Re: [IPv6] Adoption call for draft-bonica-6man-comp-rtg-hdr
"Dale W. Carder" <dwcarder@es.net> Fri, 10 November 2023 14:58 UTC
Return-Path: <dwcarder@es.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB351C151090 for <ipv6@ietfa.amsl.com>; Fri, 10 Nov 2023 06:58:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=es.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wDRBG6QZeIoM for <ipv6@ietfa.amsl.com>; Fri, 10 Nov 2023 06:58:31 -0800 (PST)
Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com [IPv6:2607:f8b0:4864:20::d36]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4B90C15108A for <ipv6@ietf.org>; Fri, 10 Nov 2023 06:58:31 -0800 (PST)
Received: by mail-io1-xd36.google.com with SMTP id ca18e2360f4ac-7a94c5538aeso76140139f.3 for <ipv6@ietf.org>; Fri, 10 Nov 2023 06:58:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=es.net; s=esnet-google; t=1699628311; x=1700233111; darn=ietf.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=pSXnMRFpygz6hdNohWoPfXdGcGvJ+k05oqPAzDQ93fc=; b=PVs1OhdMOoWdTNGVcLWKU+NZl8bUpjPemZIzrD1K9zSvp4m2RzVow3Mcg37YKwZF3I fKoEvATTATt6Vmgu3McMqWRxKN+C5RqZ3JBdLMR862INxgFXSzdf+aat9u6ANS6MDBaK zDMFgXWos181wt7RLyuj/khUtAAQi3cOfm4G5+pyniuNPKP+tpucWmpuw5Hq6yCqyLFf Qi2gb6Ruyuct0cnsf5/x2gsKQuXq7XPViDBGT2ORZuNyLKEPo46YocaqaPi2U+UxWjtO Lw2ucmWDJTXm3DJGCz/Z1GnH5/qcSLKtpPb9zG3Jns7j9Pblu7VOQWHiQxlQqumenV3+ df5Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699628311; x=1700233111; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pSXnMRFpygz6hdNohWoPfXdGcGvJ+k05oqPAzDQ93fc=; b=o/9ezySRKK1N3G+AD68AhSWaETyDzml8H5olxq6BTquu1tHTPdCepv6buCHgpXWef7 L8S5Lw/XYfTdISKEQAGN7zZ82/pk6qfuVPcXEbys2MmXWqSm96P2ZmntsljoWsCew9gt QeuYGa5LdO6Eai4b8GjCUwr64CEB2zhLPrtwCXCocuDZYs7p9vHook8oaxL2GWzeNtOg aUDLvxKUK+3CxzM7l3ERmpsZ+ZobCbwjCbai0cmwR/xVIVGxk74bRVY9RjE2JNAVA44N VoCViS3+JE6irArqtJv+13SHXAVPwpNBt+CZaFYyVDSUVoQPo1WFDKGmSOl1HgyAB2Hp Ylvg==
X-Gm-Message-State: AOJu0YxPpE9sNWicKyvoC+yAD2BzJHQ8XlwicL5jXaQlmkCtpgS16ib7 mRomwzc0VTKix8PPD8P8QOtfsHDmvJ+qXpYxyDlStM8hs9uyUr452pvS2Gi67zVSYMc1pt/Vr1y XCyrEalQVhU/KH8WEnDg0WgaaSWjiVnph245HmWRT6EJ8m9SOXdnpyM4OsA==
X-Google-Smtp-Source: AGHT+IE0nUDHXXyOmZ+F+47bwwPFNXKtydg4UAc+ejiYi7qFJMXoIei4h5wTmMurfIlKvQRBreqpNw==
X-Received: by 2002:a6b:6e13:0:b0:795:13ea:477a with SMTP id d19-20020a6b6e13000000b0079513ea477amr4925539ioh.8.1699628310665; Fri, 10 Nov 2023 06:58:30 -0800 (PST)
Received: from localhost ([2600:6c44:5f7f:b901:b9aa:b313:86c5:6ad0]) by smtp.gmail.com with ESMTPSA id s18-20020a02c512000000b00459d7c3dcf3sm4450357jam.115.2023.11.10.06.58.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 10 Nov 2023 06:58:30 -0800 (PST)
Date: Fri, 10 Nov 2023 08:58:29 -0600
From: "Dale W. Carder" <dwcarder@es.net>
To: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>
Cc: Jingrong Xie <xiejingrong=40huawei.com@dmarc.ietf.org>, Jen Linkova <furry13@gmail.com>, 6man <ipv6@ietf.org>, "draft-bonica-6man-comp-rtg-hdr.authors@ietf.org" <draft-bonica-6man-comp-rtg-hdr.authors@ietf.org>
Message-ID: <ZU5FFXNWUr3UKP3u@dwc-laptop.local>
References: <CAFU7BARQLAS+w7kKUPSBgFacc5GXNAaJ97qkJg9VyjbhoNibcQ@mail.gmail.com> <6bbf20ae2c9c410fafb8f3277692f318@huawei.com> <BL0PR05MB531616592B9991F244184A8CAEAFA@BL0PR05MB5316.namprd05.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <BL0PR05MB531616592B9991F244184A8CAEAFA@BL0PR05MB5316.namprd05.prod.outlook.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/naatHBSWIg2Ezla9LDpqb6mEpDQ>
Subject: Re: [IPv6] Adoption call for draft-bonica-6man-comp-rtg-hdr
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Nov 2023 14:58:36 -0000
Hi Ron, Would there need to be interop between CRH and SRv6, or is CRH completely standalone? I am not in SPRING so excuse me if this question is a distraction. (I remain a bit confused as to why this draft is here) In SR/MPLS, proccessing at the edge of the IGP domain is controlled at the interface level, effectively by ethertype filtering (including by 3rd parties such as at competent IXPs). So, IGP stuff doesn't leak in or out. In RFC 8754 section 5.1, the method of "securing" the SRv6 domain I think is described as dedicating a specific address block to all those SIDs and hopefully remembering to filter that block at the edge with ACLs to keep the forwarding instructions internal. From RFC9288 3.5.2 one could also filter Routing Type 4 (if that were actually possible on the box). For CRH, is there a pragmatic way to do such filtering? Or do you have to implement an ACL such that one would have to process it deep enough to filter all Routing Type 5 and 6 at the edge of the network? I guess I am pretty skeptical that this could be deployable in a safe manner, and being an operator I would need some pragmatic guidance as it does not appear obvious. Dale Thus spake Ron Bonica (rbonica=40juniper.net@dmarc.ietf.org) on Thu, Nov 09, 2023 at 05:26:31PM +0000: > Jingrong, > > I am confused by the references to SRv6/8754/8986. What specific changes would you like me to make to the CRH draft? > > Ron > > > > Juniper Business Use Only > -----Original Message----- > From: Jingrong Xie <xiejingrong=40huawei.com@dmarc.ietf.org> > Sent: Thursday, November 9, 2023 5:38 AM > To: Jen Linkova <furry13@gmail.com>; 6man <ipv6@ietf.org> > Cc: draft-bonica-6man-comp-rtg-hdr.authors@ietf.org > Subject: RE: [IPv6] Adoption call for draft-bonica-6man-comp-rtg-hdr > > [External Email. Be cautious of content] > > > Hi 6man WG: > > I think the document should have more discussions on Security aspects. > > SRv6/RFC8986/RFC8754 has built the security of an IPv6-based trusted domain (SR domain) on the highly strict IPv6 address management. > > To define a "IPv6 address block" for special-usage (the so called Network-Programming), is a solid paradigm to make such an IPv6-based trusted domain IMO. > > In my understanding, once there is a need to use a "special-usage" address (which differs the RFC4291 address), no matter GUA/LUA, the management of such address should be built on SRv6 NP (not bounding to an Interface/Loopback, and populating FIB differently, etc). > > > The removal of reference to SRv6/8754/8986 will make this solid paradigm no longer to be useful. I see there are challenges faced, for example: > CE1----PE1[Provider-network]PE2----CE2 > CE1 may want to use a SRv6 SRH with an active SID being a PE's SID under a VRF context, and the last SID being the CE2. > With this document, the case will not able to be supported I think. > See a draft (expired though) https://urldefense.com/v3/__https://www.ietf.org/archive/id/draft-xie-spring-srv6-npi-for-overlay-00.html__;!!NEt6yMaO-gk!C366b9VXaEDSiowxvBIP8DCsrzxvfA2G6X-xdonrZgiEq_GXdbVpGxBFfLYlCMs-pM4TiY_PC2_9pCCg35SrLyIcwKuEVZ4$ . > Another similar example (VPN-CAR case ) https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-car/__;!!NEt6yMaO-gk!C366b9VXaEDSiowxvBIP8DCsrzxvfA2G6X-xdonrZgiEq_GXdbVpGxBFfLYlCMs-pM4TiY_PC2_9pCCg35SrLyIcaa3e6wg$ > > > Thanks, > Jingrong > > 本邮件及其附件可能含有华为公司的保密信息,仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、或散发)本邮件中的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本邮件! > This e-mail and its attachments may contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it! > > > -----Original Message----- > From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Jen Linkova > Sent: Thursday, October 26, 2023 4:04 PM > To: 6man <ipv6@ietf.org> > Cc: draft-bonica-6man-comp-rtg-hdr.authors@ietf.org > Subject: [IPv6] Adoption call for draft-bonica-6man-comp-rtg-hdr > > This email starts an adoption call for the following document: > > Title: The IPv6 Compact Routing Header (CRH) Draft name: draft-bonica-6man-comp-rtg-hdr > Link: https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-bonica-6man-comp-rtg-hdr/__;!!NEt6yMaO-gk!C366b9VXaEDSiowxvBIP8DCsrzxvfA2G6X-xdonrZgiEq_GXdbVpGxBFfLYlCMs-pM4TiY_PC2_9pCCg35SrLyIcKg295UI$ > > Substantive comments and statements of support for adopting this document should be sent to the mailing list. Editorial suggestions can be sent to the authors. > > The adoption call ends on Monday, Nov 13th, 23:59 UTC.
- [IPv6] Adoption call for draft-bonica-6man-comp-r… Jen Linkova
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Mark Smith
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Andrew Alston - IETF
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Daniam Henriques
- Re: [IPv6] Adoption call for draft-bonica-6man-co… 李星
- Re: [IPv6] [EXTERNAL] Adoption call for draft-bon… Templin (US), Fred L
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Greg Mirsky
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Reji Thomas
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Alvaro Retana
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Gyan Mishra
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Alvaro Retana
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Nick Buraglio
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Mark Smith
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Mark Smith
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Joel Halpern
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Joel Halpern
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Joel Halpern
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Joel Halpern
- [IPv6] Routing Headers and limited domains (Was R… Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Brian E Carpenter
- Re: [IPv6] Routing Headers and limited domains (W… Tony Przygienda
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Tony Przygienda
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Justin Iurman
- Re: [IPv6] Routing Headers and limited domains (W… Tony Przygienda
- Re: [IPv6] Routing Headers and limited domains (W… Brian E Carpenter
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Mark Smith
- Re: [IPv6] Routing Headers and limited domains (W… Brian E Carpenter
- Re: [IPv6] Routing Headers and limited domains (W… Joel Halpern
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Ron Bonica
- Re: [IPv6] Routing Headers and limited domains (W… Brian E Carpenter
- Re: [IPv6] Routing Headers and limited domains (W… Ron Bonica
- Re: [IPv6] Routing Headers and limited domains (W… Ron Bonica
- Re: [IPv6] Routing Headers and limited domains (W… Tony Przygienda
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Tony Przygienda
- Re: [IPv6] Routing Headers and limited domains (W… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Bob Hinden
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Zafar Ali (zali)
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Bob Hinden
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Adrian Farrel
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Jingrong Xie
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Michael Richardson
- Re: [IPv6] Routing Headers and limited domains (W… Mark Smith
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… gengnan
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Tony Przygienda
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Dale W. Carder
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Robert Raszuk
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Mark Smith
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Bob Hinden
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Dale W. Carder
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Mark Smith
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ketan Talaulikar
- [IPv6] Segment routing without SRH [was: Re: Rout… John Scudder
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Stefano Salsano
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Zafar Ali (zali)
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Robert Raszuk
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Mark Smith
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Wim Henderickx (Nokia)
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ron Bonica
- Re: [IPv6] Segment routing without SRH [was: Re: … Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Mark Smith
- Re: [IPv6] Segment routing without SRH [was: Re: … Suresh Krishnan
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Robert Raszuk
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Robert Raszuk
- Re: [IPv6] Segment routing without SRH [was: Re: … Tom Herbert
- Re: [IPv6] Routing Headers and limited domains (W… Mark Smith
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Mark Smith
- [IPv6] pcap{ng} for RFC Michael Richardson
- Re: [IPv6] Routing Headers and limited domains (W… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Tom Herbert
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Robert Raszuk
- Re: [IPv6] Routing Headers and limited domains (W… Ron Bonica
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Tony Przygienda
- Re: [IPv6] Adoption call for draft-bonica-6man-co… Wim Henderickx (Nokia)