IETF Logo Mail Archive

Re: Size of CR in CRH

Robert Raszuk <robert@raszuk.net> Thu, 21 May 2020 20:05 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 964613A0743 for <ipv6@ietfa.amsl.com>; Thu, 21 May 2020 13:05:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vD_RQCYonTOv for <ipv6@ietfa.amsl.com>; Thu, 21 May 2020 13:05:38 -0700 (PDT)
Received: from mail-ed1-x544.google.com (mail-ed1-x544.google.com [IPv6:2a00:1450:4864:20::544]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADFF43A074B for <6man@ietf.org>; Thu, 21 May 2020 13:05:15 -0700 (PDT)
Received: by mail-ed1-x544.google.com with SMTP id f13so6968591edr.13 for <6man@ietf.org>; Thu, 21 May 2020 13:05:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LWe5+yR+t2bojG4FFygfKg/2nOWWUZxvx1tIXb3rnrg=; b=f6flR+JMFoeRHhN53G1+fg/UsSuUdIKNTqusI5Mn13Gyy3z9A0YJ9OPMY9R3mXDnlT d2It20wEO4JsWkSvxRpS8p7Mp18Vn6btzL1VE6MDuP7WVeuzVwuIiD+cit0TXocH/Hgi sJ+x9XJgSUPJHbewAh7Jg93YOGda98Hcbv0PsC/f75hEflJFJ1cNb5Rvhm33/+86BKnR Sjk/+HQCSfZ81Oz4w5gK3ceBXxkTK8N0CU/RVRy7NSRNC3/GeB60j7WQicE/ZbBXrfHa nYOULdl7nVZ3CweZxgl8PxD9Tn0A/JwTHYL2wV9RTnLvlhaaJVtdrCvxNvluNb8EiF5S EFKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LWe5+yR+t2bojG4FFygfKg/2nOWWUZxvx1tIXb3rnrg=; b=bKuOzrlwt7NamCmrzoGIDGfQiy3cRD5CGvlh3ryDP9Uwv4kxNzbzQK7Q+V340uMSbe LVncBEoyP7G+oY50q+JVSwMMCMAUVnCl0RaJ8Qt2yAd7aIN5a3xZ4fprAixUql+J9HwB O1/Xe+vTlGcSxIdFUaGFCBvP1cw3T3suCzYC+rfbKxSCqgeph1vBwnD6nujwPL4j9fVi Z3yGW+9MiCkqp4LvwhQCrT2Sosb8UFYuHYjQVFXZUmCTEYee7LWSrvm26cUHj8xjjaI1 X3ie2IHd/SPz32QugC2NWAeDGTWee1PjxNeUp4MRdxl/gRNLiKa5YRsK4/N/ByBqhUNh BtTg==
X-Gm-Message-State: AOAM533UaTVv0ypATLnYTu8n9Gulgsp1KiItFD14FyFnoNwJxX2vG0R3 bziLHthEVm6/YCa3VafDYWt6/L8zjR66ZaVYBEB4UQ==
X-Google-Smtp-Source: ABdhPJygL0TGUPUSccMSFe1PfurqVa0ry75Tv28D0ZEHl62tFACcWvJO2rLX+4tRqKouXIehHA/rsTUqQOPoA2EiL28=
X-Received: by 2002:a50:e711:: with SMTP id a17mr325743edn.369.1590091513840; Thu, 21 May 2020 13:05:13 -0700 (PDT)
MIME-Version: 1.0
References: <CAOj+MMFsy=dDciY=TMwSf75CZCr_i1Mfv6oUiPs5U6hT2Bq94w@mail.gmail.com> <DM6PR05MB6348D0DB381145F1A4C53450AEB70@DM6PR05MB6348.namprd05.prod.outlook.com> <CAOj+MMHT=TWqf=A71PhvCcrFggCQ=okRrP=sGaO4hrcbmsCvGw@mail.gmail.com> <CAOj+MMGYbw83c-T9GWCs_cLDWWbGi1dZ_Xfc8tS6TV6EfvWsDw@mail.gmail.com> <DM6PR05MB63484502B4CFCB745DFCED3EAEB70@DM6PR05MB6348.namprd05.prod.outlook.com> <CAOj+MMEfkenHmSLje62wNRw3OrxBzJJq_MwesozK-ABeLXbZ2Q@mail.gmail.com> <DM6PR05MB634807B4AAB6452B6FDA535CAEB70@DM6PR05MB6348.namprd05.prod.outlook.com> <CAOj+MMEX3qxQw0WHt3b69-KL5w+Ozufh_2eod-VO6Bt-ojSf9A@mail.gmail.com> <DM6PR05MB6348382D4496673BA96140C3AEB70@DM6PR05MB6348.namprd05.prod.outlook.com>
In-Reply-To: <DM6PR05MB6348382D4496673BA96140C3AEB70@DM6PR05MB6348.namprd05.prod.outlook.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Thu, 21 May 2020 22:05:03 +0200
Message-ID: <CAOj+MMFB3fYuYn5euzUzPpZbxr81eN5zfa2ATyHhC3RJbtch=A@mail.gmail.com>
Subject: Re: Size of CR in CRH
To: Ron Bonica <rbonica@juniper.net>
Cc: 6man <6man@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d7d9b705a62e0722"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/UCaZVCmeQTQhzGeNBL2cc_NvA_Q>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2020 20:05:42 -0000

Hello Ron,

> Why should it? It isn’t attached to link X->Y. So it couldn’t use that
entry even if it had it.

This question I think exposes or uncovers (at least for me) the crux of
your proposal ... perhaps even fatal one.

You are assuming that only locally allocated SIDs are in CRH-FIB - that is
fatal assumption for bunch of reasons ... one swapping DA to some node N
hops away. How are you going to accomplish that if such entries are not
even in CRH-FIB ?

I guess it is very clear now why the other day you stated that "all nodes
in the domain must support CRH".

What seems you are doing here ... and of course this is not written
anywhere in any document ... so this is pure acceptance call guessing - is
a forward referencing SIDs against the peers.

So on any node you are allocating SID per interface - strictly speaking per
forwarding adjacency. Clearly you can not build such construct for remote
nodes based on the above.

Furthermore you are building forwarding chain on the basis of ordered
forwarding list of SIDs just hoping that the peer will accept the packet if
his DA address is in the IPv6 header. Then it will look up his own SID and
continue.

One thing I must agree with you that this is not Segment Routing ... In
fact I am not sure how to call this architecture. Maybe forward referenced
source routing ?

You can not do TI-LFA with this approach unless you pre-program any
possible alternative paths to all nodes in the network.

Sure you can demo this in the lab or even on a network just like you could
demo static mpls labels. Yes it is very simple and you got attention of few
folks with that. And yes you could perhaps even show that if you just add
few lines of xml config you could tunnel it across non CRH capable nodes
... But is this solution for any production network ?

I think and I was told by unicast emails that I am not alone - we are just
guessing what the vehicle looks like after seeing the first wheel. So far
it does not even look like a car ... maybe bike or scooter. Who knows ....

If I may recommend next action without dismissing your proposal a wise
thing to do would be to get from you set of slides or perhaps youtube
recording showing exactly not only all mapping distribution, but more
over illustrating exact packet's header including CRH in all various cases
I and others asked when packet is traversing throughout a controlled domain.

Only after that we could start a new adoption call when more folks actually
has a clear picture what it is being adopted here. Is it a brilliant and
cool solution or is it some form of wild animal which can bite.

Many thx,
Robert.


On Thu, May 21, 2020 at 9:46 PM Ron Bonica <rbonica@juniper.net> wrote:

> Robert,
>
>
>
> I am assuming that B is attached to Z. When I say, it isn’t attached, I
> mean that B isn’t attached to Link X->Y. Link X->Y is attached to Z.
>
>
>
>
> Ron
>
>
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* Robert Raszuk <robert@raszuk.net>
> *Sent:* Thursday, May 21, 2020 3:14 PM
> *To:* Ron Bonica <rbonica@juniper.net>
> *Cc:* 6man <6man@ietf.org>
> *Subject:* Re: Size of CR in CRH
>
>
>
> *[External Email. Be cautious of content]*
>
>
>
> > It isn’t attached to link X->Y.
>
>
>
> Please assume it is attached.
>
>
>
> I stated very clearly: "(or maybe even connected to B)"
>
>
>
> Thx,
> R.
>
>
>
>
>
>
>
> On Thu, May 21, 2020 at 8:45 PM Ron Bonica <rbonica@juniper.net> wrote:
>
> Robert,
>
>
>
> Identifiers have node local scope. This means:
>
>
>
>    - One a single node, there is a one-to-one mapping between identifiers
>    and the CRH-FIB entries that they identify
>    - Nodes A through Z can all have a CRH-FIB entry that is identified by
>    N. However, all of those CRH-FIB entries do not need to contain the same
>    information.
>
>
>
> Referring back to your example, Node B will never have the following entry
> in its CRH-FIB:
>
>
>
>    - Identifier = 15, IPv6 Address = Node Z, Method = strict, Link = X->Y
>
>
>
> Why should it? It isn’t attached to link X->Y. So it couldn’t use that
> entry even if it had it.
>
>
>
>                                                          Ron
>
>
>
>
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* Robert Raszuk <robert@raszuk.net>
> *Sent:* Thursday, May 21, 2020 11:25 AM
> *To:* Ron Bonica <rbonica@juniper.net>
> *Cc:* 6man <6man@ietf.org>
> *Subject:* Re: Size of CR in CRH
>
>
>
> *[External Email. Be cautious of content]*
>
>
>
> Hi Ron,
>
>
>
> > Node B decrements Segments Left and looks for entry 15 in **its**
> CRH-FIB. If finds:
>
> >
>
> >     On Node B:  Identifier = 15, IPv6 Address = Node C, Method = strict,
> Link = B->C
>
>
>
> Your example works when the entire network has a single segment routed
> path :)
>
>
>
> What happens if also Node Z somewhere in the domain (or maybe even
> connected to B) advertised SID 15 with some different outbound link ?
>
>
>
> So Node B will have two FIB entries:
>
>
>
>   Identifier = 15, IPv6 Address = Node C, Method = strict, Link = B->C
>
>   Identifier = 15, IPv6 Address = Node Z, Method = strict, Link = X->Y
>
>
>
> So how will B decided which one to use ?
>
>
>
> Best,
>
> R.
>
>
>
>
>
>
>
>
>
> On Thu, May 21, 2020 at 5:11 PM Ron Bonica <rbonica@juniper.net> wrote:
>
> Robert,
>
>
>
> Let’s address your question with an example. Assume that Node A is sending
> a packet to Node D. The delivery path includes the following strictly
> routed hops:
>
>
>
>    - Node A to Node B over link A->B
>    - Node B to Node C over link B->C
>    - Node C to Node D over link C->D
>
>
>
> Now we populate the CRH-FIB on Nodes B and C as follows:
>
>
>
>    - On Node B:  Identifier = 15, IPv6 Address = Node C, Method = strict,
>    Link = B->C
>    - On Node C:  Identifier = 15, IPv6 Address = Node D, Method = strict,
>    Link = C->D
>
>
>
> Now, Node A formats a packet as follows:
>
>
>
>    - IPv6 Destination Address = Node B
>    - CRH Segments Left = 2
>    - Identifier list = [15,15]
>
>
>
> Node A sends this packet to Node B over link A->B. Node B decrements
> Segments Left and looks for entry 15 in **its** CRH-FIB. If finds:
>
>
>
>    - On Node B:  Identifier = 15, IPv6 Address = Node C, Method = strict,
>    Link = B->C
>
>
>
> So, Node B updates the IPv6 address and sends the packet to Node C over
> link B->C. Node C decrements Segments Left and looks for entry 15 in *
> *its** CRH-FIB. If finds:
>
>
>
>    - On Node C:  Identifier = 15, IPv6 Address = Node D, Method = strict,
>    Link = C->D
>
>
>
> So, Node C updates the IPv6 address and sends the packet to Node D over
> link C->D.
>
>
>
>                                                           Ron
>
>
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* Robert Raszuk <robert@raszuk.net>
> *Sent:* Thursday, May 21, 2020 10:35 AM
> *To:* Ron Bonica <rbonica@juniper.net>
> *Cc:* 6man <6man@ietf.org>
> *Subject:* Re: Size of CR in CRH
>
>
>
> *[External Email. Be cautious of content]*
>
>
>
> Ron,
>
>
>
> While we are at the local vs global significance of SIDs can you please
> elaborate how do you resolve the conflict where given SID value is
> advertised by more then one node ? In fact imagine that all nodes in a
> domain choose to advertise the same SID value "15" to forward the traffic
> to their respective peers. So packet arrives at segment endpoint node A
> with CRH consisting of SID list 15, 15, 15, 15 ... where each value 15
> means different behaviour on different node.
>
>
>
> How do you even know which way to forward the packet ?
>
>
>
> See in this case your mapping plane will contain different functions on
> different nodes signalled with the same SID.
>
>
>
> I understand that you are trying to silently borrow set of procedures from
> SR-MPLS here as documented in RFC8660. But if you just open this RFC you
> will see section 2.5 or 2.6 without which you just can not simply propose
> to treat SID as locally significant in any form of segment routing. Of
> course unless you would consume two SIDs per node.
>
>
>
> Thx,
> Robert.
>
>
>
>
>
> On Thu, May 21, 2020 at 10:34 AM Robert Raszuk <robert@raszuk.net> wrote:
>
> Ron,
>
>
>
> > Now recall that identifiers have node local significance.
>
>
>
> I was talking about case described in yr draft section 7:
>
>
>
> "Applications can:
>
>
>
>        o Allocate SIDs so that they have *domain-wide significance*."
>
>
>
> While not a must - it is an option. So I believe my observation stays
> valid till draft either removes that option or describes scaling properties
> differences between both domain wide and local significance of the SIDs.
>
>
>
> Thx,
>
> R.
>
>
>
>
>
> On Thu, May 21, 2020 at 4:01 AM Ron Bonica <rbonica@juniper.net> wrote:
>
> Robert,
>
>
>
> Consider the following network:
>
>
>
>    - Contains 65,000 routers
>    - Each router has 500 directly connected neighbors or fewer
>    - Uses 16-bit CRH
>
>
>
> In this network, each node might have 65,499 CRH-FIB entries:
>
>
>
>    - 64,999 CRH-FIB entries cause packets to follow the least-cost path
>    to another node in the domain
>    - 500 CRH-FIB entries cause packets to traverse a specific link to a
>    specific neighbor.
>
>
>
> As a mnemonic device, an operator might assign identifiers as follows:
>
>
>
>    - 0-65,000 identify CRH-FIB entries that cause packets to follow the
>    least-cost path to another node in the domain
>    - 65,001 – 65,565 identify CRH-FIB entries that that cause packets to
>    traverse a specific link to a specific neighbor.
>
>
>
> Now recall that identifiers have node local significance. So, Node A and
> Node B might both have a CRH-FIB entry that is identified by the value
> 65,001. However:
>
>
>
>    - The CRH-FIB entry on Node A causes packets to traverse a particular
>    link towards Node X
>    - The CRH-FIB entry on Node B causes packets to traverse a different
>    link towards Node Y.
>
>
>
> I think that this example refutes the premise of your argument, so there
> is not further need to address the conclusion.
>
>
>
>
> Ron
>
>
>
>
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* Robert Raszuk <robert@raszuk.net>
> *Sent:* Wednesday, May 20, 2020 6:20 PM
> *To:* Ron Bonica <rbonica@juniper.net>
> *Cc:* 6man <6man@ietf.org>
> *Subject:* RE: Size of CR in CRH
>
>
>
> *[External Email. Be cautious of content]*
>
>
>
> HI,
>
>
>
> So just to make sure I understand this analogy of 16 bit -- 2^16 = 65536
> nodes. I think this is only on paper.
>
>
>
> Imagine I have 1000 routers so if I divide the 16 bit space by 1000 I get
> at most 65 local node behaviours if anyone would like to embed such into
> the SID.
>
>
>
> That means that if my router have more then 65 interfaces I am not able to
> steer packets by src route out of my router ... I must always depend on the
> lookup of next SID how to forward the packets.
>
>
>
> That also means that if I want to apply any form of NP in segment endpoint
> I am quite limited to the number of local functions I could use.
>
>
>
> To conclude - Let me restate to what I and others already said - flat SID
> space domain wide in mapping plane is a mistake. Yes this is like MPLS, but
> this does not make it great again due to that legacy.
>
>
>
> Many thx,
> R.
>
>

v2.23.0 | Report a Bug | By Email