Re: [Idr] Erik Kline's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS and COMMENT)

John Scudder <jgs@juniper.net> Wed, 02 December 2020 20:52 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 366DE3A149F; Wed, 2 Dec 2020 12:52:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=VlNAg+d7; dkim=pass (1024-bit key) header.d=juniper.net header.b=LZxPCXy6
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HUZ6oYqqpW6O; Wed, 2 Dec 2020 12:52:45 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6CCA3A14A4; Wed, 2 Dec 2020 12:52:44 -0800 (PST)
Received: from pps.filterd (m0108162.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 0B2KmKUY021480; Wed, 2 Dec 2020 12:52:43 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=v/t/MKQ3PjPMuiQzhfRkqwL5xj4EluYjazylUYqqicY=; b=VlNAg+d7N1IeiCVbwIz+Db/DvurYQ0CRFYLsJKQkzy04hUN+Ui4CMY5LHzetnT2n2A2H U0to1+pLnxH21DdpR6CueFX2mxlbo77rYKrNYWOg7TU4A0unk93SFI0/W4toYZ93/0V3 F5Ky5EqRnN1SX6INDDYnkWyIa5wS0BSaWpwWkyyX0T6XmhuQ7wi8mmgNpUarjykOq9Vl f2UlrPkGNcEztEeWb4bJUC5WVEMVOv8/q71ghr2WFWdVAD82JhKeGG7MbZHJUJY2sg9z 8Y2x8WYjg0291K8d1Bf/m5VSthIytF32AEBaXYeKVtkkg4al2Q5OOwOk5+iUtjc1KM5t QQ==
Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2108.outbound.protection.outlook.com [104.47.55.108]) by mx0b-00273201.pphosted.com with ESMTP id 3566f6h973-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 02 Dec 2020 12:52:43 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=X4CVnrTtjl4PYNN70mhgdju7bdbg5MPYVR5n2edVCSBwbOHOPjtNhVzheK9o0d9eIwD51gVWvlNPzdmHhzanyIdPx3onJUVlmUKqkinc14wAu8IbNOb87/n6w3+ovoJQa0LqYVank/5ZommfrkcudFaRBlMGjv5PClk0yhg7El324+j71Te7xLcPVJEzyadRI44Cg2iuVxz4tvtxtn89b3Spiuip6/VxgAT/31cXpjTDMt1r8HE3QXsh94OY6HMgTbwW35jhKGxPMWsS3EkHsNxhP6xKjOzNASuaFDPNea1tp0Tck2gelgpo/JXofBco9wYb50jTWuBg2QMGw743uQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=v/t/MKQ3PjPMuiQzhfRkqwL5xj4EluYjazylUYqqicY=; b=JZ8KKsXEI42JiL7aRY+h9p5gTom5MFgAXloF0Daq95AzK2LZA4EJtAX9i2E3QRjXeWJpqrj1M4x3n8xy64Uq5fDJZ8193spmdgf3ja559P3GAyro8dPS6pQfOtYTGE5BpcxVmJTlGy5OGHVp36bnxGEpp86PkzxJubAL9HM+dIa7FXa/JELojcqkJ3IS4aiC/Fy05ks2U90v3GGe91Eh4MRyMRWYkHvWBWA7ECc927tvBiX+RLqiiENFO19cpy/AUsDBBK5hHbd5fGotfSpAiZ/eCZ20wq+tS75zG3d+WIaqTKwmPTCVvxMwrbZfkVBc7w+PCjUESnT2UsPP9YxCcg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=v/t/MKQ3PjPMuiQzhfRkqwL5xj4EluYjazylUYqqicY=; b=LZxPCXy6mohTlRKSU5brJUgG/NJGE5xLmUQROG+6mAX83gvn1py1jIna5+r9oo+TgEFTaQn6nswRLfzVnoT3Kt2LU1pYmMKCtxddLD3djBlXLAIJqnbFIrBLyIoAC5BSEGlrB/s96GhJuRUMwWOVRfOCICExbkAuKr7/Go0Gz68=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by MN2PR05MB6269.namprd05.prod.outlook.com (2603:10b6:208:cd::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.5; Wed, 2 Dec 2020 20:52:39 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::f91f:55f3:3130:d318]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::f91f:55f3:3130:d318%5]) with mapi id 15.20.3632.016; Wed, 2 Dec 2020 20:52:38 +0000
From: John Scudder <jgs@juniper.net>
To: Erik Kline <ek.ietf@gmail.com>
CC: The IESG <iesg@ietf.org>, "draft-ietf-idr-tunnel-encaps@ietf.org" <draft-ietf-idr-tunnel-encaps@ietf.org>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, "idr@ietf.org" <idr@ietf.org>, "aretana.ietf@gmail.com" <aretana.ietf@gmail.com>, Hares Susan <shares@ndzh.com>
Thread-Topic: Erik Kline's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS and COMMENT)
Thread-Index: AQHWx6LjDvzkdSjfKEOL19hP2ODra6nkSt0A
Date: Wed, 2 Dec 2020 20:52:38 +0000
Message-ID: <0D3E91CB-D399-4AED-8201-D63E67115A0A@juniper.net>
References: <160680054195.20603.3437170887601694105@ietfa.amsl.com>
In-Reply-To: <160680054195.20603.3437170887601694105@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.120.23.2.4)
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [163.116.133.115]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 2b9e0daf-970a-4a3f-0fd3-08d89704345c
x-ms-traffictypediagnostic: MN2PR05MB6269:
x-microsoft-antispam-prvs: <MN2PR05MB6269161AC7401416E27BD9F3AAF30@MN2PR05MB6269.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 9fYWHiFdL+xMQajQW8KD1SKUKAcXs9IksWjXA7sCzSmJrIlUarQzcIHJHCsCeK/Epn2w0sTcbDL4HFhIrxUfruVIbgRyb2f3S0j/qIgXKl7h6fnORLGluW++8uel+M+YZNVz/dF92QLJpTx/3A2w/Qw/2XzuX1O8XIkB3Na1p5KEcY7wuEupX0pdK0D3YdhE4SLvOVj23HligS8uk+4XPnmTcfqEh7hXmWDFEt+7k3y6QkSES93AZgR03ejPaoT33sXRMXWxfXa46EHgKxLMI0j27Wn+uWPtorzeifsPFdJsGZK/vlnzF0pHz54eleZAQQaEpkGqBfhTOj+Ox6jqjMjYzHHWjatPqtidqE/w745dxxb6u67L2GolRvS+wfzUWx/vOz/TYgM2RWH3+1SwHP1pr+6TygCXV8JtIqyZvSJEcJKNHj1R5OTUwgvaGfIpYeAHc8rAX5aiAGoV7tVSvw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(346002)(376002)(396003)(39860400002)(136003)(36756003)(6486002)(91956017)(186003)(66946007)(6512007)(33656002)(5660300002)(66574015)(26005)(8676002)(66556008)(66476007)(6506007)(316002)(53546011)(76116006)(66446008)(64756008)(86362001)(2616005)(966005)(71200400001)(4326008)(8936002)(6916009)(2906002)(54906003)(478600001)(83380400001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?utf-8?B?MFczam9TV3hxYTlmaFFHZkxLNGtUTkxtdEFja0xqTkQwVnoveHQyWTcreitq?= =?utf-8?B?RFUrYW5RUFduYVBWWndpenpTUVlUT05FWmpRckN5OXY0S1hGWkZjWnVXODIr?= =?utf-8?B?Yyt0OXVJM0ZyQVArTTVtaytBQ0t4ZkhNanZ1Qm1HWlJaTXM3NU5zWHJSVWJL?= =?utf-8?B?QzlUaFBDVkgxQm1IRklpQ0VPMGJIc3M5Q0pzb0V2eXNGNVdyZVFtZmxDV0dT?= =?utf-8?B?QXU3R0pIL2I5aENqVTdabkl0dUhrWUlBak5CeTJvR016NXV0d1NLdjB0M21W?= =?utf-8?B?VnNtVVg5WGQrMmM1eVRQVExQVStjbFQ0VEFoUk03QmxXemdrb0p3TURPcEl4?= =?utf-8?B?Y3h1WHNwSENZaThEM3FiRGZhU0xlVlhMbnpVYWo4WU1YbndlSzBYaWJ2TEZX?= =?utf-8?B?b0RJa0RyaDB5QjNJOG1XTTFEaW1VZDRxeXBMOXpoRDVCdUx5UTRkOUdIbFdl?= =?utf-8?B?bHdGek5OVm1SREduTm9DKzMxWGNnNHFGTGxrRWdKWGVWa2tGeG9WbUt4b2dF?= =?utf-8?B?QTJVdUtVSlFvUHg2dDRpZS9RcnkvcUJFcnRhMEordllHcThubUw1YVBLakdH?= =?utf-8?B?aVdEVmEzUXBvOXpuRHNQM0s5S1g2eWNpZWJWclpkeTZZZC82amlGQmtuVU9w?= =?utf-8?B?Y1EvcTE2akRxeEN4d2VnMjJhZGRuOGgzUXUzd0F3N0U2OVlFMXFmUW9lRHhD?= =?utf-8?B?RDFnVitESk83bk40bnpnbTF1WVVSVE9XN2l3MTVmRkpuWExERFJHaHk1dnRU?= =?utf-8?B?SUc1enMwSkpZN2V4L2lOQjFZQWRmTGMzZU9HV0F6UU5WV0dYdGUwanVqdEcx?= =?utf-8?B?U2ZHcmEvSi9yNEdnOHhKVmxaUXUzV0VOLys4TlYxa2ZibXN5ekhvWXBLUGhO?= =?utf-8?B?REd5WlpZZWR2R1puZU1KYVBJV29qWlpsMGVQeXRNWUZWbkp3MVBMZWFvRk5L?= =?utf-8?B?eXp3b0ZSYTJWTGVkaDhka0ZURFN1azd1UkJIbWtNRnp2YWJlSUtDeWJJWTVJ?= =?utf-8?B?OTBxTmVreStKcThWZ2ZnUmdVaHFqblZ4VTRWTnlzbE04MHh5eTBoNWlNczlH?= =?utf-8?B?QU9jUGJESlZ1RjRtNlZLcDVPSElkK3MvWnZEU2gzTGhwTitXNzFTUVk3MHNt?= =?utf-8?B?Z2UwY2lhLzZvWHlMaktLRldzbVZ6cEo0WVF1OWR0dlBGK2Q5YWNUY09ZRGw0?= =?utf-8?B?OTRGa0xuNU02STRPWnN2QTBqelBqUmF0S0U5ZXFHczY5WEI1Q3R4VWZ5ZFdj?= =?utf-8?B?dlVZcHhaaWNlV0JmU0Q1dnpBTjFtVVNFSHFFZXk5K3dVMWZuODcyMnRBandh?= =?utf-8?Q?Sx2ydURAGc+9ETrFyn8zn8j00bada1Z0CF?=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <55BCC920B14DFD4796E0FC4F33E79BDD@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2b9e0daf-970a-4a3f-0fd3-08d89704345c
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Dec 2020 20:52:38.6107 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: D1QFPZ642fV6y7GXmScB4Sj5YyJQideFz0pvKi+1Uhc+VsnL+ldjlDXgD3Ing5IH
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR05MB6269
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-12-02_12:2020-11-30, 2020-12-02 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 spamscore=0 impostorscore=0 bulkscore=0 lowpriorityscore=0 mlxlogscore=999 priorityscore=1501 phishscore=0 malwarescore=0 adultscore=0 mlxscore=0 clxscore=1015 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012020123
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/k47KNSGp7YTUqlRuLRQBcYM732Q>
Subject: Re: [Idr] Erik Kline's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS and COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 20:52:47 -0000

Hi Erik,

Thanks for your review. My comments in line below.

> On Dec 1, 2020, at 12:29 AM, Erik Kline via Datatracker <noreply@ietf.org> wrote:
> 
> [External Email. Be cautious of content]
> 
> 
> Erik Kline has entered the following ballot position for
> draft-ietf-idr-tunnel-encaps-20: Discuss
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://urldefense.com/v3/__https://www.ietf.org/iesg/statement/discuss-criteria.html__;!!NEt6yMaO-gk!T5wpPlhK57FvqcPz4kxiPKl9SWUsD7eakk297sqQMU5TlAQ5F31ILhn736iHxQ$
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-idr-tunnel-encaps/__;!!NEt6yMaO-gk!T5wpPlhK57FvqcPz4kxiPKl9SWUsD7eakk297sqQMU5TlAQ5F31ILhnQzyDIKg$
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> [ section 3.3.1 ]
> 
> * The text about "[a]ny one-octet value can be transported" leaves me
>  wondering about how values that result in ECN bits being set should be
>  treated.
> 
>  I think there needs to be some recognition here that the DSCP part of
>  the octet is only 6 bits (2474 section 3), and that bits 6 & 7 "MUST/SHOULD
>  be zero on transmission and MUST/SHOULD be ignored by the recipient".
> 
>  Another way to ask the question here is: if ECN is not to be specified as
>  part of this octet (and IMHO it should not be), which ranges of 6 bit
>  values are permitted: [0..63], with the understanding this will be shifted
>  before setting the octet, or [0,4,8,12,...,252]?  Given the text "It
>  specifies the setting of the one-octet...", I think it implies the latter,
>  but some clarification would, I think, be helpful.

Replied separately.

> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> [[ questions ]]
> 
> [ section 3.1 ]
> 
> * The prohibition against use of Forwardable=false egress IPs I think means
>  that IPv4 and IPv6 link-local addresses cannot be used.  It seems somewhat
>  unusual, but not completely outside the realm of reasonable, to have a
>  situation where two on-link routers could be configured by their respective
>  administrators to use some encapsulation for forwarded packets without
>  having to resort to global unicast addresses.
> 
>  Are we sure this (odd) use case should be prohibited?

Nope! How about we add this sentence to that bullet item: “This restriction MAY be relaxed by explicit configuration.”

>  The final paragraph of this section seems to cover the use of non-reachable
>  addresses just fine.  Obviously link-local IPs would need to be exempt from
>  section 3.1.1 AS-owned address validation.

I think 3.1.1 would work OK, actually, since the forwarding route would have no AS associated with it, and "If no AS Path is encounteredat all, for example if that route's source is a protocol other than BGP, the Route Origin ASN is the BGP speaker's own AS number."

> [ section 3.3+ ]
> 
> * Do any implementations wish to set IPv6 flow labels?

Not that I’ve been told of; see my reply to Éric.

> [ section 6 ]
> 
> * Might MTU overhead a consideration in tunnel selection?  I.e., given more
>  than one tunnel option might an implementation choose based on minimizing
>  total overhead?

Seems reasonable. Tunnel selection is a matter of local policy of course:

   If the Tunnel Encapsulation attribute contains several TLVs (i.e., if
   it specifies several feasible tunnels), router R may choose any one
   of those tunnels, based upon local policy.

Then again we do make mention of two possible factors that could influence selection:

   If any Tunnel TLV
   contains one or more Color sub-TLVs (Section 3.4.2) and/or the
   Protocol Type sub-TLV (Section 3.4.1), the choice of tunnel may be
   influenced by these sub-TLVs.

I’d be fine with adding a mention of MTU if you think it useful, e.g. adding a sentence like “Many other factors, for example minimization of encapsulation header overhead, could also be used to influence selection.”

Regards,

—John