IETF Logo Mail Archive

Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Yimin Shen <yshen@juniper.net> Thu, 20 February 2020 15:38 UTC

Return-Path: <yshen@juniper.net>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EF3F1208E6; Thu, 20 Feb 2020 07:38:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.199
X-Spam-Level:
X-Spam-Status: No, score=-2.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URI_NOVOWEL=0.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=N5C0Ff1i; dkim=pass (1024-bit key) header.d=juniper.net header.b=MtPWv22z
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qCD8dF_P3I_1; Thu, 20 Feb 2020 07:38:36 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8E20120959; Thu, 20 Feb 2020 07:38:36 -0800 (PST)
Received: from pps.filterd (m0108158.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 01KFbLxk018366; Thu, 20 Feb 2020 07:38:33 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=i2KT9cV90PH01kuhQsVYp35jIYl/+D75QRyOIcGOKeo=; b=N5C0Ff1iXJR3/kxpWoCTKJ+1rMho7zAvTRHSn2IfmKZHhGeS7vMisEWi0xqXWTMcG8pv y3HVIKII66OBQhWQcPqJbE0u1Tec5HeAwwx8FD7Cy2Wrwrq59VCci0ihia6nd7ImQVsm kLVP3ctjPrMJmuZ3IBJ6XzCPEfj1Ax+ZJpSyZ8gXFi8Ek5o9+NttqJxtwEyoemOnKkQI F3pV/+BZLnNIQYrL1KWsPVe96XZOULoMGmF2B79abEzGzsI/zbsORkCYf2jdpw3Cgy+u iT42QhGfy2SXkTVMvVqmgWL3EnfZYubS+aMfd9wTSDZ/Mx2j9HsKJE15P4hBgX8kSIlq pg==
Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2170.outbound.protection.outlook.com [104.47.56.170]) by mx0a-00273201.pphosted.com with ESMTP id 2y9m4dgwey-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 20 Feb 2020 07:38:33 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nQ/LiukxAEMugvVg4WLr1VPcOmtPXACYMclgTw+M+Yrv4TaoPOqxy/1Xng+7wX40FAmGrlGLpxYoPDkVP5P7TeKufrpEPEEwjMVqqk2GrjYITpovAHMgnrKYmMGZ4sFmNiWdGqAIDxh1hEX/v/Pc645XCxxMdn9dQ6gWS7PA7Zac9zQf4aGwzY2h0smQb8Fe7GGc6r3cloFqoZF366BRlDURpitAlRyV+0LHMxvPHtN98hkcbKr/9qmwUfGbh6XDzLvRWxq2GxN4oPbU/YKxSyxkLDKjdAo+3/k16Mwyyw3+5h5Uu641EF1CZ/boOVJp3H6bMkFLmsAjM9s71ws0Pg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=i2KT9cV90PH01kuhQsVYp35jIYl/+D75QRyOIcGOKeo=; b=K+gJjgkbf/eiN9+4ghvdzTxsF/hBNhp0jquetRMbKpAPbyEyaWtLyQ7IMiblmdEXklMLD/Z68RC+/UmvEtCkxJJf1WR4q2bnEhAHlL8aQMyibu2osBmegoqrXm1+WMxjcfZqHJ9CkSW3pYRlsSmt6EcSTgn4qmE4zrsPsfI6wJ2r7NHdk1ED9FflNNSD6o/4HKBS1y0u6jzw2YoLNo+th8x8Bnwp1wlEqa5GwmBTv4Qo1DZHlmf7dcxbQHkzstdriHrl9A4XPKLMh1GH/adQ+3v/oPh3Ajk7epvkHgFYnLTu7H+BkWaKmoLIpnIkDZF0ch0rkxaMmn3FSKJtfudltg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=i2KT9cV90PH01kuhQsVYp35jIYl/+D75QRyOIcGOKeo=; b=MtPWv22zQFclLVPOXCGWOxE4whAZk1aFIcWzijOsujzVfyLnI6A+9iW0tJrYEAHHvipvrS8zyazYuk9dZ69Aq+IfPAsLgg98Y3DxxAcxrHspGz3NoVA4PcOuILU0KNj7M5hsYNpWVbsxtK/kkWNA7eVyj5e4KjvgxUJMbfOd3yo=
Received: from BYAPR05MB5126.namprd05.prod.outlook.com (2603:10b6:a03:9a::26) by BYAPR05MB4149.namprd05.prod.outlook.com (2603:10b6:a02:92::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.13; Thu, 20 Feb 2020 15:38:31 +0000
Received: from BYAPR05MB5126.namprd05.prod.outlook.com ([fe80::9d24:3518:be60:efe5]) by BYAPR05MB5126.namprd05.prod.outlook.com ([fe80::9d24:3518:be60:efe5%4]) with mapi id 15.20.2729.033; Thu, 20 Feb 2020 15:38:31 +0000
From: Yimin Shen <yshen@juniper.net>
To: Huaimo Chen <huaimo.chen@futurewei.com>, "draft-hu-rtgwg-srv6-egress-protection@ietf.org" <draft-hu-rtgwg-srv6-egress-protection@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection
Thread-Topic: Mail regarding draft-hu-rtgwg-srv6-egress-protection
Thread-Index: AQHVy9ksQiG/U6AcPUqlM8La4y6P26ftaU61gAIxPLGACMm5AIAB8gZLgCnFzQA=
Date: Thu, 20 Feb 2020 15:38:31 +0000
Message-ID: <37A51C4E-369C-43FE-A7EE-4708D4F1A818@juniper.net>
References: <AE1BCB69-6913-46B9-9250-1AC829665B7F@contoso.com> <SN6PR13MB2271B90EA5807F48073F2C49F2360@SN6PR13MB2271.namprd13.prod.outlook.com> <SN6PR13MB2271810425DBE6ED7F3BEEF9F2300@SN6PR13MB2271.namprd13.prod.outlook.com> <12EC8457-1F1E-43C7-BC91-4D1BA6D71884@juniper.net> <SN6PR13MB2271A332004AC7E87EDECD4EF20E0@SN6PR13MB2271.namprd13.prod.outlook.com>
In-Reply-To: <SN6PR13MB2271A332004AC7E87EDECD4EF20E0@SN6PR13MB2271.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Enabled=true; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Name=Juniper Business Use Only; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Enabled=true; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_ContentBits=0; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Method=Standard; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_ActionId=78337eac-a6d4-4af6-a74c-00004b75ac4a; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_SetDate=2020-01-15T19:06:47Z;
user-agent: Microsoft-MacOutlook/10.22.0.200209
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 9eeada29-3be1-4263-d4c8-08d7b61af086
x-ms-traffictypediagnostic: BYAPR05MB4149:
x-microsoft-antispam-prvs: <BYAPR05MB4149319EEEDB37B16DFE939FBD130@BYAPR05MB4149.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 031996B7EF
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(376002)(39860400002)(136003)(396003)(346002)(199004)(189003)(81166006)(91956017)(6512007)(76116006)(66476007)(64756008)(66946007)(6486002)(2906002)(81156014)(66446008)(5660300002)(66556008)(86362001)(8676002)(45080400002)(316002)(966005)(33656002)(110136005)(71200400001)(53546011)(36756003)(2616005)(6506007)(478600001)(186003)(26005)(8936002); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB4149; H:BYAPR05MB5126.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: rkad1SEecdDKaNviYf1mD9t2K61bTTfYmNcsVtfPnl+fPyffKBfj/J47GCIlwPr+VfbArfgNaMHB6gwI6LQ5fWS9es7LyJSS/FZKwL+KRo8Vxxkt3g3hfqRPMd041PVJ1IQtL9XGgNSV6IMHCBuOlnECbaiNECKXOc5Ma/RPqxZdbpM9zj0LxRh/ytx1VEIQF4G9uVav87w64FXAKXTdncTyQN/tjwwet/C4MPc24SMa1bMAZkppkkRuUZ32GrDiWfc/Cu4IJj0EmGtC7c8r1ugDHDcJL1t6e8WMM4yqsIn7GfxZse2ULFTTHk0jJx+GLwpmgip1Snv9jGjb/DTquSPcZShVd/BnzCDSqMSli+a1N+SM4/FWRM+9vcWZB626dbyOsmKvXLI2lR7XeR7UlGnuuFaoiepKU6K45BB6OKUGBjiSif8iYCFnNCPxnthy6hoCi9+h4g+2laTiMA8fzpPa8cmDFEIrqeR1m0+xRAhgY1yEpasdpNJAsbhRaG3YyztzCctG4djm8idQvrqbew==
x-ms-exchange-antispam-messagedata: Cn5dndIlUX+9v9sAW65N/j9/YBCt+t0OaFB4t7n09VojBrr5iSdwH/AEIMqtLjVUbF0N6prntxrs/08PEw5y0BGqy9KK+anQVKSptdFkl9uosUNavmbF7N/z6O+5AT0PmaCLXgFAXWJXt68JhvQOfA==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_37A51C4E369C43FEA7EE4708D4F1A818junipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 9eeada29-3be1-4263-d4c8-08d7b61af086
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Feb 2020 15:38:31.5108 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cK6my3zCjoe+sLYexVDXWDW32QxibDbf+XC301bf7IirrY6O3uVw7paD0KLx6YV+fmNbn2ZRZi05J/cEzVEPsw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB4149
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-02-20_04:2020-02-19, 2020-02-20 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 adultscore=0 spamscore=0 impostorscore=0 malwarescore=0 bulkscore=0 suspectscore=0 phishscore=0 lowpriorityscore=0 mlxscore=0 priorityscore=1501 mlxlogscore=999 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2001150001 definitions=main-2002200114
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/442kkSJhkzReEPuKyrrUHBqsQWI>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Feb 2020 15:38:41 -0000

Hi Huaimo, authors,

>>> Node P1's pre-computed backup path for PE3 is from P1 to PE4 via P2.

I’m still concerned that there is no details in this draft about the procedures how a PLR computes a backup path to the protector, in both of the two cases below.

[1] the primary locator is routable.
[2] the primary locator is not routable.

Thanks,
-- Yimin


From: Huaimo Chen <huaimo.chen@futurewei.com>
Date: Friday, January 24, 2020 at 5:30 PM
To: Yimin Shen <yshen@juniper.net>, "draft-hu-rtgwg-srv6-egress-protection@ietf.org" <draft-hu-rtgwg-srv6-egress-protection@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Hi Yimin,

    Thank you very much for your questions/comments.
    Our answers/explanations are inline below.

Best Regards,
Huaimo
________________________________
From: Yimin Shen <yshen@juniper.net>
Sent: Thursday, January 23, 2020 3:01 PM
To: Huaimo Chen <huaimo.chen@futurewei.com>; draft-hu-rtgwg-srv6-egress-protection@ietf.org <draft-hu-rtgwg-srv6-egress-protection@ietf.org>; rtgwg@ietf.org <rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Hi Huaimo, authors,

I have some further comments and questions about this draft. Some of them are fundamental.

In section 3:

>>> Node P1's pre-computed TI-LFA backup path for PE3 is from P1 to PE4 via P2.

You cannot rely on TI-LFA to compute a backup path for egress node protection. In egress node protection, there may not be a TI-LFA path (e.g. if you remove the link between P3 and P4), but P4 should still be able to provide the protection. I think the draft should support this case and this kind of topologies.

[HC]: This is a good catch. We will use backup path instead of TI-LFA backup path for egress node protection. The draft has been  updated accordingly.

>>> PE3 has a locator A3:1::/64 and a VPN SID A3:1::B100.  PE4 has a locator A4:1::/64 and a VPN SID A4:1::B100.

I'm not sure if you can assume that locator and service SID are de-coupled. If you read draft-ietf-spring-srv6-network-programming and draft-ietf-bess-srv6-services, locator is embedded in service SID. How do you handle this ?

[HC]: In fact, in the text above as you mentioned, the locator A3:1::/64 that PE3 has is a part of the VPN SID A3:1::B100; the locator A4:1::/64 is a part of the VPN SID A4:1::B100.

>>> When PE3 fails, node P1 protects PE3 through sending the packet to PE4 via the backup path pre-computed.  P1 modifies the packet before sending it to PE4.  The modified packet has destination PE4 with mirror SID A4:1::3, and SRH with PE3's VPN SID A3:1::B100 and the mirror SID A4:1::3 (i.e., "A3:1::B100, A4:1::3; SL=1").

How does P1 know about the mirror SID ?

[HC]: The mirror SID is distributed by IGP (OSPF or IS-IS). P1 knows the mirror SID through IGP.

>>>   For protecting the egress link between PE3 and CE2, when the link fails, PE3 acting as PLR like P1 detects the failure and forwards the packet to PE4 via the pre-computed backup path from PE3 to PE4.  When PE4 receives the packet, it sends the packet to the same CE2.

What does the encapsulation look like, in terms of IPv6 DA and SRH ? How does PE3 know about the mirror SID ?

[HC]: PE3 also knows the mirror SID through IGP, which distributes the mirror SID. When the link fails, PE3 as a PLR encapsulates/modifies the packet as follows: the modified packet has destination PE4 with mirror SID A4:1::3, and SRH with PE3's VPN SID A3:1::B100 and the mirror SID A4:1::3.

Thanks,

-- Yimin


From: Huaimo Chen <huaimo.chen@futurewei.com>
Date: Friday, January 17, 2020 at 7:54 PM
To: Yimin Shen <yshen@juniper.net>, "draft-hu-rtgwg-srv6-egress-protection@ietf.org" <draft-hu-rtgwg-srv6-egress-protection@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Hi Yimin,

    Thanks very much for your suggestions/comments.
    The draft has been updated accordingly.
https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.com%2Fv3%2F__https%3A%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-hu-rtgwg-srv6-egress-protection%2F__%3B!!NEt6yMaO-gk!TDva0v6bD2UzkBVmAXlu3SHbiLLda_7eyqu28BCLs97rtLsnzRTaNah22w8KUjA%24&amp;data=02%7C01%7Chuaimo.chen%40futurewei.com%7Cdc68094f998c4624680008d7a03f08c7%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637154064906843548&amp;sdata=763BOw%2F6npr9q64hjiPyuykWw8bI2GV0c%2BdcVhqvfn8%3D&amp;reserved=0<https://urldefense.com/v3/__https:/nam03.safelinks.protection.outlook.com/?url=https*3A*2F*2Furldefense.com*2Fv3*2F__https*3A*2Fdatatracker.ietf.org*2Fdoc*2Fdraft-hu-rtgwg-srv6-egress-protection*2F__*3B!!NEt6yMaO-gk!TDva0v6bD2UzkBVmAXlu3SHbiLLda_7eyqu28BCLs97rtLsnzRTaNah22w8KUjA*24&amp;data=02*7C01*7Chuaimo.chen*40futurewei.com*7Cdc68094f998c4624680008d7a03f08c7*7C0fee8ff2a3b240189c753a1d5591fedc*7C1*7C0*7C637154064906843548&amp;sdata=763BOw*2F6npr9q64hjiPyuykWw8bI2GV0c*2BdcVhqvfn8*3D&amp;reserved=0__;JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSU!!NEt6yMaO-gk!ShXW6GjWY5lV87iok-x1N-GVG93aRcHLoACviUYabpelXA07ZNvYHmmPl9U9M6k$>

Best Regards,
Huaimo

From: Huaimo Chen <huaimo.chen@futurewei.com>
Sent: Thursday, January 16, 2020 10:24 AM
To: Yimin Shen <yshen@juniper.net>; draft-hu-rtgwg-srv6-egress-protection@ietf.org <draft-hu-rtgwg-srv6-egress-protection@ietf.org>; rtgwg@ietf.org <rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Hi Yimin,

    Thank you very much for your suggestions/comments.
    I will add reference RFC 8679 with some texts into the draft.

Best Regards,
Huaimo

From: Yimin Shen <yshen@juniper.net>
Sent: Wednesday, January 15, 2020 2:22 PM
To: draft-hu-rtgwg-srv6-egress-protection@ietf.org <draft-hu-rtgwg-srv6-egress-protection@ietf.org>; rtgwg@ietf.org <rtgwg@ietf.org>
Subject: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Hi authors,

I’d like to suggest this draft to reference RFC 8679.

In particular, RFC 8679 as a generic EP framework with a lot of general discussions (see the points below), which are applicable to both MPLS and IPv6 data plane, and all types of transport tunnels. However, this draft seems to have almost no consideration or discussion on these topics. I don’t think the draft needs to repeat these discussions, but I suggest to add a section(s) to discuss these points generally by referencing RFC 8679.

• general scope and requirements
• transport layer failure/protection vs. service layer failure/protection
• applicability
• failure detection mechanisms
• egress node protection
• egress link protection
• relationship between EP and global repair
• co-existing of different types of transport tunnels and bypass tunnels
• security


Thanks,

-- Yimin Shen
Juniper Networks

v2.23.0 | Report a Bug | By Email