Re: [Idr] WG adoption call - draft-li-idr-flowspec-srv6-05,txt

Susan Hares <shares@ndzh.com> Fri, 30 July 2021 14:01 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D53C73A2B3C; Fri, 30 Jul 2021 07:01:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.348
X-Spam-Level: *
X-Spam-Status: No, score=1.348 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oHUWpNslsv1i; Fri, 30 Jul 2021 07:01:25 -0700 (PDT)
Received: from hickoryhill-consulting.com (50-245-122-97-static.hfc.comcastbusiness.net [50.245.122.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 707253A2B3B; Fri, 30 Jul 2021 07:01:25 -0700 (PDT)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=50.107.119.54;
From: "Susan Hares" <shares@ndzh.com>
To: "'Ketan Talaulikar \(ketant\)'" <ketant=40cisco.com@dmarc.ietf.org>, <idr@ietf.org>, <draft-li-idr-flowspec-srv6@ietf.org>
References: <022201d77fe3$eb9ba9b0$c2d2fd10$@ndzh.com> <MW3PR11MB4570125E6DCFC74FAE544041C1EC9@MW3PR11MB4570.namprd11.prod.outlook.com> <00c801d78544$82862a20$87927e60$@ndzh.com> <MW3PR11MB45707128EBC8378AA5A7E7AFC1EC9@MW3PR11MB4570.namprd11.prod.outlook.com>
In-Reply-To: <MW3PR11MB45707128EBC8378AA5A7E7AFC1EC9@MW3PR11MB4570.namprd11.prod.outlook.com>
Date: Fri, 30 Jul 2021 10:01:12 -0400
Message-ID: <014c01d7854b$5e1031c0$1a309540$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_014D_01D78529.D7006680"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHSMA+SzG3WNAYeCjdPMBqg8QJxWwKU/A8uAqFp45ECNB1xlasq4DWA
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/pGdzk8RiR4YMQ9qYVi1gznN0Y0Y>
Subject: Re: [Idr] WG adoption call - draft-li-idr-flowspec-srv6-05,txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jul 2021 14:01:31 -0000

Ketan: 

 

My apologies - I missed one of your questions. 

 

"I would have thought that the WG first adopts the v2 framework/approach and
then the v2 feature extensions?"

 

[WG chair hat on] 

The IDR chairs realize that flow specification v2 

has taken a while to get there.   We've talked enough

about the v2 framework before and at the 

6/7/2021 interim that we considered the WG 

Knew enough about the v2 framework. 

 

If you feel that this draft is interesting, but should 

we should await the adoption of the v2 draft - 

please let us know.   The IDR chairs are trying to be 

flexible to allow BGP work to progress quickly

toward implementations. 

 

Great questions! 

 

Sue 

 

From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Ketan Talaulikar
(ketant)
Sent: Friday, July 30, 2021 9:26 AM
To: Susan Hares; idr@ietf.org; draft-li-idr-flowspec-srv6@ietf.org
Subject: Re: [Idr] WG adoption call - draft-li-idr-flowspec-srv6-05,txt

 

Hi Sue,

 

Thanks for that clarification and I did notice that in your email. 

 

However, the draft does not mention that it is for flowspec v2 and I don't
see any reference to any work that the WG has adopted for flowspec v2 - all
pointers are to flowspec v1. Therefore these questions. It should not happen
that these get implemented/deployed as proposed in the draft using the v1
framework. The authors should fix that in the draft text before considering
adoption.

 

Can this proposal be considered/implemented in the (v1) way that is
proposed? I do not flow Flowspec closely to be sure of the answer.

 

I would have thought that the WG first adopts the v2 framework/approach and
then the v2 feature extensions? 

 

In any case, I will leave these aspects to the chairs.

 

Thanks,

Ketan

 

From: Susan Hares <shares@ndzh.com> 
Sent: 30 July 2021 18:42
To: Ketan Talaulikar (ketant) <ketant@cisco.com>om>; idr@ietf.org;
draft-li-idr-flowspec-srv6@ietf.org
Subject: RE: [Idr] WG adoption call - draft-li-idr-flowspec-srv6-05,txt

 

Ketan: 

 

The authors have indicated draft-li-idr-flowspec-srv6-05.txt is for v2 (see
my WG Call).   I look forward to the author's response to the remainder of
the questions. 

 

I hope authors will consider presenting at the 9/13/2015 Interim meeting
where we discuss the flow specification v2 base specification and drafts.  

 

Sue 

 

From: Ketan Talaulikar (ketant) [mailto:ketant@cisco.com] 
Sent: Friday, July 30, 2021 8:19 AM
To: Susan Hares; idr@ietf.org; draft-li-idr-flowspec-srv6@ietf.org
Subject: RE: [Idr] WG adoption call - draft-li-idr-flowspec-srv6-05,txt

 

Hello,

 

I have reviewed
https://datatracker.ietf.org/doc/html/draft-li-idr-flowspec-srv6-05 and have
the following questions for the authors before we consider adoption.

 

1.	FlowSpec v1 is supposed to be focussed on the DDOS use-case. I don't
find any text in the draft that clarifies how/why this is related to DDOS
use-case. To me, this seems like something for FlowSpec v2. Per (what I
understood to be) WG consensus, this work is then perhaps deferred to v2.
2.	The draft proposes a new type "Whole SID". My understanding from the
text is that this rule applies to the IPv6 DA and not the segments within
the SRH. If so, then:

a.	What distinguishes a SID from any other IPv6 address in the DA
field? 
b.	Why isn't the existing IPv6 DA type not sufficient?

3.	The draft proposes a new type "Some bits of SID (SBoS)". Again, I
believe this applies to the IPv6 DA again - so the same two Qs above apply
to this type to. What prevents a router (mistakenly) applying this rule to
packets with non-SRv6 SID in their DA.
4.	When the SBoS type is used, the SRv6 SID structure MUST be indicated
as part of the rule. Then the parts of the SID of interest that need to be
matched are also given in the space for the SID. Is my understanding
correct? If so, the text was not very clear to me.
5.	The question of why this SBoS type is required again crops us since
the base FlowSpec rule for DA does allow pattern matching on the IPv6 DA as
well? Perhaps I am mistaken, and if so the document does not provide any
text or justification for why these new types are required.
6.	Finally, there is no text related to the specific applicability
scenarios for these extensions. Exactly why it is difficult to determine
whether this falls under v1 or v2 scope.

 

Thanks,

Ketan

 

From: Idr <idr-bounces@ietf.org> On Behalf Of Susan Hares
Sent: 23 July 2021 22:28
To: idr@ietf.org; draft-li-idr-flowspec-srv6@ietf.org
Subject: [Idr] WG adoption call - draft-li-idr-flowspec-srv6-05,txt

 

This begins a 2 week WG adoption call for draft-li-idr-flowspec-srv6-05.txt.

 

I am missing 3 IPR statements (Zhenbin Li , Lei Li , and Lei Liu).  

These authors should send in their IPR statements in response to this call. 

 

This draft is targeted for the V2 version of flow specification.  

Flow specification v2 draft will be discussed at an interim on 9/13/2021. 

 

If it is adopted, it will be developed as part of the v2 set of drafts. 

 

Please consider if: 

 

1) if this draft is useful for networks, 

2) if you wish to adopt this draft prior to adopting flow specification v2. 

 

Cheerily, Susan Hares