IETF Logo Mail Archive

RE: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Alexander Vainshtein <Alexander.Vainshtein@ecitele.com> Tue, 25 February 2020 13:51 UTC

Return-Path: <Alexander.Vainshtein@ecitele.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 824043A0D33 for <rtgwg@ietfa.amsl.com>; Tue, 25 Feb 2020 05:51:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.49
X-Spam-Level:
X-Spam-Status: No, score=-1.49 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FILL_THIS_FORM_SHORT=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, PDS_BTC_ID=0.499, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ecitele.com header.b=UNBnn8pV; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=eci365.onmicrosoft.com header.b=N/BO8dpU
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HavY3HG0HPHd for <rtgwg@ietfa.amsl.com>; Tue, 25 Feb 2020 05:51:23 -0800 (PST)
Received: from mail3.bemta25.messagelabs.com (mail3.bemta25.messagelabs.com [195.245.230.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC49C3A0D31 for <rtgwg@ietf.org>; Tue, 25 Feb 2020 05:51:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ecitele.com; s=eciselector10072019; t=1582638681; i=@ecitele.com; bh=ohfBiAnZFVFGn+kZPvZ7+/NwiN2m1m9nPmj2GiJLzDQ=; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:MIME-Version; b=UNBnn8pVH8HA3/NYWMbn4UlGzHuRsZskUCRpSvQtvJ2DkBK6dkVyo3/QQVqU99GCe gA3zFkSZxm487U2/QYyWs4yWVq0Bsaa4D16O49HMwk/DuuQM2TJ5GYg2gZiytCU+Ki Kz53yR00QWAhRUH3XnPGQcCW+Z5qrHOQjM5rGZCY=
Received: from [100.112.196.130] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-2.bemta.az-b.eu-west-1.aws.symcld.net id 0D/A0-44550-356255E5; Tue, 25 Feb 2020 13:51:15 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpil+JIrShJLcpLzFFi42IRetuzUTdILTT O4FkPq8W3aU9ZLS6snsJsceHNb2aLjml9rA4sHieWXWH12LzOzWPnrLvsHkuW/GQKYIlizcxL yq9IYM14/nYDW8GrlcwVE47+YWxgnPGPqYuRi4NRYCmzxOYtj9ggnGMsEl+OvmeFcDYzSpw4P okdxGERWMsssWXXP2YQR0hgEpPEh6mvWSGch4wS1z7/AprGycEmYCuxafVdNhBbREBb4uvzjc wgNrNAjcTq9kesILawgKNE/6G37BA1ThLHPx+GssMldi9/B9bLIqAqsa/3N1A9BwevQKJE26N ciF2Xga5Y3cQCUsMpECfRc3sXmM0oICbx/dQaJohd4hK3nswHsyUEBCSW7DnPDGGLSrx8/I8V oj5J4v7ThYwQcUWJGffmsEPYshKX5nczguyVEFCW2PIiFiLsK9F98BgzRFhHYu4EI4hwgcTnW 8ehNqlJLL6ymwXClpHoa5sHDlIJgT0sEq0dH8HWCgkkS5yY8xmqSE5iVe9DlgmMBrOQXD0LaA WzQJ7ErxWSIGFeAUGJkzOfsECU6EvsmXgKytaWWLbwNTOErSdxb8dfVmTxBYzsqxjNk4oy0zN KchMzc3QNDQx0DQ2NdA0tzXSNzPQSq3ST9FJLdctTi0t0DfUSy4v1iitzk3NS9PJSSzYxAhNc SsERqR2MK9e+1zvEKMnBpCTKq/otJE6ILyk/pTIjsTgjvqg0J7X4EKMMB4eSBO9uldA4IcGi1 PTUirTMHGCyhUlLcPAoifCWg6R5iwsSc4sz0yFSpxi9OSa8nLuImePdz8VA8uOqJUDyO5h8th ZE/r97dxGzEEtefl6qlDjvNWWgEQIgIzJK8+AWwLLGJUZZKWFeRgYGBiGegtSi3MwSVPlXjOI cjErCvGdBDuHJzCuBu+MV0IlMQCeu/hMMcmJJIkJKqoEpgS0gf4Hz5kyd2wZfFlrfuXJT+LzD tprpZyRUCg/NWXa55ueju2XWeypt09g3Fuc/9dp/J66E67ROzjFhO835Kus/qe/fXNBRUNN+6 +DsuzYtya9ir21ln5+77XHtwckmS1PPCWnmLTmx31lj+QErNSn/WRoXTfjDXkzz/DHh6+2quP a+TbeOOl9duIPBhf/H3tMHTcv0JyX1B+ld87n0ZcosS70SBpGpy67qbNXYUHNBIkB245xkJnM v2cdbFySJ1bld/n5v2fZTMaVvdgVc1Knct7v38MqeLcGzW069UbjLfYotjPNI191q4YVTgNmA tbH5y+6LX3a+2BMrGNmwYbrk4w+SRzj4dDznKf7frsRSnJFoqMVcVJwIABoJkOCVBAAA
X-Env-Sender: Alexander.Vainshtein@ecitele.com
X-Msg-Ref: server-16.tower-285.messagelabs.com!1582638671!595361!1
X-Originating-IP: [18.237.140.177]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.44.25; banners=ecitele.com,-,-
X-VirusChecked: Checked
Received: (qmail 3950 invoked from network); 25 Feb 2020 13:51:13 -0000
Received: from p01b.mail.dlp.protect.symantec.com (HELO mail.ds.dlp.protect.symantec.com) (18.237.140.177) by server-16.tower-285.messagelabs.com with ECDHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 25 Feb 2020 13:51:13 -0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=M1R+x2/UFIvO3Q4a6Z5yoNVdKas9Cvn6Mq8snq/PLJPM+3L78zE9GvJoYOBfRGx2A9c5zl/EchkyGjn3eLU9s23ygCeVnIkrV2PxcbTCjiJOT40d/bQ7lozdlgztojO+ZTaN4N11bGlDRCqyWDmKSU8hK9KdLCqXcz2nrGMwZGgjjdC+YxZTfbpejLAqFzb/QKyZIinhmYfvQaWXnSR4tIrpTY7oeSNnb245szVf0/c/sWRekDcDljKxzFF6B3gB9IfIcCMC/ZwDj/BKV1UP7Z+9zb+6EHHFHRLxMVfk6qGQnxIB8TtmXwkqUoWoWOnXaMDBMyUzVWQd6NbJK3dVTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZPNSV6TrcmLnvP9PbxLB1iEyCuyLWxKrq6dGb54iYZQ=; b=O1gYDGKk3JutBZiXXSj8UtXputOFxipyzAaa/CFHVOEiNfxIoxZ0o3wPAjy/r8wGsqZ4oNd/GzBErEtrKs37bhIiARH7AgBLfOo+alwOWUWjyBggc2ViQqHpgrukC7WkMfo3InBSv1OFsZW7AnSW/+wOzey6qpz2FacQfyEclO5oreTts7M6mXsAYXoK7e9Wt1J5n5VnjcW13glrNiObTBCEZUMNK2Gw1RTYpf2gT8K+NIoOG8N7ygZE4mVqwBMQ4xHQRivT65FWVrFI6j0g+67a/NoslPO9mxlNKIibb5lmojH3UPZxacWyiErw8McY2wNmPuzJ0VGq4R5QaO0Q1g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ecitele.com; dmarc=pass action=none header.from=ecitele.com; dkim=pass header.d=ecitele.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ECI365.onmicrosoft.com; s=selector2-ECI365-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZPNSV6TrcmLnvP9PbxLB1iEyCuyLWxKrq6dGb54iYZQ=; b=N/BO8dpUOXbyhjru/A2/YTkV7O3O2lbysWVB3i+JUBYFdClEWZXnxq8Wcx6DNR59U2rdeGzmfDwtDEnQXF1Xc01gqXyZPhYps3qN2aQ4sAN2PbFzxE5eX1LjvvMUo4RvopMCzTXsLbRKkykyUknGHaNz2fIXru3ttlHhiv5RTNA=
Received: from AM0PR0302MB3217.eurprd03.prod.outlook.com (52.133.33.12) by AM0PR0302MB3268.eurprd03.prod.outlook.com (52.133.36.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2750.21; Tue, 25 Feb 2020 13:51:08 +0000
Received: from AM0PR0302MB3217.eurprd03.prod.outlook.com ([fe80::aca8:db6e:97b:c780]) by AM0PR0302MB3217.eurprd03.prod.outlook.com ([fe80::aca8:db6e:97b:c780%7]) with mapi id 15.20.2750.021; Tue, 25 Feb 2020 13:51:08 +0000
From: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>
To: Huaimo Chen <huaimo.chen@futurewei.com>
CC: Yimin Shen <yshen=40juniper.net@dmarc.ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>, Greg Mirsky <gregimirsky@gmail.com>
Subject: RE: Mail regarding draft-hu-rtgwg-srv6-egress-protection
Thread-Topic: Mail regarding draft-hu-rtgwg-srv6-egress-protection
Thread-Index: AQHV6Tj/QTh4u6ex9kyPrxr+4lY6AKgnDNKAgAGQgwCAAfuBAIAAAOCUgAArSpGAASoVUA==
Date: Tue, 25 Feb 2020 13:51:08 +0000
Message-ID: <AM0PR0302MB3217FF1BA7BBA08FA4A6494B9DED0@AM0PR0302MB3217.eurprd03.prod.outlook.com>
References: <BY5PR13MB3651E27C33405CA8D1BC4FF4F2EE0@BY5PR13MB3651.namprd13.prod.outlook.com> <15DAD938-D0E1-4BB0-BE20-40602495474A@juniper.net> <AM0PR0302MB3217801FFC00FB8D8B177E2A9DEF0@AM0PR0302MB3217.eurprd03.prod.outlook.com>, <CA+RyBmXP8ZNo0f7WM8U1UzNHDwBcbDTg4KaLqQH42gc9WouKZA@mail.gmail.com>, <AM0PR0302MB3217DC064CAF91ED63BA05C39DEC0@AM0PR0302MB3217.eurprd03.prod.outlook.com> <BY5PR13MB36512BB309E3ABF2BAD7109BF2EC0@BY5PR13MB3651.namprd13.prod.outlook.com>
In-Reply-To: <BY5PR13MB36512BB309E3ABF2BAD7109BF2EC0@BY5PR13MB3651.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.234.241.1]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: d3ce96ec-1193-42ee-bd83-08d7b9f9c436
x-ms-traffictypediagnostic: AM0PR0302MB3268:
x-microsoft-antispam-prvs: <AM0PR0302MB3268C07CD57F1D3FCB2A0E0B9DED0@AM0PR0302MB3268.eurprd03.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6790;
x-forefront-prvs: 0324C2C0E2
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(376002)(346002)(396003)(39860400002)(366004)(199004)(189003)(7696005)(186003)(26005)(54906003)(66556008)(76116006)(64756008)(8936002)(55016002)(30864003)(66446008)(9686003)(52536014)(66476007)(66946007)(81156014)(81166006)(8676002)(6506007)(71200400001)(966005)(66574012)(6916009)(4326008)(53546011)(5660300002)(316002)(478600001)(45080400002)(2906002)(86362001)(33656002); DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR0302MB3268; H:AM0PR0302MB3217.eurprd03.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ecitele.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hTh/1ikGrSCnJUm++bE2lGNr+m4jtHMrdkRSX63H9LRo/yjaDqrPKqQJeTI/Prc9PA+Cd2pxvJ64MZJgoit29iJxLjGNiQzLPKq7N1Xtx4AHZQxnq13HGQezKBkDqUZdbhW8XRlgyCaLIOgEwr899FHptZL/SjwR765mElia8YD8OfsWLpXG9rhCTkRhvJqNOniKvUcP/1bt5lcSYNnGVmog9xn9i4fbk0Xesp4PTy0ZK1rl6qxYfg+ULhffP0X+NOkmOrBxKVIk9nvhDhNdEZPbLuYB7ONsw+BjzxHnWErU6Wd8fenYYK8VjqoCczc1uUnCZu0CmflmyfUChEPMkg1F0zG2kYIYk+dMh/JzjrzvfxsIBxHK/+V43Az2S36N32itKRYCm0NUoROwAqz49IMHiE+hhIz23tXWIe+2k5yVE0PsjQiAYD/Y3AtvUKc/S1/WLPswwjY2Re+d00BjPIAuhpGc12X8JmPYbE7gf8d0rKBVWvpjRTkMj4IupLIm9rf6REOcDyzRa10FPiG9gQ==
x-ms-exchange-antispam-messagedata: DqMc3sxlf8EOF3wwFeT1471OYK/itw/syP+fXsI0rgdQP6hObvxLjG//uto18H8uQqJt/fcBN6L3TJrwOyWcW7oSaxLIiOLUTM0aiu8dh9b2eN8yuBrXDQ4mQbRKhT7AjXJqp4SSj7CR9sjWApDQdg==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM0PR0302MB3217FF1BA7BBA08FA4A6494B9DED0AM0PR0302MB3217_"
MIME-Version: 1.0
X-OriginatorOrg: ecitele.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d3ce96ec-1193-42ee-bd83-08d7b9f9c436
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Feb 2020 13:51:08.5302 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2c514a61-08de-4519-b4c0-921fef62c42a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 3lQ6+qSj0LgvOfMA8w/zjjSzMIURKN/bPkHNiyL+SF7Kr03BjexpRW/57v9/UosH6fT5Rfji9noBxe4Hw6Fq0w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR0302MB3268
X-CFilter-Loop: Reflected
X-DetectorID-Processed: d8d3a2b3-1594-4c39-92fb-b8312fe65a8a
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/idS91bVRK32S9vGjkyNIekzQlP8>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Feb 2020 13:51:27 -0000

Huaimo,
Lots of thanks for a prompt response to my comments.

I have already explained my position on the draft in my response to Yimin.
I would only like to clarify that, from my POV:

1.       I agree with Yimin that there Mirror SID does not necessarily have to be routable. It may be just a local SID of the Protector node, and the draft should address both these scenarios.

2.       The actual IPv6 DP behavior when processing a Mirror SID in the Protector node must be carefully defined, preferably mapping it (with some clarification if necessary) to one of the SRv6 Endpoint behaviors defined in the SRv6 Network Programming draft<https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming-10>.

I think that the issues raised by Yimin and the high-level definition of handling of the Mirror SID by the Protector mode should be addressed before the draft can be adopted.

I also think that, similar to what has been done in RFC 8679, the draft should explicitly define the areas that are out of scope ort left FFS, However, this (as opposed to my other comments) can be safely done after the draft is adopted by the WG.

Hopefully these notes will be useful.

Regards,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com

From: Huaimo Chen <huaimo.chen@futurewei.com>
Sent: Tuesday, February 25, 2020 1:01 AM
To: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>; Greg Mirsky <gregimirsky@gmail.com>
Cc: Yimin Shen <yshen=40juniper.net@dmarc.ietf.org>; rtgwg@ietf.org
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Hi Sasha,

    Thank you for your comments.

    For the procedure (H.Encaps in section 5.1 of SRv6 Network Programming) you mentioned, which may be used at PLR for TI-LFA (I-D.ietf-rtgwg-segment-routing-ti-lfa), we will update our draft accordingly for egress protection.

    Regarding to your concerns based on the analogy to SR-MPLS, there should not be any issue here. The mirror SID here is routable and can be used as context ID. There is no need to change IPv6 data plane under SRv6 architecture.

Best Regards,
Huaimo
________________________________
From: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>>
Sent: Monday, February 24, 2020 12:31 PM
To: Greg Mirsky <gregimirsky@gmail.com<mailto:gregimirsky@gmail.com>>
Cc: Yimin Shen <yshen=40juniper.net@dmarc.ietf.org<mailto:yshen=40juniper.net@dmarc.ietf.org>>; Huaimo Chen <huaimo.chen@futurewei.com<mailto:huaimo.chen@futurewei.com>>; rtgwg@ietf.org<mailto:rtgwg@ietf.org> <rtgwg@ietf.org<mailto:rtgwg@ietf.org>>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Greg and all,
My description of what happens at the PLR was just an attempt to combine a message by Zhibo Hu (in which he refers to a specific procedure in the draft and and the generic definition of this procedure. It is still not clear to me whether this procedure equally applies to the "regular Binding SID" (bound to an SR-TE Policy) and to the Mirror SID.

My concerns are based on the following analogy (which may be relevant or not):

In SR-MPLS, handling of the active Binding SID that is bound to an SR-TE Policy simply means swap of the top label with a new label stack as defined in RFC 3031. But handling of a Mirror SID means that it is treated as the context kabel so that tge next label is looked up in the context label space it identifies as defined in RFC 5331; there is no way to handle it correctly if your MPLS DP only supports the primitives defined in RFC 3031.

I am not sure that similar behavior has ever been defined for the IPv6 DP -even augmented by the definition of the SRH.

My 2c.


Modification of the SRH by the PLR is in direct contradiction with RFC 8200.



Get Outlook for Android<https://clicktime.symantec.com/3Y8bXEcxDk8xFBZqhuvaTaM6H2?u=https%3A%2F%2Fnam03.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Faka.ms%252Fghei36%26data%3D02%257C01%257Chuaimo.chen%2540futurewei.com%257C4ed004c869c141bddbb608d7b94f5b3e%257C0fee8ff2a3b240189c753a1d5591fedc%257C1%257C0%257C637181622821119835%26sdata%3Dqv9wW%252FEO2tVJnK0OqMXd2M2VxnCkSXohuxpXTvftg6E%253D%26reserved%3D0>

________________________________
From: Greg Mirsky <gregimirsky@gmail.com<mailto:gregimirsky@gmail.com>>
Sent: Monday, February 24, 2020, 19:13
To: Alexander Vainshtein
Cc: Yimin Shen; Huaimo Chen; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection


Hi Sasha,
thank you for bringing the procedure a PLR to the discussion and providing your understanding of the procedure at PLR:
a.       Push a new IPv6 header and a new SRH on the original packet.
                                                               i.      The new SRH would include the Node SID of the Protector node and the Mirror SID
                                                             ii.      The destination IPv6 address would be the address of the Protector node
                                                           iii.      The Next Header value in the SRH would be IPv6
b.       Decrement the TTL in the inner IPv6 header
c.       Forward the packet towards the Protector node.
is very much different from the text in the draft:
P1 modifies the packet before
sending it to PE4.  The modified packet has destination PE4 with
mirror SID A4:1::3, and SRH with PE3's VPN SID A3:1::B100 and the
mirror SID A4:1::3 (i.e., "A3:1::B100, A4:1::3; SL=1").
The former text describes what can be characterized as bypass tunneling, while the latter is not. And I'm very much concerned that the procedure, as described in the draft, breaks immutability of SRH and thus violates RFC 8200.
I'm looking forward to hearing from the authors how PLR procedure really works - as described by you or as documented in the text.
That said, I do not support the adoption of the draft at this point.

Regards,
Greg

On Sun, Feb 23, 2020 at 4:01 AM Alexander Vainshtein <Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>> wrote:

Dear all,

I concur with Yimin's comments in his last email.



I have also an additional concern regarding support of a Mirror SID in SRv6. This concern is based on the following observations:

1.       As per RFC 8402, a Mirror SID is a special case of the Binding SID

2.       In SR-MPLS, a Mirror SID is defined as a generalization of the Context label  as defined RFC 5331. If it is not the last label in the label stack, then, to the best of my understanding, it is just the Context label identifying the context label space in which the next label (representing the next SID in the list) is looked up. in other words, ability of SR-MPLS to support Mirror SID is based on support of context labels and context label spaces in the MPLS DP. IMHO and FWIW it would not work with the MPLS DP as defined in RFC 3031 and 3032.

3.       As mentioned in the email by Zhibo Hu<https://clicktime.symantec.com/3LT3CpC9Jg2zdHar5bGEkKu6H2?u=https%3A%2F%2Fnam03.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fclicktime.symantec.com%252F32XmKo6nSvFvDEanEXdou986H2%253Fu%253Dhttps%25253A%25252F%25252Fmailarchive.ietf.org%25252Farch%25252Fmsg%25252Frtgwg%25252FJ2fJ3PF-bIYIeRzeWG83QpqpAR4%25252F%26data%3D02%257C01%257Chuaimo.chen%2540futurewei.com%257C4ed004c869c141bddbb608d7b94f5b3e%257C0fee8ff2a3b240189c753a1d5591fedc%257C1%257C0%257C637181622821119835%26sdata%3DDBGO28cuY9i9i8nuiDYB0DY3UCEsT1Z1mYUHvCcLIo8%253D%26reserved%3D0>, “The behavior of PLR encapsulating Mirror Sid is the same as that of SRv6 Ti-LFA。draft-ietf-spring-srv6-network-programming section 5.1 has been mentioned that H.Encap is used to encapsulate the TiLFA Repair List”.  I assume that this what the draft in question intends to do, i.e.,:

a.       Push a new IPv6 header and a new SRH on the original packet.

                                                               i.      The new SRH would include the Node SID of the Protector node and the Mirror SID

                                                             ii.      The destination IPv6 address would be the address of the Protector node

                                                           iii.      The Next Header value in the SRH would be IPv6

b.       Decrement the TTL in the inner IPv6 header

c.       Forward the packet towards the Protector node.

4.       This technique would work just fine in the case when the inserted SID refers to a topological instruction (as in the case of Ti-LFA or in the case when a binding SID represented an SR policy.  But I do not understand how it could be used with SIDs that are not topological instructions without any updates to IPv6 data plane.



My 2c,

Sasha



Office: +972-39266302

Cell:      +972-549266302

Email:   Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>



-----Original Message-----
From: rtgwg <rtgwg-bounces@ietf.org<mailto:rtgwg-bounces@ietf.org>> On Behalf Of Yimin Shen
Sent: Sunday, February 23, 2020 4:10 AM
To: Huaimo Chen <huaimo.chen@futurewei.com<mailto:huaimo.chen@futurewei.com>>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection



Hi Huaimo, Authors,



>> Step 1:  Find the P-Space P(Z, X) and the Q-Space Q(Y, X), which are similar to those in [RFC7490];



Unfortunately this is not a right solution. As I mentioned before, in egress protection, bypass path computation should not rely on LFA, because it is not finding a path to merge back to the protected/primary router. I have already suggested in a previous email to remove the link between PE3 and PE4, to make your discussion more generic. Similarly, the draft should not assume there is a multi-hop path from PE4 to PE3 which does not traverse P1. Your  mechanism must be able to return a bypass path in these cases. My suggestion is to take the guidelines in RFC 8679, and use context-IDs as locators.



>>    Step 5:  Try to find a shortest path from Z to Y without going through X;



As a transit router, Z is supposed to perform generic bypass calculation for X (like other IPv6 addresses), based on a general FRR logic. So, how would Z even know to "Try" in this step ? What is it trying ? Isn't this "shortest path from Z to Y without going through X" the bypass path you are looking for in Step 1 - 3 ?



>>    For a (primary) locator associated with the (primary) egress node of a SR path/tunnel, most often the locator is routable.  This is the case we assumed,



Non-routable locator should be supported, and it can be supported. In this case, bypass path calculation should be based on BGP nexthop. Again, please refer to RFC 8679 regarding how to use context-ID as BGP nexthop for a solution.





Thanks,

-- Yimin





From: Huaimo Chen <huaimo.chen@futurewei.com<mailto:huaimo.chen@futurewei.com>>

Date: Friday, February 21, 2020 at 11:45 PM

To: Yimin Shen <yshen@juniper.net<mailto:yshen@juniper.net>>, "rtgwg@ietf.org<mailto:rtgwg@ietf.org>" <rtgwg@ietf.org<mailto:rtgwg@ietf.org>>

Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection



Hi Yimin,

    Thanks much for your comments.

    The procedure with details that a PLR uses to compute a backup path has been added into the draft, which has been uploaded.

Best Regards,

Huaimo

Hi Huaimo, authors,



>>> Node P1's pre-computed backup path for PE3 is from P1 to PE4 via P2.



I’m still concerned that there is no details in this draft about the procedures how a PLR computes a backup path to the protector, in both of the two cases below.



[1] the primary locator is routable.

[2] the primary locator is not routable.



Thanks,

-- Yimin







_______________________________________________

rtgwg mailing list

rtgwg@ietf.org<mailto:rtgwg@ietf.org>

https://clicktime.symantec.com/3F1LB8RvcSLpHAYLrEmGjgH6H2?u=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Frtgwg<https://clicktime.symantec.com/3Q23irqmBpz4iDmgWACpdUN6H2?u=https%3A%2F%2Fnam03.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fclicktime.symantec.com%252F3F1LB8RvcSLpHAYLrEmGjgH6H2%253Fu%253Dhttps%25253A%25252F%25252Fwww.ietf.org%25252Fmailman%25252Flistinfo%25252Frtgwg%26data%3D02%257C01%257Chuaimo.chen%2540futurewei.com%257C4ed004c869c141bddbb608d7b94f5b3e%257C0fee8ff2a3b240189c753a1d5591fedc%257C1%257C0%257C637181622821129830%26sdata%3DskuitBzjlGGOCmPNI6%252BGU5q4UrYc8z2gkb77ECbAaNA%253D%26reserved%3D0>

___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this
transmission in error, please inform us by e-mail, phone or fax, and then delete the original
and all copies thereof.
___________________________________________________________________________
_______________________________________________
rtgwg mailing list
rtgwg@ietf.org<mailto:rtgwg@ietf.org>
https://www.ietf.org/mailman/listinfo/rtgwg<https://clicktime.symantec.com/3JW9xXK4PcDmkmxekf9Sdpb6H2?u=https%3A%2F%2Fnam03.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fclicktime.symantec.com%252F38fPqE2RREeDWfdbMWtDWR26H2%253Fu%253Dhttps%25253A%25252F%25252Fwww.ietf.org%25252Fmailman%25252Flistinfo%25252Frtgwg%26data%3D02%257C01%257Chuaimo.chen%2540futurewei.com%257C4ed004c869c141bddbb608d7b94f5b3e%257C0fee8ff2a3b240189c753a1d5591fedc%257C1%257C0%257C637181622821129830%26sdata%3DwNQ0gsD33FGnLrvvXrSjJljx1HCUoc511auQUKdKDLQ%253D%26reserved%3D0>


___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this
transmission in error, please inform us by e-mail, phone or fax, and then delete the original
and all copies thereof.
___________________________________________________________________________

___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is 
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this 
transmission in error, please inform us by e-mail, phone or fax, and then delete the original 
and all copies thereof.
___________________________________________________________________________

v2.23.0 | Report a Bug | By Email