IETF Logo Mail Archive

Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Yimin Shen <yshen@juniper.net> Thu, 23 January 2020 20:01 UTC

Return-Path: <yshen@juniper.net>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F05E120B02; Thu, 23 Jan 2020 12:01:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=GPu28YPQ; dkim=pass (1024-bit key) header.d=juniper.net header.b=D2DTU/vx
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GGgCzAU6aK8F; Thu, 23 Jan 2020 12:01:30 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DDB11120809; Thu, 23 Jan 2020 12:01:30 -0800 (PST)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 00NJt6A6015292; Thu, 23 Jan 2020 12:01:27 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=0zFlcst6E+NDz0C9jUberoEUkTECJHvSMS0sQT9154g=; b=GPu28YPQ8LsBu4hyqetMShXW3f2cdmWzYhg7EXkb2huZWsKL15Qo5dQ2I6Gbe+S3Tw8H Qfmkt/wT2spopCFkimhxWC7uoF/kz2N0rxRPJEf0r9kEWaJ+5ZUPDF5s9k+ghTnLbnHS nze6n9ihwSPPlcrh+ng4WnBfue5uvoxIrnmGlL3z2Xn3b+jOr8qsxWQkPXEoQFYnna7M sKEpZctwovDd6ss/qn9g28Yd0d+d+A7q8ciLr+eTAe+yo9IwoufLB2YXXPrw4lb9QSOw M9GfCJ1MKowqL7vrDCcvHllDbX7KPZpUoGV/FdUdE04WYkrjL6idr3Ny2g3ReuaHuzpp uw==
Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2171.outbound.protection.outlook.com [104.47.58.171]) by mx0a-00273201.pphosted.com with ESMTP id 2xnyw4djgg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 23 Jan 2020 12:01:27 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=h9385RVgWu4HAWqm+r1E/n0Dh6M/tn5IPh4CdScXMGNtK9z+8Ru43OcBEy1w/jcOuzy8Iir1ts9LEWn64TtYI5rflmmFtAyevwfa9OgV3yrAXHHzonXB2DY7DwjUtS1WTRtw+gWXENu7i5O5QkGEsww4m8Jccq+lOpQaXGcPBTJazfcSieahM2Skt7MrNk6jHlaQjbz+uuGWumk9LrWfl/m24fzh8vY3XKC07GCjhQq2MtY6k+yfef5wwe5yhr2OWs3ARFL8B/0y3kEDldRrQCqAa9ii4M1mt0Ifyotgvbh/zcaABjeGSOLpQQ/I/S7LEqCrSCXglanIQdUjVCLygw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0zFlcst6E+NDz0C9jUberoEUkTECJHvSMS0sQT9154g=; b=X9L03SwBJCE7PA8L8/EtzU+qSNO0BzUYLXx1APb3xXC7JGlc3qK+rC6yTatgBD3HAgXgm5Q+gNcGZCTCeuse4ECras1oBPYRjk0BeOVJMCZVQ6IpodOiXVhKhoZMFkGqexJeujkasZWnbMpUf9QPYupNDN0NjdKkplkdMHQqVpYzovIycSGP9zi/MvoEb4X1C9qVZBOYZLtw/K999ko8ggk40FEXvCFfo/cIfcQ1WZwqWCquVKIdmhoI/K2DFZ4geCK6odLyFXUhQgWP1PQ+jmJqWS/1/vMEynlCnRWoKYDnG5UZQj6YN6Fzc2Okf1ZY0SHYl4q1S90rd7+nHgq8yA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0zFlcst6E+NDz0C9jUberoEUkTECJHvSMS0sQT9154g=; b=D2DTU/vxJX8H375MmHlrUJNUMPD6A9yX7ycu3aTQ3HUz0zXmXXj9SkeTwUrtDKNQtu7+be8B4QJTJGAoBtA4pP1hhABFJUX/nAYcDu9PqHhKnC5jo67HZ0EUaL0zTsWUMVTqlosUrf49dUIntPif0MGmsguM2xQDB8Yu6//W8is=
Received: from BYAPR05MB5990.namprd05.prod.outlook.com (20.178.55.144) by BYAPR05MB6501.namprd05.prod.outlook.com (20.178.234.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2665.15; Thu, 23 Jan 2020 20:01:25 +0000
Received: from BYAPR05MB5990.namprd05.prod.outlook.com ([fe80::d190:ce36:8755:3f90]) by BYAPR05MB5990.namprd05.prod.outlook.com ([fe80::d190:ce36:8755:3f90%4]) with mapi id 15.20.2665.017; Thu, 23 Jan 2020 20:01:24 +0000
From: Yimin Shen <yshen@juniper.net>
To: Huaimo Chen <huaimo.chen@futurewei.com>, "draft-hu-rtgwg-srv6-egress-protection@ietf.org" <draft-hu-rtgwg-srv6-egress-protection@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection
Thread-Topic: Mail regarding draft-hu-rtgwg-srv6-egress-protection
Thread-Index: AQHVy9ksQiG/U6AcPUqlM8La4y6P26ftaU61gAIxPLGACMm5AA==
Date: Thu, 23 Jan 2020 20:01:24 +0000
Message-ID: <12EC8457-1F1E-43C7-BC91-4D1BA6D71884@juniper.net>
References: <AE1BCB69-6913-46B9-9250-1AC829665B7F@contoso.com> <SN6PR13MB2271B90EA5807F48073F2C49F2360@SN6PR13MB2271.namprd13.prod.outlook.com> <SN6PR13MB2271810425DBE6ED7F3BEEF9F2300@SN6PR13MB2271.namprd13.prod.outlook.com>
In-Reply-To: <SN6PR13MB2271810425DBE6ED7F3BEEF9F2300@SN6PR13MB2271.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Enabled=true; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Name=Juniper Business Use Only; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Enabled=true; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_ContentBits=0; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_Method=Standard; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_ActionId=78337eac-a6d4-4af6-a74c-00004b75ac4a; MSIP_Label_9784d817-3396-4a4f-b60c-3ef6b345fe55_SetDate=2020-01-15T19:06:47Z;
user-agent: Microsoft-MacOutlook/10.21.0.200113
x-originating-ip: [66.129.241.13]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 59e69b7f-44d4-40f3-17c6-08d7a03f0690
x-ms-traffictypediagnostic: BYAPR05MB6501:
x-microsoft-antispam-prvs: <BYAPR05MB65015A48FB91D52ADD1AE266BD0F0@BYAPR05MB6501.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 029174C036
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(136003)(396003)(346002)(376002)(366004)(39860400002)(199004)(189003)(6486002)(5660300002)(966005)(33656002)(186003)(71200400001)(91956017)(64756008)(81156014)(6512007)(2906002)(66446008)(66476007)(8676002)(81166006)(66556008)(66946007)(26005)(76116006)(8936002)(86362001)(36756003)(6506007)(53546011)(110136005)(2616005)(316002)(478600001); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB6501; H:BYAPR05MB5990.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ZOLE4cVNCS9AqHSMIEdzK1nUtVk4E4Bz3w8b5TwLMxh/dwV1XBWmeBiRmm0/0nOp7gKAR8RpU58Gr+YXry2ViLIzMLXFnocXz2VObGRaN+T5hjiOhtQEwKK21BEaPyCZB6q/g4VG2UYavWG9QBH6Ajb1MiEvdUR4skdgJPXhQAA4OhkBkMrJn5I9kTISpFw0Vl2NBV678ssNoZX9HxI7e+AsY9x0A5QAFvwbRQnVNkt1c8NkgAzpsPGbQoCsZEATg79cuSY7MbRcgRCY5w450PxDGxxerO02Yi56K5i7AYaIaVd2DyAQVuIVH+i6KaZiMqxKK7vWDYlZ5qouHj8SNWnr3RICjJ4WEwC3PMDFyd9AQq+sUHFxnX0/BkUJ3l4MR+RkddBCtYFiknYdyclZSjgdPgejWP+ctFNsSmLR/4VNX2A9G6VGILWELhB99lXaN/v1xVWoyZSXLKb1h3NkD62/in926HVJCnd+y4+SHBM=
x-ms-exchange-antispam-messagedata: FObLpnP+h6A/VrePS/tfO9O8NsyZay6Cq6+35uGoXLPGiRvIIW8ix+W8WRXpGRFkWGS1JJFBrH+24VEB/vtbK6MXqCg1tT2W2/croHWVZmL/QbrXfM2X+IjlzkzQiiRrssPuEFV5TMFybfGfBXV5tQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <A18E89F578F3A3499E0AED2BFBA62D64@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 59e69b7f-44d4-40f3-17c6-08d7a03f0690
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jan 2020 20:01:24.8975 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: rnHsYdYo04mR4DlAnxrgUv3YP1MiWfPZ6QIOm1/rKD3QMB0DweptULBfpeoHjITcmIagOI5W0a/BJ5I1/3SMcQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB6501
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.572 definitions=2020-01-23_11:2020-01-23, 2020-01-23 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 spamscore=0 suspectscore=0 lowpriorityscore=0 phishscore=0 adultscore=0 bulkscore=0 mlxlogscore=999 priorityscore=1501 clxscore=1011 mlxscore=0 malwarescore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-2001230146
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/vbGEQgjoZqqkvsJooYLfy586sac>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jan 2020 20:01:34 -0000

Hi Huaimo, authors,

I have some further comments and questions about this draft. Some of them are fundamental. 

In section 3:

>>> Node P1's pre-computed TI-LFA backup path for PE3 is from P1 to PE4 via P2.

You cannot rely on TI-LFA to compute a backup path for egress node protection. In egress node protection, there may not be a TI-LFA path (e.g. if you remove the link between P3 and P4), but P4 should still be able to provide the protection. I think the draft should support this case and this kind of topologies.

>>> PE3 has a locator A3:1::/64 and a VPN SID A3:1::B100.  PE4 has a locator A4:1::/64 and a VPN SID A4:1::B100.

I'm not sure if you can assume that locator and service SID are de-coupled. If you read draft-ietf-spring-srv6-network-programming and draft-ietf-bess-srv6-services, locator is embedded in service SID. How do you handle this ?

>>> When PE3 fails, node P1 protects PE3 through sending the packet to PE4 via the backup path pre-computed.  P1 modifies the packet before sending it to PE4.  The modified packet has destination PE4 with mirror SID A4:1::3, and SRH with PE3's VPN SID A3:1::B100 and the mirror SID A4:1::3 (i.e., "A3:1::B100, A4:1::3; SL=1").

How does P1 know about the mirror SID ?

>>>   For protecting the egress link between PE3 and CE2, when the link fails, PE3 acting as PLR like P1 detects the failure and forwards the packet to PE4 via the pre-computed backup path from PE3 to PE4.  When PE4 receives the packet, it sends the packet to the same CE2.

What does the encapsulation look like, in terms of IPv6 DA and SRH ? How does PE3 know about the mirror SID ?

Thanks,

-- Yimin


From: Huaimo Chen <huaimo.chen@futurewei.com>
Date: Friday, January 17, 2020 at 7:54 PM
To: Yimin Shen <yshen@juniper.net>, "draft-hu-rtgwg-srv6-egress-protection@ietf.org" <draft-hu-rtgwg-srv6-egress-protection@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection

Hi Yimin,

    Thanks very much for your suggestions/comments.
    The draft has been updated accordingly. 
https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-hu-rtgwg-srv6-egress-protection/__;!!NEt6yMaO-gk!TDva0v6bD2UzkBVmAXlu3SHbiLLda_7eyqu28BCLs97rtLsnzRTaNah22w8KUjA$
    
Best Regards,
Huaimo

From: Huaimo Chen <huaimo.chen@futurewei.com>
Sent: Thursday, January 16, 2020 10:24 AM
To: Yimin Shen <yshen@juniper.net>; draft-hu-rtgwg-srv6-egress-protection@ietf.org <draft-hu-rtgwg-srv6-egress-protection@ietf.org>; rtgwg@ietf.org <rtgwg@ietf.org>
Subject: Re: Mail regarding draft-hu-rtgwg-srv6-egress-protection 
 
Hi Yimin,

    Thank you very much for your suggestions/comments.
    I will add reference RFC 8679 with some texts into the draft.
 
Best Regards,
Huaimo

From: Yimin Shen <yshen@juniper.net>
Sent: Wednesday, January 15, 2020 2:22 PM
To: draft-hu-rtgwg-srv6-egress-protection@ietf.org <draft-hu-rtgwg-srv6-egress-protection@ietf.org>; rtgwg@ietf.org <rtgwg@ietf.org>
Subject: Mail regarding draft-hu-rtgwg-srv6-egress-protection 
 
Hi authors,
 
I’d like to suggest this draft to reference RFC 8679.
 
In particular, RFC 8679 as a generic EP framework with a lot of general discussions (see the points below), which are applicable to both MPLS and IPv6 data plane, and all types of transport tunnels. However, this draft seems to have almost no consideration or discussion on these topics. I don’t think the draft needs to repeat these discussions, but I suggest to add a section(s) to discuss these points generally by referencing RFC 8679.
 
• general scope and requirements
• transport layer failure/protection vs. service layer failure/protection
• applicability
• failure detection mechanisms
• egress node protection
• egress link protection
• relationship between EP and global repair
• co-existing of different types of transport tunnels and bypass tunnels
• security
 
 
Thanks,
 
-- Yimin Shen
Juniper Networks
 

v2.23.0 | Report a Bug | By Email