Re: [Detnet] Benjamin Kaduk's Discuss on draft-ietf-detnet-ip-over-mpls-07: (with DISCUSS and COMMENT)
Balázs Varga A <balazs.a.varga@ericsson.com> Thu, 10 September 2020 09:56 UTC
Return-Path: <balazs.a.varga@ericsson.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABCF13A1293; Thu, 10 Sep 2020 02:56:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mKwOKPbCuMju; Thu, 10 Sep 2020 02:56:17 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60075.outbound.protection.outlook.com [40.107.6.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47ECD3A128E; Thu, 10 Sep 2020 02:56:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=flgB5gTWQyvsQ90GEwzDN7HWfzJAp3CZpnJ+x0WW0ynxyTv0SOMGp95e6AHliLdzQVGAIK27KN5xArm874nZf/ZV4KIx+wiFL8p8HHhiPYbCKaJfbFu3hhST2Fr15mmz3rJxBZEcl2uytGTKMsZO40ajZh4DcMkd2mDiWkg6wYilTPI1ymIjOa41tfjTpssuExBSZc1qCTaI+o8Fb6fEsOLvL26jaiTNLuWPeMqtwHdTharsbAIiDmnqMEVXgF5M+nT49gbESEjH5qR+C1oqiugeqdRFrTEzRx07HN5cP/DnsQeASvRHOBhVNtdHgPQChnzlzZYufg3P4VJE1NZ5IA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=s3DbafXMs2+S7ihJm9QTP1tLgQWQ/mYDB+RGxsQI2y0=; b=O7JT1GKc7ZfO5zG4ZDCe+pp29SOAdgDmR0+WPDpI7qg0JhEQ5oy/9nyhLXTbSSX7gl+GkALDJ9OQtn9vVkvatFx7sAzsvDP6GIP4KE2Fc3cKLnZQftk4USckn4uYZbCp6dcTuEz8p/AlgWLcp4AoUMWVy6TM1EqwRo/OOtYm75hq6bTZfhN+qnGKQh03+m/YIpUUMbfVa0/wxe2A6fMFH1/tPM1eDMUJYbSCZB20DpF4a2UCMn8gt7kK7nlbC6wBH/BcxWP4waJmBJXP8UedcgW+WnHI8Z/ikFy/9bhNvEJno5KUHKmUPAqby7O6RzwQAUdSWBGwLJkowLoFdE1nqA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=s3DbafXMs2+S7ihJm9QTP1tLgQWQ/mYDB+RGxsQI2y0=; b=bONU1K8JwC/27WNKnpf7B549O6Pyw7NbNvB1af6TNp+6JR07XPfu822WxXatb3k/pG375b/VPWkTr8uj/u9FtoT0X0CL4Q0+Fjy91y2I3xaDFqF/mru4XyvzMJrvvdq7vIVRkKLEETGU/INQcTuoacg2zY9piDfCXQT0haPkaTg=
Received: from AM0PR0702MB3603.eurprd07.prod.outlook.com (2603:10a6:208:22::25) by AM0PR07MB3985.eurprd07.prod.outlook.com (2603:10a6:208:4f::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3391.5; Thu, 10 Sep 2020 09:56:14 +0000
Received: from AM0PR0702MB3603.eurprd07.prod.outlook.com ([fe80::59ca:540d:b7f3:58b9]) by AM0PR0702MB3603.eurprd07.prod.outlook.com ([fe80::59ca:540d:b7f3:58b9%6]) with mapi id 15.20.3370.016; Thu, 10 Sep 2020 09:56:14 +0000
From: Balázs Varga A <balazs.a.varga@ericsson.com>
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>
CC: "draft-ietf-detnet-ip-over-mpls@ietf.org" <draft-ietf-detnet-ip-over-mpls@ietf.org>, "detnet-chairs@ietf.org" <detnet-chairs@ietf.org>, "detnet@ietf.org" <detnet@ietf.org>, Ethan Grossman <eagros@dolby.com>
Thread-Topic: Benjamin Kaduk's Discuss on draft-ietf-detnet-ip-over-mpls-07: (with DISCUSS and COMMENT)
Thread-Index: AQHWhzqvrUGhTogWQ06Tcnc4p4FKnqlhoD3A
Date: Thu, 10 Sep 2020 09:56:14 +0000
Message-ID: <AM0PR0702MB3603DDE4B15EB7B9BD658834AC270@AM0PR0702MB3603.eurprd07.prod.outlook.com>
References: <159971890721.2725.14409875833049738060@ietfa.amsl.com>
In-Reply-To: <159971890721.2725.14409875833049738060@ietfa.amsl.com>
Accept-Language: hu-HU, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [185.29.82.162]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 74f19de0-a793-457f-3652-08d8556fc117
x-ms-traffictypediagnostic: AM0PR07MB3985:
x-microsoft-antispam-prvs: <AM0PR07MB39856B229B135A52E4FFBA36AC270@AM0PR07MB3985.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uUtX6ChaaHp7FgLwX3Xsqh9i7eavj8I47pM/lcQSeoEP4bOGnPROe4ZUA+XeEI2+a4Mwz37B3863/4Wlt8dDDthg044MoztlbDr2ZbhelAxxv/jLtJ8pOvzjGJh/vJiuXQjRqRinPio64M81dvFk6vew4auHTzVFuDZX1Zd+5BPre29uHcpXmEkbR0NQcJPtdUuV5gSVtk9JZXb/QUXmUKzwhVy30YuyEl2r4lccB181NqrHGNuXZLGGyVyat8wVIP9iYhqy0RBwarjcZ9RuRPYHN2aGm7kt0ezQOlfLMvx1jVqeOevx3qrm47lvSI3l9LNIRDvTG2mkDGNvOV7MyhOXg1Gx5qzWrEijYoklI00MoLxZ6DTIAiFcSj8aLREpOD2QRsBaxXAStg9LfxIUR5IYChfYeqkdKR2ifjibQvRbVl5/gIgzto31kSR827H6VaK5z71Z3C2CuUvrKszhjg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR0702MB3603.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(136003)(39860400002)(376002)(366004)(26005)(8676002)(186003)(478600001)(4326008)(966005)(8936002)(52536014)(2906002)(316002)(53546011)(66574015)(55016002)(6506007)(110136005)(86362001)(71200400001)(83380400001)(54906003)(66946007)(76116006)(64756008)(66556008)(66476007)(66446008)(5660300002)(7696005)(85202003)(9686003)(33656002)(85182001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 8LcKwbG+i044/u7+KQq2FyMnrDHfj7HHoOFhZEImGnYrWbKM7LYxfSClUjryCrv1JXodcFAhSqSLp+484wibosx2dBMMKldKyHi9fMSJjHBSaBeQgI0VE82KZtsXRYrTiS+CyvmfrzT5x3OoJ1RGWqtjoielUOXINE9/sI/RLwHyhp8SlxESVoGbDCSEuswwajcsRIpdIuzPEKVXVwzoPPj6rnzTf60s9URrieBUwrWJ9yyeBRvnhLz2sleWqweK0NRm1RgGtIod8Vqauqm6Qw8LBzF6tJe3+8gWRg+IhQNtPiyT1Qix3m+d3Og68GGNFyWPoPpW/EK9Iik/TjYZ1AE9STlw6Lbr3iDdEoC8VFTF7GxOCoQcT0x11AlMqJxOcmUVjqmOpiGk3xD+XQu/y84xuByKjjQxaDSYAOF1W+/J7pRxgy7Ejw2crf3radtAQy+0EFKmZrGdiRHhkH5s/qqg2IkcjRDvzrPUQXx54SBMk7z2OyJBYaKCwVGjhZNnZmiALuGw5QDJ/tVv0luvgexBX4qCRG5d62FlrJ+rUXCVpt4pbwXbf+xWS6K2DIZeDuC4N8Wc88yVUCu1oYBVKoZGEYJWYV9TdLnJerrT7G5oRWAwqDPfXtVAPi9mKfffA3KtHr/+X07PRvP4qCHhLg==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR0702MB3603.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 74f19de0-a793-457f-3652-08d8556fc117
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Sep 2020 09:56:14.1390 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: /qfD/UDiQ+3X1f6pxTdW9Cea+jm9KrmqWTKFzpnWV/+yaaHca+XefBYEthc6yIsXqGzqNv7vymbO+EHPSvGuvp5hUuxuA2Uu0s/LuOC/MRk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB3985
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/HVjLTpDJzcjQjC7Z0dEY4cV0ewo>
Subject: Re: [Detnet] Benjamin Kaduk's Discuss on draft-ietf-detnet-ip-over-mpls-07: (with DISCUSS and COMMENT)
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Sep 2020 09:56:20 -0000
Hi Benjamin, Many thanks for the comments. My reactions/comments inline. Thanks & Cheers Bala'zs -----Original Message----- From: Benjamin Kaduk via Datatracker <noreply@ietf.org> Sent: Thursday, September 10, 2020 8:22 AM To: The IESG <iesg@ietf.org> Cc: draft-ietf-detnet-ip-over-mpls@ietf.org; detnet-chairs@ietf.org; detnet@ietf.org; Ethan Grossman <eagros@dolby.com>; eagros@dolby.com Subject: Benjamin Kaduk's Discuss on draft-ietf-detnet-ip-over-mpls-07: (with DISCUSS and COMMENT) Benjamin Kaduk has entered the following ballot position for draft-ietf-detnet-ip-over-mpls-07: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-detnet-ip-over-mpls/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- (Very much a "discuss discuss" -- I just want to make sure the conversation happens, regardless of the outcome.) I do see the response to Alvaro's ballot position but I'm still not sure that I understand what specifically requires this document to be on the standards-track. Yes, there are differences between IP-over-MPLS and IP-over-DetNet-MPLS, but (e.g.) how much of the DetNet-specific handling is just "when you send the traffic onwards you need to ensure the quality of service" which in this scenario means translating the DetNet IP needs into the DetNet MPLS configuration? In other words, a lot of this seems to be just giving information about how to fulfill the existing requirements from (e.g.) draft-ietf-detnet-ip, so I am not sure that I understand what the truly new protocol pieces and/or requirements are. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Section 4.1 Figure 1 illustrates DetNet enabled End Systems connected to DetNet (DN) enabled MPLS network. A similar situation occurs when end nit: missing article ("a DetNet [...] network"). Also, this paragraph appears after Figure 2, so the reference back to Figure 1 is perhaps unusual (albeit, as far as I can tell, correct). <Bala'zs> OK. Thanks. Section 4.2 In Figure 3 "App-Flow" indicates the payload carried by the DetNet IP data plane. "IP" and "NProto" indicate the fields described in Section 5.1.1. (IP Header Information) and Section 5.1.2. (Other It seems like the document production pipeline is introducing spurious periods after the section numbers, which make this a bit confusing (and some later text, too). <Bala'zs> OK. Thanks. Section 5.1 flow. The provisioning of the mapping of DetNet IP flows to DetNet MPLS flows MUST be supported via configuration, e.g., via the controller plane. I'm not sure I understand why this requirement is only for "support" -- how else would it be done? A DetNet relay node (egress T-PE) MAY be provisioned to handle packets received via the DetNet MPLS data plane as DetNet IP flows. A single incoming DetNet MPLS flow MAY be treated as a single DetNet IP flow, without examination of IP headers. Alternatively, packets Just to check my understanding: this would basically just be the controller plane saying "inbound MPLS S-Label value <X> is an IP flow with outbound interface and destination address <Y>", and no IP payloads are inspected? <Bala'zs> Yes. Section 7 [I will not repeat the comments from draft-ietf-detnet-mpls that are also applicable here, but it seems that most of them are.] <Bala'zs> OK. I will check what to update based on those comments. There are perhaps some new bits where nodes at the IP/MPLS boundary are tasked with enforcing the ingress filtering for the MPLS domain even though both the IP domain and MPLS domain are part of the same DetNet environment. In some sense the duty to provide DetNet service and the duty to protect the MPLS network could be in conflict, and we might want to say something about how to handle that. <Bala'zs> OK. Policing on IP flows at ingress is part of protecting the network (and other DetNet flows as well). An egress T-PE that does not examine the IP headers might be susceptible to attacks that generate spoofed IP traffic (and spoofed IP traffic is a perennial annoyance in Internet environments, so contributing to it is usually disrecommended). Perhaps we should encourage at least consistency checks on the IP headers with the configuration from the controller plane for the IP flow in question? <Bala'zs> OK. Thanks. Section 11.2 It is again surprising to see draft-ietf-detnet-data-plane-framework listed as only an informative reference. <Bala'zs> OK. Changed to normative.
- [Detnet] Benjamin Kaduk's Discuss on draft-ietf-d… Benjamin Kaduk via Datatracker
- Re: [Detnet] Benjamin Kaduk's Discuss on draft-ie… Balázs Varga A