From nobody Thu Apr 8 15:13:06 2021 Return-Path: X-Original-To: ipv6@ietfa.amsl.com Delivered-To: ipv6@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF4583A1EE7; Thu, 8 Apr 2021 15:13:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.8 X-Spam-Level: X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=j8Ug9U5J; dkim=pass (1024-bit key) header.d=juniper.net header.b=TtlZ1THX Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vF6KjkxQQnfS; Thu, 8 Apr 2021 15:12:59 -0700 (PDT) Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AEFE3A1EE8; Thu, 8 Apr 2021 15:12:59 -0700 (PDT) Received: from pps.filterd (m0108163.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 138M46Dt002533; Thu, 8 Apr 2021 15:12:58 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=2KUr48rISQhqONetpXOGk8AyNUnutcjtVwJnN9LU7AI=; b=j8Ug9U5J53n/Hh1+CiTjKflUwgnbFQHbPgEBGzIrFDZc6cyUsFfuRc4jBg/EkGFia4+0 0c+Ocp2TgItqCqE76LLM9cpuHXYqCOnD6O58qVl5Jw2DtR/HvgA/jJSQxybPT1Uda0Q2 01rFOlsp8FqNie7LTVqEjsUFTqneNY4vxsIUENJa7peALM42cNEw2pd4f0ikykNlaSME 3kjYDkWgCKZftIYsJpXLzNZo4eLwcx85uqSNdxyYj3vowDNaveaY3eMx08TYAwv52vO4 ouyJQxtZu7rGu1jHumjwrorTuOuYsqkOmTPMO0LXAOmYJW8hANas1xaKKdGIBQ9pT6H9 ug== Received: from nam12-mw2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2041.outbound.protection.outlook.com [104.47.66.41]) by mx0b-00273201.pphosted.com with ESMTP id 37sxrwhnhw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 08 Apr 2021 15:12:58 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RFjPmkalcba23By5+JfB5WxLvpvlFEsXMs7sFzLAQsrYzcavJuxiqWu8gTZUwyjLZXqW+w7r4Ec7MOzlyKcIKBWaFSMvsBboidwJ+pvesRy3zHAZUfcGGpQxFalfI/xzLTa8L+jeDZUnrphK5eGobO6Zvbex3k1iBcOQS8FG5L+jBn3MCHUxuQlnkYaPHdL76ZWPmU/q58lnsuyIxDcv0ATEQWTyaMsprs2DVO6asVPD63pn+4x6EFa/V6vDG1QWKuHPPDx8I1ymAgxei/3lOBzVh887wgLNr8mV8Ynlpqy/sKBNDidTsGlvxeHPjGjzM3CdiLd9fr0fhV9fGN1HCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2KUr48rISQhqONetpXOGk8AyNUnutcjtVwJnN9LU7AI=; b=kca3DlE7/H7IiQAaH5fDvwj+2EZvZ6TA1lijVdyv7YNYpTsx81RBSvSBtRY6B3Q32j87Zr7/QKwSJWDILdNY1CV5vu9Nz2g2r4FmRXNlwMeDe7oXZV/ZbUeGsEi7xbGuiK0jBhah7yXhLiebWj7qJaARDt34icWkKRhF+4vJgyBBiMDanGYXhl8DYlxM8Aur1/4iFJ7FPpHeZiDyBs5+dE+cOfthhr0WH3k+KaeeYA7JE4YeVjbAjLscsu16MaIvpLPYnhqP6wZFVZo7Z/qSsCekyCJv7tZvt1NH/sY1FXjFEzJqnuYmWPXFsPVCeD8ncYB2Ht0idX3LiR3yf8vxfQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2KUr48rISQhqONetpXOGk8AyNUnutcjtVwJnN9LU7AI=; b=TtlZ1THXjnBvcjXYOeDONqfDDXwqPK7kBOaFls08cceGj3pnDFeYMmkXaRPKNPBH0uCwiyPbogCSaMD7ESRaSrlUMx3OGuQ5yxWn2lmKNlg7zHMkIpC48MBKcVRDHg+WEfYW7l5rXZOmbliM7Crx2TauKvcardbg0oB+pdDv0tQ= Received: from BL0PR05MB5316.namprd05.prod.outlook.com (2603:10b6:208:2f::25) by BLAPR05MB7329.namprd05.prod.outlook.com (2603:10b6:208:29f::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4020.8; Thu, 8 Apr 2021 22:12:56 +0000 Received: from BL0PR05MB5316.namprd05.prod.outlook.com ([fe80::f0a3:d022:d21e:4649]) by BL0PR05MB5316.namprd05.prod.outlook.com ([fe80::f0a3:d022:d21e:4649%6]) with mapi id 15.20.4020.016; Thu, 8 Apr 2021 22:12:55 +0000 From: Ron Bonica To: "6man@ietf.org" <6man@ietf.org>, "draft-filsfils-6man-structured-flow-label@ietf.org" Subject: RE: I-D Action: draft-filsfils-6man-structured-flow-label-00.txt Thread-Topic: I-D Action: draft-filsfils-6man-structured-flow-label-00.txt Thread-Index: AQHXLB2Q30rVSa5hBE25DfH7iq+74aqq4HuQ Date: Thu, 8 Apr 2021 22:12:55 +0000 Message-ID: References: <161591339002.5771.1047511172491571607@ietfa.amsl.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.6.0.76 dlp-reaction: no-action msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2021-04-08T22:12:54Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=0633b888-ae0d-4341-a75f-06e04137d755; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=6a43ffb3-897a-4f6e-bf47-a4ea85a311c1; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=2 authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=juniper.net; x-originating-ip: [173.79.122.226] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 3b1f9f81-479f-4f0d-7a1e-08d8fadb75f8 x-ms-traffictypediagnostic: BLAPR05MB7329: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: o3e1VU38f9DmzSPf7vUUBakt5+QL5qc6XyBgt7HkvPuH7GtKYZQB2FjtM51nlVs9KqXTlDmREcPFKV0vsCtVqaARKOBR5v6CJEnyORe6TPVLEFL9gh/oGvAOslir7ZxShBPc27KznyU/M0Xwe1iRrrK5xmvD30hIpCLbX0+tZCALxqk5Tdq5Gmjp94fA1KbT2QAqsOcN5LzzTAzGzKgeOmfndYyqRBKHoeDbJujBH20ROzGq+57ybsD0zieVlCSN0L8lrhV0V//ZwCR+m5uRZ+36Bn44vqUMv98gLX6XWneCtEbacfKLXxslIFRCZXGYJak7L7YXBut7+OlU4JwPIgyhVws8WkXbjXv+CF4Bdaf5qJIT4GDNaTBBc3qDkmIdh1zYLdoG4zlFuuBLqyTRuqznxC1WpptJ0D7JwZXMGSwt3zWqdT+UI/tCDOcQ8UfUUWy4L12Rv8oypthz2oX/t00VpSPiwcqF0K/tV0PybKKnH9ctx8az7rapjGqt663tvoV7/LrRNTnYt6wy0piNPNMQYtl0E9oXg58GPIQnN6g+QGS3YacUfecm4f34nazutv4DSJ56xQwO+Bynml+v/60uaX+QkbTHalormzxHz7k/MZwySly8DvYREw8Jpd6bnwi4XAIl0AEJOp0llyumx9A8sz+uQvBqBA+4iiDB73o= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR05MB5316.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(366004)(346002)(396003)(39860400002)(316002)(5660300002)(55016002)(52536014)(186003)(66574015)(8676002)(66946007)(450100002)(2906002)(478600001)(8936002)(76116006)(53546011)(33656002)(6506007)(26005)(66446008)(66476007)(7696005)(38100700001)(66556008)(9686003)(71200400001)(83380400001)(64756008)(110136005)(86362001); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?yx3O+3Ca8D+x31PO0H5Fu5QLlkTq9zNnQvHVL2UoVPqsCmBf8FFsvMuv5Yh6?= =?us-ascii?Q?JwkNrwEfnVfRzkf7wuWK4c7qomVkkvTl7PqBK9iyd6F0xATFlj7/8ErUEfCL?= =?us-ascii?Q?G2m13qxtLyNaG70JoQ6fJ7L9XqsT8/5V4b9/LSp/NDqT3WURZTSzICgEQpH9?= =?us-ascii?Q?VMWTgnVxwKI1ltB1RJMZeSN9GVS7DszdB07F4wjZ/Nx/DW/GZCTPbhcRr9tE?= =?us-ascii?Q?9IKTDComD0vhkZZ/2aMaJGhXV/8rcIvVqrIdYDvOau5H7kvncXh4tK2Ztkau?= =?us-ascii?Q?N2mcDu1sSm9izXG0TGAGEOjeX1Kfv40uJLZp9Uo4blACZRUStNFkPnlCEJ3e?= =?us-ascii?Q?ijaws8Yz8Lg8S7EXZZJTkT7mKct7ezRz36vErPlw7KvGwX8GT5ososhhfAAb?= =?us-ascii?Q?Q0NTp/7bai6we5siTR7F0YtNfXBWay0jvD1UF3UeU6Qcl2QSK9s59C44T/DH?= =?us-ascii?Q?zZEE3Doyqex9SkAPTJneVH7biRuugJ5oFqQLJXVToj3CxZAG+2+CI1KSR3XB?= =?us-ascii?Q?H0mEopbS/OeftbFIdiiuyf7oBOOERrMf3t9VC1MKbmslnWY5vMiNQFzWW7NK?= =?us-ascii?Q?xLkqnynzl8oL3sqokWvh6R6GMn/SKK39VaP1Fuappuvi04sCraXmbdLlKqyx?= =?us-ascii?Q?EVaDoNyFtbYlu/e5OoYrbFLdJjeb6U4QpwP9dKquz0VSbVaMWgk8RaD/04dh?= =?us-ascii?Q?xg/X7/KP2Xje9KNMKtTGmQRqJeD5yKP/LzxPy6SDX3pcugBV+LYGXQGTiKRO?= =?us-ascii?Q?2eqSrx9l2MjGXrTrZDPFtIpOc9AQdTbmSwH07W+mNwbpDC8sbUCmffLR45Pt?= =?us-ascii?Q?ip7iCCaFkzC1DiXpIu0k46xzJiwlf99FMAFUujTPegyeeQVlIfwvk6YLZ85k?= =?us-ascii?Q?8bVWpC5qUre5jd1VvlJITtEE0KI2qNln1IEmp3MXCNljJ3H3wkUPWk04FdYq?= =?us-ascii?Q?XPCmeQEbIFVy+uQLNocxBWCvKqQhftOGvmOUSMyMGIZr/Iwyjov+kiKLsmra?= =?us-ascii?Q?bGsrCKYWU7G0QoRPqtzAjeyLmGVU/V0A64HHGAcoSzNtrcGGH87hOPvF14LZ?= =?us-ascii?Q?YN6vAR5Jo0+Ft7cZu3sdLOtw4A1C9NCcrUKKiEvCmN9YOx9IVFaBp4RDOznE?= =?us-ascii?Q?ry2rp+pzs6RpMlLDwyUnwLBDBH4i1NGcbaeB1hr+ClEuGivM9nTt5EpNRAz6?= =?us-ascii?Q?zPT+VCn5sU5+i3igf4ENoHHM1scOOgrmjYBC1hi5/BdALW2Bxlyjj6W5C8oJ?= =?us-ascii?Q?6cWUMj4sR/bLyDgGPSiR7X2BVc8XLvY7TL2S0MrBdRPmTX4jM7QTTJ7QdV/j?= =?us-ascii?Q?asWizqmXIDwGt2lLPKVTe5wH?= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BL0PR05MB5316.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3b1f9f81-479f-4f0d-7a1e-08d8fadb75f8 X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Apr 2021 22:12:55.5366 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: MFgJXHn2L9nthATx580q42+JD94HflK3LWDhMu9oTzGtuTuHqJ3aW0LbYilDS8r3VH78fzx6vYbHlkNFKXkSPg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLAPR05MB7329 X-Proofpoint-GUID: B31P2QnH-M9bJ8_hgHzSeVHE6bIdLs3- X-Proofpoint-ORIG-GUID: B31P2QnH-M9bJ8_hgHzSeVHE6bIdLs3- X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.761 definitions=2021-04-08_10:2021-04-08, 2021-04-08 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 adultscore=0 priorityscore=1501 clxscore=1011 phishscore=0 bulkscore=0 suspectscore=0 mlxscore=0 spamscore=0 mlxlogscore=999 impostorscore=0 malwarescore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104060000 definitions=main-2104080146 Archived-At: X-BeenThere: ipv6@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "IPv6 Maintenance Working Group \(6man\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Apr 2021 22:13:04 -0000 Clarence, Draft-filsfils-6man-structured-flow-label addresses a real problem. However= , it may have issues with regard to backwards compatibility and IPv6 extens= ibility. Each is addressed below. Backwards Compatibility =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20 In the draft, you divide the flow label into 4 FLC bits and 16 FLE bits. Th= e 4 FLC bits carry per-packet control information and are not used for ECMP= load-balancing. The 16 FLE bits are as defined in RFC 6437. This raises the issue of backwards compatibility. Many legacy devices IPv6 = devices use all 20 bits of the flow label as defined in RFC 6437. As you sa= y in Section 4, this could cause packets belonging to a single flow to be = distributed among multiple paths. So, the degree of packet reordering at th= e ultimate destination node will increase to an unacceptable level. =20 IPv6 Extensibility =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20 Over the past decade, there have been several proposals that take the follo= wing form: - An IPv6 source node needs to convey some piece of information to every no= de along the packet's delivery path - Field X in the IPv6 header is longer than it needs to be - So, we can borrow a few bits from Field X to convey this information. This approach is flawed for the following reasons: - It can cause backwards compatibility issues, as described above - It only works a few times, until there are no more bits to be borrowed in= the base IPv6 header IPv6 includes a Hop-by-hop Options header. It's purpose is to convey inform= ation from the source node to every node along the packet's delivery path. = Sadly, it was implemented badly so that it can be used as a DoS vector. The= refore, network operators generally filter it. A better approach would be: - to avoid borrowing bits from the IPv6 header - to use the HBH Option for its intended purpose This will require rehabilitation of the HBH option. Bob Hinden and Gorry Fa= irhurst have made a good start towards this goal in draft-hinden-6man-hbh-p= rocessing. We vendors will also need to get behind the rehabilitation effor= t, revising our implementations so that it can no longer be used as a DoS v= ector. In turn, network operators will also need to get behind the rehabili= tation effort. While this may not be the path of least resistance, it will contribute to t= he future extensibility of IPv6. Let's do the right thing. = Ron On 17-Mar-21 05:49, internet-drafts@ietf.org wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts direct= ories. > > > Title : Structured Flow Label > Authors : Clarence Filsfils > Ahmed Abdelsalam > Shay Zadok > Xiaohu Xu > Weiqiang Cheng > Daniel Voyer > Pablo Camarillo Garvia > Filename : draft-filsfils-6man-structured-flow-label-00.txt > Pages : 12 > Date : 2021-03-16 > Juniper Business Use Only