IETF Logo Mail Archive

Re: END SID Without SRH

Tom Herbert <tom@herbertland.com> Thu, 13 June 2019 14:03 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C858C120092 for <ipv6@ietfa.amsl.com>; Thu, 13 Jun 2019 07:03:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zq4wTpOiyxpR for <ipv6@ietfa.amsl.com>; Thu, 13 Jun 2019 07:03:36 -0700 (PDT)
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 825C3120140 for <ipv6@ietf.org>; Thu, 13 Jun 2019 07:03:36 -0700 (PDT)
Received: by mail-ed1-x52b.google.com with SMTP id p26so27361988edr.2 for <ipv6@ietf.org>; Thu, 13 Jun 2019 07:03:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=uHJtIbZcOPU8VtUy/BZWoljGnDoIzYXxZgXvbm6/EmM=; b=kx35z0FVo2MNXDkS/xqHR7U+E59McIWaG7V0x4PUTSbSL0aWCnywybKjakGqf08QbJ NKUogFK9JGdZwFTEjLWigVr25FpumrGis19k8vSGJL7DQT9pFDJC+ZKv/HszyMLQ2Iji dKV2rzkWp7eI4E9/IdbVc1TlKBGo+8OZ5R/55rLE+Q086EOvG+yK0e0olylPWrIiUvFi xQ0a0xsd6kINwQB84STnhX4foV/+Oeh3KowqrGgJt0m08bHgXI0Qk8Nd2x0dSrG2/r0C F/wLdrmeJgJB1SKxfcwXUsc+1LaCcKOaA8BrcS2OmavBEai22k7tbYZo2qqzKw3QUiiT Rc+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=uHJtIbZcOPU8VtUy/BZWoljGnDoIzYXxZgXvbm6/EmM=; b=pWaJMZ/ZJA4ycXIJfAws2umrhQI8gL8F0kNKz3d4aHXxduD/pk83o5QTM7L5EtxTQv Yny+zmvPSrfaxSVbB3WbZqgiWNd5k9W6v/ZPMTCsR4tHv1IT+spkNY+/4tTk+oBcAmQp ED36TWKqUbweqBqZVhbKDLFO6QsJJMTlX5u1/eGvpW07xJYqMrrDlkaqkkssipmRz31P 7XZqOIKSU2tIHcoyggYB3ZGmmqqGJElZOtffsn35m4KQy/m9ba4+xzw5+749+Gc53iRw n30eFZyUzjkQtIl7dyrY4nYgv+jFAOTt6FCE7TnDWLgbun4WGshxLq+JMXeOQ9MIVf+e 3Kww==
X-Gm-Message-State: APjAAAUH7gXnUYhQ0kN7+QZQoCjZBUl4SRtzKdwDo0BLdy7JhtnF2Uzq h4zVftFLUo+DL4LdDFgai7Bjba+7hk4y8Z897N5/IA==
X-Google-Smtp-Source: APXvYqzXRlhXfWVPiPfACukkvjZddi9U3Nlaf0fw6M04WE2LZJvZ9QIJ3ln8qbvuwPUi1E0B1ancd8viinmeealsgYM=
X-Received: by 2002:a50:cdcf:: with SMTP id h15mr10616120edj.26.1560434614885; Thu, 13 Jun 2019 07:03:34 -0700 (PDT)
MIME-Version: 1.0
References: <BYAPR05MB42456C75487CF9283A0ED1D0AE100@BYAPR05MB4245.namprd05.prod.outlook.com> <CAO42Z2y_D-xe+tX9n-KQYjnk5bkYXibO0Zs3E=JfAWWMZnJcSA@mail.gmail.com> <3030A68F-6CE1-4179-930C-D60BEB73063A@employees.org> <CAO42Z2yLkCRNXKp8KKnqh8VRRo6p1dx4h0-gyLBFZ=Jq0xQj2w@mail.gmail.com> <0C40BEFF-B050-40A1-BCB7-F76ADF18E3E0@employees.org> <BYAPR05MB42457C37AE7DC3F4CACC8FD7AEEC0@BYAPR05MB4245.namprd05.prod.outlook.com> <B254E985-A848-4FC4-868D-E2F04CF7E0DB@cisco.com> <CAO42Z2wXRe9XyMMVetzPMTY4Og=B=wQLz3LUVB0DFzRLL-BPQQ@mail.gmail.com> <07B7D3ED-55AC-4698-900A-E6828A1AAC20@cisco.com>
In-Reply-To: <07B7D3ED-55AC-4698-900A-E6828A1AAC20@cisco.com>
From: Tom Herbert <tom@herbertland.com>
Date: Thu, 13 Jun 2019 07:03:23 -0700
Message-ID: <CALx6S36Zm=EoqexPiZaeYhTmnbQ-UoE8teuTeqzw7Zc2UPN_CA@mail.gmail.com>
Subject: Re: END SID Without SRH
To: "Darren Dukes (ddukes)" <ddukes@cisco.com>
Cc: Mark Smith <markzzzsmith@gmail.com>, Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/8hbBKtz3qHMxhTovb8k3mOKtO4c>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2019 14:03:40 -0000

On Thu, Jun 13, 2019 at 12:25 AM Darren Dukes (ddukes) <ddukes@cisco.com> wrote:
>
> Mark.
>
> You remember your SIDs in your SR domain come from a SID block you created, S/s (see section 5.1) and this destination address falls within that space.
>
> You notice the destination sending an ICMP parameter problem error with a code that says “SR Upper-layer Header Error”.
>
> This is how you tell the source is trying to talk to a destination address that doesn’t speak TCP.
>
How is that any different than sending an ICMPv6 parameter problem
error with code 1 that says “Unrecognized Next Header type
encountered”?

> Darren
>
> On Jun 13, 2019, at 6:28 AM, Mark Smith <markzzzsmith@gmail.com> wrote:
>
>
>
> On Thu., 13 Jun. 2019, 07:52 Darren Dukes (ddukes), <ddukes@cisco.com> wrote:
>>
>> Hello everyone.
>>
>> This document defines an SRH and a SID, and how that SID is processed.
>>
>> I expect anyone "surprised" by this fact should have read this draft at some point:
>> a - within the past 2 years; since this document has defined a SID and its processing.
>> b - within the past 13 months; since section 4.3.1 specifically described discarding the packet based on upper layer header being processed.
>> c - within the past 8 months; since the current version of 4.3.1.2 was updated with the new ICMP error code, published, and the WG was notified via email.
>>
>> And recall section 3.1 defines a Source SR node as
>>    "any node that originates an IPv6 packet with a
>>    segment (i.e.  SRv6 SID) in the destination address of the IPv6
>>    header.  The packet leaving the source SR Node may or may not contain
>>    an SRH."
>>
>> In other words, there is no surprise.
>
>
> So one of the contexts I consider is sitting in front of a packet capture tool like Wireshark, and trying to troubleshoot a fault by looking at the packet.
>
> For the packet Ron described, with no SRH header, there is nothing to distinguish it from a normal IPv6 packet. The fault would be that the packet contains a TCP header, yet TCP processing is not occurring.
>
> The DA address in the packet might actually be a SID, but if it is coming from within the existing IPv6 unicast or multicast spaces, there is no indication of that.
>
> This SR processing is failing the principle of least surprise. That failure can cause longer than necessary troubleshooting and longer customers' services impacts. A network's MTTR is negatively impacted.
>
> Mandating that all packets to be SR processed have an SRH would prevent this problem. It would also be compliant with RFC 8200, because the processing to occur on the packet when it arrives at the device with the DA is explicitly encoded in the packet.
>
> Without a formal SID address space, encoding functions to perform on a packet in addresses is ambiguous, implicit and when troubleshooting, non-obvious.
>
> Regards,
> Mark.
>
>>
>> Darren.
>>
>>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email