Re: [bess] Alvaro Retana's Discuss on draft-ietf-bess-srv6-services-10: (with DISCUSS and COMMENT)
Ketan Talaulikar <ketant.ietf@gmail.com> Fri, 18 February 2022 05:23 UTC
Return-Path: <ketant.ietf@gmail.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD80F3A09E1; Thu, 17 Feb 2022 21:23:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1v9PVtAqubd3; Thu, 17 Feb 2022 21:23:04 -0800 (PST)
Received: from mail-ua1-x930.google.com (mail-ua1-x930.google.com [IPv6:2607:f8b0:4864:20::930]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E9F13A09D3; Thu, 17 Feb 2022 21:23:04 -0800 (PST)
Received: by mail-ua1-x930.google.com with SMTP id g18so3754382uak.5; Thu, 17 Feb 2022 21:23:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=g+gqaJZ4SHjXSOJx5Wu2pHTjds/H9NBKXtSKvG+7Yyw=; b=RIoeUQnCYbV514pW+oFpJKdxQF6hx7GSDelwm/k+C2XDincouYZW6+ZD5dUPkGy8Ig h+nCSibb9gR68YUe+UgvytfhMqXbm/8ocbqUn8yZLfCVnwX+A68RKzXI6yv5jBFmnTgG 67hs4i9vboVdeaaqz8T4J6UAlHFtkRWnpONJvUGOxKxI7W7TSWDLLk377a1nkbP3Butl vA+443Xngb8QYUCAQp38prdmg1ehFPTZXr5RGixJ8WKg6ZFSnE7xEZ9V5QPO1ZkLXg7C ZwCvKuNYohUzJATBzVqcNFkDe2SIhVV+L4YtGUQv109VhR5gEAZwvL7Zy5zO2dzuaeu9 QUbg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=g+gqaJZ4SHjXSOJx5Wu2pHTjds/H9NBKXtSKvG+7Yyw=; b=5GGgHlngDy5Sx/CTdWroaAk1hw3FJveBagjkliAgVDuYgPkucYaM+EtcOu370iSOZC NXPWDJPOFbfNYaX9sAmYEC0/dVMfSaBvimmGtCcABuEsK1QMdAg9nCvFX/HfBhhjXaPb GMWu0f+7XLLOI+4Zm2UrRZG26/DB1ZJnpQJCufjlSGCFOX3ub+jrUZSk2EEcPz7gGLVo X15YhkQZBVWb5HitUIKSyxE9fKoiSuKstA5Kn8tBZ629KtWijDwmBoP8Q1EsUfiF6V8Y AQabrviadw+6VTwUcqBh3rNiHwkynd+kHOmHl6BexHi5o7lKH+7hWvzZ2WbZT3U46sS+ 4OJw==
X-Gm-Message-State: AOAM532vHUZGQmPlKgWiErulFnAH46nvuv35aYiIKSjijX7bhBNDHor9 vD6BBV9+Swzul59DWkZwx5Y4BBh7EDKccOTn4gA=
X-Google-Smtp-Source: ABdhPJz6X/3EiYXLRAPEpE8ryPWhmjMykP/51b/pFokPpP5b0MuLlzsIz0H7AHfbqy6Dux9aHmrWd603ko2ei+K+/wU=
X-Received: by 2002:ab0:6857:0:b0:309:64c8:b40c with SMTP id a23-20020ab06857000000b0030964c8b40cmr2538056uas.28.1645161783392; Thu, 17 Feb 2022 21:23:03 -0800 (PST)
MIME-Version: 1.0
References: <164494796487.31930.7636138656008278664@ietfa.amsl.com> <CAH6gdPzvdae5sGOS982OLdQbYv-qGBnC9BwF_LePhTjaUW+Ghg@mail.gmail.com> <CAMMESsw+28voyO-4prcNVh+d4y6r7wANQV8Qw0RVCrdcRHqOyQ@mail.gmail.com>
In-Reply-To: <CAMMESsw+28voyO-4prcNVh+d4y6r7wANQV8Qw0RVCrdcRHqOyQ@mail.gmail.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Fri, 18 Feb 2022 10:52:50 +0530
Message-ID: <CAH6gdPzEm_xw8D0Dcs4wk15o38FSXgGBxj5DXTmfj0V7BUoX_Q@mail.gmail.com>
To: Alvaro Retana <aretana.ietf@gmail.com>
Cc: bess-chairs@ietf.org, draft-ietf-bess-srv6-services@ietf.org, The IESG <iesg@ietf.org>, BESS <bess@ietf.org>, "Bocci, Matthew (Nokia - GB)" <matthew.bocci@nokia.com>
Content-Type: multipart/alternative; boundary="000000000000b27df305d84413b7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/WCpcn8Spa7vH5xbs-N7yslQokc0>
Subject: Re: [bess] Alvaro Retana's Discuss on draft-ietf-bess-srv6-services-10: (with DISCUSS and COMMENT)
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Feb 2022 05:23:08 -0000
Hi Alvaro, Thanks for your quick response and please see further inline below. We will include these changes in the next update of the draft. On Fri, Feb 18, 2022 at 12:30 AM Alvaro Retana <aretana.ietf@gmail.com> wrote: > On February 16, 2022 at 1:28:43 PM, Ketan Talaulikar wrote: > > > Ketan: > > Hi! > > > > > ---------------------------------------------------------------------- > > > DISCUSS: > > > ---------------------------------------------------------------------- > > > > > > I am balloting DISCUSS because the document underspecifies the use of > > > Endpoint Behaviors. As a result, it is unclear when they should be > checked, > > > enforced, or needed. Details follow. > > > > > > > > > The descriptions of the TLVs in §2 say (twice) that the "SRv6 Endpoint > > > behaviors which MAY be encoded, but not limited to, are...etc." > > > > > > The text above ends with "etc." which means there are other possible > > > behaviors. That's not a great use of normative language, even if > optional. > > > > KT> Agree. We have removed the "etc". > > Ok. Given the rest of the text, I think that "MAY" is just expressing > a fact, not a normative action: s/MAY/may > KT> Ack > > > > > My initial instinct was to ask you to be specific, BUT... > > > > > > The description of the SRv6 SID Information Sub-TLV (§3.1) says that > "an > > > unrecognized endpoint behavior MUST NOT be considered invalid", which > seems > > > to mean that any behavior is ok, AND... > > > > > > There's no validation specified, except for the description of the > SRv6 SID > > > Structure Sub-Sub-TLV (§3.2.1), where it says that the "Argument length > > > MUST be set to 0 for SIDs where the Argument is not applicable". AND... > > > > > > Several of the service descriptions in §5/§6 say that "The SRv6 > Endpoint > > > behavior of the SRv6 SID is entirely up to the originator of the > > > advertisement. In practice, the SRv6 Endpoint behavior is..." > > > > > > > > > The result is that any endpoint behavior (even unrecognized) can be > used, > > > while also requiring a specific setting for the argument length in some > > > cases. > > > > > > How can the argument length be validated if the endpoint behavior is > > > unknown? > > > > KT> The argument length cannot be validated unless the endpoint behavior > is > > known. The ingress PE needs to actually write the ARG part of the SID > into > > the SRv6 SID advertised by the egress PE when sending packets for that > > service to the egress PE. Therefore, knowing that the behavior involves > > argument and validating the argument length is important. We have > clarified > > this in the text. > > I see that the text in -11 now says this: > > Arguments may be generally applicable for SIDs of only specific SRv6 > Endpoint behaviors (e.g., End.DT2M) and therefore the Argument length > MUST be set to 0 for SIDs where the Argument is not applicable. A > receiver is unable to validate the applicability of arguments for > SRv6 Endpoint behaviors that are unknown to it and hence MUST ignore > SRv6 SIDs with arguments (indicated by non-zero argument length) with > unknown endpoint behaviors. > > That works for me. It addresses the cases when the Behavior is > unknown -- the questions below are about known and expected Behaviors. > KT> Thanks > > > > > > Clearly (from looking at rfc8986), not all endpoint behaviors apply to > the > > > services defined in this document. Should a receiver accept any > endpoint > > > behavior? What should a receiver do if a known but unrelated behavior > (End, > > > for example) is received? > > > > > > What should the receiver do if the endpoint behavior is known and > > > applicable, but the attribute length is not set correctly? > > > > KT> Could you clarify which attribute length you are referring to? > > Sorry, I meant the argument... :-( > KT> The behavior definition may or may not specify requirements of argument lengths - the currently defined ones do not pose any limitation and so the draft talks about zero or non-zero. We can clarify by saying something on the lines that for behaviors where arguments apply, the argument length's consistency must be verified against the behavior definition. Would that address your comment? > > > > > For any specific service (IPv4 VPN Over SRv6 Core, for example, to pick > > > one), should the behaviors used "in practice" be enforced? What if > > > different behavior is advertised? Can it safely be ignored? > > > > ... > > > ---------------------------------------------------------------------- > > > COMMENT: > > > ---------------------------------------------------------------------- > ... > > Just one comment: > > > ... > > > (8) §5: > > > > > > The SRv6 Service SID SHOULD be routable within the AS of the egress > > > PE and serves the dual purpose of providing reachability between > > > ingress PE and egress PE while also encoding the SRv6 Endpoint > > > behavior. > > > > > > Is it ever ok for the SID to not be routable? If so, when? The > "purpose of > > > providing reachability" requires the SID to be routable. IOW, why is > this > > > behavior recommended and not required? > > > > KT> An SRv6 SID may not be routable across multiple IGP domains within a > > provider network when routes are not leaked. There can be other > mechanisms > > like SR Policies (or other forms of tunneling) that provide > reachability. In > > other scenarios, due to local policy, the resolution may be desired over > an > > SR Policy instead of the best-effort reachability provided by IGPs. > > If there's a route over a tunnel/SR Policy/whatever, I consider that > routable. I am not just thinking about IGP-learned routes. The case > that concerns me is when the ingress PE doesn't have a route at all > (which is possible with the SHOULD). If a route should always exist > (from any source) then it looks like the text should indicate a > requirement and not a recommendation. > KT> The should is to allow for use-cases such as the one specified in https://datatracker.ietf.org/doc/html/draft-ietf-spring-segment-routing-policy-18#section-8.5 - in this case, there may not be any reachability but the local policy indicates triggering a request to a controller to compute SR Policy path to the BGP NH on demand and then the resolution can happen once such an SR Policy is successfully instantiated on the node. > > > Thanks for addressing my other comments > > Alvaro. > Thanks, Ketan
- [bess] Alvaro Retana's Discuss on draft-ietf-bess… Alvaro Retana via Datatracker
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Ketan Talaulikar
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Alvaro Retana
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Ketan Talaulikar
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Alvaro Retana
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Ketan Talaulikar
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Alvaro Retana
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Ketan Talaulikar
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Ketan Talaulikar
- Re: [bess] Alvaro Retana's Discuss on draft-ietf-… Ketan Talaulikar