Re: [Idr] locator length : draft-li-idr-flowspec-srv6
Gyan Mishra <hayabusagsm@gmail.com> Mon, 15 March 2021 23:49 UTC
Return-Path: <hayabusagsm@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A617A3A133E for <idr@ietfa.amsl.com>; Mon, 15 Mar 2021 16:49:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.987
X-Spam-Level:
X-Spam-Status: No, score=-1.987 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wjN2krH9SGe2 for <idr@ietfa.amsl.com>; Mon, 15 Mar 2021 16:49:55 -0700 (PDT)
Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D86CD3A133F for <idr@ietf.org>; Mon, 15 Mar 2021 16:49:55 -0700 (PDT)
Received: by mail-pf1-x432.google.com with SMTP id d21so1551195pfn.1 for <idr@ietf.org>; Mon, 15 Mar 2021 16:49:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=IBSF703DS9xV+uBx1iPfCKOOQtN6D0r38JkraAWSztg=; b=eCemMZ6tRiBTWbPc8//XHuOd5Yir8zO/w1SSBEz0sxDhlYdty47n6IZavbUK202Jwg elF0H9kx6P/YiIDH8dtk3UbQqi/xSyQncs4HsNnR9t+T2vnAj/tPFBG7pHd/RfNYFPt3 PrjiFqVMkEnXrPeAsNtHRj2yVBdAVdfhRtGjeTyuCt3hUuDV9aAMJw1yMUTGNQoLRKwi 2rgvEDkNHxD0RxiIgPk92QQOspLMFs0DkAOxbjUwp7ie+PzgA1HotCYc6+IkFOvcCwcr btZ+qfTjodVlsla0lN+bwOaqBVyo0a5z6RUe2eMB7O/HOFTWU/ddvjr7jw7yOpFQjBlN zlvA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=IBSF703DS9xV+uBx1iPfCKOOQtN6D0r38JkraAWSztg=; b=iQ6rOa2/oNOQ9CW89ACgokZeywhwviWFeHXhpCuuP4uVNQkT9p4TvC21FoVAO1w+X0 xDrd72mCCBaM8+1tC0xYdosPaJEW4Nbl0cKMFPYVwVnzIjYawWi5HbvKZRS5qTF0ypVZ cDgVu1IlM77TggykJsrxTJh67IEAKdBgTT6o5o46Ov+t4iCAl1lC/4wGXELtejU+N+TA QpPF4skK9WTwr/gdAPeQzEw+3H0ZB1M86UEtZJh07g30BMK/Ej11ydbLMV2uh9Gmx3c7 4sG3VDUw8ubXFsAEv/WHAiBCLPO3FmdaFvMVGQCzF2JOYDeGa74FVzdBDd/yv7i6UsR7 WJGA==
X-Gm-Message-State: AOAM531xDAKlH5frr+M98PWI2st+puwIva9Z5p0g18/IOuM4lsU1eRnP HoMs/NWXNoz1OUvnyfokB4MdNtzJ/X5nt1rCwLU=
X-Google-Smtp-Source: ABdhPJzyCDbxSFXqatvvjw9LKwQ6RJ4+W42Q7mxVClBSFegq4PAJOigbp5wzwcc75uzxfKezlgfmWw7U+lv3wED9qWg=
X-Received: by 2002:aa7:9205:0:b029:1ec:8eab:7ca3 with SMTP id 5-20020aa792050000b02901ec8eab7ca3mr12591390pfo.20.1615852194031; Mon, 15 Mar 2021 16:49:54 -0700 (PDT)
MIME-Version: 1.0
References: <MN2PR13MB40876899246382264C393D06F26F9@MN2PR13MB4087.namprd13.prod.outlook.com> <89430d8e-58c1-7854-27a5-b01a4cf9c43f@joelhalpern.com> <MN2PR13MB4087266ED6ECE72F5F281E86F26F9@MN2PR13MB4087.namprd13.prod.outlook.com> <41feb923-eeba-d7db-a048-1b335bf8f92b@joelhalpern.com> <MN2PR13MB40874FC93A03CCDE2A012ECBF26F9@MN2PR13MB4087.namprd13.prod.outlook.com> <ad81e08a-09ab-ef9a-3295-ab3cf58b740d@joelhalpern.com> <CABNhwV3PR_u2jG6Eo2uRwK0XRSemZJ006RdeuGG6_jyJnaZoAg@mail.gmail.com> <MN2PR13MB408793C3C9D5398C13BA0DDAF26C9@MN2PR13MB4087.namprd13.prod.outlook.com>
In-Reply-To: <MN2PR13MB408793C3C9D5398C13BA0DDAF26C9@MN2PR13MB4087.namprd13.prod.outlook.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Mon, 15 Mar 2021 19:49:43 -0400
Message-ID: <CABNhwV1JwHv3pFczOTCb71t5dUbKnWfspF1zjNG6RdKOJB_9hg@mail.gmail.com>
To: Huaimo Chen <huaimo.chen@futurewei.com>
Cc: "Joel M. Halpern" <jmh@joelhalpern.com>, "idr@ietf.org" <idr@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000008eb8205bd9be8d5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/WZPpwv_IaQWktFyQXsUqon3qVzc>
Subject: Re: [Idr] locator length : draft-li-idr-flowspec-srv6
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Mar 2021 23:49:59 -0000
Hi Huaimo I think it makes sense gt lt apply to function of SRV6 SID. Kind Regards Gyan On Mon, Mar 15, 2021 at 11:00 AM Huaimo Chen <huaimo.chen@futurewei.com> wrote: > Hi Gyan, > > Thank you very much for your comments. > > RFC 8956 defines (Type 13) Flow Label component containing a list of > {numeric_op, value} pairs that are used to match the 20-bit Flow Label. > The operations on the label can be lt (less than) and gt (greater than). > > As you mentioned in your comments, MPLS VPN labels are encoded into > the func/arg of SRv6 SID. In this case, it seems that the operations > lt and gt on func/arg are the operations on label. Applying operations > lt and gt on func/arg (i.e., label) makes sense. > > Best Regards, > Huaimo > > ------------------------------ > *From:* Gyan Mishra <hayabusagsm@gmail.com> > *Sent:* Saturday, March 13, 2021 1:27 AM > *To:* Joel M. Halpern <jmh@joelhalpern.com> > *Cc:* Huaimo Chen <huaimo.chen@futurewei.com>; idr@ietf.org <idr@ietf.org> > *Subject:* Re: [Idr] locator length : draft-li-idr-flowspec-srv6 > > Huaimo > > With SRv6 BGP Service overlay the egress PE signals the SRv6 Service SID > in SRv6 service TLV encoded in BGP prefix SID attribute with BGP overlay > service route for SRv6-BE /no SRH or egress PE colors overlay service route > with BGP color community for SRv6-TE w/ SRH. The SRv6 source node > encapsulates the PE-CE customer payload in outer “MPLS topmost transport > label like” IPv6 header where the destination address is the SRv6 Service > SID provided by the egress PE. > > The SRv6 L2 L3 VPN Services TLV is encoded in the BGP prefix SID attribute > identical to MPLS VPN service label and thus the VPN label is now encoded > into the func/arg SRv6 SID signaled by the egress PE and is fixed > throughout the closed SR domain. > > SRv6 BGP Service overlay > > https://tools.ietf.org/html/draft-ietf-bess-srv6-services-05 > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-bess-srv6-services-05&data=04%7C01%7Chuaimo.chen%40futurewei.com%7Cf35805d2e8784e5a795108d8e5e9251a%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637512136823894640%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=cIFl1GwBr%2FkLm7j%2BI5XR8CuCwPkhcZEzsK8B8S8291Q%3D&reserved=0> > > As SRv6 is reusing the IPv6 data plane with same L3 VPN overlay RFC 4364, > I don’t think any of the processes would change to carry BGP flow spec RFC > 8955, as the BGP vpn overlay layer remains unchanged. > > We are just swapping the underlay change from MPLS to IPv6 data plane. > > > Kind Regards > > Gyan > > On Fri, Mar 12, 2021 at 3:29 PM Joel M. Halpern <jmh@joelhalpern.com> > wrote: > > I have to disagree with your basic premise. At least for LOC and FUNC > bits, less than and greater than are NOT meaningful comparisons. > > Even for ARG bits, the only defined usage for the bits is such that > comparisons other than equal to / not equal to are meaningless. > > Yours, > Joel > > On 3/12/2021 3:19 PM, Huaimo Chen wrote: > > Hi Joel, > > > > Thanks much for your further comment. > > > > It seems that using loc, func and args in SID is simpler than using > > address prefix of SID for SRv6 flow specification. For matching/filtering > > on an IP destination address prefix, it seems that there is just bitwise > > pattern matching. For matching/filtering on a SID (loc, func and args in > > SID), > > there are a few operators such as eq, lt and gt (and combinations of > them). > > > > For flow specification(s) to match a range of functions such as > > from function value F1 to F1+1, to F1+n (where n > 1) in SID, > > using IP address prefix seems need (n+1) flow specifications, each of > > which is for one function value and would have two (type 1) components: > > one component for matching the locator and the other for matching the > > function value. Using loc and func in SID needs just one flow > specification > > having one (type TBD) component with three <op, value> pairs. The first > pair > > is for matching the locator and the other two for the range. > > > > Best Regards, > > Huaimo > > > > ------------------------------------------------------------------------ > > *From:* Joel Halpern Direct <jmh.direct@joelhalpern.com> > > *Sent:* Friday, March 12, 2021 11:49 AM > > *To:* Huaimo Chen <huaimo.chen@futurewei.com> > > *Cc:* idr@ietf.org <idr@ietf.org>; Lizhenbin <lizhenbin@huawei.com> > > *Subject:* Re: locator length : draft-li-idr-flowspec-srv6 > > Given that you have to check loc before func and check loc and func > > before arg, it would seem simpler to just use an address prefix. Gets > > around all of the knowledge problems. > > > > Note that a UI for creating flowspec filters can allow the user to > > specify it in all sorts of ways. that does not mean we need to put all > > of them in the protocol when they are equivalent. > > > > Yours, > > Joel > > > > On 3/12/2021 11:44 AM, Huaimo Chen wrote: > >> Hi Joel, > >> > >> Thanks much for your further comment. > >> > >> Just checking the FUNC bits should be limited. We will add some > >> text to state that in order to check the FUNC bits, the LOC needs to > >> be examined and matched first. > >> > >> Best Regards, > >> Huaimo > >> > >> ------------------------------------------------------------------------ > >> *From:* Joel Halpern Direct <jmh.direct@joelhalpern.com> > >> *Sent:* Friday, March 12, 2021 9:58 AM > >> *To:* Huaimo Chen <huaimo.chen@futurewei.com>; Joel M. Halpern > >> <jmh@joelhalpern.com> > >> *Cc:* idr@ietf.org <idr@ietf.org>; Lizhenbin <lizhenbin@huawei.com> > >> *Subject:* Re: locator length : draft-li-idr-flowspec-srv6 > >> An operator can assign B::/48 and C::?46 for Locators. Sure, it would > >> usually be a single prefix with a single length. But that is not > required. > >> > >> When one is examining the LOC, sure, you can use the value length to > >> handle it. > >> But the way the mechanism is described, one could try to check just the > >> FUNC bits, without matching the LOC. > >> First, that has the problem of needing exogenous information about the > >> LOC length. > >> > >> And it is actually worse than that. Testing the FUNC bits of the > >> destination field of an IP packet without checking the LOC bits is > >> actually meaningless. You don't even know if the DA is an SRv6 SID. > >> > >> An yet further, there is no requirement that the encoding of the FUNC in > >> different SIDs uses the same value representation. The standardized > >> values are for advertising in routing protocols, not for the packets. > >> > >> Net: I don't think having the field identification works. > >> > >> Yours, > >> Joel > >> > >> On 3/12/2021 9:51 AM, Huaimo Chen wrote: > >>> Hi Joel, > >>> > >>> Thank you very much for your comment during the IETF 110. > >>> > >>> Regarding to the lengths of locator(LOC)s and function(FUNCT)s in > >>> SIDs, > >>> RFC8986 says that the locator length, is flexible, and an operator is > free > >>> to use the locator length of their choice. This seems indicating that > the > >>> operator can select the length for the locator. After their selection, > the > >>> the locator length is determined/fixed. This is illustrated by examples > >>> in RFC8986. > >>> > >>> One example in the beginning of section 3.2 is as follows: > >>> For example, a network operator may: > >>> Assign block B::/48 to the SR domain > >>> Assign a unique B:N::/64 block to each SRv6-enabled node in > >>> the domain. > >>> After this assignment, the length of the locators of the SIDs in the > domain > >>> is 64 bits. > >>> > >>> In the end of section 3.2, the text shows the Function fields of > SIDs. > >>> The length of function(FUNCT)s is 16 bits. > >>> > >>> When a SID is used in the domain, its locator length and function > >>> length > >>> should have been determined. > >>> > >>> When an operator configures a SRv6 flow specification, involving > >>> a SID or a group of SIDs, s/he should have known the locator length and > >>> function length in the SID(s). > >>> > >>> Best Regards, > >>> Huaimo > > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr > <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fidr&data=04%7C01%7Chuaimo.chen%40futurewei.com%7Cf35805d2e8784e5a795108d8e5e9251a%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637512136823904595%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=308PkYLf8wfcS9h%2BK07PUSuNMZuD%2B%2F877Xxxbo4hSDk%3D&reserved=0> > > -- > > > <https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.verizon.com%2F&data=04%7C01%7Chuaimo.chen%40futurewei.com%7Cf35805d2e8784e5a795108d8e5e9251a%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637512136823904595%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Gqfjp5KslpJZe%2FM1vfBPfXeX81XslNzamG5SHfrDogQ%3D&reserved=0> > > *Gyan Mishra* > > *Network Solutions A**rchitect * > > > > *M 301 502-1347 13101 Columbia Pike > <https://www.google.com/maps/search/13101+Columbia+Pike?entry=gmail&source=g> > *Silver Spring, MD > > -- <http://www.verizon.com/> *Gyan Mishra* *Network Solutions A**rchitect * *M 301 502-134713101 Columbia Pike *Silver Spring, MD
- [Idr] locator length : draft-li-idr-flowspec-srv6 Huaimo Chen
- Re: [Idr] locator length : draft-li-idr-flowspec-… Joel Halpern Direct
- Re: [Idr] locator length : draft-li-idr-flowspec-… Huaimo Chen
- Re: [Idr] locator length : draft-li-idr-flowspec-… Joel Halpern Direct
- Re: [Idr] locator length : draft-li-idr-flowspec-… Huaimo Chen
- Re: [Idr] locator length : draft-li-idr-flowspec-… Joel M. Halpern
- Re: [Idr] locator length : draft-li-idr-flowspec-… Gyan Mishra
- Re: [Idr] locator length : draft-li-idr-flowspec-… Huaimo Chen
- Re: [Idr] locator length : draft-li-idr-flowspec-… Joel M. Halpern
- Re: [Idr] locator length : draft-li-idr-flowspec-… Huaimo Chen
- Re: [Idr] locator length : draft-li-idr-flowspec-… Joel Halpern Direct
- Re: [Idr] locator length : draft-li-idr-flowspec-… Gyan Mishra
- Re: [Idr] locator length : draft-li-idr-flowspec-… Joel M. Halpern
- Re: [Idr] locator length : draft-li-idr-flowspec-… Gyan Mishra
- Re: [Idr] locator length : draft-li-idr-flowspec-… Gyan Mishra