Re: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTAL issue]
Balázs Varga A <balazs.a.varga@ericsson.com> Fri, 26 May 2017 10:55 UTC
Return-Path: <balazs.a.varga@ericsson.com>
X-Original-To: detnet-dp-dt@ietfa.amsl.com
Delivered-To: detnet-dp-dt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id C8CE0129C51
for <detnet-dp-dt@ietfa.amsl.com>; Fri, 26 May 2017 03:55:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01,
RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=ericsson.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id K167UBH2ARFc for <detnet-dp-dt@ietfa.amsl.com>;
Fri, 26 May 2017 03:55:14 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
bits)) (No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 99A17129C53
for <Detnet-dp-dt@ietf.org>; Fri, 26 May 2017 03:55:14 -0700 (PDT)
X-AuditID: c1b4fb3a-31fff70000004a6a-e9-59280990d9a6
Received: from ESESSHC003.ericsson.se (Unknown_Domain [153.88.183.27])
by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id
D5.47.19050.09908295; Fri, 26 May 2017 12:55:12 +0200 (CEST)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (153.88.183.145)
by oa.msg.ericsson.com (153.88.183.27) with Microsoft SMTP Server
(TLS) id 14.3.339.0; Fri, 26 May 2017 12:55:12 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=ericsson.onmicrosoft.com; s=selector1-ericsson-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
bh=0/Ih9PQPrrYJD6ewJ0lQXppELl7xMGrf5pNQGPfAyI8=;
b=lwJx1UMfSBjV/tsDcwxzB8IEYF49hEjRXJS08NAgnoIjyWoLaY0S9lkGAhq+iTx1sQaPv2PSHcHc5tbjJWrxEdc+zmVwFmfr+vN8t5BM00ySCeFUjPSBF7nqSRspFKZb2rZEb8Zah7GQYAxsgc27yszq14YVRS0YeZs0jhMwU+w=
Received: from DBXPR07MB128.eurprd07.prod.outlook.com (10.242.138.156) by
DBXPR07MB126.eurprd07.prod.outlook.com (10.242.138.152) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id
15.1.1124.5; Fri, 26 May 2017 10:55:09 +0000
Received: from DBXPR07MB128.eurprd07.prod.outlook.com
([fe80::e46d:cba7:2281:8afe]) by DBXPR07MB128.eurprd07.prod.outlook.com
([fe80::e46d:cba7:2281:8afe%27]) with mapi id 15.01.1124.007; Fri, 26 May
2017 10:55:09 +0000
From: =?utf-8?B?QmFsw6F6cyBWYXJnYSBB?= <balazs.a.varga@ericsson.com>
To: Jouni Korhonen <jouni.korhonen@broadcom.com>
CC: "Detnet-dp-dt@ietf.org" <Detnet-dp-dt@ietf.org>
Thread-Topic: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTAL issue]
Thread-Index: AdLV+E8tAfwhGKp3QnOGN4bbL+lX0A==
Date: Fri, 26 May 2017 10:55:09 +0000
Message-ID: <DBXPR07MB1286794E7E775B64FF0B44BACFC0@DBXPR07MB128.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: broadcom.com; dkim=none (message not signed)
header.d=none;broadcom.com; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [91.82.100.59]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DBXPR07MB126;
7:/xFYc9o5G+pvclrq58kntmq6ZCHnodofI0/E73q/FrLmLBIpHZBdUa6aFKLiU0s0KqNrMMkgnIwV+kJC4Z/Gcs6IFu3LFdc3xoUMJzBLpcCq1FCSNojqCRg4Q3dm3mHvPWgKYCnJMWcQYdqgTedgOtGITiSmQwdQakYHX6IKDFrbzYJK+msb98xjFehHLKGELt0w7rwbJ6mg81D6EFe2FLqLilA0fGm98TOF1pndBmPpQQXvJHsv428c5ngJVdLZUexx1V47lLytOKwl/bNoTeMgKUEF3G18Ug2HiZZdMoyywXXOJtF2fyIzBaG0+suQON4dRJUNb30/rTvnq8s5pw==
x-ms-traffictypediagnostic: DBXPR07MB126:
x-ms-office365-filtering-correlation-id: 43c31fed-38a4-45d0-d6c4-08d4a425ad41
x-microsoft-antispam: UriScan:; BCL:0; PCL:0;
RULEID:(22001)(2017030254075)(201703131423075)(201703031133081);
SRVR:DBXPR07MB126;
x-microsoft-antispam-prvs: <DBXPR07MB12699F5F0F87BE028AE3BA1ACFC0@DBXPR07MB126.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(37575265505322)(17755550239193);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0;
RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(6041248)(20161123560025)(20161123564025)(20161123562025)(20161123558100)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148);
SRVR:DBXPR07MB126; BCL:0; PCL:0; RULEID:; SRVR:DBXPR07MB126;
x-forefront-prvs: 031996B7EF
x-forefront-antispam-report: SFV:NSPM;
SFS:(10009020)(6009001)(39450400003)(39410400002)(39840400002)(39860400002)(39400400002)(39850400002)(377454003)(24454002)(13464003)(3280700002)(53936002)(81166006)(3846002)(230783001)(54356999)(6506006)(8936002)(3660700001)(85182001)(2906002)(6436002)(6116002)(99286003)(9686003)(66066001)(6306002)(74316002)(2900100001)(7736002)(102836003)(55016002)(189998001)(50986999)(8676002)(53546009)(305945005)(966005)(5660300001)(33656002)(85202003)(86362001)(38730400002)(5250100002)(7696004)(6246003)(229853002)(110136004)(6916009)(4326008)(478600001)(25786009)(14454004);
DIR:OUT; SFP:1101; SCL:1; SRVR:DBXPR07MB126;
H:DBXPR07MB128.eurprd07.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 May 2017 10:55:09.2664 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBXPR07MB126
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpkleLIzCtJLcpLzFFi42KZGbFdWncCp0akwfWteharJqxls3j4JcGB
yWPW/bNsHkuW/GQKYIrisklJzcksSy3St0vgyri5aD5LwTqXiiPbNjI2MJ5x6mLk5JAQMJF4
97aFrYuRi0NI4AijxKTL36CcE4wS3/YcYAepYhHoZZY4+NMWIjGNSeLj8sfMIAkhgYeMElM3
2IDYbAIuEjs2zWHtYuTgEBEwkPh/sAwkzCxgLHFhSzsTiC0s4CRx8c5ONhBbRMBZ4uKbe0wQ
tp7EjNZ+ZohdqhL/3+4C28srECXR9PcUK4jNKCAm8f3UGiaImeISt57MZ4L4QEBiyZ7zzBC2
qMTLx/+g6iczSsx+UAYRV5DYtOA9O4QtK3FpfjcjyC8SAt3MEitXb2aDSGhKPFz3kxHC9pX4
13SGBcKulWj8swEqnikxrecTlO0l8WbOW1aIQR+YJOYdf88I8ryEgIzEx6nqEPGzrBL3bz6G
+l5K4u6VTkYIW0bixZ29rBMYNWcheWgWUDsz0B3rd+lDhBUlpnQ/ZJ8FDgtBiZMzn7AsYGRZ
xShanFpcnJtuZKSXWpSZXFycn6eXl1qyiRGYMA5u+W21g/Hgc8dDjAIcjEo8vDO+qUcKsSaW
FVfmHmKU4GBWEuF9zKERKcSbklhZlVqUH19UmpNafIhRmoNFSZzXYd+FCCGB9MSS1OzU1ILU
IpgsEwenVAOj0u3zt94+tSxKiIjw1Av9/Pfnw9ktyj6WFqrGZUfaQidbCx7hm77ePmvd7NL/
PKctzsyZ3fJYc7NONuObppTqXXk9Jk98tZ7veW6rVrtSOfhMLnsG1+fWXMnApFdJJcUrswxa
guN+Cef9nsw3s/Hj5BK2TtGEWeq7Er2mB1xr/6cn+c58sqESS3FGoqEWc1FxIgByfsm+FAMA
AA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet-dp-dt/uHEzwO_0s9ZNwEQeBoIJP4SetBM>
Subject: Re: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTAL issue]
X-BeenThere: detnet-dp-dt@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DetNet WG Data Plane Design Team <detnet-dp-dt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet-dp-dt>,
<mailto:detnet-dp-dt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet-dp-dt/>
List-Post: <mailto:detnet-dp-dt@ietf.org>
List-Help: <mailto:detnet-dp-dt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet-dp-dt>,
<mailto:detnet-dp-dt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2017 10:55:17 -0000
Yeeaahhh, that's true regarding IETF ... Anyway, there is a FUNDAMENTAL multicast issue for DetNet. I have started to review in detail the solution draft and I have a fundamental issue with multicast in the context of IPv6 & DetNet. DetNet flows having an IPv6 multicast destination address may not gain from PREF (packet replication and elimination). This is because of the reverse-path-forwarding check (RPF check, see details below), which is essential part of each multicast implementations. For PREF we need disjoint paths. So PREF node receives the DetNet replica-flows via disjoint paths, however packets received over the paths may fail the RPF check and those will be discarded on ingress. Therefore the PREF process will not receive all the replica-flows (in worst case it may receive nothing when no one of the disjoint paths are able to pass the RPF check). As a result only DetNet flows with a unicast dst-IP-address can gain from PREF. For DetNet flows with multicast dst-IP-address we need a workaround. (1) bypass RPF (seems to be mission impossible, breaks data plane essentials) or (2) other means (e.g., combine PREF mandatory with some other functions like tunneling) For the "other means" we could use the SRH (segment routing header). We need it for ensuring the disjoint paths anyway. So the DetNet IPv6 packet will be encapsulated and the result will be a unicast IPv6 packet. Encapsulation may occur at the edge node of the detNet domain (PE node). For DetNet-capable sources adding SRH may happen already in the source. SRH does not mandate what IPv6 addresses can be in the segment list, so the last one can be even a multicast address if the network scenario allows it. :--))) https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-06 With that SRH based solution we fallback to the unicast scenario. :--))) Also placing the PREFs are at the SRH segment endpoints so encoding the seq.num. to a destination header is an obvious solution. Have I missed something? Comments are welcome. Note: This is not an issue in L2 networks (IEEE) as L2 multicast default forwarding is flooding. And there is no RPF check for L2 multicast ( as we have no glue where the L2-src is :--))) ). So using multicast dst-addresses was a rational approach in L2 networks, but it is more challenging in L3 networks. Note2: This is not an issue in MPLS networks as LSPs are used and the PW encapsulation hides IP addresses. Forwarding on P2P and P2MP LSPs do not care what is inside and neither does PREF as it works based on the PW encapsulation information. Cheers Bala'zs BACKGROUND - IP multicast forwarding rules: "Every multicast packet received must pass an RPF check before it is eligible to be replicated or forwarded on any interface. The RPF check is essential for every router's multicast implementation. When a multicast packet is received on an interface, the router interprets the source address in the multicast IP packet as the destination address for a unicast IP packet. The source multicast address is found in the unicast routing table, and the outgoing interface is determined. If the outgoing interface found in the unicast routing table is the same as the interface that the multicast packet was received on, the packet passes the RPF check. Multicast packets that fail the RPF check are dropped because the incoming interface is not on the shortest path back to the source." -----Original Message----- From: Detnet-dp-dt [mailto:detnet-dp-dt-bounces@ietf.org] On Behalf Of Jouni Korhonen Sent: 2017. május 26. 0:02 To: Balázs Varga A <balazs.a.varga@ericsson.com> Cc: Detnet-dp-dt@ietf.org Subject: Re: [Detnet-dp-dt] IPv6 and multicast Hi, I hear you. However, these kinds of things are issues IETF wise.. protocol purists, you know ;) Also, we have precedence using hop-by-hop options in rfc6621 (see Section 6.1). So I might actually be leaning towards favoring hop-by-hop as a generic solution even if it has an undesired impact for nodes that do not need to look the option up. At least the same solution would then work for both unicast and multicast. - JOuni -- Jouni Korhonen, Broadcom, Core Switching Group +1-408-391-7160 > On May 25, 2017, at 4:35 AM, Balázs Varga A <balazs.a.varga@ericsson.com> wrote: > > Hi, > > I would take a pragmatic view on this. The rules of using the extension header options > are defined primarily for "routing" decision purposes of the IP layer. However PREF is > a detnet service layer function by definition. So, PREF can simple check whatever > header fields are there in the IP packet to do its own task (namely replicate and > eliminate) even if the PREF node is not the destination node. > > Therefore, destination option is absolutely fine as seq.num. Hop by hop would cause > unnecessary load for intermediate nodes to examine and process an option that > contains seq.num which is useless for them. > > Cheers > Bala'zs > > -----Original Message----- > From: Detnet-dp-dt [mailto:detnet-dp-dt-bounces@ietf.org] On Behalf Of Jouni Korhonen > Sent: 2017. május 24. 23:55 > To: Detnet-dp-dt@ietf.org > Subject: [Detnet-dp-dt] IPv6 and multicast > > Continuing the discussion we had about IPv6, multicast and destination options. In a multicast case only the final receivers of the packets (i.e. the nodes joining to the multicast group as end hosts) would examine the Destination Option. I am not sure if this is the desired behavior? On the other hand a Hop by Hop option would be examined by all intermediate nodes whether they are PREF processing or not. Whcih one you would think is a better approach? > > When using unicast and things like segment routing the behavior of the nodes is more straight forward. The processing of the Destination Option is done each time one of the routing option destinations are reached. > > - Jouni > > > > -- > Jouni Korhonen, Broadcom, Core Switching Group > +1-408-391-7160 > > > > _______________________________________________ > Detnet-dp-dt mailing list > Detnet-dp-dt@ietf.org > https://www.ietf.org/mailman/listinfo/detnet-dp-dt _______________________________________________ Detnet-dp-dt mailing list Detnet-dp-dt@ietf.org https://www.ietf.org/mailman/listinfo/detnet-dp-dt
- Re: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTA… Balázs Varga A
- Re: [Detnet-dp-dt] IPv6 and multicast [FUNDAMENTA… jouni korhonen