IETF Logo Mail Archive

Re: [spring] How CRH support SFC/Segment Endpoint option?

Robert Raszuk <robert@raszuk.net> Sun, 24 May 2020 10:22 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D79E3A0415 for <ipv6@ietfa.amsl.com>; Sun, 24 May 2020 03:22:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lMHR4ZuEOgCa for <ipv6@ietfa.amsl.com>; Sun, 24 May 2020 03:22:21 -0700 (PDT)
Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72F3F3A0418 for <6man@ietf.org>; Sun, 24 May 2020 03:22:20 -0700 (PDT)
Received: by mail-ej1-x635.google.com with SMTP id d7so17729247eja.7 for <6man@ietf.org>; Sun, 24 May 2020 03:22:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=T4bgUM9SDbTxQPe+32lGgNuw2sIjoBYg318hACz792Q=; b=fYMYaAVSlETAMWLnw0ogq8GzvXFycJWdTVAIr9b6XZSsYXlTX/cKwWInEV7yHoa19a O6F+n/sB02uOo7z/ejaGhQSph4oi75N8d7MvhWD5j/ipBs0yyFh7PiOvkIm9QiqyTkYD kpRniNIaDOxKyymk739TWGiMfj/e1eUE4hxLDayYLQ2G9XcCgi+yNcE0+I0PDUTFzN81 nAu1aP3JszGRt9dcZ//UTPteKD7UVJqci9oQGYCZ3kCu92VVx56YStzv1GxUZjwmyXJR 9XmdEId80r3LpAmZxhWmADUHlMJ3B9ALzr00ZVzeCJLZwibplsCZx9ZvqVLJMmYqdGEu B0PQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=T4bgUM9SDbTxQPe+32lGgNuw2sIjoBYg318hACz792Q=; b=SR+PiTKGZ7XElAQDnjKbOIPIfSQxbXxxm0PSjLRtHeSEFS/psb3HK/siIJQh3ldTsM YzmrXHVk6WsGIn1eT0FN8d2NJoyCsPkn4GIPQVdKFlGP+FCOPTPfCHi10zUYRSbqWaWS XWONcdlog2bZh4AveKKACkAY/u/z/+RG5nZPj3iddCbWl0mFBGlLSrzKiRdmmmmvqQQc 6+YOKJUll6r2h+fZ4/8ebq8GfYyYqIssYUyWD2liCV7QQFDVFJkDOSBFyaULpNrejQAx An7y8Qt0oJFLtezfL0t78HXE5ymMGkK8kOeh8bywTInwo/h5n/RY3YEIyxdJN1Qmq0By ovEg==
X-Gm-Message-State: AOAM5309EFy7Tu0/ees2e2JGJqbXgfIf9QNfy+n45ULUM/3yIJwH2faa Rk6LhGx8ZhKI1y2/TY0Vf0KhnmJhX4RtWBBASteqCQ==
X-Google-Smtp-Source: ABdhPJya4oO+CkAvJdrZPXLEGglBk6CKb8/mDk0mCx2zdZJct/N+iloD8ZINkvHUWBAnnHGg6xaNJ0PLN7PMOsGOYoY=
X-Received: by 2002:a17:906:39c3:: with SMTP id i3mr15484599eje.417.1590315738359; Sun, 24 May 2020 03:22:18 -0700 (PDT)
MIME-Version: 1.0
References: <C7C2E1C43D652C4E9E49FE7517C236CB02A2CD12@dggeml529-mbx.china.huawei.com> <DM6PR05MB63482CFA4D5AB938D5A4B818AEB40@DM6PR05MB6348.namprd05.prod.outlook.com> <C7C2E1C43D652C4E9E49FE7517C236CB02A37DC6@dggeml509-mbs.china.huawei.com> <DM6PR05MB63489256A7C8357BEF526EE2AEB20@DM6PR05MB6348.namprd05.prod.outlook.com>
In-Reply-To: <DM6PR05MB63489256A7C8357BEF526EE2AEB20@DM6PR05MB6348.namprd05.prod.outlook.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Sun, 24 May 2020 12:22:09 +0200
Message-ID: <CAOj+MMGLj9OgFCcsB21oWXbcCqHZ7B4qTvCcrK9LXuKDYVu_vQ@mail.gmail.com>
Subject: Re: [spring] How CRH support SFC/Segment Endpoint option?
To: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>
Cc: "Chengli (Cheng Li)" <c.l@huawei.com>, 6man <6man@ietf.org>, "spring@ietf.org" <spring@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000aa86e105a6623c81"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/naNRX_ag0Om5nWCXQhmbDtvYJgU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 May 2020 10:22:23 -0000

Hi Ron,

I have one small question on the Destination Option Header you keep
referencing to carry for example VPN demux instructions.

As DOH follows Fragment Header it is indeed inspected before CRH.

So please kindly clarify what is there in the IPv6 packet header which
would stop each segment endpoint (during the transit over SR anchors)
which destination is obviously in DA of the arriving packet not to inspect
DOH and not trying to execute it ?

If you could please also provide reference to RFC8200 defining it.

Keep in mind that in number of networks P routers are also PE routers so
executing DOH even if CRH still contains many hops to go may result in very
unexpected behaviours. I am sure you recall that L3VPN labels are locally
significant and there is no mechanism in place to assure uniqueness of VPN
demux values across PEs.

Why is this important here - because CRH by design is decoupled from any
functions or network application handling.

Many thx,
Robert.


On Sun, May 24, 2020 at 3:24 AM Ron Bonica <rbonica=
40juniper.net@dmarc.ietf.org> wrote:

> Cheng,
>
>
>
> The CRH is a building block. It has exactly one function. That is, to
> steer a packet along its delivery path.
>
>
>
> The CRH does not attempt to deliver parameters or metadata to service
> function instances. It relies on other mechanisms. One possibility is a
> destination options header that precedes the CRH. I am sure that there are
> other mechanisms. CRH should be compatible with all of them.
>
>
>
> Personally, I am not an NSH expert. Maybe someone who is can speak up.
>
>
>
>
>          Ron
>

v2.23.0 | Report a Bug | By Email