IETF Logo Mail Archive

Re: SRH insertion vs SRH insertion + encapsulation

Robert Raszuk <robert@raszuk.net> Sat, 07 September 2019 12:34 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F321E120058 for <ipv6@ietfa.amsl.com>; Sat, 7 Sep 2019 05:34:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Hl3lWJA_lAe for <ipv6@ietfa.amsl.com>; Sat, 7 Sep 2019 05:34:55 -0700 (PDT)
Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [IPv6:2607:f8b0:4864:20::82b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF24D12026E for <6man@ietf.org>; Sat, 7 Sep 2019 05:34:54 -0700 (PDT)
Received: by mail-qt1-x82b.google.com with SMTP id n7so10508325qtb.6 for <6man@ietf.org>; Sat, 07 Sep 2019 05:34:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oLCt2w3AxLKBvlOtsrJwKY2OQC8uf2p+nqXnLFMFCyY=; b=RAbOQDxAVL+cVpWDmgjBa+AVHBSnYg6GIhfUqTBr9lm95KLaZSbU2/l7Fv7ZY2zyuI zIA4I0Ca78VNfU/uXq3pczjY1TdyHU1U6/crGSft6B4xH2XVcdzCLDs4lnhVuFIFJbTc isMXtFrJia0Jj3QbEZENBWfSl+GteOW2QwQFdjFFOfdXsT+/+exMCuZUH+Sxt5wDqiTN Av+64AjjSxajPL5ZwI9iF75MLlxDaJLe4wbV1mOI3yW6KRK7eKEOKgbbALGLed/Wkj9u 4Q0VfmSFAhIZCTUDLMB9bbxxE/CPxVPz80mPIzYl4NP9kuK/ziPqwPun0q6fGppGni+e qh7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oLCt2w3AxLKBvlOtsrJwKY2OQC8uf2p+nqXnLFMFCyY=; b=VJS1wwgr2Y7EUdiwJghJcVnyba1Uql++zcjUkyx4HITcFmSunOijQEM6RZCEQbwrq9 2BStNwcfskG0ewh40LdpUSwB9sGLZ0Pea7WVpPdt45wZdw7uTJNDV279VlZu3zZ4pPfg I6IUParpr51gNn8wR0c4AOTRpgwstUHdsPkTPKBYNd7+ww1kEuzQI7l141JIYaZ2ertc kuh5vC6jfsq2HE4yQLoXlhsz1/SyyTjLH4vNVjeQS3YnPMW2Q5339lGpxCDzEk8qc5mJ J/xCNlrQc6DMLckrbIWxMjs7D4TFbfWMqNRlRGGDhc9IvmyqVm6NEef5lPE+fSjEnvRT sKew==
X-Gm-Message-State: APjAAAUuC5YigBAkFtYotWnupTAs+4Hq6QwdfVbPrQTUizyaBOjtShzE u0qkLsJaTBB4woH/yl99DbCI0F9Z4IjfBOH6InKoxA==
X-Google-Smtp-Source: APXvYqwllrSImUmbUgCvuhy2e+kYt1UBv02wfrb3p+nvMItq/ctzc8IGQWG08NRIR+RCxYgYmJGMBPefWcMXcVYgJh4=
X-Received: by 2002:ac8:2ae9:: with SMTP id c38mr14024464qta.311.1567859693855; Sat, 07 Sep 2019 05:34:53 -0700 (PDT)
MIME-Version: 1.0
References: <CAOj+MMETQa=OfovZak35VfnY+T6qzU9BxAhmFMXz1b7kSppyQg@mail.gmail.com> <f1ac8b63-860a-4fee-141d-20bf9e1332cb@si6networks.com>
In-Reply-To: <f1ac8b63-860a-4fee-141d-20bf9e1332cb@si6networks.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Sat, 07 Sep 2019 14:34:44 +0200
Message-ID: <CAOj+MMG_KszYdMj27zDvAV+vtjRWPbHWoGErh_pRDvGOoVeqRQ@mail.gmail.com>
Subject: Re: SRH insertion vs SRH insertion + encapsulation
To: Fernando Gont <fgont@si6networks.com>
Cc: "6man@ietf.org" <6man@ietf.org>, draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001c38a20591f5c8f8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/SYZq54Erb23Z-6FwFnluxyvTxGw>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Sep 2019 12:34:57 -0000

Hi Fernando,

If you originate a packet, you can include you EHs (within the
> constraints of RFC8200) because it is a *new* packet.
>

Ok glad we got that far :)

And honestly I would recommend NP document authors to clearly separate
those two indeed.

> That's not called "insertion"

If it would be up to me where the NP document calls for EH insertion keep
"insertion" where the document describes insertion + encap just rename it
to imposition+encapsulation.

Just to avoid confusion ...

> draft-matsushima-spring-srv6-deployment-status-01
>
> So you are telling me that the document that proposes EH insertion
> doesn't contain the rationale for it, and we should go and look elsewhere?
>

Deployment experience is never part of standards track document. And it
should never be.

Besides, I've just looked at the I-D you reference. The only thing there
> about insertion is that there are folks that have deployed it.
>

And why they deployed it.


> So.. let me try to understand: A vendor went ahead and implemented what
> they pleased, violating existing standards. They now come to 6man and
> claim that we should modify the standard because even when what they are
> proposing is forbidden in our specs, they have already deployed it.
>
> Are we being taken seriously?
>

Ok I admit I am new to 6man ... but not new to IETF. Say in IDR or other
WGs you can not progress any document till you demonstrate interoperable
implementations. That is why there is early code point allocation too.

If in 6man things work differently - if you have to prove on draft and
slides that your idea may work instead of showing it works then that seems
like different IETF process I am used to.

The packet is bigger. But in the event of errors, they are delivered to
> the originator of the packet. That's how our "architecture" works.
>

Sure ... you still have originator of the inserted header too. So stops an
implementation to inform such node that what he is doing hurts here ?


> That doesn't answer the question. PLease let me rephrase: what are you
> doing with EH insertion that you couldn't do with encap/decap?
>

Nothing. All you can do with only insertion you can do with imposition +
encap. Just that you just waisting min extra 40 bytes each time.

You are breaking IPv6 ent to endness. A node that receives an error will
> receive a packet it never sent.
>

I don't think so. Remeber SR inserts bits in the packets and removes them
before handling the packet in original form further.

So I guess the case which you are highlighting is this:

1. Packet comes to a domain
2. Within domain without any encap someone is doing TI-LFA with pure
insertion
3. Nodes on the bypass path encounter the issue with the packet, can not
recognize the SRH so start sending erors to original application src
4. Application src can not interpret those errors and we have a mess.

Is this your thinking ?

If so how about we would mandate that SRH insertion is allowed only if
within domain original packet was already encapsulated ?



> > If EH is removed within the domain it has been inserted end receiver
> > never sees it.
>
> THat's something that you can't guarantee at the protocol level, but
> have to do it operationally. And, operationally, s* happens.
>

s* happens all the time. But if this is mandated in the spec you have a
stick to smash your vendor with and get another vendor if they fail to
listen to you.


> 6man already have this dicussion, and I don't see any new elements being
> added to it, to be honest.
>

I am sure it did ... I will try to search for it as clearly I must have
missed it fully or partially.

Thx a lot,
R.

v2.23.0 | Report a Bug | By Email