[ippm] John Scudder's Discuss on draft-ietf-ippm-ioam-conf-state-07: (with DISCUSS and COMMENT)
John Scudder via Datatracker <noreply@ietf.org> Wed, 26 October 2022 20:34 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: ippm@ietf.org
Delivered-To: ippm@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AA3DC14F748; Wed, 26 Oct 2022 13:34:38 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: John Scudder via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-ippm-ioam-conf-state@ietf.org, ippm-chairs@ietf.org, ippm@ietf.org, marcus.ihlar@ericsson.com, marcus.ihlar@ericsson.com
X-Test-IDTracker: no
X-IETF-IDTracker: 8.19.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: John Scudder <jgs@juniper.net>
Message-ID: <166681647836.46740.1588555524214771641@ietfa.amsl.com>
Date: Wed, 26 Oct 2022 13:34:38 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/TJUOzGeOEKiFvjRGrojrifJ4TFQ>
Subject: [ippm] John Scudder's Discuss on draft-ietf-ippm-ioam-conf-state-07: (with DISCUSS and COMMENT)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.39
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Oct 2022 20:34:38 -0000
John Scudder has entered the following ballot position for draft-ietf-ippm-ioam-conf-state-07: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ippm-ioam-conf-state/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- ### Clarity about scope of the document As I understand it, this document isn't intended to be an implementable protocol specification on its own; rather, "specification details for these different echo request/reply protocols are outside the scope of this document". If this approach is to be followed there are some changes needed. Below I provide some suggested text -- please know that I'm just supplying this as a straw man to illustrate my thinking; while you're welcome to use the text I've provided, I don't necessarily expect that. The Abstract says that "This document describes an extension to the echo request/reply mechanisms". It does not. Here's an example of how it might be changed to be clearer. OLD: This document describes an extension to the echo request/reply mechanisms used in IPv6 (including Segment Routing with IPv6 data plane (SRv6)), MPLS (including Segment Routing with MPLS data plane (SR-MPLS)), Service Function Chain (SFC) and Bit Index Explicit Replication (BIER) environments, which can be used within the In situ Operations, Administration, and Maintenance (IOAM) domain, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and IOAM decapsulating node. NEW: There is a need to extend echo request/reply mechanisms used in IPv6 (including Segment Routing with IPv6 data plane (SRv6)), MPLS (including Segment Routing with MPLS data plane (SR-MPLS)), Service Function Chain (SFC) and Bit Index Explicit Replication (BIER) environments, for use within the In situ Operations, Administration, and Maintenance (IOAM) domain, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and IOAM decapsulating node. Although this document does not itself specify the necessary extensions, it specifies formats and objects that can be used in such specifications, and provides guidelines and requirements for their development. I think the Introduction also needs to be cleaned up. Saying that "specification details... are outside the scope" undersells the scope of what's needed. For example, maybe these changes would work in the Introduction: OLD: This document describes an extension to the echo request/reply mechanisms used in IPv6 (including SRv6), MPLS (including SR-MPLS), SFC and BIER environments, which can be used within the IOAM domain, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and IOAM decapsulating node. NEW: This document specifies formats and objects that can be used in the extension of echo request/reply mechanisms used in IPv6 (including SRv6), MPLS (including SR-MPLS), SFC and BIER environments, which can be used within the IOAM domain, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and IOAM decapsulating node. OLD: Note that specification details for these different echo request/ reply protocols are outside the scope of this document. It is expected that each such protocol extension would be specified by an RFC and jointly designed by the working group that develops or maintains the echo request/reply protocol and the IETF IP Performance Measurement (IPPM) Working Group. NEW: It is expected that the specification of the instantiation of each of these extensions will be done in the form of an RFC jointly designed by the working group that develops or maintains the echo request/reply protocol and the IETF IP Performance Measurement (IPPM) Working Group. ### Clarity of formats Because this document is specifying things (or trying to) in absence of any concrete instantiation, it's difficult for me to evaluate if the formats as specified are complete and unambiguous. For now I've left my detailed discussion of this in my COMMENT section, and am optimistic that we can sort it out. However, I'm putting a placeholder here in case that problem turns out to be thornier than hoped. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # John Scudder, RTG AD, comments for draft-ietf-ippm-ioam-conf-state-07 CC @jgscudder ## COMMENTS ### Section 1 ``` Fate sharing is a common requirement for all kinds of active OAM packets, echo request is among them, in this document that means echo request is required to traverse a path of IOAM data packet. This requirement can be achieved by, e.g., applying same explicit path or ECMP processing to both echo request and IOAM data packet. ``` Explicit path, yes, but it's known that you can't simply expect to "apply same ECMP processing" to two quite distinct packets, without carefully arranging for that to happen. If this is a requirement (and the paragraph says it is) then I think it's necessary to be clearer about how it's to be achieved. ### Section 3.1, Default-Namespace-ID ``` A list of IOAM Namespace-IDs (one or more Namespace-IDs) MUST be included in this container in the echo request, and if present, the Default-Namespace-ID 0x0000 MUST be placed at the begining of the list of IOAM Namespace-IDs. The IOAM encapsulating node requests only the enabled IOAM capabilities that match one of the Namespace-IDs. The Namespace-ID has the same definition as what's specified in Section 4.3 of [RFC9197]. ``` - You specify that if present 0x0000 must be placed at the beginning of the list. Is there any other sorting requirement on the list, or is that the only mandated ordering? - It wasn't clear to me from a quick perusal of RFC 9197 §4.3 whether a request carrying 0x0000 would elicit replies for all Namespace-IDs (since 0x0000 matches everything) or if it would elicit replies only for capabilities that have no configured non-default namespace, or are explicitly configured with namespace 0x0000. Can you either clarify this in the text, or if you think it's clear from the reference, help me understand what makes it clear? - If the first guess above is correct (0x0000 elicits replies for all Namespace-IDs) then it would seem that if the list contains 0x0000, it's pointless to include anything else in the list, and that might be worth pointing out in the text. - If the first guess above is correct, that would also prompt comments on the use of Namespace-ID field in Sections 3.2.x, but we can address that if needed. ### Section 3.1, container format, padding ``` The IOAM Capabilities Query Container has a container header that is used to identify the type and optionally length of the container payload, and the container payload (List of IOAM Namespace-IDs) is zero-padded to align to a 4-octet boundary. The length, structure, and definition of the IOAM Capabilities Query Container Header depends on the specific environment it is applied at. ``` I regret I'm not sufficiently familiar with all the different bearer protocols you're envisioning embedding this container in. So I'll just ask, - Why is the length of the payload said to be optional, when it's a (presumably variable-length) list? Does this relate to a bearer protocol where the length of the list is inferred some other way, or what? - The specification that the payload is zero-padded to 4-octet alignment carries some implications. Let's explore these with an example. Suppose we want to signal a single Namespace-ID, 0x0001. Then presumably the payload has to be 0x0001 0x0000, once the mandated pad bytes are added. Is the receiver supposed to know that it ignores the 0x0000 value (which is otherwise the Default-Namespace-ID) because it comes at the end of the list, not the beginning as the previous paragraph required? If so, this seems worth calling out. If not, how is the receiver supposed to know where payload ends and padding begins? ### Section 3.2, container format, padding Similar questions to those above apply to: ``` The IOAM Capabilities Response Container has a container header that is used to identify the type and optionally length of the container payload, and the container payload (List of IOAM Capabilities Objects) is zero-padded to align to a 4-octet boundary. ``` That is, considering you've disclaimed defining specifics about the semantics of the header, how is the recipient of one of these things supposed to know how to ignore the zero-padding? I do see that all the objects you've defined in this document are a multiple of four bytes long (if we assume their unspecified headers are a multiple of four byte long, that is!) so no padding would ever be required for a payload consisting only of these objects, and thus my question wouldn't apply. But if that's the answer to my question, then the final clause I quote above (about zero-padding) should just be removed. ### Section 3.2, object format, padding ``` Similar to the container, each object has an object header that is used to identify the type and length of the object payload, and the object payload is zero-padded to align to a 4-octet boundary. ``` Similar to the above, in some cases there will be a need to know how to separate payload from padding. In all the objects you defined in Sections 3.2.x this is unnecessary (*if* you assume the unspecified header is 4-octet aligned itself) since you've carefully specified them so that they don't require padding. It might be more straightforward to just mandate that future object specifications have a length that is a multiple of four octets, as all of your current ones do. That defers the question of what to do about variable payloads to the specification of the -- notional? -- object that has such a payload. ### Section 4 You talk about TTL in the first paragraph. Do you mean "TTL or Hop Limit"? ### Section 6, integrity protection You talk about integrity protection in passing. Let's assume a deployment hasn't enabled any kind of integrity protection. Have you done any analysis of what kind of mischief an attacker could cause by inserting incorrect capabilities in a forged response? ### Section 6, MBZ fields You suggest checking the must-be-zero reserved fields and reporting an exception if they aren't zero. Often, such reserved fields are expected to be extended in future, and indeed this is what you indicate in this spec too. I guess since the packets terminate at the recipient of the reply, it's not terribly harmful to police that these be zero, but it would likely create an awfully noisy set of exceptions in the case of a partially rolled-out extension. Is this really a good recommendation? The more usual practice is of the form "must be zero on Tx, must be ignored on Rx". ## Notes This review is in the ["IETF Comments" Markdown format][ICMF], You can use the [`ietf-comments` tool][ICT] to automatically convert this review into individual GitHub issues. [ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md [ICT]: https://github.com/mnot/ietf-comments
- [ippm] John Scudder's Discuss on draft-ietf-ippm-… John Scudder via Datatracker
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… xiao.min2
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… John Scudder
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… xiao.min2
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… John Scudder
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… xiao.min2
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… xiao.min2
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… xiao.min2
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… John Scudder
- Re: [ippm] John Scudder's Discuss on draft-ietf-i… xiao.min2