IETF Logo Mail Archive

Re: [Bier] New Version Notification for draft-pfister-bier-over-ipv6-00.txt

Eric C Rosen <erosen@juniper.net> Thu, 15 September 2016 16:16 UTC

Return-Path: <erosen@juniper.net>
X-Original-To: bier@ietfa.amsl.com
Delivered-To: bier@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D125412BC1D for <bier@ietfa.amsl.com>; Thu, 15 Sep 2016 09:16:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bs0cgE1P3Wq6 for <bier@ietfa.amsl.com>; Thu, 15 Sep 2016 09:15:57 -0700 (PDT)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0136.outbound.protection.outlook.com [104.47.42.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17FC712BE9E for <bier@ietf.org>; Thu, 15 Sep 2016 08:16:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=/Uh7aTScCXBjhf8ELRN25lQQ0pYlJO0acmCgt4MN7Zg=; b=N7NDxWzOSgax9BXkb81DE4ne/IPPsUUebRzvV+ky0dPAQltyhT9J/wEgdsABOxnFzNTo4quMwslBLzR7quvsIwbory1ejEjd3ajQvAERV4jozh0AnBRm/L+cYBqQlLVrYJ7aV0pMPGZEtSP5eP1YHjtA7UVktqEcq99ltSugiwo=
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=erosen@juniper.net;
Received: from [172.29.33.134] (66.129.241.13) by SN1PR05MB2192.namprd05.prod.outlook.com (10.169.124.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.639.2; Thu, 15 Sep 2016 15:16:35 +0000
To: Pierre Pfister <pierre.pfister@darou.fr>
References: <147280131368.24750.2582129788572723864.idtracker@ietfa.amsl.com> <3C470D17-363E-4F7D-B943-19FC52052C67@darou.fr> <d891b2b1-1419-3fdb-be95-034d91305a30@juniper.net> <10B5F14B-8A1B-4DFC-B21E-A314B1605213@darou.fr>
From: Eric C Rosen <erosen@juniper.net>
Message-ID: <08b8ac29-459a-d5e5-524d-7b84d744b020@juniper.net>
Date: Thu, 15 Sep 2016 11:16:30 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <10B5F14B-8A1B-4DFC-B21E-A314B1605213@darou.fr>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [66.129.241.13]
X-ClientProxiedBy: BN3PR10CA0026.namprd10.prod.outlook.com (10.161.211.36) To SN1PR05MB2192.namprd05.prod.outlook.com (10.169.124.140)
X-MS-Office365-Filtering-Correlation-Id: 1523f333-97ec-40bb-9d92-08d3dd7b48f5
X-Microsoft-Exchange-Diagnostics: 1; SN1PR05MB2192; 2:OivM5dLNVUJl7UkZsnk/8eaHVROXWpSKV2HsLa345tyDSGrekR/JccgFILQA7DHngabjQkzXeciOSCV/gevOmppObLugB0YxLbBmgh2inDFVD4q7EXI9M2NFvp7cs/Q8yM1ZJiLxoSC76a9xZoJs+tmS66WUcLexfygtRehDzFAfzxVLw+x8yXrPBOdfQ8yJ; 3:t9bEcpp8SxWVD5Aa3qETBaAT95kWFVEOuuYm7yFEzhiywdvvT+aFqIn0i+V0VvsOAXo9DTExnUCTgn/55eayCT6Zk6uYQ9UgPkn73fYiQdMPMXe6RRXn6S2uTzhJp9gL; 25:RjBbZR1eE8y0C5PNJROBd0Wc8Qmgo1H6Jpp/GyQmKeV3E0n75TU4WMogkXyDDWQd8BhcxsLxShTsomrJT8UrUWI97p1NuRWk+VHJzP2xlhe8NEAWELwu1BnMYhwhL/RJsuQCfHI9QdUeZtcb1Kq9e7Cu4+gDJMwOdIZUETMCXsFyQ1myewJxoznJIYrwSd1ifyK0vtccqhPdNR20E05kki0+DNgQ6iclbKFduslNd4efBmSF7EOo57u5jt30nBh9ZV4geXwyVT7dyhgkS/wiGZREc8tnCcmanrTPqezLDk/GKd+oc8hFBw/inGCneri+VDCUh5BtMmR22BRBu8bihHNf9UjAnqsmqFX4f3rGJdF84wXg8t1x4/kax/cZZpEj6iXao9UsE5mD2rFSqiB3Ii9R36KXReKaBXhlFvzt6uU=
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR05MB2192;
X-Microsoft-Exchange-Diagnostics: 1; SN1PR05MB2192; 31:5XVq9VF83v8GsIsNb67Q0XVEOmlir9VDwGbzLXwmfEGaWHlsd7TOcOpKfk9iYgodPMDAymSNoO1k5Z2Ny9DGO53M0dfFeNVtZjjeY2XKk7X8MaIFBCN68/cGKtWPp8XC9fQ0QXBaYk+95/2zJaBXwdy+Rnb/g9mqqYAp+XasvayQSTkJgRo0v8LF6zKjvb8zn60xVIzGpaHIGi8v1tBID5pgG1XUGJc9NvP6y2q1FHU=; 20:j9f5UwmETcLCftLaSpDJblgnzCuCQ5vHRHT040kXEaYXLOwqHdpMFchoC0fidyDxWt4eGMYaOWC/8+y7pgHc7AiACiUccTv/+CQfqFT8JSPDiyr/KnCidS7yxu3FJYoyReT03b/73SUTEEZ3vtEPZ8HVwiRaabO3qtDZrH+6LGKIGqHU6FfJ/YL1aThykCZZyaQqVfoFZDqVzsUCXRpmJ6TrMRrjmYDocYiEyelKzFLx7RZfJy9n7SfCGEmJgnu0UkrdEf2viR0puHXYJkHBK4MuxFHnq0qAz0Ks6sxYiilm0bGsD1YHqn2zuFswW1hNlONHbFZ71l+xY3xsChlZU3ZedI7OoZKBeRyH3OCMb2H68E5bFMpWw5q4FcYsNT6rlLFr05gnVD/vVzvbPnTk72zr+zqRIg/17skXvK33hPm/FcGSFHNzyfoNbR+JlbY2U/KICwo6niYrVT/4uy9lj2/C2RJ+rO6VUvVkADrHUkrs/U3hFk9HX+zcaT5KVkip
X-Microsoft-Antispam-PRVS: <SN1PR05MB21925EE0507A1FE10E166C41D4F00@SN1PR05MB2192.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(17755550239193);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026); SRVR:SN1PR05MB2192; BCL:0; PCL:0; RULEID:; SRVR:SN1PR05MB2192;
X-Microsoft-Exchange-Diagnostics: 1; SN1PR05MB2192; 4:zfv14+uk3yY6rf0Y0U+e0hHnT4Dg08WaPyeW74HioQSGxu6/3nPW846JjcEaoQEzBUqatfTkd/dSgk6q9C/BB/0gFc5cp+F3ehDQ8lPzimx7q4h+RCKVyFeEs5WVSc3zzdFjYqlEcdfnXEN+hp/z/n47UYT5AdKwG19TZqk9390CfuWALZacJqnJkebpMKx9OV0gVznLIjGrhrJzQ/GoHo1S3tVRFqPx3+hlBLnykW7Dq3Jq2YtmZxwOkyRYceaj8/Rr+RmKUytQ0qgzo5vi25Yx2h/CBofoDxOJthQq9sL0zdRAJQC7RGUW/PVmmGoSRdwmUSlibHsHXGOwAE5xjb/rGWnioiRSIKocCecz+tLCC0dUUytCq3dsZUHg0k6TbRWDEb1jje42Kn2IYJuQn+dFk6NscIqJIZHZRJKREKNZx2JH1zbRWxWdvmojao8d0o18uJS5ppsQOb4tt3PukL/Qb/k3xp6S2FwjFQfZ9K4=
X-Forefront-PRVS: 0066D63CE6
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(4630300001)(6049001)(6009001)(7916002)(199003)(189002)(76176999)(5660300001)(50986999)(54356999)(189998001)(31686004)(42186005)(86362001)(36756003)(31696002)(6116002)(3846002)(2906002)(81166006)(97736004)(81156014)(106356001)(50466002)(8676002)(110136003)(4001350100001)(586003)(64126003)(65826007)(65806001)(2950100001)(105586002)(101416001)(66066001)(65956001)(47776003)(83506001)(68736007)(230700001)(561944003)(15650500001)(4326007)(77096005)(305945005)(93886004)(23676002)(7736002)(33646002)(92566002)(230783001)(7846002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1PR05MB2192; H:[172.29.33.134]; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
Received-SPF: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1;SN1PR05MB2192;23:QZYC+bGVEwCAb3lMIRMUFmSCEvPSwmxLWMPTsGKftR25xJg0U5ectOoWKDSQ7j4WiqvhxoKWsOz+AJov+BHK5tm8nO3riEo/S6CxlRxU8cGWKf/MEE6+LINQ1LvF9ccZuPcNb0AEPfOHbWXpdv8AS42+TlbdmgXNdcn8JOb6wiSxokyrykrGzn0h6nkRWTLQGLu1CND3/4VH3xdjZqLy8EnrrASCsIl2W0CLAKnfj4f0wM/5PMus57fnId1FSJVs4p+vTb2FEGOpFukvzIxLX8qXz8WK2REya0qgcE8y+UaAYf4c7O0LLAI7Zy6N7d3C+IRKTeTsOBBap0+cciL9x3dyF+SfQWnmTpXU5xoJ/ZvTE0MDzgzTgekCAhl8GH9OCXIwjQvUxd89tvlYUVquAZWYiF+cawV/YXZsdhvyLmrK6j4GxTaJ2vfJIeghshVrdSSj3oFUOO509kfc/Z9a8PTt6z8tTxc9BJy6t3sjfTvFr1HB2AGZWE4it6L+1OCnwDxUMC2D1VvEWH55KQPNuIdvfag+GmdxDiXULpTYD8WhFkHk/2rdWVzElEBqACb7O0BCh30eg+h9lukkekZfYsr/8BXnPO/ErZO+lxPe3iNURELhxLy5XIcsz6g3f2ZXvgFG1qIjPOVW7518Bbh0JExI/N2IQFL/lRoXB+d06TALGd9KiNKxQRgQTeJSovT4FT5ERPMZxzlMg4zv8XAZKHdhmpcqyD18rVg0AH+pSCaGRAiY/WfUkA/+thPVNEEcvSPHqm59MF72WwSREHfAQ40I7FYnEbFkgoBIiPnTee40e4jzb7ZlXRjgWlFliDrK1hR/X1FBopyw0OxI7IHUhcRZBeUckq2J2i+/NInzdhh3eMMbQIoDg+8xSBG9Sxr1l1jDRoZDixkHnra9hBkKfb/L70I9JhrjhsLc5LP9KHDFRAQuxwvDZfaRGClBkvQ+XMVf8XLYqdPIXYc9sI8UTlFxL/sCbDZUQFn9Etci1XUmR9eyxwM28wpf+JX4+9TdtxqJCR8ZYgH5xaK6SXb6pu1REglmLMBC8ROnrqtLe4rMSSj82dhld8fgutzRaN4V2cPjWUA6naGdYe8G6mZegU5brdKAGKDbZqgTqpnezth1RaGSx1ceKR7hOuNrdxFFWtvFXmhVntI/ba5lmjkPQmS8GxvCNhHV3RAVXiQlcwXARUBjGJoW7MFjmvSV9dr+2NnFx3GOsONfwAObBT6lDlxxcQg0BXgWqDn6TtUb43Y=
X-Microsoft-Exchange-Diagnostics: 1; SN1PR05MB2192; 6:hDMbkzW+ni2MRr6UgNgnTaOSMdR0yfDt+k8sowwFSFCZMg8Xwqb2BN7nZuIpCDABqmO73GNyFb5aW02GPE38Xp1SVbrtPJnRQia1JdkYvJX4y0VGY/9de3FQss/OqeWAaTZog+3a8lJydByTxMDDF4yTVTGV79qJGu6UwSitt4XxWnilLVkG47EgelQJ/v1KRj4qHMl5nGNN1lGaGlQ0QsFWpkEZfCUuMJLRal4aN+TULewEAUbU/BuUACI0U1KCqsdDvgmteWeElfLD+72JbapK2RsKgEaE3+RlByVcvEwZKDQ3fH40Z2mADwNu44b9W584XqIPnleKMluFUT+kLw==; 5:8CdTBfvxOG5i9xw9EBmu0HcSHiGtCIx7UeP1rKyrUy0wM3lC7Js9m6YK92+q6tQzZniouZoJoKcDAwUVMioGzNbDjQsNU29uaWywSEM0UL8mGSACtuBt9IpJZ6jnvh0Pm7BvatclfoxOxt1eBbS0NQ==; 24:9oJDEwqxYQ8We58b3mcTH6jmVtiyomG3mDFOOjEV8GqhwpEy0vEg5x7+7KLBZx1SsXbqeUzMaDUEzb2dXkVGSR0k/F9NEBJc1S6W4d2yfpY=; 7:FdXW8G37xLOMgT0U3QqiYP/NbFPUGfENj4KCdhJqd/mITA0bpzRKMZtXSGLhjBS2jBmpd6fdt5y66Ya/VG2U0IKUet22DFhMZ41Fgvju7j6CkPAvWWmz0DLX52yCQvLjDo0W49ZzFjQvfrpOAnE/9GTlORm5YSgQQ4vWGy9Eosz6BqvIMZiGYTr6DZEZVQJUgfoSCMKykpiGyZ8R+Yd16kqj6YUSDNO++uTrPtWFTCkhjs7znquQStBXS+irkt5L
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Sep 2016 15:16:35.8899 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR05MB2192
Archived-At: <https://mailarchive.ietf.org/arch/msg/bier/N6DeIKUiFCpJz8ZRKklaZ6ixCII>
Cc: bier@ietf.org, IJsbrand Wijnands <ice@cisco.com>
Subject: Re: [Bier] New Version Notification for draft-pfister-bier-over-ipv6-00.txt
X-BeenThere: bier@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "\"Bit Indexed Explicit Replication discussion list\"" <bier.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bier>, <mailto:bier-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bier/>
List-Post: <mailto:bier@ietf.org>
List-Help: <mailto:bier-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bier>, <mailto:bier-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Sep 2016 16:16:02 -0000

>> It is worth emphasizing that, unlike other proposed encapsulations, this encapsulation only supports BitStrings of length 64.  Well, 128-p-i.  I guess one could use a /40 prefix and a single SI to get a BitStringLength of 88 if one doesn't need any more than 88 BFR-ids in the domain.  It still seems rather restrictive when compared to the other encapsulations that have been proposed.
> IMHO, what really matters is the ratio of packets sent over the number of reached destinations. From that regard, a case with 1024 long BitString and 1M destinations with random access will not be very efficient. In some cases, 64 destinations are far enough. As you noted, we already have an encapsulation which can handle longer BitString, so I guess we'll have to evaluate whether other use cases, 1., need more bits, 2., can use the existing MPLS encap.

You should point out then that your encapsulation does not support the 
full functionality of the BIER architecture as specified by the WG, but 
only an arbitrarily chosen subset of it.

>> I don't see how the sub-domain is identified in this encapsulation.
> It is not addressed by the document indeed. Just for the sake of making a short document.
>

This is another way in which your proposal fails to support the BIER 
architecture.

>> The draft says: "It makes use of a typical IP longest match in order to decide whether a packet is a BIER packet or not, which means hardware and software existing solutions may be used for that purpose."  But existing/deployed hardware and software solutions cannot do the BIER forwarding!  So I don't see what advantage is being claimed here.  Or is this just a way of saying "at least we don't use IPv6 extension headers" ;-)
> It is a way to say "Hey, you will be able to reuse bits of hardware and code rather than restart everything from scratch".

I don't think there is any proposed encapsulation whose implementation 
cannot make use of some existing logic.  So this "advantage" does not 
distinguish your proposal from any other.

> But you have a point. I could add "it doesn't use an IPv6 extension header" too.

Well, there's lots of things it doesn't do.  This particular point is 
only interesting if you are comparing your proposal to another proposal 
that does use IPv6 extension headers.

Of course, if there were such a proposal, it would probably claim as an 
advantage "it doesn't modify the destination address field of a packet 
while the packet is in flight", thereby avoiding a whole set of 
unintended side-effects.

(I do think it is good to avoid IPv6 extension headers, but none of the 
encapsulations that have been proposed to the WG use IPv6 extension 
headers, so this doesn't seem like much of an issue.)

> I do not suggest to overwrite the destination address sent by the source. If you don't want to restore it later, it is possible. But this is obviously a bad idea if you need to restore it.
> I was rather saying that the source can directly originate a packet which destination is a BIER IPv6 address.

There is nothing to prevent a source from originating a packet with any 
kind of encapsulation whatsoever.

> Or if the source sends an IPv6 multicast packets that you need to be sent through the BIER domain, you can encapsulate it inside the IPv6 BIER packet.

Same as any other encapsulation.

>
>> If an enduser's UDP packet is carried as the payload of an IPv6 BIER packet, and the UDP packet has non-zero checksum, then, as the draft says, "the UDP checksum must be recomputed when the BIER bits are changed."  So the BIER forwarding plane now has a new function -- it has to look to see what the payload is, and whether the the payload has a checksum that needs to be adjusted.  Does that sound like a good idea?
> I see at least two possibilities here:
> - Update checksum at every BitString change. This is actually not so expensive given that the IP checksum is linear (i.e. support updates). Obviously this requires looking at layer 4.

If your encapsulation requires that the forwarders look at layer 4, I'd 
say that is a pretty big disadvantage.

> - Have a convention that the packet is checksumed with BitString set to all-zeroes.

I don't think a BIER encapsulation should require that UDP be modified.

>
>> The draft says: "It is possible to configure a host with an address which corresponds to a BIER address with a single bit set.  From the host perspective, such address is not different from a regular IPv6 address."  Well, what will then stop the host from using that address as an IPv6 source address?
> It is a feature, not a bug. A BIER IPv6 address with a single bit set is a valid unicast address.

No it isn't.  See my comments on using a "BIER IPv6 address" in the 
source address field.

>> Packets carrying such an IPv6 source address may get dropped for using a prefix that has not been delegated to the host's subnet.
>>
>> If a host uses a "BIER address" as its source address in a given packet, and the packet doesn't get dropped, the packet may elicit responses that put the BIER address in their destination address fields.  This seems like a security issue, as it creates an attack vector that can create 64 responses to a single probe.
> Are you talking about BCP38 ? Ingress filtering means that a host cannot send a packet with any source address. Of course, if the host is assigned a BIER address, adjacent routers will have to be configured to not drop the packets that are originated with this source address.

The need to configure adjacent routers this way doesn't seem like much 
of an advantage.

> It doesn't mean that you allow the host to use any BIER address though. The first-hop router (or any other routers) can be configured to do a source address filtering (just like BCP 38) to make sure that the source address is not a BIER address with more than one bit set.

More special case configuration needed in order to use this encapsulation.

>
>> Hopefully hosts will not treat the BIER prefix as a delegated prefix that they can use to compute their own "privacy addresses"; if any of those computed addresses make it to the source address field of an IPv6 packet, and the packet does not get dropped, chaos could ensue.
> Why would you advertise an IPv6 BIER prefix with the M bit set to 0 (enabling SLAAC) in your RAs ?! I mean, there is no way SLAAC could be used for that purpose. You would use DHCPv6 (or some other equivalent) for address configuration anyway.

Ahh, the old "it will never happen" defense.  After all, bits never get 
set incorrectly, or in a way not anticipated by the authors of a 
specification ;-)

Actually, every network disaster is preceded by a developer saying "that 
will never happen" because "no one would ever do that".
>> The draft suggests that the BIER prefix can be treated by BFRs outside a given domain as a routable unicast prefix, presumably leading towards one or more BFRs that serve as border routers for a given BIER domain.  (At one point, the draft even says that BIER packets are IPv6 unicast packets, which seems a bit misleading. ;-)) That's interesting, but putting this feature to use requires one to work out quite a few details that are not mentioned.  And I don't think it will work for non-BFRs within the BIER domain.  To pass BIER packet through non-BFRs within the destination BIER domain, one still needs additional encapsulation.
> The document does not claim that you can have non-BFR routers within the BIER domain.

That feature is supported by the architecture, so I guess this is 
another feature of the architecture that is not supported by your 
proposed encapsulation.

> It just claims that you can use regular unicast forwarding between the source and the BFIR.
> What sort of details do you think are not mentioned ?

The description of the procedures that cause the FIBs to be set up 
appropriately in all the routers outside the BIER domain.

Also, don't forget to consider the case of hosts that are multi-homed to 
several BIER domains.

And the case of a host that is not directly connected to its BIER 
domain.  If the BIER prefix leads a packet (via unicast forwarding) from 
the host to a distant BFIR, how will that same prefix lead a packet (via 
unicast forwarding) from the distant BIER domain to the host?

> You can ! You can ! :-)
> "Configured" means, "as far as the BIER Layer is concerned", whether this comes from an educated system administrator, a running process, or a monkey, I couldn't care less.
> I will clarify in the next iteration.
You have a companion draft describing the ISIS/OSPF/BGP extensions for 
doing the necessary signaling?
>> It is not clear from the draft whether the value of i (number of bits in the SI field) and the set of BFR-ids is specific to a given prefix, or whether it is the same for all prefixes.  (Or for all prefixes corresponding to a given domain.  Or perhaps sub-domain?)
> Well. This clearly is the kind of things that can be discussed, right ?
> When I first thought about this approach, I made an experimental implementation for Linux. I ended up not caring about these. I didn't even implemented the concept of S.I., but rather decided that every BIER prefix would use a different 'bit index to next-hop' mapping table. So, I would say that the set of BRF-ids is specific to a given prefix. I would even say we can remove the concept of domain and S.I. But that is the sort of things that I would need BIER experts to discuss with.
It seems like your "experimental implementation" does not comply with 
the BIER architecture.
>> Section 6 gives the "advantages" of the proposal, but it is not clear what the proposal is being compared to.  For instance, one of the advantages is claimed to be that the proposal doesn't use IPv6 extension headers.  Is the proposal being compared to another proposal that does use IPv6 extension headers?  If so, where is that proposal described?  (None of the proposals I've seen so far use IPv6 extension headers.)
> Okay. What encap should I compare it to ?

There's not much point comparing it to a strawman that has neither been 
proposed to the WG in another draft nor described in this draft.

>> Another "advantage" is that the proposal "may be used for transporting IP multicast packets, but also for sending IP payloads directly to multiple destinations".  Does this "advantage" distinguish it from some other proposal?  I'd have thought that any multicast encapsulation can cause any packet to sent to multiple destinations.
> Only if the destination implements BIER. In this proposal, the destination does not need to decap anything. It directly receives a unicast packet.

In most BIER encapsulation proposals, the decapsulation is done by the 
BFER, not by the destination host.

>
>> Of course, maybe the first question is whether we really have a need for an encapsulation that is IPv6-specific.  The draft doesn't actually seem to address this question.
>>
> Do you think we shouldn't have another encap. ?

It's true that I don't see a need for another encapsulation.  But ...

> Or are you saying we should have a different encap ?
>
But if we do have another encapsulation, it shouldn't be IPv6-specific, 
and it shouldn't require hop-by-hop modification of the IP destination 
address field, and it shouldn't require the BFRs to inspect layer 4, and 
it shouldn't require changes to layer 4, and it shouldn't allow a 
multicast address to be put in the IP source address field, and it 
shouldn't assume that bits never get set incorrectly, and it shouldn't 
require changes in source address filtering procedures.  In addition, it 
should be possible to use it to support the entire BIER architecture, 
including those features that didn't make it into your experimental 
Linux implementation.

v2.23.0 | Report a Bug | By Email