Re: [Gen-art] Gen-ART Last Call review of draft-ietf-l3sm-l3vpn-service-model-16
Brian E Carpenter <brian.e.carpenter@gmail.com> Sat, 08 October 2016 00:07 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AB17129453; Fri, 7 Oct 2016 17:07:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 19MCW1qdencz; Fri, 7 Oct 2016 17:07:54 -0700 (PDT)
Received: from mail-pf0-x235.google.com (mail-pf0-x235.google.com [IPv6:2607:f8b0:400e:c00::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6363B1294A7; Fri, 7 Oct 2016 17:07:53 -0700 (PDT)
Received: by mail-pf0-x235.google.com with SMTP id e6so29961594pfk.1; Fri, 07 Oct 2016 17:07:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=oliP3+9GXd4Bv7zQFR2gpkaVRurDWTRSfdqU/IUdYCM=; b=iJZk0qKW53SvF9Bg3dAZowweAed/xIk55ZD2eUkGTUX/Dz7c2yGCVqml/GumEhAbiN pccELigrwtYPgyYB+PTuBYe90Blz3cCuYaueT69qXmvUYsolKL2NaBEb4+x4NEwqqrTo NjWBNZ9B7tv/9t5MkWkOG4Xe5Du4LnBCF2If4gZWvaeGGR/R662qbYR9VkSC/tcYwE4U p1/+VzQ+IhtBfJ8QO/HMNc7R6ZbSRdMeWqVN2IX5QmXe1bNJr6ISv2dILg7Dx4KrcX8P hwXZqA+dT6JWpP1hvs8sNPE9+X0ZhvUrW0xXJtXRtQkRC1/ir/SBCxBZ/w1kHyFKU1Yw byRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=oliP3+9GXd4Bv7zQFR2gpkaVRurDWTRSfdqU/IUdYCM=; b=G10ne5GPHo5liCgDVRctRsyM9ydWP7EpHgMRd0KvwKQSY+LMVHSPZg4WA/OFL+Ue6f hk9Bx/BDOwjA7jdDI4X7utxmjAEHKv7FP76/jQ0vCoY+37vLO+2A/2iLQ9YYNySmuXVk YKhJmDgf6MWDFhU8acjpA5G3+LohCEpg74ou10M7dJgMD+4o6JhTCeT3z6ZOn5dbgA4L xXbkbNPs3f2GwoprZM+gSNmKOxEcQMiubolts6TxAy6kGgRB0LgBFQgF1wJsdU2TK1uO D1eOAFNleX4no+14yy29tV6uG8o3m7Sy+Wos7stRxmst3rodUCyA2WvaAdTDJYxo57YC u9Og==
X-Gm-Message-State: AA6/9RlVtq4l9C9LxbDfb/74EjbiEwg5Yyt9fCS64KVjRIj35CWzmG0aCXl9Md1YJQTZMQ==
X-Received: by 10.98.147.87 with SMTP id b84mr23012948pfe.173.1475885272762; Fri, 07 Oct 2016 17:07:52 -0700 (PDT)
Received: from ?IPv6:2406:e007:642f:1:28cc:dc4c:9703:6781? ([2406:e007:642f:1:28cc:dc4c:9703:6781]) by smtp.gmail.com with ESMTPSA id fg2sm17236210pad.23.2016.10.07.17.07.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 07 Oct 2016 17:07:51 -0700 (PDT)
To: stephane.litkowski@orange.com, "draft-ietf-l3sm-l3vpn-service-model.all@ietf.org" <draft-ietf-l3sm-l3vpn-service-model.all@ietf.org>, General Area Review Team <gen-art@ietf.org>, l3sm@ietf.org
References: <434b44e6-7168-81ce-beed-cc435d56e516@gmail.com> <29695_1475743607_57F60F77_29695_1285_2_9E32478DFA9976438E7A22F69B08FF921BDB44F5@OPEXCLILMA4.corporate.adroot.infra.ftgroup> <370b441b-6584-e4e3-837d-7c61cccdb4a3@gmail.com> <11008_1475826418_57F752F2_11008_4_1_9E32478DFA9976438E7A22F69B08FF921BDBB5F3@OPEXCLILMA4.corporate.adroot.infra.ftgroup>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <c0329b98-fc0a-3891-d56c-40816cde3539@gmail.com>
Date: Sat, 08 Oct 2016 13:07:59 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <11008_1475826418_57F752F2_11008_4_1_9E32478DFA9976438E7A22F69B08FF921BDBB5F3@OPEXCLILMA4.corporate.adroot.infra.ftgroup>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/JBa61ol_yiNY25xQAdHKWLmaafo>
Subject: Re: [Gen-art] Gen-ART Last Call review of draft-ietf-l3sm-l3vpn-service-model-16
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Oct 2016 00:07:56 -0000
[N.B. I have added the l3sm list but I am not subscribed] On 07/10/2016 20:46, stephane.litkowski@orange.com wrote: ... >>> 5.12.2.2. QoS profile ... > [SLI2] The current model supports classification based on generic DSCP values. Isn't it enough ? Yes, I missed that. I agree, that seems the right level for this model. However, this raises one detail. The model says: | | | | | +--rw match-flow | | | | | +--rw dscp? uint8 | | | | | +--rw tos? uint8 but tos was obsoleted when dscp was defined by RFC 2474. I don't think you should include tos. You don't mention ECN, which are the two bits from tos that are not included in dscp. Those bits are no good for flow matching because they are variable. If an operator tries to use the 8 TOS bits for flow matching but a user supports ECN, the matching will not work consistently. ... >> Also, I don't understand how you can separate this issue from Section 5.13.2. Transport constraints, where you do discuss parameters relevant to diffserv. The whole point about diffserv-intercon is to quantify and standardise the constraints at interconnections. >> [SLI] We discussed this point when we designed the model, and it was simpler to express the transport constraint at vpn level than trying to implement them per site. That's why it was decoupled. > > OK, but you still need a rich set of QoS parameters at that level, and shouldn't it be the same set? > > [SLI2] Some of them are equivalent for example low latency/jitter, some are different as for diversity. > I understand your comment, but I think we need a larger discussion on this topic and this may imply a full remodeling of this part. Let me post a thread on L3SM list. OK. ... >>> 5.2.2. Cloud access >> ... >>> If NAT is required to access to the cloud, the nat-enabled leaf MUST >>> be set to true. >> ... >> Although NAT is mentioned, I saw no support for NPTv6 (RFC6296). I also saw no mention of private or shared address space (RFC1918, RFC4193 or RFC6598). >> >> [SLI] NAT is a generic term, it only mentions that address translation is needed but does not tell what technology will be used. Nothing prevents SP to implement NPTv6. > > No, but the IETF strongly recommends against NAT66, while having specs for NAT44, NAT64 and NPTv6. > Hiding these distinctions under the buzzword "NAT" is misleading. > > [SLI2] That was done for simplification purpose, could you list the different options that you would like to see in this model ? To be honest, I'm not fully aware of all the necessary combinations, so help would be required. I think the three cases I mentioned are sufficient for a start, but (getting back to Benoit's point) we could quickly get into configuration detail. So we have NAT44 - which requires an outside ipv4-address. NAT64 (for an IPv6-only network requiring IPv4 access) - which requires an outside ipv4-address and an inside WKP (well-known ipv6-prefix). (NAT64 implies DNS64, but I don't think that is needed in the model.) NPTv6 - which requires an outside ipv6-prefix. (There are also possible NAT444 and XLAT464 cases with added complexity, but let's leave them for now.) So the three cases are different. I think you would need something like | | +--rw nat44-enabled? boolean | | +--rw customer-nat44-address? inet:ipv4-address | | +--rw nat64-enabled? boolean | | +--rw customer-nat64-address? inet:ipv4-address | | +--rw customer-nat64-wkp? inet:ipv6-prefix | | +--rw nptv6-enabled? boolean | | +--rw customer-nptv6-prefix? inet:ipv6-prefix If you go that way it needs a quick check on the BEHAVE list, where NAT expertise exists. Regards Brian
- [Gen-art] Gen-ART Last Call review of draft-ietf-… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… stephane.litkowski
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… stephane.litkowski
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Benoit Claise
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… stephane.litkowski
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Qin Wu
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Brian E Carpenter
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Qin Wu