Re: Reference based Routing (RbR)
Robert Raszuk <robert@raszuk.net> Sun, 24 May 2020 16:45 UTC
Return-Path: <robert@raszuk.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C5F83A0BD1 for <ipv6@ietfa.amsl.com>; Sun, 24 May 2020 09:45:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c0Qyk9WsT70N for <ipv6@ietfa.amsl.com>; Sun, 24 May 2020 09:44:59 -0700 (PDT)
Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40B0E3A0BC2 for <6man@ietf.org>; Sun, 24 May 2020 09:44:59 -0700 (PDT)
Received: by mail-ej1-x629.google.com with SMTP id h21so18267283ejq.5 for <6man@ietf.org>; Sun, 24 May 2020 09:44:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4cq6KEA7JYHiI81VYkG7YeofFQSDNytx0+jvJGw+FW4=; b=Iw7ml8y/CzDunlk4tope2DakQGum9JMc1x6UqcKzwmIaNvjjLM0W4prK2GhA6pu1Vn cQRLpgmMTXeWCfXBeMvDu2kx4bidfOzs4TMiKdVFvs09QJTfUya7TRtKjoR7KIM7qICh qfmURaFnnwc3nYM6u13XXAukjpEbou5bj/Io1moV2HgEyO3m2FjYxKYzTFCJ9YZ9f6tg c9TKKMXlx/3RG0fP2yiP2Ek1lp690EQgghy0hBSS/Xf56muBGJC9XU//EGNGFqWfhwzv pVduYJbEJa6/9hD59W2bfQVeNbPGG9RBF862lBys+5PgiL7bYKFf91P+5i3gUrcMohh3 dung==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4cq6KEA7JYHiI81VYkG7YeofFQSDNytx0+jvJGw+FW4=; b=mob8S/lCUdgHX9AO4WLX20PnLChzTnRFpF/ejm4fp6GK1NWime09VO5vXWLMxIeTJR Yka6/Uc9lb+2/AheRiCdw2+kudvTAZIQAcwhhsZQg4asofEao4MndaEEruEhgoaoq2iT l4DDELX+neM87ZmLTVtPCq/PFAXoSKaRPb1rWsN5YqA/Lq6nU/Zq+nogdAFNhSfuqWaP VYOCsTNs8HWJltOgVW2zY33PmBjhp5pLERgidzckye28RQ6CCj9t2d/QK+twXI9CxmW/ My/CxVoMB+tSI0FLzt2+6G/QxxlKv64Q5zRPHaNYcH9nhHWakys6OjS0/So+yDS9y+y3 3Fzw==
X-Gm-Message-State: AOAM533mmIihblV4JTbLhM1K08wVaL7x5OwXlMunf/0sJOHAyBOm664N GcwvfP09RTbF+XNUZscK/dvg4yj0HsxcQUU1sbw2x7pD
X-Google-Smtp-Source: ABdhPJylwzYDoJKv1rhA9hE8TPQbRllp8m4c8+2gvm6k0325CXiBdCnE5yFwYbTy1MfVpBP3k8AodcUhzKjytkk5GwM=
X-Received: by 2002:a17:906:29d9:: with SMTP id y25mr15184478eje.198.1590338697414; Sun, 24 May 2020 09:44:57 -0700 (PDT)
MIME-Version: 1.0
References: <CAOj+MMHvKpD1b2rbViZtdjtEFz2FEEH3jt4C8+6Kod+h0yEXMQ@mail.gmail.com> <384EB737-E83F-4FA7-B779-AC380D3C59AD@tony.li>
In-Reply-To: <384EB737-E83F-4FA7-B779-AC380D3C59AD@tony.li>
From: Robert Raszuk <robert@raszuk.net>
Date: Sun, 24 May 2020 18:44:48 +0200
Message-ID: <CAOj+MMGh-L3TRsdPyiaXRKwhYz2+kF+xhWE3N3Lc+hnPv4dkQQ@mail.gmail.com>
Subject: Re: Reference based Routing (RbR)
To: Tony Li <tony.li@tony.li>
Cc: 6man <6man@ietf.org>, 6man WG <ipv6@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000021e0a205a6679531"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/aj0cGBzdfWyaBH7qcP9llgZG4mk>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 May 2020 16:45:04 -0000
Hi Tony, If I would insert a reference into flow label space I am afraid I would lose the current flow label functionality which perhaps in some cases may not be desired. To your second hint - by all means yes - anyone could use the MPLS label in an MPLS network to indicate a context. Pointer can be a context. Some may argue that 20 bits may not be enough thought. However the exercise here is to provide a form of path steering for IPv6 networks where transport MPLS is not enabled by design. Last I am not sure what "messing with address space" comment really meant to indicate ... - a fear that allocation of /64 prefix for a domain is hard - a concern that using /32 locators is problematic - an observation that placing /32 bit pointer in least significant bits of the packets (within an already encapsulated IPv6 header) is the wrong thing to do ? If so let me observe that most SR approaches today do rewrite the entire DA address at each segment endpoint. Many thx, Robert On Sun, May 24, 2020 at 5:50 PM <tony.li@tony.li> wrote: > > Robert, > > I’ll point out that you could avoid messing with the address space at all > by using the IPv6 flow label or a single MPLS label. > > Tony > > > On May 24, 2020, at 5:58 AM, Robert Raszuk <robert@raszuk.net> wrote: > > Dear 6man WG, > > Number of concurrent discussions in this WG triggered an idea which I > would like to share with you all to think about during the long weekend. > > For some unknown reasons an army of folks has been cornered to think that > stuffing each packet with encoded or not, compressed or not hop by hop list > of nodes to traverse is best we can do to provide some form of path > engineering in some cases combined with network programming. > > Some put on such lists IPv6 addresses, some try to just put pieces of > those addresses and some even try to squeeze mpls labels there under a > different cover (brrrr). > > What if we come back to the roots and rethink the requirements .. > > Few months back I wrote IP TE + NP proposal however the summary below is a > simplified version of it. Just for reference original document is here: > https://tools.ietf.org/html/draft-raszuk-teas-ip-te-np-00 > > *Description:* > > Let's assume that in my network I would like to be able to construct 1000 > engineered paths (different from what IGP would compute as SPF with its > default algorithm). Perhaps say that number of those paths would be 10x or > 100x more. That means that essentially the paths itself could be expressed > in 16 bits. > > Let's further observe that what is needed to accomplish any form of > traffic engineering are two elements: > > * mark packets which are subject to such path engineering > * construct path engineered paths > > Note that while I am using TE as an example additional network programming > functions including for example SFC processing is supported with no change > as well. > > *Proposal: * > > - Let's allocate a /64 prefix which will be used in entire domain for > the purpose of RbR > - Let's mark each node in a domain with different /32 address (it is > naturally ok to simply use current /32 IPv4 node addresses) > - Let's use remaining 32 bits of the IPv6 address to carry an RbR > pointer > > To illustrate format of the address of the packet after it is encapsulated > on ingress into the domain looks like: > > *|<---- /64 PREFIX ----->|<--- /32 LOCATOR --->|<--- /32 RbR POINTER > --->|* > > No need for any routing header at all ! No per packet overhead regardless > of the number of hops to traverse (except 40 bytes of IPv6 encapsulation). > > What is Prefix & Locator is obvious. So now let's define Pointer: > > *Pointer (or reference)* - /32 bits string which would uniquely in entire > domain identify the aggregates of flows. Indicates a reference to a set of > local actions for those packets which carrying such reference. Only those > routers which DA is in the /96 address need to inspect and execute the > pointer. > > Pointers can be structured or unstructured - depending on > operators's choice and network requirements. In structured case for example > first 16 bits can represent 2^16 number of unique TE paths in the network > while remaining 16 bits local functions in each network elements (segment > endpoint). Such bit boundary is a local operators choice. > > RbR pointers are assigned by the same entity (human or controller) which > normally is responsible for path engineering and network programming in the > domain. > > RbR pointers are globally (domain wide) unique. > > *However actions indicated by said RbR pointers are locally significant to > any network element. * > > That is accomplished by propagating actions which correspond to such > references as tuple: LOCATOR + POINTER. Depending on the selected means of > propagation of such actions it also can be: PREFIX+LOCATOR + POINTER. > > *Example: * > > R1 > > /64 RbR prefix 2001:0db8:85a3:0001 > /32 Node's locator: 1.1.1.1 (101:101) > /32 RbR pointer: 1::1 > > R2 > > /64 RbR prefix 2001:0db8:85a3:0001 > /32 Node's locator: 1.1.1.2 (101:102) > /32 RbR pointer: 1::1 > > Actions programming: > > 101:101 + 1::1 --> rewrite DA to 2001:0db8:85a3:0001 + 101:102 + 1::1 > 101:102 + 1::1 --> rewrite DA to 2001:0db8:85a3:0001 + 101:103 + 1::1 > etc ... > > *Actions distribution:* > > There are number of ways to distribute such instructions domain wide. One > network can choose to use configuration push via ansible automation. The > other may like to use existing BGP FlowSpec SAFI. Yet some other would like > to use OpenR message bus on a pub-sub basis. > > Perhaps a yet one more set of engineers would like to get new BGP or IGP > extension defined. > > At this stage all options are on the table. > > *Scaling: * > > As we all know there is no free lunch. Here I believe proposed solution is > a sweet spot compromise between soft state path setup in network elements > (MPLS RSVP-TE) and loading each packet with additional routing header > information. > > Most importantly it needs to be observed that each participating midpoint > *only* needs to store actions which correspond to his own node. That > applies to both control plane(*) and especially local data plane RbR-FIB. > If action is send by any means towards a network element and does not > contain its LOCATOR in the first /32 bits it will be dropped either at > inbound processing or never propagated from control plane to RIB/FIB. > > It has been studied that in real production networks to satisfy the > requirements of most path steering needs at most 2-3 sometimes 4 segments > may be needed. That effectively means that for such flows corresponding > actions need to be kept only in 2-4 routers in the entire domain. Rest of > the network elements may never need to be RbR aware as all they do is > forward based on /96 IPv6 prefix. > > * For control plane it depends on the form of the distribution - if BGP is > used and given node is a route reflector all RbR action "routes" or "rules" > need to be stored there. > > After all routers are build to carry state. IP prefixes are nothing by > state - more over - IP prefixes do change all the time (continues BGP > churn). So while thinking about scaling and state one needs to also keep in > mind the static nature of actions. Perhaps some TE paths will be pinned for > weeks or months and will never require a change of either control plane nor > RbR FIB. > > Last RbR cost (packet tax) is constant and equals zero. It does not > increase if I need to engineer path at each of my 10 hops for specific > adjacency on each hop. > > *Summarization: * > > It is my strong believe that in any network any scheme must allow for > reachability summarization. > > RbR locators can be easily summarized/aggregated across ASNs (under the > same administrative control) or across IGP areas/levels. > > Packets traverse IP network as normal IPv6 packets would. > > *Security: * > > Most networks already have inbound ACLs (setup manually or dynamically) to > protect any external packet to enter their domain with destination address > equal to infrastructure space. > > Here our /64 prefix can be either already part of this existing rule or a > single ACL line dropping all packets with DA = PREFIX or longer applied on > all external interfaces. > > ACLs supporting basic IPv6 filtering is all what is required and that is > commonly supported by all IPv6 capable routers today. > > *RbR-FIB:* > > The /32 nature of node locators and RbR pointers have additional two > benefits: > > - it can reuse years of operation experience and existing IPv4 addressing > schema in any network as is. > > - it can reuse 32 bit RIB and FIBs and other data plane processing > hardware on any network element making support of RbR really easy even by > legacy hardware. > > *IETF aspect:* > > The RbR can be deployed today with full compliance of RFC8200 + use of > RFC2473. > > Additional protocol enhancements for signalling actions can be > standardized independently if needed. > > - - - > > Apologies for long note. I just thought to share this idea with the WG in > the light of set of network requirements vs discussion of documents under > adoption call (namely CRH). > > Kind regards, > Robert Raszuk > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > > >
- Reference based Routing (RbR) Robert Raszuk
- Re: Reference based Routing (RbR) tony.li
- Re: Reference based Routing (RbR) Robert Raszuk
- Re: Reference based Routing (RbR) tony.li
- Re: Reference based Routing (RbR) Robert Raszuk
- Re: Reference based Routing (RbR) Brian E Carpenter
- Re: Reference based Routing (RbR) Tom Herbert
- Re: Reference based Routing (RbR) Ole Troan
- Re: Reference based Routing (RbR) Robert Raszuk
- Re: Reference based Routing (RbR) Robert Raszuk
- Re: Reference based Routing (RbR) Nick Hilliard
- Re: Reference based Routing (RbR) Robert Raszuk
- Re: Reference based Routing (RbR) Brian E Carpenter
- Re: Reference based Routing (RbR) Tom Herbert
- Re: Reference based Routing (RbR) Nick Hilliard
- Re: Reference based Routing (RbR) Robert Raszuk
- Re: Reference based Routing (RbR) Brian E Carpenter
- Re: Reference based Routing (RbR) Nick Hilliard
- Re: Reference based Routing (RbR) Brian E Carpenter