IETF Logo Mail Archive

Re: [Idr] flowspec srv6 policy

"Henderickx, Wim (Nokia - BE/Antwerp)" <wim.henderickx@nokia.com> Wed, 30 March 2022 19:59 UTC

Return-Path: <wim.henderickx@nokia.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 960473A0BCA; Wed, 30 Mar 2022 12:59:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.288
X-Spam-Level: *
X-Spam-Status: No, score=1.288 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, MANY_SPAN_IN_TEXT=3.196, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 02d_XgMwmQzd; Wed, 30 Mar 2022 12:59:25 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2070f.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1b::70f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 927563A0806; Wed, 30 Mar 2022 12:59:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jdMHE5lxcqHRmchOa5kVxFG6dG+afxEeS2zh5P3dYI5BAECBr/+x8b7i0+DdW8Ri/g00N4SFRqUVSZyVXqplnyiv4IWeFHO8/fIcIgUjFMM4B0myjcWF1ltUqHdJBKzflx24esGEZG9Rx6vPuL1zRDoEUcVsaVtrMCibaJ29DxArRKVVf76J+MaHPJx0PsbkLdjrdB0TDKcrhPTO8qs4kuYWuZNaip5oRVwcze/4bus7CXBl2hxUT4F/PwA+MKkQRUwLtMyq4GxAnj5VN9oDapFpyIYSPX0MiCg3kJjwplvBXDYm45e08gJYBhDgVAZKrlqAmjuPBIYi/nd/vaJGqA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vc6H68X4IYvg3eYOJMmymgHoNFjfKB8NE9nDRcCMif0=; b=ZINQ1RjhBvdihdLnPxiYBqtsJalwCID2Hz/z2ETAJG7sFzhe6lzUZwoMkM4SuQseQ//aR3GGtTJ+qrD0aoJwRI3x+kbe99IluJ9PHfGWIx4rVUElm2uW4kW98UB4Pmf1ADxbMa0ap4IcKoRLHgTqmFkK/YkeY2w1DDg+OPtYMy1TFd/r8uSexXjueS/SlQyN+oMJxVpoHY1Ctk0XJzm1ZFixF+aHaOdIRctnQi0i4gHCd1YCAzf0FOhbD/hXloeTk8TBu7LKd6uBwinqNa3lnAWfBSJK/9nmJV4iLBI4l0Yfs6iJXx99kH0ljb7Yy6XIMZ2BH194tQHE/RQM0bAZXA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vc6H68X4IYvg3eYOJMmymgHoNFjfKB8NE9nDRcCMif0=; b=iX4lj5nof1+aO2CY1cbBZWlZjkuPevZmBslSwMXJeIctgyuyKK0doHfU6TYsb0w0mcjV8JdApO0gmwSPNiHS9LjTfpqnjqhbYK4TNs9o7z10tkuVH46BIDat59keeuxcf0dD3YL8Pp+Gt+3qNO3Cz/wKR1z9ysXy2oYbebnmw5I=
Received: from AM0PR07MB4497.eurprd07.prod.outlook.com (2603:10a6:208:7a::20) by AM0PR07MB4338.eurprd07.prod.outlook.com (2603:10a6:208:b3::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.8; Wed, 30 Mar 2022 19:59:21 +0000
Received: from AM0PR07MB4497.eurprd07.prod.outlook.com ([fe80::e1f8:d5b6:7acf:7db1]) by AM0PR07MB4497.eurprd07.prod.outlook.com ([fe80::e1f8:d5b6:7acf:7db1%2]) with mapi id 15.20.5123.020; Wed, 30 Mar 2022 19:59:21 +0000
From: "Henderickx, Wim (Nokia - BE/Antwerp)" <wim.henderickx@nokia.com>
To: 姜文颖 <jiangwenying@chinamobile.com>, "ketant.ietf" <ketant.ietf@gmail.com>, zhuangshunwan <zhuangshunwan@huawei.com>
CC: draft-jiang-idr-ts-f <draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org>, "idr@ietf.org" <idr@ietf.org>
Thread-Topic: [Idr] flowspec srv6 policy
Thread-Index: AQHYQ0nktv2wEHXrCEK9PlUgbjpNt6zYWSbZ
Date: Wed, 30 Mar 2022 19:59:21 +0000
Message-ID: <AM0PR07MB449757263F01AB03E104D763831F9@AM0PR07MB4497.eurprd07.prod.outlook.com>
References: <2b006242b98b088-0000c.Richmail.00009020260016086517@chinamobile.com>
In-Reply-To: <2b006242b98b088-0000c.Richmail.00009020260016086517@chinamobile.com>
Accept-Language: nl-BE, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b09aeafe-36ce-4b10-cd95-08da1287c83b
x-ms-traffictypediagnostic: AM0PR07MB4338:EE_
x-microsoft-antispam-prvs: <AM0PR07MB43385C9B8E46EF65BBA61634831F9@AM0PR07MB4338.eurprd07.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: HxHagpjxRzE4daGCYtbbXYnNVMbNDvF/H2Qb+VsELdTwoTxiiOhlgijBvin7fn5vLyDtJp1LA19fF4UOn4OlBjlo1mYubvCjoEk9P7s+U60s4t3HdN6NzhSsArKxm8JVgO573r8ndS9VV/mhFDFWpOHwH86EIXJz/XqH0qAdQuxW/BjSZ+AMXBszVIwiFttFhnVaFhIDySRrkmx3botWFSeGEucDoQh8Lev38B2x5+pqwqaIgXYzoytrldL37wItS1CokRxY0nBLi5/+TuSJWMX2sUEfFfXVhQ32iD8Kl6yOE2FuhEvG8UgIGcGb+J/ygNR1pwPN2HGn3ECCOeCbOHGq+gNBvKLYkRNSWpmYdEoHCJr4A91ltl7bqgJYs0xHKSO9pzmLj9Aw7XZrAba4qF9PIs+QHfyEEZFeAQhhgvGeRJnbpxHv7lLT7k1REM5q3vurPi9F3huHbNCXw7LyDkMU5iH/qUqsdG1+WQtV7PWTTuQP4QOj6AGvnJt2ookIYMjfbJFxAlsvnyUeeQPfoFxDktu9AT7i6GHwiGZw3m/R+3QwTjiDXxLTvril0XdEyrtVIL7xWM1upFyXcrEUwJmFDytwWp9sgO4GDJmt29Zh2Q+oRbLW9FQvXniNBM7wncqomG6SfUFW+/U3Kjp0livAnmoZuG4bY5HnS+2KFCksoZHFGCw2y6c5VPVZ8FoCQRu81qz0tg20r7tHetFv1XUfHiirGRB55tXCOeNX8gg0GuP/Cncm27VazkYA0zq8rzOqCQP9P0XDSE3sxj5/8MJdzxQ9vJ1w0qnoMhv+BLKr8Ctv1vAnotPzJT/qKL/v/TSmCDGkhTC5eFWeUbFqH1vFbPi6jHryEYtm4pcLgWuQG3JGqyXQIwUIK8h8g29/
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB4497.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(5660300002)(76116006)(71200400001)(91956017)(55016003)(38100700002)(33656002)(508600001)(8676002)(4326008)(66946007)(86362001)(66476007)(64756008)(66446008)(66556008)(52536014)(966005)(38070700005)(8936002)(26005)(316002)(166002)(186003)(83380400001)(9686003)(82960400001)(53546011)(55236004)(54906003)(6506007)(7696005)(110136005)(2906002)(122000001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ug9DtyzfNWnAAx3jMUzLaTBaiaznDJjbjtU8BwDTi1eArfhs3VnbVls+z/SzRDatVy9cNxVnZy9PrLlDHDXQ8GGbe6QKxMXsp+4AQ+FO+20bYvqjRDcIAGc/sHtdthcnES+9PCc0dgzNxBhlkfSTJ9xbI7pmI9SLhExxBXim7IzSAQMGmfvkvBf4n2qq+1xBhHNHae0TtzTfTMu4/rXZKqThmjgyNzcHRv0VK6JQJb37bAwZix4C+nefD82ylp78dGwIEwhWQfN+Yto7Gr3ZiubO72scYw4zdzh/moy27klEDuph3o6dhf4NUgHKTn/pFm6w4kRy3dUaQiVXwmd7lCLa25qB4OEmDVHdPIiamcPaV3tl4xc0W7/5gQgmfw/rGheQq6nOGVkhQuqxz8ylQqGJjx1rWOOdN7BUpGwRKaZgdNOo6NNciJ0g7CBVS8oGNcSwrvjN/oMeta0ivabT0OKbP7o/cT7QAuQgrURZP335T2vCo3XWDQxIAJYpMSUJwYLR1chtnWeYQ2bSkhYDFF9t9GpZjWfihcveKIrOKIdGdNDxCIN0aOCSRXune45tql5CPaOHnk0CW8r9q9zCST3k5tQ0C48R866jge+XNXBArfFnSp1UR2xF7sj5Ujn3TkGbaa/K+qqPcOW15uSB+ShBXohZ4q5un8LYfFXOJV98t1BjMlPJw3Ob+NnlTgewogIlV4FhaQkjt5XIk/m9mkOXT4WZ8nDwUZcpkzx8x53ZzFDrEzrGp1A5p/sioQxt9oDSeV7L2tPyNBEiTNPB0Kfm/5h46THI06rnkYGcroMwwMF1nll9iSw70w+dZgv5TUttLRpeBz3GeOKH81WXA3jc2E519jATRH2Vpw1JMDZAMv/zwQZppMHabvNnaAplS3374Vyw6raRGT0NB02yviObpHwaoqSBuD96oYKeniUfXB37Qx4cU5NzsxskQIkdQ553dpAn3uhk8eMeItRs/LIej6oDkYDJgzQ0MRteT2wb6R9XJBS1ISUn25hFNT6bwySBIk5mQ1CSky/vWfA6Y5HorhJvTrRs5gulpSAzpzzvRS7P2vZM2qrrUIkD6Zt//cHUBBu6Fww/q9aZBYqMFCupXj5yzyZOwLRsz7gPJIqeSlkwSB0tKsXXGaUzM4zKOXF70l7JvbSCakg9mgLIHzs194g4QmlRmPyxvJOvft/sgWC5qPE3Lezg9uXfZMv66DFIYkH9B20qOPKoswSRG8tBh1bfLwhTwWGgQj7iPZy3FLRqgHbDu77jmyXCgItvO47MBGEPPatMtpJ7HF2pLXb8ojXckm+M4pmYKyfOg4n4OnJJMNhJA4rIBTH5sZEMUsL60cJvIjoVNYInO39tSp97RKqyAUXZ1OCtlhFKQWzQj5MPbuQEcFOI+mYHnB7Z/0NEPufst3fIlX7DLae3weAoUur6bXO0o+0BUjd1AYVoNXrpvRHxExmMxYlQ7gaCadWs0R0H1ntZZCWwXSx+TiNikZFik1NV/WGr8IOaJ6YIZyiX6M5W1lzQQ5rhJCawK6CKp78gBOPnRxEQPGbdClVIJ6vCWbrvzGjl7uWEMzbail37YUp1OfnLQPWpIPsiWyy0m5Yu3wILSu6e3YQT7VZQtWAPuTSczlbyN3catAJEp6v7pJjCZfnJ1foZba1GDKkIxdzDbU9w+oMOYqTJphPRipvo7Yvc+0torjCvVqnXAaXhpL/lK7DiPCNu/tH+KCshgbIwyy1JDjZe8GHGiwPsAcIfdpR4M0JRPaHaGJdMeYd3JE+Uvt6CdMtYY8n0
Content-Type: multipart/alternative; boundary="_000_AM0PR07MB449757263F01AB03E104D763831F9AM0PR07MB4497eurp_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR07MB4497.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b09aeafe-36ce-4b10-cd95-08da1287c83b
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Mar 2022 19:59:21.4343 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: aNPydbEyZcFECroiqXur5oJJNIanIFSq2s6rRDh9xbYeYwCkiFVrM2KgIsK260wOovip4k2uQkR6RfugUH3658q9mrKBA8bzlHKRQ4YFweY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB4338
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/DnU6iY8hOIHIOGvXmZ_YNtxbHrQ>
Subject: Re: [Idr] flowspec srv6 policy
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Mar 2022 19:59:31 -0000

Thx for the info. It seems some people already added the SRV6 elements to the flow spec indirection-id

https://datatracker.ietf.org/doc/draft-ietf0-idr-srv6-flowspec-path-redirect/


From: Idr <idr-bounces@ietf.org> on behalf of 姜文颖 <jiangwenying@chinamobile.com>
Date: Tuesday, 29 March 2022 at 10:49
To: ketant.ietf <ketant.ietf@gmail.com>, zhuangshunwan <zhuangshunwan@huawei.com>
Cc: draft-jiang-idr-ts-f <draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org>, idr@ietf.org <idr@ietf.org>
Subject: Re: [Idr] flowspec srv6 policy

Hi,Thanks for your comments.

I'm the co-author of the draft, which is rather than improving on the existing draft-ietf-idr-flowspec-path-redirect, here are some our consideration.

1.  The 【draft-ietf-idr-flowspec-path-redirect】 defines a new transitive BGP extended community. The existing network must be upgraded to support the new sub-TLV.
The draft-jiang is based on the 【draft-ietf-idr-segment-routing-te-policy】 definition and is an application instance under Flowspec. That is, FlowSpec routes are steer to SRv6-Policy based on (Redirect-IP, Color EC) as (N, C). No new TLV introduction, consistent with the existing network device implementation mechanism



2.  The 【draft-ietf-idr-flowspec-path-redirect】define ID-type 0 or 5,But there is no these IDs for SRv6-Policy,and the length of Generalized indirection_id field is only 32-bit and cannot hold a SRv6-Policy BSID,Therefore,user must assign a new 32-bit indirection_id to SRv6-Policy. In addition, this indirection_id is a global ID of multiple objects on one device, such as SR-Policy and SRv6-Policy, etc. ,  which complicates planning and deployment.
Also, since the current SRv6-Policy does not have such an ID,the SRv6-Policy needs to be extended to support such an ID configuration, which increases the complexity of the implementation and does not take advantage of the deployed SRv6 Policy on the existing network.
Draft-jiang fully complies with the SRv6 Policy standard, identifying an SRv6 Policy by the <color,endpoint> tuple, which makes good use of the existing deployed SRv6 Policy and requiring essentially no additional extensions, making it very simple to implement.



BR
Wenying Jiang


----邮件原文----
发件人:Ketan Talaulikar  <ketant.ietf@gmail.com>
收件人:Zhuangshunwan  <zhuangshunwan=40huawei.com@dmarc.ietf.org>
抄 送: "draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org" <draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org>,"idr@ietf.org" <idr@ietf.org>
发送时间:2022-03-25 18:44:42
主题:Re: [Idr] flowspec srv6 policy
Hi Shunwan,

It would be good to reference prior work and clarify the challenges with it that require the introduction of a new mechanism. Just a suggestion.

Thanks,
Ketan


On Fri, Mar 25, 2022 at 3:35 PM Zhuangshunwan <zhuangshunwan=40huawei.com@dmarc.ietf.org<mailto:40huawei.com@dmarc.ietf.org>> wrote:

Hi Wim,

Some forks from Nokia Shanghai Bell had also joined the discussion organized by China Mobile. Yes, they had mentioned draft-ietf-idr-flowspec-path-redirect.

In those joint discussions, we all agreed that these were 2 non-conflicting drafts.

Thanks,
Shunwan


From: Henderickx, Wim (Nokia - BE/Antwerp) [mailto:wim.henderickx@nokia.com<mailto:wim.henderickx@nokia.com>]
Sent: Friday, March 25, 2022 5:59 PM
To: Wanghaibo (Rainsword) <rainsword.wang@huawei.com<mailto:rainsword.wang@huawei.com>>; draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org<mailto:draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org>; idr@ietf.org<mailto:idr@ietf.org>
Subject: Re: flowspec srv6 policy

Thx for the response. My point is it is better to extend an existing implementation rather than trying to define something new. As such my comment is mainly to look  at the proposal I mentioned and augment it with the capabilities you wanted to add.

From: Wanghaibo (Rainsword) <rainsword.wang@huawei.com<mailto:rainsword.wang@huawei.com>>
Date: Friday, 25 March 2022 at 10:52
To: Henderickx, Wim (Nokia - BE/Antwerp) <wim.henderickx@nokia.com<mailto:wim.henderickx@nokia.com>>, draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org<mailto:draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org> <draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org<mailto:draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org>>, idr@ietf.org<mailto:idr@ietf.org> <idr@ietf.org<mailto:idr@ietf.org>>
Subject: RE: flowspec srv6 policy
Hi Henderickx,

The two drafts are used to resolve similar scenario, but with different solution.
Document draft-ietf-idr-flowspec-path-redirect defined a path redirect method.
But for SRv6 Policy , only ID-type 0 or 5 may be suitable. But there is no these IDs for SRv6-Policy.
So the operator must assign a new ID for SRv6-Policy and set to exist SRv6-Policy. This is not intuitive.

Document draft-jiang-idr-ts-flowspec-srv6-policy introduce a combination: redirect-ip EC+ Color EC,
Then use it as (N,C) to recursive SRv6-Policy, it can reuse most exists implementations and is easy for operate.

Regards,
Haibo

From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Henderickx, Wim (Nokia - BE/Antwerp)
Sent: Friday, March 25, 2022 5:26 PM
To: draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org<mailto:draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org>; idr@ietf.org<mailto:idr@ietf.org>
Subject: [Idr] flowspec srv6 policy

Regarding draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org<mailto:draft-jiang-idr-ts-flowspec-srv6-policy@ietf.org>

Have people looked at the following draft which does something similar

https://datatracker.ietf.org/doc/html/draft-ietf-idr-flowspec-path-redirect
_______________________________________________
Idr mailing list
Idr@ietf.org<mailto:Idr@ietf.org>
https://www.ietf.org/mailman/listinfo/idr

v2.23.0 | Report a Bug | By Email