Re: [sfc] Robert Wilton's No Objection on draft-ietf-sfc-oam-framework-13: (with COMMENT)
"Nagendra Kumar Nainar (naikumar)" <naikumar@cisco.com> Thu, 14 May 2020 19:05 UTC
Return-Path: <naikumar@cisco.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F13F3A0848; Thu, 14 May 2020 12:05:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=DzUvXf0P; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=NIp8rQxn
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E8orqkMFFleH; Thu, 14 May 2020 12:05:47 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 968B33A0862; Thu, 14 May 2020 12:05:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=11964; q=dns/txt; s=iport; t=1589483147; x=1590692747; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=AOarUcSUPmHAQD8NK9r9gNbzlnD9RKSI0XakRMCt7/k=; b=DzUvXf0P3cpbS4NTIN47d7c/Q9LN3KLQ9lMQ07vW13BxMIv/NeF2qbHM xe/6ZCz8vwyiKbZqAjjBGg9fjkT0uLJJQXGxZGEFTWu4gF36OzERj4uV9 2cn0LAiTQU2vVp4IDDMwUukvv++H1cHDOH3AZK3jE/yvAM/cbSwIqffO/ c=;
IronPort-PHdr: 9a23:4XUoBhB8y96eXYblZxaBUyQJPHJ1sqjoPgMT9pssgq5PdaLm5Zn5IUjD/qw00A3CXJ7Q7LRPjO+F+6zjWGlV55GHvThCdZFXTBYKhI0QmBBoG8+KD0D3bZuIJyw3FchPThlpqne8N0UGE8flbFqUqXq3vnYeHxzlPl9zIeL4UofZk8Ww0bW0/JveKwVFjTawe/V8NhKz+A7QrcIRx4BlL/U8
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0COBQCTlb1e/5RdJa1mHAEBAQEBAQcBARIBAQQEAQFAgUeBVCQtB29YLywKhBuDRgOld4FCgRADVAsBAQEMAQEjCgIEAQGERAIXgX4kOBMCAwEBCwEBBQEBAQIBBQRthSoGJgyFcgIBAxIREQwBATcBDwIBCBIIAiYCAgIwFQIOAgQBDSeDBAGCSwMuAQ6oAgKBOYhhdoEygwEBAQWBRkGDRhiCDgMGgQ4qgmOJXxqCAIERJxyBT34+gmcCAQIBgSwBDAYBITgCglozgi2OLSMGgkc9oSgKgk2IHZAXHYJdiGyFAox+kCyBWYgGk1kCBAIEBQIOAQEFgWkiZlgRB3AVOyoBgj5QGA2BNo8KOIM6hRSFQnQCATQCBggBAQMJfIwEgTQBgQ8BAQ
X-IronPort-AV: E=Sophos;i="5.73,392,1583193600"; d="scan'208";a="770620557"
Received: from rcdn-core-12.cisco.com ([173.37.93.148]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 14 May 2020 19:05:45 +0000
Received: from XCH-ALN-003.cisco.com (xch-aln-003.cisco.com [173.36.7.13]) by rcdn-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id 04EJ5jHK022760 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 14 May 2020 19:05:46 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-003.cisco.com (173.36.7.13) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 14 May 2020 14:05:45 -0500
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 14 May 2020 14:05:45 -0500
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Thu, 14 May 2020 14:05:45 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gl5Ges4d0wt1r5Lqn0FZK7T8v4NJ3DHCy2weQ2e2K0gvhQFEA5ky5KjO1sWUww/LjrirnWEoHO3gT31aPrmVxypxJTxvVz3YmC1KOgiuYn+bNUzmDSN0jmxLeDHba1g0L9iQw9I/1UfgmYIQokJDfSjdGBs4eoiwQVQxAXgA+dzjTwMoIVM7z7xwtTsloBuCHU4l6mq++HJDRaOpgKzAFITbWVGVrOjrecoMfhhRzzh/A6dHNNFcCbTGDYYCHQIaG9tAv4ZS89pvvLSPVCFgGgewUNx/k8CGvmzP1PP6Sam5zqDJEVSORFLvsDv73xg5HQGQC+x1STrIlIY12xEwpw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AOarUcSUPmHAQD8NK9r9gNbzlnD9RKSI0XakRMCt7/k=; b=LFJF3Utjcchk7PV8AIQmPBRbdo3Z/ZOMFVR8u6fpO4SYz2gMwpW6Pjt7kV84unDhU0+87n2aU3G9LNu1i0Zftoe31WjwpJw7xAoHbk9QUKUEsI35Lyz6xACtR8APZPs3gmfmpI9pRrfOvaj+GL4owhn7aUujMrU9IcNRYizEz+5z2m1efdLCpzmaD3n3AcB0ZTiwpYgtTV1kjsEWE+ZC0mRP9DQDKJ4u0Q0dVd1Du1stzohebCXF4bHwSXC35GMrYBtEkAvXzio3MfIY1sel3LuSYXTwHzESLbabxF6b/jVfsHLQr1nurnM0KwYgmP7Ur/cFgqImWFplvb9IIvS0/g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AOarUcSUPmHAQD8NK9r9gNbzlnD9RKSI0XakRMCt7/k=; b=NIp8rQxn1XmQ+IxpI0EcGDQHthb0GPYeX69alzLcB4cqzjFYAO15hrueNLhrRXdCLMNW7seylCXFF3OLDVGAQYudGh7MC+Cpv2EcinW6oMuvXcVD3iusbIhzka02PzL+lUOeSep8Vt/73EndGaeV334SPkY6sOusUW3q/9u9CYk=
Received: from BN6PR11MB4068.namprd11.prod.outlook.com (2603:10b6:405:7c::31) by BN6PR11MB1267.namprd11.prod.outlook.com (2603:10b6:404:3d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.20; Thu, 14 May 2020 19:05:44 +0000
Received: from BN6PR11MB4068.namprd11.prod.outlook.com ([fe80::6d40:9e8a:252a:4f34]) by BN6PR11MB4068.namprd11.prod.outlook.com ([fe80::6d40:9e8a:252a:4f34%3]) with mapi id 15.20.3000.016; Thu, 14 May 2020 19:05:44 +0000
From: "Nagendra Kumar Nainar (naikumar)" <naikumar@cisco.com>
To: "Rob Wilton (rwilton)" <rwilton@cisco.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-sfc-oam-framework@ietf.org" <draft-ietf-sfc-oam-framework@ietf.org>, "sfc-chairs@ietf.org" <sfc-chairs@ietf.org>, "sfc@ietf.org" <sfc@ietf.org>, Tal Mizrahi <tal.mizrahi.phd@gmail.com>
Thread-Topic: Robert Wilton's No Objection on draft-ietf-sfc-oam-framework-13: (with COMMENT)
Thread-Index: AQHWJGRAak5pSoDWdkKMJcs+Bwue6qinuX6A
Date: Thu, 14 May 2020 19:05:43 +0000
Message-ID: <9FD13724-EBAB-4D95-9A97-D93265FC3F0E@cisco.com>
References: <158885159205.21185.9872562709443924192@ietfa.amsl.com>
In-Reply-To: <158885159205.21185.9872562709443924192@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.35.20030802
authentication-results: cisco.com; dkim=none (message not signed) header.d=none;cisco.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [173.38.117.67]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8a09cfab-afeb-4068-b8d3-08d7f839cd75
x-ms-traffictypediagnostic: BN6PR11MB1267:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BN6PR11MB1267E242BB55DC5B60E7409DC6BC0@BN6PR11MB1267.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 040359335D
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: UxU8fQm4gGQDQu2m0hQNGDNc8fpHVbSJbSqfw76ccRFgElqkdrunxL9Z9K6i37oS/TjIQNoxexiZsYT+2DwdxQkY/4o/YR6mg3CShpKaUnLinxZmcR1INKrnb/CH6B3RN1UdadU+bfA510MoORHzNmRGvMMHLM7HIopqmYEvCKFLvgOu80CuYGJ9QVv5FKgTHyxFfBBI5E/OnS/h5eR+pRyi8w2obaWyPLAROJTILozY5+uyTVQBQvkg+1uh5hixs6dFqbFQ+Sa3DLMOSzF5caeQDjly/5mgXtF7eyoN7EXrRJKi9GF3Ir3wcuE58qSYb4mFeL95Mv87LZY3JNrDCJfBsBWNDuY1Q/E/vESe3sORbnrgQWIjmuCfQi166xF3upar4UwaW6ptio7/ZEtBx5qMKzsoDULJSQq5qoOVQuAf0ULVfSVtRJ3qYUhAvf277yLu9JcEnhapaD6iKh17yoTwsGKSUuLjjc2J/QjL7bx8d3k/v+tKf6c30QxTqyK7SWLIH8NncsBCsxZMx56kGA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN6PR11MB4068.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(39860400002)(346002)(376002)(366004)(396003)(86362001)(33656002)(64756008)(4326008)(6512007)(110136005)(26005)(6506007)(6486002)(54906003)(71200400001)(5660300002)(2616005)(186003)(316002)(8936002)(36756003)(2906002)(66476007)(76116006)(966005)(66446008)(478600001)(8676002)(66556008)(91956017)(66946007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: QWXcuMJqzrnyhLlsZk03jDZam9YSRpezrnlNebkA3wJvVi9E0Zr5oRnATBLGRUNLqgOhcjCbcjzbupaE5Bo7bqcfrblYXU8d2ZH6mtJl+Uu5sHS1etsdB5iXAb/6tDrOBJkn0BLOFSaCpNDY8D1FyjdTnUgtQ6kGV8TziusICOjqyiyVBFBd8HA9zSMTd3qoaDAagprlrmvEMFYV3c/JCQNw2RzsKY68falSG0jAK9+VsjrRVi7dBgwmcCKdm6UeAhOcXtHiwqMIrCEmKYAQlSRCLRCh3TEsag7WHAlWGvdl/MJ/Hkb9FVAFwKTtigyG5ECXl0owPd6lp3jCeN5elvQ4NYYyOdXp4jz8e0sjF3UBve0vB6rrDFSqORmBPC1FLP9YO/LgcmlhKPQJMfq4NlO1rBGL2TkAk2VgJV9t0p4Di8hm5cVhWxNJNb4O3+2/DKeeT+vN4kdC9c0TlujMDKfQBJRLuOF3yaa6n0Yw4K/VqU3JQs5cz7EmMMWve5j9
Content-Type: text/plain; charset="utf-8"
Content-ID: <05ACD2F45F85D5448BB7B730644EE622@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8a09cfab-afeb-4068-b8d3-08d7f839cd75
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 May 2020 19:05:43.7444 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yaD1f/r0ryKDtii+tOK/4HI0wfsD0w3ujfWJA2OK1XPpRgkrLLjIe8nQuCUfpwcbn82IBMFDg0X7rKHIkC4uZg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB1267
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.13, xch-aln-003.cisco.com
X-Outbound-Node: rcdn-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/FZYMTDaHTrw8PsAIQjAFL6czr3Q>
Subject: Re: [sfc] Robert Wilton's No Objection on draft-ietf-sfc-oam-framework-13: (with COMMENT)
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 May 2020 19:05:50 -0000
Hi Robert,
Thanks a lot for the great comments. Please see inline for the response..
Robert Wilton has entered the following ballot position for
draft-ietf-sfc-oam-framework-13: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-sfc-oam-framework/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
I found this document to be pretty easy to read and understand, so thank you
for your work in this area.
<Nagendra> Thank you (
I have a few comments, that may have already been raised by other reviewers:
2. SFC Layering Model
While Figure 1 depicts an example where SFs are enabled as virtual
entities, the SFC architecture does not make any assumptions on how
the SFC data plane elements are deployed. The SFC architecture is
flexible and accommodates physical or virtual entity deployment. SFC
OAM accounts for this flexibility and accordingly it is applicable
whether SFC data plane elements are deployed directly on physical
hardware, as one or more Virtual Machines, or any combination
thereof.
Would "SF data plane elements" be more clear than "SFC data plane elements"?
<Nagendra> "SF data plane elements" may give an impression that it is referring to the service function itself. Scanning through other SFC related documents, most (if not all) of the document refers it as "SFC data plane elements".
3. SFC OAM Components
3. Classifier component: OAM functions applicable at this component
includes testing the validity of the classification rules and
detecting any incoherence among the rules installed in different
classifiers.
It was not entirely clear to me what is meant by different classifiers, so
possibly this could be elaborated slightly.
<Nagendra> Section 2.2 of RFC7665 list some of the common cases with more than one classifier. The above statement is intended to verify the classification policy on different such classifiers. Does the below text looks better?
OLD:
. Classifier component: OAM functions applicable at this component
includes testing the validity of the classification rules and
detecting any incoherence among the rules installed in different
classifiers.
New:
. Classifier component: OAM functions applicable at this component
includes testing the validity of the classification rules and
detecting any misclassification or incoherence among the rules
installed when more than one classifier is used as explained
in section 2.2 of [RFC7665].
4.3. Trace Functions
"TTL" is used in various places. Does that need to be listed in the acronyms?
<Nagendra> TTL is a well-known abbreviation as per https://www.rfc-editor.org/materials/abbrev.expansion.txt.
6.2. OAM Packet Processing and Forwarding Semantic
Upon receiving an OAM packet, SFC-aware SFs may choose to discard the
packet if it does not support OAM functionality or if the local
policy prevents them from processing the OAM packet. When an SF
supports OAM functionality, it is desirable to process the packet and
provide an appropriate response to allow end-to-end verification. To
limit performance impact due to OAM, SFC-aware SFs should rate limit
the number of OAM packets processed.
Doesn't this mean that SFC is potentially altering the thing being measured?
Wouldn't it be better instead to rate limit the number of OAM packets that are
being generated in the first place?
<Nagendra> Any SF may be part of SFC that originates at different classifiers. So, rate limiting at the classifier may not be appropriate as the classifier may not be aware if there is any other OAM traffic (or the rate) originated by other classifiers.
6.1. SFC OAM Packet Marker
The SFC OAM function described in Section 4 performed at the service
layer or overlay network layer must mark the packet as an OAM packet
so that relevant nodes can differentiate an OAM packet from data
packets. The base header defined in Section 2.2 of [RFC8300] assigns
a bit to indicate OAM packets. When NSH encapsulation is used at the
service layer, the O bit must be set to differentiate the OAM packet.
Any other overlay encapsulations used at the service layer must have
a way to mark the packet as OAM packet.
"must be set" => "MUST be set" & "must have a way" => "MUST have a way"?
<Nagendra> One of the common suggestions from different reviewers is to avoid using normative statement and so we are updating the draft to avoid using the same. Adhering to that, I think we can leave the above statements as it is.
But I question whether these should be musts at all. E.g. by setting an OAM
bit you allow the intermediate functions to potentially modify their behaviour,
making it harder to know that the thing under test isn't changing its behaviour
because it is being tested. E.g. could another choice be to use some reserved
address space to simulate flows without requiring the packets to be explicitly
marked?
<Nagendra>While your suggestion appears to be another way to differentiate the OAM packets, the use of reserved space address is not much different from the use of O bit. Even with the reserved space address, the SF with the functionality such as "treating the packet header" may still have to deviate from its functionality. The deviation is triggered based on the reserved address in this case.
7. Manageability Considerations
Table 4: OAM Tool GAP Analysis
+----------------+--------------+-------------+--------+-------------+
| Layer |Configuration |Orchestration|Topology|Notification |
+----------------+--------------+-------------+--------+-------------+
| Underlay N/w |CLI, NETCONF | CLI, NETCONF|SNMP |SNMP, Syslog,|
| | | | |NETCONF |
+----------------+--------------+-------------+--------+-------------+
| Overlay N/w |CLI, NETCONF | CLI, NETCONF|SNMP |SNMP, Syslog |
| | | | |NETCONF |
+----------------+--------------+-------------+--------+-------------+
| Classifier | CLI, NETCONF | CLI, NETCONF| None | None |
+----------------+--------------+-------------+--------+-------------+
| SF |CLI, NETCONF | CLI, NETCONF| None | None |
+----------------+--------------+-------------+--------+-------------+
| SFC |CLI, NETCONF | CLI, NETCONF| None | None |
+----------------+--------------+-------------+--------+-------------+
It would probably be useful for YANG to be listed here as well under
configuration and Orchestration. RESTCONF or gNMI could potentially also be
listed, although I note that this table is not intended to be exhaustive.
<Nagendra> Based on the comment from another reviewer, we updated the respective section as below. Does that take care of the above query?
OLD:
As depicted in Table 4, information and data models are needed for
configuration, manageability and orchestration for SFC.
NEW:
While the NETCONF capabilities are readily available as depicted in Table 4, the information and data models are needed for
configuration, manageability and orchestration for SFC.
There is also a base YANG topology model, RFC 8345, and other extensions being
defined, at least for Overlay and Underlay networks. Would they be appropriate
for the topology column?
<Nagendra> I think so. We can update the topology column to reflect the same.
Once again, thanks a lot for the great comments.
Regards,
Nagendra
- [sfc] Robert Wilton's No Objection on draft-ietf-… Robert Wilton via Datatracker
- Re: [sfc] Robert Wilton's No Objection on draft-i… Nagendra Kumar Nainar (naikumar)