Re: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTAL issue]
jouni korhonen <jouni.nospam@gmail.com> Fri, 26 May 2017 15:25 UTC
Return-Path: <jouni.nospam@gmail.com>
X-Original-To: detnet-dp-dt@ietfa.amsl.com
Delivered-To: detnet-dp-dt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 4A697129ACC
for <detnet-dp-dt@ietfa.amsl.com>; Fri, 26 May 2017 08:25:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id YTow-cz9IO_6 for <detnet-dp-dt@ietfa.amsl.com>;
Fri, 26 May 2017 08:25:50 -0700 (PDT)
Received: from mail-pf0-x233.google.com (mail-pf0-x233.google.com
[IPv6:2607:f8b0:400e:c00::233])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 305F6129AAA
for <Detnet-dp-dt@ietf.org>; Fri, 26 May 2017 08:25:50 -0700 (PDT)
Received: by mail-pf0-x233.google.com with SMTP id m17so14521011pfg.3
for <Detnet-dp-dt@ietf.org>; Fri, 26 May 2017 08:25:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:subject:from:in-reply-to:date:cc
:content-transfer-encoding:message-id:references:to;
bh=qdsr+xzgrRVFJyqyeySvByIYnmlSplwj7JYCI6EqSJo=;
b=JtffJ7A429oY7eR+Fyc9AoGu0WSeALXPufwoER31uV5oaSXIw67bg9ad4yP6gbvef9
aSrcsQAiP5GiYHTyId1eoYQyn63CAclIvTnnQpXDICXQW4otGQOD6DYccPDtiBgD0Z6t
fgXkVMhAzTUqbNW08cTnHeqejgzM8C1K36lEM+4tlxfBkVDgpwoJmHD28lkflCfT/zZp
67AZ0kIiUi14sPFphJ5Sp95GwfK7ZLUvoSsTIkkirz/50zvSdX0plBgWAOyccTBT6lE7
gZuVTqRnjHlLHJSnafdyikfCB95YSJ2GsI6+oaL/4JTVCY5PBL0dGxDLTkfmgYo8tI5i
DfJg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
:content-transfer-encoding:message-id:references:to;
bh=qdsr+xzgrRVFJyqyeySvByIYnmlSplwj7JYCI6EqSJo=;
b=dDcZB0Tyji4wNue3Y6lMl4EyqmCbeU8dq4kfxjEXyS/iaXO6JFMxXiN7FGNpIGANIM
kjPMi4VqRKR0izl97TpSmd+4J7uDTfC9OeoOgzZiV/ewdWomlwqa7mKkeR/Wr+jDlLHC
f8Rir5xlpIjfaAsBzZMx9f/ZwCJSQjMH7YRtWl8PXbEAnL+8eNSFb90GKtU1H6a3z3ls
mYcgh+Oo0gIBEBWbL9y/J4cY6WlghlzUHf99JGtSRF5/5RolOtzMfrbSY+ThGeuJV+JO
ANqdVgFSXSTjjCd5c433K9bhX/xzj2mbTgavHk/7ZbO+5dmEAOBMO6bm0qngZDQkKUu/
8CCA==
X-Gm-Message-State: AODbwcAbsoDMXeG4xmT1c8tTs1/sMl4R8iYhnGZoUygneZWuEWc/xNRz
2++xP3GzLCqIjdgfPD4=
X-Received: by 10.99.39.194 with SMTP id n185mr3167696pgn.15.1495812349756;
Fri, 26 May 2017 08:25:49 -0700 (PDT)
Received: from [10.0.0.160] (mobile-166-171-249-136.mycingular.net.
[166.171.249.136])
by smtp.gmail.com with ESMTPSA id l186sm2397870pgd.42.2017.05.26.08.25.48
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 26 May 2017 08:25:48 -0700 (PDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: jouni korhonen <jouni.nospam@gmail.com>
In-Reply-To: <DBXPR07MB1286794E7E775B64FF0B44BACFC0@DBXPR07MB128.eurprd07.prod.outlook.com>
Date: Fri, 26 May 2017 08:25:45 -0700
Cc: "Detnet-dp-dt@ietf.org" <Detnet-dp-dt@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <91CAE892-0A4B-4D60-A919-54BBE2105C08@gmail.com>
References: <DBXPR07MB1286794E7E775B64FF0B44BACFC0@DBXPR07MB128.eurprd07.prod.outlook.com>
To: =?utf-8?Q?Bal=C3=A1zs_Varga_A?= <balazs.a.varga@ericsson.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet-dp-dt/DIrVDjbF1sz65R_6QGbzBTPqD2I>
Subject: Re: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTAL issue]
X-BeenThere: detnet-dp-dt@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DetNet WG Data Plane Design Team <detnet-dp-dt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet-dp-dt>,
<mailto:detnet-dp-dt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet-dp-dt/>
List-Post: <mailto:detnet-dp-dt@ietf.org>
List-Help: <mailto:detnet-dp-dt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet-dp-dt>,
<mailto:detnet-dp-dt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2017 15:25:52 -0000
Hi, > On May 26, 2017, at 3:55 AM, Balázs Varga A <balazs.a.varga@ericsson.com> wrote: > > Yeeaahhh, that's true regarding IETF ... > > Anyway, there is a FUNDAMENTAL multicast issue for DetNet. > > I have started to review in detail the solution draft and I have a fundamental issue with multicast in the context of IPv6 & DetNet. > DetNet flows having an IPv6 multicast destination address may not gain from PREF (packet replication and elimination). This is > because of the reverse-path-forwarding check (RPF check, see details below), which is essential part of each multicast > implementations. > > For PREF we need disjoint paths. So PREF node receives the DetNet replica-flows via disjoint paths, however packets received > over the paths may fail the RPF check and those will be discarded on ingress. Therefore the PREF process will not receive all > the replica-flows (in worst case it may receive nothing when no one of the disjoint paths are able to pass the RPF check). Good points. > As a result only DetNet flows with a unicast dst-IP-address can gain from PREF. For DetNet flows with multicast dst-IP-address > we need a workaround. > (1) bypass RPF (seems to be mission impossible, breaks data plane essentials) or > (2) other means (e.g., combine PREF mandatory with some other functions like tunneling) > > For the "other means" we could use the SRH (segment routing header). We need it for ensuring the disjoint paths anyway. So segment routing had always been there for unicast flows. it is an ugly beast tbh ;) > the DetNet IPv6 packet will be encapsulated and the result will be a unicast IPv6 packet. Encapsulation may occur at the edge node > of the detNet domain (PE node). For DetNet-capable sources adding SRH may happen already in the source. SRH does not mandate > what IPv6 addresses can be in the segment list, so the last one can be even a multicast address if the network scenario allows it. :--))) > https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-06 > > With that SRH based solution we fallback to the unicast scenario. :--))) Also placing the PREFs are at the SRH segment endpoints so > encoding the seq.num. to a destination header is an obvious solution. Segment routing architecture explicitly states: 6. Multicast Segment Routing is defined for unicast. The application of the source-route concept to Multicast is not in the scope of this document. I am not sure how this affects the way forward. We could make that into our scope, though. 6man SRH document has this statement, which I am not sure how to interpret: .. 4. FIB lookup on updated DA .. o If the FIB lookup matches a multicast state, then the related Reverse Path Forwarding (RPF) check must be considered successful. > Have I missed something? Comments are welcome. > > Note: This is not an issue in L2 networks (IEEE) as L2 multicast default forwarding is flooding. And there is no RPF check for L2 > multicast ( as we have no glue where the L2-src is :--))) ). So using multicast dst-addresses was a rational approach in L2 networks, > but it is more challenging in L3 networks. > > Note2: This is not an issue in MPLS networks as LSPs are used and the PW encapsulation hides IP addresses. Forwarding on P2P and > P2MP LSPs do not care what is inside and neither does PREF as it works based on the PW encapsulation information. Indeed. - Jouni > > Cheers > Bala'zs > > BACKGROUND - IP multicast forwarding rules: > "Every multicast packet received must pass an RPF check before it is eligible to be replicated or forwarded on any interface. > The RPF check is essential for every router's multicast implementation. When a multicast packet is received on an interface, > the router interprets the source address in the multicast IP packet as the destination address for a unicast IP packet. The > source multicast address is found in the unicast routing table, and the outgoing interface is determined. If the outgoing > interface found in the unicast routing table is the same as the interface that the multicast packet was received on, the > packet passes the RPF check. Multicast packets that fail the RPF check are dropped because the incoming interface is not > on the shortest path back to the source." > > > -----Original Message----- > From: Detnet-dp-dt [mailto:detnet-dp-dt-bounces@ietf.org] On Behalf Of Jouni Korhonen > Sent: 2017. május 26. 0:02 > To: Balázs Varga A <balazs.a.varga@ericsson.com> > Cc: Detnet-dp-dt@ietf.org > Subject: Re: [Detnet-dp-dt] IPv6 and multicast > > Hi, > > I hear you. However, these kinds of things are issues IETF wise.. protocol purists, you know ;) Also, we have precedence using hop-by-hop options in rfc6621 (see Section 6.1). So I might actually be leaning towards favoring hop-by-hop as a generic solution even if it has an undesired impact for nodes that do not need to look the option up. At least the same solution would then work for both unicast and multicast. > > - JOuni > > -- > Jouni Korhonen, Broadcom, Core Switching Group > +1-408-391-7160 > > > >> On May 25, 2017, at 4:35 AM, Balázs Varga A <balazs.a.varga@ericsson.com> wrote: >> >> Hi, >> >> I would take a pragmatic view on this. The rules of using the extension header options >> are defined primarily for "routing" decision purposes of the IP layer. However PREF is >> a detnet service layer function by definition. So, PREF can simple check whatever >> header fields are there in the IP packet to do its own task (namely replicate and >> eliminate) even if the PREF node is not the destination node. >> >> Therefore, destination option is absolutely fine as seq.num. Hop by hop would cause >> unnecessary load for intermediate nodes to examine and process an option that >> contains seq.num which is useless for them. >> >> Cheers >> Bala'zs >> >> -----Original Message----- >> From: Detnet-dp-dt [mailto:detnet-dp-dt-bounces@ietf.org] On Behalf Of Jouni Korhonen >> Sent: 2017. május 24. 23:55 >> To: Detnet-dp-dt@ietf.org >> Subject: [Detnet-dp-dt] IPv6 and multicast >> >> Continuing the discussion we had about IPv6, multicast and destination options. In a multicast case only the final receivers of the packets (i.e. the nodes joining to the multicast group as end hosts) would examine the Destination Option. I am not sure if this is the desired behavior? On the other hand a Hop by Hop option would be examined by all intermediate nodes whether they are PREF processing or not. Whcih one you would think is a better approach? >> >> When using unicast and things like segment routing the behavior of the nodes is more straight forward. The processing of the Destination Option is done each time one of the routing option destinations are reached. >> >> - Jouni >> >> >> >> -- >> Jouni Korhonen, Broadcom, Core Switching Group >> +1-408-391-7160 >> >> >> >> _______________________________________________ >> Detnet-dp-dt mailing list >> Detnet-dp-dt@ietf.org >> https://www.ietf.org/mailman/listinfo/detnet-dp-dt > > _______________________________________________ > Detnet-dp-dt mailing list > Detnet-dp-dt@ietf.org > https://www.ietf.org/mailman/listinfo/detnet-dp-dt
- Re: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTA… Balázs Varga A
- Re: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTA… jouni korhonen