Re: [Last-Call] Tsvart last call review of draft-ietf-sfc-nsh-integrity-06
tirumal reddy <kondtir@gmail.com> Wed, 28 July 2021 14:08 UTC
Return-Path: <kondtir@gmail.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 198D93A11E5; Wed, 28 Jul 2021 07:08:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bSWG19UYTt4C; Wed, 28 Jul 2021 07:08:39 -0700 (PDT)
Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAE7A3A11E4; Wed, 28 Jul 2021 07:08:38 -0700 (PDT)
Received: by mail-lj1-x230.google.com with SMTP id l17so3273913ljn.2; Wed, 28 Jul 2021 07:08:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=scPFQRZVfSXMxCzFqYdzFgfP/s/bNOXjs1Mf+8hqrYY=; b=PRKX631JrMS9bO39JNfh7WMJTUV+HpcgM2gW2Cvko1Q5NyO7FaaPFRPHvkRR8apP+b i5U44dWQ4kYxjETAxuAOI0XC623WozLCLtygzJlxRg1cK0c4RmcL4KjHERHERO39OrG4 QXIHb5A5cJP4IPcEsXKbI1qkn3S5Kljl69Irp91qPfkCIe1/X3b36WmdLPuXDLK+mIyh ZAxPlMYqCRz/vNw1l1ze+diMmbsjQPTvSQnk3aijelVc55VXaNqXx0r1X0eOAGceL0C0 3EWIJP0PJIU/qWNYAapSLIs5YpzbhV5hnrFm7HeJcgsVAxXSXggXmeAalbGd+nmArtVe yK8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=scPFQRZVfSXMxCzFqYdzFgfP/s/bNOXjs1Mf+8hqrYY=; b=lH1DY3jMaPDWexklMg4wvWi7QkP6Pzs7eixoPTquxwGml9TK8gZGHjlJz78qX4hYkY Xla/OnSrL0R/onCk+ICUf5oNHT0Zh60QLWE8J9SaVYZFXyEKObthneVoUOhF4w4Qrj+K KaXv66MR+gBmzYaPDGQSyunxal4IV+Nb8PTJNKBwFTxn0KAKI/pBZyfDzx+l3Q6MTzf6 RL5Jp6Nt/tawu7oxrEQFI6mHgqQB6QoyJ2oZVDXE4RtUbRYR+UI1dcwttPRxU12GMavM THp8z5SuttqpZr77ATzFRiS0/dwTDGZFEQbv/pJjNNi1NEyViC9c8+6kQtfKyVRg3o4C XOEg==
X-Gm-Message-State: AOAM531M/cd8FUvRzhIGjKa+9zn5X7ewq0ZqJAaxcVJ3MKqQYawvmI2F rmnmZrdvUbStbnmVUpPE/xVJmqkHs6EJLwJJ7XXEaPfcoLjJFw==
X-Google-Smtp-Source: ABdhPJyV3qFEjw4MYGJgSzGBYREi3QH0c093MsPm40Lpo0dwYqA37vBVsP2pps5Bnb8kdT5hmNZPS14f8jiY4WEztGk=
X-Received: by 2002:a2e:9ec1:: with SMTP id h1mr57181ljk.0.1627481316217; Wed, 28 Jul 2021 07:08:36 -0700 (PDT)
MIME-Version: 1.0
References: <162727588884.5692.17674077604548999432@ietfa.amsl.com>
In-Reply-To: <162727588884.5692.17674077604548999432@ietfa.amsl.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Wed, 28 Jul 2021 19:38:24 +0530
Message-ID: <CAFpG3gdRLTQvuoaEeRAhDUAqD3yBQ0jdBpZJzSvrJVPN-bMKTg@mail.gmail.com>
To: Joseph Touch <touch@strayalpha.com>
Cc: tsv-art@ietf.org, draft-ietf-sfc-nsh-integrity.all@ietf.org, last-call@ietf.org, sfc@ietf.org
Content-Type: multipart/alternative; boundary="000000000000bb582605c82f85e4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/8xN5weCpV63EQOhnCvEXXVpwsaI>
Subject: Re: [Last-Call] Tsvart last call review of draft-ietf-sfc-nsh-integrity-06
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Jul 2021 14:08:44 -0000
Thanks Joseph for the detailed comment and explanation. We plan to add the following text to address the issue: Note that the term “transport encapsulation” used in this document is equivalent to the term “tunnel encapsulation” used In [ietf-intarea-tunnel]. Cheers, -Tiru On Mon, 26 Jul 2021 at 10:34, Joseph Touch via Datatracker <noreply@ietf.org> wrote: > Reviewer: Joseph Touch > Review result: Not Ready > > This document has been reviewed as part of the transport area review team's > ongoing effort to review key IETF documents. These comments were written > primarily for the transport area directors, but are copied to the > document's > authors and WG to allow them to address any issues raised and also to the > IETF > discussion list for information. > > When done at the time of IETF Last Call, the authors should consider this > review as part of the last-call comments they receive. Please always CC > tsv-art@ietf.org if you reply to or forward this review. > > It was very difficult to review this document for IETF transport protocol > considerations. > > Although "transport encapsulation" is indicated repeatedly, it is never > referred to directly or described either in this document or its > citations. It > appears to be using this term in the sense of RFC8300, which too never > defines > it, but uses examples that are more accurately referred to in the IETF as > link > layer protocols or either network or link tunnel protocols (IP in IP, GRE, > VXLAN, Ethernet). > > Regardless of the fact that this confusion originates in RFC8300, it needs > to > be addressed here and corrected before this document can be reviewed to > determine if there are any IETF transport area issues. > > The remainder of these notes provide detail of this issue. > > ----- > > The document refers back to RFC8300 to define the NSH itself; that document > discusses transport issues just as vaguely (never mentioning a particular > transport protocol), and when it discusses fragmentation, it refers to > section > 9 of a document (draft-ietf-rtgwg-dt-encap-02 from 2017) that had expired > prior > to the publication of RFC8300. Because transport fragmentation is, IMO, a > normative issue, this should not have been permitted. > > Further, Section 9 of that draft incorrectly recommends reliance on ICMP > feedback to address MTU failures when not under a single operator’s > management. > That was widely known even then to be insufficient due to blackholing; > this had > motivated PLPMTUD in RFC4821 a full decade earlier. RFC8300 compounds this > error by simply asserting that the operator should ensure that ICMPs are > not > blocked, overlooking the need to address when this is not the case. > > This document cannot ignore that issue and simply refer to RFC8300 on this > issue. > > Note that one of the only places an actual encapsulation protocol is > mentioned > is RFC8300, in which Section 5 mentions IP and Section 6.1 Table 1 > describes > VXLAN-GPE, GRE, and Ethernet – all of which are described as “transport > encapsulation”. > > If, in fact, IETF transport protocols are being used, at some point the > use of > an actual IETF transport protocol should be described (e.g., TCP, UDP, > SCTP, > DCCP). At that point, the transport issues would be reviewable. As the > document > currently stands, it completely ignores such transport issues and should > not > proceed until this is addressed and re-reviewed. > > If instead, as I suspect, the term “transport encapsulation” actually > refers to > “network layer encapsulation” or “link layer encapsulation” and really > implies > some sort of tunnel, there would be no transport area issues to review > unless > that tunnel were to include a transport protocol as part of the layers of > encapsulation. If that is the case, the document should be revised to > replace > the term “transport” with something that more accurately describes > VXLAN-GPE, > GRE, Ethernet, and IP encapsulation using IETF terminology. Note that > draft-ietf-intarea-tunnels never uses the term “transport” except when > referring to the use of IETF transport protocols as a tunnel layer, e.g. > (i.e., > the last sentence of Sec 8 of this doc is incorrect in implying otherwise). > > (I would also note that neither this doc nor RFC8300 define “transport > encapsulation” in their terminology; even if they would, they should not > attempt to define it in a way inconsistent with widespread use in the > IETF). > > > >
- [Last-Call] Tsvart last call review of draft-ietf… Joseph Touch via Datatracker
- Re: [Last-Call] Tsvart last call review of draft-… tirumal reddy
- Re: [Last-Call] Tsvart last call review of draft-… Joe Touch
- Re: [Last-Call] Tsvart last call review of draft-… Joel M. Halpern
- Re: [Last-Call] Tsvart last call review of draft-… Joseph Touch
- Re: [Last-Call] [sfc] Tsvart last call review of … Joel M. Halpern
- Re: [Last-Call] [sfc] Tsvart last call review of … Joseph Touch
- Re: [Last-Call] [sfc] Tsvart last call review of … Joel M. Halpern