IETF Logo Mail Archive

Re: END SID Without SRH

"Darren Dukes (ddukes)" <ddukes@cisco.com> Thu, 13 June 2019 00:57 UTC

Return-Path: <ddukes@cisco.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82169120164 for <ipv6@ietfa.amsl.com>; Wed, 12 Jun 2019 17:57:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=EcGl9f6C; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=YZ4aYHUB
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R4fQpSpvCX4e for <ipv6@ietfa.amsl.com>; Wed, 12 Jun 2019 17:57:30 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6E0F1200A1 for <ipv6@ietf.org>; Wed, 12 Jun 2019 17:57:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=14775; q=dns/txt; s=iport; t=1560387449; x=1561597049; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=P4iKy8peaIGjYtKGbD0G9R6Z5jbzHwAtTPek0yeS2zc=; b=EcGl9f6C4/fWXv7MfGkuq44cECtRWOsDSR11ZKoMSl5z1vbqpl8g8lux UAYAMl5hf/pLpFxEQ2u1xzeotecxAaXcf39+WhPxaV54oW5cmuLfyhUbQ GlNB6ihsncNJQyT/xLEGePdTX6dTjDx0mOyGL5rf9ZussGLfAVERNykLi s=;
IronPort-PHdr: 9a23:t70rzRUpUgXoHWGP5v+YZqwKI4vV8LGuZFwc94YnhrRSc6+q45XlOgnF6O5wiEPSANSJ8OpK3uzRta2oGXcN55qMqjgjSNRNTFdE7KdehAk8GIiAAEz/IuTtank2ENlBWURN9HCgOk8TE8H7NBXf
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BIAAD8ngFd/51dJa1lHAEBAQQBAQcEAQGBUQcBAQsBgT1QA2pVIAQLKAqEDINHA4RSig6CMoloiR2EU4EuFIEQA1QJAQEBDAEBJQgCAQGEQAIXgi0jNAkOAQMBAQQBAQIBBG0cDIVLAgEDEhEdAQE3AQ8CAQg/AwICAh8RFBECBA4FIoMAAYEdTQMdAQIBC58dAoE4iF9xgTGCeQEBBYJHgjsNC4IPAwaBNAGEb4ZtF4FAP4ERJwwTgkw+ghpHAQECAYErARIBgykygiaOMYRyiESNIT4JAoIQhkeJGINrG4IliwmJepQvgWWNTQIEAgQFAg4BAQWBTzhncXAVZQGCQYIPDBeDTYUUhT9yAQGBJ4xegSIBgSABAQ
X-IronPort-AV: E=Sophos;i="5.63,367,1557187200"; d="scan'208,217";a="571961502"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 13 Jun 2019 00:57:19 +0000
Received: from XCH-ALN-002.cisco.com (xch-aln-002.cisco.com [173.36.7.12]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id x5D0vJlw002397 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 13 Jun 2019 00:57:19 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-ALN-002.cisco.com (173.36.7.12) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 12 Jun 2019 19:57:18 -0500
Received: from xhs-aln-002.cisco.com (173.37.135.119) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 12 Jun 2019 19:57:18 -0500
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 12 Jun 2019 19:57:18 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P4iKy8peaIGjYtKGbD0G9R6Z5jbzHwAtTPek0yeS2zc=; b=YZ4aYHUBAbHQhTbv3m0Bh7alask51OoBtvlQOaT7OlRgqiOGHrNBZXv8OCvCp6760PpRgbk6cRgb+CxkauCA6ks4MYluOhNi3Krze6Y430bHHmfwjCXOZ+8+t+jGaQt8W9CpZYn50SSBDYbiajFzniXS6OxOrpL+6I5WaC31DEI=
Received: from DM6PR11MB3516.namprd11.prod.outlook.com (20.177.220.141) by DM6PR11MB3436.namprd11.prod.outlook.com (20.177.220.29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1965.17; Thu, 13 Jun 2019 00:57:17 +0000
Received: from DM6PR11MB3516.namprd11.prod.outlook.com ([fe80::d59f:9fbe:1f8b:bac7]) by DM6PR11MB3516.namprd11.prod.outlook.com ([fe80::d59f:9fbe:1f8b:bac7%7]) with mapi id 15.20.1987.010; Thu, 13 Jun 2019 00:57:17 +0000
From: "Darren Dukes (ddukes)" <ddukes@cisco.com>
To: Bob Hinden <bob.hinden@gmail.com>
CC: IPv6 List <ipv6@ietf.org>
Subject: Re: END SID Without SRH
Thread-Topic: END SID Without SRH
Thread-Index: AdUdO5q1Xl8r4Qz1TcuQQsHzUSUW9ADfn2IAAA2gNoAAAwk/gAAAY9aAABR63GAABjnxAAACg5WAAAPwy6Q=
Date: Thu, 13 Jun 2019 00:57:17 +0000
Message-ID: <B0D2092F-CC6E-4990-857B-E88229FA80AF@cisco.com>
References: <BYAPR05MB42456C75487CF9283A0ED1D0AE100@BYAPR05MB4245.namprd05.prod.outlook.com> <CAO42Z2y_D-xe+tX9n-KQYjnk5bkYXibO0Zs3E=JfAWWMZnJcSA@mail.gmail.com> <3030A68F-6CE1-4179-930C-D60BEB73063A@employees.org> <CAO42Z2yLkCRNXKp8KKnqh8VRRo6p1dx4h0-gyLBFZ=Jq0xQj2w@mail.gmail.com> <0C40BEFF-B050-40A1-BCB7-F76ADF18E3E0@employees.org> <BYAPR05MB42457C37AE7DC3F4CACC8FD7AEEC0@BYAPR05MB4245.namprd05.prod.outlook.com> <B254E985-A848-4FC4-868D-E2F04CF7E0DB@cisco.com>, <104B106B-8130-4931-9DBF-2FE5C5633CB0@gmail.com>
In-Reply-To: <104B106B-8130-4931-9DBF-2FE5C5633CB0@gmail.com>
Accept-Language: en-US
Content-Language: en-CA
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ddukes@cisco.com;
x-originating-ip: [212.76.253.171]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8e977319-293a-4497-a42d-08d6ef9a14d6
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:DM6PR11MB3436;
x-ms-traffictypediagnostic: DM6PR11MB3436:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <DM6PR11MB343619E8B4A24868D305C96EC8EF0@DM6PR11MB3436.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0067A8BA2A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(366004)(376002)(39860400002)(136003)(396003)(199004)(189003)(53754006)(66476007)(66446008)(71190400001)(316002)(478600001)(14454004)(7736002)(4326008)(6506007)(91956017)(76116006)(73956011)(66556008)(66946007)(256004)(236005)(53936002)(6436002)(6512007)(64756008)(53546011)(6916009)(33656002)(54896002)(68736007)(6306002)(606006)(3846002)(486006)(102836004)(6246003)(76176011)(6486002)(81156014)(229853002)(81166006)(99286004)(8936002)(2616005)(2906002)(36756003)(66066001)(71200400001)(476003)(3480700005)(11346002)(186003)(86362001)(5660300002)(446003)(26005)(6116002)(25786009)(8676002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR11MB3436; H:DM6PR11MB3516.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: KLopspc2ibwnX+WpkhJNGb9enussqacekvIR9Fq8mViGslYsQXr37nqFVJYGhq+LlFhslFjG/iuHXHT9hn+4Xs4HgH2RHgbDSkynOY7eyFV6fmAfCHSZN73YqHwP4UlP5/6OfDNfT0WKISednqDIhjr8gk0KUoT2N5JmdHYSPlPDOfDYJKcCvMANEZC7OxrTl23IZ94+eizdwv17jFCHo8Bl8CofEWbFbxzl37LvfvBMWujfX012Ys5pf4VQeS03AUs6W3UdIpjp8YMVPLECpiPwYcCzmd2etwZgOdlks6ec3+culBpWKlGjwj6nPubm/F2T2S2O0RDmgjkRg07+L1av29u/ULR0kcaK5jwewDIZF/rdqn/scyiWfA9GRUGYmnr2xuTrkm34pzzwAuwK+uVHaUb4D9euP5esAi/PneI=
Content-Type: multipart/alternative; boundary="_000_B0D2092FCC6E4990857BE88229FA80AFciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8e977319-293a-4497-a42d-08d6ef9a14d6
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jun 2019 00:57:17.1427 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ddukes@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3436
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.12, xch-aln-002.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/IL-sdS6jAvdJz6wijszq2WgPgE8>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2019 00:57:33 -0000

Hi Bob. See inline.

On Jun 13, 2019, at 1:04 AM, Bob Hinden <bob.hinden@gmail.com<mailto:bob.hinden@gmail.com>> wrote:

Darren,

On Jun 12, 2019, at 2:52 PM, Darren Dukes (ddukes) <ddukes@cisco.com<mailto:ddukes@cisco.com>> wrote:

Hello everyone.

This document defines an SRH and a SID, and how that SID is processed.

I expect anyone "surprised" by this fact should have read this draft at some point:
a - within the past 2 years; since this document has defined a SID and its processing.
b - within the past 13 months; since section 4.3.1 specifically described discarding the packet based on upper layer header being processed.
c - within the past 8 months; since the current version of 4.3.1.2 was updated with the new ICMP error code, published, and the WG was notified via email.

And recall section 3.1 defines a Source SR node as
 "any node that originates an IPv6 packet with a
 segment (i.e.  SRv6 SID) in the destination address of the IPv6
 header.  The packet leaving the source SR Node may or may not contain
 an SRH."

In other words, there is no surprise.

I am trying to sort out this discussion.

I think the text in the draft this discussion is about is:

4.3.1.2.  Upper-layer Header or No Next Header

  When processing the Upper-layer header of a packet matching a FIB
  entry locally instantiated as an SRv6 SID defined in this document.

  IF (Upper-layer Header is IPv4 or IPv6) and
      local configuration permits {
    Perform IPv6 decapsulation
    Resubmit the decapsulated packet to the IPv4 or IPv6 module
  }
  ELSE {
    Send an ICMP parameter problem message to the Source Address and
    discard the packet.  Error code (TBD by IANA) "SR Upper-layer
    Header Error", pointer set to the offset of the upper-layer
    header.
  }

  A unique error code allows an SR Source node to recognize an error in
  SID processing at an endpoint.


If I understand it correctly, the case for the action described in this section  is:

  When processing the Upper-layer header of a packet matching a FIB
  entry locally instantiated as an SRv6 SID defined in this document.

A node receiving this packet that knows it is SRv6 SID (because it was locally instantiated), would follow this procedure.

Correct.

A node who does not know that it is an SRv6 SID, will process the packet normally as defined in RFC8200/etc/etc.


Yes. This case is covered by section by 4.3.3 specifically, where the destination lpm matches a non-local Route.



4.3.3<https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-19#section-4.3.3>.  FIB Entry Is A Non-Local Route


Processing is not changed by this document.


Essentially, a node will only do this if it is in an SRv6 domain because it has had SRv6 SID information configured manually or via some protocol.

Am I correct?

Yes you are correct.

Thanks.
  Darren


Bob

v2.23.0 | Report a Bug | By Email