IETF Logo Mail Archive

Re: Limited Domains:

Tom Herbert <tom@herbertland.com> Tue, 13 April 2021 16:47 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39C363A1E99 for <ipv6@ietfa.amsl.com>; Tue, 13 Apr 2021 09:47:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id idm9ZK7-Etkg for <ipv6@ietfa.amsl.com>; Tue, 13 Apr 2021 09:47:00 -0700 (PDT)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FBDD3A1E6D for <6man@ietf.org>; Tue, 13 Apr 2021 09:46:59 -0700 (PDT)
Received: by mail-ed1-x534.google.com with SMTP id d21so83047edv.9 for <6man@ietf.org>; Tue, 13 Apr 2021 09:46:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=QL4v96icJMSL+SNzkIONt92SYNL9F3I/QSxkQg2h1j4=; b=itBUUDUMFztEKhKdN98vuhpBmZ91AjJPKUm04ZgwxpJb0Il7WDF3Qnc8wn4N9xlIca CKBTGpVOLiod74pKhu9Nzit3/brK5eiIMgX3HJRmmNqnIob8LQ9HmRa4qKcc5jqsfx/6 JPRuWEtm5GZKkFkH/gVkOlu3JcPqGzSS+2veVe5NAd6UBUacEpvNSL6nO5n9KxeqCiBP SwmBOy+9IGIMjP2pLyUJmImfLBxwcj4pBYEpUaVyp1Zp7wllmpKLOucd70FYGTC00YLZ 3fgRsDuQfJD5V/T57RivHj15X/AKbEJbutsP7eniX9sf1rbHi9N0L2cjlTHynAeoP4uq Liow==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=QL4v96icJMSL+SNzkIONt92SYNL9F3I/QSxkQg2h1j4=; b=G6pJ4LQ4O7Ja1qHLO4sUl9KRBcHvZnsjo5k7RYxFytadTFWrtG5y7t8R7DVT2dHPXo 7d4r+MPNeiJ68zcZm42/KkOxxuUxHMjI4l/4oSi5/wZ6OFOnuZggQ11Q7TIJ529Yu/zv yX/ecR2u/SrdVee5JZ1h1MTsbWemLTpD3yI0xsXqV9aSDBsZIjovNMH1y+efQ4AcSEy0 lftaMvPaGOW+i9oz1DtchqaJdFYSZFmyGJKqGCBytmh5cOJu+UF5ITTUzSDDf8ZQeEHp KJYobPPuDJbaxP3QCqTk994GwK9FsuuNUV8Q0PwjDmP9a19iw73UMxukocsgF4MrmCYv a1LA==
X-Gm-Message-State: AOAM533sflcC4eY/id/CAldTLGlnKV9DzUpCZRCtdQTtqImNAI/X5hOZ 5IJ72Pfw1AVAF6rByfv6gDze7ZXrnq+hfnDHsLk0EQ==
X-Google-Smtp-Source: ABdhPJyoqUeiDNgbSeiUohCEcV4hbe5kxAMu9nDvC4V34/nBJ09+mj6uBkXI5y03aQekYOMAoQs+hD4tEjUfKV0/6Og=
X-Received: by 2002:a05:6402:145:: with SMTP id s5mr35644093edu.221.1618332417295; Tue, 13 Apr 2021 09:46:57 -0700 (PDT)
MIME-Version: 1.0
References: <BL0PR05MB5316991D4124AD85BC69392AAE709@BL0PR05MB5316.namprd05.prod.outlook.com> <1697a0f8-b3cd-9f7d-d610-305b5305c9a1@gmail.com> <4077E736-0092-44C6-80D1-E094F468C00C@gmail.com> <12878114-5c26-86f9-89c3-bcfa10141684@gmail.com> <CALx6S35NBfVJmjqVwhNV3nui2avUOXn6ySMG3cxx2AvGkwr_Ow@mail.gmail.com> <08A6C3D2-A81C-413A-81B3-EFAAA9DBCCE5@cisco.com> <5b68beb6-a6f9-828b-5cca-9c5ec2bfbea7@foobar.org> <126B0A5E-B421-4B1F-AAEB-ABD48FFA4289@cisco.com>
In-Reply-To: <126B0A5E-B421-4B1F-AAEB-ABD48FFA4289@cisco.com>
From: Tom Herbert <tom@herbertland.com>
Date: Tue, 13 Apr 2021 09:46:46 -0700
Message-ID: <CALx6S35yxqAqWJVhav-=+TB2ZyYttAFfsLNs6Btt+QUx__aQ1w@mail.gmail.com>
Subject: Re: Limited Domains:
To: "Ahmed Abdelsalam (ahabdels)" <ahabdels@cisco.com>
Cc: Nick Hilliard <nick@foobar.org>, Brian E Carpenter <brian.e.carpenter@gmail.com>, "draft-filsfils-6man-structured-flow-label@ietf.org" <draft-filsfils-6man-structured-flow-label@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/bQx9F6wpN9j4nq0GwG3aX0lyz8o>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Apr 2021 16:47:12 -0000

On Tue, Apr 13, 2021 at 9:18 AM Ahmed Abdelsalam (ahabdels)
<ahabdels@cisco.com> wrote:
>
> Hi Nick,
> Please find my answers inline [AA]
>
> -----Original Message-----
> From: Nick Hilliard <nick@foobar.org>
> Date: Tuesday, 13 April 2021 at 11:58
> To: ahabdels <ahabdels@cisco.com>
> Cc: Tom Herbert <tom@herbertland.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>, "draft-filsfils-6man-structured-flow-label@ietf.org" <draft-filsfils-6man-structured-flow-label@ietf.org>, "6man@ietf.org" <6man@ietf.org>
> Subject: Re: Limited Domains:
>
>     Ahmed Abdelsalam (ahabdels) wrote on 13/04/2021 09:59:
>     > [AA] I don't think we need a new codepoint.
>     > The operator explicitly configures the routers under his
>     > administrative domain to support Structured Flow Label.
>
>     a codepoint is a marker to cause something to be interpreted in a
>     specific and different way.  Moving this flag to the configuration
>     domain is essentially admitting that the semantics of a codepoint are
>     necessary, except that it removes the possibility of having these
>     semantics interpreted automatically on a per-packet basis, and turns it
>     into a per-router or possibly per-interface flag.  This is an unusual
>     type of regression in terms of a protocol where so much work has been
>     put into auto-configuration, and where the syntactic mechanism has been
>     created for protocol extensions.
> [AA] This is a domain wide config applied to all nodes of the domain. So either you decide to do on all routers or not. It doesn’t on per packet treatment.
>
Ahmed,

So this is all or nothing then, replete with a so-called "flag day".
What is the protocol that guarantees that every router in the domain
is properly configured, that no one ever inadvertently brings up a
router without proper configuration? And if configuration fails, which
even in a moderately sized domain will inevitably happen at some
point, how will the user detect the issue and debug it?

Tom

>
>     As a separate issue, if a regular ip packet from the outside
>     accidentally enters into this administrative domain, how does a router
>     on the inside of the domain know not to attempt to interpret the flow
>     label as a SFL, as it could end up effectively parsing random junk?
>
> [AA] All packet coming from external interfaces will be encapsulated in outer IPv6 header as explained the in section 3. The outer IPv6 is what matters for forwarding inside the domain. If a packet from outside accidentally enters into this administrative domain, then that is a bigger problem than SFL.
>
>     Nick
>

v2.23.0 | Report a Bug | By Email