IETF Logo Mail Archive

RE: What if? [was Re: Extension Header Insertion]

Ron Bonica <rbonica@juniper.net> Tue, 10 December 2019 21:50 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 794561201E0 for <ipv6@ietfa.amsl.com>; Tue, 10 Dec 2019 13:50:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=cod8Vd47; dkim=pass (1024-bit key) header.d=juniper.net header.b=KkizGubZ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mntnE2M8Jl6I for <ipv6@ietfa.amsl.com>; Tue, 10 Dec 2019 13:50:00 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 665DD12018D for <6man@ietf.org>; Tue, 10 Dec 2019 13:50:00 -0800 (PST)
Received: from pps.filterd (m0108161.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xBALnGmp020042; Tue, 10 Dec 2019 13:49:59 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=Tdlo2IH7OuklEx8m2J4fyQ9ITR3fUnCKoyaQ+ne6b6c=; b=cod8Vd47K/m75A5Pg950Mqe0N/EQu6yJgxoph9DAdzTCr1V08PaKF1d5gK98e+5MyQAf 7hMbMAJ3IShU3cqdW6TG1urDwQDlz63dW9Xh1cb4a6/EjjT4xFMVOKq4NEcb57KAm9KC qIk7r+kbBh2btZJYkQLSe+lfEwsBDJr72aHU6JaATLOlClBvS+UJFSsoJUazjIAWVIdV bfw+q2IYmoQHhCKKEWOJ+/CIAQkRFtFXIZCpdmYNCNaNGTpri5yfKlLZi+cqR1BMoZB9 oPer8D3Z8lHhEr4zab+NI5dub6SFZa7KmkbjaJX14t8BD4ySDrBojsaRgEy9lkMFKVrA Nw==
Received: from nam12-mw2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2042.outbound.protection.outlook.com [104.47.66.42]) by mx0b-00273201.pphosted.com with ESMTP id 2wt8tjs78u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 10 Dec 2019 13:49:59 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H6V6EJyXf7jUyMiogGKsyv97TwkHf/egB8L64YP6Cy+gsC5DJaY48VxvXnij+/Moq83nEoE0X07EFXX0uR7o/xvFBoXQgKN+P5jAhPjxePm+7h4/hio46Kr1lX86Yaaj6HarRTwt6R/dLNz51FEdSdJsAqTvC0FfPxwiMp+fWD8s3C/Px8+Ah753UnqxDjJFk6TNjgdAtnBRaED0NYB+5abI+tEJWqv2hiEmU30gl82Su6JI20bg4gIvuERcXyye4G4qBWIuaaQ97/37V5y5YZYckCbTMjvbMOFSqODv4pnqSshjy5uk47f4QMmpd5aPIASh5iuYGFkXO8tdMqxeTQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Tdlo2IH7OuklEx8m2J4fyQ9ITR3fUnCKoyaQ+ne6b6c=; b=GxpOlNEfceXDEVySOSYWhqiUZhjzzg77fpPGi9/Wym5q+bwnbh0l3kdqCI5D7N8KgblJuiprVKpNn0uBIhaYtspB/F892hxgVEzK761VExPOSlE+eNVX3DySHraUU+er/xQ6QOVnvAesUaXdLJckBlj4fOvocFkppyP85+lFMklgO8dApkslpZuu/VqPHu7k9hrm5t4adGqORy1ciaqpIvcMs1r/pxyLK8IJR5H4EWkG5aPd/4o/7N7Z2S2Smi866LQXEmc0j5E/yWQuxsG/4CK78TsjLbW69mEsRuSRoFtPTwAEe+SwC+2hblQ2iI+C2paiRV2l63ch5pnTY/yzcQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Tdlo2IH7OuklEx8m2J4fyQ9ITR3fUnCKoyaQ+ne6b6c=; b=KkizGubZvY569/YDMgWuiL+qRNDwmaoxmkou/4BZ8yhXkIphcyquVSZnt9puCpyCWJODe/tUcM8U8nqgmMJrFgl2SGLdnshJwUy/OCmlFglt/0iFN1Q4K8D+1/E3sw9QHSFrfWEGlALHcAiUyNkNCpwSB53DUq5qA0OQO7yspko=
Received: from BN7PR05MB5699.namprd05.prod.outlook.com (20.176.28.88) by BN7PR05MB5746.namprd05.prod.outlook.com (20.176.28.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2538.10; Tue, 10 Dec 2019 21:49:54 +0000
Received: from BN7PR05MB5699.namprd05.prod.outlook.com ([fe80::185e:d297:6499:4987]) by BN7PR05MB5699.namprd05.prod.outlook.com ([fe80::185e:d297:6499:4987%7]) with mapi id 15.20.2516.003; Tue, 10 Dec 2019 21:49:54 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, "adrian@olddog.co.uk" <adrian@olddog.co.uk>, '6man' <6man@ietf.org>
Subject: RE: What if? [was Re: Extension Header Insertion]
Thread-Topic: What if? [was Re: Extension Header Insertion]
Thread-Index: AQHVrvgfQcbK8HdPf0eDbdIU+gbkp6ez5V9g
Content-Class:
Date: Tue, 10 Dec 2019 21:49:54 +0000
Message-ID: <BN7PR05MB5699FC3731FEE0C7021781D0AE5B0@BN7PR05MB5699.namprd05.prod.outlook.com>
References: <BN7PR05MB5699D9BA988F96E2F41CD390AE580@BN7PR05MB5699.namprd05.prod.outlook.com> <00dc01d5ae73$c361b450$4a251cf0$@olddog.co.uk> <dbcdeb1a-0091-da2b-20df-d991e6c06091@gmail.com> <9bc47200-4fea-37ce-0ede-cbf6a5f70ea9@gmail.com>
In-Reply-To: <9bc47200-4fea-37ce-0ede-cbf6a5f70ea9@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-12-10T21:49:52.7613591Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=6898c3e8-0371-419d-ad5a-501a677abbe7; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
dlp-product: dlpe-windows
dlp-version: 11.3.2.8
dlp-reaction: no-action
x-originating-ip: [66.129.241.11]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 17e6caf9-877e-465a-8e6b-08d77dbae456
x-ms-traffictypediagnostic: BN7PR05MB5746:
x-microsoft-antispam-prvs: <BN7PR05MB574698BEED8A52ABDC325119AE5B0@BN7PR05MB5746.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 02475B2A01
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(376002)(346002)(136003)(39860400002)(366004)(13464003)(189003)(199004)(7696005)(2906002)(52536014)(8936002)(81156014)(5660300002)(86362001)(71200400001)(53546011)(81166006)(316002)(966005)(6506007)(8676002)(64756008)(66446008)(66946007)(478600001)(33656002)(76116006)(66556008)(66476007)(26005)(55016002)(9686003)(110136005)(186003); DIR:OUT; SFP:1102; SCL:1; SRVR:BN7PR05MB5746; H:BN7PR05MB5699.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: diqB7CaCwBXTcG85U/rKNTldcENWbH9kMWDgxed/EhR7mJu7Im1Z0SvbtulC0uv6E30N6fxeQ983q2JZWQcI+xlWfd39oYG0Hzz9F/ttoVqWh5VzBPVVS1vxQsNyT09XmRqo0ryVmjeW1wGEXsyKgTzpWTOKJaXEEnS1iCCsSR3iC/s59TnpVW06SSTB91orZoA88Sv/asITPxOQhBN6iXTt15OevB/p/LGPzDEKbbillXoq9GPsxr6k+vSe99J1QbHGzq1r7jaxJVZPkymY58eEDtmyPjPfKmSMh1Lr/SaUYnIY2r0CCzuwh1svPlHFrsuLuo2ex8K63i+CPvv5LAdRnVYpxbw0tCd9J0rW1It3dEekMZLOdm6BmT3U72laKq4PrKjTdy9ajzISvlqPNg0caFH8i+2cS6lNaVGnLJsorQLUbW3e9ceTKfhydxk1xk84kBz1zGdUYJ7CMtXCnwe5VwKJ9EYxXROve7cUfQa1h1IrEWhvAPjemP07pXUShB5iPAjoa43ElA5ISDlUVEjfhsVG+Zi77hbrQaBV7cA=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 17e6caf9-877e-465a-8e6b-08d77dbae456
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Dec 2019 21:49:54.2682 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: EQOIjx1LpawGkvkxvC6C7q2TdxPY0u158UAYArlFUNonCBbZDPS9zOOEbLvpAkwLAp3DGX2z/iNFiVgJrOhJHw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR05MB5746
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-12-10_07:2019-12-10,2019-12-10 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 adultscore=0 suspectscore=0 phishscore=0 priorityscore=1501 mlxlogscore=999 clxscore=1015 mlxscore=0 impostorscore=0 bulkscore=0 spamscore=0 malwarescore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1912100178
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/JaHUHqzlnH9Qor90B7iIokJB_mc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2019 21:50:03 -0000

Folks,

Adding to Brian's question, assume that the SR ingress node creates a packet that contains an SRH. In  that SRH,

- SL[0] : Locator is Node A and function is END.DT4. The ARG cause the packet to be forwarded into VPN RED.
- SL[1] : Locator is Node B and  function is END

Node B inserts another SRH before the original SRH. In that SRH:

- SL[0] : Locator is Node D and function is END.DT4. The ARG cause the packet to be forwarded into VPN BLUE.
- SL[1] : : Locator is Node E and function is END

In this case, the second SRH contradicts the first by causing the packet to be forwarded into a different VPN. Which SRH takes priority?

                                                                                    Ron








Juniper Business Use Only

-----Original Message-----
From: Brian E Carpenter <brian.e.carpenter@gmail.com> 
Sent: Monday, December 9, 2019 8:21 PM
To: adrian@olddog.co.uk; Ron Bonica <rbonica@juniper.net>; '6man' <6man@ietf.org>
Subject: What if? [was Re: Extension Header Insertion]

So, let's assume that two consecutive SRH headers are allowed in the same packet.

So the first one (an example from draft-ietf-6man-segment-routing-header-26) is:

       Segments Left=2
       Last Entry=2
       Flags=0
       Tag=0
       Segment List[0]=S3
       Segment List[1]=S2
       Segment List[2]=S1

and the second one is

       Segments Left=1
       Last Entry=1
       Flags=0
       Tag=0
       Segment List[0]=S4
       Segment List[1]=S5

I made that up and it's obviously nonsense, but if this is allowed why aren't the rules for processing conflicting SRHs described in draft-ietf-6man-segment-routing-header-26? Do we need to recall it from the RFC Editor queue to be fixed?

Regards
   Brian Carpenter

On 10-Dec-19 14:02, Brian E Carpenter wrote:
> On 09-Dec-19 22:33, Adrian Farrel wrote:
>> Hi Ron,
>>
>> I think we can jump to a quick answer on this because draft-ietf-spring-srv6-network-programming-05 says:
>>
>>    We assume that the SRH may
>>    be present multiple times inside each packet.
>>
>> Thus we may assume that the proponents of Extension Header insertion do think that it is acceptable to insert a second routing header into a packet that already has one.
>>
>> And 8200 is clear when it says:
>>    Each extension header should occur at most once, except for the
>>    Destination Options header, which should occur at most twice (once
>>    before a Routing header and once before the upper-layer header).
> 
> That's "should", which in a non-RFC2119 document like RFC 8200, means "should".
> It's not "must". So while I would prefer that the relevant SRH 
> document justifies the exception, there isn't a breach of a mandatory requirement.
>   
>> So draft-ietf-spring-srv6-network-programming-05 includes a false assumption which need to be either removed or secured through an update to 8200.
>>  
>> Ideally, I suppose, draft-ietf-6man-segment-routing-header would have 
>> contained the clarification that the SRH could be present multiple 
>> times
> 
> Yes
> 
>> (updating 8200 as it went).
> 
> Unnecessary, IMHO.
> 
>     Brian
> 
>>
>>  
>>
>> Cheers,
>>
>> Adrian
>>
>>  
>>
>> *From:*ipv6 <ipv6-bounces@ietf.org> *On Behalf Of *Ron Bonica
>> *Sent:* 09 December 2019 03:04
>> *To:* 6man <6man@ietf.org>
>> *Subject:* Extension Header Insertion
>>
>>  
>>
>> Folks,
>>
>>  
>>
>> This question is posed primarily to the proponents of Extension Header insertion.
>>
>>  
>>
>> Do you think that it is acceptable to insert a second routing header into a packet that already has one, so the resulting packet looks like the following:
>>
>>  
>>
>>   * IPv6 header
>>   * SRH
>>   * SRH
>>   * Upper-layer header
>>
>>  
>>
>> Would this be common in TI-LFA?
>>
>>  
>>
>>                                                                       
>> Ron
>>
>>  
>>
>>  
>>
>> Juniper Business Use Only
>>
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: 
>> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/ipv
>> 6__;!!NEt6yMaO-gk!QcxrCDx88HILxijExwq_3hhEqP955MgFkB_g5T4Bb4T_FuZjRvj
>> 4jdITZ69rOB93$
>> --------------------------------------------------------------------
>>
>

v2.23.0 | Report a Bug | By Email