IETF Logo Mail Archive

Re: [IPv6] Progress of comments resolution on draft-ietf-6man-enhanced-vpn-vtn-id

Ketan Talaulikar <ketant.ietf@gmail.com> Mon, 18 December 2023 16:50 UTC

Return-Path: <ketant.ietf@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7BC6C14F685; Mon, 18 Dec 2023 08:50:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IKqXAgt6tmey; Mon, 18 Dec 2023 08:50:26 -0800 (PST)
Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53B6BC14F684; Mon, 18 Dec 2023 08:50:26 -0800 (PST)
Received: by mail-ej1-x633.google.com with SMTP id a640c23a62f3a-a235500d0e1so165974666b.2; Mon, 18 Dec 2023 08:50:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1702918224; x=1703523024; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=A6oocURQEnUC3hb3jijohb2I9kmzBE5MeJkic2KVXLE=; b=awTevbAbqMEOzrieYbbXq+vtWPq5KZc2iez/xyGvkBxgrqTA3y+0Uf+16pie8J66ul GV47ncePLhws3z4WXJ/bSLQkTOIXF9dOfRhrP8FNI5yvp2a24AlYf1CcKBiIY7JdlwBI fDhHm6MzU55bNSY0cE5+hjmTSlqHGTtEZgcngSonadyxAhxT5nlU5hftnp32uto7dhax s0FdlmPsLYuI1NoGeGiPwJf33YvjfsnlFkc5MDA4zyNLW/zjcYtCYlIj1sDc3ZAgXemH ae6gTgB9gFuKGqQ3kW2Eahg+htF6i91wceRnRbOGbqKSrmmQ/R3rn0bFWWN4O0uh0N7z Uhrw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702918224; x=1703523024; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=A6oocURQEnUC3hb3jijohb2I9kmzBE5MeJkic2KVXLE=; b=H37uPABjDOdfXRkbLr4/mdatKxoXzZgGoxZ0qlTmqjORF3BN6p8v3x8qVDJ/I13x0s jp3BrQompGn879shxnnT61mOwHpMgwMbrC+AisovVVb0aJe2R7WoOiUJVAXvjez+QqCG RILR7DmrwZX0/oa0aeyDJ0S9uiQpyexUxlHi/mnLoa8nVS617AgLoQX1/pLnPff/F1ir vBG6G/a08CpnOC5XpZUEToZARSYxAf22Y85jp0Vya0eW0vIuamGApO1L6r6DQPPOKRpf dDndLxKzY/H9E+O5jBw+FI3Wq4E40irR1qiipzFjoYcKeFqMnHtVXRcf2CXF2U7VU0zR pWeA==
X-Gm-Message-State: AOJu0YyLWZWZBJykGOxHpGIQKk1pevCAzlXtPI579V5/lWyCkWQDDB26 p5mO2QmykajR1fuEcKL6oltmCCXvornW+KrjK4c=
X-Google-Smtp-Source: AGHT+IH8eF0U+PKZSVbN53N2TGUMW0zfVWwNDzwOBbDpWGFWbiMLbPX8iDkDIZn6Hs+CtNWjBEfAoXXZSlBs75fQWrQ=
X-Received: by 2002:a17:906:c214:b0:a19:a19b:78bd with SMTP id d20-20020a170906c21400b00a19a19b78bdmr8036248ejz.128.1702918221638; Mon, 18 Dec 2023 08:50:21 -0800 (PST)
MIME-Version: 1.0
References: <165d35ecaaa44a3daff0783cd161eb12@huawei.com> <014c01da2cde$f6e31510$e4a93f30$@olddog.co.uk> <2fcc89b28bc64c7cb5cf2abf20319006@huawei.com> <021e01da2d1d$2efc2930$8cf47b90$@olddog.co.uk> <DU2PR02MB1016002CC68F1D799A4562D9D888CA@DU2PR02MB10160.eurprd02.prod.outlook.com> <fc34b0f89c3f4af2b4fb5c5dc5d9f7bd@huawei.com> <CAH6gdPyxjcRZjKcwZ7GckdR-APubTVU4WvRAjjBTStSqx_URnA@mail.gmail.com>
In-Reply-To: <CAH6gdPyxjcRZjKcwZ7GckdR-APubTVU4WvRAjjBTStSqx_URnA@mail.gmail.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Mon, 18 Dec 2023 22:20:09 +0530
Message-ID: <CAH6gdPzdpwYP1GrBZwpXP1Sg2m6JQCu+F5WcMmoqpMCpqHaeCg@mail.gmail.com>
To: "Dongjie (Jimmy)" <jie.dong=40huawei.com@dmarc.ietf.org>
Cc: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, "adrian@olddog.co.uk" <adrian@olddog.co.uk>, 6man <ipv6@ietf.org>, "draft-ietf-6man-enhanced-vpn-vtn-id@ietf.org" <draft-ietf-6man-enhanced-vpn-vtn-id@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000aeb30e060ccb8b93"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/RmwTH4e0kvLywqd3LIAwguX5cIQ>
Subject: Re: [IPv6] Progress of comments resolution on draft-ietf-6man-enhanced-vpn-vtn-id
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Dec 2023 16:50:30 -0000

My apologies for the mixup - the S flag is not from the SRH but the VTN/NRP
ID extn header. But the rest of my comments still apply.

Thanks,
Ketan


On Mon, Dec 18, 2023 at 10:12 PM Ketan Talaulikar <ketant.ietf@gmail.com>
wrote:

> Hi Jie,
>
> I concur with Med on this one and don't see the need for the S-flag. We've
> had TOS/DSCP/EXP for QoS where exactly the same scenario exists and we've
> never had the need for such a flag/indication on the packet.
>
> This looks something like a local configuration/policy on the router to me
> - drop or fallback.
>
> We have very limited (8) flags on the SRH and there should be really
> strong and compelling reasons for allocating one. This one doesn't look
> like such.
>
> Thanks,
> Ketan
>
>
> On Mon, Dec 18, 2023 at 9:17 PM Dongjie (Jimmy) <jie.dong=
> 40huawei.com@dmarc.ietf.org> wrote:
>
>> Hi Med and Adrian,
>>
>> Thanks for the discussion. Here I'd like to give some further explanation
>> about the usage of the S bit and why it is considered useful.
>>
>> In normal IPv6 packet forwarding, the next-hop and outgoing interface are
>> determined based on longest matching of the destination IPv6 address.
>> Packets with unmatched destination address are always dropped.
>>
>> After the introduction of the VTN (or NRP, will use VTN just in this
>> mail) option, the next-hop and outgoing interface are still determined
>> based on the destination address, this is unchanged.
>>
>> Then for packets whose next-hop and outgoing interface are determined,
>> the VTN ID in the packet is used to match with the sets of local resources
>> allocated to VTNs on the outgoing interface. There are two possible results:
>>
>>   1) The VTN ID in the packet matches with the same VTN ID which is
>> configured on the outgoing interface with a set of network resources, then
>> the packet is forwarded using that set of resources.
>>
>>   2) The VTN ID in the packet does not match with any VTN ID configured
>> on the outgoing interface. How should the node behave in this case? There
>> are two options: 1) forward the packet with best effort. 2) discard the
>> packet.
>>
>> The S flag is used to tell the node how to forward the packet when the
>> VTN-ID is not configured on the outgoing interface.
>>
>> With the above, I hope the functionality of the S flag is clear.
>>
>> Then the possible question is can this be achieved by configuration?
>>
>> The answer is it can, but possibly with a relatively higher cost. Note
>> this is to control the behavior for NRPs which are not provisioned on the
>> node's outgoing interface. Usually devices do not provide control
>> configuration for elements which are not enabled. Even if such
>> configuration is supported, as the behavior can be different per NRP, this
>> requires lots of configuration for NRPs which are not enabled. Then we also
>> need to consider the case where the behavior may be different for different
>> flows under the same NRP...
>>
>> One analogy (not quite the same) to the S flag is the bits in IPv6
>> extension header options which are used to control the forwarding behavior
>> when the option cannot be parsed by some node. That may also be achieved
>> via configuration on the nodes, while it turns out a better choice is to
>> use flags to indicate the behavior for unrecognized entities.
>>
>> With the above analysis, hope you also agree that the S flag is a more
>> efficient approach for the required functionality.
>>
>> Best regards,
>> Jie
>>
>> > -----Original Message-----
>> > From: mohamed.boucadair@orange.com <mohamed.boucadair@orange.com>
>> > Sent: Thursday, December 14, 2023 8:23 PM
>> > To: adrian@olddog.co.uk; Dongjie (Jimmy) <jie.dong@huawei.com>
>> > Cc: '6man' <ipv6@ietf.org>;
>> draft-ietf-6man-enhanced-vpn-vtn-id@ietf.org
>> > Subject: RE: [IPv6] Progress of comments resolution on
>> > draft-ietf-6man-enhanced-vpn-vtn-id
>> >
>> > Hi Adrian,
>> >
>> > > If the reason for splitting was technical or made for a radical
>> > > improvement in readability, I might buy it. But I think it is purely a
>> > > documentation issue.
>> >
>> > It isn't.
>> >
>> > The issue is that the use of the S bit is not justified, including with
>> the case you
>> > mentioned below. This scan be handled by a local config parameter. I
>> fail to see
>> > valid arguments so far why a per-NRP per-packet behavior will needed to
>> > process a packet.
>> >
>> > Cheers,
>> > Med
>> >
>> > > -----Message d'origine-----
>> > > De : ipv6 <ipv6-bounces@ietf.org> De la part de Adrian Farrel
>> Envoyé :
>> > > mardi 12 décembre 2023 18:04 À : 'Dongjie (Jimmy)'
>> > > <jie.dong@huawei.com> Cc : '6man' <ipv6@ietf.org>;
>> > > draft-ietf-6man-enhanced-vpn-vtn- id@ietf.org Objet : Re: [IPv6]
>> > > Progress of comments resolution on draft-ietf-
>> > > 6man-enhanced-vpn-vtn-id
>> > >
>> > > Hi Jie,
>> > >
>> > > I rather expected some more comments on this, and I sat back to watch
>> > > them, but then it went quiet and I forgot.
>> > >
>> > > So, "better late than never".
>> > >
>> > > As an aside, I wonder whether you should follow the advice given by
>> > > TEAS in its work on draft-ietf-teas-enhanced-vpn, and feeding into IDR
>> > > on draft-dong-idr-sr-policy-nrp. That is, generalise the VTN use case
>> > > to NRP. I don't think this makes any technical change to the document,
>> > > but makes the applicability wider (more
>> > > generic) in step with what TEAS is doing. This seems to in keeping
>> > > with the suggestions in your Section 5. But it would require some
>> > > editorial work.
>> > >
>> > > I am not enthusiastic about splitting out multiple documents. It just
>> > > makes more work.
>> > >
>> > > While I understand that the authors and Med thought this might be a
>> > > compromise, I doubt that the authors really want to do this (that is,
>> > > make more work for themselves) and since no one spoke up on the list,
>> > > I wonder whether it the (perfectly valid) preference of only one
>> > > person.
>> > >
>> > > If the reason for splitting was technical or made for a radical
>> > > improvement in readability, I might buy it. But I think it is purely a
>> > > documentation issue.
>> > >
>> > > It is worth noting that if the document was split then, without the S
>> > > flag, the whole flags field would be unused in the remaining document.
>> > > It is "unusual" for a spec to define a field that has no documented
>> > > use. I'd be uncomfortable with that.
>> > > Conversely, I think this drat should introduce a new registry to track
>> > > the flags field
>> > >
>> > > Personally, I see some value in the S bit as defined. At least, I do
>> > > in the context of the network slicing use of the NRP. Consider a
>> > > network where some resources are strictly partitioned
>> > > (reserved) at some transit nodes, but at other nodes (perhaps ones
>> > > that are known to have plenty of capacity) no partitioning has been
>> > > performed. In this case, you would want the nodes that have not done
>> > > any partitioning to not be bothered by the VTN/NRP ID carried in the
>> > > packet. But consider, instead, a network that is resource constrained
>> > > where partitioning has been carefully performed on all nodes. In this
>> > > case you would want to observe that the packet cannot be assigned to
>> > > any partition and so should not use the resources of any other
>> > > partition.
>> > >
>> > > Well, I think this might be softened for two reasons:
>> > > 1. If a node does not understand the HBH option, it will skip over it
>> > > (you have specified the highest-order 2 bits are set to 00), so the
>> > > default behaviour is to try to forward the packet.
>> > > 2. Assigning best-effort forwarding to packets seems like a reasonable
>> > > default.
>> > >
>> > > So, I would keep the S bit in this, but I would change "drop" to
>> > > "perform best effort forwarding". (Noting, of course, that the best
>> > > you can do might still be to drop the packet.)
>> > >
>> > > Cheers,
>> > > Adrian
>> > >
>> > > > From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Dongjie
>> > > (Jimmy)
>> > > > Sent: Wednesday, November 8, 2023 12:59 AM
>> > > > To: 6man <mailto:ipv6@ietf.org>
>> > > > Cc: draft-ietf-6man-enhanced-vpn-vtn-id@ietf.org
>> > > > Subject: [IPv6] Progress of comments resolution on
>> > > draft-ietf-6man-enhanced-vpn-vtn-id
>> > > >
>> > > > Hi WG,
>> > > >
>> > > > Regarding Med's review comments on
>> > > > draft-ietf-6man-enhanced-vpn-vtn-id,
>> > > the authors
>> > > > and Med met in Prague and reach some agreement about the
>> > > possible
>> > > resolution of his
>> > > > comments.
>> > > >
>> > > > The proposed approach is to split the definition of the S flag
>> > > out
>> > > > from
>> > > this document, so
>> > > > that this document will focus on the specification of the VTN
>> > > option
>> > > > with
>> > > all the flags as
>> > > > reserved, and the S Flag could be defined as an extension to
>> > > the VTN
>> > > option in a separate
>> > > > document.
>> > > >
>> > > > Before updating this WG draft, we would like to know the WG's
>> > > opinion
>> > > > on
>> > > this approach
>> > > > to move forward. Any feedback is welcome.
>> > >
>> > > -----------------------------------------------------------------
>> > > ---
>> > > IETF IPv6 working group mailing list
>> > > ipv6@ietf.org
>> > > Administrative Requests:
>> > > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2
>> > >
>> > Fwww.ietf.org%2Fmailman%2Flistinfo%2Fipv6&data=05%7C01%7Cmohamed.
>> > >
>> > boucadair%40orange.com%7Cc7b66a0799ca41a4b00e08dbfb346dd5%7C90c
>> > 7a
>> > >
>> > 20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C638379974860934578%7CUn
>> > know
>> > > n%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1ha
>> > >
>> > WwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=9bNvzWEsR9J86r5zy3V%
>> > 2BD6Y
>> > > Iv9ZsyazWDcIjP6aUlNA%3D&reserved=0
>> > > -----------------------------------------------------------------
>> > > ---
>> > ___________________________________________________________________
>> > _________________________________________
>> > Ce message et ses pieces jointes peuvent contenir des informations
>> > confidentielles ou privilegiees et ne doivent donc pas etre diffuses,
>> exploites ou
>> > copies sans autorisation. Si vous avez recu ce message par erreur,
>> veuillez le
>> > signaler a l'expediteur et le detruire ainsi que les pieces jointes.
>> Les messages
>> > electroniques etant susceptibles d'alteration, Orange decline toute
>> > responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>> >
>> > This message and its attachments may contain confidential or privileged
>> > information that may be protected by law; they should not be
>> distributed,
>> > used or copied without authorisation.
>> > If you have received this email in error, please notify the sender and
>> delete this
>> > message and its attachments.
>> > As emails may be altered, Orange is not liable for messages that have
>> been
>> > modified, changed or falsified.
>> > Thank you.
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
>

v2.23.0 | Report a Bug | By Email