Re: [Last-Call] Last-call comments on OAM in SRv6 draft
"Zafar Ali (zali)" <zali@cisco.com> Fri, 09 April 2021 06:24 UTC
Return-Path: <zali@cisco.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2461D3A109D; Thu, 8 Apr 2021 23:24:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.917
X-Spam-Level:
X-Spam-Status: No, score=-11.917 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=gVjZr3HX; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=aUOq23tn
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sTohB701Tzvb; Thu, 8 Apr 2021 23:24:13 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24E1A3A1066; Thu, 8 Apr 2021 23:24:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=41251; q=dns/txt; s=iport; t=1617949442; x=1619159042; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=TqCb+R6FF4AnrqweWEJ1AT2jCOxL7yKx1NFCWx+k4rg=; b=gVjZr3HXDk6mDh8CRiV0g6kK8I9ZbnBPsQlMKknTuSqEEB3OPBxLp3w7 3jta7S72/ljpX7ZxyzoJU2qFosIckW1tReloNft25gq1ekOf9Jhpt/BKn rkHyloRQYDzUNd53QwhSpse2AQgV2iSFKRKpYY5O1ah4amAXL8zLC3LiF g=;
X-IPAS-Result: A0AOAAC88W9gmIgNJK1aGgEBAQEBAQEBAQEDAQEBARIBAQEBAgIBAQEBggECAQEBAQsBgSIwIy5+WjYxCoQ4g0gDhTmILiUDgQmJJY8NgUKBEQNUCwEBAQ0BASoIAgQBAYRQAheBYAIlNwYOAgMBAQEDAgMBAQEBAQUBAQECAQYEFAEBAQEBAQEBaIVQDYZEAQEBAQMjHQEBNwEPAgEIEQMBAiEBCQICAh8RHQgCBAENBRSCXQGBflcDLwECDJ92Aoofd4EygQGCBAEBBoE3Ag5BgxkNC4ITAwaBOQGCdYQHAQGEJXqBLyccgUlCgRMnDBCCKQcvPoIeQgEBAgGBIxJIDYJqNYIrgVgBcQIwJwsEUQIvMhoKDDEKCAIHASoEGwQaCA4IEZAvLAmDJYdpnUU5WwqDC4EhiEKGSYcYhTgEH4NNiniGEpAalRWLaoMWj0SEZQICAgIEBQIOAQEGgWoigVtwFWUBgj5QFwIOjh8MDQmDToUUhQkBO3MCNgIGAQkBAQMJfIlRASYHgQcBgQ4BAQ
IronPort-PHdr: A9a23:WBJCjxCklsGu0Y93kcGmUyQVnBdPi93PFgcI9poqja5Pea2//pPke VbS/uhpkEShdYre4vNAzeHRtvOoVW8B5MOHt3YPONxJWgQegMob1wonHIaeCEL9IfKrCk5yH MlLWFJ/uX3uN09TFZXxYlTTpju56jtBUhn6PBB+c+LyHIOahs+r1ue0rpvUZQgAhDe0bb5oa husqgCEvcgNiowkIaE0mXP0
IronPort-HdrOrdr: A9a23:W4vETarb10WdRvuGTlC217gaV5tpK9V00zAX/kB9WHVpW+SivY SHgOkb2RjoiDwYRXEnnpS6NLOdRG7HnKQV3aA4Bp3neAX9omOnIMVZ7YXkyyD9ACGWzIBg/I 9aWexFBNX0ZGIUse/T6gO1Cstl5dGB/ryhi+u29QYTcShBQchbnmBEIyycFVB7QxQDIJI/Go aV6MYvnUvfRV08aMOnCn4ZG9XSvtGjruOmXTcqJT4CrDOPgzSh9aLgH3Gjvis2fjtTzd4ZgB P4uiPj4KHLiYDf9jb90Cvp441SiJ/dzLJ4dbCxo+w0DhmptQqyfoRmXNS5zXAIicWi8kwjnt WJgzpIBbUI11rrcmu4oQTg1mDbuV5EgRKPuDzo40fLmsD3SCk3DMBMn+tiA2bkwnA9t9Jx2r 8j5RP+i7NrDAjNlCm4x9/EWwACrDvNnVMekPUeh3EabI0GaLU5l/1nwGppFv47bUbHwbFiNN MrINDX5f5Qf1/fRWvepHNTzNulWWl2NguaQ2AZ0/blkAR+rTRc9Q811cYflnAP+NYWUJ9f/d nJNaxuifVnUtIWV6RgH+0MKPHHSFDlcFbpCia/MF7nHKYINzbmsJjs+og44+msZdguwIYtno /CFHdVr3Q7dU6rKcDm5uwPzjn9BEGGGRj9wMBX4JZ0/pfmQqDwDCGFQFcy18S6pfESBdDaRu azNJpaD+SLFxqoJa95mynFH7VCI3gXV8MY/vwhXUiVn87NIor28uzXGcyjYobFIHIBYCfSE3 EDVD/8KIFr9UawQEL1hxDXRjfockz79pRgDbjC84EoudEwH7wJljJQpUWy58mNJzEHmLcxZl FCLLTulb7+o3K382bO52BgIQFcEU5R/bXlXxpx1Es3GnKxVYxGl8SUeGhU0nfCDAR4VdnqHA lWoEky5bi6NIWKxScpC8uuN2WTi3d7ngPTc74s3om4oev1cJIxCZgrHJFrHQLQDhpvhEJBs2 FYcjIJQUfZCxLjgaiol4YvGenabtVw6T3bevJ8mDb6jwG8rdtqbmYHVzSuOPTn8DoGdn5xvB lN1IMxxJCHgi2iLGMjhv9QCiw9VE2nRJRcDAqEY41InKvMYw8YdxbRuRWqzzcuZ2Ht60Iewk vmICH8Q4CWPnNt/lZFz63t7FR4Ml+4Qns1QHV7vYphfF6250pb2fOXZ6a1zmuaYkYDxOZYKz 3efT4OOGpVtqKK/QKOlC3HHXsrwYhGBJ2vMJ0zN77UwX+jM4uOiOUPGOJV5o9sMJT0vvYMSv /3QX7bEBroT+co0ReSvHArJW19r2Qli+rh3HTenSWF9W96BfrZO1J9Qb4HZ9ma8mj/Xv6NlJ F0l8g8s+f1MmL/bLe9uO3qRi8GLhPYumitSe407ZhSoKIprbN2W4DBTiGg7gAO4DwuaMPv0E 8OSqVy577MfodpYswJYipcul4kjs6GIkcnuhH/a9VOM20FnjveJZeE8rDIob0gDgmaqAz8NU KW/idd8/3GNhHzn4IyGuY1OyBbeUI84HNt8KeebIXWEhytbPwG81ygMHOxGYUtAZStCPEVtF J97N6JlePMKHa91wDUoDdhIqVBt2ygWti/BQqQGehOt9y2UG789ZeC8Yq2lnPwTzD+dkETwY tCfkYUZt5YijYjgJYsuxLCAZDfswYgiR9G/TpjllTxwYCo72fQAFFePWTi8+FrdCgWNmLNkN /M/ueZ3mns+TRJ2ZHME0FLY9FFcuJgOLTfPmNpMsgfvLmh4qopjGBCeX4VfhsBtAw=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.82,208,1613433600"; d="scan'208,217";a="673352436"
Received: from alln-core-3.cisco.com ([173.36.13.136]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 09 Apr 2021 06:24:00 +0000
Received: from mail.cisco.com (xbe-aln-005.cisco.com [173.36.7.20]) by alln-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id 1396O0Wm008552 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Fri, 9 Apr 2021 06:24:00 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xbe-aln-005.cisco.com (173.36.7.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.792.3; Fri, 9 Apr 2021 01:24:00 -0500
Received: from xfe-rcd-002.cisco.com (173.37.227.250) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 9 Apr 2021 02:23:59 -0400
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (72.163.14.9) by xfe-rcd-002.cisco.com (173.37.227.250) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3 via Frontend Transport; Fri, 9 Apr 2021 01:23:59 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Xsqa/vy8zrQxdqwsaqDHuuT0kDsrRx1w4yNz7XdkzJ03H/z3ca76ffpS0ZBfr5ZWPpZ3ml2LMULrc5JoRfKVwCSxsVrbgmHYcjBIpQJeW16hotUSqn4iyrRh24VdgWUuiIRqL1QFmralS627v9ORUuxdLEwkdm3yEnOEmayKGMCAcNbWaiLn2kqWEq7I5aAPfHIhxsCe2m9eaBxN6I9gVr1is5T5owvNN5LEi8H3/ybOvqowVR0cwsNVPXrjFGFDZD9qxlEHfGqELnIIZwPMWIV8orY+8UmNgmFTN4tidEzSVZ7JztuJz8NnPySRHn1Y+5AjXdCg5ItLu/B/JWFJmw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TqCb+R6FF4AnrqweWEJ1AT2jCOxL7yKx1NFCWx+k4rg=; b=Ss9elXloeIsZu7pd4zfvles3M8PcQCLKH4zvJShIBSbrVt4xYiEr820F9dSl3bFCFDVcGJEk3tE4UKAKDqBJdpGmfc8u1o/gcRpKlXH0o4KEwgOc9y98HRPcKqt070GFAAQEDwpkPUgP8hD6cQGqWGPLRn26r0kMsQq9O0kQ+JMhPL125A1bLDv0IUJ1bgTLet53OCr3MWkbjubqO9txKnfMni9MMTkY0bqbvjKjKW2HtyQkwCy6YSDld9lItEARDZ8h6mTPXBNCCJMT3601+x2LBh3jix7DjVFskZ0tqqyfURgxVLo3q5NWUs5pQGoG+ZMgs3s7BBAJ7+FoNwcYBA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TqCb+R6FF4AnrqweWEJ1AT2jCOxL7yKx1NFCWx+k4rg=; b=aUOq23tnVgWfktd6U0RzE/1GN28bhw5Uxf00myiq7AbOKULXdleg1JWwVtIgmrv6jkA6sHolWH7qrlbI7wAb6NgRUWyliY/lrfKcGhi+CLeic2ilPaLAPgbckNIMwyGjuXY2JnpIEAfrTm3RGhZrF8R2Y3zdI/cgYMuqji+rcik=
Received: from DM6PR11MB4692.namprd11.prod.outlook.com (2603:10b6:5:2aa::11) by DM6PR11MB4346.namprd11.prod.outlook.com (2603:10b6:5:1dd::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3999.32; Fri, 9 Apr 2021 06:23:58 +0000
Received: from DM6PR11MB4692.namprd11.prod.outlook.com ([fe80::9156:1513:54bf:2fe3]) by DM6PR11MB4692.namprd11.prod.outlook.com ([fe80::9156:1513:54bf:2fe3%9]) with mapi id 15.20.4020.016; Fri, 9 Apr 2021 06:23:58 +0000
From: "Zafar Ali (zali)" <zali@cisco.com>
To: Greg Mirsky <gregimirsky@gmail.com>, "last-call@ietf.org" <last-call@ietf.org>, "draft-ietf-6man-spring-srv6-oam@ietf.org" <draft-ietf-6man-spring-srv6-oam@ietf.org>, 6man WG <ipv6@ietf.org>, 6man Chairs <6man-chairs@ietf.org>, spring <spring@ietf.org>
CC: "Zafar Ali (zali)" <zali@cisco.com>
Thread-Topic: Last-call comments on OAM in SRv6 draft
Thread-Index: AQHXHcyRXUeoT5WiREGZ/M1qRajsS6qrkzCA
Date: Fri, 09 Apr 2021 06:23:58 +0000
Message-ID: <04FBBB8B-2666-4CC8-8039-232C14C738DD@cisco.com>
References: <CA+RyBmWQHOKoMryWwhWUjd12bs+V=YrctKchFyOZKU4uwQEiOQ@mail.gmail.com>
In-Reply-To: <CA+RyBmWQHOKoMryWwhWUjd12bs+V=YrctKchFyOZKU4uwQEiOQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.47.21031401
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [47.185.233.68]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1e1dc964-fb7e-4254-45b6-08d8fb200f0f
x-ms-traffictypediagnostic: DM6PR11MB4346:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DM6PR11MB4346D8148D7BB82EDAE16474DE739@DM6PR11MB4346.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6790;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: io7Hht5nmjBr4IujWi6fY/hWdNJUcB/bGKaLpPALAqSjArzzKLcHoSEMVTsGc8ozswacvnIKntmi4nc59QeUj0uXUhcRaZRleFMdj/U47HlZg9BWj0v3CXX1WM6CkaXvRmFw6ZhbepCi4IoG3ITOCG8jczox9ym7lGuya6bzjhep9/srknO6AvO2tmSMjg4QTIiEM42zBD6SDhanOVCsnp0cfUYCCjRVQmay9ceiE7gRc525FUGvG7y8V7tI3hKzELgoqbIRDC0qyi9yAxvSayAy5kZBrCDImxqDAvxkxU69b5dYWqjilFAuNskZU25+nQBzjK1ODxOn7Lyq/aQINd/axkMsF/JksQlz7NRH72TCtiZWwqAVDkFmGAcl0Wys43ia0Hn3zJKLcdu677wfh0Ym428lmKZSw5AcoQwlp9BFWeE1o7jms9EyaLu6gpqV6gdJEjeiSmj8YlI2fuUmxRmzjxIo40WhXcaOmwBhuafw42seKKqjkwccloJPo2tSq+aa5Fw8zZ+mqZbKOCEajEEWef1q4tDAlQU4lddmi9b2w+Hsx4qqvoDrsDPSfNU5tGf89gKpKonmY9jC/ZCHv+QQ8+OZfJ/bZ86tdT19x7m/qb3qPVZxFbBrNAwUIzXySI8GhxABQoYTWKNyU0LA/W1eDkC66hjMAbaPngwuaHYflG0edy6b4D5w6aq4JXJYZkpd+YVVqKmy7Qviz7fUHQhp5SzzEfLRKe4O8+uUE7Da03Pb1xJ+OTXtBs0/5GuK5lhciO/gq4GLaqePblK9wA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR11MB4692.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(376002)(396003)(366004)(346002)(39860400002)(136003)(6486002)(316002)(83380400001)(33656002)(110136005)(8676002)(26005)(66946007)(91956017)(86362001)(76116006)(4326008)(66476007)(66446008)(64756008)(186003)(66556008)(2906002)(38100700001)(966005)(166002)(36756003)(53546011)(9326002)(6506007)(8936002)(5660300002)(2616005)(71200400001)(107886003)(478600001)(6512007)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: pjYhiTFe6h5gsVHpAJ92aKZQByIQKO4YPLw8BKoyb+Su9qOSXYpruYnv0kOVe1S/fTYA8NXMl+N0CRXP0xNnyxCTlj8sJtI0hepvRfaMXVosfZtzcLIzyyVvWeCNeGdzOjU4AxZ5xmcNpNJMiXw82pt9B2FwyhRciPJ9CrUQ8VrdFviw+h/3wpflzJ5Ev0ubno66YVoxIjFi5INKAzKwhxBa+jGfX6GL8mD+m5tEfqeXdfL8GSlb9ILoyw8UItWdU9zIdVlXanBRpvL8zCK4npiXRcNiXUbPZViM2xjxhmnNE7nlA/LuM+yivo47Y5LKV+GOPEUxYdSlL345HZa+a9Jk164t5RbMaBsBzRbzvAvTg4gp78VpDN4NCIlb2kZBPPirslwasetOpAB+gyh5v3tnWT7eMSkSvvpUnp3NT8nA6aSrBH8LJvt3TemQsBcz1AYh6Kmg+mJ0vndVk1hXRv4hkc4K3D8PjkF4iFdRbYfwoEG3KV42D1W2uaHH9Q2m/mMEgtRjpdCiysrhg/1rqc1fhHa+XsY4jv8jhOQv812b0d357ix2AvAT19CyOcEnzOR/FAzszAzjKw2hN8NOWxT6N5a91zHDbOCnu62GTuuY/ivYqtmYWH6N0zFCPqNNb8zO0V+WPNgr+uHRnZ2GQRElboqXJt2qu7+Vb5CPXTadFLnHAqhvl5ccAD3hqdGAPvvHrw6BwF2+2VcZjmDyJJjHQZpFNC13W/KCjMZtmNTGVgWf6dGMyi0/g/syogEV8X6h8O7SC4MfcckOJo56lz1oy+sf/n2P4I/FIhJCLmEW8PV3DgVAvEo+zpiS3DM1JyU2phIY9sShMll384uBIf+b36hvBxeI2Tf7AfJ8Nt1gQ0Mv38/v2y5z1UwvduD8+sRhbFAx3+5f4XsoqAsB/eNlXCckzHu65VL/SVbI12hcHhNH5/aunAo+xq9b0szaJJ93OfqbGTk6SgHZw7065VLxLzp2af9DCEXWA9jPIMS2R080lh6I67cS1D2EQ7ykBAvUafgCckZFN/cMo0n3otxtS1vIJg49i/uMZUHkY07n9cLV0yz3ta8rSiMRJlC4nqlZ35LFq04oESXPNnKJrizGyDZPsAK2yDf+vA4NSFgoU09LsX6/LocCXhLtlwj7rTGEQ5kM7vzEI48k3FQHNLt8iUxXlh2ARo5umBYvjW5RfB7BT7krmoLPUpsSBAGUlBhFtCqigfBGum4K+YmMhTD66lvvxI3vWPFxGdbSif9IGANr8XC6qQ3wcJF49uW1nmmC+sIRT8HwCW2GhXbnwcxvGvaQTUwpgizil+LfkLJldt13km7PXgVy1EdA6PgGZJt1AO++of0hqEAiWOWOqQ==
Content-Type: multipart/alternative; boundary="_000_04FBBB8B26664CC88039232C14C738DDciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB4692.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1e1dc964-fb7e-4254-45b6-08d8fb200f0f
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2021 06:23:58.2532 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: S0nE7yHUwKc8BHRjEjgmHS8/3lOxWPmPoMOI6m1svG8lbkfbxF6OOKD85LViabFM
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB4346
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.20, xbe-aln-005.cisco.com
X-Outbound-Node: alln-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/53EksKTlr1-sCQdpFtP3PAXhEWE>
Subject: Re: [Last-Call] Last-call comments on OAM in SRv6 draft
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Apr 2021 06:24:26 -0000
Hi Greg, Many thanks for your comments and offline discussion to help close them; much appreciated. We have uploaded rev 10 to address your comments. https://datatracker.ietf.org/doc/html/draft-ietf-6man-spring-srv6-oam-10 The comments are addressed as in-lined with [ZA] in the following. Thanks Regards … Zafar From: Greg Mirsky <gregimirsky@gmail.com> Date: Saturday, March 20, 2021 at 5:04 PM To: "last-call@ietf.org" <last-call@ietf.org>, "draft-ietf-6man-spring-srv6-oam@ietf.org" <draft-ietf-6man-spring-srv6-oam@ietf.org>, 6man WG <ipv6@ietf.org>, 6man Chairs <6man-chairs@ietf.org>, spring <spring@ietf.org> Subject: Last-call comments on OAM in SRv6 draft Resent-From: <alias-bounces@ietf.org> Resent-To: <zali@cisco.com>, <cfilsfil@cisco.com>, <satoru.matsushima@g.softbank.co.jp>, <daniel.voyer@bell.ca>, <mach.chen@huawei.com> Resent-Date: Saturday, March 20, 2021 at 5:03 PM Dear Authors, 6man and SPRING community, I have read this draft and have several comments I want to share with you. The draft is well-written and I appreciate the work authors put into it. OAM is the essential element of any networking technology and I believe it is important that this document will be published soon after the publication of RFC 8754. Below, please find my comments and questions, some are just an editorial while some may have more technical impact on the document. I appreciate your kind consideration. * As I understand the document, it consists of two parts - informational and standardization. The informational part explains how existing mechanisms like ICMPv6 can be applied in the SRv6 environment. Also, the applicability of RFC 8403 is explained. In the standardization part, the O-flag is defined and its processing described. I am concerned that that part of the draft is significantly underdeveloped as the threats that are created by the introduction of the O-flag are not identified and protection mechanisms are not sufficiently discussed, specified. As it appears, the O-flag use in SRv6 is very much similar to what already and for a long time has been achieved by using ACLs - sampling data flows. Though managing ACL may be operationally intensive, that is a well-secured process. Using O-flag that can be exploited by an attacker without sufficient protection, as currently defined in the draft, is risky and raises the question of benefit vs. risk. It might be that the benefit of the O-flag is marginal comparing to the risk and complexity its introductions brings in SRv6. [ZA] RFC8754 defines the notion of an SR domain and use of SRH within the SR domain. The use of O-flag defined in this document is restricted to an SR domain. Similar to the SID manipulation, O-flag manipulation is not considered as a threat within the SR domain. Procedures for securing an SR domain are defined the section 5.1 and section 7 of RFC8754. Also, SRH Flags are protected by the HMAC TLV, as described in Section 2.1.2.1 of [RFC8754]. We have added this description in the security section of the draft. We have added this text to the security section (please see the rev 10). * in the Introduction section, you've noted that the document "... includes illustrations of pinging an SRv6 SID for the SID connectivity checks and to validate the availability of a SID ..." We know of two modes of path verification - continuity check (CC) and connectivity verification (CV). The former demonstrates whether there is a path between two network systems. The latter - is to verify that only packets transmitted on that particular connection reach the system. If these commonly accepted definitions of CC and CV also applicable in this document, what is verified by "SID connectivity check"? Also, can you point to the definition of availability metric that, according to the statement, is being validated by pinging a SID? [ZA] Thanks for offline discussion and suggested text. The text is updated using the suggested text in rev. 10. * if "classic IPv6 loopback address", as the document suggests is "2001:DB8:A:k::/128", perhaps you can point out a document that established that tradition. [ZA] The use of this addressing is merely for illustration. There is no prior tradition that is referenced or future tradition that is suggested. Perhaps s/ classic IPv6 loopback address/ IPv6 loopback address will address your comment * The O-flag has been introduced as The O-flag in SRH is used as a marking-bit in the user packets to trigger the telemetry data collection and export at the segment endpoints. I think that the definition leaves an open question of whether the O-flag can be set in a test packet originated in the SRv6 domain. For example, can the O-flag be set on BFD control packets periodically transmitted by the SRv6 node? [ZA] In Section 2.1.1, the draft has specific text for handing test packets: “The OAM process MUST NOT process the copy of the packet or respond to any upper-layer header (like ICMP, UDP, etc.) payload to prevent multiple evaluations of the datagram.” * Pseudocode S01.1 suggests that an implementation that supports the O-flag makes a copy of the marked packet and punts that copy to the control plane. Such processing seems to create a new DoS attack vector even though the Security Considerations section does not acknowledge that. It appears that that part of processing should be discussed in the Security Considerations section and mechanisms to mitigate the threat explained. [ZA] Section 2.1.1. says: “The processing node SHOULD rate-limit the number of packets punted to the OAM process to avoid hitting any performance impact.”. This is the mitigation for DoS attacks. However, you correctly note that text is needed in the security section. We’ve added the following: [ZA] Added Text: As noted in section 7.1 of <xref target="RFC8754"/>, compromised nodes within the SR domain may mount attacks. The O-flag may be set by an attacking node attempting a denial-of-service attack on the OAM process at the segment endpoint node. An implementation correctly implementing the rate limiting in section 2.1.1 would not be susceptible to that denial-of-service attack. * In the explanation of traceroute through the reference model some entity is referenced as hop2. What is it? [ZA] It is actually 2nd hop in the traceroute output, which corresponds to link3 in the Figure 1. Your comment is addressed by: s/hop2/ link3 in the sample traceroute output * Perhaps s/SRv6 capable/SRv6-capable/ [ZA] change made in rev 10. * Section 3.2.2 describes SID tracing using UDP transport for a test packet. I couldn't find information on the selection of the destination UDP port number for tracing SID. What is it? [ZA] There is no new UDP port assignment for tracing SID. The UDP ports assigned for “traceroute use” in the following IANA registry are used: https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml. Added text in 3.2.2. * Should note that the method to sample a data flow, described in Section 3.3, is similar to what can be achieved using IOAM's Direct Export trace type<https://datatracker.ietf.org/doc/draft-ietf-ippm-ioam-direct-export/>. Also, the Hybrid Two-Step method of collecting the telemetry information<https://datatracker.ietf.org/doc/draft-mirsky-ippm-hybrid-two-step/> may result in fewer additional packets and simplify the correlation of the collected data. [ZA] As discussed offline, I do not think comparison of approaches is appropriate. Regards, Greg
- [Last-Call] Last-call comments on OAM in SRv6 dra… Greg Mirsky
- Re: [Last-Call] Last-call comments on OAM in SRv6… Zafar Ali (zali)
- Re: [Last-Call] Last-call comments on OAM in SRv6… Greg Mirsky