Questions/comments about draft-dunbar-6man-5g-edge-compute-sticky-service
"Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net> Fri, 26 March 2021 20:59 UTC
Return-Path: <zzhang@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1CFB03A0EDB for <ipv6@ietfa.amsl.com>; Fri, 26 Mar 2021 13:59:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.35
X-Spam-Level:
X-Spam-Status: No, score=-2.35 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.251, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=PWWhgrqS; dkim=pass (1024-bit key) header.d=juniper.net header.b=UH1Nng8a
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G3IqvTlg2OC7 for <ipv6@ietfa.amsl.com>; Fri, 26 Mar 2021 13:58:56 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 084F03A0EC1 for <ipv6@ietf.org>; Fri, 26 Mar 2021 13:58:48 -0700 (PDT)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 12QKsNGr022774; Fri, 26 Mar 2021 13:58:46 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=tCF7bYA4VZzzi9vVY3/nIjlNTrB1g/tEvjQio3UqX3I=; b=PWWhgrqS6Qe6N3cwYsMjUKS5Kr2qjIyKogGelw38Ft6xfHlWW5o8GXlYnSExWBXoAQrC K+rcz4j+VDT4fbgP3hd2NmgalF8Gs9Na3iNUd1xeU10z5shTSr71qKTPXY+LwZH+MwoO FnwKJ19uouhyv5yvD7697s/V2I7SuC7wWZDPwuAtmD8aYrGaRmY5h3OynK5rzcXH9lVZ WVAGXOR1dBTCN1SNGoHCpJ305G1p+pm7QkrIS8b+LMXNimXMMTVXGIa9IXsKaYPgjcX/ jtQeX9+MKvy/ZQh8DMo5Xlgnvq5zoOwbnxmR650DEIrWAQmHwcCVbjDoa5uOv1di8CqK 3A==
Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2102.outbound.protection.outlook.com [104.47.58.102]) by mx0a-00273201.pphosted.com with ESMTP id 37hp6yg33j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 26 Mar 2021 13:58:45 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KjXh/VnNaeTl++vhu8Uy1bhpHtTWjkRihVFPZsR11o5w1U9o19+9laNJieWKE/rn3HehJXmeFePQ3Q9veg4PmEnNR/DOo1HD4e/9txcGy8DHBrvOVd+8NvRQnDF2NwHQTbMkqoPrnAfOzEEeN5bI3eKA2zhhOKn3LYT47lWREe2Y/0WrQSRP001Z5HdJikGbxVigdv9MXkj1P8gAawSGh6FwsIPrjfYPIBaSnfdWzBcwg+2dyNjd2Vf8F5LE1JJOzGqz0l8Iea3T8h5d1y8gp+n40K5RwldR5l43OzriZhp/7setSZStdEkTANDreElcqAEH8tiUDJgZnOS840gTug==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tCF7bYA4VZzzi9vVY3/nIjlNTrB1g/tEvjQio3UqX3I=; b=n0hZ+IB2D1lDcwq5l6QCmmr1kIFjUFofH5H9XKHH96m//hR96Dv3iqW/5RCf3DX1X7xJKFMChUbC4Zgl9g/V98zX0Utz2kggGgVYj7swPhrs32ZSMqhJdJL2VSq4IPeAzPxKH8tV31EvCy1fDoTiiVR1Ex7pMNxfwOYf3fGcGVgODbC/jM+AB47FJ0W8WWLa6OZ+cWf1+iQTloNXUXFEJgOiQS/wolpwqVm1VSHGawol/HSLe8m5NoVatsJG37OWdfgeddYlmlP48oIuMOXYWFoXQZk4Fc6FI4S5PbBzhAgYZE6F3K5P6GTmEeyBHRJTwQYRgiiXzTAnfcNw4Bf/5w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tCF7bYA4VZzzi9vVY3/nIjlNTrB1g/tEvjQio3UqX3I=; b=UH1Nng8aKwswf2eD3VRp/TG6s0LR8uE0p8yBBLeN7nOWTvVO1cOkj2Iy91IXwHs0gj/Z3NPFy/IMV1Cof0e2fXhGbTrk6nvYNXQ3H8moe7zEQbjqzhxZQ3pQ9aXOt68JT4CxduCptIHOjFCpe55HhyhBKrhTQqX8EansX18i7Pc=
Received: from MN2PR05MB5981.namprd05.prod.outlook.com (2603:10b6:208:c3::15) by MN2PR05MB6221.namprd05.prod.outlook.com (2603:10b6:208:c2::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3999.15; Fri, 26 Mar 2021 20:58:43 +0000
Received: from MN2PR05MB5981.namprd05.prod.outlook.com ([fe80::203e:7f1f:be91:161c]) by MN2PR05MB5981.namprd05.prod.outlook.com ([fe80::203e:7f1f:be91:161c%6]) with mapi id 15.20.3999.016; Fri, 26 Mar 2021 20:58:43 +0000
From: "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>
To: 'Linda Dunbar' <linda.dunbar@futurewei.com>, 'Kaippallimalil John' <john.kaippallimalil@FUTUREWEI.COM>, 'IPv6 List' <ipv6@ietf.org>
Subject: Questions/comments about draft-dunbar-6man-5g-edge-compute-sticky-service
Thread-Topic: Questions/comments about draft-dunbar-6man-5g-edge-compute-sticky-service
Thread-Index: AdciSsNyEeeG0fk2Tl2oPdOa//JdzQ==
Date: Fri, 26 Mar 2021 20:58:43 +0000
Message-ID: <MN2PR05MB598167E0FA4AB8C4DA1B1500D4619@MN2PR05MB5981.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.6.0.76
dlp-reaction: no-action
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=6ff907fc-dbf6-4223-a695-8f05abb0ae6a; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=0; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=0633b888-ae0d-4341-a75f-06e04137d755; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2021-03-11T22:16:05Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4;
authentication-results: futurewei.com; dkim=none (message not signed) header.d=none;futurewei.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [71.248.165.31]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 590915ea-4154-4e14-571a-08d8f099f101
x-ms-traffictypediagnostic: MN2PR05MB6221:
x-microsoft-antispam-prvs: <MN2PR05MB622156CA405AF212B98B7A61D4619@MN2PR05MB6221.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 4wVlECs6D/nrOhXwfhrQ+fbnEC26qbmXzHTjKlG0RG8llXtnLLknCQQYqDakJlp24HN/JxnyDbrROyKJMxS1x4bRwL9OE1K/l09N67d80/w6Zzlj8HA/hvcdaMroTZzZqgldf3ctEi40nrbcoaPV9gFUNZ1uxnAbxQYJQwSfOnhMMBwygq3JD0k0yF1g365JebrAV22UXskicfAHvCi4TElpwajhSoNO5qjPbCIQZ3oAgvi7lXcYImmmSBtSvaydGEz7W7jw0k+cNgj+KFf9tRC+sDRaHurvG7eB7xIcv2pe/ZW/dtUmfHClkviiHNzn2paBIJtjk3c7v0SEKumJyUo8zTOqHDC4LpzB3O2J8/diNsLcm7lKh/P8BNaIgWJomMeqlMMGKrdxzHjHxM0QWBYeR3r70PfGxsEd9gYV+JpUeJionItGJmNg7K9ict0ZXeq1Feq6Jb0tqnh+MjIVSPUXm3talpsQZsPQVo3EKU60Z5/11UyAFZK2qFlt/5Gm3PjhntcgMzSA1DzIEuPwyANBZTNg0HGTxCPkO9Vtj2AkqIRWEKbuT8BTz8WaljG8VokJYEg3VwB4q4YCbtqQsEDcLyq+QXGqm4d/0502LqGQb2vJ4FI1mB6J7nLGypLBNuJ+9SUsERIRffKcPL0Qp/mhhzVXIgC40H35o5diNg8=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB5981.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(39860400002)(376002)(346002)(396003)(366004)(5660300002)(71200400001)(2906002)(9686003)(186003)(316002)(30864003)(478600001)(8676002)(8936002)(55016002)(110136005)(26005)(38100700001)(66446008)(6506007)(7696005)(66556008)(64756008)(86362001)(66574015)(83380400001)(66946007)(33656002)(76116006)(52536014)(66476007)(53546011); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: yo9Gdn723OEU7yBsaiCqDVHx0h2mRGhq0CA0Ze8QlBLOpTkwQu/fUijOtInupSecvt5F7Y5jbbor7wjOqKMiYtD4Qy31X8tw9wDK88knTZduORtuNFOriqfSm6VGu6qMYrtW+ofm6WkQzx/BvisaiTKCBIdBydLVKrEaatRaz0lllzBi45H77OqTvGHMF+ioBZSA3mxxcfaJ56Kf9oCllWb5CHN0HpuMUZyKawIZT6giKbt/ghADeZOJk3I60ICKVVNKfKMGX0rZOPm6QCmFkA/G7pvePPSG2rrneG9XTZJjEy+99Ta+BjMzFXDvXWKQev0plWwIyiVcL4OLf22sYN0U0speRpHVQl/2b9gKklq8Rvnw7xiy44ou/mQId/4YyxrKNNrsw8WwbEg9xLwr8f1nM8v2gozkin0Px3BiNApOv3lMf17qaDNj9KmxqsanzYS0dbH/Eo+WVadXOliJqZflCRxLR1APkDAcvYvyO2jBL1AE9x46LNdfdAx4z6poP6lw8KHvybYwHibMn/8gSMpj84E/NlIMEzaLHyA24b2uCdbw+2cRSQ8zAoVlrNu6Oyohn2G7yKunplscoJh6n13zeEwC2w1PaxiNaawHJzBEbwKth9klyU7m10QPaSG4OK4tPV5dso7wVWwT7OIuZoa1gaOY6JxvhSFTOnr9m4FUhRP1yvlc7ex2VmifUtzCqEdWa7270kKDTG6aqP5UVrVgfHmIp47+eNANi57a4NgVNO9Ph9FAZCf9tf75f5b3efasMLVmx2XjxAobhfJ4secxJ+/g+d+WmVnvUr2hIwOxluXWZCIOAriKXq5rPLbx3aLNGKuWt7002DSbjPmHldOmNg1YTDTk3p8pmsoxu8a8M91fL7aipq4yQOa8X1H1IodZvryNzYa69Z0xkEFcBfoYuwKwQ1DVIObwAR7y7aveH2KRqTiuB+y/uApLpNvNeawclhvEQOVhE7+t+DubSyL3xGJ8PbQ5dmthOSReT1DyYpkL+DmGBITrxP8GUBNE0og4OGmtFEqd/WTFJkZ0sy3EFlCgntMybeeFQKJPHU4QUWkouINaP3NqSwhMcAsdmqaTioGLqcGljP+iVbu95eyKZ83ciQCzdVQr0kSOc+R2KiTH7noIbRIr2/a9+4LLflmhkcaUYzkTwmG8jumO5FHt2B19SrnNEp0ZGeKe63ydyF6+KA33aUSo8EDC1L9BUk6DR3laqtR0rSPY5Z6mbpXx18LRT3R69+svFhDonypy7Ftt0W5Grky8+oRBgPJjsqIxODh+28N7/ALyzk9VNld4tMu9BiVHEoug5ikMhiEWVP88V6tQlqkc6sUX1e8R
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB5981.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 590915ea-4154-4e14-571a-08d8f099f101
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Mar 2021 20:58:43.5825 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: I0+Hmm+iXrsE1aQ/Cc02rQbZgCbSLtbIZjUGA0dUt/Yy1cjtPDGq/Wg0Y78eiXQ1MbeeesDnHEAybRE8vEc48w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR05MB6221
X-Proofpoint-GUID: tR40tjV8mzthY9igU4iahVfGMW5nnB_B
X-Proofpoint-ORIG-GUID: tR40tjV8mzthY9igU4iahVfGMW5nnB_B
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-03-26_11:2021-03-26, 2021-03-26 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxscore=0 bulkscore=0 priorityscore=1501 adultscore=0 impostorscore=0 mlxlogscore=999 suspectscore=0 clxscore=1011 phishscore=0 spamscore=0 malwarescore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2103250000 definitions=main-2103260155
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/4rw-pBcNZN7mzkArjUtVUzLcQJU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 20:59:01 -0000
Hi Linda, John, When a UE (User Equipment) initiates application packets using the destination address from a DNS reply or from its own cache, the packets from the UE are carried in a PDU session through 5G Core [5GC] to the 5G UPF-PSA (User Plan Function - PDU Session Anchor). The UPF-PSA decapsulate the 5G GTP outer header and forwards the packets from the UEs to the Ingress router of the Edge Computing (EC) Local Data Network (LDN). The LDN for 5G EC, which is the IP Networks from 5GC perspective, is responsible for forwarding the packets to the intended destinations. A nit comment about "5G Core" above. When I first started learning 4G/5G It took me a while to realize the 3GPP "core network" concept in vastly different from what IETF people are used to. It's not about topology and now the "core network" functions are being more and more distributed into edges. Therefore, in this context it may be better to simply strike the "through 5G Core [5GC]" wording to reduce the confusion to some readers. 1.3. Problem #1: ANYCAST in 5G EC Environment Increasingly, ANYCAST is used extensively by various application providers and CDNs because it is possible to dynamically load balance across multiple locations of the same address based on network conditions. BGP is an integral part in the way IP anycast usually functions. Within BGP routing there are multiple routes for the same IP address which are pointing to different locations. Not only BGP - but all IP routing protocols should work well with anycast. My understanding is that BGP being integral part here is really that the data network here is likely realized by VPNs over the same transport network. Is that a correct understanding? Of course, BGP does have flexibility in providing better/more control of route selection than IGP does in the context of the companion draft-dunbar-idr-5g-edge-compute-app-meta-data. But, having multiple locations for the same ANYCAST address in 5G Edge Computing environment can be problematic because all those edge computing Data Centers can be close in proximity. There might not be any difference in the routing cost to reach the Application Servers in different Edge DCs. Same routing cost to multiple ANYCAST locations can cause packets from one flow to be forwarded to different locations, which can cause service glitches. As pointed out later in this same document, modern routers support "Flow Affinity" and should not cause packets of a flow on a specific router to be forwarded to different locations. The real problem is when a UE moves to a different location, the new router at that location may send it to a different egress router. However, that is the "sticky service" problem described in 1.4. From draft-dunbar-idr-5g-edge-compute-app-meta-data, I understand that on a specific router it needs to choose a location that can best serve an application based on some non-routing factors. If 1.3 is really for that purpose, it should be reworded accordingly. As I mentioned in an earlier email, the two documents should better align on the problem descriptions. Here is the overview of the End-Node based Sticky Service solution: - Each ANYCAST Edge Computing server either learns or is informed of the unicast Sticky Egress address (Section 3). The goal of the network is to deliver packets belonging to one flow to the same Sticky Egress address for the ANYCAST address. Section 4.1 describes how Edge Computing Servers discover their corresponding Sticky Egress unicast addresses. - When an Edge Computing server sends data packets to a UE (or client), it inserts the Sticky-Dst-SubTLV (described in Section 4.2) into the packets' Destination Option Header. - UE (or client) needs to copy the Destination Option Header from the received packet to the next packet's Destination Header if the next packet belongs to the same flow as the previous packet. I was really confused by "next packet". I finally realized you may be referring to response packets from the UE to the server, and the "same flow" should be "same service". Better wording is needed here. - If the following conditions are true, the ingress router encapsulates the packet from the UE in a tunnel whose outer destination address is set to the Sticky Egress Address extracted from the packet's Sticky-Dst-SubTLV: o The destination of the packet from the UE side matches with one of the Sticky Service ACLs configured on the ingress router of the LDN, o the packet header has the Destination Option present with Sticky-Dst-SubTLV. Wouldn't it be better for the UE to put in an SRH with one SID for the server address and set the DA to be the egress router address? That way you don't need the ACL or the DOH (the Sticky-Dst-SubTLV information in the DOH is not for consumption by the server anyway), and you don't even need tunneling or BGP (unless VPN is used - but that's orthogonal to this). Existing SRv6 function takes care of it. Also, the Sticky-Dst-SubTLV in DOH of the server->UE traffic would be better renamed as "return waypoint" for more generic purpose. 4.1. Sticky Egress Address Discovery To an App server with ANYCAST address, the Sticky Egress address is same as its default Gateway address. To prevent malicious UEs (or clients) sending DDOS attacks to routers within 5G EC LDN, e.g. the Sticky Egress address that is encoded in the Destination option header in the packets sent back to the UEs (or clients), a proxy Sticky Egress address can be encoded in the Destination option header. The proxy Sticky Egress address is only recognizable by the 5G EC LDN ingress nodes, i.e. the Ra and Rb in the Figure 1, but not routable in other networks. The LDN ingress routers can translate the proxy Sticky Egress to a routable address for the Sticky Egress node after the source addresses of the packets are authenticated. Why is the 4.1 title called "... discovery"? Does not seem to be about "discovery". 4.3. Expected behavior at the UE ... Section 4 describes the network layer processing if UEs do not perform the steps described here. Should be "Section 5". 5. Tunnel based Sticky Service Solutions 5.1. Ingress and Egress Routers Processing Behavior The solution assumes that both ingress routers and egress routers support at least one type of tunnel and are configured with ACLs to filter out packets whose destination or source addresses match with the Sticky Service Identifier. The solution also assumes there are only limited number of Sticky Services to be supported. An ingress router needs to build a Sticky-Service-Table, with the minimum following attributes. The Sticky-Service-Table is initialized to be empty. - Sticky Service ID - Flow Label - Sticky Egress address - Timer Editor's Note: When a UE moves from one 5G Site to another, the same UE will have a new IP address. "Flow Label + Sticky Service ID" stays the same when a UE is anchored to a new PSA. Therefore, this solution use "Flow Label + Sticky Service ID" to identify a sticky flow. Since the chance of different UEs sending packets to the same ANYCAST address using the same Flow Label is very low, it is with high probability that "Flow Label + Sticky Service ID" can uniquely identify a flow. When multiple UEs using the same Flow Label sending packets to the same ANYCAST address, the solution described in this section will stick the flows to the same ANYCAST server attached to the Sticky Egress router. This behavior doesn't cause any harm. It seems that the same flow label is used for traffic of the same service in both directions. So who will assign the flow label? If two UEs of the same service happen to use the same flow label, then sticky service is not guaranteed. For example, initially they're anchored at different UPFs, and UE1 traffic is sent to egress router 1 while UE2 traffic is sent to egress router 2. When UE 1 relocates to the same UPF as UE 2's, its traffic will be sent to egress node 2 because the same flow label is used. Therefore, there should be a central controller to assign flow labels based on UE id, and the UE id is not based on IP address (since it could change). Note: since there are only small number of Sticky services, the Sticky-Service-Table is not very large. With the above understanding, the table could get large? When an ingress router receives a packet from a UE matching with one of the Sticky Service ACLs and there is no entry in the Sticky- Service-Table matching the Flow Label and the Sticky Service ID, the ingress router considers the packet to be the first packet of the flow. There is no need to sticking the packet to any location. The ingress router uses its own algorithm to select the optimal egress node as the Sticky Egress address for the ANYCAST address, encapsulates the packet with a tunnel that is supported by the egress node. The tunnel's destination address is set to the egress node address. If a UE was using egress router 1 and it relocates to a new UPF, the new ingress router will likely have no corresponding entry for it? What if the new ingress router pick egress router 2? It seems that the ingress routers need to pre-exchange entries in the table? I see it's discussed later that the routers do exchange the information. It should be mentioned up front when the table is introduced. When an ingress router receives a packet in a tunnel from any egress router and the packet's source address matches with a Sticky Service ID, the egress router address is set as the Sticky Egress address for the Sticky Service ID. The ingress router adds the entry of "Sticky- Service-ID + Flow Label + the associated Sticky Egress address + Timer" to the Sticky-Service-Table if the entry doesn't exist yet in the table. If the entry exists, the ingress router refreshes the Timer of the entry in the table. When the ingress router receives the subsequent packets of a flow from the 5G side matching with an Sticky Service ID and the Sticky- Service ID exists in the Sticky-Service-Table, the ingress router uses the Sticky Egress address found in the Sticky-Service-Table to encapsulate the packet and refresh the Timer of the entry. If the Sticky-Service ID doesn't exist in the table, the ingress router considers the packet as the first packet of a flow. The above is what leads me to believe that the flow label is the same in both directions. 5.3. Scenario 2: With communication with 5G system ... The ingress and egress router processing are the same as described in Section 5.1 except a flow is now uniquely identified by the "Sticky Service ID" + "UE address" instead of "Sticky Service ID" + "Flow Label". This confirms my earlier understanding for scenario 1 that "there should be a central controller to assign flow labels based on UE id, and the UE id is not based on IP address (since it could change)" and that the table could get large. Of course now for scenario 2, you're not using the flow label any more. While the table only contains entries that this ingress router actually need, the following are still true: - The table could still get large (if the number of attached UEs for the sticky services is large) - On demand fetching of the table entry may not be fast enough Additionally, instead of "scenario", "option" or "solution" would be a better wording. More importantly, this stateful flow steering based on the additional table is just too heavy and complicated. Why not simply have the UEs support SRH so that traffic will be routed via the desired egress router using standard SRv6 mechanism? Jeffrey -----Original Message----- From: Jeffrey (Zhaohui) Zhang Sent: Thursday, March 25, 2021 3:46 PM To: Linda Dunbar <linda.dunbar@futurewei.com>; Kaippallimalil John <john.kaippallimalil@FUTUREWEI.COM>; IPv6 List <ipv6@ietf.org>; idr@ietf. org <idr@ietf.org> Subject: questions about draft-dunbar-idr-5g-edge-compute-app-meta-data and draft-dunbar-6man-5g-edge-compute-sticky-service Hi Linda, John, I have the following questions. The two related drafts listed the following three problems respectively: 1.3. Problem#1: ANYCAST in 5G EC Environment.............. 6 1.4. Problem #2: Unbalanced Anycast Distribution due to UE Mobility.................................................. 7 1.5. Problem 3: Application Server Relocation............. 7 1.2. Problem #1: ANYCAST in 5G EC Environment.............. 4 1.3. Problem #2: sticking to original App Server........... 5 1.4. Problem #3: Application Server Relocation............. 5 Why is problem #2 different in the two drafts? Is it true that none of the two drafts address problem #3? The idr draft talk about "soft anchoring" problem and solution - how is that different from the "sticky service"? Thanks. Jeffrey Juniper Business Use Only
- Questions/comments about draft-dunbar-6man-5g-edg… Jeffrey (Zhaohui) Zhang
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- RE: Questions/comments about draft-dunbar-6man-5g… Jeffrey (Zhaohui) Zhang
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- RE: Questions/comments about draft-dunbar-6man-5g… Vasilenko Eduard
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- RE: Questions/comments about draft-dunbar-6man-5g… Jeffrey (Zhaohui) Zhang
- RE: Questions/comments about draft-dunbar-6man-5g… Jeffrey (Zhaohui) Zhang
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- RE: Questions/comments about draft-dunbar-6man-5g… Jeffrey (Zhaohui) Zhang
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- Re: Questions/comments about draft-dunbar-6man-5g… Joel M. Halpern
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- Re: Questions/comments about draft-dunbar-6man-5g… Joel M. Halpern
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- Re: Questions/comments about draft-dunbar-6man-5g… Joel Halpern Direct
- RE: Questions/comments about draft-dunbar-6man-5g… Jeffrey (Zhaohui) Zhang
- Re: Questions/comments about draft-dunbar-6man-5g… Mark Smith
- RE: Questions/comments about draft-dunbar-6man-5g… Jeffrey (Zhaohui) Zhang
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- Re: Questions/comments about draft-dunbar-6man-5g… Joel M. Halpern
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar
- RE: Questions/comments about draft-dunbar-6man-5g… Linda Dunbar