IETF Logo Mail Archive

Re: [Idr] WG Adoption call for drafts for Flow Specification option 1 (RFC5575 additions (filters/actions) 3/25 to 4/8/2016

"Smith, Donald" <Donald.Smith@CenturyLink.com> Thu, 28 April 2016 15:08 UTC

Return-Path: <Donald.Smith@CenturyLink.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 486CA12D7D1 for <idr@ietfa.amsl.com>; Thu, 28 Apr 2016 08:08:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.885
X-Spam-Level:
X-Spam-Status: No, score=-2.885 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.996, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wosB6KXb_wEV for <idr@ietfa.amsl.com>; Thu, 28 Apr 2016 08:08:48 -0700 (PDT)
Received: from lxomp52w.centurylink.com (lxomp52w.centurylink.com [155.70.50.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DBD812D1C0 for <idr@ietf.org>; Thu, 28 Apr 2016 08:08:48 -0700 (PDT)
Received: from lxdenvmpc030.qintra.com (emailout.qintra.com [10.1.51.30]) by lxomp52w.centurylink.com (8.14.8/8.14.8) with ESMTP id u3SF8kL8000707 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 28 Apr 2016 10:08:46 -0500
Received: from lxdenvmpc030.qintra.com (unknown [127.0.0.1]) by IMSA (Postfix) with ESMTP id 10B661E0072; Thu, 28 Apr 2016 09:08:41 -0600 (MDT)
Received: from lxdnp31k.corp.intranet (unknown [151.119.91.93]) by lxdenvmpc030.qintra.com (Postfix) with ESMTP id D89211E0035; Thu, 28 Apr 2016 09:08:40 -0600 (MDT)
Received: from lxdnp31k.corp.intranet (localhost [127.0.0.1]) by lxdnp31k.corp.intranet (8.14.8/8.14.8) with ESMTP id u3SF8emq029270; Thu, 28 Apr 2016 09:08:40 -0600
Received: from vddcwhubex501.ctl.intranet (vddcwhubex501.ctl.intranet [151.119.128.28]) by lxdnp31k.corp.intranet (8.14.8/8.14.8) with ESMTP id u3SF8etE029267 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 28 Apr 2016 09:08:40 -0600
Received: from PDDCWMBXEX503.ctl.intranet ([fe80::9033:ef22:df02:32a9]) by vddcwhubex501.ctl.intranet ([151.119.128.28]) with mapi id 14.03.0195.001; Thu, 28 Apr 2016 09:08:39 -0600
From: "Smith, Donald" <Donald.Smith@CenturyLink.com>
To: "Van De Velde, Gunter (Nokia - BE)" <gunter.van_de_velde@nokia.com>, Susan Hares <shares@ndzh.com>, "John G. Scudder" <jgs@bgp.nu>
Thread-Topic: [Idr] WG Adoption call for drafts for Flow Specification option 1 (RFC5575 additions (filters/actions) 3/25 to 4/8/2016
Thread-Index: AdGGpJY5wzIcQ0EdQtuQOi1AWSw1WgLemfcAAB1s1gAAAVOZgAA9Ul+AA3DDboAAA0DTLA==
Date: Thu, 28 Apr 2016 15:08:39 +0000
Message-ID: <68EFACB32CF4464298EA2779B058889D3B502D86@PDDCWMBXEX503.ctl.intranet>
References: <000401d186a5$38fac760$aaf05620$@ndzh.com> <57083BD6.6080001@gmail.com> <19AB2A007F56DB4E8257F949A2FB9858AA1AB2B5@NKGEML515-MBX.china.huawei.com> <1460210231546-5cb71f2a-fd36bd8c-21a19834@icloud.com> <00e001d1935c$ff88e150$fe9aa3f0$@ndzh.com>, <F9411783-1500-424E-A70E-50640164B06F@alcatel-lucent.com>
In-Reply-To: <F9411783-1500-424E-A70E-50640164B06F@alcatel-lucent.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [155.70.40.131]
Content-Type: multipart/alternative; boundary="_000_68EFACB32CF4464298EA2779B058889D3B502D86PDDCWMBXEX503ct_"
MIME-Version: 1.0
X-TM-AS-MML: disable
X-CFilter-Loop: Reflected
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/xu4ncM7DigK4RnJHs1lN7TC-3jE>
Cc: "idr@ietf.org" <idr@ietf.org>
Subject: Re: [Idr] WG Adoption call for drafts for Flow Specification option 1 (RFC5575 additions (filters/actions) 3/25 to 4/8/2016
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Apr 2016 15:08:51 -0000

Agreed, except data plane not service plane.



Well maybe both define service plane :)



I think service plane is data plane plus N(control plane) + M(mgmt. plane).

Where N and M are constant multipliers to show effect data could have on other planes.

Is that what you meant by service plane or am I totally off?



01100101000010|10011010111101?
Hint 7 bit ascii
Donald.Smith@centurylink.com<mailto:Donald.Smith@centurylink.com>
________________________________
From: Idr [idr-bounces@ietf.org] on behalf of Van De Velde, Gunter (Nokia - BE) [gunter.van_de_velde@nokia.com]
Sent: Thursday, April 28, 2016 1:31 AM
To: Susan Hares; John G. Scudder
Cc: idr@ietf.org
Subject: Re: [Idr] WG Adoption call for drafts for Flow Specification option 1 (RFC5575 additions (filters/actions) 3/25 to 4/8/2016

Hi John, Sue,

Its been a while since WG adoption call ended for a few Flowspec drafts. I want to touch base again on the status of this adoption call.


draft-vandevelde-idr-flowspec-path-redirect received a significant number of positive support feedback to support on the list and during the IDR WG meeting in Buenos Aires. The support was received from a very diverse set of contributors and affiliations. This work is timely and ready for adoption and covers DDoS redirection towards an appropriate service plane well.


Kind Regards,

G/


From: Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>> on behalf of Susan Hares <shares@ndzh.com<mailto:shares@ndzh.com>>
Date: Sunday 10 April 2016 at 21:12
To: 'Gunter Van De Velde' <guntervandeveldecc@icloud.com<mailto:guntervandeveldecc@icloud.com>>, 'Zhuangshunwan' <zhuangshunwan@huawei.com<mailto:zhuangshunwan@huawei.com>>
Cc: "idr@ietf.org<mailto:idr@ietf.org>" <idr@ietf.org<mailto:idr@ietf.org>>
Subject: Re: [Idr] WG Adoption call for drafts for Flow Specification option 1 (RFC5575 additions (filters/actions) 3/25 to 4/8/2016

Gunter and Shunwan:

Thank you for your input on this topic.   John and I receive a lot of input individually from 3/25 to 4/8, and began discussions with our AD (Alvaro).

John and I will discussing this adoption call during the upcoming week.  Any drafts that are adopted for the Flow Specification will be IDR Working Group (WG) Drafts.  As such, these drafts become the result of the consensus of the working group under the direction of the WG chairs.   WG drafts may be requested to be: a) merged with other WG drafts, b) split into 2+ drafts, or c) refined.

Cheerily,

Sue Hares

From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Gunter Van De Velde
Sent: Saturday, April 09, 2016 9:57 AM
To: Zhuangshunwan
Cc: idr@ietf.org<mailto:idr@ietf.org>
Subject: Re: [Idr] WG Adoption call for drafts for Flow Specification option 1 (RFC5575 additions (filters/actions) 3/25 to 4/8/2016


Dear Shunwan

With the adoption call ended, the IDR chairs can use the received input and combine it with draft submit timeline info (some work is as old as +7months). I personally do not see a need to merge as vandevelde-flowspec-idr-path-redirect covers already the goal effectively and afficiently

From the link you provided referencing a quote as old as September 2015!!!.. It is all still valid. One reserved bit was used to add SR binding index identifyer for segment routing use case way before even
draft-li-idr-flowspec-redirect-generalized-sid-00 existed...

***

From September 2015:

> Benefits:
>
> no need for signalling labels or extra encap in BGP
> Each path-id indexed LSP/tunnel table is a localised construct
> existing technology is used to construct the path-id indexed localised table
> Compatibility with technologies already using 32 or 128 bit identifiers for
> paths and sessions
> Easy for flow spec to signal as it introduces no need to signal labels etc¡­
> no conflicts with existing label exchange technologies

***

G/

Sent using CloudMagic Email<https://cloudmagic.com/k/d/mailapp?ct=pa&cv=8.3.8&pv=6.0.1&source=email_footer_2>

On Sat, Apr 09, 2016 at 10:19 AM, Zhuangshunwan <zhuangshunwan@huawei.com<mailto:zhuangshunwan@huawei.com>> wrote:
Hi Ignas and all,

Regarding draft-vandevelde-idr-flowspec-path-redirect & draft-li-idr-flowspec-redirect-generalized-sid-, here are the achieved discussion information about "Semantics Independent" Flowspec:
https://www.ietf.org/mail-archive/web/idr/current/msg15081.html


01) draft-vandevelde-idr-flowspec-path-redirect ever said that it planned to define ¡°Semantics Independent¡± action.
Per the comment information, draft-vandevelde-idr-flowspec-path-redirect-00 & draft-vandevelde-idr-flowspec-path-redirect-01 defined the "Semantics Independent" Flowspec Redirection:

https://www.ietf.org/archive/id/draft-vandevelde-idr-flowspec-path-redirect-01.txt
¡­
This document defines a new BGP extended community.
¡­
The 2-byte local administrator field is formatted as shown in Figure 1.
                      0                   1
                      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
                     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
                     |          Reserved       |TID|C|
                     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


02) draft-li-idr-flowspec-redirect-generalized-sid-00 defined a "Semantics Dependent¡± Flowspec Redirection:
https://datatracker.ietf.org/doc/draft-li-idr-flowspec-redirect-generalized-sid/
¡­
   This document defines the following Redirect to Generalized Segment
   ID Extended Community:


   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  | Type=TBD1     | Sub-Type=TBD2 | Flags(1 octet)| Segment Type  |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                  Generalized Segment ID                       |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
¡­


03) Now draft-vandevelde-idr-flowspec-path-redirect-02 introduces ¡°B¡± bit to map the value encoded in the global administrator field to a Binding Segment Identifier value:
https://www.ietf.org/archive/id/draft-vandevelde-idr-flowspec-path-redirect-02.txt
¡­
This document defines a new BGP extended community.
¡­
The 2-byte local administrator field is formatted as shown in Figure 1.

                      0                   1
                      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
                     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
                     |          Reserved     |B|TID|C|
                     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
¡­
   Bit 2 is defined to be the 'B' (Binding) bit.  When the 'B' bit is
   set, the value encoded in the global administrator field is a Binding
   Segment Identifier value the use of which is detailed in section 3.2.
¡­


Now draft-vandevelde also defines the "Semantics Dependent" Flowspec Redirection.
Should we combine the work of draft-vandevelde & draft-li ?


Thanks,
Shunwan


·¢¼þÈË: Idr [mailto:idr-bounces@ietf.org] ´ú±í Ignas Bagdonas
·¢ËÍʱ¼ä: 2016Äê4ÔÂ8ÈÕ 20:17
ÊÕ¼þÈË: idr@ietf.org<mailto:idr@ietf.org>
Ö÷Ìâ: Re: [Idr] WG Adoption call for drafts for Flow Specification option 1 (RFC5575 additions (filters/actions) 3/25 to 4/8/2016

I have read the drafts being polled.

For a group of drafts on redirect:


https://datatracker.ietf.org/doc/draft-vandevelde-idr-flowspec-path-redirect/
Support as being a good starting point.

https://datatracker.ietf.org/doc/draft-hao-idr-flowspec-redirect-tunnel/
Do not support. It is redundant.

https://datatracker.ietf.org/doc/draft-li-idr-flowspec-redirect-generalized-sid/
Do not support. It is redundant.

Draft-vandevelde can achieve all what draft-hao and draft-li can, and in a more flexible way. Having the ability to decouple redirection tunnel type from redirection action is both practical and extensible - the actual tunnel to be used is a local operational decision for each network element, it is not necessary signalled at the same time and by the same mechanism. Decoupling signalling and redirect parts aligns well to operational practices of using specific tools for specific tasks. Just that BGP could do that does not necesasry mean that it should be used as a best fit. From operational perspective there is no need to have multiple solutions that try to address the narrow problem space in similar yet incompatible ways. There should be one document for redirect, and draft-vandevelde is a good starting base for that.


For the match:

https://datatracker.ietf.org/doc/draft-litkowski-idr-flowspec-interfaceset/
Suport as a good starting point.

https://datatracker.ietf.org/doc/draft-eddy-idr-flowspec-packet-rate/
Support as a good starting point.

https://datatracker.ietf.org/doc/draft-hao-idr-flowspec-nvo3/
Support as a good starting point.

https://datatracker.ietf.org/doc/draft-liang-idr-bgp-flowspec-label/
Support as a good starting point.

https://datatracker.ietf.org/doc/draft-yong-idr-flowspec-mpls-match/
Support as a good starting point.



Ignas

On 25/03/2016 14:47, Susan Hares wrote:
IDR WG:

This begins a 2 week WG Call (3/25 to 4/8/2016) for the set of drafts to be considered in RFC5575 additions. These options are filters, actions or critical security additions.  The flow specification work has been a part of the interims since IETF 94
https://www.ietf.org/proceedings/interim/2016/02/08/idr/proceedings.html
https://www.ietf.org/proceedings/interim/2016/03/07/idr/proceedings.html

There will be a brief flow specification presentation at IETF 95, and the email list has select to start with option 1 ¨C extending RFC5575.  We also will be gathering details on the SDN/NFV use case for option 2 (new NLRI and Wide Communities support).

This is a group call for the drafts to be considered in the flow specification work.  For each of the drafts you wish to be considered Option 1, please indicate:


1)      If this option is valuable for the DDoS deployments or another critical deployments,

2)      Do you feel this draft is useful, but not ready for adoption,

3)      Do you feel this draft is a good start for this work.

The drafts to consider are:
https://datatracker.ietf.org/doc/draft-eddy-idr-flowspec-packet-rate/
https://datatracker.ietf.org/doc/draft-hao-idr-flowspec-nvo3/
https://datatracker.ietf.org/doc/draft-hao-idr-flowspec-redirect-tunnel/
https://datatracker.ietf.org/doc/draft-li-idr-flowspec-redirect-generalized-sid/
https://datatracker.ietf.org/doc/draft-liang-idr-bgp-flowspec-label/
https://datatracker.ietf.org/doc/draft-litkowski-idr-flowspec-interfaceset/
https://datatracker.ietf.org/doc/draft-vandevelde-idr-flowspec-path-redirect/
https://datatracker.ietf.org/doc/draft-yong-idr-flowspec-mpls-match/

And for the ordering of these filters and actions drafts ¨C the Option 1 section out of this
https://datatracker.ietf.org/doc/draft-hares-idr-flowspec-combo/
(A revised draft with just Option 1 will be posted)

Sue Hares and John Scudder






_______________________________________________

Idr mailing list

Idr@ietf.org<mailto:Idr@ietf.org>

https://www.ietf.org/mailman/listinfo/idr

This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.

v2.23.0 | Report a Bug | By Email