IETF Logo Mail Archive

Re: [ippm] John Scudder's Discuss on draft-ietf-ippm-stamp-srpm-13: (with DISCUSS and COMMENT)

John Scudder <jgs@juniper.net> Thu, 22 June 2023 20:36 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47101C14CE39; Thu, 22 Jun 2023 13:36:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b="K7SN7NMM"; dkim=pass (1024-bit key) header.d=juniper.net header.b="f46E3bFa"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jIfrnWCIHjPg; Thu, 22 Jun 2023 13:36:47 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7940AC14F73E; Thu, 22 Jun 2023 13:36:47 -0700 (PDT)
Received: from pps.filterd (m0108161.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 35MK0rNq014033; Thu, 22 Jun 2023 13:36:46 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=2w8twmKI9glBCUEw/uBXYcBeuE+uWuMYzyrUMSuSL5c=; b=K7SN7NMMwNlR/omo3OXO+B5YAXXhvciwbbTWlyz87Qqx0J4D6E43VEZHyf4FifFnLmoa aWgqJJBIZDQS1YZoNoAZE3I9tJskHTnYFFv22z43hRozAk99TN8vPLUhGoO3bvvqd4sE KGb2pE+CuRL68F0BKfBjUXa8DvPkpgds6ICdLYWteNLs7vqJf1s5l6Li8PsEpQ5aGu2P AmrrWfYs44MYnvA+A2dvLsCmfVoEv4LbeU+YCHleCRCzVlqmKk6LFE+37o6ut5Dn4bHD Mq8rVDGwrdQX8hdy11lK1c45NKNLHTidsiS++eGqpR4IgHiGSETrU9Prauu5SCULVICl 3g==
Received: from cy4pr02cu007.outbound.protection.outlook.com (mail-westcentralusazlp17011010.outbound.protection.outlook.com [40.93.6.10]) by mx0b-00273201.pphosted.com (PPS) with ESMTPS id 3rc7phkds5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 22 Jun 2023 13:36:46 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gmVX0QFuVsDJKnDloO10ZmBYFqATQMl1VEAfudyROnSyaFaVCgVi6QTADRAZPKlx3OU9JQwm6kwbati77XLShhdHwBpFE7635nW4ideQqlC/c1b0BY6jWUEvabqTlBYsuATenM7wamOPhoDEj5LCWzaOy5Xra8kOoMtzi+APCv6y1QxLmkVR1k4al9DCmUcCx7qGLWJEHs2iGlyMfK0fZe4Qaz7mHiD0x/5u38rwTQ7RkiMa0hokNjtSWlMwRN/qkGThMH1tGbc9ntK5hXbrrDE7QQJzV32hQv8doiJD/UGyWFC8oys0rm+48oS4517wjbagr9U9CJfsRDs6j3oQIA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2w8twmKI9glBCUEw/uBXYcBeuE+uWuMYzyrUMSuSL5c=; b=Tp4q6T9Siei0hfmz/5ybwaiJSSgFjfXD5sTr0iCqCkv2l4PunkE1N1Wv5dqAw/aRJvWtmtNOMhA4ce7jsqt8UF8c80RFsHmqa4a+HVhMj9/jC6krjv36l053aotuTQwlYxHxjlTf1gIu9n/At/pHVoj7qnbMV/vD20wd6Dx6zunHqqNRFah6vpN12u8M/YUtzoxlGITdGCG3gI6VVSXFvt5PsB+6Gtz4rM/P2UChIafnC3sz0wJEprs1fNTgZaVizYGsr3ToQvSxqtdB6XrT/b1oVK1VuLP99erZoFSHO0ZNWkcoigkRCT6Dm24tcdJTJRQY/Gcp+u85pmXk0qP8Sw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2w8twmKI9glBCUEw/uBXYcBeuE+uWuMYzyrUMSuSL5c=; b=f46E3bFamRNp3wR60sItCazc5gOOnt0KhH8gBFjpnBi56PdDkfJsPMSZ4FdDLgNTNB9CQamRKzfaLgCP2AhiB4onkAN2muz87dLK6W4KQf/Wx5wZzn3OXzbAyVCNPI/jvNTB2gczuNRdtarWx/XJqBlPPItqqeUZxZCQMNMXt4g=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by DM4PR05MB9133.namprd05.prod.outlook.com (2603:10b6:8:bf::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6521.24; Thu, 22 Jun 2023 20:36:42 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::9ab0:387b:409:ee41]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::9ab0:387b:409:ee41%7]) with mapi id 15.20.6521.023; Thu, 22 Jun 2023 20:36:42 +0000
From: John Scudder <jgs@juniper.net>
To: Rakesh Gandhi <rgandhi.ietf@gmail.com>
CC: The IESG <iesg@ietf.org>, "ippm-chairs@ietf.org" <ippm-chairs@ietf.org>, "draft-ietf-ippm-stamp-srpm@ietf.org" <draft-ietf-ippm-stamp-srpm@ietf.org>, "ippm@ietf.org" <ippm@ietf.org>
Thread-Topic: [ippm] John Scudder's Discuss on draft-ietf-ippm-stamp-srpm-13: (with DISCUSS and COMMENT)
Thread-Index: AQHZo9/eD/LnJ28n8kG6Glb2TF9quq+V9mIAgAEg5gCAABMigIAAIFaA
Date: Thu, 22 Jun 2023 20:36:42 +0000
Message-ID: <D9A6A862-61BF-431C-B88E-CA754B681CDE@juniper.net>
References: <168731098270.37773.17145318293014669303@ietfa.amsl.com> <CAMZsk6f5Vzt-z5R3yEJm33QbusS56J+LWPf-SHLVCUheqpPGxA@mail.gmail.com> <B8F8ADD5-5EE2-4EE0-8199-E33E545CB350@juniper.net> <CAMZsk6dKAsKDRSwbbMsA9AYQ8YZ7APCkd_du4s38+5MgzVMD_A@mail.gmail.com>
In-Reply-To: <CAMZsk6dKAsKDRSwbbMsA9AYQ8YZ7APCkd_du4s38+5MgzVMD_A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3696.120.41.1.3)
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR05MB6109:EE_|DM4PR05MB9133:EE_
x-ms-office365-filtering-correlation-id: 5a5c6462-94b3-4a83-3dfe-08db7360632c
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: rhw/448+4UvUlRjLEDDEliNkhueqR8wkdWrXBBhSKnDUQ8p5ab3uA60bGhdud9NT7sdm4yZMiLXa53Z9b7kY1XmQqrdl3PVcIBa83AnPvoUS/CqjI9yMwBJGmQEzmBJl9WJcF5MFQTVQk6k5xyRRX5ySoxQkRuB6Ny8CaDOcjF0m2cbFzRpW12CwxBfGqYJTFHNqFbWYMS/AnLQVt2LeBOp6rqU5QtrYVQlY4j/mwmZymmfZ8ifjflYOCUkyXVscApzePkiMGr8dxzI1mCX594ATKOz0PzsZOUL39/QCQp+tY+Xf2E7B9GfUuVDiECOwxAUL2tkzM3GUOtnei/D7jCmEPyllbPLbyzTJ9DF0A8Sh9zO2JYsn6LK5KEDF8L7L0iM24hQIQuC5zvunphuijm7SxRTaPoHbvN10VqVXBfM0BZLI4T4rUpaAjW4YBUcp8PJGl2XRDrcM2gKc8Ts0K6q6QDNB0NMvu9tG91Xit8hBaxUCbus38ALtSuXleR2qhrqRbWADvVY13VEgruDpXMN3nVCA2rFG6LvZsKTrfpbw5Y5+lEj8zP2Pl77j2SPgVt0mgB3I6GN3T2H/ucaJX0srYHoTYvIcgF09DLD8CjjG3DHNBPty1mT06IK2IC4Yq2EydCS8isaxMSptCpW8r9lW9EqzPKBO1RqucDfmIz9F6WSdtp4ip1/XsPQjoVj39SNeO+DmhmzWeBltDNef3g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(39860400002)(136003)(366004)(346002)(396003)(376002)(451199021)(8936002)(186003)(8676002)(41300700001)(53546011)(6506007)(2906002)(26005)(6512007)(38070700005)(54906003)(76116006)(66476007)(64756008)(86362001)(6916009)(66556008)(66446008)(4326008)(316002)(91956017)(66946007)(33656002)(6486002)(38100700002)(122000001)(478600001)(71200400001)(83380400001)(36756003)(2616005)(5660300002)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 5AKXZ2gMg9MfDUJqICCNNnz1XqgskYk6OLs/Xp15RWAOlXvQLoYcWY12W8V5p3ntUjchhbGvm843DCZTztYW2ZQ2sGSNRPxQUi+zY/ihjXgvZoMGWz/GySu+gbzCYDlxBSNtpE0zloHqqVLDGY0R/WPYEAIkCQN63pNYPo17g9aRQg95Mkv8ZcjlE+QdhV/hcd00bN/3l6NTR3Uq301CGxYrrDqAtXBUmlWIowJ/+00tNO4g4yqUUZAkELur440iX5G6HGecYQwkugDinnIxDEdF9rUuEzwFM34bvpSJlxyGG02bXebzyNJ2DvEc2njOSzMpxTlSk+6U9xZJAX01Cw/NgRThaf7+L39i94ugnRh+sSta0smto8H6C+7YWY6++qB4Q4wcqaJyz32VwjA0B+wL2omUiaFS0dI2e5f/f7OBkKJQ08AgTsqWjjqyBrKZywrvqdMmhCqYbDDaibCK5HQlhPI16tmTIojRa/mfT7s1Kyouv9iu1khS3vYtUiQVYqvDfOM8dF+PKC5nE+BKnysKVPeyhqPLkrpIqsUU8ZteGI2+qS9PiW8DJRVAUbBQs6TCpch2OC79+FLyH6r05sEC5C5M4UYEEqO2ONsHKOMmiqk+u2QnzwHt0iuiH2i06E+7lbzy6H8C87omWcMpLjWTD03LKDlL22csUgfdZ9/N/eKrs9eQOvP0VPz3jOIppHKmqaGCT3XeU0WfmOcleygJ6TssXjb8K693WPHehkPwuocBnTSeY2U+nniOUSSGDC0aU2U9gmpLlcD4htvPgYLtIGESZ8NZuCGqp+1/pqghVeZ007zIlZ/LFqyuCbRUjugLVWm28e+OkguIBDSITJVQIK59ZlN+EuqyRvEDQTtlf0o3yM159r+uG/bD8lloD59YMe0pn2d5hs7U4tnjYZey5ak2N2LS3XLiQlWc6VK0fxrI37Z2IlsQKjl+XaQe14+Op4nDUzTrLAmQLpHd7biO+dC3Tri52FCzULUrxNNYQocXeaszfsnk05ioL29KAZcUfgil1Wm5A6Q1TbtP7dRRNNPsNGqU7DJr54KjkucFYmzNn1L67uWaAwnFZEacP6XfFiSvMtjdTanUVhn8ZX96cnXzkIgiaRREnHxPBzwn7q5x/UyTLzFP8WNoQclPhhU813BrmdJBMjNQseWv/56Uoh0WIlEgJX3uzaiPOG24nTLCR+AeqnsWm27o8sSwjqLUJZCEO/KI6oQq7GwnMWyjd24qrmmSYUPWAWYTeVkwpC2jNRD/gC8OZu3ZG4sQOM6fI+R3W4lNtX3l0YfDqnvkOSyOin6mtsWKVA2kiiz53wuKnocfcoc6PwTNjURD013y62Vt7V2xDxbtjTBy/8wDbCaAtoq/Foxuc88VSRwbuS5h3JDwO072jhnT9yOdCqcB/sgpeNsTmoRtalHZoPYqGNOu7/MKkFxeQjw5lzDmSiF+Ozn0/ojWY5GftZRYqRr4s70LzhihZa43Ygxo6uYJas6pGiLNY3fG+h3zneScqzDy8oLFAovSow9wx8WxllqPGrI4PHlRpAltc1dCjwj2gTpQLQ74O0akZMvgAf8cB3KTlGKCtJX9AoBoMwqH
Content-Type: text/plain; charset="utf-8"
Content-ID: <4BE330FD93EDB24F8268891C9C5B90E7@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5a5c6462-94b3-4a83-3dfe-08db7360632c
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jun 2023 20:36:42.0679 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: BZIakn+b6TBwDs9z9CN+IkE16dCCgamUB5vYI9cMtf5/s+O5Xjk0h9C4k5d/oNXX
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR05MB9133
X-Proofpoint-ORIG-GUID: dJdWCjnunFuO4INTY8G4sqFgy5eqNOBY
X-Proofpoint-GUID: dJdWCjnunFuO4INTY8G4sqFgy5eqNOBY
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-06-22_15,2023-06-22_02,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 suspectscore=0 bulkscore=0 impostorscore=0 lowpriorityscore=0 adultscore=0 phishscore=0 mlxscore=0 malwarescore=0 spamscore=0 priorityscore=1501 clxscore=1015 mlxlogscore=889 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2305260000 definitions=main-2306220176
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/0WhOgyk3JDiZx39lSxvSSBFhQ9c>
Subject: Re: [ippm] John Scudder's Discuss on draft-ietf-ippm-stamp-srpm-13: (with DISCUSS and COMMENT)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jun 2023 20:36:51 -0000

[snipped extraneous stuff]

> On Jun 22, 2023, at 2:40 PM, Rakesh Gandhi <rgandhi.ietf@gmail.com> wrote:
> 
> <RG> In the example, the DA in the STAMP Session-Sender test packet IPv4 header (127.0.0.1) does not match the address of the Session-Reflector which is 1.1.1.2.

We seem to be talking across each other. I guess maybe I am misunderstanding what you mean by “the Session-Reflector”. Surely, “the Session-Reflector” must mean a node functioning as a Session-Reflector? This is strongly implied by the name of the TLV, “Destination _Node_ Address” (emphasis added). To repeat, any given IP node has many addresses (well, at least two, of which loopback will be one). So it doesn’t make sense to talk about “the” (singular) “address of the Session-Reflector”, and 127.0.0.1 most certainly is one address of the Session-Reflector node. Indeed, if it weren’t an address of every Session-Reflector node, the problem you illustrate wouldn’t exist.

(In a previous version of this reply I went through a hair-splitting exercise where I tried to entertain the idea that “the Session-Reflector” means “a process on the node, which is bound to one and only one address” but that’s not a readily-supported interpretation, and it led me to a long and tortured chain of reasoning… which ended up at the same conclusion anyway.)

If this is still unclear, it might be beneficial for us to schedule a short call to discuss further. But perhaps my OLD/NEW text below will help.

> <RG> In the following example (without Destination Address TLV), if LSP or forwarding path is broken, the STAMP packet may be punted on an unintended Reflector node (let's say 1.1.1.9) and it will send a reply STAMP test packet. Such errors can not be easily detected. 
> 
> MPLS Header
>      Label: 16001
>      Label: 16002 [EOS]
> IPv4 Header
>      SA: 1.1.1.1
>      DA: 127.0.0.1
> UDP header
> STAMP PAYLOAD

Yes, I understand that. My point, again, is that your words say that 127.0.0.1 is not an address of the node. It ABSOLUTELY IS an address of essentially every IPv4 node in the universe.

> <RG> Destination Address TLV carrying the intended Session-Reflector address of 1.1.1.2 helps detect this error. Using 1.1.1.2 then as the SA of the reply test packet is also good (instead of 127.0.0.1).

I get that, too.

> <RG> Does this use-case help? Will reply to the other comments below once we progress the above comment.

I guess I will just jump ahead and outline some text that I *think* is right and that would address my concern.

OLD:
   The Session-Sender may need to transmit test packets to the Session-
   Reflector with a destination address that is not matching the address
   of the Session-Reflector e.g. when the STAMP test packet is
   encapsulated by a tunneling protocol.  Examples are, STAMP test
   packets encapsulated with an SR-MPLS Segment List and IPv4 header
   containing destination IPv4 address from 127/8 range or STAMP test
   packets encapsulated with outer IPv6 header and Segment Routing
   Header (SRH) with inner IPv6 header containing IPv6 destination IPv6
   address ::1/128.

   In an ECMP environment, the hashing function in forwarding may decide
   the outgoing path using the source address, destination address, UDP
   ports, IPv6 flow-label, etc. from the packet.  Hence for IPv4, for
   example, different values of IPv4 destination address from 127/8
   range may be used in the IPv4 header of the STAMP test packets to
   measure different ECMP paths.  For IPv6, for example, different
   values of flow-label may be used in the IPv6 header of the STAMP test
   packets to measure different ECMP paths.  In those cases, the STAMP
   test packets may reach the node that is not the Session-Reflector for
   this STAMP session in an error condition, and an un-intended node may
   transmit reply test packet that can result in reporting of invalid
   measurement metrics.

NEW:
   The Session-Sender may need to transmit test packets to the Session-
   Reflector with a destination address that is not a routable (i.e.,
   suitable for use as the Source Address of the reply test packet)
   address of the Session-Reflector. This can be facilitated, for example,
   by encapsulating the STAMP packet by a tunneling protocol, see <xref>
   for a worked example.

Then, if you wish, take the use case text I removed in my NEW version and use it as the basis of a Section 3.1 or Appendix A (the target of the xref I stubbed in above).

It seems to me the following would be a good change as well:

OLD:
   The Destination Node Address TLV indicates an address of the intended
   Session-Reflector node of the test packet.  The Destination Node
   Address is also used to uniquely identify the STAMP session on the
   Session-Reflector when the optional SSID is not sent.  If the
   received Destination Node Address is one of the addresses of the
   Session-Reflector, it SHOULD be used as the Source Address in the IP
   header of the reply test packet.

NEW:
   The Destination Node Address TLV indicates an address of the intended
   Session-Reflector node of the test packet.  If the received
   Destination Node Address is one of the addresses of the
   Session-Reflector, it SHOULD be used as the Source Address in the IP
   header of the reply test packet.

   If the Destination Node Address TLV is sent, the SSID TLV MUST also
   be sent. 

This lets you get rid of the “is also used to” which muddies the water. I don’t insist on this, it’s just a suggestion, the old way isn’t broken, just weird (to me).

—John

v2.23.0 | Report a Bug | By Email