Re: What if? [was Re: Extension Header Insertion]
Fernando Gont <fernando@gont.com.ar> Tue, 10 December 2019 08:23 UTC
Return-Path: <fernando@gont.com.ar>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8766B120033 for <ipv6@ietfa.amsl.com>; Tue, 10 Dec 2019 00:23:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ONt6BC4vBfo for <ipv6@ietfa.amsl.com>; Tue, 10 Dec 2019 00:23:41 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81D3D120108 for <6man@ietf.org>; Tue, 10 Dec 2019 00:23:41 -0800 (PST)
Received: from [192.168.1.7] (unknown [181.113.147.236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 4990A853EC; Tue, 10 Dec 2019 09:23:37 +0100 (CET)
Subject: Re: What if? [was Re: Extension Header Insertion]
To: Gyan Mishra <hayabusagsm@gmail.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, 6man <6man@ietf.org>
References: <BN7PR05MB5699D9BA988F96E2F41CD390AE580@BN7PR05MB5699.namprd05.prod.outlook.com> <00dc01d5ae73$c361b450$4a251cf0$@olddog.co.uk> <dbcdeb1a-0091-da2b-20df-d991e6c06091@gmail.com> <9bc47200-4fea-37ce-0ede-cbf6a5f70ea9@gmail.com> <CABNhwV0ePOEpT57jksKTJf==N0rwnuV5U-xJ4xM9gQGR_GPx=w@mail.gmail.com>
From: Fernando Gont <fernando@gont.com.ar>
Autocrypt: addr=fernando@gont.com.ar; prefer-encrypt=mutual; keydata= mQINBE5so2gBEACzBQBLUy8nzgAzSZn6ViXT6TmZBFNYNqTpPRvTVtUqF6+tkI+IEd9N2E8p pXUXCd0W4dkxz6o7pagnK63m4QSueggvp881RVVHOF8oTSHOdnGxLfLeLNJFKE1FOutU3vod GK/wG/Fwzkv9MebdXpMlLV8nnJuAt66XGl/lU1JrNfrKO4SoYQi4TsB/waUQcygh7OR/PEO0 EttiU8kZUbZNv58WH+PAj/rdZCrgUSiGXiWUQQKShqKnJxLuAcTcg5YRwL8se/V6ciW0QR9i /sr52gSmLLbW5N3hAoO+nv1V/9SjJAUvzXu43k8sua/XlCXkqU7uLj41CRR72JeUZ4DQsYfP LfNPC98ZGTVxbWbFtLXxpzzDDT8i3uo7w1LJ2Ij/d5ezcARqw01HGljWWxnidUrjbTpxkJ9X EllcsH94mer728j/HKzC9OcTuz6WUBP3Crgl6Q47gY5ZIiF0lsmd9/wxbaq5NiJ+lGuBRZrD v0dQx9KmyI0/pH2AF8cW897/6ypvcyD/1/11CJcN+uAGIrklwJlVpRSbKbFtGC6In592lhu7 wnK8cgyP5cTU+vva9+g6P1wehi4bylXdlKc6mMphbtSA+T3WBNP557+mh3L62l4pGaEGidcZ DLYT2Ud18eAJmxU3HnM8P3iZZgeoK7oqgb53/eg96vkONXNIOwARAQABtCVGZXJuYW5kbyBH b250IDxmZ29udEBzaTZuZXR3b3Jrcy5jb20+iQJBBBMBAgArAhsjBQkSzAMABgsJCAcDAgYV CAIJCgsEFgIDAQIeAQIXgAUCTmylpQIZAQAKCRCuJQ1VHU50kv7wD/9fuNtTfxSLk3B3Hs3p ixTy8YXVjdkVwWlnJjFd7BOWmg7sI+LDhpjGfT6+ddOiwkumnvUZpObodj4ysH0i8c7P4C5t F9yu7WjklSlrB5Rth2CGChg5bKt541z2WHkFFxys9qBLmCSYDeKQkzLqhCjIUJizY2kOJ2GI MnSFDzJjhSFEh//oW830Y8fel1xnf/NVF+lBVtRMtMOfoWUqDjvP3sJ1G4zgkDCnF0CfncLx +hq2Mv26Uq9OTzvLH9aSQQ/f067BOkKAJKsfHdborX4E96ISTz57/4xECRSMr5dVsKVm4Y// uVIsb+L5z+a32FaiBZIAKDgnJO7Z8j6CV5e5yfuBTtX52Yi9HjYYqnYJGSDxYd6igD4bWu+7 xmJPHjkdqZgGV6dQIgiUfqkU+s5Cv350vK48CMaT/ZLo2BdsMhWsmaHmb+waePUMyq6E4E9x 9Js+EJb9ZiCfxS9exgieZQpet1L36IvhiwByvkQM009ywfa30JeMOltUtfLi5V06WQWsTzPL 5C+4cpkguSuAJVDTctjCA0moIeVDOpJ8WH9voQ4IeWapQnX35OIoj1jGJqqYdx65gc1ygbyx b8vw+pJ9E5GLse5TQnYifOWpXzX9053dtbwp/2OVhU4KLlzfCPCEsoTyfu9nIZxdI2PMwiL5 M85BfjX4NmwBLmPGoLkCDQRObKNoARAAqqXCkr250BchRDmi+05F5UQFgylUh10XTAJxBeaQ UNtdxZiZRm6jgomSrqeYtricM9t9K0qb4X2ZXmAMW8o8AYW3RrQHTjcBwMnAKzUIEXXWaLfG cid/ygmvWzIHgMDQKP+MUq1AGQrnvt/MRLvZLyczAV1RTXS58qNaxtaSpc3K/yrDozh/a4pu WcUsVvIkzyx43sqcwamDSBb6U8JFoZizuLXiARLLASgyHrrCedNIZdWSx0z0iHEpZIelA2ih AGLiSMtmtikVEyrJICgO81DkKNCbBbPg+7fi23V6M24+3syHk3IdQibTtBMxinIPyLFF0byJ aGm0fmjefhnmVJyCIl/FDkCHprVhTme57G2/WdoGnUvnT7mcwDRb8XY5nNRkOJsqqLPemKjz kx8mXdQbunXtX9bKyVgd1gIl+LLsxbdzRCch773UBVoortPdK3kMyLtZ4uMeDX3comjx+6VL bztUdJ1Zc9/njwVG8fgmQ+0Kj5+bzQfUY+MmX0HTXIx3B4R1I1a8QoOwi1N+iZNdewV5Zfq+ 29NlQLnVPjCRCKbaz9k6RJ2oIti55YUI6zSsL3lmlOXsRbXN5bRswFczkNSCJxJMlDiyAUIC WOay7ymzvgzPa+BY/mYn94vRaurDQ4/ljOfj6oqgfjts+dJev4Jj89vp8MQI3KJpZPEAEQEA AYkCJQQYAQIADwUCTmyjaAIbDAUJEswDAAAKCRCuJQ1VHU50km4xEACho45PZrUjY4Zl2opR DFNo5a6roTOPpgwO9PcBb3I5F8yX2Dnew+9OhgWXbBhAFq4DCx+9Gjs43Bn60qbZTDbLGJ/m 8N4PwEiq0e5MKceYcbetEdEUWhm5L6psU9ZZ82GR3UGxPXYe+oifEoJjOXQ39avf9S8p3yKP Diil0E79rn7LbJjMcgMLyjFg9SDoJ6pHLtniJoDhEAaSSgeV7Y745+gyMIdtQmrFHfqrFdjq D6G0HE+Z68ywc5KN67YxhvhBmSycs1ZSKAXv1zLDlXdmjHDHkU3xMcB+RkuiTba8yRFYwb/n j62CC4NhFTuIKOc4ta3dJsyXTGh/hO9UjWUnmAGfd0fnzTBZF8Qlnw/8ftx5lt4/O+eqY1EN RITScnPzXE/wMOlTtdkddQ+QN6xt6jyR2XtAIi7aAFHypIqA3lLI9hF9x+lj4UQ2yA9LqpoX 6URpPOd13JhAyDe47cwsP1u9Y+OBvQTVLSvw7Liu2b4KjqL4lx++VdBi7dXsjJ6kjIRjI6Lb WVpxe8LumMCuVDepTafBZ49gr7Fgc4F9ZSCo6ChgQNLn6WDzIkqFX+42KuHz90AHWhuW+KZR 1aJylERWeTcMCGUSBptd48KniWmD6kPKpzwoMkJtEXTuO2lVuborxzwuqOTNuYg9lWDl7zKt wPI9brGzquUHy4qRrA==
Message-ID: <58fb8886-ba8d-fd5e-e250-baee164cae2d@gont.com.ar>
Date: Tue, 10 Dec 2019 03:21:14 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.1
MIME-Version: 1.0
In-Reply-To: <CABNhwV0ePOEpT57jksKTJf==N0rwnuV5U-xJ4xM9gQGR_GPx=w@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/5ZEQlTyc4QmYiqpyJDoSBoi9tIc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2019 08:23:45 -0000
Hello, Gyan, Is it me, or somehow when asked a simple question this results in complexity explosion -- not unusually diverting the attention elsewhere (where intentionally or unintentionally)? Let's make things simple: 1) The SRH draft draft-ietf-6man-segment-routing-header talks about encapsulating an incoming packet into a new header, that incorporates a SRH. Of course, this is encapsulation/tunneling, so this does not result in header insertion. 2) Things like TI-LFA have been implemented by inserting a new SRH n flight, leasing to the situation described by Brian (and going against the recommendation in RFC8200) 3) Penultimate Segment Popping results in the SRH being removed in-flight, violating RFC8200. Going back to #2, the scenario raised by Brian: from a semantical point of view, a packet containing two SRH does not make any sense. Thanks, Fernando On 10/12/19 00:28, Gyan Mishra wrote: > > Brian > > > I would like to put this into proper context for SRv6 and how it would > be deployed in a real world scenario so we can fully connect all the > dots of this puzzle. > > So with SRv6 the 1st SRH eh insertion would never be in flight eh > insertion in the middle of the network. > > Providing some context below. > > The topology is identical to a typical service provider MPLS core where > you have a PE-CE link to customers. So in the MPLS scenario the Ingress > PE would add L3 VPN MBGP bottom of stack label for the customer VRF > PE-CE attachment circuit. > > With SRv6 the L3 VPN MBGP is encapsulated in IPv6 and sits in the > overlay as the inner header payload since now with SRv6 we have an IPv6 > data plane as our underlay 6in6 outer header instead of MPLS ldp topmost > label. Essentially we are swapping MPLS ldp topmost label for SRv6 IPv6 > data plane underlay with all BGP services overlay remaining as-is intact > AFI/SAFI riding on top of SRv6 sitting in the 6in6 payload. > > The SRv6 source node ingress PE of the SR domain would now encapsulate > the SRv6 L3 services TLV and at the same time inserts SRH header routing > type 4 for the hop by hop traffic engineering of the flow through the > controlled SRv6 operators domain. > > So from the big picture standpoint the 1st SRH eh insertion is most > definitely not in the middle of the network and not in flight eh > insertion since the BGP services TLV originating from the external CE > edge is tunneled over the SRv6 IPv6 data plane controlled operator domain. > > BESS WG draft depicts the L3 vpn services TLV that is 6in6 tunneled sits > in the overlay. > > https://tools.ietf.org/html/draft-dawra-bess-srv6-services-02 > > > 2 > <https://tools.ietf.org/html/draft-dawra-bess-srv6-services-02#section-2>. > SRv6 Services TLVs > > This document extends the BGP Prefix-SID attribute > [I-D.ietf-idr-bgp-prefix-sid <https://tools.ietf.org/html/draft-dawra-bess-srv6-services-02#ref-I-D.ietf-idr-bgp-prefix-sid>] to carry SRv6 SIDs and associated > information. > > The SRv6 Service TLVs are defined as two new TLVs of the BGP Prefix- > SID Attribute to achieve signaling of SRv6 SIDs for L3 and L2 > services. > > o SRv6 L3 Service TLV: This TLV encodes Service SID information for > SRv6 based L3 services. It corresponds to the equivalent > functionality provided by an MPLS Label when received with a Layer > 3 service route. Some behaviors which MAY be encoded, but not > limited to, are End.DX4, End.DT4, End.DX6, End.DT6, etc. > > o SRv6 L2 Service TLV: This TLV encodes Service SID information for > SRv6 based L2 services. It corresponds to the equivalent > functionality provided by an MPLS Label1 for EVPN Route-Types as > defined in[RFC7432]. Some behaviors which MAY be encoded, but not > limited to, are End.DX2, End.DX2V, End.DT2U, End.DT2M etc. > > When an egress PE is enabled for BGP Services over SRv6 data-plane, > it MUST signal one or more SRv6 Service SIDs enclosed in SRv6 Service > TLV(s) within the BGP Prefix-SID Attribute attached to MP-BGP NLRIs > defined in [RFC4760 <https://tools.ietf.org/html/rfc4760>][RFC4659][RFC5549 <https://tools.ietf.org/html/rfc5549>][RFC7432][RFC4364 <https://tools.ietf.org/html/rfc4364>] where > applicable as described in section 3 <https://tools.ietf.org/html/draft-dawra-bess-srv6-services-02#section-3> and 4. > > The 2nd SRH EH insertion with TI-LFA occurs at the PLR point of local > > Repair node to the loop free PQ node. > > > So this addition SRH header is only inserted and removed during a failure fast reroute. I believe but not sure if TI-LFA behaves the same as MPLS ldp > > Remote LFA where a MPLS label is added at the PLR > > Node and tunneled to the PQ node. I am still researching that one. > > > With SRv6 the use cases are for wherever you use mpls public internet or > private or enterprise scenario so you would always have the same SR > source PE encapsulation of the edge CE L3 services TLV and so in any of > those use cases would not be a middle of the network in flight EH > insertion which is a violation of RFC 8200. > > Gyan > > On Mon, Dec 9, 2019 at 8:21 PM Brian E Carpenter > <brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>> wrote: > > So, let's assume that two consecutive SRH headers are allowed in the > same packet. > > So the first one (an example from > draft-ietf-6man-segment-routing-header-26) is: > > Segments Left=2 > Last Entry=2 > Flags=0 > Tag=0 > Segment List[0]=S3 > Segment List[1]=S2 > Segment List[2]=S1 > > and the second one is > > Segments Left=1 > Last Entry=1 > Flags=0 > Tag=0 > Segment List[0]=S4 > Segment List[1]=S5 > > I made that up and it's obviously nonsense, but if this is allowed > why aren't the rules for processing conflicting SRHs described in > draft-ietf-6man-segment-routing-header-26? Do we need to recall it > from the RFC Editor queue to be fixed? > > Regards > Brian Carpenter > > On 10-Dec-19 14:02, Brian E Carpenter wrote: > > On 09-Dec-19 22:33, Adrian Farrel wrote: > >> Hi Ron, > >> > >> I think we can jump to a quick answer on this because > draft-ietf-spring-srv6-network-programming-05 says: > >> > >> We assume that the SRH may > >> be present multiple times inside each packet. > >> > >> Thus we may assume that the proponents of Extension Header > insertion do think that it is acceptable to insert a second routing > header into a packet that already has one. > >> > >> And 8200 is clear when it says: > >> Each extension header should occur at most once, except for the > >> Destination Options header, which should occur at most twice (once > >> before a Routing header and once before the upper-layer header). > > > > That's "should", which in a non-RFC2119 document like RFC 8200, > means "should". > > It's not "must". So while I would prefer that the relevant SRH > document justifies > > the exception, there isn't a breach of a mandatory requirement. > > > >> So draft-ietf-spring-srv6-network-programming-05 includes a false > assumption which need to be either removed or secured through an > update to 8200. > >> > >> Ideally, I suppose, draft-ietf-6man-segment-routing-header would > have contained the clarification that the SRH could be present > multiple times > > > > Yes > > > >> (updating 8200 as it went). > > > > Unnecessary, IMHO. > > > > Brian > > > >> > >> > >> > >> Cheers, > >> > >> Adrian > >> > >> > >> > >> *From:*ipv6 <ipv6-bounces@ietf.org > <mailto:ipv6-bounces@ietf.org>> *On Behalf Of *Ron Bonica > >> *Sent:* 09 December 2019 03:04 > >> *To:* 6man <6man@ietf.org <mailto:6man@ietf.org>> > >> *Subject:* Extension Header Insertion > >> > >> > >> > >> Folks, > >> > >> > >> > >> This question is posed primarily to the proponents of Extension > Header insertion. > >> > >> > >> > >> Do you think that it is acceptable to insert a second routing > header into a packet that already has one, so the resulting packet > looks like the following: > >> > >> > >> > >> * IPv6 header > >> * SRH > >> * SRH > >> * Upper-layer header > >> > >> > >> > >> Would this be common in TI-LFA? > >> > >> > >> > >> > Ron > >> > >> > >> > >> > >> > >> Juniper Business Use Only > >> > >> > >> -------------------------------------------------------------------- > >> IETF IPv6 working group mailing list > >> ipv6@ietf.org <mailto:ipv6@ietf.org> > >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > >> -------------------------------------------------------------------- > >> > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org <mailto:ipv6@ietf.org> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > > -- > > Gyan S. Mishra > > IT Network Engineering & Technology > > Verizon Communications Inc. (VZ) > > 13101 Columbia Pike FDC1 3rd Floor > > Silver Spring, MD 20904 > > United States > > Phone: 301 502-1347 > > Email: gyan.s.mishra@verizon.com <mailto:gyan.s.mishra@verizon.com> > > www.linkedin.com/in/networking-technologies-consultant > <http://www.linkedin.com/in/networking-technologies-consultant> > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -- Fernando Gont e-mail: fernando@gont.com.ar || fgont@si6networks.com PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
- Extension Header Insertion Ron Bonica
- RE: Extension Header Insertion Adrian Farrel
- Re: Extension Header Insertion Darren Dukes (ddukes)
- Re: Extension Header Insertion Darren Dukes (ddukes)
- Re: Extension Header Insertion Tom Herbert
- RE: Extension Header Insertion Adrian Farrel
- Re: Extension Header Insertion Gyan Mishra
- RE: Extension Header Insertion Ron Bonica
- Re: Extension Header Insertion Brian E Carpenter
- What if? [was Re: Extension Header Insertion] Brian E Carpenter
- Re: What if? [was Re: Extension Header Insertion] Gyan Mishra
- Re: What if? [was Re: Extension Header Insertion] Gyan Mishra
- Re: What if? [was Re: Extension Header Insertion] Fernando Gont
- Re: What if? [was Re: Extension Header Insertion] Fernando Gont
- Re: What if? [was Re: Extension Header Insertion] Fernando Gont
- Re: Extension Header Insertion Stewart Bryant
- Re: What if? [was Re: Extension Header Insertion] Brian E Carpenter
- Re: What if? [was Re: Extension Header Insertion] Gyan Mishra
- RE: Extension Header Insertion Ron Bonica
- RE: What if? [was Re: Extension Header Insertion] Ron Bonica
- Re: What if? [was Re: Extension Header Insertion] Darren Dukes (ddukes)
- Re: What if? [was Re: Extension Header Insertion] Fernando Gont
- Re: What if? [was Re: Extension Header Insertion] Fernando Gont
- Re: Extension Header Insertion Fernando Gont
- Re: What if? [was Re: Extension Header Insertion] Brian E Carpenter
- Re: What if? [was Re: Extension Header Insertion] Warren Kumari
- Re: What if? [was Re: Extension Header Insertion] Fernando Gont
- Re: What if? [was Re: Extension Header Insertion] Fernando Gont
- Re: What if? [was Re: Extension Header Insertion] Gyan Mishra
- Re: What if? [was Re: Extension Header Insertion] Stewart Bryant
- Re: What if? [was Re: Extension Header Insertion] Jeff Tantsura
- Re: What if? [was Re: Extension Header Insertion] Brian E Carpenter
- Re: What if? [was Re: Extension Header Insertion] Gyan Mishra
- Re: What if? [was Re: Extension Header Insertion] Gyan Mishra
- Re: What if? [was Re: Extension Header Insertion] Jeff Tantsura
- Re: What if? [was Re: Extension Header Insertion] Gyan Mishra
- Re: What if? [was Re: Extension Header Insertion] Stewart Bryant