IETF Logo Mail Archive

Re: [Detnet] consolidated response: IP Data Plane draft comments

"Black, David" <David.Black@dell.com> Tue, 08 October 2019 14:03 UTC

Return-Path: <David.Black@dell.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB13A12082D for <detnet@ietfa.amsl.com>; Tue, 8 Oct 2019 07:03:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dell.com header.b=XTPL0Q8B; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=emc.com header.b=TDwQRyMg
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l7W9fUMDdZHT for <detnet@ietfa.amsl.com>; Tue, 8 Oct 2019 07:03:06 -0700 (PDT)
Received: from mx0a-00154904.pphosted.com (mx0a-00154904.pphosted.com [148.163.133.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7095B12082F for <detnet@ietf.org>; Tue, 8 Oct 2019 07:03:06 -0700 (PDT)
Received: from pps.filterd (m0170391.ppops.net [127.0.0.1]) by mx0a-00154904.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x98DjB9Z013975; Tue, 8 Oct 2019 10:03:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dell.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=smtpout1; bh=P65bQp+XY+YPibqWCnwU8MXgVW/5Wq+8/4YSmU9rVdU=; b=XTPL0Q8Bc6FulpnmY1QroifmT9mZqsI1YsnyKMqDVskuO5uqh5l4FodTwi4u9ap++YCO TC5AJd7Xv6q2Fhm1Gl5Ud4c3zG+7s9NMWjXReGouuIU8fvV//sj2QAaA8CNuuqQCF1I4 xp8UPjqRBTidY/ZLI6tmaemyyustuBOS1lvM6EaA+AapJy1sztYNcEa5UhIuh6kkuWxx 4BdthNWrS0gxj5TdeCCsPIdZAMuAnG8PfqMB2iur5RDUny+YyfwxY0fyajU7YxityGPY wg8B1VMVhdIvphFSqsU2RuWqFqA4d3rQA/77kYWUmrQ7x8qvLDuEK7YeQvWiEGnf6tN1 uw==
Received: from mx0b-00154901.pphosted.com (mx0a-00154901.pphosted.com [67.231.149.39]) by mx0a-00154904.pphosted.com with ESMTP id 2vepay5uh2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 08 Oct 2019 10:03:05 -0400
Received: from pps.filterd (m0090350.ppops.net [127.0.0.1]) by mx0b-00154901.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x98DhoOG042562; Tue, 8 Oct 2019 10:03:05 -0400
Received: from mailuogwhop.emc.com (mailuogwhop-nat.lss.emc.com [168.159.213.141] (may be forged)) by mx0b-00154901.pphosted.com with ESMTP id 2vf81hqqp6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 08 Oct 2019 10:03:05 -0400
Received: from maildlpprd05.lss.emc.com (maildlpprd05.lss.emc.com [10.253.24.37]) by mailuogwprd03.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id x98E2rle020266 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 8 Oct 2019 10:03:03 -0400
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd03.lss.emc.com x98E2rle020266
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1570543383; bh=OHi+9/2lAMrF/mOrDhYE0VPR8rU=; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:MIME-Version; b=TDwQRyMgFmBiXuRP4rAc9HwP1J6+YugNsS2InH5tnPUMK70aFXMp/DUNPV2ps3Hii NDuNoDzt6UnvVkF3M34fySoZe/D+bx1UnFS6sITIqTP6YiAgwTwgLQjq2qPZrDSdaZ UBj66rf6W6Bce0QIGjShLYArSOriJe4fOojWTbQY=
Received: from mailusrhubprd53.lss.emc.com (mailusrhubprd53.lss.emc.com [10.106.48.18]) by maildlpprd05.lss.emc.com (RSA Interceptor); Tue, 8 Oct 2019 10:02:38 -0400
Received: from MXHUB305.corp.emc.com (MXHUB305.corp.emc.com [10.146.3.31]) by mailusrhubprd53.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id x98E2e2O008131 (version=TLSv1.2 cipher=AES128-SHA256 bits=128 verify=FAIL); Tue, 8 Oct 2019 10:02:40 -0400
Received: from MX307CL04.corp.emc.com ([fe80::849f:5da2:11b:4385]) by MXHUB305.corp.emc.com ([10.146.3.31]) with mapi id 14.03.0439.000; Tue, 8 Oct 2019 10:02:39 -0400
From: "Black, David" <David.Black@dell.com>
To: Lou Berger <lberger@labn.net>
CC: "detnet@ietf.org" <detnet@ietf.org>, "Black, David" <David.Black@dell.com>
Thread-Topic: consolidated response: IP Data Plane draft comments
Thread-Index: AQHVfIdGFR6Q0fFpNE+Nquh1hwjvc6dQw6YA
Date: Tue, 08 Oct 2019 14:02:39 +0000
Message-ID: <CE03DB3D7B45C245BCA0D2432779493630765393@MX307CL04.corp.emc.com>
References: <0b0f78a3-b0c2-06a3-1d1a-9205f612a13f@labn.net>
In-Reply-To: <0b0f78a3-b0c2-06a3-1d1a-9205f612a13f@labn.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Enabled=True; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_SiteId=945c199a-83a2-4e80-9f8c-5a91be5752dd; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Owner=david.black@emc.com; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_SetDate=2019-10-08T14:02:34.0831682Z; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Name=External Public; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Application=Microsoft Azure Information Protection; MSIP_Label_17cb76b2-10b8-4fe1-93d4-2202842406cd_Extended_MSFT_Method=Manual; aiplabel=External Public
x-originating-ip: [10.238.21.131]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd53.lss.emc.com
X-RSA-Classifications: public
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-10-08_05:2019-10-08,2019-10-08 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 mlxlogscore=999 spamscore=0 lowpriorityscore=0 suspectscore=0 impostorscore=0 adultscore=0 priorityscore=1501 mlxscore=0 bulkscore=0 clxscore=1011 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1910080131
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 mlxscore=0 spamscore=0 bulkscore=0 lowpriorityscore=0 mlxlogscore=999 priorityscore=1501 malwarescore=0 phishscore=0 impostorscore=0 clxscore=1011 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1910080131
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/OQhZvekRV_Dj7_4pHwZQ8DmxjkQ>
Subject: Re: [Detnet] consolidated response: IP Data Plane draft comments
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 14:03:17 -0000

Lou,

> Please let me know if this addresses all your comments in an acceptable
> fashion or if you'd like to discuss further.

The proposed text does not address the comments.

[A] ECN

The proposed text effectively ignores the comments, and fails to address the problem.

The ECN field MUST NOT be used for flow identification, period (e.g., see RFC 3290, which does not include ECN in the 6-tuple).  In particular, it would be wrong for two DetNet flows to differ solely on the values used in the ECN field.  If there's a disagreement, please cite text from RFC 3168 that justifies this proposed ECN field usage.

[B] 5-tuples and 6-tuples

As I noted in one of the referenced messages in response to a question:

> > Are you okay with dropping "While 5-tuples suffice to identify DetNet flows,"
> Not by itself - if that text is dropped, I'd want to add a couple of sentences
> (perhaps not in Section 3) to explain how DetNet flows differ from Diffserv flows,
> i.e., "microflows" in defined in RFC 2475 (Diffserv Architecture).

The heads up for everyone is that if multiple DetNet flows differ only in DSCP (i.e., IP addresses, transport protocol and ports are the same), then non-DetNet network management tools that deal with traffic flows will lump those flows together.  Is it at least possible to prohibit (or at least strongly discourage, i.e., "SHOULD NOT") use of the same 5-tuple for DetNet and non-DetNet traffic?  That would at least contain the resulting network management and operational effects to DetNet?

The use of DSCP for flow identification makes the OAM problem much harder for the IP data plane by dramatically increasing the difficulty of getting DetNet IP OAM traffic to fate-share with the DetNet traffic for which the OAM functionality is intended (it may be necessary to resort to shoving an MPLS label in there to identify OAM traffic and requiring nodes that originate or terminate DetNet OAM packets to understand enough of MPLS to deal with this).

Also, be aware that if two DetNet flows differ only in DSCP, most existing network transport protocols will have problems dealing with that situation - see RFC 7657 for details.

Thanks, --David

> -----Original Message-----
> From: Lou Berger <lberger@labn.net>
> Sent: Sunday, October 6, 2019 4:47 PM
> To: Black, David
> Cc: detnet@ietf.org
> Subject: consolidated response: IP Data Plane draft comments
> 
> 
> [EXTERNAL EMAIL]
> 
> David,
> 
>      My apologies on the time to get back to this topic.  Before the
> last IETF you raised a number of points on the IP data plane document.
> For context, I believe the threads are found in:
> https://mailarchive.ietf.org/arch/msg/detnet/ykpI6gbH2L705BBjmHbnsZraxig
> https://mailarchive.ietf.org/arch/msg/detnet/phi4OBWijlp7T4_HML2YvWfoaas
> https://mailarchive.ietf.org/arch/msg/detnet/th2Yj5Z4_8VtBsEOF1UfLejMhpM
> https://mailarchive.ietf.org/arch/msg/detnet/qvs-S0Nrm1B8w8JYO7zDLFwpTFQ
> 
> In re reviewing the discussions, I think we missed the ECN field. Based
> on this and a general reread, I have put together a proposed set of
> changes to the published draft.  The changes are  available at
> 
> https://github.com/detnet-wg/data-plane-
> drafts/commit/d3a733556804f11abbedbd128e3c62786418ddc8
> 
> (text format can be received at
> https://xml2rfc.tools.ietf.org/cgi-
> bin/xml2rfc.cgi?url=https://raw.githubusercontent.com/detnet-wg/data-
> plane-drafts/working/lb/ip-tos-update/ip/draft-ietf-detnet-ip.xml)
> 
> the following changes are proposed:
> OLD183,195c185,202
> <    The DetNet IP data plane uses "6-tuple" based flow identification,
> <    where 6-tuple refers to information carried in IP and higher layer
> <    protocol headers.  The 6-tuple referred to in this document is the
> <    same as that defined in [RFC3290].  Specifically 6-tuple is
> <    (destination address, source address, IP protocol, source port,
> <    destination port, and differentiated services (DiffServ) code point
> <    (DSCP).  General background on the use of IP headers, and 5-tuples,
> <    to identify flows and support Quality of Service (QoS) can be found
> <    in [RFC3670].  [RFC7657] also provides useful background on the
> <    delivery of DiffServ and "tuple" based flow identification.
> <    Referring to a 6-tuple allows DetNet nodes to forward packets with
> <    the 6-tuple as is or remap the DSCP where required by the DetNet
> <    service.
> NEW
>  >    The DetNet IP data plane primarily uses "6-tuple" based flow
>  >    identification, where 6-tuple refers to information carried in IP and
>  >    higher layer protocol headers.  The 6-tuple referred to in this
>  >    document is the same as that defined in [RFC3290]. Specifically
>  >    6-tuple is (destination address, source address, IP protocol, source
>  >    port, destination port, and differentiated services (DiffServ) code
>  >    point (DSCP).  General background on the use of IP headers, and
>  >    5-tuples, to identify flows and support Quality of Service (QoS) can
>  >    be found in [RFC3670].  [RFC7657] also provides useful background on
>  >    the delivery of DiffServ and "tuple" based flow identification.
>  >
>  >    The DetNet IP data plane also allows for optional matching on two
>  >    additional data fields.  The optional fields are the ECN Field, as in
>  >    [RFC3168], and the IPv6 flow label field, as defined in [RFC8200].
>  >
>  >    Generally the fields used in flow identification are forward
>  >    unmodified but modification is allowed, for example to a DSCP value,
>  >    when required by the DetNet service.
> 
> OLD
> <    masks, prefixes and ranges.  IP tunnels may also be used to support
> NEW
>  >    masks, lists, prefixes and ranges.  IP tunnels may also be used to
> 
> OLD
> 437,438c444,446
> <    of the 6-tuple i.e., the typical 5-tuple enhanced with the DSCP code,
> <    uniquely identifies a DetNet service flow.
> NEW
>  >    of the 6-tuple i.e., the typical 5-tuple enhanced with the DSCP and
>  >    previously mentioned two optional fields, uniquely identifies a
>  >    DetNet service flow.
> 
> OLD
> 590,593c598,608
> <    MUST support bitmask based matching, where bits set to one (1) in the
> <    bitmask indicate which subset of the bits in the field are to be used
> <    in determining a match.  Note that all bits set to zero (0) value as
> <    a bitmask effectively means that these fields are ignored.
> NEW
>  >    MUST support list based matching of DSCP values, where the list is
>  >    composed of possible field values that are to be considered when
>  >    identifying a specific DetNet flow.  Implementations SHOULD allow for
>  >    this field to be ignored for a specific DetNet flow.
>  >
>  >    Implementations of this document MUST allow the ECN field to be
>  >    ignored as part of DetNet flow identification. Additionally,
>  >    implementations SHOULD support identification of DetNet flows based
>  >    on the value carried in the ECN field.  When this field is used to
>  >    identify a specific DetNet flow, implementations MUST support a list
>  >    of ECN values that match a specific slow.
> 
> OLD
> 705c720,729
> <    o  IPv4 Type of Service and IPv6 Traffic Class Fields.
> <
> <    o  IPv4 Type of Service and IPv6 Traffic Class Field Bitmask, where a
> <       zero (0) effectively means that theses fields are ignored.
> NEW
>  >    o  For the IPv4 Type of Service and IPv6 Traffic Class Fields:
>  >
>  >       *  If the DSCP field is to be used in flow identification.
>  >          Ignoring the DSCP filed is optional.
>  >
>  >       *  When the DSCP field is used in flow identification, a list of
>  >          field values that may be used by a specific flow.
>  >
>  >       *  If the ECN field is to be used in flow identification.
>  >          Matching based on ECN filed values is optional.
>  >
>  >       *  When ECN field is used in flow identification, a list of field
>  >          values that may be used by a specific flow.
> 
> Please let me know if this addresses all your comments in an acceptable
> fashion or if you'd like to discuss further.
> 
> (BTW I think this is the sole open set of issues on the document.)
> 
> Thank you!
> 
> Lou
>

v2.23.0 | Report a Bug | By Email