IETF Logo Mail Archive

Re: [Idr] Adoption call for draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24) - 1 week extension to answer questions [4/25/22 to 5/2/22]

Ketan Talaulikar <ketant.ietf@gmail.com> Fri, 13 May 2022 13:54 UTC

Return-Path: <ketant.ietf@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78E8BC157B3B for <idr@ietfa.amsl.com>; Fri, 13 May 2022 06:54:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.086
X-Spam-Level:
X-Spam-Status: No, score=-2.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SdhJpSEvYbWU for <idr@ietfa.amsl.com>; Fri, 13 May 2022 06:54:14 -0700 (PDT)
Received: from mail-vs1-xe30.google.com (mail-vs1-xe30.google.com [IPv6:2607:f8b0:4864:20::e30]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D28CFC14F745 for <idr@ietf.org>; Fri, 13 May 2022 06:54:14 -0700 (PDT)
Received: by mail-vs1-xe30.google.com with SMTP id d22so8477076vsf.2 for <idr@ietf.org>; Fri, 13 May 2022 06:54:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WXxWhC7/cEELWvgivbvAS28RTxh4lwqXK68ss0A09Vo=; b=IUqfN+AUfPzGsF1rZIf5ORpV7L+9f9TWyeXlg8Y1BKe3831xG53hETicNgFczJ3W1+ LnkGyXfK4MzWeoOjWNROBMk8A/bkDL+o5eNtfqbkcE/9QbhHDEjG3feRDKHDb8M1d80I XrHqtN12zt5R7KoLx527QIV04i22AY+O7iMWMHUaIU4KYkb4+xf+2mkbvbhjnqbh7GWI TmkW6ZRR0V5xozGli0BdD94d/tvkCPTqvyNMGa1kWqI39tro7tecw6LbMse//oA1DAJp 8x1GGeN89YRgcUkui3fa0KcPm7DLAv3SvWtDx+Gz6y+8S5OTRS21NmYef+6CTQD/UXKA +yJw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WXxWhC7/cEELWvgivbvAS28RTxh4lwqXK68ss0A09Vo=; b=t6w7gEb+VOAx1r+iG7mxRyuDboZpKtDXj2VD7NpcgiV3TyrxjOnaw1nM+ox7gD1tPA LJ2jpPt4Zl8L01JGJgZaIrPafk6Uy/fLtQGXcbyoqLK0bFhHydGj3jusKdrP58KriG1U JSbMwxmUm8ltJ/YGvJiJRZ98yRcY4XCP1sP4WL/jfWGH0nOIb0a6oUcBnAcozoERJdsc /DqyQAhMbb2wtx3OG6wY3Fv/lZPv/jhAHrLSAnytmqLPNpDZlYlypGsAwL7dL2dDxO/2 SLAIvoonj4r+tZwNjaeWsvj7tVwQ/QkG49ThbABUMB82IDT2B9sjLrqZZ66AunBa2f03 x0kQ==
X-Gm-Message-State: AOAM533w5wAd2biXjCTuviA0a1VxKqeYkcsMKcncPzDnmiznZfihC50r ohalSPTfs02D24lNt69uzfcQHHcPfqe2cwVL+mc2WI+x
X-Google-Smtp-Source: ABdhPJyNdewSrsXIK310vGKhXs3qPq89ilQbsd/3jXZRyswRBBgZLtHaCb22GAk/bByuv9AO7mkNmVtA4wpTLoj5Kq0=
X-Received: by 2002:a05:6102:3007:b0:32d:7d5c:e801 with SMTP id s7-20020a056102300700b0032d7d5ce801mr2372069vsa.34.1652450053638; Fri, 13 May 2022 06:54:13 -0700 (PDT)
MIME-Version: 1.0
References: <BYAPR08MB48721393120F1BF32AF4A4D7B3F89@BYAPR08MB4872.namprd08.prod.outlook.com> <956aaaae4c374415861432046e83086d@huawei.com> <7429cd0931bf4aab85c636fa41218b88@huawei.com> <CAH6gdPzRTR5NQ9S+6RfTXmr+Qkk3CT7O1aZotF9LiuPhZfN9UA@mail.gmail.com> <684a0afbd7ed4adaa336a871f2494a27@huawei.com>
In-Reply-To: <684a0afbd7ed4adaa336a871f2494a27@huawei.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Fri, 13 May 2022 19:23:57 +0530
Message-ID: <CAH6gdPy58bdMzoc-cS+bXC-+KyHsZHoHB3UMBW4HjE28QpGeEA@mail.gmail.com>
To: Zhuangshunwan <zhuangshunwan@huawei.com>
Cc: "idr@ietf.org" <idr@ietf.org>, Susan Hares <shares@ndzh.com>
Content-Type: multipart/alternative; boundary="00000000000074cc4805dee502ff"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/rUWKItvjJXCZJED8ZkOgCXSrZ18>
Subject: Re: [Idr] Adoption call for draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24) - 1 week extension to answer questions [4/25/22 to 5/2/22]
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 May 2022 13:54:16 -0000

Hi Shunwan,

Thanks for the update and the document now looks clearer to me.

Thanks,
Ketan


On Mon, May 9, 2022 at 3:51 PM Zhuangshunwan <zhuangshunwan@huawei.com>
wrote:

> Hi Ketan & WG,
>
>
>
> We (co-authors) have post a new version to address the comments received.
> Thanks for everyone's comments and suggestions!
>
> Please help to confirm whether the comments have been resolved, and more
> comments and suggestions are welcome!
>
>
>
> Best Regards,
>
> Shunwan
>
>
>
> -----Original Message-----
> From: I-D-Announce [mailto:i-d-announce-bounces@ietf.org] On Behalf Of
> internet-drafts@ietf.org
> Sent: Monday, May 9, 2022 5:54 PM
> To: i-d-announce@ietf.org
> Cc: idr@ietf.org
> Subject: I-D Action: draft-wang-idr-bgp-ifit-capabilities-05.txt
>
>
>
>
>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
>
> This draft is a work item of the Inter-Domain Routing WG of the IETF.
>
>
>
>         Title           : BGP Extension for Advertising In-situ Flow
> Information Telemetry (IFIT) Capabilities
>
>         Authors         : Giuseppe Fioccola
>
>                           Ran Pang
>
>                           Shunwan Zhuang
>
>                           Hiabo Wang
>
>         Filename        : draft-wang-idr-bgp-ifit-capabilities-05.txt
>
>         Pages           : 10
>
>         Date            : 2022-05-09
>
>
>
> Abstract:
>
>    This document defines extensions to BGP [RFC4271] to advertise the
>
>    In-situ Flow Information Telemetry (IFIT) capabilities.  Within an
>
>    IFIT domain, IFIT-capability advertisement from the tail node to the
>
>    head node assists the head node to determine whether a particular
>
>    IFIT Option type can be encapsulated in data packets.  Such
>
>    advertisement would be useful for mitigating the leakage threat and
>
>    facilitating the deployment of IFIT measurements on a per-service and
>
>    on-demand basis.
>
>
>
>
>
>
>
> The IETF datatracker status page for this draft is:
>
> https://datatracker.ietf.org/doc/draft-wang-idr-bgp-ifit-capabilities/
>
>
>
> There is also an htmlized version available at:
>
>
> https://datatracker.ietf.org/doc/html/draft-wang-idr-bgp-ifit-capabilities-05
>
>
>
> A diff from the previous version is available at:
>
> https://www.ietf.org/rfcdiff?url2=draft-wang-idr-bgp-ifit-capabilities-05
>
>
>
>
>
> Internet-Drafts are also available by rsync at rsync.ietf.org:
> :internet-drafts
>
>
>
>
>
> _______________________________________________
>
> I-D-Announce mailing list
>
> I-D-Announce@ietf.org
>
> https://www.ietf.org/mailman/listinfo/i-d-announce
>
> Internet-Draft directories: http://www.ietf.org/shadow.html or
> ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>
>
>
>
>
> *From:* Ketan Talaulikar [mailto:ketant.ietf@gmail.com]
> *Sent:* Tuesday, May 3, 2022 10:41 AM
> *To:* Zhuangshunwan <zhuangshunwan@huawei.com>
> *Cc:* Susan Hares <shares@ndzh.com>; idr@ietf.org; wangyali@hauwei.com;
> zhuangshunwan@hauwei.com; guyuan@huawei.com; pangran@huawei.com
> *Subject:* Re: [Idr] Adoption call for
> draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24) - 1 week extension
> to answer questions [4/25/22 to 5/2/22]
>
>
>
> Hi Shunwan,
>
>
>
> Thanks for your responses to Sue's questions as well as the discussions
> during the WG adoption. It would be great if the authors would post a
> version that incorporates all the changes and clarifications that came out
> of the discussion (as also mentioned by you below). This would enable some
> of us that had concerns to re-review the document and respond if our
> (blocking IMHO) concerns have been addressed.
>
>
>
> Thanks,
>
> Ketan
>
>
>
> PS: If the authors prefer the NH capability solution, then please just
> remove the other one from the document. It will keep the draft focused.
> Just a suggestion ...
>
>
>
>
>
> On Sun, May 1, 2022 at 8:09 PM Zhuangshunwan <zhuangshunwan=
> 40huawei.com@dmarc.ietf.org> wrote:
>
> Hi Sue and WG,
>
>
>
> Thank you all for giving us a lot of useful input on this work!
>
> Regarding the following 3 questions, our answers are as follows:
>
>
>
> 1)  IFIT deployment modes include node-level, tunnel-level, and
> service-level. While the current requirement is to provide IFIT deployment
> at service-level, since different services have different IFIT
> requirements. The node-level and tunnel-level have also been considered,
> but they cannot meet the current requirements. With the service-level
> solution, different IFIT modes can be deployed for different VPN services.
>
>
>
> 2) When all devices are upgraded to support IFIT, the hop-by-hop
> mechanism is suitable.
>
> In the current stage where new and old devices are deployed together, we
> must first ensure that the tail-end node can properly decapsulate the IFIT
> shim header, so we need head-end/tail-end way.
>
> Further, different services on the egress node have different IFIT
> requirements, so the head-end/tail-end way is always required.
>
> Hop-by-hop mechanisms and head-end/tail-end can be used together without
> conflict.
>
>
>
> 3) In actual deployment, whether it is Transitive or non-Transitive, the
> extended community attributes are controlled hop-by-hop via CLI (knob), and
> there is almost no possibility of the extended community attributes leaking
> into the Internet routing table.  In this draft, the Extended Communities
> will be explicitly defined as non-transitive.
>
>
>
> In the next version, we will prefer the NextHop Capability solution and
> move the extended community attributes to the appendix.
>
>
>
> Regards,
>
> Authors of draft-wang-idr-bgp-ifit-capabilities
>
>
>
> *From:* Idr <idr-bounces@ietf.org> *On Behalf Of *Susan Hares
> *Sent:* Monday, April 25, 2022 9:06 PM
> *To:* idr@ietf.org
> *Cc:* wangyali@hauwei.com; zhuangshunwan@hauwei.com; guyuan@huawei.com;
> pangran@huawei.com
> *Subject:* Re: [Idr] Adoption call for
> draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24) - 1 week extension
> to answer questions [4/25/22 to 5/2/22]
>
>
>
> Greetings:
>
>
>
> The adoption call for draft-wang-idr-bgp-ifit-capabilities indicated
>
> Interest in refining this draft.   We had 10+ people interesting
>
> in this draft including 3 operators who felt it was necessary for
>
> operation in their network.  While some of the use cases
>
> were for specific customers, this has not stop adoption of
>
> many SR or BGP-LS features.
>
>
>
> However, prior to finalizing adoption, it would be good for
>
> the authors to answer the following questions asked during the
>
> adoption call.
>
>
>
> Cheerily, Sue
>
>
>
> Questions
>
>
>
> 1)       [Ketan] My understanding is the follows: IFIT encapsulating
>
> nodes are the PE routers. These extensions are about
>
> signaling IFIT capabilities - i.e. the capabilities of the PE routers.
>
> Then why do they need to be carried in the service routes
>
> that are potentially several orders of magnitude larger
>
> in scale than those corresponding to the PEs.
>
>
>
> What am I missing?
>
>
>
> Email thread:
>
> https://mailarchive.ietf.org/arch/msg/idr/qDxpzXvL7wm2KxmUNdyCqvFMXSU/
>
>
>
> 2)       What is the plan for hop-by-hop mechanisms versus head-end/tail-end
>
>
>
> Email thread:
>
> https://mailarchive.ietf.org/arch/msg/idr/qDxpzXvL7wm2KxmUNdyCqvFMXSU/
>
>
>
> [Ketan]  It would be good if some of this context is described in the draft.
>
> a follow-on, if we have a mechanism for signaling IFIT capabilities
>
> hop-by-hop then does that not also cover end to end?
>
> [Shunwan] answer:
>
> Yes, the hop-by-hop mechanism will be a long-term solution we pursue,
>
> In the current stage where new and old devices are deployed together,
>
>  we must first ensure that the tail-end node can properly
>
> decapsulate the IFIT shim  header. Therefore, a solution for
>
>  signaling the IFIT capability between the head-end
>
>  and tail-end nodes is also necessary.
>
>
>
> 3)       Next Hop Capability as a Optional Non-Transitive Path Attribute
>
> [Jeff Haas questions]
>
> https://mailarchive.ietf.org/arch/msg/idr/BBE3N6m4HX21euJyVvK6VVa2IZI/
>
>
>
> The NextHop Capability leveraged in this draft as part of prior learnings
>
> has specified itself as an Optional, Non-Transitive Path Attribute.  This
>
> means that behaviors can be enforced on a hop-by-hop basis.
>
>
>
> BGP Extended Communities are only scoped for as-transitive or not.
>
>
>
> It'd be useful for the authors to comment on what the expected behaviors for
>
> BGP speakers downstream of not the IFIT egress. Also, potentially outside
>
> of the IFIT domain.  What are the Security Considerations for such
>
> additional propagation of these Extended Communities?
>
>
>
> I'm unclear whether the intent of the Extended Communities is whether they
>
> should ONLY be propagated with the NextHop Capability or not.
>
>
>
>
>
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>

v2.23.0 | Report a Bug | By Email