Re: [Rift] Ipv4 and ipv6 cooperating in rift

Antoni Przygienda <prz@juniper.net> Tue, 09 July 2019 16:03 UTC

Return-Path: <prz@juniper.net>
X-Original-To: rift@ietfa.amsl.com
Delivered-To: rift@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCA7F120743 for <rift@ietfa.amsl.com>; Tue, 9 Jul 2019 09:03:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8time3emQbD2 for <rift@ietfa.amsl.com>; Tue, 9 Jul 2019 09:03:43 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38B0A120762 for <rift@ietf.org>; Tue, 9 Jul 2019 09:03:39 -0700 (PDT)
Received: from pps.filterd (m0108157.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x69Fx5FQ027901; Tue, 9 Jul 2019 09:03:38 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=QvRbgQ86GNBuXCBlgvs72ANxAhcFceLLFiYJxNVrgfY=; b=bI3Xf2vScqmr2TFIqaTP0g3HCkaE9NHy0G8r7morCpa+AeKBX2NmZX5dKkUENaGOXHVy GztmXKYtwPiFnscJFlWivs9nX3GJsEOgnLwd25jlGKNC2xT4OM82hSgPKHEX+WE67d53 gHY/Ndxy/7YTsvjjckJilp/Yubj38eK7xHPuFr/JenkQ1OUZgdsTS2qHhdAU7f4w7S5z ETsM4ZGPvCWHjLHoOrbAhCVkL5hx0/ZuRRT+hML+5chTITHBsxGMLVHLoxlD0SoCNCo/ MEllC0SPyy+rAtK4Fi1pqq+Ls2MHRMdY6VdbX4fLQVs76q5/MEXW96Q7FHQWsWYNcHUE Mw==
Received: from nam04-co1-obe.outbound.protection.outlook.com (mail-co1nam04lp2057.outbound.protection.outlook.com [104.47.45.57]) by mx0a-00273201.pphosted.com with ESMTP id 2tmrbf8ktd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 09 Jul 2019 09:03:37 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kEWZchQU5CsWKwsfZdQ/in8ChUzinLdKwmff/FG0daL3yv15daXzjHN4Wrd1Teqg2aMa3X+jmt57xVHL/4kokoYnEKaqKyagSz1tx/O9N3ZBxV0bg7zC2KtMZ1/B0yXNpSF2AMLORvurOa744ZHfhEZsbXtRVE2z+dycsMXvBk+dnemuy1Ep0/rKkFMkzheOWkP+HKR/IOwpep6UnR4wnLYKqcnmCdYJOE3uYan5C1NpP8pbZVqiSGUCpWtCAbFT3fg5bVJQ9WOpDrht1LKSJKt0bCkW5MIEUV/JdrGlg0ZyM/i7t/5jy2DFCfSpTcbqkSdikJRltKq0kWS61nwU2g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QvRbgQ86GNBuXCBlgvs72ANxAhcFceLLFiYJxNVrgfY=; b=WXhaJMKSuTjX3P/YbF9aofDmAsxHykrAjh/NmR0qp7RgOPXHCqSuyaSrdFfJhWEGc8VSgb1ZeBabMU3zNR/0uSvh2q7QkPeGKhTglUiyyZEMIVGJRBI94Gg+ce3YoXZiedQYpEN7QT4TE8g4TYGpojVQdNbBZWxn7ZYSktS1WqrFKrS7ZJwK4nRIBTMBFbIfrSiMu3PBVkZ9oS/hBSF4T52dIzRS7wZyUBxRTRhbrHQkUWWZKWJ7gYTXtuse388PPRRVdUHz1qhkDrrh/a1zTuB5surtcOznBHevaGRVFJXazYNskhIKIDQ2ima5Dmhz2U0JgYshLuod0nuWPLbwhQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=juniper.net;dmarc=pass action=none header.from=juniper.net;dkim=pass header.d=juniper.net;arc=none
Received: from MWHPR05MB3279.namprd05.prod.outlook.com (10.173.229.20) by MWHPR05MB3231.namprd05.prod.outlook.com (10.173.230.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.9; Tue, 9 Jul 2019 16:03:35 +0000
Received: from MWHPR05MB3279.namprd05.prod.outlook.com ([fe80::37:4711:1630:3ff0]) by MWHPR05MB3279.namprd05.prod.outlook.com ([fe80::37:4711:1630:3ff0%10]) with mapi id 15.20.2073.008; Tue, 9 Jul 2019 16:03:35 +0000
From: Antoni Przygienda <prz@juniper.net>
To: "xu.benchong@zte.com.cn" <xu.benchong@zte.com.cn>, "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>, "EXT-zhang.zheng@zte.com.cn" <zhang.zheng@zte.com.cn>, "rift@ietf.org" <rift@ietf.org>
Thread-Topic: [Rift] Ipv4 and ipv6 cooperating in rift
Thread-Index: AQHVNlA8JouTnZSDOEiJbO/Xu4kdL6bCabZD
Date: Tue, 9 Jul 2019 16:03:35 +0000
Message-ID: <MWHPR05MB3279E72D3736A834BB036C9CACF10@MWHPR05MB3279.namprd05.prod.outlook.com>
References: <201907092008143097563@zte.com.cn>
In-Reply-To: <201907092008143097563@zte.com.cn>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [66.129.239.14]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3f3fad20-47bc-4586-982f-08d70486ffaa
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:MWHPR05MB3231;
x-ms-traffictypediagnostic: MWHPR05MB3231:
x-ld-processed: bea78b3c-4cdb-4130-854a-1d193232e5f4,ExtAddr
x-microsoft-antispam-prvs: <MWHPR05MB323127636DD35967ADAD5C10ACF10@MWHPR05MB3231.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0093C80C01
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(346002)(39860400002)(396003)(376002)(366004)(136003)(189003)(199004)(8676002)(6246003)(81166006)(1941001)(54896002)(9686003)(2501003)(81156014)(52536014)(229853002)(53936002)(7736002)(55016002)(6436002)(476003)(66556008)(11346002)(2201001)(68736007)(19627405001)(486006)(8936002)(74316002)(2906002)(76116006)(5660300002)(66476007)(73956011)(66946007)(86362001)(446003)(66446008)(64756008)(33656002)(6116002)(256004)(25786009)(105004)(26005)(66066001)(6506007)(186003)(478600001)(14444005)(53546011)(14454004)(316002)(110136005)(76176011)(99286004)(7696005)(71190400001)(102836004)(71200400001)(3846002)(491001); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR05MB3231; H:MWHPR05MB3279.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: H7as8T5sQ2fw7T751xovLt7RgHhwTvyZA3G4Fj6TiSEmB5e65zaUtEE7VLIsZFNaW1wBABCUyU+gjrGXtW2/Al8QkDFyy7kT2jLDs1Y0m5J1S4s82Xkcy2u3+z5vg4SLBJPQJjkevfMpEXtE6r48CXX9+gIldyJDCYOLKxMs9JHk5VHC/gN0xaL+OU8zRimjdfbANzH9fC9EXcLY3NMMErBagusGmmhCiJ4897czcAKKgjtyuI24oviCuEMoobqdcCkeTII4yjjkTquKQPtsIbOY9jajgR8fpW0V5GgV8R31DwoMB8dLEL0BLvUSP66Bp9uaodouyTsf2SIaLIMtT4wMZW2eLn5fkE19gYjiXfsBqKjsqmjcBy6wWnaeio8UfYRyTBvIOakf97228vGEv20zYiumj8eWYPkqFHqYiYA=
Content-Type: multipart/alternative; boundary="_000_MWHPR05MB3279E72D3736A834BB036C9CACF10MWHPR05MB3279namp_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 3f3fad20-47bc-4586-982f-08d70486ffaa
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jul 2019 16:03:35.5954 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: prz@juniper.net
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR05MB3231
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-07-09_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1907090187
Archived-At: <https://mailarchive.ietf.org/arch/msg/rift/KV_4-k6xNNn0o1305pq4EWRg4xY>
Subject: Re: [Rift] Ipv4 and ipv6 cooperating in rift
X-BeenThere: rift@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of Routing in Fat Trees <rift.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rift>, <mailto:rift-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rift/>
List-Post: <mailto:rift@ietf.org>
List-Help: <mailto:rift-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rift>, <mailto:rift-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 16:03:55 -0000

Hey Benchong, cc:'ing list, good questions obviously that pop out on implementation


  1.  sending LIE only with v4 will not give you a v6 address to send to (since the LIE source address gives the gateway for the AF, that's why we send LIE per AF) so you won't have a v6 GW address to send TIEs to ;-)
  2.  yes, every interface is independent. Observe that v6 support implies v4 as the spec says (since you can FW v4 without a v4 GW if you have a v6 gateway). However, if one side sends v6 only and the other side only v4 they'll never go 3-way since they won't be able to receive. We just added a sentence to the spec saying that if you don't send an AF LIE you MUST NOT receive the same AF LIE since we found that loose end in Bruno's implementation when testing security envelopes.  It will be in -07


<t>All RIFT routers MUST support IPv4 forwarding and MAY support IPv6
    forwarding. A three way adjacency over IPv6 addresses implies support
    for IPv4 forwarding. A node that does not process received IPv6 LIEs
    MUST NOT originate IPv6 LIEs.
    </t>


  1.  IPv6/IPv4 prefix can be mixed in Prefix TIEs. Prefix TIEs do NOT care which interface/AF they are sent over.
  2.  how you build forwarding table and which gateways you use is implemenation dependent but yes, you got the flavor. though your assumption of "Ipv6 destination with ipv4 nexthop" is optimistic. every silicon does v4 so v6 can imply v4, implying v4 fwd'ing allows v6 forwarding fails on good amount of silicon. But again, those are all implementation knobs, spec only says "v6 implies v4" which means "you better fwd. v4 over v6 nexthops if you see v6 LIEs only"

Observe that node TIEs are _not_ carrying the supported AFs on each interface since I think it would lead to undesirable attempts to deploy (some links can do v6) topologies which defeat the purpose of ZTP/simplicity of RIFT. v6 implies v4, if someone wants to fwd' v6 over a fabric where certain links are v4 computations get really weird and operationally such a thing is probably a nightmare anyway. And getting v6 working is trivial, just flip on ND and you're in business (at least control plane wise ;-)

The spec is noit giving implementation advice, it just specifies behavior. In case of doubt looks @ Bruno';s open source. Bruno implemented the whole LIE without ever talking to me and it interop'ed day one without problems.

When you're ready with your implementation to interop, Bruno's code has nice framework you can plug in against open source & Juniper implementation easily

--- tony
________________________________
From: xu.benchong@zte.com.cn <xu.benchong@zte.com.cn>
Sent: Tuesday, July 9, 2019 5:08 AM
To: Antoni Przygienda; Jeffrey (Zhaohui) Zhang; EXT-zhang.zheng@zte.com.cn
Subject: [Rift] Ipv4 and ipv6 cooperating in rift


Hi

I have some questions about ipv4 and ipv6 cooperating in rift.

Ip head of the rift packet can be V4 or V6, and the prefix in TIE also suport V4 or v6.

Can it support the following situations:


1、A rift interface which send LIE with ipv4 head receiving LIE with IPv6 head;

A rift interface which send LIE with ipv6 head receiving LIE with IPv4 head;

Can they build 3-Way neighbor?


2、Some interfaces in a rift instance send ipv4 head packets, and others in the same instance send ipv6 head packets;


3、Ipv4 head TIE packet fill ipv6 prefix;

   Ipv6 head TIE packet fill ipv4 prefix;(RIFT-06 5.2.2: All RIFT routers MUST support IPv4 forwarding and MAY support IPv6

   forwarding.  A three way adjacency over IPv6 addresses implies

   support for IPv4 forwarding.)


4、In rib table of the rift:

   Ipv4 destination with ipv6 nexthop;

   Ipv6 destination with ipv4 nexthop;

   Ipv4 destination with both ipv4 nexthop and ipv6 nexthop;

   Ipv6 destination with both ipv4 nexthop and ipv6 nexthop;



5、The ip head type(v4 or v6) can be configured in rift interface or instance.


It will be better if there are clear instructions in rift protocol.


Thanks!

Benchong