IETF Logo Mail Archive

Re: I-D Action: draft-voyer-6man-extension-header-insertion-02.txt

Mark Smith <markzzzsmith@gmail.com> Wed, 13 December 2017 19:39 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6F07127058 for <ipv6@ietfa.amsl.com>; Wed, 13 Dec 2017 11:39:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.198
X-Spam-Level:
X-Spam-Status: No, score=-2.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 456biKiqqjRr for <ipv6@ietfa.amsl.com>; Wed, 13 Dec 2017 11:39:23 -0800 (PST)
Received: from mail-vk0-x22c.google.com (mail-vk0-x22c.google.com [IPv6:2607:f8b0:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F054126FDC for <ipv6@ietf.org>; Wed, 13 Dec 2017 11:39:23 -0800 (PST)
Received: by mail-vk0-x22c.google.com with SMTP id l187so2137863vke.5 for <ipv6@ietf.org>; Wed, 13 Dec 2017 11:39:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=4ArZJlveoXJJeMx3YOQKi+xI0Rpo5ko6a9YzXHl1bLA=; b=DvhWee1ysIVVB+TUXc/tARoXUWY9fUEgoo9JG/PlQNgqeiJPB7Vd00htBXmTG9pkH3 TYnaN6OzngtvgWGr2PJR4kh7ItttpN5PVKlPZbCSSb6yYoATzWIQyXJPmy+pYfoeV2lf TFAHVoOR3j8VhxGDy9iBmsw8V0q1nIJF0EJDhud4GAvRMQBzi6mwk2KkzkcJaokYRY1p g2zrWzj+NbhwnkmOZUIe2gTJewN2ICy/mlXLBKu413KfRcz6k7PmtcsQ6FYd43RmV9n+ Aku9P3/gdIaZXKt6AZpEGKtm0jLSch6pTqgXge0QzUoyVaFCGAZ24xlEgT+cqulYbVaR 2Bng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=4ArZJlveoXJJeMx3YOQKi+xI0Rpo5ko6a9YzXHl1bLA=; b=RbZDKN43Lfs8S68FG12+4u8D6Dk1ivvSJspI5RwBZiD39ujEjUF3Jae3MCYlbilv9+ tMZeKmtNp8o5NIxQxYLh/nFGLv8atxLsOdB34MefbPblQxW10RVHd0O4xx6EDpc+bDlu CtXLRHX8hw2tJrdRmRQi1jafIEDcx51ZQEaNCEH9pPpJgGXSv04s8sBaG3xnhQIhPWcn Zf0X/XGH/Xvpo2prk3VmdSgRJVptyHnQQZJ+TP+FQzaypWmiaaMYPOldL3RHLH/4ZvxJ 0yXKXqhHvVOMZdPl3pZJA4dM5vqO4AaJSvnwFyjzFQCvbtEZU2Fei2UUbaMACth0cKyG XuHQ==
X-Gm-Message-State: AKGB3mLEh2ELKcQtBZ/+awZpPJpNLy2wTCOS+L+j6r2w0HU3B9ujdcoR PD7oY9JBoKuF6cYXs3RTjF/7EoRsyb1bIZtfVdw=
X-Google-Smtp-Source: ACJfBotu03ypIB4hlAerLYvEGlNbirUp8loqIZmkvSAYOz239WBJZhhxtbvkHZVyWMxPz/cHOOrB0RoiFZtLfSPF1o8=
X-Received: by 10.31.135.197 with SMTP id j188mr8465908vkd.34.1513193962352; Wed, 13 Dec 2017 11:39:22 -0800 (PST)
MIME-Version: 1.0
Received: by 10.159.56.218 with HTTP; Wed, 13 Dec 2017 11:38:51 -0800 (PST)
In-Reply-To: <CALx6S34Ca6-fva1_bbeydkh5AYY_OfoXtyESi=Xq5fxe6DLmAA@mail.gmail.com>
References: <151120281628.21912.1099097760493570225@ietfa.amsl.com> <f4425076-2f76-5713-2819-9d26671d56bb@si6networks.com> <4E92F160-C586-4C7B-BAEF-97C204856A8A@employees.org> <bc9d7f57-8687-7f85-8ac3-49751683232b@si6networks.com> <CA+b+ERnKbRXgFycgKd7EXMVvS1Mu_RTC5tfPbNE781TDZ49rYA@mail.gmail.com> <CAO42Z2wWSucKNouo0RxNf7pmyPErNk1bVny43qTLY6E333mpcQ@mail.gmail.com> <e41ee3ae-05ef-0a1a-505e-968323b07625@gmail.com> <CAO42Z2x2-WFyxYKpcwtm_z4WiFFf1M5oiW2=j6fXnqgUG1F8DQ@mail.gmail.com> <8ecf3590-5313-551e-fbb3-f95aada87a67@uniroma2.it> <CALx6S35e0krDCLUhUQFws_gSJhtv0m_E_KQkyRQQWO=zL_=vnQ@mail.gmail.com> <CA+b+ERki3bfmt0FarOdNGbVbdU1U99Sucu3NhEZ9q1BnNxUQrw@mail.gmail.com> <CALx6S34fSBycO+1pU8x3konO+6=s9sYWQQaFp36kcHi4HdyxFQ@mail.gmail.com> <CA+b+ERmF2rj4n9mfvG+ANdNjpBXgpMJb63SqSNVQif4cvwaTPQ@mail.gmail.com> <CALx6S34rvUig5T36cygkq4=rN2yNEBPUHGULDFEefA46WgCkbw@mail.gmail.com> <CA+b+ERmJ8L-j0arbFhR+nvmPNNWYe5OJ3Pab1bu1Y-2HVfJtYw@mail.gmail.com> <1cf221bc-e2e3-bc04-6559-d01eff2e1232@gmail.com> <DACF635E-0A59-4894-85C8-F4C891379A3F@gmail.com> <CAO42Z2wr8i8Dw1S4kTmCXKpwRMowzjhBOYkqtzb26VNQ50KVVQ@mail.gmail.com> <CALx6S352zVE4V7eyfPgr1fVVSuUJVtdUiv==Q6pbSsbAjZ8S8w@mail.gmail.com> <CAO42Z2yUmGp1eiC5rWezXnzs1vGPfrH2_01U0Mw+kZNmJ34yQw@mail.gmail.com> <CALx6S34Ca6-fva1_bbeydkh5AYY_OfoXtyESi=Xq5fxe6DLmAA@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Thu, 14 Dec 2017 06:38:51 +1100
Message-ID: <CAO42Z2y9iBciAxFp=P3+Q85vMsQ8Aa-4H2HzO_AhrEhjqY6UMw@mail.gmail.com>
Subject: Re: I-D Action: draft-voyer-6man-extension-header-insertion-02.txt
To: Tom Herbert <tom@herbertland.com>
Cc: Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/WbtyIhfansCmkKTUjfEfOt6IA4Y>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Dec 2017 19:39:26 -0000

Hi Tom,

Sorry not to get back to you sooner.

On 7 December 2017 at 08:32, Tom Herbert <tom@herbertland.com> wrote:
> On Wed, Dec 6, 2017 at 11:52 AM, Mark Smith <markzzzsmith@gmail.com> wrote:
>> Hi Tom,
>>
>> On 6 December 2017 at 07:24, Tom Herbert <tom@herbertland.com> wrote:
>>> On Tue, Dec 5, 2017 at 11:59 AM, Mark Smith <markzzzsmith@gmail.com> wrote:
>>>> On 5 December 2017 at 08:28, Bob Hinden <bob.hinden@gmail.com> wrote:
>>>>>
>>>>>> On Dec 2, 2017, at 2:15 PM, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>>>>>
>>>>>> On 03/12/2017 08:53, Robert Raszuk wrote:
>>>>>>>>
>>
>> <snip>
>>
>>>>>
>>>>> I will add that swapping flow labels as I think Tom Herbert was proposing has much less side effects than inserting and processing extension headers.
>>>>
>>>> Which would then violate the Flow Label spec unless the Flow Label
>>>> value is zero.
>>>>
>>> Mark,
>>>

<snip>

>> I can think of a number of ways that SR segments can be identified
>> that would be compatible with IPv6 forwarding that would reduce the
>> size of the SRH EH
>>
>> - as suggested before, unique /64 per device, with the /64 carried in
>> the SRH TLV, reducing the TLV size by 8 octets.
>>
>> - well known or locally selected single /64 for the SR function, then
>> unique 64 bit IID per device, with the 64 bit IID carried in the SRH
>> TLV, reducing the TLV size by 8 octets. This could be automatically
>> generated via a PRNG. It would be safer to check for collisions,
>> although probably not necessary.
>>
>> - well known or locally selected single /64 for the SR function,
>> segment IDs 20 bits to match SR-MPLS IDs, 20 bits carred in the SRH
>> TLV, reducing the TLV size by 13 octets.
>>
> Mark,
>
> I don't see how that's going to help much. The authors of this draft
> have already stated that in order to doing EH insertion they will need
> to encapsulate when packets enter the SR domain, so that's forty-bytes
> of overhead right of the bat. And then there's the fixed overhead of
> the EH before we finally get to the savings of compressing the EH
> data.
>

So my understanding of the fundamental problem SR is trying to solve
is to remove (MPLS) path state and path monitoring RSVP load from the
control plane. I think this is a good idea, as I think packet networks
scale by pushing complexity out of the network and towards the edge
("dumb network, smart hosts").

The path information is instead shifted to the each packet, carried in
the SRH. While I think using IPv6 addresses to identify hops in an
IPv6 networks is an obvious first choice, it does add considerable
per-packet overhead. 128 bits hop identifiers aren't necessary if
SR-MPLS only needs and uses 20 bits for the same purpose. The schemes
I suggested before would still carrying IPv6 forwarding compatible hop
identifiers while reducing this overhead.

EH insertion to avoid tunnelling overhead as a response to a large SRH
header because of 128 bit hop identifiers is just shifting complexity
that has been moved out of the control plane by SR back into the
network, and into the forwarding plane. I think IPv6 SR looses a lot
of value if it shifts complexity in the network rather than removing
it.



> But even more important than the size of the headers, is the
> processing cost. Processing fixed encapsulation at high speed is
> expensive.

I don't think that's avoidable (although it has occurred to me that
when IPv6 becomes ubiquitous, it might be possible to use it directly
as a the layer 2 on-the-wire frame format).

> Processing open ended header chains and TLVs is _really_
> expensive to the point that they to date they are undeployable.

Agree. This is why the divide-and-conquer approach of pushing
complexity to the edge of the network and into the hosts helps us
build faster and faster networks.

The simpler the processing in the network, the faster it can be done
and it's also less prone to error because there are less things that
can go wrong.

With NAT and middleboxes in IPv4, we've ended up with more complexity
in the network and I've had enough experiences with that that I want
to the simplicity of IPv4 networks before NAT and middleboxes back in
IPv6.



> While
> I appreciate the optimism of the authors that the problem of
> processing EH TLVs at line rate has been solved, I must admit I am
> skeptical. It is hard to ignore a long history which has not been kind
> to header chains or TLVs in IP.
>
> The obvious value of using something like the flow label is that it is
> a zero overhead solution in the wire protocol. No encpasulation and no
> EH. The route lookup for this could be implemented in a TCAM on
> src,dst,flow label and the action is just to write a 20 bit value.

Using the flow label has the advantages you mention, however updating
it is still putting complexity back into the forwarding plane, and is
a fork lift upgrade of the forwarding plane to get it.

The use of the flow label for ECMP also faces this forwarding plane
upgrade problem, although much less so - the upgrade to gain it is
localised to the parts of the network where you need it. You don't
need to universally upgrade all your forwarding plane devices just to
gain flow label ECMP balancing across multiple links between two of
your forwarding plane devices.

Broadly, there seems to be a view that flag day upgrades are
acceptable for new network technologies. That's a far more expensive
and disruptive way to upgrade the capabilities network than the
piecemeal, incremental and localised method that has been used to
build the Internet since the ARPANET flag day. I don't think it should
be preferred, I think it should be the last resort.


> ILA, which serves the overlay network use case, is even simpler-- this
> is a fixed length lookup on the destination and a write back to the
> destination address. Flow label is not used and no change to standard
> protocols is required,
>

Agree. I think ILA's techniques are much better because they leave the
core forwarding plane alone, with the ILA changes occurring either in
the host or in the first hop network device. The IPv6 forwarding plane
remains conventional, simpler and standard.

Regards,
Mark.

v2.23.0 | Report a Bug | By Email