[Bier] BIER v6 requirements draft comments: draft-ietf-bier-ipv6-requirements ...
Antoni Przygienda <prz@juniper.net> Tue, 19 November 2019 05:50 UTC
Return-Path: <prz@juniper.net>
X-Original-To: bier@ietfa.amsl.com
Delivered-To: bier@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEEB7120801 for <bier@ietfa.amsl.com>; Mon, 18 Nov 2019 21:50:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=NRYAYVsh; dkim=pass (1024-bit key) header.d=juniper.net header.b=DWgqnx5w
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 04Vz2BRoOo8o for <bier@ietfa.amsl.com>; Mon, 18 Nov 2019 21:50:57 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34532120046 for <bier@ietf.org>; Mon, 18 Nov 2019 21:50:57 -0800 (PST)
Received: from pps.filterd (m0108161.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAJ5gCiS007462 for <bier@ietf.org>; Mon, 18 Nov 2019 21:50:53 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : content-type : mime-version; s=PPS1017; bh=JzJHPFS91W1ITxaHEdKFrfTYymuxky6AKH3ZU6p30Cc=; b=NRYAYVshk0regfLjEGn06EYr4HEGhiJib3BIL2SmmkIc1S9+GJLcNwnJc4wFbxv2mFMX YeFa+m1z0zdQKb9JZGEtfLiRLzzdFpHU1BVO1EjLwrAbyRzozWOh896AVcavBQMPVjaW bYX+9CtEdOWnpK3uZBN+5x40uLZU/7yGtHOJ4MpGD6XG/jJ4j7SM81l2S1ExJYR7WJEu QSKlmuNhQizngx/XFmjqmkizEDoHhHeFPa/QFL0nnP5qZdQRUe2iBvWi9OYS3pEqBEWU Z91aAR2gwHsywKtQI3TAcSyXFrVtJ9V0+/Y68xZiRMmXQ+CukUcNaeVIXaQGMYc2Lnil gg==
Received: from nam05-co1-obe.outbound.protection.outlook.com (mail-co1nam05lp2050.outbound.protection.outlook.com [104.47.48.50]) by mx0b-00273201.pphosted.com with ESMTP id 2wc9ec02x1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <bier@ietf.org>; Mon, 18 Nov 2019 21:50:53 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nQMCq4R+bRcSET5EzNkK20gWb71t/6pY1+UCXihulww8jd1qP4/If18/AOkj7dVTE+kbnY3gkBvdzEM64Be7OaPeFvPCvSAPXM/bhoBh71MLvk1p4Z2L5IWw62M8FTtSOVqCugoSKbx51Y3kLalkuhbUYUZrKCq5grHIIYjYiDyzzsorZCaBDxGzpPtp/yfg2oIeR2w/e6jvgdrc3eEqEWapZHedAD896vtH9dhm5H8Hbq63yz7NfkuzUZybvbsT3mOkKnyxWntsrt1LxC+KKsAlRtMOKEeMiIzdTteKiKfypANbeJ4p3fGc3zxiiM30D7ysGsiMa9V9sBJdJxyiHg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JzJHPFS91W1ITxaHEdKFrfTYymuxky6AKH3ZU6p30Cc=; b=cFe9Hc91E07PNx2BMyzWTZOPgX9eua8RwCdn3rWrFesj6evO6JLzFae8Zk28MbRpu4mNmQ4qy6+pXc79sQlzGdtULvqf4Nguru+ychMTtcEcxWaXFY/S03YjruYdpp5bitIpgzsNVjwxmQ1o7lh+BEUWBXSjkWUz6pW1POepe5ML2EJlGZsLJ1DzCXEb1HJ9g/gTmSSaWTi9rbuLeuiJjLevhWcKnJF92q1i21ZYOckWhYlhkW4Lj9MhIuABEd9J5o8vZBbsui4K4IslGeNOogqIJ9X7RWT3weC3cT/+nZaLcfOE8ZEJA1DjT+1gmr3ld8f/Uh4f1P2lHisv5alrBA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JzJHPFS91W1ITxaHEdKFrfTYymuxky6AKH3ZU6p30Cc=; b=DWgqnx5wzjanXKPRuGmYiflGjcul7p8SaaVWqf04q4lEhR6SeHXYxoKhaHfhHp3Dt8WSKyRGaufUwLjV7eklN+Mr61scMr4JeCU3A4aakUEzZxMOw1P6fOJf2+503JESHjZAx3JZmImZbINajVMsKAPZncTVgqMML0SbySkzC2w=
Received: from BYAPR05MB6295.namprd05.prod.outlook.com (20.178.50.80) by BYAPR05MB4150.namprd05.prod.outlook.com (52.135.199.159) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.13; Tue, 19 Nov 2019 05:50:51 +0000
Received: from BYAPR05MB6295.namprd05.prod.outlook.com ([fe80::753a:59f4:bf25:bb53]) by BYAPR05MB6295.namprd05.prod.outlook.com ([fe80::753a:59f4:bf25:bb53%5]) with mapi id 15.20.2474.015; Tue, 19 Nov 2019 05:50:50 +0000
From: Antoni Przygienda <prz@juniper.net>
To: "bier@ietf.org" <bier@ietf.org>
Thread-Topic: BIER v6 requirements draft comments: draft-ietf-bier-ipv6-requirements ...
Thread-Index: AQHVnp1Mgwwp4iu3RkeLcJpFC8FV+A==
Date: Tue, 19 Nov 2019 05:50:50 +0000
Message-ID: <24BB25FC-F19D-4CE2-B5AB-2BF1F844546E@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Enabled=true; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Name=Juniper Business Use Only; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Enabled=true; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_ContentBits=0; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Method=Standard; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_ActionId=d5d3b0e7-814f-41c9-ae4c-00001bdc4c40; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_SetDate=2019-11-19T05:38:26Z;
user-agent: Microsoft-MacOutlook/10.1f.0.191110
x-originating-ip: [66.129.242.11]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 764128c3-7880-41a3-25b1-08d76cb46f0f
x-ms-traffictypediagnostic: BYAPR05MB4150:
x-microsoft-antispam-prvs: <BYAPR05MB4150A42EE7B0D7C99BDB25CAAC4C0@BYAPR05MB4150.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 022649CC2C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(396003)(39860400002)(366004)(136003)(376002)(189003)(199004)(6486002)(5660300002)(8676002)(86362001)(7736002)(6506007)(5640700003)(26005)(6306002)(186003)(6436002)(66946007)(6916009)(8936002)(6512007)(54896002)(256004)(76116006)(102836004)(66446008)(64756008)(66556008)(2501003)(66476007)(25786009)(33656002)(58126008)(36756003)(14454004)(71200400001)(2906002)(3846002)(478600001)(71190400001)(66066001)(14444005)(486006)(2616005)(476003)(2351001)(316002)(99286004)(1730700003)(81166006)(81156014)(6116002); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB4150; H:BYAPR05MB6295.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LNvsBceuFuWOpSd63z6TgE7sNN4Ot71hnHal3MP74mmWub7/gBoSMhmgPCUPCx4MJBMFOYedMJ7RzIUqN/J3VaLH5C4Y/p9PMeXXYPPeasAy/mg/qclvhKqLkYh4kGNTFn6UvhSygEzv0ijZPZP/0mQEZzmlt49/AWBr/C41kbkBSPACCTd2DbTnJEnwuSIeO2yZrMpuVXPeaErFUitvXy1FufZk9v6O0KR56Af9sMhCN/TF5aow1TisyE4of8Gisdt9o2X///SjvWRTP/ARVjCgIXpBn2JsHZVR7o8BL0j/0o5p+g/moWm5ShxiQ19+FlfaLjide9vJG0stmavfiYj3fyj6FXi25AoKi/Rw/FPG1/y2d0IyXrt/WPxSNVegwAa7jBiEEeFgXfqJl2q1dOp8ctctpNq507Tv4b0FLGT/u+RZtLhspn3esAyrxNDj
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_24BB25FCF19D4CE2B5AB2BF1F844546Ejunipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 764128c3-7880-41a3-25b1-08d76cb46f0f
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Nov 2019 05:50:50.7292 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yiz8UQhNKny+3l6ps6SXdl2bvDvJ0xGIUbnwMHQLL4AVTXnjnTqZc+Wzcj/ZoAqF
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB4150
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-18_08:2019-11-15,2019-11-18 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 adultscore=0 malwarescore=0 suspectscore=0 mlxscore=0 lowpriorityscore=0 phishscore=0 priorityscore=1501 bulkscore=0 impostorscore=0 spamscore=0 mlxlogscore=999 clxscore=1011 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911190052
Archived-At: <https://mailarchive.ietf.org/arch/msg/bier/QYFgIfeSdIX3rcA_O3ZqBgZWfWA>
Subject: [Bier] BIER v6 requirements draft comments: draft-ietf-bier-ipv6-requirements ...
X-BeenThere: bier@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "\"Bit Indexed Explicit Replication discussion list\"" <bier.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bier>, <mailto:bier-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bier/>
List-Post: <mailto:bier@ietf.org>
List-Help: <mailto:bier-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bier>, <mailto:bier-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Nov 2019 05:51:00 -0000
Finally getting to fire off some comments on draft-ietf-bier-ipv6-requirements draft
3.4: I see NO requirements to do anything with SR or SRv6 in BIER WG charter so I am not sure how it ended up so prominently in the draft. And BIER is a hop-by-hop technology, it already includes provisions to transition non-BIER nodes via correct algorithms so not sure how SRv6 is of any use or relevance here. Of course BIER could be tunneled with SRv6 but then a BIER frame should be carried natively inside a SRv6 frame. Comingling two level layer 2.5 transport technologies into a single layer format as the draft seems to imply is unnecessary and a bad idea since there will be resulting cross-talk.
4.2: completely disagreed. BIER is a hop-by-hop layer 2.5 technology. Modifying IP options is arguably far more expensive than next-protocol frame.
4.3:
* fragmentation will only play in IPv6 case if the frame is longer than IPv6 max frame size - BML roughly. No matter _where_ we stick the mask we face the same problem until we start to do BIER fragmentation and reassembly
* Again, SRv6 is neither in the charter nor an issue since BIER is a L2.5 hop-by-hop technology and not, as the authors want it, all of a sudden an implicit tunneling or multi-hop technology
4.11: and again BIER is hop-by-hop and it will rely on higher layers to re-assemble just like MPLS does.
I-D.xie-bier-ipv6-encapsulatio: yes, IPv6 architecture has the loophole for in flight modification of hop-by-hop header options but it does not mean it’s a good idea
Last, major objection is that by opening any IPv6 destination address to receive BIER frames from multiple hops away we are opening a completely security nightmare and argumenting that whole BIER layer has to be IPSEC’ed to close that hole is simply going into a seriously wrong direction IMO.
--- tony
- [Bier] BIER v6 requirements draft comments: draft… Antoni Przygienda
- Re: [Bier] BIER v6 requirements draft comments: d… Robert Raszuk
- Re: [Bier] BIER v6 requirements draft comments: d… Mike McBride
- Re: [Bier] BIER v6 requirements draft comments: d… Rajiv Asati (rajiva)
- Re: [Bier] BIER v6 requirements draft comments: d… Xiejingrong (Jingrong)
- Re: [Bier] BIER v6 requirements draft comments: d… Xiejingrong (Jingrong)
- Re: [Bier] BIER v6 requirements draft comments:dr… zhang.zheng
- Re: [Bier] BIER v6 requirements draft comments:dr… Xiejingrong (Jingrong)
- Re: [Bier] BIER v6 requirements draftcomments:dra… zhang.zheng
- Re: [Bier] BIER v6 requirements draftcomments:dra… Xiejingrong (Jingrong)
- Re: [Bier] BIER v6 requirementsdraftcomments:draf… zhang.zheng