Re: [Idr] Adoption call for draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24) - 1 week extension to answer questions [4/25/22 to 5/2/22]
Ketan Talaulikar <ketant.ietf@gmail.com> Fri, 13 May 2022 13:54 UTC
Return-Path: <ketant.ietf@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78E8BC157B3B for <idr@ietfa.amsl.com>; Fri, 13 May 2022 06:54:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.086
X-Spam-Level:
X-Spam-Status: No, score=-2.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SdhJpSEvYbWU for <idr@ietfa.amsl.com>; Fri, 13 May 2022 06:54:14 -0700 (PDT)
Received: from mail-vs1-xe30.google.com (mail-vs1-xe30.google.com [IPv6:2607:f8b0:4864:20::e30]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D28CFC14F745 for <idr@ietf.org>; Fri, 13 May 2022 06:54:14 -0700 (PDT)
Received: by mail-vs1-xe30.google.com with SMTP id d22so8477076vsf.2 for <idr@ietf.org>; Fri, 13 May 2022 06:54:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WXxWhC7/cEELWvgivbvAS28RTxh4lwqXK68ss0A09Vo=; b=IUqfN+AUfPzGsF1rZIf5ORpV7L+9f9TWyeXlg8Y1BKe3831xG53hETicNgFczJ3W1+ LnkGyXfK4MzWeoOjWNROBMk8A/bkDL+o5eNtfqbkcE/9QbhHDEjG3feRDKHDb8M1d80I XrHqtN12zt5R7KoLx527QIV04i22AY+O7iMWMHUaIU4KYkb4+xf+2mkbvbhjnqbh7GWI TmkW6ZRR0V5xozGli0BdD94d/tvkCPTqvyNMGa1kWqI39tro7tecw6LbMse//oA1DAJp 8x1GGeN89YRgcUkui3fa0KcPm7DLAv3SvWtDx+Gz6y+8S5OTRS21NmYef+6CTQD/UXKA +yJw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WXxWhC7/cEELWvgivbvAS28RTxh4lwqXK68ss0A09Vo=; b=t6w7gEb+VOAx1r+iG7mxRyuDboZpKtDXj2VD7NpcgiV3TyrxjOnaw1nM+ox7gD1tPA LJ2jpPt4Zl8L01JGJgZaIrPafk6Uy/fLtQGXcbyoqLK0bFhHydGj3jusKdrP58KriG1U JSbMwxmUm8ltJ/YGvJiJRZ98yRcY4XCP1sP4WL/jfWGH0nOIb0a6oUcBnAcozoERJdsc /DqyQAhMbb2wtx3OG6wY3Fv/lZPv/jhAHrLSAnytmqLPNpDZlYlypGsAwL7dL2dDxO/2 SLAIvoonj4r+tZwNjaeWsvj7tVwQ/QkG49ThbABUMB82IDT2B9sjLrqZZ66AunBa2f03 x0kQ==
X-Gm-Message-State: AOAM533w5wAd2biXjCTuviA0a1VxKqeYkcsMKcncPzDnmiznZfihC50r ohalSPTfs02D24lNt69uzfcQHHcPfqe2cwVL+mc2WI+x
X-Google-Smtp-Source: ABdhPJyNdewSrsXIK310vGKhXs3qPq89ilQbsd/3jXZRyswRBBgZLtHaCb22GAk/bByuv9AO7mkNmVtA4wpTLoj5Kq0=
X-Received: by 2002:a05:6102:3007:b0:32d:7d5c:e801 with SMTP id s7-20020a056102300700b0032d7d5ce801mr2372069vsa.34.1652450053638; Fri, 13 May 2022 06:54:13 -0700 (PDT)
MIME-Version: 1.0
References: <BYAPR08MB48721393120F1BF32AF4A4D7B3F89@BYAPR08MB4872.namprd08.prod.outlook.com> <956aaaae4c374415861432046e83086d@huawei.com> <7429cd0931bf4aab85c636fa41218b88@huawei.com> <CAH6gdPzRTR5NQ9S+6RfTXmr+Qkk3CT7O1aZotF9LiuPhZfN9UA@mail.gmail.com> <684a0afbd7ed4adaa336a871f2494a27@huawei.com>
In-Reply-To: <684a0afbd7ed4adaa336a871f2494a27@huawei.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Fri, 13 May 2022 19:23:57 +0530
Message-ID: <CAH6gdPy58bdMzoc-cS+bXC-+KyHsZHoHB3UMBW4HjE28QpGeEA@mail.gmail.com>
To: Zhuangshunwan <zhuangshunwan@huawei.com>
Cc: "idr@ietf.org" <idr@ietf.org>, Susan Hares <shares@ndzh.com>
Content-Type: multipart/alternative; boundary="00000000000074cc4805dee502ff"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/rUWKItvjJXCZJED8ZkOgCXSrZ18>
Subject: Re: [Idr] Adoption call for draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24) - 1 week extension to answer questions [4/25/22 to 5/2/22]
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 May 2022 13:54:16 -0000
Hi Shunwan, Thanks for the update and the document now looks clearer to me. Thanks, Ketan On Mon, May 9, 2022 at 3:51 PM Zhuangshunwan <zhuangshunwan@huawei.com> wrote: > Hi Ketan & WG, > > > > We (co-authors) have post a new version to address the comments received. > Thanks for everyone's comments and suggestions! > > Please help to confirm whether the comments have been resolved, and more > comments and suggestions are welcome! > > > > Best Regards, > > Shunwan > > > > -----Original Message----- > From: I-D-Announce [mailto:i-d-announce-bounces@ietf.org] On Behalf Of > internet-drafts@ietf.org > Sent: Monday, May 9, 2022 5:54 PM > To: i-d-announce@ietf.org > Cc: idr@ietf.org > Subject: I-D Action: draft-wang-idr-bgp-ifit-capabilities-05.txt > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > This draft is a work item of the Inter-Domain Routing WG of the IETF. > > > > Title : BGP Extension for Advertising In-situ Flow > Information Telemetry (IFIT) Capabilities > > Authors : Giuseppe Fioccola > > Ran Pang > > Shunwan Zhuang > > Hiabo Wang > > Filename : draft-wang-idr-bgp-ifit-capabilities-05.txt > > Pages : 10 > > Date : 2022-05-09 > > > > Abstract: > > This document defines extensions to BGP [RFC4271] to advertise the > > In-situ Flow Information Telemetry (IFIT) capabilities. Within an > > IFIT domain, IFIT-capability advertisement from the tail node to the > > head node assists the head node to determine whether a particular > > IFIT Option type can be encapsulated in data packets. Such > > advertisement would be useful for mitigating the leakage threat and > > facilitating the deployment of IFIT measurements on a per-service and > > on-demand basis. > > > > > > > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-wang-idr-bgp-ifit-capabilities/ > > > > There is also an htmlized version available at: > > > https://datatracker.ietf.org/doc/html/draft-wang-idr-bgp-ifit-capabilities-05 > > > > A diff from the previous version is available at: > > https://www.ietf.org/rfcdiff?url2=draft-wang-idr-bgp-ifit-capabilities-05 > > > > > > Internet-Drafts are also available by rsync at rsync.ietf.org: > :internet-drafts > > > > > > _______________________________________________ > > I-D-Announce mailing list > > I-D-Announce@ietf.org > > https://www.ietf.org/mailman/listinfo/i-d-announce > > Internet-Draft directories: http://www.ietf.org/shadow.html or > ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > > > > > *From:* Ketan Talaulikar [mailto:ketant.ietf@gmail.com] > *Sent:* Tuesday, May 3, 2022 10:41 AM > *To:* Zhuangshunwan <zhuangshunwan@huawei.com> > *Cc:* Susan Hares <shares@ndzh.com>; idr@ietf.org; wangyali@hauwei.com; > zhuangshunwan@hauwei.com; guyuan@huawei.com; pangran@huawei.com > *Subject:* Re: [Idr] Adoption call for > draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24) - 1 week extension > to answer questions [4/25/22 to 5/2/22] > > > > Hi Shunwan, > > > > Thanks for your responses to Sue's questions as well as the discussions > during the WG adoption. It would be great if the authors would post a > version that incorporates all the changes and clarifications that came out > of the discussion (as also mentioned by you below). This would enable some > of us that had concerns to re-review the document and respond if our > (blocking IMHO) concerns have been addressed. > > > > Thanks, > > Ketan > > > > PS: If the authors prefer the NH capability solution, then please just > remove the other one from the document. It will keep the draft focused. > Just a suggestion ... > > > > > > On Sun, May 1, 2022 at 8:09 PM Zhuangshunwan <zhuangshunwan= > 40huawei.com@dmarc.ietf.org> wrote: > > Hi Sue and WG, > > > > Thank you all for giving us a lot of useful input on this work! > > Regarding the following 3 questions, our answers are as follows: > > > > 1) IFIT deployment modes include node-level, tunnel-level, and > service-level. While the current requirement is to provide IFIT deployment > at service-level, since different services have different IFIT > requirements. The node-level and tunnel-level have also been considered, > but they cannot meet the current requirements. With the service-level > solution, different IFIT modes can be deployed for different VPN services. > > > > 2) When all devices are upgraded to support IFIT, the hop-by-hop > mechanism is suitable. > > In the current stage where new and old devices are deployed together, we > must first ensure that the tail-end node can properly decapsulate the IFIT > shim header, so we need head-end/tail-end way. > > Further, different services on the egress node have different IFIT > requirements, so the head-end/tail-end way is always required. > > Hop-by-hop mechanisms and head-end/tail-end can be used together without > conflict. > > > > 3) In actual deployment, whether it is Transitive or non-Transitive, the > extended community attributes are controlled hop-by-hop via CLI (knob), and > there is almost no possibility of the extended community attributes leaking > into the Internet routing table. In this draft, the Extended Communities > will be explicitly defined as non-transitive. > > > > In the next version, we will prefer the NextHop Capability solution and > move the extended community attributes to the appendix. > > > > Regards, > > Authors of draft-wang-idr-bgp-ifit-capabilities > > > > *From:* Idr <idr-bounces@ietf.org> *On Behalf Of *Susan Hares > *Sent:* Monday, April 25, 2022 9:06 PM > *To:* idr@ietf.org > *Cc:* wangyali@hauwei.com; zhuangshunwan@hauwei.com; guyuan@huawei.com; > pangran@huawei.com > *Subject:* Re: [Idr] Adoption call for > draft-wang-idr-bgp-ifit-capabilities-04 (3/10 to 3/24) - 1 week extension > to answer questions [4/25/22 to 5/2/22] > > > > Greetings: > > > > The adoption call for draft-wang-idr-bgp-ifit-capabilities indicated > > Interest in refining this draft. We had 10+ people interesting > > in this draft including 3 operators who felt it was necessary for > > operation in their network. While some of the use cases > > were for specific customers, this has not stop adoption of > > many SR or BGP-LS features. > > > > However, prior to finalizing adoption, it would be good for > > the authors to answer the following questions asked during the > > adoption call. > > > > Cheerily, Sue > > > > Questions > > > > 1) [Ketan] My understanding is the follows: IFIT encapsulating > > nodes are the PE routers. These extensions are about > > signaling IFIT capabilities - i.e. the capabilities of the PE routers. > > Then why do they need to be carried in the service routes > > that are potentially several orders of magnitude larger > > in scale than those corresponding to the PEs. > > > > What am I missing? > > > > Email thread: > > https://mailarchive.ietf.org/arch/msg/idr/qDxpzXvL7wm2KxmUNdyCqvFMXSU/ > > > > 2) What is the plan for hop-by-hop mechanisms versus head-end/tail-end > > > > Email thread: > > https://mailarchive.ietf.org/arch/msg/idr/qDxpzXvL7wm2KxmUNdyCqvFMXSU/ > > > > [Ketan] It would be good if some of this context is described in the draft. > > a follow-on, if we have a mechanism for signaling IFIT capabilities > > hop-by-hop then does that not also cover end to end? > > [Shunwan] answer: > > Yes, the hop-by-hop mechanism will be a long-term solution we pursue, > > In the current stage where new and old devices are deployed together, > > we must first ensure that the tail-end node can properly > > decapsulate the IFIT shim header. Therefore, a solution for > > signaling the IFIT capability between the head-end > > and tail-end nodes is also necessary. > > > > 3) Next Hop Capability as a Optional Non-Transitive Path Attribute > > [Jeff Haas questions] > > https://mailarchive.ietf.org/arch/msg/idr/BBE3N6m4HX21euJyVvK6VVa2IZI/ > > > > The NextHop Capability leveraged in this draft as part of prior learnings > > has specified itself as an Optional, Non-Transitive Path Attribute. This > > means that behaviors can be enforced on a hop-by-hop basis. > > > > BGP Extended Communities are only scoped for as-transitive or not. > > > > It'd be useful for the authors to comment on what the expected behaviors for > > BGP speakers downstream of not the IFIT egress. Also, potentially outside > > of the IFIT domain. What are the Security Considerations for such > > additional propagation of these Extended Communities? > > > > I'm unclear whether the intent of the Extended Communities is whether they > > should ONLY be propagated with the NextHop Capability or not. > > > > > > > > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr > >
- Re: [Idr] Adoption call for draft-wang-idr-bgp-if… Susan Hares
- Re: [Idr] Adoption call for draft-wang-idr-bgp-if… Zhuangshunwan
- Re: [Idr] Adoption call for draft-wang-idr-bgp-if… Ketan Talaulikar
- Re: [Idr] Adoption call for draft-wang-idr-bgp-if… Zhuangshunwan
- Re: [Idr] Adoption call for draft-wang-idr-bgp-if… Zhuangshunwan
- Re: [Idr] Adoption call for draft-wang-idr-bgp-if… Ketan Talaulikar