Re: SRH insertion vs encapsulation (Re: Next steps on Extension Header Insertion)
Mark Smith <markzzzsmith@gmail.com> Fri, 04 November 2016 23:55 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 938FC129451 for <ipv6@ietfa.amsl.com>; Fri, 4 Nov 2016 16:55:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.498
X-Spam-Level:
X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KpS5r3HHTYKV for <ipv6@ietfa.amsl.com>; Fri, 4 Nov 2016 16:55:08 -0700 (PDT)
Received: from mail-ua0-x229.google.com (mail-ua0-x229.google.com [IPv6:2607:f8b0:400c:c08::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1738B1293FD for <ipv6@ietf.org>; Fri, 4 Nov 2016 16:55:08 -0700 (PDT)
Received: by mail-ua0-x229.google.com with SMTP id 12so79228559uas.2 for <ipv6@ietf.org>; Fri, 04 Nov 2016 16:55:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8F3f/+8DQ0QyyZQI//6e4O61cus0zG+vUcDaCdI/jSw=; b=BQa7znIuT91gnAQlqQuFzCDEp/luGpki9A59J7ZzLN24nN2aJmQgfo47WIwpRz6g2W YN/f3oJMbhNNCboHu2zpIwHVRN0GdVweUBd+58AORTph0r3Hega1bVRq0Z+dO7FYj7gT ZrK86QrdiK+win/d/leuiDvpUT7jamTWrbMcmqiFZtkoqQ/8tSWPjKzFLgP0oYrqizzf 6PxBZczmTPU2y19kLhHxCKzMmDpoZ2n45ZexVtAprRFWGxuW3aW6djXMsh+AGcRa+8FA 8vbAkv6159Ja8Unck5T3Mii6fFWzL7VBsSyjHve2BVwJlxCB6WtLw9We/rsDRS19A//O TEhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8F3f/+8DQ0QyyZQI//6e4O61cus0zG+vUcDaCdI/jSw=; b=FDVcY64zzQ9dB4IrNclISR7699R3mqURZAeoVdgT7mSz68PzCYdNjn3CnHXpEKoA6Y gP/Da/z2bWRYNWdo6Fk3PFOgqSPTIIJ+PVqt6TeusB75ZHHMPCiSHSLZAU9zx5tG7XTI X5Q8qypPv+uEaUeB1eaoBokwggasuo/F8YvU5Jvt2B3Q+OxT1YYpmR/TGCzhLa3IMlR6 EMX/PH8F7Zu7tohLECY2OIxfHDh6DRJ0w5W7V8s7CytZTFUPJe5j3XvJ4kqX0Ubt0T8o C0s1CjepLQ4PsEEBFDVUpv/6ivoSHp7N1XccoUo6R7M6NBdgAf7KR21PEpcZ9IdjfSrh qscA==
X-Gm-Message-State: ABUngvd/c54NBHDYnV8knStCu/PERp5o/Cf4mcDteMP3AuFIaUryB5ShoDdlzT6Er8OYxpBO63BZJSLsawN7QQ==
X-Received: by 10.176.2.21 with SMTP id 21mr13512422uas.11.1478303707091; Fri, 04 Nov 2016 16:55:07 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.159.48.212 with HTTP; Fri, 4 Nov 2016 16:55:06 -0700 (PDT)
Received: by 10.159.48.212 with HTTP; Fri, 4 Nov 2016 16:55:06 -0700 (PDT)
In-Reply-To: <0c03c58a-3cc2-8395-c440-fe8b72424abd@gmail.com>
References: <CAJE_bqebnwwDj_00=N-ZNffE++SaEMwA6vT+i-nb0C_vmZHCRA@mail.gmail.com> <C4DBE2C0-FEFB-4D33-8B9F-F19807AF6E11@cisco.com> <CALx6S36wau10FSJ95j4XLWLu+gHANOzGr4OneC6hReTPxtMvfg@mail.gmail.com> <0c03c58a-3cc2-8395-c440-fe8b72424abd@gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Sat, 05 Nov 2016 10:55:06 +1100
Message-ID: <CAO42Z2y13-f-eY24XBqOvkJyv-fUkp50jUTKDQAORfTkKvGJ9g@mail.gmail.com>
Subject: Re: SRH insertion vs encapsulation (Re: Next steps on Extension Header Insertion)
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Content-Type: multipart/alternative; boundary="001a113ec61e54d6f00540826759"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/xKjufAxW76X6xmDbcB7kK2QIJtc>
Cc: 6man WG <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>, 神明達哉 <jinmei@wide.ad.jp>, Fernando Gont <fgont@si6networks.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2016 23:55:09 -0000
On 5 Nov. 2016 05:52, "Brian E Carpenter" <brian.e.carpenter@gmail.com> wrote: > > On 05/11/2016 06:41, Tom Herbert wrote: > > On Fri, Nov 4, 2016 at 10:01 AM, Stefano Previdi (sprevidi) > > <sprevidi@cisco.com> wrote: > >> > >>> On Nov 4, 2016, at 5:03 PM, 神明達哉 <jinmei@wide.ad.jp> wrote: > >>> > >>> At Fri, 4 Nov 2016 11:16:34 +0000, > >>> Tim Chown <Tim.Chown@jisc.ac.uk> wrote: > >>> > >>>>> Huh? The segment routing header is far from imaginary. > >>>> > >>>> But what do you deduce is really being specified in the SRH drafts? > >>>> > >>>> In draft-ietf-6man-segment-routing-header-02 it says in section 2.2: > >>>> [...] > >>>> which implies the SRH uses encapsulation, and doesn’t insert an EH > >>>> in the existing header chain. > >>> > >>> My understanding is that actual implementations don't follow what's > >>> written in the draft and do insert an SRH: > >>> https://www.ietf.org/mail-archive/web/ipv6/current/msg24236.html > >> > >> > >> In fact, there are implementations that do what’s written in the draft and also do header insertion for some use cases. The use cases applies to controlled environments where, typically, a EH is inserted at ingress and removed at egress. This is the reality of v6 segment routing implementations used over v6 infrastructure of some operators. > >> > > FWIW, the SR patches currently under review for Linux also do this. I > > did point out the discussions about EH insertion happening on this > > list, but I doubt that we would disallow patches based on that. My > > recommendation was to put a big disclaimer in the documentation and > > allow user to configure it with the assumption they know what they're > > doing. > > Which IMNSHO is exactly why we should *not* leave this ambiguous in 2460bis. > (I don't care what people do in the privacy of their own domains. I also have that view, except that based on experience, if those domains are connected to the Internet, they leak due to improper configuration or bugs in devices (EH insertion is likely to be more complicated code than encapsulation, so there is likely to be more possibility for bugs.) That imposes costs and consequences on parties that had and have no say in the local domain decision. If they can't impose some sort of penalty or cost on the originator, the receiver has no choice but to wear the cost. In the least it should be possible to identify who is creating the problem. EH insertion does not contain any attribution, unless the inserted EH recorded an insertion device source IP address or ASN. Without that, the inserted EH could have been inserted by the AS where the packet originated, or at any of the other ASes the packet traversed before it arrived and caused problems. It is impossible to tell. I suspect there would be objection to saying that inserted EHs MUST record insertion IP address or ASN, due to the overhead of carrying that information. I also suspect per packet overhead is the reason EH inserters want to avoid encapsulation. I think that overhead price is worth paying compared to the trouble silent EH insertion anywhere in the packet path could cause. So in your own domain is fine as long as your own domain is not and never connected to others' domains and the Internet. Regards, Mark. > I do care > what is needed for interoperability across the Internet.) > > Brian > > > > > Tom > > > >> s. > >> > >> > >> > >>> (And my understanding is that the desire of some people to make the > >>> "actual" behavior explicitly standard-compliant is one major > >>> background motivation of why we are having this thread.) > >> > >>> > >>> -- > >>> JINMEI, Tatuya > >>> > >>> -------------------------------------------------------------------- > >>> IETF IPv6 working group mailing list > >>> ipv6@ietf.org > >>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > >>> -------------------------------------------------------------------- > >> > >> -------------------------------------------------------------------- > >> IETF IPv6 working group mailing list > >> ipv6@ietf.org > >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > >> -------------------------------------------------------------------- > > > > -------------------------------------------------------------------- > > IETF IPv6 working group mailing list > > ipv6@ietf.org > > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > > -------------------------------------------------------------------- > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
- SRH insertion vs encapsulation (Re: Next steps on… 神明達哉
- Re: SRH insertion vs encapsulation (Re: Next step… Stefano Previdi (sprevidi)
- Re: SRH insertion vs encapsulation (Re: Next step… Tom Herbert
- Re: SRH insertion vs encapsulation (Re: Next step… Brian E Carpenter
- Re: SRH insertion vs encapsulation (Re: Next step… Mark Smith