IETF Logo Mail Archive

Re: What is necessity for SRH, and other EH, insertion/removal?

Tom Herbert <tom@herbertland.com> Thu, 19 December 2019 03:52 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C99112004F for <ipv6@ietfa.amsl.com>; Wed, 18 Dec 2019 19:52:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JP5XFGOSKaCc for <ipv6@ietfa.amsl.com>; Wed, 18 Dec 2019 19:52:52 -0800 (PST)
Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DAB0120018 for <ipv6@ietf.org>; Wed, 18 Dec 2019 19:52:52 -0800 (PST)
Received: by mail-ed1-x52d.google.com with SMTP id e10so3470664edv.9 for <ipv6@ietf.org>; Wed, 18 Dec 2019 19:52:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=lr/lCsTE/KB22MvhrkiKXLfY9q2nUWpxRLedz4K4+Kc=; b=JeMKQbjqVAUjxYOhUcxsWYvqqOKZGb6aMcWZeCa2q5sePBFYcUFdDdoAdB1MdShapy UnkVg72JcdoGL/gX7iH3TgPSXYchZNQTn59cSmVrf/A6TbaPo3B+wjZVVwd+wr7OUMTv EEkl62xeIOYAZXxCVhAw0TNeemgFYlV3HeELP0pFiztVHRM4jRyXMYfMpX19IZD05msy pGbirNwmBYSOKjrpp65LNYb6W/h09W0p+KAaOQ0XSf/7YxHV+1lBS2etYty9iOc55uVK eaWocVVYRqTnzdqmLTP8ORAzQz4ANjjCbXQte4PiFBj4H0PZAE78fqpScczU8sCSPsyz ip3Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=lr/lCsTE/KB22MvhrkiKXLfY9q2nUWpxRLedz4K4+Kc=; b=cAJawhBwI+rY1YoGmKnqVXx8MWBhw9B6BWLDSC4ZlJuXfGnMQPeJTcdOhTGlzzNGR2 ji8dyxi6DByml8yTLnLLbd+fxdPj9J/Ft3A1saLJziOqNVrBb7lJlewdVDxtOP47oxZO +2XAI9BWAyeFrDPljZl6Ifvga/ANrVfNIy4GtJzzbdadPaGqn+bQ/MC3YVcdlGW4InyL CBKP/FueNOgqmFEx4niBqtw98qbL6oIVk5z6uOJEvs+ikrnkp72somGDVBtmkNfgDJGX Je1tWvyPRk26IuTXc7lC9VJOvazw2HiadgCUttBdV4d+JNGEajI7E4dHlNd2P2Htqgur VZbA==
X-Gm-Message-State: APjAAAXpSm0yNBuV9O0yV6kVhEZvi4AY6XUjaJpQ7e9NreSbDfufVHzI RmxhJ5YoLy3BgcewKyK/sLpZOunWOoE3cm8moZ3QyQ==
X-Google-Smtp-Source: APXvYqyNpj8QtDfUXn8h5uOX6F6FUgDQkpyALPTrpdoFdqpOW3lRN6CQDJaa4ZgOy5GgdNMT+owqXcxF2M2Qsq8upRs=
X-Received: by 2002:a17:906:5e4d:: with SMTP id b13mr6990164eju.266.1576727570769; Wed, 18 Dec 2019 19:52:50 -0800 (PST)
MIME-Version: 1.0
References: <CALx6S34vG=L_5nw_FzxHBUy+7tbWH4dhOh8xodOfKf2oOdrarg@mail.gmail.com> <CALx6S36g6gDJNp=unQJaGoGoMxnRpbqGni=JHvPFJ3ovmuzO4A@mail.gmail.com> <20191219032632.GA25723@vinny.peecee3.com>
In-Reply-To: <20191219032632.GA25723@vinny.peecee3.com>
From: Tom Herbert <tom@herbertland.com>
Date: Wed, 18 Dec 2019 19:52:39 -0800
Message-ID: <CALx6S366uZYB1=ODWj0J2E=sBDVcUdNG1BL3E4LT=8HO4RyLeQ@mail.gmail.com>
Subject: Re: What is necessity for SRH, and other EH, insertion/removal?
To: cpolish@surewest.net
Cc: 6man <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Y9oRg7SKmfuUnCEwHrNS4DrQS5Q>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Dec 2019 03:52:54 -0000

On Wed, Dec 18, 2019 at 7:26 PM <cpolish@surewest.net> wrote:
>
> On 2019-12-18 14:07, Tom Herbert wrote:
> > On Sat, Dec 7, 2019 at 9:17 AM Tom Herbert <tom@herbertland.com> wrote:
> > >
> > > Pulling this out into a separate thread. Pertinent questions are:
> > >
> > > Why is extension header insertion and removal at necessary?
> > >
> > > Why isn't the proposed alternative of IPIP encapsulation sufficient?
> > > (where the encapsulating headers contain the extension headers that
> > > would otherwise be inserted)
> > >
> > I believe that inband network telemetry (INT and IOAM ) might provide
> > the best motivation for extension header insertion. One of the goals
> > is to allow network operators to perform telemetry on packets as they
> > traverse their network. A telemetry header, INT or IOAM, is put into
> > packets on ingress to the domain and removed at egress, and
> > intermediate nodes modify the packet with measurement data.
> >
> > Key requirements are that not all packets for a flow need to be
> > measured, and measured packets need to follow the same path as those
> > not measured  in order for the measurements to reflect what is
> > happening for the flow. IPIP encapsulation would change the hash that
> > ECMP uses so encapsulated packets might traverse a different path--
> > therefore it's not sufficient in this case. Extension header insertion
> > would maintain the routing in ECMP (although the fact that extension
> > headers aren't supported in IPv4 creates another problem).
> >
> > Some of the inband telemetry implementations are already addressing
> > this by inserting the inband telemetry headers directly into the UDP
> > or TCP payload of existing packets and removing the inserted payload
> > bytes at the egress point. Since only transport payload is being
> > modified, the packets will be routed the same way as other modified
> > packets for a flow. The obvious problem with this approach is that
> > payload is being changed by intermediate nodes such that if the end
> > host were to ever receive the modified packet this could result in
> > silent data corruption of users' data. So this protocol mechanism is
> > fundamentally not robust and probably dangerous. I think this actually
> > makes extension header insertion, where the worst case scenario is
> > probably unexplained packet loss, look palatable!
>
> Explained that way, it evoked this thought: Put telemetry in a
> trailer [cf. RFC893]. If conforming IPv6 implementations expect
> there's no information after the nominally final octet of a
> packet, then they'll neglect to forward (the trailer) onward?
> QED! No escape to the "open" Internet, no munged ECMP hash, no
> header insertion. Obvs, processing trailers on the fast path is
> ... problematic.

Do you mean trailers in L2 frame or L3 packet? Using UDP options for
this sort of thing has already been mentioned, although that wouldn't
help TCP or other transport protocols. In any case, it's unlikely
trailers are ever going to fly for doing anything in fast path.

Tom

v2.23.0 | Report a Bug | By Email