IETF Logo Mail Archive

Insertion of IPv6 Segment Routing Headers in a Controlled Domain

Mark Smith <markzzzsmith@gmail.com> Wed, 29 March 2017 19:58 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 463A41298AF for <ipv6@ietfa.amsl.com>; Wed, 29 Mar 2017 12:58:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.498
X-Spam-Level:
X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fbgHwHL8xHPm for <ipv6@ietfa.amsl.com>; Wed, 29 Mar 2017 12:58:39 -0700 (PDT)
Received: from mail-vk0-x229.google.com (mail-vk0-x229.google.com [IPv6:2607:f8b0:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D238F12989C for <ipv6@ietf.org>; Wed, 29 Mar 2017 12:58:38 -0700 (PDT)
Received: by mail-vk0-x229.google.com with SMTP id s68so30993260vke.3 for <ipv6@ietf.org>; Wed, 29 Mar 2017 12:58:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=dsTH74Uil0PuFEQkt72LkahUimvnULfRquXH4dpbQig=; b=mb7xOiPyUNr3IkeZc4E0HwEs9a1J6AuAxukIeDoKxxg58HsZwdr9qk9hDh2Sfj+E69 riTFoAJW89syhzMqszwHlqLRuuiVMjy6dzu2DWvs6LdDWKcccF/HV6bW3iKi7ybENZXp 6ErXtoi3cAf5Ib6UF24TkM+xhITKXwn2FNGe3hEvC7aYikwGtFy3+8axfe/fsa2U8A4P RthaoFWeo0gWXv4zStvscW+cXO15WbwjWQ1GjZIfbO4gn8WKCFem5cTeG/Zc38K8yd5Q Xt9zwm1VU++8/uNoHAGjZgRyhf5+G2EefRATZ6q03usElADKpdiMShmscWI8z/I0bD9N C7UA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=dsTH74Uil0PuFEQkt72LkahUimvnULfRquXH4dpbQig=; b=rJa4YQlXedngAbIw6aGOBW6GR7DnqHauCU/BPpyErIIgdGMI8hOXw94qnUCyHo0/Du C16FPbS+hAaJB+eGKpEnr7VD9T/IZUE6TkDeiy878pdcDhwpUxtKtJd2rsBDO/pUyFHx 4WYi9+V6iF0/relRtWM/J7fPcwuYW1NIXLwePtPaARRS1ESHZk5lV4zmWVrC7nLSPY3G wW9PwtUCezLUyrhM+VMHMXrgwJMddePI9uY4C0ot9fOHrn3KaFnHwH69xEyrXUKH8664 xD0Ola1W6RsqczwnwY12Yah1sEe2ek0/6Fr5EVydyI4g/b20MpxyTK0t2Sr1K5mhQSNx MArA==
X-Gm-Message-State: AFeK/H06JlH1eMHyNrpZLZasDMHFCUalaKFpYZUagJNNW+82ki0LLP0Yuk6ETcBgw5npSULg152+bbj84omm+w==
X-Received: by 10.176.64.34 with SMTP id h31mr1233672uad.89.1490817517753; Wed, 29 Mar 2017 12:58:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.159.36.181 with HTTP; Wed, 29 Mar 2017 12:58:07 -0700 (PDT)
From: Mark Smith <markzzzsmith@gmail.com>
Date: Thu, 30 Mar 2017 06:58:07 +1100
Message-ID: <CAO42Z2y2+ouu+M_UW0PbY-bRpg+Ev0LTqYBjFj9FXFoYoaOiRA@mail.gmail.com>
Subject: Insertion of IPv6 Segment Routing Headers in a Controlled Domain
To: 6man WG <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/UI0PfqrWco4Hpbvm8keGR8FabRg>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2017 19:58:40 -0000

So having further about this, I have fundamental question that it
isn't answering.

Why can't IPv6-in-IPv6 encapsulation be used for this? What is missing
from IPv6 that "requires" that EH insertion is used instead of much
simpler, off-the-shelf encapsulation/decapsulation?



For example, using IPv6-in-IPv6 encapsulation, I don't think an SRH is
needed at all in the "2. Source Domain and Packet Journey" example.

When node 2 realises that the link between itself and 3 has failed, it
encapsulates the original SA=1, DA=9 packet in a new IPv6 header
("tunnelling" it). The new IPv6 header has an SA=2, DA=5, and is sent
towards node 4.

Node 4 forwards the packet onto node 5 using conventional destination
address based IPv6 forwarding.

Node 5 receives the packet, and as it is DA=5, decapsulates the inner
SA=1, DA=9 packet. Node 5 then submits that packet to the standard
IPv6 forwarding table, resulting in it being forwarded to Node 3,
which then forwards it to Node 9. All of this is happening using
conventional IPv6 destination based forwarding.

Encapsulation is solving this problem by effectively creating a
on-demand virtual link or tunnel between Node 2 and Node 5, getting
the original packet past the failure point to a point along the
original packet's forwarding path. Once there, it pops out of the
virtual link and is sent along its way. I don't think the insertion of
the EH and DA swapping method could be described the same way or could
be described as simply.

I think this IP-in-IPv6 encapsulation solution to the above example is
better because:

- there is no need for an additional header of any type - the path
information is inherent in the DA of the outer IPv6 header when sent
to node 5, and in the DA of the inner IPv6 packet (now "the packet")
when being sent by node 5 to node 9.

- Encapsulation/Decapsulation performed by nodes 2 and nodes 5 is
conventional IPv6-in-IPv6 encapsulation, specified in RFC2473, now
nearly 20 years old.

- In this example, nodes 4, 5 and 3 could be off-the-shelf IPv6
devices that support conventional IPv6 forwarding and conventional
IPv6-in-IPv6 encapsulation/decapsulation (i.e., "tunnelling").

- Encapsulation/decapsulation is a simpler, universal and proven
operation (literally being done every time an IPv6 packet is being
sent and received over any and all layer 2 links)  compared to the DA
address swapping that occurs at Nodes 2 and Nodes 5 in the described
method.

More complicated examples would may require more information to be
carried about the path between the inner and outer IPv6 headers
(although encapsulation inside encapsulation/tunnelling inside
tunnelling probably be used at a greater packet overhead host, with
simpler per-hop processing), however I don't think this example
demonstrates why EH insertion is required.


Regards,
Mark.

v2.23.0 | Report a Bug | By Email