Re: [Gen-art] Gen-ART Last Call review of draft-ietf-l3sm-l3vpn-service-model-16
Brian E Carpenter <brian.e.carpenter@gmail.com> Mon, 10 October 2016 23:49 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 775C71297B3; Mon, 10 Oct 2016 16:49:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c6iEb6kL3bpU; Mon, 10 Oct 2016 16:49:11 -0700 (PDT)
Received: from mail-pa0-x22a.google.com (mail-pa0-x22a.google.com [IPv6:2607:f8b0:400e:c03::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2261F1297B5; Mon, 10 Oct 2016 16:49:09 -0700 (PDT)
Received: by mail-pa0-x22a.google.com with SMTP id qn10so3427155pac.2; Mon, 10 Oct 2016 16:49:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=gowJrhhP93O+fOdt0P3saVi8d6Wd8LeScT1R6BLY5TQ=; b=l2LkTBKOV7ffTnGehKtc3uNCB0IxVZCS2mdjHBtujO1uAU4pLcG2uIyLbSX/NvMTJD Hxwud6HIbBXNtlRWCVqGVMuGlN/sOpdoq/cmMFl1YaSyUNiIWVBT3b9hPAhhQFBDLtbF XscBXr6YuI/VV/WfrPKckG3x2C1jUbrbPSL7iivq4Wkxu2cVb/Rj9tP25Y0v7jjxmNQn hSL5kLVQV4wiboY31KDXFMfAkU045S0t2IAEZGGKRba6e3bIBI7QRaDCVGpThatUuzip 2X6/LfxtknOVCOeGNiEAGUpe8U9ZDh5xFfDDSQrxKdA1Y+WFyecN2JUSgKHg6sSCHoRX EYVg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=gowJrhhP93O+fOdt0P3saVi8d6Wd8LeScT1R6BLY5TQ=; b=TK2VN/ghAlHcLAxeG3gEPJoZKoHvrL/VelPNvfS/lt7udA1/SDnob3IAJ5C0yz65E9 Lo6xQz3DD0hiJa8OCI42kWffrY2dZCSrz3lQYc6kgFMEAKC1AJQM2QMsaJ/B/RV1fEMq d8E69c+40lKpgu85uwtMW8HtX+hSqvpxhfa1Z8QEQgiAduKQMtZJCHc36ucurGYOrdU3 0juglyYbNwwZQCaMg9ZR0itk/amxIuHFLGZKX2vfwCoUhyCvLmr7tMGJtublxVd3zCou Pd3EWCGZiZMdYtesDSXqh5wi4mzZ4ZfpT1PjgcT5JI3PuhvyVyg6eh82KNs63DnpyNan ynkg==
X-Gm-Message-State: AA6/9RksAsi3BU/ZHrwxP5WfGBia3CSJriRdMCpdy5l8sA/OR6afd8a2T3sRPOy9IpiKVg==
X-Received: by 10.66.51.129 with SMTP id k1mr1472583pao.5.1476143348743; Mon, 10 Oct 2016 16:49:08 -0700 (PDT)
Received: from ?IPv6:2001:df0:0:2006:c0da:ac17:5f6d:8e76? ([2001:df0:0:2006:c0da:ac17:5f6d:8e76]) by smtp.gmail.com with ESMTPSA id 3sm439272pfo.31.2016.10.10.16.49.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 10 Oct 2016 16:49:08 -0700 (PDT)
To: Qin Wu <bill.wu@huawei.com>, "stephane.litkowski@orange.com" <stephane.litkowski@orange.com>, "draft-ietf-l3sm-l3vpn-service-model.all@ietf.org" <draft-ietf-l3sm-l3vpn-service-model.all@ietf.org>, General Area Review Team <gen-art@ietf.org>, "l3sm@ietf.org" <l3sm@ietf.org>
References: <434b44e6-7168-81ce-beed-cc435d56e516@gmail.com> <29695_1475743607_57F60F77_29695_1285_2_9E32478DFA9976438E7A22F69B08FF921BDB44F5@OPEXCLILMA4.corporate.adroot.infra.ftgroup> <370b441b-6584-e4e3-837d-7c61cccdb4a3@gmail.com> <11008_1475826418_57F752F2_11008_4_1_9E32478DFA9976438E7A22F69B08FF921BDBB5F3@OPEXCLILMA4.corporate.adroot.infra.ftgroup> <c0329b98-fc0a-3891-d56c-40816cde3539@gmail.com> <22947_1476088151_57FB5157_22947_1045_1_9E32478DFA9976438E7A22F69B08FF921DAEC9D2@OPEXCLILMA4.corporate.adroot.infra.ftgroup> <B8F9A780D330094D99AF023C5877DABA854056EE@nkgeml513-mbx.china.huawei.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <bb9f4edf-a10e-100a-2758-832ea9460e43@gmail.com>
Date: Tue, 11 Oct 2016 12:49:06 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <B8F9A780D330094D99AF023C5877DABA854056EE@nkgeml513-mbx.china.huawei.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/G77ab1rwYVDLqwFDtJi_3QERA48>
Subject: Re: [Gen-art] Gen-ART Last Call review of draft-ietf-l3sm-l3vpn-service-model-16
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Oct 2016 23:49:13 -0000
That's certainly a valid option, but if you limit it to NAT44 I strongly suggest *calling* it NAT44, not plain NAT. Regards Brian Carpenter On 10/10/2016 21:55, Qin Wu wrote: > Not sure we should enumerate all the options in the base model, so your solution makes sense to me. > > -Qin > -----邮件原件----- > 发件人: stephane.litkowski@orange.com [mailto:stephane.litkowski@orange.com] > 发送时间: 2016年10月10日 16:29 > 收件人: Brian E Carpenter; draft-ietf-l3sm-l3vpn-service-model.all@ietf.org; General Area Review Team; l3sm@ietf.org > 主题: RE: Gen-ART Last Call review of draft-ietf-l3sm-l3vpn-service-model-16 > > For NAT, I would like to hear opinion for other people before doing the change. > And additional options can be added through augmentation. One solution is to limit to IPv4 case which is really usual today. > > > -----Original Message----- > From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com] > Sent: Saturday, October 08, 2016 02:08 > To: LITKOWSKI Stephane OBS/OINIS; draft-ietf-l3sm-l3vpn-service-model.all@ietf.org; General Area Review Team; l3sm@ietf.org > Subject: Re: Gen-ART Last Call review of draft-ietf-l3sm-l3vpn-service-model-16 > > [N.B. I have added the l3sm list but I am not subscribed] > > On 07/10/2016 20:46, stephane.litkowski@orange.com wrote: > ... > >>>> 5.12.2.2. QoS profile > ... >> [SLI2] The current model supports classification based on generic DSCP values. Isn't it enough ? > > Yes, I missed that. I agree, that seems the right level for this model. However, this raises one detail. The model says: > > | | | | | +--rw match-flow > | | | | | +--rw dscp? uint8 > | | | | | +--rw tos? uint8 > > but tos was obsoleted when dscp was defined by RFC 2474. I don't think you should include tos. You don't mention ECN, which are the two bits from tos that are not included in dscp. Those bits are no good for flow matching because they are variable. If an operator tries to use the 8 TOS bits for flow matching but a user supports ECN, the matching will not work consistently. > > ... >>> Also, I don't understand how you can separate this issue from Section 5.13.2. Transport constraints, where you do discuss parameters relevant to diffserv. The whole point about diffserv-intercon is to quantify and standardise the constraints at interconnections. >>> [SLI] We discussed this point when we designed the model, and it was simpler to express the transport constraint at vpn level than trying to implement them per site. That's why it was decoupled. >> >> OK, but you still need a rich set of QoS parameters at that level, and shouldn't it be the same set? >> >> [SLI2] Some of them are equivalent for example low latency/jitter, some are different as for diversity. >> I understand your comment, but I think we need a larger discussion on this topic and this may imply a full remodeling of this part. Let me post a thread on L3SM list. > > OK. > > ... >>>> 5.2.2. Cloud access >>> ... >>>> If NAT is required to access to the cloud, the nat-enabled leaf MUST >>>> be set to true. >>> ... >>> Although NAT is mentioned, I saw no support for NPTv6 (RFC6296). I also saw no mention of private or shared address space (RFC1918, RFC4193 or RFC6598). >>> >>> [SLI] NAT is a generic term, it only mentions that address translation is needed but does not tell what technology will be used. Nothing prevents SP to implement NPTv6. >> >> No, but the IETF strongly recommends against NAT66, while having specs for NAT44, NAT64 and NPTv6. >> Hiding these distinctions under the buzzword "NAT" is misleading. >> >> [SLI2] That was done for simplification purpose, could you list the different options that you would like to see in this model ? To be honest, I'm not fully aware of all the necessary combinations, so help would be required. > > I think the three cases I mentioned are sufficient for a start, but (getting back to Benoit's point) we could quickly get into configuration detail. So we have > > NAT44 - which requires an outside ipv4-address. > > NAT64 (for an IPv6-only network requiring IPv4 access) - which requires an outside ipv4-address and an inside WKP (well-known ipv6-prefix). > (NAT64 implies DNS64, but I don't think that is needed in the model.) > > NPTv6 - which requires an outside ipv6-prefix. > > (There are also possible NAT444 and XLAT464 cases with added complexity, but let's leave them for now.) > > So the three cases are different. I think you would need something like > > | | +--rw nat44-enabled? boolean > | | +--rw customer-nat44-address? inet:ipv4-address > | | +--rw nat64-enabled? boolean > | | +--rw customer-nat64-address? inet:ipv4-address > | | +--rw customer-nat64-wkp? inet:ipv6-prefix > | | +--rw nptv6-enabled? boolean > | | +--rw customer-nptv6-prefix? inet:ipv6-prefix > > If you go that way it needs a quick check on the BEHAVE list, where NAT expertise exists. > > Regards > Brian > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. >
- [Gen-art] Gen-ART Last Call review of draft-ietf-… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… stephane.litkowski
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… stephane.litkowski
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Benoit Claise
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… stephane.litkowski
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Qin Wu
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Qin Wu