Re: [ippm] Comments on draft-ietf-ippm-ioam-data-06

"Frank Brockners (fbrockne)" <fbrockne@cisco.com> Thu, 01 August 2019 10:59 UTC

Return-Path: <fbrockne@cisco.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A912120125 for <ippm@ietfa.amsl.com>; Thu, 1 Aug 2019 03:59:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=g7mwPJP+; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=p6eMPu7r
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fwcb57wvVlq8 for <ippm@ietfa.amsl.com>; Thu, 1 Aug 2019 03:59:26 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8689212003F for <ippm@ietf.org>; Thu, 1 Aug 2019 03:59:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6663; q=dns/txt; s=iport; t=1564657166; x=1565866766; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=KEiVYmY8I0ItzMl+DNk8g1TyvT9+vNWrFCB99+7ENYU=; b=g7mwPJP+hpi8qA+A5YfJc3Fc//tXavfTj9rIsQ+o+MWYeNVRVRnNSXR3 RFYB/pJah7MAqwWflIUCI4CSDSCErj8Y8KzSpHDA0mLeGSKRUwF9sdDQv NmhO5yMpCcyCnoQNOvIoFpWoFP6ZdFC8ije5JeqPaNqTwS44+3IfKz4JG A=;
IronPort-PHdr: =?us-ascii?q?9a23=3AdKOZdhEXyV9jpoNPamKXLZ1GYnJ96bzpIg4Y7I?= =?us-ascii?q?YmgLtSc6Oluo7vJ1Hb+e4z1Q3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNV?= =?us-ascii?q?cejNkO2QkpAcqLE0r+efDgdSsxH8JPfFRk5Hq8d0NSHZW2ag=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AIAAAqxUJd/5RdJa1lGgEBAQEBAgE?= =?us-ascii?q?BAQEHAgEBAQGBUwUBAQEBCwGBRCknA21VIAQLKgqHWwOEUoZVTIIPl1eBLoE?= =?us-ascii?q?kA1QJAQEBDAEBGAsKAgEBhEACglQjNAkOAQMBAQQBAQIBBm2FHgyFSgEBAQE?= =?us-ascii?q?DAQEQKAYBASwMCwQCAQgRBAEBAR4QJwsdCAIEARIIGoMBgWoDHQECDKEKAoE?= =?us-ascii?q?4iGCCI4J6AQEFhQIYghMDBoE0AYRxhm4XgUA/gRFGgkw+gmEBAYFjgzuCJow?= =?us-ascii?q?Mnh5tCQKCGoZchDFDiGaCLpVqjUKBMoYfkBQCBAIEBQIOAQEFgVA4gVhwFTu?= =?us-ascii?q?CbIJCDBeBAwECgkiFFIU/coEpi1wBgSABAQ?=
X-IronPort-AV: E=Sophos;i="5.64,333,1559520000"; d="scan'208";a="609082767"
Received: from rcdn-core-12.cisco.com ([173.37.93.148]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 01 Aug 2019 10:59:15 +0000
Received: from XCH-ALN-013.cisco.com (xch-aln-013.cisco.com [173.36.7.23]) by rcdn-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id x71AxFrH004417 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 1 Aug 2019 10:59:15 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-ALN-013.cisco.com (173.36.7.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 1 Aug 2019 05:59:14 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 1 Aug 2019 05:59:13 -0500
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 1 Aug 2019 06:59:13 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Fnqn2tKc0NJ43OU33OH0bjhaw8/AzPvgOuTWIoODfSj9UWtwDCH8iZc/DVIUQ3tGO6I47JIzGXGZpjDdoyelNktO07ezjtxCKWEk7St5pFfRM2huO3sJHKdXS+Nb8h22lx2zyJcgmKhx6KPhYfYlPMpSg9gt0SeLBJn/47mBTVYtVvDzEKK2HETH9vYsgOHi9/GgBxGd06fYPNzC1rrhI9Wub9tRQd9DbAxmX1Nffn99XourHJBR0ARdm8v//jti/d1vcArsfYXPt22v7HhKlMp3nOXQpCsLEsGwfblyfx1GZvby837tOP5r+KnDxspyl4AjG4bmXBdUCPZ7rjJxsg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7OJovxATkuVTdVJedDS7xV/TCUnDCPH4hReluA2YDcQ=; b=QW8O4s+Ln+WPEihrnxvgpl7MuqlxYITNxnzBUp/Lbgl0bNqYLk4To7TPNL9IcvVDCxAKVSgGQwwh4fauIoqRjDCxtQgBVioF26NwqTA+HHrNj8709oY0PC6w8uK6zKQnd8YsCBGbD6/U+KPxgn55jH2W9i14xijP998g+YIJaCkxuJ2lG40qVW4CcTvmf25MimVtnakfstoTq9zvHABN3n9fPGott1hgCpa5A9LnGMXYOIwa0qUZAA2z2bWiocNS4tZPZmnbqSfjhAizMLh7Hv/aH1iv2fQBc7U/SapfkJXsNA/Zut8BLgMhvvYmArTXdLk/M9o3VQPLCtn9efu1/Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7OJovxATkuVTdVJedDS7xV/TCUnDCPH4hReluA2YDcQ=; b=p6eMPu7rXiI4lIEk/cTau6fZU3ZsiGueBtujC+O/fNpfN3pPVovtlQr5AZmx1H52iLyXsXUO1G3tItGulmoMUAtQnrk2EYqOu93ba3CXTKHI0r4hvdL5A0snjpGpsiVW202Dvqh2lw8eOLhIHKBZ2g2j46oNEJfcucr8WT/ayGM=
Received: from BYAPR11MB2584.namprd11.prod.outlook.com (52.135.227.17) by BYAPR11MB3016.namprd11.prod.outlook.com (20.177.225.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2115.15; Thu, 1 Aug 2019 10:59:11 +0000
Received: from BYAPR11MB2584.namprd11.prod.outlook.com ([fe80::d443:d196:b8f6:d858]) by BYAPR11MB2584.namprd11.prod.outlook.com ([fe80::d443:d196:b8f6:d858%7]) with mapi id 15.20.2094.017; Thu, 1 Aug 2019 10:59:11 +0000
From: "Frank Brockners (fbrockne)" <fbrockne@cisco.com>
To: Tom Herbert <tom@herbertland.com>, IETF IPPM WG <ippm@ietf.org>
Thread-Topic: [ippm] Comments on draft-ietf-ippm-ioam-data-06
Thread-Index: AQHVQnSkcM+hM0NzCkyT+m1G2sWgdqbjT4aAgALTBWA=
Date: Thu, 1 Aug 2019 10:59:11 +0000
Message-ID: <BYAPR11MB2584A42E0A36AD939699E618DADE0@BYAPR11MB2584.namprd11.prod.outlook.com>
References: <CALx6S34aMnTzFuoQnPScCu8mG2FT37o4Ok4DSP-5vYO9xEq=UA@mail.gmail.com> <CALx6S34ureyjwo1DYTKYGEecGy46NzAbuGcV+nrhw98+CLUK1w@mail.gmail.com>
In-Reply-To: <CALx6S34ureyjwo1DYTKYGEecGy46NzAbuGcV+nrhw98+CLUK1w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=fbrockne@cisco.com;
x-originating-ip: [173.38.220.53]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 32346666-5af6-42a3-380f-08d7166f48e8
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BYAPR11MB3016;
x-ms-traffictypediagnostic: BYAPR11MB3016:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BYAPR11MB3016F1DAD9726774D8A9BF65DADE0@BYAPR11MB3016.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01165471DB
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(366004)(136003)(346002)(376002)(396003)(13464003)(189003)(199004)(81166006)(33656002)(26005)(478600001)(256004)(71190400001)(71200400001)(99286004)(81156014)(486006)(86362001)(229853002)(14444005)(305945005)(7696005)(6436002)(6506007)(8676002)(53546011)(76116006)(25786009)(316002)(2906002)(110136005)(74316002)(966005)(66066001)(9686003)(64756008)(53936002)(6306002)(66446008)(6116002)(476003)(76176011)(66556008)(68736007)(55016002)(52536014)(14454004)(8936002)(5660300002)(102836004)(66476007)(186003)(3846002)(446003)(11346002)(66946007)(7736002)(6246003); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR11MB3016; H:BYAPR11MB2584.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: sCWew54I/8ZyNhXwtPscTAGbNIv+3rrnxM97QiiB9YhU477JcuS93wW/bdSiF4jFU72Libus86IrLur8eX75o2eSLtsohIfQnzw/JpQSL4WoHu/bZF5bsgICI+kI2mbPD2LjfhjJUPsWNzAn0BpKHlv3GvrH9VsP1Iibo/w3bDIX/foMtwNRLWLMX7sdrC1dlRnHlamJ9A0tLYpUO7BHpFRzrxsJBSVQmDihHNdr7ETbi9Uyufdima0B15B9HUlNEFavtF3KwaE5NX+Ofo+ktRDBeM/wfHQO+6wBnmYi4KQWXrKlio0skzFJSLzK/UG8hMJjDO4GZergulvm6I2EMo7E8dBv7JkgCLedan9xTXYQFaK71vtcpHGuD+kwbvSt86sYppKbWkuAfxxFNiXrLkZHp7dBYPqvpS3MMGWYQas=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 32346666-5af6-42a3-380f-08d7166f48e8
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Aug 2019 10:59:11.4075 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: fbrockne@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3016
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.23, xch-aln-013.cisco.com
X-Outbound-Node: rcdn-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/cp0E8-D0XbgTBy_3Bf6E21z00EA>
Subject: Re: [ippm] Comments on draft-ietf-ippm-ioam-data-06
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Aug 2019 10:59:29 -0000

Hi Tom,

Thanks for your comments. Couple of thoughts:

* Bit 7 / Opaque State Snapshot:

Per the discussion in the WG meeting in Montreal: The field could indeed lead to variable length data being inserted into the packet. That said, the envisioned use would be that for a specific deployment or IOAM domain, the "length" would be a fixed value so that a parser could be preconfigured in a proper way. Those could even be specified as part of an IOAM profile (draft-mizrahi-ippm-ioam-profile-00). 
For the next revision of the draft, we should add a deployment consideration for "Opaque State Snapshot" to reflect this discussion.

* Bit 23 / Checksum complement:

The idea for the checksum complement was indeed what you mention: Avoid the need to update the packet's UDP checksum by an intermediate entity, which isn't be able to update the UDP checksum itself. One can argue whether these nodes would exist - per what you say, but from what I remember, this option was added to be on the safe side. The field was added way back (https://github.com/inband-oam/ietf/pull/41). I'm hoping that Tal could shed some further light it.

* Short / wide format of fields:

You note that "Having separate fields for different sizes of the same information awkward and inefficient." - thought these fields don't necessarily need to carry the same content. Both fields (short and wide) could indeed be present in the same packet and can complement each other. Given that the term "interface" isn't further defined, what an IOAM domain is going to associate with interface is flexible, e.g. "interface_short" could be an identifier for the physical interface, whereas "interface_wide" could be an identifier for a logical sub-interface of that physical interface.
Per your suggestion - given that we use 2 bits, we could consider making things more flexible by using all of the four potential values of the 2-bit number (like your 16/32/64 example). The question is: Is this needed? I'd appreciate additional opinions.

* 24 bits Trace type 

Per your suggestion, reserving a bit to allow for future scalability makes sense - and bit 23 would be an obvious choice; which would in turn mean that we'd need to assign a different bit for checksum complement. If everyone else is fine with this change, we can include this change in -07.

Thanks again, Frank



> -----Original Message-----
> From: ippm <ippm-bounces@ietf.org> On Behalf Of Tom Herbert
> Sent: Dienstag, 30. Juli 2019 17:20
> To: IETF IPPM WG <ippm@ietf.org>
> Subject: Re: [ippm] Comments on draft-ietf-ippm-ioam-data-06
> 
> On Wed, Jul 24, 2019 at 4:07 PM Tom Herbert <tom@herbertland.com> wrote:
> >
> > Hello,
> >
> > These are some comments on the draft that are motivated while working
> > on the IOAM hackathon project.
> >
> > From the draft:
> >
> > "Bit 7    When set indicates presence of variable length Opaque State
> > Snapshot field."
> >
> > It seems like this would put a variable data field in the middle of
> > fixed length fields of the bit vector. Also, it seems like the length
> > could vary in each node. Both of these are harsh on a parser.
> >
> > If variable data is needed, I suggest that it should immediately
> > follow the last flag field. The reserved field byte in the trace
> > header might be used to hold the length of the variable data.
> >
> > From the draft:
> >
> > "Bit 23 When set indicates presence of the Checksum Complement node data."
> >
> > I don't understand why this is needed. As I understand it, this is to
> > offset a change in the UDP payload so that the UDP checksum remains
> > correct. Since the node processing this already had to parse into UDP,
> > why not just adjust the UDP checksum itself (like NAT does for
> > instance)?
> >
> > Skipping bits when allocating in the bit vector is also problematic.
> > In order to determine the offset of the Nth flag field, a node needs
> > to know the lengths of the 0..N-1 fields, but the lengths of N+1 field
> > and on are relevant. This is important for backwards compatibility as
> > new flags are defined. For instance, when bit 12 is defined, a legacy
> > implementation that needs to set the checksum complement at bit 23
> > would be unable to determine the offset of the checksum complement.
> >
> RFC7820 describes the need for checksum complement to be after the field
> being set. I do believe that skipping bits in the vector is problematic as described
> above. This also might preclude extending the bit vector as proposed below.
> 
> Tom
> 
> > Side note, per RFC7605:
> >
> > "It is important to recognize that any interpretation of port numbers
> > -- except at the endpoints -- may be incorrect"
> >
> > This might be a nuisance if just reading UDP payload that is
> > misinterpreted, but modifying misinterpreted UDP data, which could
> > happen if IOAM data being set is encapsulated in UDP, would be
> > systematic data corruption. Very bad!
> >
> > From the draft:
> >
> > "Bit 1    When set indicates presence of ingress_if_id and
> > egress_if_id (short format) in the node data."
> >
> > and
> >
> > "Bit 9    When set indicates presence of ingress_if_id and
> > egress_if_id in wide format in the node data."
> >
> > Having separate fields for different sizes of the same information
> > awkward and inefficient. Consider that both bit 1 and bit 9 might be
> > simultaneously set and two different values could be reported. In GUE
> > we allow flags to be group to allow different sizes for a field and
> > that might be useful here. For example, for ingress and egress ID a
> > two bit flag could be defined where 00 indicates field not present, 01
> > indicates 16 bit IDs, 10 indicates 32 bit IDs, 11 indicates 64 bit
> > IDs.
> >
> > "IOAM-Trace-Type:  A 24-bit identifier which specifies which data
> > types are used in this node data list."
> >
> > With more than half already allocated it seems like the bits could be
> > exhausted relatively quickly especially if IOAM is a rousing success
> > and people apply their wildest imagination as to what data to collect.
> > I suggest to reserve the last bit of the vector. This bit will
> > indicate a field is present that itself contains another set of flags.
> > And in turn the expansion field's last bit can indicate another
> > expansion field and so on.
> >
> > Tom
> 
> _______________________________________________
> ippm mailing list
> ippm@ietf.org
> https://www.ietf.org/mailman/listinfo/ippm