IETF Logo Mail Archive

RE: Working Group Last Call for <draft-ietf-6man-ipv6-alt-mark>

Giuseppe Fioccola <giuseppe.fioccola@huawei.com> Tue, 22 December 2020 10:37 UTC

Return-Path: <giuseppe.fioccola@huawei.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 689C03A0F61 for <ipv6@ietfa.amsl.com>; Tue, 22 Dec 2020 02:37:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7OBOQYCEA-m1 for <ipv6@ietfa.amsl.com>; Tue, 22 Dec 2020 02:37:37 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A2863A0F48 for <ipv6@ietf.org>; Tue, 22 Dec 2020 02:37:37 -0800 (PST)
Received: from fraeml708-chm.china.huawei.com (unknown [172.18.147.200]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4D0Xlr6cJmz67LlT; Tue, 22 Dec 2020 18:35:04 +0800 (CST)
Received: from fraeml714-chm.china.huawei.com (10.206.15.33) by fraeml708-chm.china.huawei.com (10.206.15.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2; Tue, 22 Dec 2020 11:37:30 +0100
Received: from fraeml714-chm.china.huawei.com ([10.206.15.33]) by fraeml714-chm.china.huawei.com ([10.206.15.33]) with mapi id 15.01.2106.002; Tue, 22 Dec 2020 11:37:30 +0100
From: Giuseppe Fioccola <giuseppe.fioccola@huawei.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, 6man <ipv6@ietf.org>
CC: Bob Hinden <bob.hinden@gmail.com>
Subject: RE: Working Group Last Call for <draft-ietf-6man-ipv6-alt-mark>
Thread-Topic: Working Group Last Call for <draft-ietf-6man-ipv6-alt-mark>
Thread-Index: AQHW1wPw68JE2pVQPUW0/quCUCCYKKoCEnSAgADD2LA=
Date: Tue, 22 Dec 2020 10:37:30 +0000
Message-ID: <cef5462ef7f3425f9b2957312db45a16@huawei.com>
References: <160022348671.28445.8378620622786303015@ietfa.amsl.com> <7154EC82-1F39-404B-A98B-F656A4CB19BA@gmail.com> <86076851-c196-5876-08e5-27a5fd14edac@gmail.com>
In-Reply-To: <86076851-c196-5876-08e5-27a5fd14edac@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.48.223.135]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/mUNxoCtaVlEjFJDBnvPeLMHLHrs>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Dec 2020 10:37:39 -0000

Hi Brian,
Thanks a lot for your detailed revision.
Please find my replies inline with [GF].

Regards,

Giuseppe 

-----Original Message-----
From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Brian E Carpenter
Sent: Monday, December 21, 2020 11:29 PM
To: 6man <ipv6@ietf.org>
Cc: Bob Hinden <bob.hinden@gmail.com>
Subject: Re: Working Group Last Call for <draft-ietf-6man-ipv6-alt-mark>

Issues:
-------

> 2.  Alternate Marking application to IPv6
...
>       Anyway this does not impact the
>       traffic since the measurement can be done only for the nodes
>       configured to read the Option.

I'm not sure what this means. Does it mean this?:

     This does not affect throughput on nodes that do not recognize
     the option.

But is that true, because of the issues with HbH processing that motivated draft-hinden-6man-hbh-processing? Isn't it possible that this option will force packets onto the "slow path" even in nodes that do not recognize it? The later discussion in section 4 "Use of the AltMark Option" does not mention this.

[GF]: Yes, it is possible. The three high-order bits of the Options Header defined in this draft are 000 and, in theory, as per RFC8200 and draft-hinden-6man-hbh-processing, this means "skip if do not recognize and data do not change en route". RFC8200 also mentions that the nodes only examine and process the HbH Options header if explicitly configured to do so. For these reasons, this HbH Option should not affect the throughput. Anyway, in practice, we are fully aware that the things may be different and it can happen that packets with HbH are forced onto the slow path, and this is a general issue. In the next revision we can include something more on that, even in section 4.

>    An important point that will also be discussed in this document is
>    the the uniqueness of the FlowMonID and how to allow disambiguation
>    of the FlowMonID in case of collision.  [RFC6437] states that the
>    Flow Label cannot be considered alone to avoid ambiguity since it
>    could be accidentally or intentionally changed en route for
>    compelling operational security reasons and this could also happen to
>    the IP addresses that can change due to NAT.  But the Alternate
>    Marking is usually applied in a controlled domain, which would not
>    have NAT and there is no security issue that would necessitate
>    rewriting Flow Labels.  So, for the purposes of this document, both
>    IP addresses and Flow Label should not change in flight and, in some
>    cases, they could be considered together with the FlowMonID for
>    disambiguation.

I think this is a very important point that should probably have its own sub-section 2.1 "Controlled Domain". It answers the question of whether this new option is deployable: yes, in a controlled domain.
(That's why this draft is referenced in RFC8799.)

[GF]: Agree, we can define a new subsection here to highlight the concept. I would also add the reference to RFC8799.

> 4.  Use of the AltMark Option
...
>    In summary, it is possible to list the alternative possibilities:
> 
>    o  Destination Option => measurement only by node in Destination
>       Address.
> 
>    o  Hop-by-Hop Option => every router on the path with feature
>       enabled.
> 
>    o  Destination Option + any Routing Header => every destination node
>       in the route list.

While looking at the 3rd bullet here, I noticed an inconsistency in RFC8200. Section 4.4. of RFC8200 says:

>>>    The Routing header is used by an IPv6 source to list one or more
>>>    intermediate nodes to be "visited" on the way to a packet's
>>>    destination.

So "destination" clearly means the final destination, not the intermediate nodes in the source route. But section 4.1 of RFC8200 ("Extension Header Order") says:

>>>    note 1: for options to be processed by the first destination that
>>>            appears in the IPv6 Destination Address field plus
>>>            subsequent destinations listed in the Routing header.

To avoid ambiguity, I think the first and third bullets in the above list should be modified:

   o  Destination Option not preceding a Routing Header => measurement
      only by node in Destination Address.

   o  Hop-by-Hop Option => every router on the path with feature
      enabled.

   o  Destination Option preceding a Routing Header => every destination
      node in the route list.

[GF]: Good suggestion. The wording you propose is more complete and avoids ambiguity. I will replace the bullets in the next revision of the draft.

> 5.3.1.  Uniqueness of FlowMonID

This section would be more helpful if it discussed the importance of a low rate of ambiguous IDs on the usefulness of the measurements.
Does it really matter if the measurements for 2 flows are confounded 0.1% of the time? Would this cause significant harm to the operator or their clients? Is this harm important enough to justify the complications of avoiding it?

(For ECMP/LAG, RFC6438 page 6 states that rare collisions for the flow label are acceptable, but your case may be different.)

[GF]: Yes, in this section we can introduce that the uniqueness of FlowMonID may not be a problem in some cases. But, for large scale measurements where it is possible to monitor a big number of flows, the disambiguation of the Flow Monitoring Identification field is something to take into account.

Nits:
-----

>    In consequence to the previous document and to the discussion within
>    the community, it is possible to state that the only correct and
>    robust choice that can actually be standardized would be the use of a
>    new TLV to be encoded in the Options Header (Hop-by-Hop or
>    Destination Option).

That sentence is best described as "baroque". I suggest something much simpler, such as:

Consquently, a robust choice is to standardize a new Hop-by-Hop or Destination Option.

[GF]: Ok, I will replace the sentence.

>    Note that the FlowMonID is different from the Flow Label field of the
>    IPv6 Header ([RFC8200]).  Flow Label is used for application service,
>    like load-balancing/equal cost multi-path (LB/ECMP) and QoS.

"Application service" really doesn't describe ECMP or LAG which are traffic engineering mechanisms, and I'm not aware of any real application of the flow label that could be described as QoS management. 

[GF]: I see, Iet me reword this sentence and leave only LB and ECMP.

>  Flow Label cannot be considered alone to avoid ambiguity since it  
> could be accidentally or intentionally changed en route...

The other reason is that since the flow label is pseudo-random, there is always a finite probability of collision. (Although as noted above, for load balancing, statistically rare ambiguity is OK.)

[GF]: Good point. I will also add this argument in the next version.

> 4.  Use of the AltMark Option...
>    ... In this way an unrecognized Hop-by-
>    Hop Option may be just ignored without impacting the traffic.

This duplicates the earlier text about "traffic". Delete?

[GF]: Yes

There are many minor syntax errors; here are a couple of examples chosen at random:

> The Alternate Marking Method has become mature to be implemented...

> [I-D.fioccola-v6ops-ipv6-alt-mark] reported a summary on the possible...

So there is quite a bit of work for the RFC Editor.

Regards
   Brian Carpenter

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email