs3Lf9JXC+usLWnvLBo0kkxl3EUGSsjbuGfDRW wU394U/oGEa9j67cCiTtco2FJIeUV0H+8b6FlTcI2Oq4rWm0P4WQYZrQ4CgcpftU+jvP JxzA==
X-Gm-Message-State: AOAM531vQdK74BlMuRyk14cUAKVobIpxjr//miHW75BRZkd0WQhg94fT y3boj+Lp9o4nud+VG5VZGS5xXLABHjktYKp9ho8=
X-Google-Smtp-Source: ABdhPJzaDAlqxOAkInJfPaqeY2Q0YTsY1qfRiMYr3zJ8kf0k6ZvCTAypZNpUYPyDmk9tlhZPdwS/aCL60TFvhMZrroE=
X-Received: by 2002:a05:6122:a27:b0:337:5ba4:e040 with SMTP id 39-20020a0561220a2700b003375ba4e040mr5815809vkn.14.1647747292385; Sat, 19 Mar 2022 20:34:52 -0700 (PDT)
MIME-Version: 1.0
References: <164494796487.31930.7636138656008278664@ietfa.amsl.com> <CAH6gdPzvdae5sGOS982OLdQbYv-qGBnC9BwF_LePhTjaUW+Ghg@mail.gmail.com> <CAH6gdPwOueAMe_Gm+b4SN0i6QvOWCLxPnKOtwiH27iSbc+UnPg@mail.gmail.com>
In-Reply-To: <CAH6gdPwOueAMe_Gm+b4SN0i6QvOWCLxPnKOtwiH27iSbc+UnPg@mail.gmail.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Sun, 20 Mar 2022 09:04:39 +0530
Message-ID: <CAH6gdPzufEv8DXVj8pd-=M-527Rks0Cf2M3W-9iAdFvo1v-MEQ@mail.gmail.com>
To: Alvaro Retana <aretana.ietf@gmail.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-bess-srv6-services@ietf.org, bess-chairs@ietf.org, BESS <bess@ietf.org>, "Bocci, Matthew (Nokia - GB)" <matthew.bocci@nokia.com>
Content-Type: multipart/alternative; boundary="0000000000000ad3d205da9e1080"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/02YrTKWtO8Sm0Jia4yn8IMdi1kM>
Subject: Re: [bess] Alvaro Retana's Discuss on draft-ietf-bess-srv6-services-10: (with DISCUSS and COMMENT)
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Mar 2022 03:34:59 -0000

Hi Alvaro,

We've just posted the update with the text changes as suggested by you:
https://datatracker.ietf.org/doc/html/draft-ietf-bess-srv6-services-13

Thanks again for your review and input to improve the document.

Thanks,
Ketan


On Thu, Mar 17, 2022 at 11:32 PM Ketan Talaulikar <ketant.ietf@gmail.com>
wrote:

> Hi Alvaro,
>
> Regarding your discussion point, we will clarify the text related to
> behaviour usage for each service and for handling of unknown/new behaviour.
>
> I'll post the update when the submission window opens next week.
>
> Thanks,
> Ketan
>
>
> On Wed, 16 Feb, 2022, 11:58 pm Ketan Talaulikar, <ketant.ietf@gmail.com>
> wrote:
>
>> Hi Alvaro,
>>
>> Thanks for your detailed review and comments. Please check inline below
>> for responses.
>>
>> We have also posted an update for the draft to address comments from you
>> and other reviewers:
>> https://datatracker.ietf.org/doc/html/draft-ietf-bess-srv6-services-11
>>
>>
>> On Tue, Feb 15, 2022 at 11:29 PM Alvaro Retana via Datatracker <
>> noreply@ietf.org> wrote:
>>
>>> Alvaro Retana has entered the following ballot position for
>>> draft-ietf-bess-srv6-services-10: Discuss
>>>
>>> When responding, please keep the subject line intact and reply to all
>>> email addresses included in the To and CC lines. (Feel free to cut this
>>> introductory paragraph, however.)
>>>
>>>
>>> Please refer to
>>> https://www.ietf.org/blog/handling-iesg-ballot-positions/
>>> for more information about how to handle DISCUSS and COMMENT positions.
>>>
>>>
>>> The document, along with other ballot positions, can be found here:
>>> https://datatracker.ietf.org/doc/draft-ietf-bess-srv6-services/
>>>
>>>
>>>
>>> ----------------------------------------------------------------------
>>> DISCUSS:
>>> ----------------------------------------------------------------------
>>>
>>> I am balloting DISCUSS because the document underspecifies the use of
>>> Endpoint
>>> Behaviors. As a result, it is unclear when they should be checked,
>>> enforced,
>>> or needed. Details follow.
>>>
>>>
>>> The descriptions of the TLVs in §2 say (twice) that the "SRv6 Endpoint
>>> behaviors which MAY be encoded, but not limited to, are...etc."
>>>
>>>    The text above ends with "etc." which means there are other possible
>>>    behaviors. That's not a great use of normative language, even if
>>> optional.
>>>
>>
>> KT> Agree. We have removed the "etc".
>>
>>
>>>    My initial instinct was to ask you to be specific, BUT...
>>>
>>>    The description of the SRv6 SID Information Sub-TLV (§3.1) says that
>>> "an
>>>    unrecognized endpoint behavior MUST NOT be considered invalid", which
>>> seems
>>>    to mean that any behavior is ok, AND...
>>>
>>>    There's no validation specified, except for the description of the
>>> SRv6 SID
>>>    Structure Sub-Sub-TLV (§3.2.1), where it says that the "Argument
>>> length
>>>    MUST be set to 0 for SIDs where the Argument is not applicable".
>>> AND...
>>>
>>>    Several of the service descriptions in §5/§6 say that "The SRv6
>>> Endpoint
>>>    behavior of the SRv6 SID is entirely up to the originator of the
>>>    advertisement. In practice, the SRv6 Endpoint behavior is..."
>>>
>>>
>>> The result is that any endpoint behavior (even unrecognized) can be used,
>>> while also requiring a specific setting for the argument length in some
>>> cases.
>>>
>>> How can the argument length be validated if the endpoint behavior is
>>> unknown?
>>>
>>
>> KT> The argument length cannot be validated unless the endpoint behavior
>> is known. The ingress PE needs to actually write the ARG part of the SID
>> into the SRv6 SID advertised by the egress PE when sending packets for that
>> service to the egress PE. Therefore, knowing that the behavior involves
>> argument and validating the argument length is important. We have clarified
>> this in the text.
>>
>>
>>>
>>> Clearly (from looking at rfc8986), not all endpoint behaviors apply to
>>> the
>>> services defined in this document. Should a receiver accept any endpoint
>>> behavior? What should a receiver do if a known but unrelated behavior
>>> (End,
>>> for example) is received?
>>>
>>> What should the receiver do if the endpoint behavior is known and
>>> applicable,
>>> but the attribute length is not set correctly?
>>>
>>
>> KT> Could you clarify which attribute length you are referring to?
>>
>>
>>>
>>> For any specific service (IPv4 VPN Over SRv6 Core, for example, to pick
>>> one),
>>> should the behaviors used "in practice" be enforced? What if different
>>> behavior
>>> is advertised? Can it safely be ignored?
>>>
>>> Why is the Endpoint Behavior included in the Sub-TLV if (from the above)
>>> it
>>> looks like it doesn't matter?
>>>
>>
>> KT> The endpoint behavior is something that is associated with the SID
>> instantiated on the Egress PE. In most cases for VPN services, the ingress
>> PE simply needs to use the SID to send the packet to the egress PE. This is
>> much like how a context/instruction is associated with the VPN label for
>> MPLS - it could be per-vrf or per-ce or per-prefix - normally the ingress
>> PE does not care. However, with SRv6, we have behaviors that have arguments
>> that do require the ingress PE to be aware since it needs to set up the ARG
>> part of the SID in the packet encapsulation. In certain other cases, the
>> knowledge of the behavior on the ingress PE could enable local optimization
>> which we do want to preclude. Having the ability to signal the SRv6
>> Endpoint behavior also helps in troubleshooting and monitoring.
>>
>>
>>>
>>>
>>> ----------------------------------------------------------------------
>>> COMMENT:
>>> ----------------------------------------------------------------------
>>>
>>> (1) To make sure, the new "BGP SRv6 Service SID Flags" registry is
>>> intended to document the allocations for the "SRv6 SID Flags" field in
>>> the
>>> SRv6 SID Information Sub-TLV (§3.1), right?
>>>
>>
>> KT> Correct.
>>
>>
>>>
>>> Please say so somewhere.  It would also be nice if the name of the field
>>> (SRv6
>>> SID Flags) and the registry (SRv6 Service SID Flags) matched.  I realize
>>> that
>>> fitting the full name in the figure won't work, but you can either use
>>> multiple
>>> lines (as you have already) or call the field simply "Flags," then extend
>>> to the full name in the description of the field...or many other ways to
>>> avoid
>>> confusion.
>>>
>>
>> KT> We have fixed the figure and description to match the registry name.
>>
>>
>>>
>>>
>>> (2) §3.1:
>>>
>>>       SRv6 SID Flags (1 octet): Encodes SRv6 SID Flags - none are
>>>       currently defined.  SHOULD be set to 0 by the sender and MUST be
>>>       ignored by the receiver.
>>>
>>> If/when the flags are defined, the behavior specified here won't be
>>> compatible.
>>> Instead, a behavior that assumes that some of the flags will be known in
>>> the
>>> future would be better.  For example: any unknown flags MUST be ignored
>>> by the
>>> receiver.
>>>
>>
>> KT> Ack. Fixed.
>>
>>
>>>
>>>
>>> (3) §3.1: "SRv6 Endpoint Behavior...The opaque endpoint behavior (i.e.,
>>> value
>>> 0xFFFF)...MUST NOT be considered invalid by the receiver."
>>>
>>> Ok, but the opaque behavior is not defined as invalid in rfc8986 or
>>> anywhere
>>> else (AFAIK).  rfc8986 includes a note specifically for the cases in
>>> this document in §8.3. So this requirement is not needed.
>>>
>>
>> KT> Ack. It is covered by RFC8986. We have rephrased the sentence.
>>
>>
>>>
>>>
>>> (4) §3.2.1: "Transposition Length of 0 ... In this case, the
>>> Transposition
>>> Offset MUST be set to 0."
>>>
>>> What should the receiver do if the offset is not set to 0?
>>>
>>
>> KT> If the checks in sec 3.2.1 fail, then the error handling is done as
>> per sec 8. Please also see the next response.
>>
>>
>>>
>>>
>>> (5) §3.2.1: According to rfc8986, the sum of the Loc + Func + Agr <=
>>> 128.  The
>>> inclusion of the transposition fields changes the formula to add the new
>>> length.  Please indicate the new constraints.  What should the receiver
>>> do if
>>> the sum of the lengths is not <= 128?
>>>
>>
>> KT> Ack. We have added the constraints for the fields of this sub-sub-tlv
>> as also the clarification for handling in sec 8.
>>
>>
>>>
>>>
>>> (6) §3.2.1: "Arguments MAY be generally applicable for SIDs of only
>>> specific
>>> SRv6 Endpoint behaviors"  In this case, "MAY" is just stating a fact
>>> (specified
>>> in rfc8986): s/MAY/may
>>>
>>
>> KT> Ack. Fixed.
>>
>>
>>>
>>>
>>> (7) §5: s/MUST choose to perform IPv6 encapsulation/MUST perform IPv6
>>> encapsulation
>>>
>>> To choose is not normatively enforceable; encapsulating is.
>>>
>>
>> KT> Ack. Fixed.
>>
>>
>>>
>>>
>>> (8) §5:
>>>
>>>    The SRv6 Service SID SHOULD be routable within the AS of the egress
>>>    PE and serves the dual purpose of providing reachability between
>>>    ingress PE and egress PE while also encoding the SRv6 Endpoint
>>>    behavior.
>>>
>>> Is it ever ok for the SID to not be routable?  If so, when?  The
>>> "purpose of
>>> providing reachability" requires the SID to be routable.  IOW, why is
>>> this
>>> behavior recommended and not required?
>>>
>>
>> KT> An SRv6 SID may not be routable across multiple IGP domains within a
>> provider network when routes are not leaked. There can be other mechanisms
>> like SR Policies (or other forms of tunneling) that provide reachability.
>> In other scenarios, due to local policy, the resolution may be desired over
>> an SR Policy instead of the best-effort reachability provided by IGPs.
>>
>>
>>>
>>>
>>> (9) Both §5/§6 say that the "ingress PE SHOULD perform resolvability
>>> check for
>>> the SRv6 Service SID before considering the received prefix for the BGP
>>> best
>>> path computation."
>>>
>>> By "resolvability check", do you mean the "Route Resolvability
>>> Condition" from
>>> §9.1.2.1/rfc4271??  If so, please be explicit.
>>>
>>> Given that we're talking about services, which table should be used to
>>> resolve
>>> the SID?  This question is something that rfc4271 doesn't cover [1].
>>> Please add
>>> something similar to this text from rfc9012 (where the resolvability
>>> condition
>>> is mentioned):
>>>
>>>    The reachability condition is evaluated as per [RFC4271].  If the IP
>>>    address is reachable via more than one forwarding table, local policy
>>> is
>>>    used to determine which table to use.
>>>
>>
>> KT> Ack. Updated the text.
>>
>>
>>>
>>> [1]
>>> https://datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-bestpath-selection-criteria
>>>
>>>
>>> (10) [nits]
>>>
>>> s/multiple instances...is encountered/multiple instances...are
>>> encountered/g
>>>
>>
>> KT> Ack. Fixed.
>>
>>
>>>
>>> Please add figure numbers to all the packet formats, etc.
>>>
>>
>> KT> Ack. Fixed.
>>
>> Thanks,
>> Ketan
>>
>>
>

v2.23.0 | Report a Bug | By Email