IETF Logo Mail Archive

Re: [sfc] [SUSPICIOUS] Re: [nvo3] Comments on draft-ietf-nvo3-vxlan-gpe

Greg Mirsky <gregimirsky@gmail.com> Thu, 18 April 2019 00:49 UTC

Return-Path: <gregimirsky@gmail.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B5411201A2; Wed, 17 Apr 2019 17:49:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XnWwcVhP-3rX; Wed, 17 Apr 2019 17:49:14 -0700 (PDT)
Received: from mail-lj1-x22a.google.com (mail-lj1-x22a.google.com [IPv6:2a00:1450:4864:20::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADA45120033; Wed, 17 Apr 2019 17:49:13 -0700 (PDT)
Received: by mail-lj1-x22a.google.com with SMTP id h21so318927ljk.13; Wed, 17 Apr 2019 17:49:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CWa0oGr0pe1svZPWxNBzRmESGnGjYp6DFSbq8/v3MUs=; b=GShRXdhuPfFpKkHwQjWw2l1LGw6b4BoBvJ2+bNSZY2DTiU/ONY6MzaWtpPfw8s6OY/ YwCNx4Rz6RJpZVjWVdU7Ult18Egtaw521lJMPbWZ6o7NkH/tSOLO9EsZEwNWLkNpvoZQ z9Rlr6ZJBdZYG/CKKfVwXnSa7jzT+lBLyCBcThiQq4YCZ6ZPclOndIgApjMiIax6ONvB uggnzoDiBRE52zRkaKNWcxJGfbbgvi68F0LAARiq4HHmVo+wXqepz+BJjaB4d0qT33u1 Ewz0FVggknyPXNvZ/cUnOA6jsevYugL84/JS12XMWxK4G2bp+YhzqYvjUWC8205KFoTH BAYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CWa0oGr0pe1svZPWxNBzRmESGnGjYp6DFSbq8/v3MUs=; b=LYwINxGceBXX90yunEb3o4Ge1tcAJJpaIcKyCkZegTtdhUWPL8yPN/lhXj39oBpvCI y3wSHYCzKcA2gxz2w8e5shd5dn4qACokNWjyNu0O7h5Bdsoe1H8ZhWU0lO9h091eKD7e ImyQi0UBu8zkYoia0Dutr/dkSu61BxbvqbaSrJXwUV9HOW+npnrNRXqFYTkCsZG7H7c7 +Z5e0K07oug/iq/teZzka1Zzh9hf6Af9g3ynFtZerU0V7wvLvuI+puXqBrAGOPY1F7Nx 6vEGMfRnC07PnF/MsiTkg5F5E2PKMbV9O9LuX+ZiVq2dtgLnKS9Qwy1Ra9+WyTHjRxc0 XO8w==
X-Gm-Message-State: APjAAAWrj/2sWqPMgmZfILLtut/s9hYgqhOn1w1UYGUOl7ISuwEN87vh 4gH/dsRLeBueJtmjSCS5NoITvAf3Buqxr9S1Sg4=
X-Google-Smtp-Source: APXvYqzpJeHXpYpzLAdgQ4P1myEem8WNHGwWqO5/2LSOskbloD2oA5CI0r/6Y/Q2qO4bKBiYsYbIWZYw6j4O7aqVVM0=
X-Received: by 2002:a2e:5d56:: with SMTP id r83mr49576870ljb.74.1555548551719; Wed, 17 Apr 2019 17:49:11 -0700 (PDT)
MIME-Version: 1.0
References: <CA+RyBmV5R+jsPNn9-HooGcJzobD5mrxEwjbxn_o+hn2QcoiZNQ@mail.gmail.com> <12ACA02A-BB51-4214-A72B-1AEFCCB914AC@cisco.com> <CA+RyBmUgQdq-oHQFveGV3avStL=4B+=qxMU+epk6mHdAqhRR0w@mail.gmail.com> <3AFD4751-CF3A-4939-A49A-FB981C68CADF@cisco.com> <CA+RyBmXc3w4jzTnj_nbCQ0uDNhgyxyt4FZV_xLa0PsfaV7r-PA@mail.gmail.com> <4C9CDD29-BDF8-425E-998F-B12C1BD7CA7C@cisco.com>
In-Reply-To: <4C9CDD29-BDF8-425E-998F-B12C1BD7CA7C@cisco.com>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Wed, 17 Apr 2019 17:49:04 -0700
Message-ID: <CA+RyBmWsvuGYaCjF6N6StoHYCZZSKKUiUZB8AtjLgz=uSwXD9Q@mail.gmail.com>
To: "Carlos Pignataro (cpignata)" <cpignata@cisco.com>
Cc: NVO3 <nvo3@ietf.org>, "draft-ietf-nvo3-vxlan-gpe@ietf.org" <draft-ietf-nvo3-vxlan-gpe@ietf.org>, IETF IPPM WG <ippm@ietf.org>, "sfc@ietf.org" <sfc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000db2fac0586c35e28"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/5O0nb2QhjaDFbtCcdl92N2so8Xg>
Subject: Re: [sfc] [SUSPICIOUS] Re: [nvo3] Comments on draft-ietf-nvo3-vxlan-gpe
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2019 00:49:17 -0000

Hi Carlos,
thank you for the discussion.
As the VXLAN-GPE is on the Informational track, there may be little point
to discuss it. But as the draft has been adopted by NVO3 WG, I'm curious
about the updates the editors have been making without the WG agreeing to
that. I'm looking forward to hearing from any of the editors of VXLAN-GPE
about the updates in the last two versions. Also, hope editors of the draft
will find time to reply to my questions and consider my comments.

Regards,
Greg

On Wed, Apr 17, 2019 at 5:18 PM Carlos Pignataro (cpignata) <
cpignata@cisco.com> wrote:

> Dear Greg,
>
> [Now adding the SFC WG Mailing list since you take us to a different WG
> again]
>
> Thank you very much for fine-combing with a magnifying glass through all
> the documents I’m currently co-authoring :-)
>
> It is refreshing to see that the only issues you find are non-issues, and
> your questions easy to re-answer :-)
>
> At this point I am a bit at a loss of what your point is, or what you are
> trying to prove bending text. Are you coding, deploying, or testing IOAM on
> NSH without data packets on VXLAN-GPE over IP? NSH is data as far as
> VXLAN-GPE is concerned. IOAM shimmed in NSH is orthogonal to IOAM shimmed
> in VXLAN-GPE.
>
> I feel this discussion about the O-bit already took place once or twice.
>
> Kind Regards,
>
> — Carlos Pignataro
>
> PS: The Evil bit is defined for IPv4, should we therefore also define it
> here?
>
>
> > On Apr 17, 2019, at 5:54 PM, Greg Mirsky <gregimirsky@gmail.com> wrote:
> >
> > Hi Carlos,
> > to add another quote from the draft-ietf-sfc-ioam-nsh that you've
> co-authored,
> >    Packets with IOAM data included MUST follow this
> >    definition, i.e. the O bit MUST NOT be set for regular customer
> >    traffic which also carries IOAM data and the O bit MUST be set for
> >    OAM packets which carry only IOAM data without any regular data
> >    payload.
> >
> > So, if the only iOAM message is carried in or after an NSH, it is
> identified as OAM. And, by your own example in the earlier note, so should
> VXLAN-GPE.
> >
> > Regards,
> > Greg
> >
> > On Wed, Apr 17, 2019 at 12:44 PM Carlos Pignataro (cpignata) <
> cpignata@cisco.com> wrote:
> > Hi, Greg,
> >
> > Adding the IPPM mailing list, since you reference it below, and point to
> RFC 7799.
> >
> > Please see inline.
> >
> > > On Apr 17, 2019, at 3:00 PM, Greg Mirsky <gregimirsky@gmail.com>
> wrote:
> > >
> > > Hi Carlos,
> > > thank you for sharing your view on the design of the VXLAN-GPE
> protocol. Please find my comments in-line tagged GIM>>.
> > >
> > > Regards,
> > > Greg
> > >
> > > On Fri, Apr 12, 2019 at 5:23 AM Carlos Pignataro (cpignata) <
> cpignata@cisco.com> wrote:
> > > Greg,
> > >
> > > You seem to be confusing and mixing things up.
> > >
> > > Please see inline.
> > >
> > > > On Apr 12, 2019, at 2:50 AM, Greg Mirsky <gregimirsky@gmail.com>
> wrote:
> > > >
> > > > Dear Editors, et al.,
> > > > I've read the latest -07 version and would like to share my comments
> and questions with you:
> > > >       • in the earlier version of the draft, the O-bit was
> introduced and defined as:
> > > > OAM Flag Bit (O bit):  The O bit is set to indicate that the packet
> is an OAM packet.
> > > > At the same time, in the latest version, the new Next Protocol value
> (0x81) to identify iOAM Data was introduced. Hence are my questions:
> > > >       • What must be the value of the O-bit when the value of the
> Next Protocol field is iOAM?
> > >
> > > The O bit “is set to indicate that the packet is an OAM packet”.
> > > IAOM is not an OAM packet. Hence, O bit clear if VXLAN-GPE
> encapsulates a non-OAM packet and adds an IOAM shim.
> > > GIM>> It is a very unexpected statement from you,
> >
> > I would tell you ‘expect the unexpected’, but that is not the case
> here... :-)
> >
> > If you actually read my statement, you will see "IAOM is not an OAM
> *packet*.” New emphasis added — it is _not_ *an OAM packet*.
> >
> > I stand by it. It’s an augmented data packet of interest.
> >
> > > one of the co-authors of draft-ietf-ippm-ioam-data  where the first
> paragraph of the Introduction section defines iOAM as Hybrid Type 1 OAM,
> according to RFC 7799 classification:
> >
> > This is still quite consistent with that definition, which I recommend
> you re-read:
> >
> > RFC 7799 is about metrics and methods, not packet definitions.
> >
> > You will see that Active methods include a “dedicated measurement packet
> stream”. “Active Methods generate packet streams.”
> >
> > However, Hybrid Type I leverages “Augmentation or modification of the
> stream of interest"
> >
> > Following your logic, if you change a packet field such as TTL/HL to
> provide packet coloring, do you need to set the O-bit?
> >
> > >    IOAM is to complement
> > >    mechanisms such as Ping or Traceroute, or more recent active probing
> > >    mechanisms as described in [I-D.lapukhov-dataplane-probe]..  In
> terms
> > >    of "active" or "passive" OAM, "in-situ" OAM can be considered a
> > >    hybrid OAM type.  While no extra packets are sent, IOAM adds
> > >    information to the packets therefore cannot be considered passive.
> > >    In terms of the classification given in [RFC7799] IOAM could be
> > >    portrayed as Hybrid Type 1.
> > >
> > > >       • Do you plan to define the Next Protocol values for active
> OAM protocols, e.g., Echo Request/Reply, BFD, Performance Monitoring?
> > >
> > > I cannot speak to “plans” (replying as “et al.”, not as “editor”), but
> I expect OAM documents ought to have those requested, and you do not need
> necessarily all of those — the nex protocol IPv4 / IPv6 can encapsulate
> ICMP, UDP/BFD, etc., etc., etc., etc.
> > > GIM>> Of course, use of the well-known port number, usually it is UDP
> destination port, is one of the methods to demultiplex protocols. This
> method is broadly used, for example, in MPLS OAM. But this method has some
> disadvantages that were pointed out in the discussion of BFD over GENEVE in
> Prague by David Black (the last presentation in the minutes):
> > > David: I want the BFD header to be as close to the thing whose
> liveness I'm testing. The more headers you add in the middle, the more ways
> there are to break BFD without breaking the forwarding engine. The further
> away I move BFD from the chunk of hardware's liveness I care about, the
> more opportunities are for BFD and the hardware to not to tell me the same
> thing.
> > >
> >
> > Theory and practice match in theory, less so in practice — unless you
> are planning to update RFC 5881.
> >
> > This can be argued both ways (e.g., better to have common handlers,
> etc.), but I take no position. I do say that in presence of deployed OAM
> encapsulations, there’s no basis for your your comment about defining a
> protocol type for “Performance Monitoring” as a protocol...
> >
> >
> > >
> > > >       • How to interpret the situation when the O-bit value is 1 but
> the value of the Next Protocol field is, for example, NSH, i.e.., not any
> of OAM protocols?
> > >
> > > I expect it means there’s OAM within that NSH (sometimes there’s no
> such things as “OAM Protocols”), or an unhandled OAM protocol.
> > > GIM>> Should that, i.e., OAM in NSH or immediately following NSH be
> signaled using SFC NSH methods that are already defined in
> draft-ietf-sfc-multi-layer-oam?
> >
> >
> > Non sequitur — I do not follow what signaling has to do with the
> conversation, nor how that draft might be relevant.
> >
> > > Using the server layer, as you've suggested, seems as layer violation.
> > >
> >
> > This is a funny statement — NVO3 is a layer violation :-) So are
> Pseudowires. Please do not take this statement too seriously, it is not
> inviting discussion.
> >
> > > >       • I believe that the use of the dedicated OAM flag and the
> Next Protocol field for a fixed-size header that cannot include meta-data
> is unwarranted and adds unnecessary complexity.
> > >
> > > Disagree.
> > >
> > > See example where protocol is IP carrying an OAM packet.
> > > GIM>> When IP/UDP encapsulation is used for OAM, there's no, in my
> opinion, any need to use the O-bit. The destination IP address must be as
> described in RFC 8029 or RFC 5884 and the demultiplexing is done based on
> the destination UDP port number. Clearly, O-bit is unnecessary if IP/UDP
> encapsulation for OAM being used.
> > >
> >
> > Fortunately, bit usage is a matter of definition and not opinion :-)
> >
> > Kind regards,
> >
> > Carlos.
> >
> >
> > > > I suggest not to use O-bit in the VXLAN-GPE header and release it
> into the Reserved field.  I don't see the apparent benefit of using the
> flag, as the VXLA-GPE uses the fixed size header and the header cannot
> carry OAM data in it. The only role the VXLAN-GPE header must perform, in
> my opinion, is to unambiguously identify the payload type that immediately
> follows the header as OAM (demultiplexing OAM protocols may be done in OAM
> Header shim).
> > > > Much appreciate your consideration.
> > > >
> > >
> > > Best,
> > >
> > > —
> > > Carlos Pignataro, carlos@cisco.com
> > >
> > > “Sometimes I use big words that I do not fully understand, to make
> myself sound more photosynthesis."
> > >
> > > > Regards,
> > > > Greg
> > > > _______________________________________________
> > > > nvo3 mailing list
> > > > nvo3@ietf.org
> > > >
> https://secure-web.cisco.com/1j-jr64yh2D8yO92ibcqaN-H98ZCP3lQdHmsYPsH8lkjsa4WlJ4kg3W4HL8qT25rCVittT5bFQox__OnSknV5w_wW69FvUhXkxqxKhi9MCiy5oH-JTucXN_7FK85q7jD-qEwRM5IXY68_Vfeb_XI2rKxyzwVsG_06KTGF09Bw9oHAOXUNFcdCw_oon_eruUhRPtdwLc9UQNz2ThYP8ysf2pr64VU04VjMKmGwqYvzzyAsLTEbHrs7GVCqphT58T0st78_968rM5MKFLk7EiWBj7gZPm_rDeBf63gUtxkcj-w8XybJiiO2tcFaeoAL_8m-ZT5L9-1VK4wZkHmR5C_Ldg/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fnvo3
> > >
> >
> > _______________________________________________
> > nvo3 mailing list
> > nvo3@ietf.org
> >
> https://secure-web.cisco.com/1j-jr64yh2D8yO92ibcqaN-H98ZCP3lQdHmsYPsH8lkjsa4WlJ4kg3W4HL8qT25rCVittT5bFQox__OnSknV5w_wW69FvUhXkxqxKhi9MCiy5oH-JTucXN_7FK85q7jD-qEwRM5IXY68_Vfeb_XI2rKxyzwVsG_06KTGF09Bw9oHAOXUNFcdCw_oon_eruUhRPtdwLc9UQNz2ThYP8ysf2pr64VU04VjMKmGwqYvzzyAsLTEbHrs7GVCqphT58T0st78_968rM5MKFLk7EiWBj7gZPm_rDeBf63gUtxkcj-w8XybJiiO2tcFaeoAL_8m-ZT5L9-1VK4wZkHmR5C_Ldg/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fnvo3
>
>

v2.23.0 | Report a Bug | By Email