Re: [Idr] Magnus Westerlund's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS)

Magnus Westerlund <magnus.westerlund@ericsson.com> Mon, 07 December 2020 13:38 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 943B93A13A3; Mon, 7 Dec 2020 05:38:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T_MdXJksdS9O; Mon, 7 Dec 2020 05:38:36 -0800 (PST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150051.outbound.protection.outlook.com [40.107.15.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C4873A139B; Mon, 7 Dec 2020 05:38:35 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aR77W8N6X+Kd+5na4Oopfw07TM0aRo9Rn7B6RT6QBq3GA9zc4VTcUwPrgMWqn7EAUlqmGDvza2GIwBBR3CKrHbsZeBomVpICJlXESWqPrxFN87USEftIDW9AD6hVqtej+MUxyFyDjLZnYSe+5DW+AhAnyNRCFx7qu6Rv27UZDBae0l/o4LEuYTc+y1IlWA6XQNKRBkwc9ESkmcQp9MpulfLhEQFTCm7nSZUB1O9Nhnm+viSfJYVEXZ3qOQcGhshcCfkourmsH9RD2c8PFwy+7Ecx20eIgeEh6TX15xSEAVZEAQ+uY4pU7r7RBWBou32490PQ4GZuqQqAf+8WbsDUyw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DmrigDUWg+FD9cs+eQhmCNqHzbmkMSPFOBDrzow1mtw=; b=JcAPAxkiKAW8wrJHfbhwdfEimx/zCsP/8QQyw+VnQR/HUEUvuHzj1DTHHLvDBiQLNCEdfMF+VIg+L2zCYYm+2oPjv4kCVOOQjp4uhBKNZY3SypKIgEV4Uga4TJnDcRWqNxtxiPI8BCabtYVOKsoGm7tLYJ/eTtAJPGfv/uQj031nQEyHSACXlAu8jyUgz0hMay6Q6waDWbe/AzM76P7xYSYYKxzlHjao24e53bqk/NFKw0b+QtvDWirWOQA015LRDVU586+6FRD2wpWF4HMLFOfbU25Gxs+iXl2TolAoKQUbfl/bRcUXHjeG5fsFTZGaVVOqP3ZMreqqlnby9x1qQQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DmrigDUWg+FD9cs+eQhmCNqHzbmkMSPFOBDrzow1mtw=; b=Khqxzu/z87bM5dG190FGz7swHlCP05e77J1O46cl3+bCSokWqBlHUvHdC1UQjD+dwoAUAODA8ZBppEX8koapgYz541r6H/hmKbKA6W3AbaKzqpENrqA7P76knT/dOb32uvQm1279sDW62gvXLF0ruqNbb8dh3eNpyh7oElDPkt4=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0701MB2891.eurprd07.prod.outlook.com (2603:10a6:3:4b::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.10; Mon, 7 Dec 2020 13:38:33 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::8cd:496:65de:4ace]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::8cd:496:65de:4ace%7]) with mapi id 15.20.3654.010; Mon, 7 Dec 2020 13:38:33 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "jgs@juniper.net" <jgs@juniper.net>
CC: "idr@ietf.org" <idr@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, "draft-ietf-idr-tunnel-encaps@ietf.org" <draft-ietf-idr-tunnel-encaps@ietf.org>, "shares@ndzh.com" <shares@ndzh.com>, "aretana.ietf@gmail.com" <aretana.ietf@gmail.com>
Thread-Topic: Magnus Westerlund's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS)
Thread-Index: AQHWyWJuKQHhG1Wgvky8fhmmmVxer6nl5pQAgADbRQCAAKZGgIAEQeGA
Date: Mon, 7 Dec 2020 13:38:33 +0000
Message-ID: <8ea80e273da05fd44da75d9f092e9af9c63ea12b.camel@ericsson.com>
References: <160699274176.32616.2646384288138693459@ietfa.amsl.com> <011B5202-4AA9-413F-B16C-C8BF9E43A0CA@juniper.net> <ad54d8b05747127c593aab0337f1496e4ee25dbd.camel@ericsson.com> <EA46DF01-A4C4-4E9E-883F-14C397F796DE@juniper.net>
In-Reply-To: <EA46DF01-A4C4-4E9E-883F-14C397F796DE@juniper.net>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: juniper.net; dkim=none (message not signed) header.d=none;juniper.net; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [158.174.130.243]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 454c6450-bada-4a39-624a-08d89ab56427
x-ms-traffictypediagnostic: HE1PR0701MB2891:
x-microsoft-antispam-prvs: <HE1PR0701MB289105C876B833DAD126E77995CE0@HE1PR0701MB2891.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 721ALX/EifFY5QtDZOqdD4LVFJDHeV+DZo4yZCLxle44q2sikXIXP+SC5iwQSiPwLbaT+miPUoqLaZ2KqE6k8zsDFvrQ8QL/6khUVEKa7inmIEMQjkzbWSyMSVegCr5H9AQOqSSbid2jN/bt2ca71AnVRNLyq42GcYwgAGWAj3At743fX7kyDiJHKQ9ORs9mKTQ53AYU/0WudZ4wvmMsVJ0Wdu+OSCbltazaL9iHYC2vOOQt5ab/2XOaynCclTjYdFlxE/Jx4aj891N8j2YgvBSX8FQlWvw2kb5cAJhBoS7jmdHZdZWog/MC5aaD+0Gd9/fV6ef6B+pUNiasyQ35/ei2A1UGL8MO/jPVel+gEx4Jnz67979qyYv5RNdS3E88
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39860400002)(366004)(136003)(376002)(396003)(346002)(71200400001)(36756003)(8936002)(99936003)(316002)(6512007)(4326008)(86362001)(6916009)(54906003)(2906002)(186003)(26005)(8676002)(53546011)(6506007)(76116006)(64756008)(66476007)(66616009)(66446008)(66946007)(66556008)(5660300002)(44832011)(2616005)(478600001)(83380400001)(6486002)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?utf-8?B?ZGtDTVJNT2MxSkJsTVhlVGU4ckc0aXRUYS9iL2dvMXIxY3pHNFVzb0hBUlEy?= =?utf-8?B?ZEl0THlpMDRXUHdJenh5eWNIWEdNUTB2T1hXZ3U2cmdFN2FKZE02SVJ6b0Uz?= =?utf-8?B?NldqODJNSXdpVVUwZ1lQNWFNQ25CTUNLbkRWODc2RS9HbEMzTU9xRUlGc25V?= =?utf-8?B?dVg1QURhbnhSRUc2aWpFVnU2T3ovWHhjWndleGlrYWUxS1RvNjJrRjBCL3V1?= =?utf-8?B?Vy9xbGZwS2lNMVVyZUJsZUhmY1pmb21uc1B5eGN2VzYxczVIbVdyK2c5eGZO?= =?utf-8?B?ZGtHNldpZ2lneEtUaVVQcFJ5YnY4Sm4xZWg0YjhlQXgxRS9QckFqQzFNZ1Vn?= =?utf-8?B?ZTY0cFZyeFZnUUt3akJMVkZxRlF4SXZXTmw4dlA1bzB5WVdwUS9ZQzhHSE9U?= =?utf-8?B?T3B5TWY5QWxNZUduRXlHUnJtZ3pEaTJoeVgrZDE1RGtzQVFSOUtkc0M1N21R?= =?utf-8?B?SG1paWVoSmRSWEVaVjBWSVdSUzFEN3pIejlsUjUrREhPSDNiRXZwbzV4S0dp?= =?utf-8?B?OW81Qkd4RnlzbzlNaWpRWUdVSElTOEVpZHE1RXNnWjRzT0dnZ3FteVNSTkYz?= =?utf-8?B?OXZ0TUF4VlRtUHFjMDBTRm05NmtJVlp0cnVXSnBBS2orS3luSDRQcTltZjlm?= =?utf-8?B?UldDQTlZNXB2TVZTTUYxMnBCR2xuUGpTKzIyZ2VzSDBmY3RxVUZEUkFLMWpl?= =?utf-8?B?L2FkcnVLUWsxSzFJcGI0RC9MR3N0RUdvd0NyZVlJUUlNSEw2OHJqb2lRU1d2?= =?utf-8?B?cFArb1RyL3ErU1cwYTgyc0lOYUZHQlYxbWtoMFpoT2p4ZEJwRTRjNEk4cmcy?= =?utf-8?B?Y1k5bG82UDJxUm14TXNmVUZNRkR2WWFXWVpYeVNwUTBWUUtXcWF2dUU5NVJy?= =?utf-8?B?OTRITVdYUHpqakJYRDBEZi9QUnFsL3Z3K1NXYkRuWTV4bkNFa2RJZnc3NG52?= =?utf-8?B?enR4eTlTYTNpbkJqcTRxdUdGeXpZVmkwOXJtUmdyVk5NT1dXRUJjeGVFL1Fi?= =?utf-8?B?ell1bzREOCtCRlRuOUgvY21WenhoMEJWQ1Z2MGxDbVl0NUpQTEExYzZJanM1?= =?utf-8?B?cG4wUW5PdVhwUEt6b0NoQlBzQmpzcURkd2IvdExYNFU0aktlQWJJTXMzYXFG?= =?utf-8?B?Z0wxcjZWVDhDOGtvK3NwNmx6bU85clFXZkxneWd0OHZmRExZYXRaQ1ZiTmor?= =?utf-8?B?MmwvR1B4ZklLNkhVdXFqVDRraDEzTEdha0NaNWYvR2ZtZjM5eUxSMk4rVFpx?= =?utf-8?B?TllCci80SUtuL0pIMWJrd1MyM1R3VVEwVytqbGdtRmxaUkZSSjBtdll1bXJh?= =?utf-8?Q?Qf/jCTw6MG/tomG9aSDfh2NYbLyFtQP0r7?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/x-pkcs7-signature"; boundary="=-MLPWjEcpiV6awS35I1md"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 454c6450-bada-4a39-624a-08d89ab56427
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Dec 2020 13:38:33.1676 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZrDhhf6cUGGAJU27toIC0DxgU+qFaMn+YJow3UBkPnEGWXUF01gDbXaUFg5FuSZsoYurfhfnIWKI8SPiR+7God/Hb6nEzpPaPBTxw2OU/cI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2891
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/ac7oEDok5DPwA-ugWgA3AZWDAKI>
Subject: Re: [Idr] Magnus Westerlund's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2020 13:38:39 -0000

On Fri, 2020-12-04 at 20:38 +0000, John Scudder wrote:
> Hi Magnus,
> 
> For now I’d like to talk just about your zero-checksum point (quoted below but
> I’ll top-post my comments). It seems to me that the expected deployment model
> for tunnel-encaps, detailed in Section 11 and further strengthened after my
> discussion with Roman, exactly corresponds with "single administrative
> control” or "closely cooperating network administrations”. Here’s the Section
> 11 text from the current candidate version 21, after the modification:
> 
>    The Tunnel Encapsulation attribute is defined as a transitive
>    attribute, so that it may be passed along by BGP speakers that do not
>    recognize it.  However the Tunnel Encapsulation attribute MUST be
>    used only within a well-defined scope, for example, within a set of
>    Autonomous Systems that belong to a single administrative entity.
> 
> Whether it would be nice to add a “should we use UDP checksums or not” sub-TLV 
> anyway, as an additional bell and whistle, is up for discussion. But I don’t
> think it’s mandated by RFC 7510.

The above text clarifies the scope of this document. I think there are ways of
avoiding a TLV for RFC 7510 usages, however, I think that this is in fact
through documenting the assumption in regards to this protocol usage. 

My point is that this document do need per tunnel protocol sections where these
aspect can be considered in this context of this tunnel configuration mechanism.
I am a bit uncertain in my understanding about how this BGP attribute is used.
However, it looks to me that a decapsulator will basically tell those other
entities in the other AS that it cooperates with that you can establish a tunnel
to the decapsulator in relation to a set of routes. However, if that is the
correct understanding then a number of assumptions are made. I think in the
context of RFC7510 you are assuming that zero-checksum is either MAY or MUST be
used for this to work. If it is the later then you also put a requirement on the
receiver of these attributes to not establish a tunnel if it thinks the
requirements in RFC7510 for zero-checksum is not met. 

To conclude I don't think you get away from discussing these aspects in the
document. However, it can be so that there exist no need for defining additional
sub-tlvs for the aspects I brought up. But, I think the document needs to go in
either of two directions here. The first is to be specific on combinations of
tunnel and outer encapsualtion and document the assumptions about capabilities
and requirements on the network deployment to use these zero-checksum as well as
ECN field processing. The other direction is to make this into a framework, but
then you are going to have to discuss these matters in the abstract and likely
need to have signalling indicate what the egress will do in regards. 

From my perspective not discussing zero-checksum and ECN behavior leaves
implementors unaware of relevant implementation requirements. And if a missmatch
occurrs those who sees the downside is likely not the nodes that causes the
issue. For the wrong ECN behaviors this has just casued a change in end-to-end
network flow behaviors as CE marks might be dropped in the egress. For zero-
checksum tunnels usage where the underlying network is corrupting enough packets
these affects those endpoints that receives corrupt packets. 

Cheers

Magnus


> 
> Thanks,
> 
> —John
> 
> > On Dec 4, 2020, at 5:43 AM, Magnus Westerlund <
> > magnus.westerlund@ericsson.com> wrote:
> > 
> > My impression for example when it comes to zero-checksum for IPv6/UDP is
> > used
> > widely with little consideration about the potential issues. However, this
> > work
> > is done in a WG for inter domain routing. Thus, the general context is inter
> > domain routing, and that pushes the zero-checkum usage from within a single
> > domain into multiple ones. Thus, the risk for errors that checksum would
> > detect
> > is different and also the potential impact of failure to verify is
> > different.
> > Thus, there might actually exist a configuraiton need for this if one
> > intended
> > to pay attention to what might be written into the user plane specification.
> > Here actually we do have an issue with RFC 7510:
> > 
> > So your document states: 
> > 
> >   MPLS-in-UDP [RFC7510] is also supported, but an
> >   Encapsulation sub-TLV for it is not needed since there are no
> >   additional parameters to be signaled.
> > 
> > While if you go read Section 3.1 of RFC 7510 it states the following in
> > regards
> > to zero-checksum:
> > 
> >   The UDP checksum MUST be implemented and MUST be used in accordance
> >   with [RFC768] and [RFC2460] for MPLS-in-UDP traffic over IPv6 unless
> >   one or more of the following exceptions applies and the additional
> >   requirements stated below are complied with.  There are three
> >   exceptions that allow use of UDP zero-checksum mode for IPv6 with
> >   MPLS-in-UDP, subject to the additional requirements stated below in
> >   this section.  The three exceptions are:
> > 
> >   a.  Use of MPLS-in-UDP in networks under single administrative
> >       control (such as within a single operator's network) where it is
> >       known (perhaps through knowledge of equipment types and lower-
> >       layer checks) that packet corruption is exceptionally unlikely
> >       and where the operator is willing to take the risk of undetected
> >       packet corruption.
> > 
> >   b.  Use of MPLS-in-UDP in networks under single administrative
> >       control (such as within a single operator's network) where it is
> >       judged through observational measurements (perhaps of historic or
> >       current traffic flows that use a non-zero checksum) that the
> >       level of packet corruption is tolerably low and where the
> >       operator is willing to take the risk of undetected packet
> >       corruption.
> > 
> >   c.  Use of MPLS-in-UDP for traffic delivery for applications that are
> >       tolerant of misdelivered or corrupted packets (perhaps through
> >       higher-layer checksum, validation, and retransmission or
> >       transmission redundancy) where the operator is willing to rely on
> >       the applications using the tunnel to survive any corrupt packets.
> > 
> >   These exceptions may also be extended to the use of MPLS-in-UDP
> >   within a set of closely cooperating network administrations (such as
> >   network operators who have agreed to work together in order to
> >   jointly provide specific services).  Even when one of the above
> >   exceptions applies, use of UDP checksums may be appropriate when VPN
> >   services are provided over MPLS-in-UDP; see Section 6.
> > 
> >   As such, for IPv6, the UDP checksum for MPLS-in-UDP MUST be used as
> >   specified in [RFC768] and [RFC2460] for tunnels that span multiple
> >   networks whose network administrations do not cooperate closely, even
> >   if each non-cooperating network administration independently
> >   satisfies one or more of the exceptions for UDP zero-checksum mode
> >   usage with MPLS-in-UDP over IPv6.
> > 
> > So this indicate to me that there is a significant likelyhood that for the
> > intended usage of these tunnel encapsulations would not qualify for the
> > exceptions and should use checksums. If that needs signalling or not is the
> > next
> > question. That comes back to how the configuring node knows about
> > capabilities
> > and how one can resolve lack of a capability when signalled. 
> 
>