Re: 6man w.g. last call for <draft-ietf-6man-segment-routing-header-19.txt>

["jmh.direct@joelhalpern.com" <jmh.direct@joelhalpern.com>]

If this document says "this is the mutabuty" then we are fine.  But if the mutability is claimed to be per SID type, then I do not see how it works.  If there were a constraint that a given packet could only use SIDs of one type, then it could work.  But what does it mean for mutabuty to depend on type, but the SID list to contain several types.  Presumably with possibly different mutability constraints?The problem is not with defining AH.  It is with allowing varying mutability.Yours,JoelSent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone
-------- Original message --------From: Bob Hinden <bob.hinden@gmail.com> Date: 5/24/19  19:33  (GMT-05:00) To: "Joel M. Halpern" <jmh@joelhalpern.com> Cc: Bob Hinden <bob.hinden@gmail.com>, Tom Herbert <tom@herbertland.com>, "Darren Dukes (ddukes)" <ddukes@cisco.com>, IPv6 List <ipv6@ietf.org> Subject: Re: 6man w.g. last call for
  <draft-ietf-6man-segment-routing-header-19.txt> Joel, > On May 23, 2019, at 12:58 PM, Joel M. Halpern <jmh@joelhalpern.com> wrote:> > Let me try rephraising Tom's question, since I think I share his concern.  (Apologies Tom if I ask something else.)> > The mutability constraints for SRH are described in teh document as depending upon the SID type.Are we discussing from Section 2. Segment Routing Extension Header:  Some of the other fields of the SRH change en route (i.e. they are  mutable).  The SRH is processed as defined in Section 4.3 of this  document, and uniquely per SID type.  The mutability of the remaining  fields in the SRH (Flags, Tag, Segment List, Optional TLVs) are  defined in that section, in the context of segment processing.The document defines a single SID and the mutability fields in the SRH header and TLVs.   It says that in the future other SIDs may be defined.  Of course, a future document can redefine anything, like all new IETF documents.   The chairs view of the w.g. consensus was to define the mutability of SRH so some future document could specify how AH works with SRH.   It was out of scope to define how AH works in this document.  Would it help to change the language to make it clearer that mutability is not tied to a single SID definition?   Or that future SID definitions need to specify their mutability?Thanks,Bob> These mutability requirements affect validation of an AH header.> This seems to raise several problems.> > 1) When the AH is being verified at someplace other than the current SRH SID enadpoint, there is no reason to expect the verifier to know the SID type.  So how can it verify the AH?> > 2) More importantly, consider the case where there are several SIDs in the SID list.  Suppose SID 2 has more generous mutability than SID 3. So the endpoint identified by SID 2 modifies some of the SRH according to the SID2 rules.  Then changes the destination to SID 3.  Now the packet arrives at SID 3 and he wants to verify the AH.  But the SRH has been modified in accordance with the SID2 rules.  Which SID3 does not even know about.  How is this supposed to work?> > Yours,> Joel> > PS: The wording on the mutability is unclear as to whether what can be changed is just the TLV content, or the type value itself.  If you can, please clarify.> > On 5/23/19 12:12 PM, Tom Herbert wrote:>> On Thu, May 23, 2019 at 8:23 AM Darren Dukes (ddukes) <ddukes@cisco.com> wrote:>>> >>> Ron and Bob, this is not complicated.>>> >>> This document refers to "the SID type defined in section 4.3.1” vs calling it END.>>> Other documents will refer to it as “the SID type defined in section 4.3.1 of draft-ietf-6man-segment-routing-header”.>>> This is simple and all we need to be concerned with for draft-ietf-6man-segment-routing-header-19.>> Darren,>> I don't know what a "SID type" is, so it's hard to understand the>> requirements reference SID types. Please provide a normative>> definition for this term or a reference to the document containing the>> definition of this term. And if multiple SID types are allowed then>> obious question becomes how are different SID types distinguished from>> one another in the protocol.>> Tom>>> >>> The second part of this thread is about draft-ietf-spring-network-programming.>>> It defines a set of additional functions that can be associated with a SID and names them End, End.X, End.T, End.DX2, etc.>>> It defines a registry to assign each of these SID types a number.>>> This is how protocols (ISIS, OSPF, BGP, etc) distributing SIDs and identify their type for use at SR Source nodes.>>> As mentioned on the SPRING alias, the definition of End in draft-ietf-spring-network-programming will get updated to better align with section 4.3.1 of draft-ietf-6man-segment-routing-header.>>> >>> Darren>>> >>> >>>> On May 22, 2019, at 9:58 PM, Ron Bonica <rbonica@juniper.net> wrote:>>>> >>>> Works for me!>>>> >>>> >>>> Juniper Internal>>>> >>>> -----Original Message----->>>> From: Bob Hinden <bob.hinden@gmail.com>>>>> Sent: Wednesday, May 22, 2019 9:34 PM>>>> To: Ron Bonica <rbonica@juniper.net>>>>> Cc: Bob Hinden <bob.hinden@gmail.com>; Darren Dukes (ddukes) <ddukes@cisco.com>; IPv6 List <ipv6@ietf.org>>>>> Subject: Re: 6man w.g. last call for <draft-ietf-6man-segment-routing-header-19.txt>>>>> >>>> Ron,>>>> >>>>> On May 22, 2019, at 8:25 PM, Ron Bonica <rbonica@juniper.net> wrote:>>>>> >>>>> Bob,>>>>> >>>>> All of the SID in draft-ietf-spring-srv6-nework-programming begin with the word "END". The following are examples:>>>>> >>>>> - END>>>>> - END.X>>>>> - END.DT4>>>>> >>>>> So, you are correct in saying that the word "END" doesn't do much to distinguish one SID from another. Maybe the naming convention should be:>>>>> >>>>> - SID>>>>> - SID.X>>>>> - SID.DT4>>>>> - etc>>>> >>>> I think that would be better.>>>> >>>>> >>>>> As long as we are consistent throughout the network programming draft, I am OK with the change.>>>>> >>>>> Also, we need a good collective noun for SIDs of all types. Neither SID nor SRv6 SID work well. If we use the word "SID", it becomes overloaded. The term "SRv6 SID" is a little too close to "SID" to prevent confusion.>>>> >>>> Perhaps when meaning all SIDs, just say “all SIDs”.  When one specific SID, by it’s name SID, SID.X, etc.>>>> >>>> Bob>>>> >>>> >>>>> >>>>>                                                                                                        Ron>>>>> >>>>> >>>>> Juniper Internal>>>>> >>>>> -----Original Message----->>>>> From: Bob Hinden <bob.hinden@gmail.com>>>>>> Sent: Wednesday, May 22, 2019 7:29 PM>>>>> To: Ron Bonica <rbonica@juniper.net>>>>>> Cc: Bob Hinden <bob.hinden@gmail.com>; Darren Dukes (ddukes) <ddukes@cisco.com>; IPv6 List <ipv6@ietf.org>>>>>> Subject: Re: 6man w.g. last call for <draft-ietf-6man-segment-routing-header-19.txt>>>>>> >>>>> Ron,>>>>> >>>>>> On May 22, 2019, at 1:06 PM, Ron Bonica <rbonica@juniper.net> wrote:>>>>>> >>>>>> Darren,>>>>>> >>>>>> We may have made life more difficult for the following reasons:>>>>> >>>>> How can anything be more difficult than it already is :-)>>>>> >>>>>> >>>>>> - Customers are already talking about "The END SID”.>>>>>> - At least two other drafts refer to "The END SID".  In the future, will they refer to "the otherwise nameless SID defined in draft-ietf-6man-segment-routing-header”.>>>>>> - The naming conventions that the chairs suggest introduces ambiguity. Does the term "SID" refer to all SIDs (END.X, END.DT4, etc.) collectively? Or does the term "SID" refer to one particular SID that is defined in draft-ietf-6man-segment-routing-header.>>>>> >>>>> SID would refer to the SID defined in the SRH draft.   I note that in RFC 8402, this appears to be called SRv6 SID.  That seems to be consistent.>>>>> >>>>> When we reviewed the changes in what became the -19 draft, we found the use of “END SID” confusing.  We went back to see if there were other kinds of SIDs defined (for example is there a START SID, MIDDLE SID, etc.), but there isn’t.   We thought it would be better to just say SID.   If new SIDs are later defined elsewhere they can have different names that distinguish them from the SID defined in the SRH draft.>>>>> >>>>>> If the chairs insist on changing the name of the END SID, let's at least give it a new name.>>>>> >>>>> To be clear, we didn’t insist, we made a suggestion that Darren adopted:>>>>> >>>>> “We think calling it “END SID” makes it harder to understand, we had to go back to see if there were other SIDs defined that would have different behavior.   Since there is only one kind of SID defined, like FIRST SID.  We wonder if it can be just called “SID” and if in the future other SIDs are defined they can be called something else, for example "FOO SID”, or "SID 2”.  This is not a showstopper, but might make the document clearer.”>>>>> >>>>> Bob>>>>> >>> >>> -------------------------------------------------------------------->>> IETF IPv6 working group mailing list>>> ipv6@ietf.org>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6>>> -------------------------------------------------------------------->> -------------------------------------------------------------------->> IETF IPv6 working group mailing list>> ipv6@ietf.org>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6>> --------------------------------------------------------------------