Re: [ippm] Call for adoption: draft-xiao-ippm-ioam-conf-state
Greg Mirsky <gregimirsky@gmail.com> Wed, 18 November 2020 08:36 UTC
Return-Path: <gregimirsky@gmail.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 270F03A168D; Wed, 18 Nov 2020 00:36:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ErOIB1kKTMvk; Wed, 18 Nov 2020 00:36:13 -0800 (PST)
Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCC143A167E; Wed, 18 Nov 2020 00:36:12 -0800 (PST)
Received: by mail-lf1-x12e.google.com with SMTP id u18so1736010lfd.9; Wed, 18 Nov 2020 00:36:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7PuCKVgd4nu04duubG5n4bjExsjdrn5G8q2wlJpOUbs=; b=pIR6yewnmzzqfmRABF38PsvXVZMNNJWiHxzqDprs1lYk4lsgBIvFVrWUpEVtSWeHVZ A1mOgTu8UgM2amhQ26Pi0Lm2dlrY7OIVOae8R1uM8ibFmNrwIVcmZiZDw02ybl6HpYBb mypoOnar793X5czr9SiGB6KwTGTDQzlCXI+wVobgoLxKuyoTiEoKe87//ATGo0pSAVjl C3sDy+0tFEfy9PD6Ce3Cue3irIGoehANhRmMFsxQau1s+fJ5hpcAOwl8CeQj03Asxxlg I5DgNwXTCj2VL17RRShkBDBpZScg6fc84mVSb+JKGzg0Je8A2zTmtHzl4xOmZwaDYJlY spRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7PuCKVgd4nu04duubG5n4bjExsjdrn5G8q2wlJpOUbs=; b=MuaxRXdnEZLrTBBdp8j5r6x5jsGpifWZMPpS7X93D34IvPKB5fiPwwGtQNq+uL6l1S PrdUYBiOJAeSlsoLRStOrXC5GXu1rMbj5WcH1bJ6zS6O+bfD0hnFZNPfhQoU41QPZSBF HYL+WWVwspg9I7sOOZYhZt+cv71CHC6HbnK1SaG5+DKehOn4tBIKNkdriyv1Jh35RGBQ GoyDSZKPT6MaS+T68Awr9xJeuAqSd+fZ4Gdmv86Z5Ycy8HH7eNn/LTvd6FJp3FdMyI2P eV5GGaHgRykvyEacecpwps5pJPUE/c0Un7t28mndlY7/jdNKzsSmFqqVxJ2VgPvGsSBp ydGw==
X-Gm-Message-State: AOAM531lanT+vLgKt0DwpCtQUVvF5+MfPBEQH0786qUx3QU71h+MZDoW hVhFAt2w5CX0rT8UPTJyD4imeylB5kb65u2eWl0=
X-Google-Smtp-Source: ABdhPJy4lb1ERTdY1dR12zLEdckK+KgbOlxKlDVptCWt37ql5cejWIrtIsX/H1n091hcDeLCMxUqLBlUjqpHMcqkhEw=
X-Received: by 2002:ac2:46cc:: with SMTP id p12mr3074721lfo.56.1605688570876; Wed, 18 Nov 2020 00:36:10 -0800 (PST)
MIME-Version: 1.0
References: <C7C2E1C43D652C4E9E49FE7517C236CB02CBEA49@dggeml529-mbx.china.huawei.com> <202011181557167521943@zte.com.cn>
In-Reply-To: <202011181557167521943@zte.com.cn>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Wed, 18 Nov 2020 00:35:59 -0800
Message-ID: <CA+RyBmWOJxcaO=Oqnw8+_jo3HZC7d7iC7S9EuUtzGyYCSp=SSA@mail.gmail.com>
To: Xiao Min <xiao.min2@zte.com.cn>
Cc: "Chengli (Cheng Li)" <c.l@huawei.com>, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>, IPPM Chairs <ippm-chairs@ietf.org>, "Frank Brockners (fbrockne)" <fbrockne=40cisco.com@dmarc.ietf.org>, IETF IPPM WG <ippm@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e3190d05b45d80fe"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/stsSXeqNS3nVxvpUBRxsqeASjoI>
Subject: Re: [ippm] Call for adoption: draft-xiao-ippm-ioam-conf-state
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2020 08:36:15 -0000
Dear All, I agree with Xiao Min's suggestion that IGP may be not the most effective mechanism to collect information about a node's IAOM capability. Consider the case when IOAM capability is controlled by a local policy that controls the type of information available to different sources within an IOAM domain. I think that it would be much more challenging to reflect that through IGP than to discover that using ICMP. Regards, Greg On Tue, Nov 17, 2020 at 11:57 PM <xiao.min2@zte.com.cn> wrote: > Hi Cheng, > > > I don't really understand your concern. > > ICMPv6 is a mature protocol mechanism, and IOAM function is limited in a > trusted domain, then using ICMPv6 to discover IOAM capabilities wouldn't > introduce any big challenge on security and privacy. > > I don't think IGP is better than ICMPv6 in this case. Firstly, flooding > IOAM capabilities throughout the IGP domain is too heavy and unnecessary in > my view. Secondly, IGP domain and IOAM domain don't always have the same > coverage, one example is that when the IOAM encapsulating node is a host > IGP flooding doesn't work for it. > > > Best Regards, > > Xiao Min > 原始邮件 > *发件人:*Chengli(ChengLi) > *收件人:*Chengli (Cheng Li);肖敏10093570; > *抄送人:*ippm-chairs@ietf.org;ippm@ietf.org;fbrockne= > 40cisco.com@dmarc.ietf.org;tpauly=40apple.com@dmarc.ietf.org; > *日 期 :*2020年11月17日 17:53 > *主 题 :**RE: [ippm] Call for adoption: draft-xiao-ippm-ioam-conf-state* > > I meantI don’t think we can detect the (Non Routing ) capabilities of a > node in another domain. Sorry for the typo. > > > > *From:* ippm [mailto:ippm-bounces@ietf.org]*On Behalf Of *Chengli (Cheng > Li) > *Sent:* Tuesday, November 17, 2020 4:09 PM > *To:* xiao.min2@zte.com.cn > *Cc:* ippm-chairs@ietf.org; ippm@ietf.org; fbrockne= > 40cisco.com@dmarc.ietf.org; tpauly=40apple.com@dmarc.ietf.org > *Subject:* Re: [ippm] Call for adoption: draft-xiao-ippm-ioam-conf-state > > > > Hi Min, > > > > That is also my understanding. IOAM is limited in a trusted domain. > > > > But ICMP can be used in the global Internet? I don’t think we can detect > the capabilities of a node in another node. Privacy and security will be a > big challenge. > > > > So personally I prefer IGP/BGP/BGP-LS or NETCONF/YANG way. > > > > Thanks, > > Cheng > > > > > > > > *From:*xiao.min2@zte.com.cn [mailto:xiao.min2@zte.com.cn > <xiao.min2@zte.com.cn>] > *Sent:* Tuesday, November 17, 2020 3:52 PM > *To:* Chengli (Cheng Li) <c.l@huawei.com> > *Cc:* fbrockne=40cisco.com@dmarc.ietf.org; > tpauly=40apple.com@dmarc.ietf.org;ippm@ietf.org; ippm-chairs@ietf.org > *Subject:* Re:[ippm] Call for adoption: draft-xiao-ippm-ioam-conf-state > > > > Hello Cheng, > > > > I noticed that Frank has submitted an In-situ OAM deployment draft within > OPSAWG, in section 3 of that draft it says: > > " > > IOAM is a network domain specific feature, with "network domain" > > being a set of network devices or entities within a single > > administration. IOAM is not targeted for a deployment on the global > > Internet. The part of the network which employs IOAM is referred to > > as the "IOAM-Domain". > > " > > To my understanding, the IOAM data is collected only within a trusted > domain, of course, Frank can correct me if I'm wrong. > > For your convenience, the link for this quoted draft is provided as below. > > https://tools.ietf.org/html/draft-brockners-opsawg-ioam-deployment > > > > Best Regards, > > Xiao Min > > 原始邮件 > > *发件人:*Chengli(ChengLi) > > *收件人:*Frank Brockners (fbrockne);Tommy Pauly;IETF IPPM WG (ippm@ietf.org); > > *抄送人:*IPPM Chairs; > > *日**期**:*2020年11月16日 17:28 > > *主**题**:Re: [ippm] Call for adoption: draft-xiao-ippm-ioam-conf-state* > > _______________________________________________ > ippm mailing list > ippm@ietf.org > https://www.ietf.org/mailman/listinfo/ippm > > I have one simple question like I mentioned in the meeting: Is it secure > to discover the non-routing capabilities info from the data plane? > > > > For instance, a packet may travel several network domains, and the trusted > scope is only within each domain. When we use ICMP Ping, we can get the > non-routing info from other domains. Is it OK to do it? I think we should > consider more about security and privacy. > > > > Furthermore, can we collect the IOAM data in multiple domain scenarios? Or > only within a trusted domain? > > > > Thanks, > > Cheng > > > > > > > > > > > > > > > > *From:* ippm [mailto:ippm-bounces@ietf.org <ippm-bounces@ietf.org>]*On > Behalf Of*Frank Brockners (fbrockne) > *Sent:* Monday, November 16, 2020 3:13 PM > *To:* Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>; IETF IPPM WG ( > ippm@ietf.org) <ippm@ietf.org> > *Cc:* IPPM Chairs <ippm-chairs@ietf.org> > *Subject:* Re: [ippm] Call for adoption: draft-xiao-ippm-ioam-conf-state > > > > Hello IPPM, > > > > per what I mentioned during the IPPM WG meeting today, I don’t think we > should adopt the document before we have a couple of key questions resolved: > > > > * Why can’t we use Netconf/YANG (with the existing capabilities discovery > process – a la RFC 6241) to retrieve the IOAM capabilities of IOAM nodes? > E.g. the encapsulating node (as a NC client) could retrieve the IOAM > capabilities from other IOAM nodes (acting as a NC server). Plus there is > already a YANG model in flight for IOAM (draft-zhou-ippm-ioam-yang-08). At > a minimum I would have expected that the draft discusses why NC/YANG is not > suitable for the scenario that the authors have in mind. The slides ( > https://datatracker.ietf.org/meeting/109/materials/slides-109-ippm-echo-requestreply-for-enabled-ioam-capabilities-00) > that were presented in the IPPM WG meeting today, mention “Changed from > “IOAM Configuration Data” to “Enabled IOAM Capabilities” since the former > is too associated with NETCONF/YANG.” IMHO we need a bit more than just > wordsmithing. > > > > * While the draft uses IOAM capabilities discovery as the use-case, in > more general terms, it proposes to add management/ops capabilities to > echo-request/reply protocols like ICMP, which is a much broader topic. The > TLV structures which are proposed to be added to echo-requests and > echo-replies could obviously be leveraged for other use-cases. Does the > work really fit the scope of the IPPM WG? > > > > Thanks, Frank > > > > *From:* ippm <ippm-bounces@ietf.org>*On Behalf Of*Tommy Pauly > *Sent:* Freitag, 30. Oktober 2020 19:46 > *To:* IETF IPPM WG (ippm@ietf.org) <ippm@ietf.org> > *Cc:* IPPM Chairs <ippm-chairs@ietf.org> > *Subject:* [ippm] Call for adoption: draft-xiao-ippm-ioam-conf-state > > > > Hello IPPM, > > > This email starts a Working Group call for adoption > for draft-xiao-ippm-ioam-conf-state. This document has been presented > several times and discussed within the working group in the context of our > overall IOAM work. > > The document can be found here: > > https://tools.ietf.org/html/draft-xiao-ippm-ioam-conf-state-07 > <https://tools.ietf.org/html/draft-zhou-ippm-ioam-yang-08> > > Please provide your feedback on these document, and state whether or not > you believe the IPPM WG should adopt this work by replying to this email. > Please provide your feedback by the start of the IETF 109 meeting week, on *Monday, > November 16*. > > Best, > Tommy & Ian > > > > > _______________________________________________ > ippm mailing list > ippm@ietf.org > https://www.ietf.org/mailman/listinfo/ippm >
- [ippm] Call for adoption: draft-xiao-ippm-ioam-co… Tommy Pauly
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Tianran Zhou
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chang Liu(联通集团中国联通研究院-本部)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Greg Mirsky
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… li_zhenqiang@hotmail.com
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… wangjl50@chinatelecom.cn
- Re: [ippm] Fwd: Call for adoption: draft-xiao-ipp… Jeff Tantsura
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… leibo@chinatelecom.cn
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… zhang.zheng
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Dhruv Dhody
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Frank Brockners (fbrockne)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Mach Chen
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chengli (Cheng Li)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chengli (Cheng Li)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chengli (Cheng Li)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Frank Brockners (fbrockne)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… wangyali
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Greg Mirsky
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Greg Mirsky
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chengli (Cheng Li)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Frank Brockners (fbrockne)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chengli (Cheng Li)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chengli (Cheng Li)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chengli (Cheng Li)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… Chengli (Cheng Li)
- Re: [ippm] Call for adoption: draft-xiao-ippm-ioa… xiao.min2