IETF Logo Mail Archive

Re: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts

"Adrian Farrel" <adrian@olddog.co.uk> Tue, 10 January 2017 20:31 UTC

Return-Path: <adrian@olddog.co.uk>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68FB7129551 for <opsawg@ietfa.amsl.com>; Tue, 10 Jan 2017 12:31:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.609
X-Spam-Level:
X-Spam-Status: No, score=-2.609 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WlKxElQN1X0N for <opsawg@ietfa.amsl.com>; Tue, 10 Jan 2017 12:31:40 -0800 (PST)
Received: from asmtp3.iomartmail.com (asmtp3.iomartmail.com [62.128.201.159]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F4FD12941C for <opsawg@ietf.org>; Tue, 10 Jan 2017 12:31:39 -0800 (PST)
Received: from asmtp3.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp3.iomartmail.com (8.13.8/8.13.8) with ESMTP id v0AKVW0p010120; Tue, 10 Jan 2017 20:31:32 GMT
Received: from 950129200 ([176.241.250.3]) (authenticated bits=0) by asmtp3.iomartmail.com (8.13.8/8.13.8) with ESMTP id v0AKVQT5010072 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO); Tue, 10 Jan 2017 20:31:29 GMT
From: Adrian Farrel <adrian@olddog.co.uk>
To: "'Frank Brockners (fbrockne)'" <fbrockne@cisco.com>, 'Stewart Bryant' <stewart.bryant@gmail.com>, opsawg@ietf.org
References: <96c75d75-6f97-fe68-071d-5567049de9e7@ece.iisc.ernet.in> <009501d25cf6$a4468180$ecd38480$@gmail.com> <003801d25d3b$4064d7d0$c12e8770$@gmail.com> <010d01d25dd6$19284620$4b78d260$@gmail.com> <BBA82579FD347748BEADC4C445EA0F21A228C30E@NKGEML515-MBX.china.huawei.com> <00c001d26299$f85d7b40$e91871c0$@gmail.com> <4A95BA014132FF49AE685FAB4B9F17F6588609BD@dfweml501-mbb> <834abd4a049840bca3a502bb8176896f@XCH-RCD-008.cisco.com> <4A95BA014132FF49AE685FAB4B9F17F6588648F4@dfweml501-mbb> <0fd47cc0-0be2-5de8-adee-f158459b434a@gmail.com> <18a85eb482ed47aabe5541d3e83b3a44@XCH-RCD-008.cisco.com>
In-Reply-To: <18a85eb482ed47aabe5541d3e83b3a44@XCH-RCD-008.cisco.com>
Date: Tue, 10 Jan 2017 20:31:26 -0000
Message-ID: <068901d26b80$873c2f20$95b48d60$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_068A_01D26B80.87518BE0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHg4vnWR5v432oN2FWlwXhKRdV4dgHxzwc5AaMPa0oA7MmnagJf1zmqAcJ0aZ0BWEps+gKnixcCAfiVncUC0aYotAFUfBXDoH8lgpA=
Content-Language: en-gb
X-TM-AS-MML: disable
X-TM-AS-Product-Ver: IMSS-7.1.0.1679-8.0.0.1202-22816.002
X-TM-AS-Result: No--22.104-10.0-31-10
X-imss-scan-details: No--22.104-10.0-31-10
X-TMASE-MatchedRID: HQYVVRq48RxbJCKOm3VRCeouc5Rcf1B04p9VExuMJHYm6JhtHWuMW5c8 eqth2UId/flNh6lyyiMTRDzcDa8P617OZ6hrwwnzHS85RveNS21WFhmPLWym/jYXvCcxGGp+iBG 7WL/69SrjykDShmCBVUZ5oFjxiFLjShVPkKm2lvrOxDyJFXIPjjB/C0unHjEScFkNEZCZtETmIn 4kYPio+x6Hacd6Ohq7b8JTZf0kEztQCOsAlaxN7wX3vTgk3QifYz3gRzJw0jADMkpMRObQYofmA d2LoSk4SOvfp1aYQV/PmshbRFtLmBHf9lfjXPwBYFcXtV6/VcStEaJoVjyWkAyynkZWI36xfy0K nk7pA9emWOD8X0TFhCa1MaKuob8P1kqyrcMalqUFXFSkfaz0cZXLlkiTJShQid1mj8AKQqrCy0B NncwiaVxJZ8YPrXNB5gCHftmwEML4qCLIu0mtIPiynjEO4PxsUVJt+090MRkhRpNnHMrjxTptlr ZxFN/ZP5iRLzRS/nWA4Hx6X8aUJbTEjNWvtSVv1w77uTBlRocRZcCYVXElTsDmcKB+tXsTtQg39 nI5JdwwfXl56Qt5SJ7tR0mnRAg1k5iBTXtRc1fQpokFSTvCgN61y++iSofC8O5NESxCxq0XHfJB aPIRgIiceOuNnLyWsI1luDQRZBqUi9wB9gmcSlZt4We6JrdSqbGmESDmzk8xovHAbNsCBhM3po1 onLURAWDNA+xV8d5lFfOakgteg99InWSoxyrBdE0auG3MZh/JDYYjH5TVG8zgr2j+cNVOYm7k8L 82wXSCekhlvPDAcqoS9tQ2r9eNzJHaSc2zFBGbKItl61J/yZUdXE/WGn0FSlnU38LCY8t/S1bC2 HFvXbmjfIGRDEdmF70JBot7Y8+DlAzmlSEV0umgN8lEcMsqA4kXGEwGlRbBUpmhNlVS+kTjnMQ7 07rQ
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/OauShSxXDgRKPnusLSk-oH8UtFU>
Subject: Re: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: adrian@olddog.co.uk
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2017 20:31:44 -0000

Frank,
You probably used short-hand, but I think you mean "visited a particular set of nodes in a particular order".
 
I agree with Stewart where we can make reasonable assumptions about trust domains (e.g. where a breach in the trust domain is going to allow far worse things to happen). But I am not sure that SFC is within that environment, and I understood this work to be targeted at the path a packet might follow in *any* application space.
 
*And* I agree with Linda that we need to be careful to avoid making the solution too complicated (a way to address that might be to not try to do so much with one solution), and definitely avoid burdening platforms with per packet processing if they lack the capabilities to handle it at the required speed. I think that needs some more thought, however, given the availability of accelerators etc., etc.
 
Adrian
 
From: OPSAWG [mailto:opsawg-bounces@ietf.org] On Behalf Of Frank Brockners (fbrockne)
Sent: 10 January 2017 19:19
To: Stewart Bryant; opsawg@ietf.org
Subject: Re: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts
 
 
We probably need to differentiate things based on the use case, i.e. 
 
1) *prove* in a secure way that a packet visited a particular set of nodes
2) *provide some hint* (e.g. to help operations) whether a packet visited a particular set of nodes 
 
The POT mechanism in draft-brockners-proof-of-transit-02.txt is very much targeted at 1) – and the target box to perform these mechanisms is probably more like a firewall or similar, which would have the capabilities to do a bunch of operations on a packet – and differ from a core/backbone router. 
 
Frank
 
From: OPSAWG [mailto:opsawg-bounces@ietf.org] On Behalf Of Stewart Bryant
Sent: Dienstag, 10. Januar 2017 20:10
To: opsawg@ietf.org
Subject: Re: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts
 
I share that concern.
I think that for this to fly, there needs to be a hardware friendly version.
It also seems to me that lots of applications would be satisfied with an approach that assumes that all routers are honest, perhaps simply setting a bit in a bit field, reserving the ultra-cautious check for special faults or special operating environments.
Stewart
 
On 10/01/2017 17:52, Linda Dunbar wrote:
Frank, 
 
Your suggested approach requires egress node to do the computation of “(Secret +RND) mod prime” and perform the comparison for every packet. For a node with hundreds of ports and each with 10G-100G capacity, the computation & comparison would be very heavy. 
 
Linda
 
From: Frank Brockners (fbrockne) [mailto:fbrockne@cisco.com] 
Sent: 2017年1月3日 7:43
To: Linda Dunbar  <mailto:linda.dunbar@huawei.com> <linda.dunbar@huawei.com>; Ram Krishnan  <mailto:ramkri123@gmail.com> <ramkri123@gmail.com>; Zhoutianran  <mailto:zhoutianran@huawei.com> <zhoutianran@huawei.com>; opsawg@ietf.org
Subject: RE: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts
 
Hi Linda,
 
thanks for supporting https://tools.ietf.org/html/draft-brockners-inband-oam-requirements-02.txt.
 
On https://tools.ietf.org/html/draft-brockners-proof-of-transit-02.txt: Could you elaborate a bit more why you believe that the approach would be too complicated for the egress node? All it takes for the verifier node is to perform a “(Secret + RND) mod prime” operation and compare this to the CML number received in the packet (RND and CML are the two numbers carried within the packet). 
 
Thanks, Frank
 
 
From: OPSAWG [mailto:opsawg-bounces@ietf.org] On Behalf Of Linda Dunbar
Sent: Dienstag, 3. Januar 2017 14:27
To: Ram Krishnan <ramkri123@gmail.com>; Zhoutianran <zhoutianran@huawei.com>; opsawg@ietf.org
Subject: Re: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts
 
I support WG Adoption of https://tools.ietf.org/html/draft-brockners-inband-oam-requirements-02.txt 
But I don’t support the detailed mechanism described in https://tools.ietf.org/html/draft-brockners-proof-of-transit-02.txt to be adopted. I think the approaches described are too complicated for the egress nodes. 
 
Linda Dunbar
 
From: OPSAWG [mailto:opsawg-bounces@ietf.org] On Behalf Of Ram Krishnan
Sent: 2016年12月30日 6:41
To: Zhoutianran <zhoutianran@huawei.com>; opsawg@ietf.org
Subject: Re: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts
 
Hi Tianran,
I can see the new draft playing predominantly a complementary role. I have summarized some of the key areas and also added comments, please see below.
1)      https://tools.ietf.org/html/draft-brockners-inband-oam-requirements-02.txt 
-       Complementary role of new draft:
o   Minimizing of In-band Telemetry Header for a specific use case such as latency measurement
o   Data export options 
§  Summarizing monitoring information to build a scalable solution – for example, alert the central management system only when 99th percentile queue depth exceeds a high threshold for a flow
§  Flow mirroring
o   Service chaining use case (independent and coupled with underlay/overlay) – describes how network monitoring can help in identifying server side issues and pave the way to dynamic resource orchestration to remedy the issue 
 
2)   https://tools.ietf.org/html/draft-brockners-inband-oam-data-02.txt
-       Complementary role of new draft: 
o   Minimizing of In-band Telemetry Header format 
o   Data export options format
 
-        Comments on above draft: 
o I am surprised to see http://p4.org/wp-content/uploads/fixed/INT/INT-current-spec.pdf not being referenced.
 
3)   https://tools.ietf.org/html/draft-lapukhov-dataplane-probe-01
 
-        Comments on above draft: 
o   The above id focusses on injected probe packets. The new draft is applicable to all packets including injected probe packets.
 
4)   Mapping in-band telemetry to different transport protocols – new contribution (this could be a separate draft or might be input to be above drafts)
o   Complementary role of new draft:  
§  IPSEC use case for WAN and DC (beyond internet connectivity) and mapping  
§  VXLAN-GPE/Geneve/NSH mapping
5)   https://tools.ietf.org/html/draft-brockners-proof-of-transit-02.txt
 
-        Comments on above draft: 
o   One of the key reasons for packets following a path different from a traffic engineered/service chain path is misconfiguration. With that background,
§ With an administrative domain, practical service verification scheme(s) (https://datatracker.ietf.org/doc/draft-irtf-nfvrg-service-verification/?include_text=) could suffice
§ The elaborate proof of transit scheme suggested in this draft is possibly applicable across administrative domains where it may not be possible to mandate service verification. Additionally, when the path is changed dynamically based on intermediate node state it is not clear how this scheme will work.
 
Thanks,
Ramki
 
From: Zhoutianran [mailto:zhoutianran@huawei.com] 
Sent: Sunday, December 25, 2016 10:57 PM
To: ram krishnan <ramkri123@gmail.com>; opsawg@ietf.org
Subject: RE: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts
 
Hi Ramki,
 
Thanks for bringing a new I-D to this WG.
Could you please state the relationship or potential overlay with the In Situ OAM serial I-Ds and also ( <https://tools.ietf.org/html/draft-lapukhov-dataplane-probe-01> https://tools.ietf.org/html/draft-lapukhov-dataplane-probe-01)?
 
Best,
Tianran
 
From: OPSAWG [ <mailto:opsawg-bounces@ietf.org> mailto:opsawg-bounces@ietf.org] On Behalf Of ram krishnan
Sent: Saturday, December 24, 2016 7:09 PM
To:  <mailto:opsawg@ietf.org> opsawg@ietf.org
Subject: [OPSAWG] FW: FW: WG adoption poll for In-Situ OAM drafts
 
I support adoption of these drafts. 
 
In addition, I would like bring a closely related draft to your attention --  <https://datatracker.ietf.org/doc/draft-krishnan-opsawg-in-band-pro-sla/?include_text=1> https://datatracker.ietf.org/doc/draft-krishnan-opsawg-in-band-pro-sla/?include_text=1
 
This draft brings some important contributions in the area of requirements and data formats for
-          IPSEC tunneling 
-          Pre-construction/minimizing of Telemetry header
-          Service chaining – benefits beyond the network interconnect
 
I was hoping to get this draft out by Seoul timeframe and make it in person, unfortunately couldn’t. Looking forward to discussions and collaboration on this interesting topic.
 
Thanks,
Ramki
 
---------- Forwarded message ----------
From: ram krishnan <ramkri123@gmail.com>
Date: Fri, Dec 23, 2016 at 1:59 PM
Subject: FW: [OPSAWG] WG adoption poll for In-Situ OAM drafts
To: Ram Krishnan <ramkri123@gmail.com>
 
 On 12/7/16 01:36, Zhoutianran wrote:
Hi All,
 
 
 
In Seoul, we got enough interest on the In Situ OAM work and positive
response on related drafts.
So this email starts a formal poll for adoption the following I-Ds.
 
 
 
 <https://tools.ietf.org/html/draft-brockners-inband-oam-requirements-02.txt> ​​
https://tools.ietf.org/html/draft-brockners-inband-oam-requirements-02.txt
https://tools.ietf.org/html/draft-brockners-inband-oam-data-02.txt
https://tools.ietf.org/html/draft-brockners-proof-of-transit-02.txt
 
 
 
To be efficient, we have the poll for three I-Ds in one thread. But you
can give your opinion on each of them. And the result is per I-D.
 
 
 
The question is:
Do you think that the WG should adopt all or some of these drafts?
 
 

-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 



 
-- 
Thanks, 
Ramki



_______________________________________________
OPSAWG mailing list
OPSAWG@ietf.org
https://www.ietf.org/mailman/listinfo/opsawg

v2.23.0 | Report a Bug | By Email