Re: [Detnet] Roman Danyliw's Discuss on draft-ietf-detnet-mpls-oam-14: (with DISCUSS and COMMENT)
Greg Mirsky <gregimirsky@gmail.com> Wed, 10 January 2024 19:59 UTC
Return-Path: <gregimirsky@gmail.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90805C14CE5E; Wed, 10 Jan 2024 11:59:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.104
X-Spam-Level:
X-Spam-Status: No, score=-7.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZG3SwnTuCfAI; Wed, 10 Jan 2024 11:59:00 -0800 (PST)
Received: from mail-yb1-xb2d.google.com (mail-yb1-xb2d.google.com [IPv6:2607:f8b0:4864:20::b2d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE161C14CE4D; Wed, 10 Jan 2024 11:59:00 -0800 (PST)
Received: by mail-yb1-xb2d.google.com with SMTP id 3f1490d57ef6-dbdb124491cso3601231276.1; Wed, 10 Jan 2024 11:59:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1704916740; x=1705521540; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=eiRFw6UagAq3HW5vFWjRhnXyGxka/7yVA1yp2D5cY1Y=; b=JsRgJkrr07GFhpNSpOqyW0rQTLiJAt2+2N/iqymib9OQ+onKlhOPvlFO44lAk7lcGM ud1s9Wgdn9/lAot8lPhnfLMY+ymP4uGoTxSDONcCs4yeZFprcl73jhDvqkAiOFHVdbsR vH/UChg4le8Ydn5Y2YiFSf2fe4+b1HRLQWK0zjO/MlZSTVMzQx/6XkDD7nBt5s9qP84j 0X1FjNvL5qcihabjbe+xo+efHNHqvYn3KiuZ5PkKC2G6Mz1dUo9ltsLZ+72w2folkoYo zKP9uXVW3Lcw414r/N3/W79gOdM0y4kgC8TGk8LqpU3eZuB4ssVX5r+1b+mbf1z7zrpa Jqtg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704916740; x=1705521540; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eiRFw6UagAq3HW5vFWjRhnXyGxka/7yVA1yp2D5cY1Y=; b=BIQScxTFzNA9yp+W7AH6GBrAmoMgWvnmG1gI0Sz48meBkotZ08+TLRLe5eZHXHKaSJ OKeujsdOvgOpS7RthMVLq6a8bVEyHVHgwe+0kEGxmdu5X4wZfEMf8lQq1VxCdfW4iL3P /lfjsrpqcafrHqc/fYDVjBsrQM8t53bRbf1mRfyoJw6E8j1e/KGjcE61taDxQH9soKU4 xYTAopSpDKUpaz3VBdxI4/uC5cutaaMsOeueH+JHGaWi6KmSJPx4fOoq62UD/nn1Dmbo /KdF0C35+5nopwIo9xNR4nhKdxF9ds7Y07Gm4Mh5E7LGBkwtMByqyfhZ6AFCcqw2XkOi 7I7A==
X-Gm-Message-State: AOJu0YyKOlJryKQA0nJwLnC+oRB9JvFA8OaC/knhmsvvzX2rnXQwxFDY FVQVaVG2JCCLG1Ii0f5WB8Gzo58PJDS3YW1k7JQ=
X-Google-Smtp-Source: AGHT+IE6NQgSQ2bmJ/+tDvvJbFGw8bHBgfnoesQdOW6LYqZzvVtXlztkKsfaMLCQLOvkbW2JUMxyPnQO4XFdXsR1nQo=
X-Received: by 2002:a25:4186:0:b0:dbf:3c01:1941 with SMTP id o128-20020a254186000000b00dbf3c011941mr25353yba.30.1704916739783; Wed, 10 Jan 2024 11:58:59 -0800 (PST)
MIME-Version: 1.0
References: <170429230512.62985.1016433859639657876@ietfa.amsl.com>
In-Reply-To: <170429230512.62985.1016433859639657876@ietfa.amsl.com>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Wed, 10 Jan 2024 11:58:49 -0800
Message-ID: <CA+RyBmV8wRqoE6KeOg2mgk9zr-=t1Uqk=+=TSz5Q=PKk-WuKcg@mail.gmail.com>
To: Roman Danyliw <rdd@cert.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-detnet-mpls-oam@ietf.org, detnet-chairs@ietf.org, detnet@ietf.org, janos.farkas@ericsson.com
Content-Type: multipart/alternative; boundary="000000000000a57ef6060e9cdc8b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/Tz7bpp-dHPNqDQOY2jr2F0Zz10w>
Subject: Re: [Detnet] Roman Danyliw's Discuss on draft-ietf-detnet-mpls-oam-14: (with DISCUSS and COMMENT)
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jan 2024 19:59:01 -0000
Hi Roman, thank you for your questions and comments. Please find my notes below tagged by GIM>>. Regards, Greg On Wed, Jan 3, 2024 at 7:03 AM Roman Danyliw via Datatracker < noreply@ietf.org> wrote: > Roman Danyliw has entered the following ballot position for > draft-ietf-detnet-mpls-oam-14: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-detnet-mpls-oam/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > ** Section 3.1 > > Level - is a 3-bit field. The Level field is used to cope with > the "all active path forwarding" characteristics of the PREOF > concept. A hierarchical relationship between OAM domains can be > created using the Level field value. > > How are level values constructed in an interoperable way? How does one > know > where a value fits in a hierarchy? > GIM>> Thank you for pointing this out to me. The Level field is analogous to the Maintenance Domain (MD) Level used in ETH-OAM and discussed in Section 18.3 IEEE Std.802.1Q-2014. Figure 18.7 is very helpful in illustrating the relationships among different MD Levels. Would the updated text address your concern: NEW TEXT: Level - is a 3-bit field. Semantically, the Level field is anlogous to the Maintenance Domain Level in [IEEE.802.1Q]. The Level field is used to cope with the "all active path forwarding" characteristics of the PREOF concept. A hierarchical relationship between OAM domains can be created using the Level field value, illustrated by Figure 18.7 in [IEEE.802.1Q]. > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thank you to Hilarie Orman for the SECDIR review. > > I support the DISCUSS position of Martin Duke. > > ** Section 3.1. > Sequence Number - is an unsigned circular 8-bit field. The > sequence number space is circular with no restriction on the > initial value. > > -- is an “unsigned circular … field” an unsigned integer that wraps around? > GIM>> Correct. > > -- how is wrap-around handled? > GIM>> The sequencing of packets in DetNet is used by Packet Elimination and Packet Ordering Functions on the DetNet service sub-layer. The former eliminates replicated copies of the earlier forwarded packet. The latter improves in-order delivery within a given DetNet flow. > > ** Per the SECDIR review noting these OAM headers could enable tracking or > fingerprinting, it would be valuable to make a statement to that effect in > the > Security Considerations. > GIM>> Thank you for your kind reminder about that suggestion. In this draft, we missed noting that the Security Considerations discussed in draft-ietf-detnet-oam-requirements are inherited. If we do that (see below), would it be sufficient considering the following text in the DetNet OAM Requirements: Furthermore, the analysis of OAM security concerns in Section 6 of [RFC7276] also applies to DetNet OAM, including the use of OAM for network reconnaissance. NEW TEXT: 6. Security Considerations Security considerations discussed in DetNet specifications [RFC8655], [RFC9055], [RFC8964], and [I-D.ietf-detnet-oam-framework] are applicable to this document. Security concerns and issues related to MPLS OAM tools like LSP Ping [RFC8029], and BFD over PW [RFC5885] also apply to this specification.
- [Detnet] Roman Danyliw's Discuss on draft-ietf-de… Roman Danyliw via Datatracker
- Re: [Detnet] Roman Danyliw's Discuss on draft-iet… Greg Mirsky