IETF Logo Mail Archive

Re: I-D Action: draft-voyer-6man-extension-header-insertion-02.txt

Tom Herbert <tom@herbertland.com> Wed, 06 December 2017 21:32 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 177C5127599 for <ipv6@ietfa.amsl.com>; Wed, 6 Dec 2017 13:32:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fRixY6yeYrdn for <ipv6@ietfa.amsl.com>; Wed, 6 Dec 2017 13:32:40 -0800 (PST)
Received: from mail-qt0-x231.google.com (mail-qt0-x231.google.com [IPv6:2607:f8b0:400d:c0d::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C220F127286 for <ipv6@ietf.org>; Wed, 6 Dec 2017 13:32:39 -0800 (PST)
Received: by mail-qt0-x231.google.com with SMTP id m59so12593039qte.11 for <ipv6@ietf.org>; Wed, 06 Dec 2017 13:32:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=AXPL0bhrBH/GDvwV0DqW3ZOc2Ax0aGFc0Yt5w2INN+w=; b=Yn1tUBptw26zQk1VfOsdGTpzTYuZoKRerE4XCwH065yuhvsJ4lySSi1hgPJzsTyKP6 ZcDFYP4Nysru8hqbydpLTX/0YhgjpikwbRE05vT8tjc2KM/zrP9H1VQInVNrDzjIAikD U1icWs/FUFhdWzthOSmTX5RwYEDW/RoXTrFIBdnQo8tZnrexdDQqVoQgxR7AK3lls54v udPD6SuUNePFao1zc9JEGyxJhsdwCTackOR+E8XBbJ/55hmKySGNJt4yiCT36jnzozXW CgJZkJkIHQg8g+QeojQwv0xduglDeqSBqrq+LxajJ1w9t2hBZLtF5/RekQrKjwlfC9bI saEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=AXPL0bhrBH/GDvwV0DqW3ZOc2Ax0aGFc0Yt5w2INN+w=; b=qmpkbBznbKFuoQwOTUuaTIwMWWSWq3OkTMT64ZOCPaHpnpa9loeFmEW9bSDzwRoggR +MYJWCxZXCi6RBtBeai9H5xVNspvRrLVgJOnfX3flMJvSCc7ynjc2x5MomJlK0clogGv BT8OOlCW2v3Qj1WvO7hLUM9ggZhSQJ3qKyz3wYqPMtpMUy2veAVc56Cmf+EANrLdmcOL 7LZ9lB8yJr1qvj6na9AnPO4EoFr1D3qXqfqTmDx4qY5iKWUSY6wr4YZtFJ7MXQSwWD8o OJj0FiMoERQPA4JAuxEaZMy5J181bQHhnc+C5xr1XADraL0LWHll4ulIlU2LlFZF8qJT E8bw==
X-Gm-Message-State: AKGB3mKeLukMnKB+hcEEGVW8mDIMYQKy1rNOvBZCxY8c5/YRgY5X6W1A fJOwTtRDcpHu3+gkDhJrLOpjSQFm2JFO1xEyqer+cg==
X-Google-Smtp-Source: AGs4zMYG4uv4IILThW19RrsVheP/vxKj+eUPCvDcTQv+KAvcbhOak7L+pWcWWwWQ6OhUVPkhH2fpQKaw28Xkc6ylbK8=
X-Received: by 10.200.49.99 with SMTP id h32mr6248017qtb.196.1512595958707; Wed, 06 Dec 2017 13:32:38 -0800 (PST)
MIME-Version: 1.0
Received: by 10.200.43.121 with HTTP; Wed, 6 Dec 2017 13:32:37 -0800 (PST)
In-Reply-To: <CAO42Z2yUmGp1eiC5rWezXnzs1vGPfrH2_01U0Mw+kZNmJ34yQw@mail.gmail.com>
References: <151120281628.21912.1099097760493570225@ietfa.amsl.com> <f4425076-2f76-5713-2819-9d26671d56bb@si6networks.com> <4E92F160-C586-4C7B-BAEF-97C204856A8A@employees.org> <bc9d7f57-8687-7f85-8ac3-49751683232b@si6networks.com> <CA+b+ERnKbRXgFycgKd7EXMVvS1Mu_RTC5tfPbNE781TDZ49rYA@mail.gmail.com> <CAO42Z2wWSucKNouo0RxNf7pmyPErNk1bVny43qTLY6E333mpcQ@mail.gmail.com> <e41ee3ae-05ef-0a1a-505e-968323b07625@gmail.com> <CAO42Z2x2-WFyxYKpcwtm_z4WiFFf1M5oiW2=j6fXnqgUG1F8DQ@mail.gmail.com> <8ecf3590-5313-551e-fbb3-f95aada87a67@uniroma2.it> <CALx6S35e0krDCLUhUQFws_gSJhtv0m_E_KQkyRQQWO=zL_=vnQ@mail.gmail.com> <CA+b+ERki3bfmt0FarOdNGbVbdU1U99Sucu3NhEZ9q1BnNxUQrw@mail.gmail.com> <CALx6S34fSBycO+1pU8x3konO+6=s9sYWQQaFp36kcHi4HdyxFQ@mail.gmail.com> <CA+b+ERmF2rj4n9mfvG+ANdNjpBXgpMJb63SqSNVQif4cvwaTPQ@mail.gmail.com> <CALx6S34rvUig5T36cygkq4=rN2yNEBPUHGULDFEefA46WgCkbw@mail.gmail.com> <CA+b+ERmJ8L-j0arbFhR+nvmPNNWYe5OJ3Pab1bu1Y-2HVfJtYw@mail.gmail.com> <1cf221bc-e2e3-bc04-6559-d01eff2e1232@gmail.com> <DACF635E-0A59-4894-85C8-F4C891379A3F@gmail.com> <CAO42Z2wr8i8Dw1S4kTmCXKpwRMowzjhBOYkqtzb26VNQ50KVVQ@mail.gmail.com> <CALx6S352zVE4V7eyfPgr1fVVSuUJVtdUiv==Q6pbSsbAjZ8S8w@mail.gmail.com> <CAO42Z2yUmGp1eiC5rWezXnzs1vGPfrH2_01U0Mw+kZNmJ34yQw@mail.gmail.com>
From: Tom Herbert <tom@herbertland.com>
Date: Wed, 06 Dec 2017 13:32:37 -0800
Message-ID: <CALx6S34Ca6-fva1_bbeydkh5AYY_OfoXtyESi=Xq5fxe6DLmAA@mail.gmail.com>
Subject: Re: I-D Action: draft-voyer-6man-extension-header-insertion-02.txt
To: Mark Smith <markzzzsmith@gmail.com>
Cc: Bob Hinden <bob.hinden@gmail.com>, IPv6 List <ipv6@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/mrpoN2DDGN-Q-TYto9yJNwF0mVw>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Dec 2017 21:32:42 -0000

On Wed, Dec 6, 2017 at 11:52 AM, Mark Smith <markzzzsmith@gmail.com> wrote:
> Hi Tom,
>
> On 6 December 2017 at 07:24, Tom Herbert <tom@herbertland.com> wrote:
>> On Tue, Dec 5, 2017 at 11:59 AM, Mark Smith <markzzzsmith@gmail.com> wrote:
>>> On 5 December 2017 at 08:28, Bob Hinden <bob.hinden@gmail.com> wrote:
>>>>
>>>>> On Dec 2, 2017, at 2:15 PM, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
>>>>>
>>>>> On 03/12/2017 08:53, Robert Raszuk wrote:
>>>>>>>
>
> <snip>
>
>>>>
>>>> I will add that swapping flow labels as I think Tom Herbert was proposing has much less side effects than inserting and processing extension headers.
>>>
>>> Which would then violate the Flow Label spec unless the Flow Label
>>> value is zero.
>>>
>> Mark,
>>
>> The exlcusion that the flow label might be change for "compelling
>> operational reasons" is in practice interpreted as the flow label may
>> change in flight (i.e. receivers and network nodes cannot assume flow
>> label doesn't change). So while doing something like this might be
>> against the spec as written, I have to think this is potentially much
>> less problematic and less churn than changing RFC8200 to allow
>> extension header insertion.
>>
>
> During the specification update of the Flow Label to better formalise
> it, I suggested Flow Label domains, with the analog being DSCP
> domains. That would have facilitated this sort of use. However, that
> was rejected - see Appendix A of RFC6436.
>
> I agree using the flow label is less intrusive than EH insertion,
> however it is still a fundamental change to IPv6 packet forwarding.
> It's already going to be a slow process to have IPv6 forwarding
> devices start using the Flow Label as a load balancing input.
>
> The idea to use the Flow Label for forwarding/switching goes back as
> far as 2004, and didn't get legs.
>
> https://datatracker.ietf.org/doc/draft-chakravorty-6lsa/
>
> I don't understand why the SRH header is considered set in concrete,
> or more specifically how segments are identified in an IPv6 network,
> while far more fundamental changes to IPv6 forwarding are considered
> fine. I don't think SR has been widely deployed, and probably less so
> over IPv6 networks using EH insertion. It's a technology that is only
> a 3 or 4 years old (or something like that), compared to IPv6 which is
> now more than 20 and easily accessible in as early as 1998 (I was
> playing with Linux's implementation then, and Cisco's implementation a
> year later). 20 year old IPv6 forwarding implementations and
> deployments would be 100% compatible with SR based on tunnelling.
>
> I can think of a number of ways that SR segments can be identified
> that would be compatible with IPv6 forwarding that would reduce the
> size of the SRH EH
>
> - as suggested before, unique /64 per device, with the /64 carried in
> the SRH TLV, reducing the TLV size by 8 octets.
>
> - well known or locally selected single /64 for the SR function, then
> unique 64 bit IID per device, with the 64 bit IID carried in the SRH
> TLV, reducing the TLV size by 8 octets. This could be automatically
> generated via a PRNG. It would be safer to check for collisions,
> although probably not necessary.
>
> - well known or locally selected single /64 for the SR function,
> segment IDs 20 bits to match SR-MPLS IDs, 20 bits carred in the SRH
> TLV, reducing the TLV size by 13 octets.
>
Mark,

I don't see how that's going to help much. The authors of this draft
have already stated that in order to doing EH insertion they will need
to encapsulate when packets enter the SR domain, so that's forty-bytes
of overhead right of the bat. And then there's the fixed overhead of
the EH before we finally get to the savings of compressing the EH
data.

But even more important than the size of the headers, is the
processing cost. Processing fixed encapsulation at high speed is
expensive. Processing open ended header chains and TLVs is _really_
expensive to the point that they to date they are undeployable. While
I appreciate the optimism of the authors that the problem of
processing EH TLVs at line rate has been solved, I must admit I am
skeptical. It is hard to ignore a long history which has not been kind
to header chains or TLVs in IP.

The obvious value of using something like the flow label is that it is
a zero overhead solution in the wire protocol. No encpasulation and no
EH. The route lookup for this could be implemented in a TCAM on
src,dst,flow label and the action is just to write a 20 bit value.
ILA, which serves the overlay network use case, is even simpler-- this
is a fixed length lookup on the destination and a write back to the
destination address. Flow label is not used and no change to standard
protocols is required,

Tom

v2.23.0 | Report a Bug | By Email