IETF Logo Mail Archive

Re: [ippm] Review on draft-ietf-ippm-ioam-data-06

"Frank Brockners (fbrockne)" <fbrockne@cisco.com> Mon, 02 September 2019 08:20 UTC

Return-Path: <fbrockne@cisco.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D2DB120113; Mon, 2 Sep 2019 01:20:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=bm0vss2j; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=QHpihvwy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H9hba2f_v9Co; Mon, 2 Sep 2019 01:20:14 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07AA1120112; Mon, 2 Sep 2019 01:20:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=73892; q=dns/txt; s=iport; t=1567412414; x=1568622014; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=7+x/jSibMjj9Ke+OSxqLngORZL0k4AkIek7dRJ+JgJw=; b=bm0vss2jBL+hHzcSeOOBu9WTV6/qKcq0/oZqhrdi7SK7dhsSUSLzx6/k v4k45XcUrf5NEEijHQ5W3Z93bPGDp/8+S9RsWaeHNqd+TeCwgZgtpAKnp /XXozt2M2RqwIiXUESG1ufsnMtoQsS9Tb13friiFiZC2q4l4U3wOkTR3F s=;
IronPort-PHdr: 9a23:g3pw6xQBseY6kfBDeOqI4O7eeNpsv++ubAcI9poqja5Pea2//pPkeVbS/uhpkESXBNfA8/wRje3QvuigQmEG7Zub+FE6OJ1XH15g640NmhA4RsuMCEn1NvnvOiIwBsNJV1lo13q6KkNSXs35Yg6arw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CCAADNz2xd/5NdJa1iAw4LAQEBAQEBAQEBAQEBBwEBAQEBAYFngRYBLlADbVYgBAsqCoQXg0cDinSCXIlhiS+EXIFCgRADUAQJAQEBDAEBGAEKCgIBAYEqAYMUAheCUCM4EwIDCAEBBAEBAQIBBgRthS4MhUoBAQEEAQEQCAkdAQElBwsBDwIBBgIRBAEBKAMCAgIfBgsUCQgCBAENBQgGDQeDAYFqAx0BAgyPNpBhAoE4iGFzgTKCfAEBBYEyARNBgw8NC4IPBwMGgTSFAGCGGBiBQD+BEUaCTD6CGkcBAQIBAYEqARIBBxoVCgwagkQygiaMLBIOBIIpM4UeJGuIAI1XLUAKgh+DOIM7hQmEY4QXgjOHNoQdimCNdod1ggOOUQIEAgQFAg4BAQWBZyFncXAVO4JsgkKDcoUUhQQ7cwGBKIwwgSIBgSIBAQ
X-IronPort-AV: E=Sophos;i="5.64,457,1559520000"; d="scan'208,217";a="318406253"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 02 Sep 2019 08:20:12 +0000
Received: from XCH-ALN-013.cisco.com (xch-aln-013.cisco.com [173.36.7.23]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id x828KCtm018970 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 2 Sep 2019 08:20:12 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-ALN-013.cisco.com (173.36.7.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 2 Sep 2019 03:20:11 -0500
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 2 Sep 2019 04:19:28 -0400
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 2 Sep 2019 04:19:28 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=D1kYTVEV/hvYPZPS0eG+uGJUvneuRPHIBgFMV+/LI5x000yV7QruzfMNbquzni78HRVCvDPhTGBSCX0Vq67aCnXA61qxNC6skD98jtEn//qS0133ZLKxIABHndMOiDLrOmQPvxjcyq1y+JbhFXi+RP1s09qAOAFa2LoJ+BaqaeCec6iYJglUCrwp2E/BVtR9aUSXwaUeKnO+DzM5uMtTGzw3HTNOzE2CaPpMeIkzlvPeFAHFyuyeznxk7SJXPcMgo8QWuviXrOf1MDzTjxhKJqnM/3lr8QHAgPO3UVKgPB1tBAmPlHYb/bYo+LluKZ8EBkBWTzH95HhlDgyeFk1vNw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EH4yaNCARH2DQQwEYeHiORz9mHsm+Wt0aoxn2sXcaDY=; b=Z6TCvIR3fA3QJbWqwTlbfVTuWX91F77+hOzK3dGwtASRbSCgZQlkVTOvwEo8JZPVY+SLdkRyO6f/MJyD+lsVa6WWSeG0HYEPf2giS274L/EXd54JbDP81T/lSMbsLEg7jWXtql8yfxr841T1Ce2XjM66fWwbT87bV/RxWnsn7E/kukbRP+iY70995tbCvdamWEXe8iYl8QcFP3EqLAGqY1DztramaaTfW058XKIqnjIre6VKCzOkCI1Ce0ylap0zXgHyvpKdCEAYIA+JB7xiI2QVJ6Jo15HaK+iIRmUHJcrpPrPm/pJ4Ogwo8LbIHubcs11tFH72WKCO8j2PBI3x/w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EH4yaNCARH2DQQwEYeHiORz9mHsm+Wt0aoxn2sXcaDY=; b=QHpihvwysPYAHtaaHkbUrHxyt6vxlYJCQAkZ7qLc9SLbxYgscrhci1xr/a4A26uedx4Yo01cyWka7PEmJVvLBfXhh/duOfI6G7wTOdidx9pVWY2IqKl+JavSind+Bsh1nIoEW4zc7vCvsffPsYjouwP+glPtFdp1hk+SgzSR6Ps=
Received: from BYAPR11MB2584.namprd11.prod.outlook.com (52.135.227.17) by BYAPR11MB2597.namprd11.prod.outlook.com (52.135.224.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2220.18; Mon, 2 Sep 2019 08:19:26 +0000
Received: from BYAPR11MB2584.namprd11.prod.outlook.com ([fe80::25de:367f:e998:3f7b]) by BYAPR11MB2584.namprd11.prod.outlook.com ([fe80::25de:367f:e998:3f7b%7]) with mapi id 15.20.2220.021; Mon, 2 Sep 2019 08:19:26 +0000
From: "Frank Brockners (fbrockne)" <fbrockne@cisco.com>
To: Anoop Ghanwani <anoop@alumni.duke.edu>, "vijayr@arista.com" <vijayr@arista.com>
CC: "draft-ietf-ippm-ioam-data@ietf.org" <draft-ietf-ippm-ioam-data@ietf.org>, IETF IPPM WG <ippm@ietf.org>, Hugh Holbrook <holbrook@arista.com>, "OU, Heidi" <heidi.ou@alibaba-inc.com>, Surendra Anubolu <surendra.anubolu@broadcom.com>, "bew.stds@gmail.com" <bew.stds@gmail.com>
Thread-Topic: [ippm] Review on draft-ietf-ippm-ioam-data-06
Thread-Index: AQHVV8dS34Exp+d4BkCfNYtowmd7YqcFZ5UAgAARogCAAaIjAIAABWgAgAAZzwCAAhLCgIAO0CTg
Date: Mon, 02 Sep 2019 08:19:26 +0000
Message-ID: <BYAPR11MB258474DCACF2AD680202CAA2DABE0@BYAPR11MB2584.namprd11.prod.outlook.com>
References: <B5A76AB5-AE39-4771-9472-38454CF52152@broadcom.com> <CAGn858RE4p8gez+b0=9PSsZQ=Y1uZANno5V7tqSo=cuqY7AJLA@mail.gmail.com> <BD32CF3D-C6F3-4CF6-A618-C41ED0C4D1CB@cisco.com> <CAGn858SLr4vix18=09gXgsN-VOspBL=qZ2-q6dWyF5b3ASgCYA@mail.gmail.com> <BYAPR11MB25845CFB28F096937486F8D7DAA50@BYAPR11MB2584.namprd11.prod.outlook.com> <CAGn858QOPgXb=-WgWhXETKgEw5v1soo=JsDB+LemOr7G6DKB1A@mail.gmail.com> <CA+-tSzxvTjEkjyKJsFtUDV8+PACoV+NO2odV0UbOQNUqo67LGw@mail.gmail.com>
In-Reply-To: <CA+-tSzxvTjEkjyKJsFtUDV8+PACoV+NO2odV0UbOQNUqo67LGw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=fbrockne@cisco.com;
x-originating-ip: [173.38.220.47]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9c1f1ea4-003c-4654-264f-08d72f7e451c
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(1401327)(2017052603328)(49563074)(7193020); SRVR:BYAPR11MB2597;
x-ms-traffictypediagnostic: BYAPR11MB2597:
x-ms-exchange-purlcount: 7
x-microsoft-antispam-prvs: <BYAPR11MB25977C2C86D2E1A424828B3EDABE0@BYAPR11MB2597.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01480965DA
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(396003)(376002)(136003)(39860400002)(366004)(189003)(53754006)(199004)(5660300002)(561944003)(8676002)(102836004)(6246003)(53546011)(6506007)(55016002)(6306002)(26005)(54896002)(4326008)(53936002)(229853002)(86362001)(6436002)(3846002)(76176011)(186003)(790700001)(478600001)(6116002)(2171002)(606006)(9686003)(236005)(99936001)(440504004)(517774005)(966005)(14454004)(66066001)(256004)(486006)(5070765005)(54906003)(52536014)(66946007)(14444005)(110136005)(99286004)(2906002)(74316002)(446003)(11346002)(25786009)(316002)(476003)(8936002)(76116006)(9326002)(7736002)(2501003)(71200400001)(71190400001)(7696005)(64756008)(66446008)(66616009)(66476007)(66556008)(5024004)(33656002)(81166006)(81156014)(87000200001); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR11MB2597; H:BYAPR11MB2584.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: XKn4LWO3BCyTHpbNAoLbqnkpfPTsqQdLwTK3TkzTXXd7V/U0XVop2R31KgFqAvM5gm5ARUt77s9BFg9bLR2CxwyPNFjwM+rkxQGLH33xFeFDCPYbBYnL1Ak7u7IQgyKVgBwk8s4YuQx0OgCRwomQBl4nk0Iefb1npJWCYKLKvMFn09CJEsfEeo+Kgoa9noJSmrqjD5wg3fl0MuxaKXtnrin9j5VyQSQc1FjYyGcs3jnGy7s27hj3g+EkLFC+jo1DAkOdWXpfYQERE+LN5Bj3dB07WOP6yrUvU1sOnPLtvdunJqdLUWkmlt4ki/f3mK/M5BY0ZZy1wAZyGoHdB8k3dTgZ5eHfwK2WFixvF3q5GaHAgG+IpY3tOq/IUyfmoTUBybyTdRyvnBeG672g12nzUZVG0GfiJD2GnXspX47vqRU=
x-ms-exchange-transport-forked: True
Content-Type: multipart/mixed; boundary="_004_BYAPR11MB258474DCACF2AD680202CAA2DABE0BYAPR11MB2584namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 9c1f1ea4-003c-4654-264f-08d72f7e451c
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Sep 2019 08:19:26.5783 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 3yW3hSuISQUT4oZXNNOSAqf/TEtfxavIeSGZlRfQIeUoCCLt98LwdJGL3vrBvLg2sa6kydOyWDPeFRXl0YVtPQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB2597
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.23, xch-aln-013.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/YyFs5ch-SbmadBDJNH2RXlAmmMs>
Subject: Re: [ippm] Review on draft-ietf-ippm-ioam-data-06
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Sep 2019 08:20:19 -0000

Hi Anoop,

WRT/ the use of GRE encap: There was an earlier discussion among authors and interested parties which I’m attaching here.
This discussion is also captured in the open issue #128: https://github.com/inband-oam/ietf/issues/128

Frank

From: Anoop Ghanwani <anoop@alumni.duke.edu>
Sent: Samstag, 24. August 2019 00:02
To: vijayr@arista.com
Cc: Frank Brockners (fbrockne) <fbrockne@cisco.com>; draft-ietf-ippm-ioam-data@ietf.org; IETF IPPM WG <ippm@ietf.org>; Hugh Holbrook <holbrook@arista.com>; OU, Heidi <heidi.ou@alibaba-inc.com>; Surendra Anubolu <surendra.anubolu@broadcom.com>
Subject: Re: [ippm] Review on draft-ietf-ippm-ioam-data-06

Hi Frank,

As with Vijay, I am also interested in understanding the use of GRE for in-sequencing OAM.  Do we end up needing an Ethertype for TCP/UDP?

Thanks,
Anoop

On Thu, Aug 22, 2019 at 10:06 AM Vijay Rangarajan <vijayr=40arista.com@dmarc.ietf.org<mailto:40arista.com@dmarc.ietf.org>> wrote:
Hi Frank:
Thanks, I knew I was missing something.
So basically what you are saying is - let's say we have a UDP packet, we are just going to stick in the GRE header and IOAM Header and Metadata in-between the original IP and UDP headers?

So, the next protocol in the IOAM Header should indicate the L4 protocol - i.e UDP/TCP?
Looking at https://datatracker.ietf.org/doc/draft-weis-ippm-ioam-eth/, it actually defines the "Next protocol" in the IOAM header to be an ethertype value?

Thanks,
Vijay


On Thu, Aug 22, 2019 at 6:22 PM Frank Brockners (fbrockne) <fbrockne@cisco.com<mailto:fbrockne@cisco.com>> wrote:
Hi Vijay,

note that you don’t necessarily need to “tunnel” – you can just use the GRE header to sequence-in IOAM.

Cheers, Frank

From: Vijay Rangarajan <vijayr@arista.com<mailto:vijayr@arista.com>>
Sent: Donnerstag, 22. August 2019 05:31
To: Carlos Pignataro (cpignata) <cpignata@cisco.com<mailto:cpignata@cisco..com>>
Cc: Jai Kumar <jai.kumar@broadcom.com<mailto:jai.kumar@broadcom.com>>; draft-ietf-ippm-ioam-data@ietf.org<mailto:draft-ietf-ippm-ioam-data@ietf.org>; IETF IPPM WG <ippm@ietf.org<mailto:ippm@ietf.org>>; Frank Brockners (fbrockne) <fbrockne@cisco.com<mailto:fbrockne@cisco.com>>; Hugh Holbrook <holbrook@arista.com<mailto:holbrook@arista.com>>; Anoop Ghanwani <Anoop.Ghanwani@dell.com<mailto:Anoop.Ghanwani@dell.com>>; OU, Heidi <heidi.ou@alibaba-inc..com<mailto:heidi.ou@alibaba-inc.com>>; Surendra Anubolu <surendra.anubolu@broadcom.com<mailto:surendra.anubolu@broadcom.com>>; John Lemon <john.lemon@broadcom.com<mailto:john.lemon@broadcom.com>>
Subject: Re: [ippm] Review on draft-ietf-ippm-ioam-data-06

Thanks Carlos, for pointing me to the draft.

Based on my understanding of the two drafts I have the following questions and concerns:

  1.  If I understand correctly, to deploy inband telemetry, we would need to construct GRE tunnels coinciding with the IOAM domain?
  2.  GRE typically requires configuration to provision the tunnels. Provisioning and managing these tunnels and keeping these updated as the network grows/shrinks could be a significant overhead.
  3.  In order to get the benefit of telemetry, we are imposing a change in forwarding protocol/topology and configuration - which, I feel is not desirable. For example, a customer might have basic L3 routing enabled and the expectation would be for inband telemetry to work seamlessly, without having to revamp the network with GRE tunnels and such. This could be a significant barrier to deployment.
  4.  If sampling is used to select packets for performing IOAM encap, is the expectation that only sampled IOAM packets go through GRE encap? Or all data packets?
  5.  Due to network nodes inserting the IOAM data, the inner L3/L4 headers keep getting pushed deeper. I would imagine this gets challenging for ASICs to access these fields for hashing/load balancing.
  6.  Assuming only a subset of packets in a flow are subject to IOAM (based on sampling), how do we ensure these packets take the same network path as the rest of the packets in the flow?
Thanks,
Vijay


On Wed, Aug 21, 2019 at 5:04 PM Carlos Pignataro (cpignata) <cpignata@cisco.com<mailto:cpignata@cisco.com>> wrote:
Hello, Vijay,

Please see https://datatracker.ietf.org/doc/draft-weis-ippm-ioam-eth/, and the document this replaces.

Thanks!
Thumb typed by Carlos Pignataro.
Excuze typofraphicak errows

2019/08/21 6:35、Vijay Rangarajan <vijayr@arista.com<mailto:vijayr@arista.com>>のメール:
Hello all:
Apologise if this has been previously discussed.
In reading "draft-ietf-ippm-ioam-data-06", I don't see mention of GRE encap. The draft, in fact in Sec 3, says the following - "The in-situ OAM data field can be transported by a variety of transport protocols, including NSH, Segment Routing, Geneve, IPv6, or IPv4.  Specification details for these different transport protocols are outside the scope of this document."

Is there another document, or a description somewhere, that talks about how IOAM is proposed to be carried in GRE? what would be the GRE payload, the GRE protocol type etc?

Thanks,
Vijay


On Wed, Aug 21, 2019 at 7:52 AM Jai Kumar <jai.kumar@broadcom.com<mailto:jai.kumar@broadcom.com>> wrote:
Hello Frank,

This is in context of our conversation at IETF105. My goal is to provide input and improve current IOAM data draft with the learnings we had with IFA deployment.
This feedback is based on various customer interactions and concerns raised by them wrt IOAM. Each feedback is a longer topic and I am starting this thread as a summary email. This is just highlighting the issues and not yet proposing any solution.


Feedback 1:
Section 4.2.1 Pre-allocated and Incremental Trace Options
Pre-allocated and incremental trace option is 8Bytes long. This can be easily reduced to 4Bytes.
There is a feedback that pre-allocated option is really not needed and either be removed or made optional.
Given that deployments are sensitive to the IOAM overhead (specially in 5G deployments), it’s a 50% fixed overhead savings on a per packet basis.


Feedback 2:
Section 4.1 IOAM Namespaces
Namespaces should be treated as templates (similar to IPFIX template record formats). This is more flexible way of enumerating data. 64K namespace id is a very large namespace and can be reduced to 64 IANA specified name spaces. Separate private name space can be allowed instead of interleaving of opaque data in the IANA allocated name space as suggested in the current draft “opaque state snapshot”.
https://tools.ietf.org/html/rfc7011#section-3.4

Feedback 3:
Section 4.2.1 Pre-allocated and Incremental Trace Options
IOAM-Trace-Type:  A 24-bit identifier which specifies which data
      types are used in this node data list.
This is the most contentious of all. In the current proposal, as new data fields are added, there is a corresponding trace type bit need in the header. This essentially means that all possible data fields need to be enumerated. Given that we there are 64K names spaces allowed, I don’t see how we can fit all possible data fields in this 24bit vector. I know there was a suggestion of keeping last bit as an extension bit but it is still scalable and/or easy to implement in hardware. Besides this the data fields are not annotated/encoded with the data type, something like in IPFIX https://tools.ietf.org/html/rfc7011#section-6.1

Feedback 4:
There is no version field in the data header and this will make interoperability challenging. Standard will evolve and headers bit definition and/or trace type will change and without version field HW will not be able to correctly handle the IOAM data headers.

Feedback 5:
Handling of TCP/UDP traffic using GRE encap is not acceptable. Here are some of the issues I can think of

  *   GRE encaped IOAM packets will traverse a different network path then the original packet
  *   Not all packets can be GRE encaped to avoid the previous problem, due to wastage of network bandwidth (typically sampled traffic is used for IOAM). What about native GRE traffic, will it get further encaped in another GRE tunnel and so forth.
  *   IP header protocol will point to GRE IP proto and IOAM ethertype (pending allocation by IEEE) need to be read from the GRE header to detect an IOAM packet. This means parsing performance penalty for all regular GRE (non IOAM) traffic.

Thanks,
-Jai

_______________________________________________
ippm mailing list
ippm@ietf.org<mailto:ippm@ietf.org>
https://www.ietf.org/mailman/listinfo/ippm
--- Begin Message --- 
Hi John,

One nit. I apologize, but when sending the earlier email I mistakenly referred to GRE as following an Ethernet header. But to my knowledge there is no standardized EtherType for GRE itself. GRE is IP protocol 47, so should following an IP header. So my packet examples were missing an IP header, and so I assume so were yours.



   On Dec 12, 2018, at 3:37 PM, John Lemon <john.lemon@broadcom.com<mailto:john.lemon@broadcom.com>> wrote:

   Hi Brian,

   Actually, what I was asking about was:

            BEFORE APPLYING IOAM
            ------------------------------------------
     IPv4   | ETH | GRE | NOT IOAM | IP | TCP | Data |

            ------------------------------------------



   I had been thinking about adding IOAM to an un-tunneled packet in my original example. I assume here that the “NOT IOAM” is another tunnel header of some kind, since there’s an IP header following it, so you're starting with a tunneled IP packet and you want to add an IOAM header and data.

   BEFORE APPLYING IOAM
         -----------------------------------------------
IPv4 | ETH | IP | GRE | NOT IOAM | IP | TCP | Data |
-----------------------------------------------


The above is what I would actually expect. I didn’t bother to fix the examples below.




            AFTER APPLYING IOAM, POSSIBILITY 1
            -------------------------------------------------
     IPv4   | ETH | GRE | NOT IOAM | IOAM | IP | TCP | Data |
            -------------------------------------------------


   This makes sense to me when the “NOT IOAM” header has a next protocol as an EtherType.




            AFTER APPLYING IOAM, POSSIBILITY 2
            -------------------------------------------------
     IPv4   | ETH | GRE | IOAM | NOT IOAM | IP | TCP | Data |
            -------------------------------------------------




   Yep, again this makes sense to me because the IOAM header can link to the “NOT IOAM” header.



            AFTER APPLYING IOAM, POSSIBILITY 3
            -------------------------------------------------------------
     IPv4   | ETH | GRE | IOAM | ETH | GRE | NOT IOAM | IP | TCP | Data |
            -------------------------------------------------------------



   That’s gnarly, but looks perfectly legal to me. It’s begging for some form of header compression method as an option. :-)

   Do people think this is worth describing these use cases in a new Appendix to the IOAM Ethernet I-D, or is it too complicated of a topic?

   Thanks,
   Brian

   P.S. - I’m changing my email from bew@cisco.com<mailto:bew@cisco.com> to bew.stds@gmail.com<mailto:bew.stds@gmail.com>, and I’ve copied the new one on this email.


   Thanks, John


   On Tue, Dec 11, 2018 at 9:20 PM Brian Weis (bew) <bew@cisco.com<mailto:bew@cisco.com>> wrote:


      Hi John,

      First of all, I no longer have the need for that confusing language regarding the IOAM Ethertype “Next Protocol” optionally being an IP protocol, so I think it should be removed in the next draft. Lets assume “Next Protocol” is simply an EtherType.  I think that’s probably a lot of the confusion.

      I had envisioned that an IP over GRE packet would look like this:

               BEFORE APPLYING IOAM
               -------------------------
        IPv4   | ETH | IP | TCP | Data |
               -------------------------

               AFTER APPLYING IOAM
               -------------------------------------------------
        IPv4   | ETH | GRE | IOAM HDR + DATA | IP | TCP | Data |

               -------------------------------------------------


      Does that make sense?

      Thanks,
      Brian



         On Dec 11, 2018, at 3:56 PM, John Lemon <john.lemon@broadcom.com<mailto:john.lemon@broadcom.com>> wrote:

         Hi Brian,

         When I have an existing IP over GRE packet that I want to add IOAM to, are you envisaging that this is done via extending the existing GRE encapsulation, by encapsulating the IP packet in a new IP over GRE over previous IP tunnel, or something else?

         Thanks, John



      --
      Brian Weis
      Security, CSG, Cisco Systems
      Telephone: +1 408 526 4796
      Email: bew@cisco.com<mailto:bew@cisco.com>



      --
      Brian Weis
      Security, CSG, Cisco Systems
      Telephone: +1 408 526 4796
      Email: bew@cisco.com<mailto:bew@cisco.com>
--- End Message ---

v2.23.0 | Report a Bug | By Email