Re: Intra SR Domain Deployment Model - Re: some feedback on feedback on draft-bonica-6man-ext-hdr-update-03
Brian E Carpenter <brian.e.carpenter@gmail.com> Sun, 10 May 2020 20:52 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C51623A0BAA for <ipv6@ietfa.amsl.com>; Sun, 10 May 2020 13:52:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xTrpqWETFPCj for <ipv6@ietfa.amsl.com>; Sun, 10 May 2020 13:52:03 -0700 (PDT)
Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99E523A0BAD for <ipv6@ietf.org>; Sun, 10 May 2020 13:52:03 -0700 (PDT)
Received: by mail-pg1-x531.google.com with SMTP id a4so3584666pgc.0 for <ipv6@ietf.org>; Sun, 10 May 2020 13:52:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=9wsY+0bmilk0oyEUvdZvI9KaQOg4BIpebQl7yIHB/ZQ=; b=JHqC+v6FIcmT9KLKnuhqLzh1bZOlc690iOgdh37Mkv6gFrVCv7vwItLzXD5c3soCST ZGwtk1S7kPpjK3VMNzM9QueWNt57P7wLKGPUxnxs5awI1x//grK2vqUuox4wgzAE0mmD WocghYIsmQ8vk5HoBYzlFycR3lXpIYoeDNF8ltOPGZb3nyxKYHy3/gXhOBRJ2tOxYn7m vjSyVXnPmqig4RaLUxSJS9aroqs4mxXMFkyhOfM7ySB77p3zvSvfgDLaGnHHVp1XbQVK UyQXCcqE61eo6BFtFNNPWdIxcRHsDlTB0shX0eTKgY+azTPHiaf1ImBMYHSvl4YDJQ64 WuBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=9wsY+0bmilk0oyEUvdZvI9KaQOg4BIpebQl7yIHB/ZQ=; b=EsFBvWiOGIJJGja+NDWSxpdyv637jhWBysmJdrst5c76FTKAGsgqLBIFVKp+YwwvC3 59YXoAwTEE35Aw7eqBNqlQyc+V5Pf6r72EZ0xKtrYWjAVO6gyifEWvI+1HljHrSdIKPa ON9GnmD7x+hBEr7+ubwpCGZiIlu980BnfSWEffl5EcSKGkB38NAnKebphrRt5ynB97Sq UMHsVYfP30SBE74qguc7w14YiOZZHICTugQmfOqmKcKSSEpio1i/8SGAWQ+CHpX9QlVi TEYjZOdsNsoKsgEOD3FfYBLVIMw+NqCoj4uS4dOqngyCmS03nnmEkDR+sU6GzB4rkzuy bnOA==
X-Gm-Message-State: AGi0PuaP+nrsWKLv23UI2jDs2UUTcSn78GTjAjuaE5GTI8LZYOPmHXCw a4npRlaObAyFM/RemStUMdnE3fve
X-Google-Smtp-Source: APiQypISvJTlXumB4y1xcCnvRnCihpaoDGz+s94ef6T2Fr+2FscHMlZjnniKsmrd3EccXSNDF077TQ==
X-Received: by 2002:a63:e843:: with SMTP id a3mr11894046pgk.383.1589143922206; Sun, 10 May 2020 13:52:02 -0700 (PDT)
Received: from [192.168.178.30] (207.252.69.111.dynamic.snap.net.nz. [111.69.252.207]) by smtp.gmail.com with ESMTPSA id w3sm7274445pfn.115.2020.05.10.13.51.59 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 10 May 2020 13:52:01 -0700 (PDT)
Subject: Re: Intra SR Domain Deployment Model - Re: some feedback on feedback on draft-bonica-6man-ext-hdr-update-03
To: "Joel M. Halpern" <jmh@joelhalpern.com>, "Xiejingrong (Jingrong)" <xiejingrong@huawei.com>
Cc: 6man WG <ipv6@ietf.org>
References: <A9C19AE3-5F86-4B34-9C13-DB9E315BC963@cisco.com> <21c5e01e-1087-c6f4-a782-931049bbe9e3@gmail.com> <280cf8028b314fbe97bf10f92268ab29@huawei.com> <CAO42Z2ypix9tx-EvZa7RR2J0qXFgAKNR40aRgQYDsWLKBovh3w@mail.gmail.com> <7f4f7703a9114da6830358481ec519ba@huawei.com> <3d08f222-739b-6560-3bb7-3702e3201d18@joelhalpern.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <2e2f7e8d-bd2b-5ef4-443e-94ed0fed3771@gmail.com>
Date: Mon, 11 May 2020 08:51:57 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <3d08f222-739b-6560-3bb7-3702e3201d18@joelhalpern.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/LrUoayOPk6_95mAYANIKXfy5Vgo>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 May 2020 20:52:09 -0000
On 10-May-20 17:19, Joel M. Halpern wrote:
> I can't speak for Mark.
> From where I sit, the mechanisms in 8754 are the ones we have used for
> protecting a number of things. They produce a moderately protected
> domain that suffices if one is also careful in other regards.
>
> That does not mean that it is safe to do anything and everything in the
> controlled domain that would not be safe on the open Internet.
>
> I saw something that claimed to be a security analysis that claimed
> there was no risk of wire-tapping because it was a controlled domain.
> That simply does not follow.
>
> Similarly, with the operational difficulties of header insertion, using
> the protocol in a quasi-limited domain does not suddenly make the
> operations safer, simpler, or more tractable. It doesn't.
>
> So yes, limited / controlled quasi-domains do help. But they do not
> vitiate the many constraints in RFCs. I would be very unhappy at the
> IETF taking Brian's useful work and trying to turn that into some kind
> of escape clause.
Thankyou, Joel. Indeed, the conclusion from my draft is that *if* we
continue defining limited-domain protocols, *then* we need a solid
and secure definition of domain membership and domain boundary.
(draft-ietf-anima-autonomic-control-plane is a sort of prototype.)
At the moment, everyone who wants to define some kind of local
behaviour has to define their own flavour of domain, and that seems
like a recipe for operational confusion.
But that isn't our topic here in 6MAN. Fixing ambiguity in RFC8200 is.
Brian
>
> Yours,
> Joel
>
> PS: As Mark and others have noted, we have a lot of examples of things
> escaping out of controlled domains and of things leaking into domains
> where they do not belong. So one has to be extremely cautious with the
> entire concept. I am actually sympathetic to the security and
> congestion folks who keep asking for better behavior inside domains. I
> just don't know how to make things like NSH both more robustly secure
> and still effective and useful. I do acknowledge the tension. And NSH
> does abide by all of the IP RFCs. Quite carefully.
>
> On 5/10/2020 12:44 AM, Xiejingrong (Jingrong) wrote:
>> Hi Mark,
>>
>> Have you found any problems of the “controlled domain” mechanism setup
>> by RFC8754 section 5 ?
>>
>> More below about the SRv6 controlled domain and the MPLS controlled domain:
>>
>> The success rate of implementing controlled domains using IPv6 is going
>> to be quite a bit lower than with MPLS because of these reasons.
>>
>> ==>Look at the deployment of SRv6 please.
>>
>> (Has there ever been an MPLS leak between networks that caused problems
>> in the receiving network?)
>>
>> ==> MPLS(and other L2.5 technology) used to be used in “intra-AS” scope,
>> which is a very small part of a Service-provider’s network.
>>
>> ==> When it comes to “inter-AS” deployment within a service-provider, it
>> encountered serious scalability problems. The industry spent many years
>> trying to solve this scalability problem, and finally give up
>> (https://tools.ietf.org/html/draft-ietf-mpls-seamless-mpls-07).
>>
>> ==>This is very much like the telephone AFAIK, firstly it is mainly used
>> in a “metro wide”, and now it is common for a “national wide” telephone
>> call without any extra fee for inter-metro.
>>
>> ==>While for an enterprise who want a national wide “connection” of its
>> two sites, it is hard for a service provider on its “inter-AS”
>> infrastructure to provide such connection by using MPLS. That’s the pain.
>>
>> ==>There is also MPLS over IP/UDP proposal for such “inter-AS”
>> connection, but I failed to see a good “security boundary” could be well
>> deployed (see RFC7510 section 6) without using an IP address block.
>>
>> ==>I really don’t know any other methods to solve both better: the
>> secure boundary, and the “inter-AS” scalability, until I realized that
>> RFC8754 section 5.1 provides a paradigm IMO.
>>
>> Thanks
>>
>> Jingrong
>>
>> *From:*Mark Smith [mailto:markzzzsmith@gmail.com]
>> *Sent:* Sunday, May 10, 2020 11:50 AM
>> *To:* Xiejingrong (Jingrong) <xiejingrong@huawei.com>
>> *Cc:* Brian E Carpenter <brian.e.carpenter@gmail.com>; 6man WG
>> <ipv6@ietf.org>
>> *Subject:* Re: Intra SR Domain Deployment Model - Re: some feedback on
>> feedback on draft-bonica-6man-ext-hdr-update-03
>>
>> On Sun, 10 May 2020, 12:10 Xiejingrong (Jingrong),
>> <xiejingrong@huawei.com <mailto:xiejingrong@huawei.com>> wrote:
>>
>> Hi Brian,
>> I think the limited domain is a good summary to differentiate from
>> the internet, and may help the understanding between "routing area"
>> people and "internet area" people.
>> Internet is "networks' network", or "interconnection of
>> service-provider's networks".
>> Limited-domain is a very small subset of Internet, e.g., a
>> service-provider's network, a CDN network, etc.
>>
>> Let me cite text from the <draft-carpenter-limited-domains> draft:
>> Often, the boundary of a limited domain will also act as a security
>> boundary. In particular, it will serve as a trust boundary, and
>> as a
>> boundary of authority for defining capabilities. For example,
>> segment routing [RFC8402] explicitly uses the concept of a "trusted
>> domain" in this way.
>>
>> I think this is an important thing that make it deployable using
>> IPv6 but not impact much on the public Internet.
>>
>> If controlled domains were as reliability deployed as some believe, we
>> wouldn't have RFC1918 address leaks, 100.64/10 route leaks, and need for
>> the as112 project to deal with DNS PTR lookups for RFC1918 addresses.
>>
>> People might think MPLS and IPv6 are equivalent transports for SR.
>> They're not, there are quite a lot of differences.
>>
>> MPLS doesn't have a default route label that causes traffic to try to
>> leave the local network by default if there is no local matching
>> destination.
>>
>> MPLS isn't the universal end-to-end Internet protocol intended to be
>> talked by all Internet attached nodes including end-user hosts. MPLS is
>> a local network, most commonly within the network only protocol.
>>
>> MPLS is an optional protocol that is used to support a network's use of
>> IP. IP is a mandatory protocol needed to provide services to end-hosts
>> that use IP to communicate.
>>
>> MPLS's "nature" is to be and be used as a limited domain protocol.
>> IPv6's nature is the opposite.
>>
>> The success rate of implementing controlled domains using IPv6 is going
>> to be quite a bit lower than with MPLS because of these reasons.
>>
>> (Has there ever been an MPLS leak between networks that caused problems
>> in the receiving network?)
>>
>> If you want to much more reliability implement a controlled domain that
>> is attached to the Internet, you use a local network protocol that has
>> no chance of being able to traverse the Internet and reach a foreign
>> host where it could cause problems, should it somehow leak.
>>
>>
>> SRv6 has a very clear and deployable "trust boundary" by using the
>> widely available "ACL" capability as described in RFC8754 section 5.1.
>> And that's my observation about the "limited domain" and how SRv6 is
>> a good design and good example:
>> (1) Use ipv6 address block for ease of "trust boundary" definition,
>> making it deployable.
>> (2) Predicable MTU consumption by a Max-SID and Max-Delta assumption.
>> (3) Use of HMAC (also mature theory) to provide source-origin
>> integrity of its L3 own, without burden of payload integrity (which
>> is often guaranteed by L4+).
>>
>> I would like to recommend one more use case of "limited domain" to
>> your <draft-carpenter-limited-domains> draft:
>> https://tools.ietf.org/html/draft-xie-bier-ipv6-encapsulation-06
>> (section 5.1 for secure the domain boundary, using the paradigm
>> settled by RFC8754 section 5.1)
>>
>> Thanks
>> Jingrong
>>
>> -----Original Message-----
>> From: ipv6 [mailto:ipv6-bounces@ietf.org
>> <mailto:ipv6-bounces@ietf.org>] On Behalf Of Brian E Carpenter
>> Sent: Sunday, May 10, 2020 5:25 AM
>> To: ipv6@ietf.org <mailto:ipv6@ietf.org>
>> Subject: Re: Intra SR Domain Deployment Model - Re: some feedback on
>> feedback on draft-bonica-6man-ext-hdr-update-03
>>
>> Hi,
>>
>> To my certain knowledge, the IETF has not agreed that exceptions to
>> standards are allowed within limited domains, or established any
>> standard about what a limited domain is and how its boundary and
>> membership are established.
>>
>> That might be a good thing to do, and I might even have some ideas
>> about how to do it**. But so far, it hasn't happened.
>>
>> Regards
>> Brian
>>
>> ** https://datatracker.ietf.org/doc/draft-carpenter-limited-domains/
>>
>> On 10-May-20 01:55, Zafar Ali (zali) wrote:
>> > Hi,
>> >
>> >
>> >
>> > +1; to add to what Robert explained (also changing subject to highlight the scope - Intra SR Domain Deployment Model):
>> >
>> >
>> >
>> > * RFC8402 (SR Architecture) defines segment routing within an SR Domain.
>> > * RFC8754 (SRH) section 5 further defines the Intra SR Domain Deployment Model.
>> > * draft-ietf-spring-srv6-network-programming defines segment behaviors solely within the context of these RFCs: i.e. within the SR Domain.
>> >
>> >
>> >
>> > Thanks
>> >
>> >
>> >
>> > Regards … Zafar
>> >
>> >
>> >
>> > *From: *ipv6 <ipv6-bounces@ietf.org <mailto:ipv6-bounces@ietf.org>> on behalf of
>> Robert Raszuk
>> > <robert@raszuk.net <mailto:robert@raszuk.net>>
>> > *Date: *Friday, May 8, 2020 at 5:22 PM
>> > *To: *Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com <mailto:pch-ipv6-ietf-6@u-1.phicoh.com>>
>> > *Cc: *6man WG <ipv6@ietf.org <mailto:ipv6@ietf.org>>
>> > *Subject: *Re: some feedback on feedback on
>> > draft-bonica-6man-ext-hdr-update-03
>> >
>> >
>> >
>> > Hello Philip,
>> >
>> >
>> >
>> > I am not sure if you have carefully followed 100s of emails so far on
>> > either 6man or spring WG lists..
>> >
>> >
>> >
>> > Your comments lead me to believe that perhaps you missed the key point here. Lecture of the subject draft also does not help at all to clarify what the behaviour should be as it just does not talk about the problem at hand. It talks about something which IMHO is obvious to all of us. It mixes end to end required
>> behaviour with transport behaviour - completely different layers of
>> transport all within layer 3.
>> >
>> >
>> >
>> > So let me for clarity restate the problem - hoping that those who do
>> > care about technical points will find it useful:
>> >
>> >
>> >
>> > Application opens a socket and original IPv6 packets get's send from
>> > node N1 to final/ultimate/etc destination N2.
>> >
>> >
>> >
>> > Obviously it contains some v6 base header and may contain some
>> > extension headers.
>> >
>> >
>> >
>> > No one here is doing *anything* to this very headers. For those calling it end to end principle of IPv6 no one is changing a bit. Those stay intact.
>> >
>> >
>> >
>> > But as it is unfortunately the case N1 and N2 may not be directly
>> > connected. Worse to get from N1 to N2 packets may need to transit via third party network or networks.
>> >
>> >
>> >
>> > So it is very common that each transit network today implements some
>> > form of encapsulation for various reasons. Some use IPv4 encap, some use MPLS-LDP, some use RSVP-TE, some use IPv6 in IPv6. Even if you go and try to buy "a circuit" you will be getting an emulated circuit over someone's IPv4 or IPv6 network.
>> >
>> >
>> >
>> > Transport network operator is responsible for his network - so all
>> > claims that oh if I insert a bit here or there packets may exceed MTU and will be dropped while theoretically true really do not happen in real life as no one sane accepts the larger packet which it would not be able to carry as transit provider. Besides if someone would he would be out of business already so nothing
>> for IETF to worry about.
>> >
>> >
>> >
>> > So now comes the crux of what some call "the issue". On the edge of
>> > transit network T1 packets is getting a new IPv6 header. Original packet intact is wrapped and placed into the new envelope.
>> >
>> >
>> >
>> > Sometimes DST of the packet T2 means egress from transit network.
>> > Sometimes it means a middle hop which by network programming will know how to handle it and apply new destination Tn.
>> >
>> >
>> >
>> > I do not see anything wrong with any "intermediate destination of the
>> > packet" to do what it considers best in order to deliver packet to the transit network egress node.
>> >
>> >
>> >
>> > Now comes the topic of an additional hander mangling even by nodes
>> > which are not intermediate destinations, yet all within transit network. Real use case example of this would be the local path or node protection. The less overhead it incurs the better for the end to end service hence those arguing let's apply new IPv6 header there are just off in the efficiency curve - even if it perhaps
>> simplifies some of the hardware processing. If we can insert
>> arbitrary MPLS stack anywhere in transit why one would not be able
>> to insert a new SRH into his own IPv6 transit header ? SIDs are much
>> larger - oh no ... take a look at our vSID proposal.
>> >
>> >
>> >
>> > Finally packet gets to the ultimate egress of transit network and
>> > continues its journey towards N2.
>> >
>> >
>> >
>> > To conclude - all what transit does with the packet has nothing to do with end to end principle. If someone is trying to fit today's networking into OSI model I am afraid it will fail as OSI model does not map today's flavors of IP layer 3 transport planes.
>> >
>> >
>> >
>> > If some would like to see N1 to N2 traversing without any
>> > encapsulation I believe need to build new Internet by themselves starting with dark fiber. Mean time folks trying to use IPv6 to deliver better services are facing some fascinating oppositions which can not even in technical terms explain the issue.
>> >
>> >
>> >
>> > I am really puzzled what the subject draft is trying to clarify. Plain
>> > mortal reading does not reveal the mystery behind it. Maybe printing it on good printer and flashing UV light would help ? Maybe some have special decoder which would reveal the real text. No idea.
>> >
>> >
>> >
>> > Kind regards,
>> >
>> > Robert.
>> >
>> >
>> >
>> > PS. Another way to look at this space is to either accept that encapsulation of IPv6 in IPv6 is allowed or not. And as we are rewriting L2 header at each L3 hop - one can consider SRv6 technology as rewriting IPv6 header at each L3 hop within a given network. If so all header operations are permitted by each hop if not by
>> RFC8200 then by RFC2473.
>> >
>> >
>> >
>> >
>> >
>> > On Fri, May 8, 2020 at 9:26 PM Philip Homburg <pch-ipv6-ietf-6@u-1.phicoh.com
>> <mailto:pch-ipv6-ietf-6@u-1.phicoh.com>
>> <mailto:pch-ipv6-ietf-6@u-1.phicoh.com
>> <mailto:pch-ipv6-ietf-6@u-1.phicoh.com>>> wrote:
>> >
>> > > However, if you look at it after PSP node has received and
>> > > processed the PSP function psuedocode you are now in RFC 8200
>> > > conformance.
>> >
>> > If you say only the final destination of the IPv6 packet removes the
>> > extension headers and no intermediate router inserts or removes anything,
>> > then there is no conflict with draft-bonica-6man-ext-hdr-update-03 or
>> > with Fernado's erratum. So we just accept either of those as a
>> > clarification of RFC 8200 and move on.
>> >
>> >
>> > --------------------------------------------------------------------
>> > IETF IPv6 working group mailing list
>> > ipv6@ietf.org <mailto:ipv6@ietf.org> <mailto:ipv6@ietf.org
>> <mailto:ipv6@ietf.org>>
>> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> >
>> > --------------------------------------------------------------------
>> >
>> >
>> > --------------------------------------------------------------------
>> > IETF IPv6 working group mailing list
>> > ipv6@ietf.org <mailto:ipv6@ietf.org>
>> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> > --------------------------------------------------------------------
>> >
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org <mailto:ipv6@ietf.org>
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org <mailto:ipv6@ietf.org>
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
- Intra SR Domain Deployment Model - Re: some feedb… Zafar Ali (zali)
- Re: Intra SR Domain Deployment Model - Re: some f… Brian E Carpenter
- RE: Intra SR Domain Deployment Model - Re: some f… Xiejingrong (Jingrong)
- Re: Intra SR Domain Deployment Model - Re: some f… Brian E Carpenter
- RE: Intra SR Domain Deployment Model - Re: some f… Xiejingrong (Jingrong)
- Re: Intra SR Domain Deployment Model - Re: some f… Mark Smith
- RE: Intra SR Domain Deployment Model - Re: some f… Xiejingrong (Jingrong)
- Re: Intra SR Domain Deployment Model - Re: some f… Joel M. Halpern
- Re: Intra SR Domain Deployment Model - Re: some f… Erik Kline
- Re: Intra SR Domain Deployment Model - Re: some f… Gyan Mishra
- Re: Intra SR Domain Deployment Model - Re: some f… Fernando Gont
- Re: Intra SR Domain Deployment Model - Re: some f… Erik Kline
- Re: Intra SR Domain Deployment Model - Re: some f… Fernando Gont
- Re: Intra SR Domain Deployment Model - Re: some f… Fernando Gont
- Re: Intra SR Domain Deployment Model - Re: some f… Brian E Carpenter
- Re: Intra SR Domain Deployment Model - Re: some f… Zafar Ali (zali)
- RE: Intra SR Domain Deployment Model - Re: some f… Xiejingrong (Jingrong)
- Re: Intra SR Domain Deployment Model - Re: some f… Gyan Mishra
- Re: Intra SR Domain Deployment Model - Re: some f… Brian E Carpenter
- Operational reality (Re: Intra SR Domain Deployme… Mark Smith
- Re: Operational reality (Re: Intra SR Domain Depl… Gyan Mishra