IETF Logo Mail Archive

Re: [Idr] Adoption call for draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24)

Ketan Talaulikar <ketant.ietf@gmail.com> Fri, 25 March 2022 03:55 UTC

Return-Path: <ketant.ietf@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C6203A0A9B for <idr@ietfa.amsl.com>; Thu, 24 Mar 2022 20:55:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nO4zUrfquLC5 for <idr@ietfa.amsl.com>; Thu, 24 Mar 2022 20:55:48 -0700 (PDT)
Received: from mail-ua1-x92f.google.com (mail-ua1-x92f.google.com [IPv6:2607:f8b0:4864:20::92f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB0FF3A0A97 for <idr@ietf.org>; Thu, 24 Mar 2022 20:55:48 -0700 (PDT)
Received: by mail-ua1-x92f.google.com with SMTP id j7so2881140uap.5 for <idr@ietf.org>; Thu, 24 Mar 2022 20:55:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ToMB4aoZypKwg4JFTKo6BwpFHlYmQhJXEaQ/z4Gsnrs=; b=ExZHFWxmJcntln2muk7YgX3oT6ZzuXWh86HvoEcX92eBQIxoq0HEt6d+nQ2Gdn2p7o 6gGWELp5lg/5tZsRabWtLryWVR8vu+lYWMRZ48RH/rRc6+c99MqstgsjYgoWxX75Bu1v X9gM55ykR4vuj3eYlUWwXVwfO0O4gIheTbGZOGuEAgDSDL60p4Kxr7IDqgnspdsPp1/m smAnO6T6LtHnU9dl+xTMPtEXOCRbTEHs4MPq5hcNQbCAlRhX2xZ4JI/DTFRIiXqNxmmP xXcK89Rk0QV9OWsraV8AsAr5KZo8NGRsFIq/s0qmfrbZuoS9R/+1s2FPhjw4EWZmno8K 3EnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ToMB4aoZypKwg4JFTKo6BwpFHlYmQhJXEaQ/z4Gsnrs=; b=ENfG5UbT58TL4CV8ZAZmHZzQW3A5oLpWN18BdICNB1eo0WqD4QngWTwCNwwKjv8/dp g6AOcUUbjM22LmoUO2ADptanZcOuaNKRqYHhPOX/bH61udpe0ytCCYMr83AsfhzXAqtz pQCdYjXJRUZuHr2Yo1yQMuI+wRSKGwmLki82RP7dAbb3XMn21Znj4pNspwC9pUb9/K4O aPz8vqiuj14TrCJnpkSJ0vUGoHdimqThYtabP6V8B79mSTlti+oR975qcxNWv2fxWauU nPDdsterynmRhV/q2jZct2n4aglvaP75EwcGGvZCscKwhI9TGeDRYAwWuHlTQ5im5KhH wtHg==
X-Gm-Message-State: AOAM5316FZhr8Yw5ClBZc/MR50JLBFXfsy6q9twLCr6AThYj2wCF6aII k6Nofjhe5YM+LtnEolkl8Dg+DDd29DSqwJr1mXPK0W8G
X-Google-Smtp-Source: ABdhPJwG6wC4Bq96sxEM7tHY+p2DeoD57axoTqnJKJdBItpOUzjIEGsUI/L1OB3/e8AAnhXbGJdO1qPKitO5Q+KjpeA=
X-Received: by 2002:ab0:7290:0:b0:34b:71ac:96c2 with SMTP id w16-20020ab07290000000b0034b71ac96c2mr4122706uao.102.1648180547318; Thu, 24 Mar 2022 20:55:47 -0700 (PDT)
MIME-Version: 1.0
References: <00ca01d8348c$8b05d270$a1117750$@ndzh.com> <CAH6gdPxVQhx5RNtqXTnz7a+L2meiqhAT8evN0VrpgyL=JC6UnQ@mail.gmail.com> <eab3ec97ae0642458c62269a28b3818b@huawei.com> <CAH6gdPwtqXv6jRh3-xOVk51zAX+33PAPYGTqHqsF2cxnJvFaWw@mail.gmail.com> <b294ad1d928544c2a7603a6b6ad6b16f@huawei.com>
In-Reply-To: <b294ad1d928544c2a7603a6b6ad6b16f@huawei.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Fri, 25 Mar 2022 09:25:36 +0530
Message-ID: <CAH6gdPy1eb=h_qx4xyFv0Uf9Hwk4o39MahvwJHYjDoSm3mp=Vg@mail.gmail.com>
To: Zhuangshunwan <zhuangshunwan@huawei.com>
Cc: Tianran Zhou <zhoutianran@huawei.com>, "idr@ietf.org" <idr@ietf.org>, Susan Hares <shares@ndzh.com>
Content-Type: multipart/alternative; boundary="0000000000000c755d05db02f031"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/qDxpzXvL7wm2KxmUNdyCqvFMXSU>
Subject: Re: [Idr] Adoption call for draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Mar 2022 03:55:54 -0000

Hi Shunwan,

Please check inline below with KT2.


On Fri, Mar 25, 2022 at 8:09 AM Zhuangshunwan <zhuangshunwan@huawei.com>
wrote:

> Hi Ketan,
>
>
>
> Please check inline below with [SW].
>
>
>
> Kind Regards,
>
> Shunwan
>
>
>
> *From:* Idr [mailto:idr-bounces@ietf.org] *On Behalf Of *Ketan Talaulikar
> *Sent:* Thursday, March 24, 2022 10:47 PM
> *To:* Tianran Zhou <zhoutianran@huawei.com>
> *Cc:* idr@ietf.org; Susan Hares <shares@ndzh.com>
> *Subject:* Re: [Idr] Adoption call for
> draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24)
>
>
>
> Hi Tianran,
>
>
>
> Please check inline below.
>
>
>
>
>
> On Thu, Mar 24, 2022 at 7:16 PM Tianran Zhou <zhoutianran@huawei.com>
> wrote:
>
> Hi Ketan,
>
>
>
> “That said, I don't see the introduction discussing why this is
> appropriate in BGP. Since it talks about limited domain and overlay
> service, I am not able to follow how it helps signal only the capabilities
> of the PEs in a BGP-free core. Are capabilities not required for all nodes?”
>
>
>
> [ZTR] In the IFIT detection domain, Ingress node inserts IFIT detection
> header into each selected flow packet, and the egress node remove the IFIT
> detection header from the packet, make sure IFIT detection header only
> happened in the IFIT detection domain.
>
>        IFIT detection currently mainstream solution include E2E and
> hop-by-hop detection.
>
> in E2E detection scenario, only ingress and egress node do the detection,
> transit node only transparent service flow with IFIT detection header
>
> in hbh detection scenario, all the nodes along the service path can do the
> detection, and if one transit node does not support IFIT detection, does
> not impact other nodes working on detection.
>
> However, only PE nodes(include ingress and egress node) need insert or
> remove IFIT detection header.
>
> So that, ingress node do the IFIT header insert operation only it makes
> sure egress node can remove IFIT header, otherwise, egress node will drop
> the flow packet embedded IFIT detection header due to it does not recognize
> this packet.
>
> One available solution is that egress node notify ingress node before IFIT
> start detection, such as through method mentioned in the draft.
>
>
>
> KT> It would be good if some of this context is described in the draft. A
> follow-on, if we have a mechanism for signaling IFIT capabilities
> hop-by-hop then does that not also cover end to end?
>
>
>
> [SW] Surely, the above context will be added in the future version. We
> also especially welcome your help in improving this work.
>
> Yes, the hop-by-hop mechanism will be a long-term solution we pursue,  In
> the current stage where new and old devices are deployed together, we must
> first ensure that the tailend node can properly decapsulate the IFIT shim
> header. Therefore, a solution for signaling the IFIT capability between the
> headend and tailend nodes is also necessary.
>

 KT2> Fair enough. Look forward to the updates.

>
>
>
>
> “First, which SAFI routes are these extensions going to get signaled with?
> Please point me to the text if I am missing something.”
>
>
>
> [ZTR] This idea mainly suit for VPN scenarios, such as
> EVPNv4,EVPNv6,L2EVPN(EVPN VPWS and EVPN VPLS) routes... if needed can add
> the description in the update version.
>
>
>
> KT> This is now very confusing to me. I thought this was something between
> PEs - what you refer to as IFIT encapsulating node. I no more understand
> why this needs to be associated with a service route?
>
>
>
> [SW]  This is actually a commonly used approach, such as the EVPN route
> carrying the Encapsulation Extended Community. Using this approach,
> service-driven deployment of IFIT can be achieved.
>

KT2> I think we are talking specifics of this draft and not a common
approach. My understanding is the follows: IFIT encapsulating nodes are the
PE routers. These extensions are about signaling IFIT capabilities - i.e.
the capabilities of the PE routers. Then why do they need to be carried in
the service routes that are potentially several orders of magnitude larger
in scale than those corresponding to the PEs. What am I missing? Seems like
the draft is missing quite a lot?

Thanks,
Ketan


>
>
> Thanks,
>
> Ketan
>
>
>
>
>
> Many thanks,
>
> Tianran
>
>
>
> *From:* Idr [mailto:idr-bounces@ietf.org] *On Behalf Of *Ketan Talaulikar
> *Sent:* Wednesday, March 23, 2022 10:41 PM
> *To:* Susan Hares <shares@ndzh.com>
> *Cc:* idr@ietf.org
> *Subject:* Re: [Idr] Adoption call for
> draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24)
>
>
>
> Hi Sue,
>
>
>
> Summary: I don't believe the draft is ready for WG adoption as yet.
>
>
>
> Disclaimer: I do not fully understand the IFIT framework to judge if
> carrying/signaling this information in BGP makes sense. I'll leave that to
> others that do understand IFIT.
>
>
>
> That said, I don't see the introduction discussing why this is appropriate
> in BGP. Since it talks about limited domain and overlay service, I am not
> able to follow how it helps signal only the capabilities of the PEs in a
> BGP-free core. Are capabilities not required for all nodes?
>
>
>
> Coming to the draft itself and the BGP mechanics, there are some issues in
> the draft.
>
>
>
> First, which SAFI routes are these extensions going to get signaled with?
> Please point me to the text if I am missing something.
>
>
>
> Second, the draft describes two options. I have not seen any discussion
> either in the draft or on the IDR list on which of the two (or both?) are
> suitable. The only one to touch on this topic has been Jeff and the
> response to him was for the WG to pick. I think the WG needs to see those
> updates and the analysis in the document to be able to make that decision.
>
>
>
> Alternately, can the proponents pick one? And if both are needed, clarify
> why?
>
>
>
> The current draft says that the new community is transitive, but I guess
> it was meant to be non-transitive based on Shunwan's response? Would be
> important to fix that.
>
>
>
> Please see inline responses to your specific questions.
>
>
>
> 1) Do the additions to BGP (2 Communities and
>
> TLV for next-hop-capability attribute)
>
> help the distribute information regarding the  IFIT options
>
> from tail (egress) nodes to head nodes (ingress)?
>
>
>
> KT> I don't know since the draft does not specify how this works.
>
>
>
> Are there any cases where these BGP
>
> Communities should be removed or ignored?
>
>
>
> KT> Yes, but a bigger concern is that they are defined as transitive.
>
>
>
>
>
> 2) Are the mechanisms (2 Communities and
>
> attribute TLV) correctly specified?
>
>
>
> KT> A concern is why two?
>
>
>
> 3) How do these additions interaction with the
>
>   With SR technology for IFIT described in
>
>    draft-ietf-idr-sr-policy-ifit, and its
>
>    use of RFC9012 (tunnel attributes)?
>
>
>
> KT> I did not see any reference to RFC9012
>
>
>
> (Authors an example on how these
>
> technologies work together or
>
>  operate separately would be helpful).
>
>
>
> 4)  Will this addition help network operators
>
> deploying IFIT technology?
>
>
>
> KT> Unable to determine.
>
>
>
> Thanks,
>
> Ketan
>
>
>
>
>
> On Thu, Mar 10, 2022 at 8:09 PM Susan Hares <shares@ndzh.com> wrote:
>
> Greeting:
>
>
>
> This begins a 2 week WG Adoption call (3/10/2022 to 3/24/2022)
>
> for draft-wang-idr-bgp-ifit-capabilities-04
>
> https://datatracker.ietf.org/doc/draft-wang-idr-bgp-ifit-capabilities/
>
>
>
> In your comments please consider if:
>
>
>
> 1) Do the additions to BGP (2 Communities and
>
> TLV for next-hop-capability attribute)
>
> help the distribute information regarding the  IFIT options
>
> from tail (egress) nodes to head nodes (ingress)?
>
>
>
> Are there any cases where these BGP
>
> Communities should be removed or ignored?
>
>
>
>
>
> 2) Are the mechanisms (2 Communities and
>
> attribute TLV) correctly specified?
>
>
>
> 3) How do these additions interaction with the
>
>   With SR technology for IFIT described in
>
>    draft-ietf-idr-sr-policy-ifit, and its
>
>    use of RFC9012 (tunnel attributes)?
>
>
>
> (Authors an example on how these
>
> technologies work together or
>
>  operate separately would be helpful).
>
>
>
> 4)  Will this addition help network operators
>
> deploying IFIT technology?
>
>
>
>
>
> Cheerily, Sue
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>

v2.23.0 | Report a Bug | By Email