IETF Logo Mail Archive

Re: [spring] “SRV6+” complexity in forwarding

Jeff Tantsura <jefftant.ietf@gmail.com> Fri, 20 September 2019 02:44 UTC

Return-Path: <jefftant.ietf@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0513B12003E; Thu, 19 Sep 2019 19:44:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sNys8VS-ZqKE; Thu, 19 Sep 2019 19:43:56 -0700 (PDT)
Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 040161200C3; Thu, 19 Sep 2019 19:43:55 -0700 (PDT)
Received: by mail-pf1-x431.google.com with SMTP id q5so3495263pfg.13; Thu, 19 Sep 2019 19:43:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZZCgTJ/cSEz6+I2uVRIQqCX7fvVPzVJ+3C4JKrlRiRg=; b=ItCNkF4wHFbSLIpPilmPvWy5+r/m6JFd5cOalyHMJvossrq268icDesw5v3FB6gx7X /Kd5ZCy1KRuXfsy5nclhVMtVMClA7bSlmhmB2hQSEOUwKIeiHoK8GuOTMRv7NUwuB0eo AELRwRPfRvqQKhGCFcgEVT6KSLKL9IHRU1TP30maKT4ULs6x2K0ORtTkNR1ylxIJZLEe PrOFt2fStzPHCfwg8jQ8++z+eC2P2EOR39RvzeVlUSSvcV4MR975mXE8Wzi3lN392kXQ eD8DwYEFZAw/ddBFmcfNqlBfmx4eyVydXcT+JaAhmzT00/pE0hlIFf5+qAhCjwPnQc2N Qu5A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZZCgTJ/cSEz6+I2uVRIQqCX7fvVPzVJ+3C4JKrlRiRg=; b=ofID2goix/wGAvbfx9agUQpFeGipWcEIzb9FjMPci60qTTTWnI0hPIRE22TjkBTybX BJdunJX/3+to781PaUkIFJPWBIQoZZPt7o5RFddUr7UOlT70jaDdyPrER+/sGapx7zIJ H7sEyicKAtZzt7h4Sshwr4g3gL/T54+v1dW3/oQuGUP2ruetEoODy7vIqLN0niK4TYkd d0jpelp7slgKph2sWydV+ww1Ik5GguwshhqV4mLcJo5rYzAAjbnFnV9QHSPjg3KJJiUr +foqBcQa0Jxv47a1Ga9LABlP2mOzG65ZthF8IaKDHWVd5Fw07lXs6SsfdrW7me+3NKWb ksGg==
X-Gm-Message-State: APjAAAXAnfmufLw8oD0vD+9PGOnGklSD1julO9/qbT3t9zXzLFrAr1hN PVXJpfROjdmCqgQxb/NEa9E=
X-Google-Smtp-Source: APXvYqwp7mHTn1KQc0a/44vTkdMPxq3qTtWONH9iBkmrCgwd/GB5+/mhoCkymSwdN1sBdo81tjXagA==
X-Received: by 2002:a63:1020:: with SMTP id f32mr12968291pgl.203.1568947435348; Thu, 19 Sep 2019 19:43:55 -0700 (PDT)
Received: from [192.168.1.15] (c-73-189-13-44.hsd1.ca.comcast.net. [73.189.13.44]) by smtp.gmail.com with ESMTPSA id h14sm410345pfo.15.2019.09.19.19.43.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 19 Sep 2019 19:43:54 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-01BACA43-A038-48AA-8792-5E8FFECA9170"
Mime-Version: 1.0 (1.0)
Subject: Re: [spring] “SRV6+” complexity in forwarding
From: Jeff Tantsura <jefftant.ietf@gmail.com>
X-Mailer: iPhone Mail (16G102)
In-Reply-To: <02987E0C-3512-4BDD-A888-32CF4C8EB78E@gmail.com>
Date: Thu, 19 Sep 2019 19:43:52 -0700
Cc: Robert Raszuk <robert@raszuk.net>, Rob Shakir <robjs@google.com>, SPRING WG <spring@ietf.org>, 6man <6man@ietf.org>, Dirk Steinberg <dirk@lapishills.com>, "xiechf@chinatelecom.cn" <xiechf@chinatelecom.cn>, Tarek Saad <tsaad.net@gmail.com>, Srihari Sangli <ssangli=40juniper.net@dmarc.ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <F183D162-DE73-486C-ACBD-1200E991D8B7@gmail.com>
References: <CAHd-QWtA21+2Sm616Fnw0D-eB7SNb_BeG8-A-MCLLFgTwSpOsg@mail.gmail.com> <BYAPR05MB54632F09C712ADB30138CFA9AEBE0@BYAPR05MB5463.namprd05.prod.outlook.com> <BYAPR19MB3415D21403394F8129A4BAD8FCB90@BYAPR19MB3415.namprd19.prod.outlook.com> <30491F13-C652-45C3-AB2B-95F765FBB4EA@juniper.net> <65C5CB04-3A2F-4F83-A7C8-2045154F93AE@cisco.com> <BYAPR05MB5463EC3250F2A303A3641839AEBA0@BYAPR05MB5463.namprd05.prod.outlook.com> <91CBADAD-EFE6-46E1-A9D3-DAA111357179@juniper.net> <CAOj+MMGyUFRPDqCBo5SbLX486o_9GLpM6Zxf8KSt1voWiqhkGQ@mail.gmail.com> <E8D473B5-3E8D-4339-9A79-0CAE30750A55@juniper.net> <CAOj+MMFOy5PyTo=jPJkVrQOctdWjsTbD=7ix-2n89vodKzT3gQ@mail.gmail.com> <2F604D74-51CF-4F2F-AEA9-1CBDEEA9B9F7@gmail.com> <F09C2D09-D769-4817-AF73-97D6ED1BC4BF@lapishills.com> <201909120857387140042@chinatelecom.cn> <1568259664564.62561@bell.ca> <CAO42Z2wQ_8GEE+=nAMFBj+ape9Vf7fARVoOwGdCiUxdffkyXgw@mail.gmail.com> <BYAPR05MB5463A04B05B4BD6AA294F7F0AEB00@BYAPR05MB5463.namprd05.prod.outlook.com> <6EA6F7C0-BEB2-4749-A6AB-62B1337213B2@cisco.com> <BYAPR05MB5463426F1668202EE5F183EFAE8F0@BYAPR05MB5463.namprd05.prod.outlook.com> <634900D2-FBCE-47CF-8907-C8B9CB3A4102@cisco.com> <CALx6S34=Tw-u4Hz-07-Rs-GjsungkqnD_fMoQnGc17u3VJhY1g@mail.gmail.com> <CAFqxzqYr7g2jzwJrhvjL_DXYZsDzbzqx01cy0zB1aBweDde1XQ@mail.gmail.com> <CAO42Z2yrjwRMykWxmEo5=18fMvuZdMtuyz5g1p=8oSzp_ro9Vw@mail.gmail.com> <52FDA21F-E860-45E2-846A-43B969DEDC87@juniper.net> <CAOj+MMFjCcQt7FLf9NjfEKruEYktU0iJEs8Q+qFG8Pjkt7jDaA@mail.gmail.com> <9EA2D501-4382-4071-A89C-8C593B66E2F1@juniper.net> <CA+b+ERmnw412sboPtMow6=WUFK_FW2iO+rQxOu4dQ0yV2cuukQ@mail.gmail.com> <CAA8Zg7G-Aa+mVWxax3EqJOs9V7T8Bu=mfvng8Om9bEw59D7Orw@mail.gmail.com> <CAOj+MMFuQqMcGdjLT0piyuyUNpgLka7Pn5suA+LRi+rzFeKwow@mail.gmail.com> <CAA8Zg7HtdoMtzqg6o04TjAnyg8NUaoijVi40NoUPeERcycGssA@mail.gmail.com> <CAOj+MMF7X2nar9TkvWc2LunwdL2A6pfzpvROeZ3XfCGcv4zBZQ@mail.gmail.com> <02987E0C-3512-4BDD-A888-32CF4C8EB78E@gmail.com>
To: Gyan Mishra <hayabusagsm@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/gyivRJ60Z2CE848moppAGBIgnZA>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2019 02:44:01 -0000

Gyan,

IPFRR doesn’t use/need any IGP extensions and is local to the device computing LFA.
As RTGWG chair - I welcome you to read a number of rather well written RFCs on the topic we have published in RTGWG over the last 7 years. 
Pay attention on how LFAs are computed, this would clarify your question as to why there’s no need for additional imposition as well as why LFA provides partial coverage.
There’s also TI-LFA draft that explains how TI-LFA is computed and why it relies on additional imposition if LFA is unavailable.

Regards,
Jeff

> On Sep 19, 2019, at 18:06, Gyan Mishra <hayabusagsm@gmail.com> wrote:
> 
> Hi Robert 
> 
> I know we have gone through many many lengthy discussions adnosium and I know the question has come up a few times and I know you replied back a few times related to the service provider use case where we end up with the multiple violations of RFC 8200 related to intermediate nodes EH insertion as well as many EH insertions occurring and what was mentioned was Ti-LFA.  So since LFA and Remote LFA are extensions of the IGP providing the 50ms failover similar to traditional mpls Fast Reroute capabilities NH & NNH link/node/path protection in the legacy TE FRR pce the head end PE LSR adds and additional mpls shim for FRR.
> 
> With IP LFA and remote LFA used with LDP there are IGP extensions opaque LSA’s that provide the pre programmed backup path provided by LFA loop free backup path.  In that scenario with LDP there is not any additional label with LFA but with remote LFA is added for the Remote LFA backup path with LDP session protection enabled with targeted LDP session tunnled through the RLFA node.
> 
> So now talking SRv6 with Ti LFA why is there an EH insertion as we are not using mpls LDP and not doing remote LFA and this is not the traditional mpls TE FRR.
> 
> I am not getting it from a network engineering technical standpoint what the use case is and why EH insertion would occur on any intermediate node as that even in the legacy mpls TE world its on the ingress LSR PE and for that matter in this case the benefit of SRv6 is “native TE” source routing via SRH pssi instructions and not maintaining state on the intermediate nodes which just do the PSSI and copy the SRH destination rewrite of IPv6 destination for the traffic engineered path and then do PSP or USP on the egress node of the service provider core.
> 
> I designed and manage a fairly large mpls core for Verizon and if their is a asic processing penalty hit due to intermediate node EH insertion we don’t want it and will stay course with LDP and stick with our path targeting SR-MPLS and ditch any ideas of ever going to SRv6.
> 
> Thanks in advance for help in clarification of this topic and I think understanding the use case would help 6man overall understand the justification of the RFC 8200 violations.
> 
> Thank you
> 
> Gyan Mishra
> Verizon Communications 
> Cell 301 502-1347
> 
> Sent from my iPhone
> 
>> On Sep 19, 2019, at 3:50 PM, Robert Raszuk <robert@raszuk.net> wrote:
>> 
>> Hi Reji,
>> 
>> Notice what it says: " ... explicitly listed intermediate nodes ... "
>> 
>> CRH which is used in SRv6+ does not explicitly list intermediate nodes so I do not think the procedures in IPv6 spec apply as the way you interpret them. 
>> 
>> But I am i no way authoritative ... still learning IPv6 and this thread become great education. 
>> 
>> An real example where those procedure apply is documented in RFC6554 which does put the addresses explicitly. 
>> 
>> Many thx,
>> Robert.
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>>> On Thu, Sep 19, 2019 at 9:14 PM Reji Thomas <rejithomas.d@gmail.com> wrote:
>>> Hi Robert,
>>> 
>>> >>I do not know what is the difference between IPv6 Destination Address in the fixed header and "final destination". Where do you carry "final destination" address ? 
>>> 
>>> See Section 4.4 in RFC 8200.  Hope its clear what's the final destination and the context in which it is used.
>>> 
>>>       Segments Left       8-bit unsigned integer.  Number of route
>>>                           segments remaining, i.e., number of explicitly
>>>                           listed intermediate nodes still to be visited
>>>                           before reaching the final destination.
>>> 
>>> Regards
>>> Reji
>>> 
>>>> On Thu, Sep 19, 2019 at 10:26 PM Robert Raszuk <robert@raszuk.net> wrote:
>>>> IPv6 fixed header has only one destination address. So TE midpoint is either a packet's destination or not. It can not be both. 
>>>> 
>>>> I do not know what is the difference between IPv6 Destination Address in the fixed header and "final destination". Where do you carry "final destination" address ? 
>>>> 
>>>> Many  thx,
>>>> R.
>>>> 
>>>>> On Thu, Sep 19, 2019 at 6:17 PM Reji Thomas <rejithomas.d@gmail.com> wrote:
>>>>> Hi Robert,
>>>>> 
>>>>> >>Well the crux of the matter is that you still need to process all EHs at each IPv6 destination which here means each transit node per RFC8200
>>>>> 
>>>>>  From RFC 8200 that doesn't seem to be the case or at least as I understand. See  Section 4..1 note 1 and note 3. Am I missing something?
>>>>>  
>>>>> IPv6 header
>>>>>       Hop-by-Hop Options header
>>>>>       Destination Options header (note 1)
>>>>>       Routing header
>>>>>       Fragment header
>>>>>       Authentication header (note 2)
>>>>>       Encapsulating Security Payload header (note 2)
>>>>>       Destination Options header (note 3)
>>>>>       Upper-Layer header
>>>>> 
>>>>>       note 1: for options to be processed by the first destination that
>>>>>               appears in the IPv6 Destination Address field plus
>>>>>               subsequent destinations listed in the Routing header.
>>>>> 
>>>>>       note 2: additional recommendations regarding the relative order of
>>>>>               the Authentication and Encapsulating Security Payload
>>>>>               headers are given in [RFC4303].
>>>>> 
>>>>>       note 3: for options to be processed only by the final destination
>>>>>               of the packet.
>>>>> 
>>>>> Regards
>>>>> Reji
>>>>> 
>>>>>> On Thu, Sep 19, 2019 at 9:00 PM Robert Raszuk <rraszuk@gmail.com> wrote:
>>>>>> 
>>>>>>> I disagree. PPSI and PSSI leverages the DOHs in IPv6 architecture better. The SRv6+ drafts explain the usecases better FYI.
>>>>>> 
>>>>>> Well the crux of the matter is that you still need to process all EHs at each IPv6 destination which here means each transit node per RFC8200. That is regardless what any other spec says .... unfortunately. 
>>>>>> 
>>>>>> Best,
>>>>>> R.
>>>>>> 
>>>>>> 
>>>>>>  
>>>>>> --------------------------------------------------------------------
>>>>>> IETF IPv6 working group mailing list
>>>>>> ipv6@ietf.org
>>>>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>>>> --------------------------------------------------------------------
>>>>> _______________________________________________
>>>>> spring mailing list
>>>>> spring@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/spring
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email