Re: [nvo3] Shim header of vxlan-gpe
"Fabio Maino (fmaino)" <fmaino@cisco.com> Sun, 17 November 2019 12:49 UTC
Return-Path: <fmaino@cisco.com>
X-Original-To: nvo3@ietfa.amsl.com
Delivered-To: nvo3@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F34D91200F5; Sun, 17 Nov 2019 04:49:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Bfmx8Knt; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=y3lyIUsJ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SoOcMMOr-i71; Sun, 17 Nov 2019 04:49:06 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2EB7A120052; Sun, 17 Nov 2019 04:49:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=27145; q=dns/txt; s=iport; t=1573994946; x=1575204546; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=20stKxKtIITf47aikoQddxm7A/KzIoa3gc/XvMahA9w=; b=Bfmx8KntCBrfRF+VJklyX9QVDC3fwefMuejXp4dF13fBoAVqaa8kpEdQ G04B9cs64qHzcGoPcX7UMT3gzrPyvUxbDL5ekUEWe+rdUGKMyGLPzyOUR MSU/MBXgebLqYAEdq2yttzE4RwM4RL1fNsuo1IQLwQ87wNGu63bEbRIet I=;
IronPort-PHdr: 9a23:gBOOPx+zOqH/Ef9uRHGN82YQeigqvan1NQcJ650hzqhDabmn44+/bR7E/fs4iljPUM2b8P9Ch+fM+4HYEW0bqdfk0jgZdYBUERoMiMEYhQslVcCAAEz9K9bhbjcxG4JJU1o2t3w=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CvAABVQdFd/5tdJa1lGQEBAQEBAQEBAQEBAQEBAQEBEQEBAQEBAQEBAQEBgX6BHC8kLAVsWCAECyqEKYNGA4pzgl6JWI4oglIDVAkBAQEMAQEtAgEBhEACF4IMJDgTAgMLAQEEAQEBAgEFBG2FNwyFUQEBAQEDEhEdAQE3AQ8CAQgRAwEBASgDAgICHxEUCQgCBAENBSKDAAGBeU0DLgECohYCgTiIYHWBMoJ+AQEFhRYNC4IXCYE2jBUYgUA/gREnH4JMPoIbgkoWgloygiyOOYFahUeJRo5MQQqCKpE3hBgbgj6XU45IgUGJCo89AgQCBAUCDgEBBYFpIoFYcBVlAYJBCUcRFJEag3OKU3SBKI1lAQE
X-IronPort-AV: E=Sophos;i="5.68,316,1569283200"; d="scan'208,217";a="365574896"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 17 Nov 2019 12:49:05 +0000
Received: from XCH-ALN-020.cisco.com (xch-aln-020.cisco.com [173.36.7.30]) by rcdn-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id xAHCn5uZ020384 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Sun, 17 Nov 2019 12:49:05 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-ALN-020.cisco.com (173.36.7.30) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sun, 17 Nov 2019 06:49:04 -0600
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sun, 17 Nov 2019 07:49:03 -0500
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Sun, 17 Nov 2019 07:49:03 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bwh7zM8in1jR7UwM2GwbeZpBIvpgr0IuvirhJ4YezFKASnTtyYDO4pt6Je0bHL3QhGhoqy4FnehfgIxnlfTdaz+bSiDGx8IXFFutAy25Wd5zXPf0cPwCjI2CYg74ipiCzEvObE67J7UpxqmKpJr0whQNrD312iUMcWUg5L0D9tb5IDlwt3JrWL5Yk43IRsZ+5TedC3ucCgmbZsKJnKgRh8CHiEoBIUifdOb6dThDDJC0+WxLTgLeJK4O5tut86ZLCYeeYhoykNhDhUZLmeS7EJPAgOil4U7PhT7v5vDPpdX/lbQaUqb+w44eDzqP23RrwAXu84lIwbP0l1xLwNPBSw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=20stKxKtIITf47aikoQddxm7A/KzIoa3gc/XvMahA9w=; b=ogYQ4UjqCF6SNmbflyL8pNpUQM0rwplmwtXJbo6TwWx7+3Vldi02TxDEXgRsXaC0EfLlwGwppUnX6HMMUM76GrPVMmZ+pg8V1t26E3n+DGEvZS7UcKBQx4yvTGgFB73pj7rR3IL18P33K21bnGG6G98K/Y5uSqZ/VNa8qALsO9cruVXv7Ed2F7RfpWT21UUNdqnfKGE41Tb70yxI4z3Irhrwq5jxWZ4sH0kC9ip2LJzpOTjgX20BexkeaN06rDELP3xRXqAI8f4GFqSI3HTkO+GsXbq+WSeu1uDM3dprGDGauILSDogV+oard3NfJ9DhnGbqcV11a/PV+uDuevzWmw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=20stKxKtIITf47aikoQddxm7A/KzIoa3gc/XvMahA9w=; b=y3lyIUsJKWdqylExSPSsVvFOa3x3JOw0CC80zn3UNvzfwwdWw5bVjqJ/cZUYG/M7PAsw8/uE0rHOiYeVWihpkWcD9IAJdH++JmUFucefJ/jytWgYC9wSOU75zFyV+rRiOByW8cmasqji+mcQsqRDzTvdMDRiJeWJiOaDoBfR3EI=
Received: from BY5PR11MB4420.namprd11.prod.outlook.com (52.132.255.20) by BY5PR11MB4337.namprd11.prod.outlook.com (52.132.254.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.28; Sun, 17 Nov 2019 12:49:02 +0000
Received: from BY5PR11MB4420.namprd11.prod.outlook.com ([fe80::6956:598b:379f:eb6]) by BY5PR11MB4420.namprd11.prod.outlook.com ([fe80::6956:598b:379f:eb6%5]) with mapi id 15.20.2451.029; Sun, 17 Nov 2019 12:49:01 +0000
From: "Fabio Maino (fmaino)" <fmaino@cisco.com>
To: "Liubing (Remy)" <remy.liubing@huawei.com>, Lizhong Jin <lizho.jin@gmail.com>, "draft-ietf-nvo3-vxlan-gpe@ietf.org" <draft-ietf-nvo3-vxlan-gpe@ietf.org>
CC: "draft-lemon-vxlan-lisp-gpe-gbp@ietf.org" <draft-lemon-vxlan-lisp-gpe-gbp@ietf.org>, "nvo3@ietf.org" <nvo3@ietf.org>
Thread-Topic: Shim header of vxlan-gpe
Thread-Index: AQHVgW4UhBBQVWlcikqWt5JK+qqwR6doZkmAgAPIsQCAIfeRAA==
Date: Sun, 17 Nov 2019 12:49:01 +0000
Message-ID: <51E983ED-EC80-4DB3-AFAE-A62DB45252D2@cisco.com>
References: <D78E94DA-9F61-4C72-A02C-4B0DA0396BC5@gmail.com> <4F44C944-C954-483A-9246-5356FF2F97DD@cisco.com> <BB09947B5326FE42BA3918FA28765C2E010A6B5E@dggemm526-mbs.china.huawei.com>
In-Reply-To: <BB09947B5326FE42BA3918FA28765C2E010A6B5E@dggemm526-mbs.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1f.0.191110
authentication-results: spf=none (sender IP is ) smtp.mailfrom=fmaino@cisco.com;
x-originating-ip: [2001:67c:1232:144:5486:1118:600:584d]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 965f5ed2-f9bc-440f-1562-08d76b5c85a9
x-ms-traffictypediagnostic: BY5PR11MB4337:
x-microsoft-antispam-prvs: <BY5PR11MB43374BC73ACBAB39FD409572C2720@BY5PR11MB4337.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 02243C58C6
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(979002)(4636009)(39860400002)(136003)(396003)(376002)(366004)(346002)(189003)(199004)(85654002)(4326008)(71200400001)(186003)(2501003)(486006)(14444005)(256004)(6246003)(46003)(229853002)(71190400001)(6486002)(25786009)(86362001)(2616005)(5660300002)(6436002)(6512007)(476003)(236005)(6306002)(54896002)(446003)(11346002)(99286004)(36756003)(53546011)(6506007)(7736002)(14454004)(64756008)(66946007)(66476007)(66556008)(102836004)(66446008)(6116002)(76176011)(81166006)(81156014)(478600001)(8936002)(33656002)(76116006)(9326002)(2906002)(58126008)(316002)(8676002)(54906003)(110136005)(91956017)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:BY5PR11MB4337; H:BY5PR11MB4420.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: tVIUXwkdMFBZMmffIDqxS/+FAuiF3fKkF4t7uGbhpwLJsPH1RPt7nEUuVdL/qdMYj1tWMwtdvKqT+8ossGU1g1I5VbPFr/4OfWiv6jWzDmX3qCgKlorCrpiio6QAwETFhH1iwW+oLIH04F6/b4QR6BO1gMTEEuHBTJ21ZFmmUewewyfK3F7GMpyL8c5zd7xasC7gAlp6ZVBJkmeOszHiQTniPLxvLqijStfXBimlaNnfv7sLhNxDm3yxPD+qP6GDS/Xt8+2jfHivTmth8rInzceXZDcB6kpG0X2Y9QdPCI5s9GapnUazXiX83otaiO+jQ2R0gpyHGw2nm0PAqKu3FgGaI6jQOMaFIUkExkJ7PrWdbWHquxeEg++2N2HvcjUupcR9xsjxrlr4dYDQjb/qrzHTAWDuJv6FcMKadpLCX/dDp5BRLqQHGVJxRe6l0SiwB5KQpeSpQ3cB7BskCLinYQ==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_51E983EDEC804DB3AFAEA62DB45252D2ciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 965f5ed2-f9bc-440f-1562-08d76b5c85a9
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Nov 2019 12:49:01.6750 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Cvd4wCf6cGTpUPxGK+nmylbFzwPtACTU+XFr3ndNRS6wWrRIPqBc6MyTxjmR0d9Ljfgb+/zER7254EL+nsz8iA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4337
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.30, xch-aln-020.cisco.com
X-Outbound-Node: rcdn-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/nvo3/wT_N2xzveYVoGTHY6V5c7TDdIl0>
Subject: Re: [nvo3] Shim header of vxlan-gpe
X-BeenThere: nvo3@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Network Virtualization Overlays \(NVO3\) Working Group" <nvo3.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nvo3>, <mailto:nvo3-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nvo3/>
List-Post: <mailto:nvo3@ietf.org>
List-Help: <mailto:nvo3-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nvo3>, <mailto:nvo3-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Nov 2019 12:49:09 -0000
Hi Remy, Thanks for your comments. See my notes below. I’ll include this discussion in Monday’s presentation as well. From: "Liubing (Remy)" <remy.liubing@huawei.com> Date: Friday, October 25, 2019 at 6:01 PM To: Fabio Maino <fmaino@cisco.com>, Lizhong Jin <lizho.jin@gmail.com>, "draft-ietf-nvo3-vxlan-gpe@ietf.org" <draft-ietf-nvo3-vxlan-gpe@ietf.org> Cc: "draft-lemon-vxlan-lisp-gpe-gbp@ietf.org" <draft-lemon-vxlan-lisp-gpe-gbp@ietf.org>, "nvo3@ietf.org" <nvo3@ietf.org> Subject: RE: Shim header of vxlan-gpe Hi Fabio, I also have some questions regarding to the shim header. If I understand it correctly, the logic of the shim header is similar to the non-critical TLV in GENEVE. But I think some clarification is required. Quote from the draft: "Implementations that are not aware of a given shim header MUST ignore the header and proceed to parse the next protocol." The definition of "implementations" is not clear enough. The implementation can be a transit node or the NVE and the related operations should be differentiated. In my opinion, the NVE should not or even must not ignore any shim header, while the transit node can do this. [FM] The goal of the shim headers is to provide a simple mechanism to incrementally deploy new GPE features without the need to update the implementation of each transit node between two tunnel endpoints, while not panting the packet with shim headers of unknown type to the ‘slow’ path. I’ll update the text to clarify that the MUST ignore refers to transit nodes. Another point may need to be clarified: does "...are not aware of a given shim header..." mean that the device have to at least know that there is a shim header and how long it is so that it can skip the header to parse the next protocol? If the device can't recognize any shim header, i.e. it does not know the meaning of "0x80 to 0xFF", the packet must be dropped in this case? [FM] The shim headers MUST have the specified format, so an implementation of GPE will be able to parse shim headers as long as their type is between 0x80 and 0xFF (and they’re formatted properly). I’ll update the text in this way, that I hope will address also Lizhong comment: Transit nodes that are not aware of a given shim header type MUST ignore the header and proceed to parse the next protocol. Shim headers can be used to incrementally deploy new GPE features without updating the implementation of each transit node between two tunnel endpoints, and without panting the packet with shim headers of unknown type to the ‘slow’ path. Thanks, Fabio Best regards, Remy From: nvo3 [mailto:nvo3-bounces@ietf.org] On Behalf Of Fabio Maino (fmaino) Sent: Thursday, October 24, 2019 6:15 AM To: Lizhong Jin <lizho.jin@gmail.com>; draft-ietf-nvo3-vxlan-gpe@ietf.org Cc: draft-lemon-vxlan-lisp-gpe-gbp@ietf.org; nvo3@ietf.org Subject: Re: [nvo3] Shim header of vxlan-gpe Hi Lizhong, Sorry for the delay. Vxlan-gpe version 08 should now contain the appropriate reference to [I-D.lemon-vxlan-lisp-gpe-gbp]. Let me know if I’m missing anything. I know designing ASICs with the added flexibility required by the shim headers comes at a cost. Ultimately implementations will have to choose which extensions to support, and how much buffer to dedicate for unsupported extensions. I don’t think there’s a general rule that can be applied. Do you have any suggestion? Restricting to control plane functions might be too much, even some of the OAM features might end up being implemented in the dataplane. Wrt GBP it’s a fairly well known use case, but not universally deployed so we wanted to leave to implementors the decision to support or not that extension. Thanks, Fabio From: Lizhong Jin <lizho.jin@gmail.com<mailto:lizho.jin@gmail.com>> Date: Saturday, October 12, 2019 at 7:29 PM To: "draft-ietf-nvo3-vxlan-gpe@ietf.org<mailto:draft-ietf-nvo3-vxlan-gpe@ietf.org>" <draft-ietf-nvo3-vxlan-gpe@ietf.org<mailto:draft-ietf-nvo3-vxlan-gpe@ietf.org>> Cc: "draft-lemon-vxlan-lisp-gpe-gbp@ietf.org<mailto:draft-lemon-vxlan-lisp-gpe-gbp@ietf.org>" <draft-lemon-vxlan-lisp-gpe-gbp@ietf.org<mailto:draft-lemon-vxlan-lisp-gpe-gbp@ietf.org>>, "nvo3@ietf.org<mailto:nvo3@ietf.org>" <nvo3@ietf.org<mailto:nvo3@ietf.org>> Subject: Shim header of vxlan-gpe Resent-From: <alias-bounces@ietf.org<mailto:alias-bounces@ietf.org>> Resent-To: Fabio Maino <fmaino@cisco.com<mailto:fmaino@cisco.com>>, Larry Kreeger <lkreeger@gmail.com<mailto:lkreeger@gmail.com>>, <uri.elzur@intel.com<mailto:uri.elzur@intel.com>> Resent-Date: Saturday, October 12, 2019 at 7:29 PM Hi GPE authors, I recently review the GPE draft and the shim header design. I saw the "Next Protocol" assigned to GBP changed from 0x6 to 0x80, and the reference of [I-D.lemon-vxlan-lisp-gpe-gbp] should be updated from version 01 to version 02 which confused me in my first reading. I am not clear why GBP do such kind of update, do you have any design principles for the "Next Protocol" assignment for range from 0x80 to 0xFF? Some practical design principles in the document would benefit the industry. And since shim header is a TLV style, I tend to ask if it would be practical to restrict the shim header to be used only for OAM and control purpose. That would greatly simplify the ASIC design. Regards Lizhong
- [nvo3] Shim header of vxlan-gpe Lizhong Jin
- Re: [nvo3] Shim header of vxlan-gpe Fabio Maino (fmaino)
- Re: [nvo3] Shim header of vxlan-gpe Liubing (Remy)
- Re: [nvo3] Shim header of vxlan-gpe Lizhong Jin
- Re: [nvo3] Shim header of vxlan-gpe Fabio Maino (fmaino)