Re: I-D Action: draft-filsfils-6man-structured-flow-label-00.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 08 April 2021 02:18 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3ABC53A33DB; Wed, 7 Apr 2021 19:18:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 68ahJgH89FvO; Wed, 7 Apr 2021 19:18:47 -0700 (PDT)
Received: from mail-pf1-x42d.google.com (mail-pf1-x42d.google.com [IPv6:2607:f8b0:4864:20::42d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C48F3A33D9; Wed, 7 Apr 2021 19:18:44 -0700 (PDT)
Received: by mail-pf1-x42d.google.com with SMTP id g15so701029pfq.3; Wed, 07 Apr 2021 19:18:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=R498OOWg1IHC8soz4qwfWv+mC3wg0pvfQi+yyWH5YVU=; b=kgVDf0VsvI9PfpJEvaEXvvCFI0BKQJh4kbgKKBiwRYO5PoV+1Dbg150n6VFeaVmO// yzmARIgOCovd9BvHZw53ZGaawVDpSpzXKcEUDJkLvTFTXDDTEvxxZiu2S6RebD6Wr9Rk WsTS4InDD3/W15+uxxxgDsKfC9UVrRQl3M53EWoIzYFKCXdwa2DWdomHXLtBycI4zGe6 QuORCfjVSZ+fS69ez8SrxuVE276R+62w+AU+4JIqk9mBTfdTRCKqhdbp3NIo7MjmxZ6T +B2yh7Hxno5L+ZNy9X+1+clHqo0tRSJHSNlSL3ZI+4C23XeHAdslB0E+D+ks53G/G9Iv 63PA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=R498OOWg1IHC8soz4qwfWv+mC3wg0pvfQi+yyWH5YVU=; b=e6mlKDwzlO3RCZ3CEkXhcLd7F6kV608e4KSOrp8jSjLiSVUdrf3PLMh5B9JFj9Wc/K OVKd3AqBxWHoTIrFqlRhpYSeQIUuwXVn2p4GOLmPjOOmgHZGw+SJj9Ifc0PGsJmU7DmP 2WtnehrGcnYQAybxFam+YEuIw5WdjTxwoMwsW7KWFNBMtWfRI9zZXfDBwVY89xzIzCJW ISwAYKc19dfztYoG76enIL7574cGDiaCYVIhaC8ZR+5bt6AxAhPg7QyMd0v/Ko2MC8kQ 0Zvmb22luHlV/Tmnym8cftToc2y3a0/FXGvc0mSBfdy1jGYw4Iu2KUr+wHV8z94fn1up EmfA==
X-Gm-Message-State: AOAM533oWdnldDjELMxvKGwCh/Z9Ck4sBgr4uC6AIMTfVfq+zaTEJslo 0THIQ8TLfEza63cQBKQMzv41lDg+gRXf+Q==
X-Google-Smtp-Source: ABdhPJxqgkt7lruLtSHubg2nAsDTAvnLRW4ouY3cJL+m1ESfL6J5ds85ITa/Y7nLfBS99tK/bjv6nw==
X-Received: by 2002:a63:78cc:: with SMTP id t195mr5823236pgc.196.1617848322915; Wed, 07 Apr 2021 19:18:42 -0700 (PDT)
Received: from [130.216.38.19] (sc-cs-567-laptop.uoa.auckland.ac.nz. [130.216.38.19]) by smtp.gmail.com with ESMTPSA id v8sm22274295pfm.128.2021.04.07.19.18.40 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Apr 2021 19:18:42 -0700 (PDT)
Subject: Re: I-D Action: draft-filsfils-6man-structured-flow-label-00.txt
To: 6man@ietf.org
References: <161591339002.5771.1047511172491571607@ietfa.amsl.com>
Cc: draft-filsfils-6man-structured-flow-label@ietf.org
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <b9ac5db9-58ab-5e23-d00e-886e9e72595e@gmail.com>
Date: Thu, 08 Apr 2021 14:18:37 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <161591339002.5771.1047511172491571607@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/qrTou1rjtNDDchE5yFfSN31pkMc>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Apr 2021 02:18:52 -0000

Hi,

A few comments on this draft.

As background, there have been numerous past proposals for semantics in the flow label; all the ones we could find in 2011 are discussed in https://www.rfc-editor.org/rfc/rfc6294.html. The IETF has consistently declined to adopt any of them. There's also some rationale for the current standard in https://www.rfc-editor.org/rfc/rfc6436.html.

My first comment on the present draft is that it doesn't state its target scenario (which might be LAG, because LAG is mentioned a few times). It also ignores the fact that most current operating systems follow RFC6437 by setting a 20-bit pseudorandom label for all TCP sessions. Of course this must not be changed en route across the Internet. One usage scenario is described in RFC7098, but it's clear that the draft isn't compatible with any scenario in which sources somewhere on the Internet do what RFC6437 tells them to do and downstream routers or load balancers assume that is the case. 

So is it correct that the draft is aimed only at sources (and routers and destinations) within some sort of limited domain? If so, that needs to be clearly stated at the beginning.

There is a spec for using the flow label for ECMP/LAG tunnels in RFC6438. I'd be inclined to the view that 16 pseudorandom bits would be sufficient in that case. In any case, in that case the end-to-end flow label is not affected, just the tunnel, so the fact that four bits don't contribute to the hash is tolerable.

However, just to be clear, you *cannot* declare that in a packet that goes out on the Internet, where the downstream routers support RFC6437, that 4 bits in the flow label are not part of the flow label. Such a thing would in no way be "seamless migration from RFC6437".

Relying on specific statements by a couple of router vendors about what their current products do or don't do is invalid. Other vendors might be different, and as technology evolves those two vendors might change what they do. The argument in section 4 might work for an ECMP/LAG scenario but it *certainly* doesn't work for the server farm scenario (RFC7098), which it would simply break. So rather than "seamless migration" you get "broken user sessions".

Again, you might be able to fix this by positioning the proposal for an ECMP/LAG scenario within a limited domain or a provider tunnel. But as a generic update to RFC6437, absolutely positively not.

Nit:

I'm not sure why in figs 1 and 2 you use little-endian bit numbering. It's confusing. I thought the issue was settled by RFC 791.

Regards
   Brian Carpenter

On 17-Mar-21 05:49, internet-drafts@ietf.org wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> 
> 
>         Title           : Structured Flow Label
>         Authors         : Clarence Filsfils
>                           Ahmed Abdelsalam
>                           Shay Zadok
>                           Xiaohu Xu
>                           Weiqiang Cheng
>                           Daniel Voyer
>                           Pablo Camarillo Garvia
> 	Filename        : draft-filsfils-6man-structured-flow-label-00.txt
> 	Pages           : 12
> 	Date            : 2021-03-16
> 
> Abstract:
>    This document defines the IPv6 Structured Flow Label.  The seamless
>    nature of the change to [RFC6437] is demonstrated.  Benefits of the
>    solution are explained.  Use-cases are illustrated.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-filsfils-6man-structured-flow-label/
> 
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-filsfils-6man-structured-flow-label-00
> https://datatracker.ietf.org/doc/html/draft-filsfils-6man-structured-flow-label-00
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> 
> _______________________________________________
> I-D-Announce mailing list
> I-D-Announce@ietf.org
> https://www.ietf.org/mailman/listinfo/i-d-announce
> Internet-Draft directories: http://www.ietf.org/shadow.html
> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>