Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.txt
Tom Herbert <tom@herbertland.com> Tue, 18 April 2017 02:22 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: nvo3@ietfa.amsl.com
Delivered-To: nvo3@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66F3C1277BB for <nvo3@ietfa.amsl.com>; Mon, 17 Apr 2017 19:22:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9yNCRdSfGkmX for <nvo3@ietfa.amsl.com>; Mon, 17 Apr 2017 19:22:43 -0700 (PDT)
Received: from mail-qk0-x22a.google.com (mail-qk0-x22a.google.com [IPv6:2607:f8b0:400d:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5EB312940C for <nvo3@ietf.org>; Mon, 17 Apr 2017 19:22:39 -0700 (PDT)
Received: by mail-qk0-x22a.google.com with SMTP id h67so119507831qke.0 for <nvo3@ietf.org>; Mon, 17 Apr 2017 19:22:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=OeG/TmAg+ClufOyeEpqM0IQvz/Er/858W/icg7BJRFE=; b=gx30iirtAN7AgEO68PpKkHVIk5NnbI/GLxfUWa1rbbpW1c4fqkhEKkQV/TlYSOuIXb GvLEmI8b6k9aExbqHZySnKq194whmoz8tGur4e7DK91hWKNj0XHGNliaYR3BO3Oi7qCW tyidn4grCewfU8uzckZRo2JKbzDyXlNuMalHhqCipzqeNWkp3Ge3Xe5kWQASJvYcz1WI mzQpIwD4U/irGNSfwlyHo8rw9GxsXGo2rlnL6Cb0/hYZl0WaZTgRk0visiGHxy1XUHMY /lkBG4bm1/QAGhRgmBuQhNbMRcmsHhp+SmGdfWCNxPDnvG2MGb4GzU9qXhJpHvSd8INX nltg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=OeG/TmAg+ClufOyeEpqM0IQvz/Er/858W/icg7BJRFE=; b=YV0MQpvt1TCgWjKl24md6sP+C9Hk5nrrGC6DcImICvT6WGMXoJsV5xad7oBbHpYK3e pc340uZsSj6rKrzOXd3+6WJYvXjHe627nHyd1yxAVhRULOrPn3u4ACPKdiN6Cso68QwG kfdrctn8ulOyahZpdGs3asZsoZRQM3BLUYb3mLhoWdobSo8fkYmYcBDKG1NbKrq4v/OZ iPLMZflqxBN7OjOPl1wO3EUZR1blt3Q6VJjj3bKDmmdoOTv/7Dc63yqCSYFPWxLfp7Y5 03pIZhnmo9Q4QHajgQ/dZgwxObCLRQnhsiX7q8vQ5zD20+Rsb0ptyCgEQ2t9BnuzHrGM CGjw==
X-Gm-Message-State: AN3rC/5ycOspgDPAE/knfrzhLchASlJt3le9khCzB0qtRm9fS+eHZs51 jewww91tmhBNX2SSQYY4/jKQuom2wg==
X-Received: by 10.55.191.69 with SMTP id p66mr11073888qkf.77.1492482158968; Mon, 17 Apr 2017 19:22:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.97.10 with HTTP; Mon, 17 Apr 2017 19:22:38 -0700 (PDT)
In-Reply-To: <F90E508C-43DE-4DE2-A3A5-D383AF0A058A@vmware.com>
References: <F90E508C-43DE-4DE2-A3A5-D383AF0A058A@vmware.com>
From: Tom Herbert <tom@herbertland.com>
Date: Mon, 17 Apr 2017 19:22:38 -0700
Message-ID: <CALx6S34ksHCC6ub-qW=ip0Q8w86VPCk6JEZPw5scCob=Z+5e1A@mail.gmail.com>
To: Sami Boutros <sboutros@vmware.com>
Cc: "nvo3@ietf.org" <nvo3@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nvo3/s4NjbnGtWBrINWpGIjlZHUblb28>
Subject: Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.txt
X-BeenThere: nvo3@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Network Virtualization Overlays \(NVO3\) Working Group" <nvo3.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nvo3>, <mailto:nvo3-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nvo3/>
List-Post: <mailto:nvo3@ietf.org>
List-Help: <mailto:nvo3-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nvo3>, <mailto:nvo3-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Apr 2017 02:22:45 -0000
On Mon, Apr 17, 2017 at 4:03 PM, Sami Boutros <sboutros@vmware.com> wrote: > Tom, > > Your points were noted in the data-plane roundtable feedback that we > presented Thursday at IETF. > > The authors will meet to go over the points raised from the roundtable and > update the dt-encap draft accordingly. > Sami, I really don't understand how this WG is supposed to work :-(. The draft was posted to this list for purposes of discussion on the list and now there is a consensus call on the same list. But, the draft has received very little discussion and now we have to wait for the committee to get a response? I implore the Geneve advocates to actively engage with our attempts at critical discussion on the list about this draft or the protocol draft. I gave a more in depth review of the dt-encap draft which some direct questions about the content which should be a starting basis for discussion. Thanks, Tom > Thanks, > > Sami > > > It has been more than two weeks since I posted this. Considering that > there is now a consensus call for Geneve, could someone who is > advocating Geneve please respond to my concerns about this new text > and whether my suggestion for changing the protocol are acceptable. > Strategic silence does not make problems go away... :-) > > Tom > > On Mon, Mar 27, 2017 at 6:08 AM, Tom Herbert <tom@herbertland.com>; wrote: >> The new section "Constraints on Protocol Features" seems to be punting >> the issues that were raised concerning processing of TLVs to a control >> plane which itself is still TDB. This is not normative and if someone >> were implementing a dataplane for Geneve today this provides no >> practical guidance on how to make it interoperable. >> >> Alternatively, to address the TLV processing concerns, I would suggest: >> >> 1) Eliminate non-critical options. This is the most likely source of >> DOS attacks where an attacker just fills up a packet with tiny fake >> options. The counter argument to this is that it's need to roll out >> new features, but TBH I am am skeptical this is really use in the >> datacenter for that. It's more typical we just configure the allowed >> options on both sides or rely on negotiation to specify the known >> options like we do in TCP. >> 2) Enforce an ordering on options as was discussed previously. Maybe >> just require the TLVs to be ordered by type. This eliminates the >> combinatorics of TLVs and since it would be a requirement on the >> protocol the order is well known and should yield interoperable >> implementations. >> >> Tom >> >> >> >> On Mon, Mar 13, 2017 at 2:55 PM, <internet-drafts@ietf.org>; wrote: >>> >>> A New Internet-Draft is available from the on-line Internet-Drafts >>> directories. >>> This draft is a work item of the Network Virtualization Overlays of the >>> IETF. >>> >>> Title : Geneve: Generic Network Virtualization >>> Encapsulation >>> Authors : Jesse Gross >>> Ilango Ganga >>> T. Sridhar >>> Filename : draft-ietf-nvo3-geneve-04.txt >>> Pages : 26 >>> Date : 2017-03-13 >>> >>> Abstract: >>> Network virtualization involves the cooperation of devices with a >>> wide variety of capabilities such as software and hardware tunnel >>> endpoints, transit fabrics, and centralized control clusters. As a >>> result of their role in tying together different elements in the >>> system, the requirements on tunnels are influenced by all of these >>> components. Flexibility is therefore the most important aspect of a >>> tunnel protocol if it is to keep pace with the evolution of the >>> system. This draft describes Geneve, a protocol designed to >>> recognize and accommodate these changing capabilities and needs. >>> >>> >>> The IETF datatracker status page for this draft is: >>> https://datatracker.ietf.org/doc/draft-ietf-nvo3-geneve/ >>> >>> There's also a htmlized version available at: >>> https://tools.ietf.org/html/draft-ietf-nvo3-geneve-04 >>> >>> A diff from the previous version is available at: >>> https://www.ietf.org/rfcdiff?url2=draft-ietf-nvo3-geneve-04 >>> >>> >>> Please note that it may take a couple of minutes from the time of >>> submission >>> until the htmlized version and diff are available at tools.ietf.org. >>> >>> Internet-Drafts are also available by anonymous FTP at: >>> ftp://ftp.ietf.org/internet-drafts/ >>> >>> _______________________________________________ >>> nvo3 mailing list >>> nvo3@ietf.org >>> https://www.ietf.org/mailman/listinfo/nvo3 >
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Tom Herbert
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Sami Boutros
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Tom Herbert
- [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.txt internet-drafts
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Ganga, Ilango S
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Tom Herbert
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Dave Dolson
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Dan Wing
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Dave Dolson
- Re: [nvo3] I-D Action: draft-ietf-nvo3-geneve-04.… Dan Wing