Re: [Bier] Questions regarding <draft-zhang-bier-bierin6-03>

"Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net> Tue, 09 July 2019 10:45 UTC

Return-Path: <zzhang@juniper.net>
X-Original-To: bier@ietfa.amsl.com
Delivered-To: bier@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1D6512041D; Tue, 9 Jul 2019 03:45:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id McdBoKwhfJUF; Tue, 9 Jul 2019 03:45:48 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C66912012B; Tue, 9 Jul 2019 03:45:48 -0700 (PDT)
Received: from pps.filterd (m0108158.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x69AiWu3024601; Tue, 9 Jul 2019 03:45:39 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=uTr2zUqcvR9csuQHR9zDygd9rFbU/FHKkxpHwCOzZww=; b=fL7oFjgJQ6TDYpU5kl2GcChAnsh5pY5NQemafYHcdvlvMd12q+n/ppMmtc8n15/AAZGl jEYH4YfmBLTx93ax99g1c3X2qSi+AHXpb+rAAOXJjkSf1zAHAx4R7iA+ktJajnRr8Tzm hMR4a3zA7GtnYuM2pskw+ALxUEdn6oe4i6XH6WlcCNmjyM7NPfm6r2aAK2K8ok06K/GS /t0FzI3pT7deRvmMbgp/e0WwhEnbPOzM+OgEIFVNfYtqLFBWOWN4SQp7pqvu4US2QTVL HTjTGWAlhhLZTGX47rVjY/jl92p78DEsWvpnI41dmVtfSENrQpAyHq9Tb9nPrn++DAyh KA==
Received: from nam02-bl2-obe.outbound.protection.outlook.com (mail-bl2nam02lp2058.outbound.protection.outlook.com [104.47.38.58]) by mx0a-00273201.pphosted.com with ESMTP id 2tmqpwr5tj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 09 Jul 2019 03:45:38 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hZd13K+zbJk8T0vIoSeQT2PeHLUmWzwXArugnnyJrOyJLTlWRLQl4aMQJWurkqgyaBFsIBFYj40vKbHPevE8uY2Sn/VU/TcZPH3xGTf0umv8mOVQWiT5N7rRSN+51o6szQU5uzkf6JKcjy40v0/kl2g/J57p8YNRuETRXGAD4g4iicvfLMPqcXc/IFM3m3amMmtN9MOMxye7j61y+pL/RvEnvuNrYqSP8w8ZvxC1dU0yz/EJzNjNMDwFlo6l5VdGgz10D1tEDdgRGKfxlgWDcINirVT+Kg7uxnnHpr+J4hAMVQEnI8TPBVk6DogbsIPBLGU1diWR4jASUMoJRUSJJQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uTr2zUqcvR9csuQHR9zDygd9rFbU/FHKkxpHwCOzZww=; b=S8p8IsC4QQbuuaB/bjEPJn7yf2IzKAs9HtMXUiJeJhugNt0NtGiE4WMCT1W/tuB02c/N+t8Jy2GTaC5o38VlMZ7L1H8IfOQawQvR7OjxN67WPnUShTjGhN37czGtzROh10crM7P3XCLIUwfZ05I6+F1Vjk6aGSj1BRt/D4YLxmAns1C+h2fYnqG8HLqZThuSavRv5SqGjRkN+TCMsYEKH8oKL+jRz6oXCIMMIT5T13QkqKDLsfE2Ud28wC20j4WbUJyAXFRNldU+q43l4FPunnGgWp+0XWGm3JaIz6MRR8SniaueMEnPpKWRuK4oQdCG7QGk9Dz5ofIW/Gib/bvZdg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=juniper.net;dmarc=pass action=none header.from=juniper.net;dkim=pass header.d=juniper.net;arc=none
Received: from DM5PR05MB3548.namprd05.prod.outlook.com (10.174.242.153) by DM5PR05MB3035.namprd05.prod.outlook.com (10.168.175.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.10; Tue, 9 Jul 2019 10:45:36 +0000
Received: from DM5PR05MB3548.namprd05.prod.outlook.com ([fe80::c890:e1c9:8d87:8d5f]) by DM5PR05MB3548.namprd05.prod.outlook.com ([fe80::c890:e1c9:8d87:8d5f%6]) with mapi id 15.20.2073.008; Tue, 9 Jul 2019 10:45:36 +0000
From: "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>
To: Xiejingrong <xiejingrong@huawei.com>, "draft-zhang-bier-bierin6@ietf.org" <draft-zhang-bier-bierin6@ietf.org>, BIER WG <bier@ietf.org>
Thread-Topic: Questions regarding <draft-zhang-bier-bierin6-03>
Thread-Index: AdU2IrLV6PANcPQ8TJ2wzjJsYLxNqQAHa6Gg
Content-Class:
Date: Tue, 9 Jul 2019 10:45:36 +0000
Message-ID: <DM5PR05MB3548E853C20E03CC58C7956BD4F10@DM5PR05MB3548.namprd05.prod.outlook.com>
References: <16253F7987E4F346823E305D08F9115AAB8DC468@nkgeml514-mbx.china.huawei.com>
In-Reply-To: <16253F7987E4F346823E305D08F9115AAB8DC468@nkgeml514-mbx.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.2.0.14
dlp-reaction: no-action
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=zzhang@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-07-09T10:45:34.1381623Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=acb2a0b9-9a58-408b-abcf-70c3a589e2ef; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
x-originating-ip: [98.217.112.215]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 625faadf-02b4-4596-d750-08d7045a9380
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:DM5PR05MB3035;
x-ms-traffictypediagnostic: DM5PR05MB3035:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <DM5PR05MB3035EFCBAF1CAF4B1363A8AFD4F10@DM5PR05MB3035.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 0093C80C01
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(376002)(136003)(366004)(396003)(346002)(39860400002)(199004)(189003)(3846002)(102836004)(52536014)(68736007)(76176011)(53936002)(6506007)(6246003)(790700001)(446003)(66574012)(316002)(6116002)(2906002)(486006)(476003)(9326002)(9686003)(478600001)(110136005)(53546011)(74316002)(11346002)(66066001)(7696005)(2501003)(26005)(5660300002)(561944003)(73956011)(14454004)(55016002)(25786009)(86362001)(64756008)(6436002)(7736002)(66946007)(76116006)(66476007)(33656002)(66446008)(66556008)(99286004)(81166006)(8676002)(186003)(81156014)(8936002)(14444005)(256004)(229853002)(54896002)(6306002)(71200400001)(71190400001)(21314003); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR05MB3035; H:DM5PR05MB3548.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Cg35EgUGuJuL2Kj3UMj87p5CepaKr9S7+gbnbDSAwpaZtTMWt+3ZzqIVzYaA/vuz0OfpuoRRLKwZs9TOHJ+5d34hvoKExERfo4fwCo53CFpy80uMOdNGMUmdGNDh1mKgdx/oHIxSznp32SDM/VKM/4Xw723qZTNV7XjTDTmx1scEqdbywe2NS3VdVHte4Oq4mkLYrL0eJH7+CKZfauGyGy7qTJD4Qeaqljgi2ZKKxy/PhLQatANkQeKsMt+JYmYBXo098nCcyDGgrk04n7AmDntYDIAGiGM63myqHDXLvqGGkrnrJVaSAE+oSz1OmW/rNPpuXA/+W1WbJCdTm7Ha0/u1iEdIlM8dlFhL4WcUnXbsqeKbUQnKWCSHgKKRthgTAhBGcHO/Sap2KdPHrFtLGfSRxRwcu6kOJt/8+HqpSxs=
Content-Type: multipart/alternative; boundary="_000_DM5PR05MB3548E853C20E03CC58C7956BD4F10DM5PR05MB3548namp_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 625faadf-02b4-4596-d750-08d7045a9380
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jul 2019 10:45:36.3377 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: zzhang@juniper.net
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR05MB3035
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-07-09_04:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=674 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1907090132
Archived-At: <https://mailarchive.ietf.org/arch/msg/bier/dSjnsXsyvxD8UiC4IahlVk-eb58>
Subject: Re: [Bier] Questions regarding <draft-zhang-bier-bierin6-03>
X-BeenThere: bier@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "\"Bit Indexed Explicit Replication discussion list\"" <bier.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bier>, <mailto:bier-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bier/>
List-Post: <mailto:bier@ietf.org>
List-Help: <mailto:bier-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bier>, <mailto:bier-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 10:45:53 -0000

Hi Jingrong,

Please see zzh> below for my understanding.



Juniper Business Use Only
From: BIER <bier-bounces@ietf.org> On Behalf Of Xiejingrong
Sent: Tuesday, July 9, 2019 3:02 AM
To: draft-zhang-bier-bierin6@ietf.org; BIER WG <bier@ietf.org>
Subject: [Bier] Questions regarding <draft-zhang-bier-bierin6-03>

Hi,
I have the following question regarding <draft-zhang-bier-bierin6-03>:

This document defines native IPv6 encapsulation for BIER
   hop-by-hop forwarding or BIERin6 for short.
[XJR Q1]: authors of the draft think BIER in IPv6 encapsulation is useful, right?

Zzh> It's useful in the situations described in the draft: a) ipv6 tunnel between non-adjacent BFRs b) two situations even between adjacent BFRs.

   [RFC8296] defines the BIER encapsulation format in MPLS and non-MPLS
   environment.  In case of non-MPLS environment, a BIER packet is the
   payload of an "outer" encapsulation, which has a "next protocol"
   codepoint that is set to a value that means "non-MPLS BIER".
[XJR Q2]: Is the proposal a Layer-4 solution ?

Zzh> It's not about layer-4, but about any kind of "outer" encapsulation/tunneling. Besides, it's in RFC8296, not in this draft.

   The IPv6 encapsulation could be used even between two directly
   connected BFRs in the following two cases:

   o  An operator mandates all traffic to be carried in IPv6.
[XJR Q3]: Do the authors prefer to use IPv6-encapsulation between directly-connected BFRs? Or use BIER-ETH for directly-connected BFRs ? How could directly-connected BFRs be detected when 3 BFRs connected on a L2-switch ?

Zzh> It's the operator's choice to use IPv6-encapsulation between directly-connected BFRs. They don't have to use it, but they could if they want.
Zzh> BFRs connected via a L2-swtich are considered as directly-connected, and that's detected by routing.

   o  A BFR does not have BIER support in its "fast forwarding path" and
      relies on "slow/software forwarding path", e.g. in environments
      like [RFC7368] where high throughput multicast forwarding
      performance is not critical.
[XJR Q4]: Does the document intend for "fast forwarding" or "slow forwarding" or both ?

Zzh> For both. For BFRs capable of BIER in the "fast forwarding path", IPv6 encap is not required while an operator may still choose it. For BFRs only capable in the "slow path", IPv6 encap is required so that the BIER packets can be directed to the slow path.

2.  IPv6 Header

   Whenever IPv6 encapsulation is used for BIER forwarding, The Next
   Header field in the IPv6 Header (if there are no extension headers),
   or the Next Header field in the last extension header is set to TBD,
   indicating that the payload is a BIER packet.

   If the neighbor is directly connected, The destination address in
   IPv6 header SHOULD be the neighbor's link-local address on this
   router's outgoing interface, the source destination address SHOULD be
   this router's link-local address on the outgoing interface, and the
   IPv6 TTL MUST be set to 1.  Otherwise, the destination address SHOULD
   be the BIER prefix of the BFR neighbor, the source address SHOULD be
   this router's BIER prefix, and the TTL MUST be large enough to get
   the packet to the BFR neighbor.
[XJR Q5]: In both cases, the SA and DA both change when BFR B receive BIERin6 packet and send to BFR C. right?

Zzh> Right. The original SA/DA of the packet is in the BIER payload itself. The outer IPv6 header is only for getting packet from BFR A to BFR B and then to BFR C. This is just like the ether header's SA/DA changes as the packets are routed through networks.

Jeffrey

2.1.  IPv6 Options Considerations

   RFC 8200 section 4, defines the IPv6 extension headers.  Currently
   there are two defined extension headers, Hop-by-Hop and Destination
   options header, which can carry a variable number of options.  These
   extension headers are inserted by the source node.

   For directly connected BIER routers, IPv6 Hop-by-Hop or Destination
   options are irrelevant and SHOULD NOT be inserted by BFIR on the
   BIERin6 packet.  In this case IPv6 header, Next Header field should
   be set to TBD.  Any IPv6 packet arriving on BFRs and BFERs, with
   multiple extension header where the last extension header has a Next
   Header field set to TBD, SHOULD be discard and the node should
   transmit an ICMP Parameter Problem message to the source of the
   packet (BFIR) with an ICMP code value of TBD10 ('invalid options for
   BIERin6').
[XJR Q6]: You have to walk the ext header chain and get the last NH to judge if this packet need to be discard, right? For example for an incoming packet(ipv6hdr+RoutingHeader+DestOptHdr<nh!=TBD>), you have to walk the whole extension header chain until you know the last NH, to execute the above "discard" action. Right?

   This also indicates that for disjoint BIER routers using IPv6
   encapsulation, there SHOULD NOT be any IPv6 Hop-by-Hop or Destination
   options be present in a BIERin6 packet.
[XJR Q7]: What does "disjoint BIER router" mean?


In this case, if additional traffic engineering is required, IPv6 tunneling (i.e.  BIERin6 over
   SRv6) can be implemented.
[XJR Q8]
Speaking of the additional SRv6 for some future requirements, I agree it is important for a solution to have the flexibility.
Suppose you may support BIER payload with two Ext Headers RoutingHeader(RH) and DestOptHdr, and two options(code X or code Y) in DestOptHdr:
Suppose also, you may support XXX payload with two Ext Headers RoutingHeader(RH) and DestOptHdr, and two options(code X or code Y) in DestOptHdr.
Suppose also, you may support YYY payload with two Ext Headers RoutingHeader(RH) and DestOptHdr, and two options(code X or code Y) in DestOptHdr.

I guess the following processing is needed:

Result = FIB Lookup(DA) ;;You have to do FIB lookup anyway
Switch(Result)
Case Local Interface IPv6 Address:
If packet is (IPv6+RH)+(BIER payload)
     Process it
Else if packet is (IPv6+DestOptHdr<Code X or Code Y>)+(BIER payload)
     Process it
Else if packet is (IPv6+RH+DestOptHdr<Code X or Code Y>)+(BIER payload)
     Process it
Else If packet is (IPv6+RH)+(XXX payload)
     Process it
Else if packet is (IPv6+DestOptHdr<Code X or Code Y>)+(XXX payload)
     Process it
Else if packet is (IPv6+RH+DestOptHdr<Code X or Code Y>)+(XXX payload)
     Process it
Else If packet is (IPv6+RH)+(YYY payload)
     Process it
Else if packet is (IPv6+DestOptHdr<Code X or Code Y>)+(YYY payload)
     Process it
Else if packet is (IPv6+RH+DestOptHdr<Code X or Code Y>)+(YYY payload)
     Process it
Else
     Do normal things as usual (like sending ICMPv6/UDP/TCP packet to the control-plane)
Case Non-Local Routable IPv6 Address
  Do normal routing and forwarding as usual.

The normal things will need 10 steps, the YYY payload will need 7~9 Steps, the XXX will need 4~6 steps...... right ? Will that be suitable for fast-path ?

[XJR Q9] Also about the flexibility, Does AH function like Integrity Check possibly be supported?

[XJR Q10] Also about the flexibility, Are multiple BIER Headers possibly allowed ?