IETF Logo Mail Archive

Re: [sfc] Benjamin Kaduk's Discuss on draft-ietf-sfc-nsh-tlv-09: (with DISCUSS and COMMENT)

Martin Vigoureux <martin.vigoureux@nokia.com> Thu, 02 December 2021 12:31 UTC

Return-Path: <martin.vigoureux@nokia.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 148753A1081; Thu, 2 Dec 2021 04:31:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.453
X-Spam-Level:
X-Spam-Status: No, score=-4.453 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-1.852, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JrhT0XMfLRhL; Thu, 2 Dec 2021 04:31:25 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2137.outbound.protection.outlook.com [40.107.20.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 476D43A1079; Thu, 2 Dec 2021 04:31:25 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UvssdbfIIT2HWYJZ8/hnDUTgaR1vA553brWBxaFaxa+E5SZAXjw9rX3/K3soq3ZJBnrFSDO0PABnpGjL8nZBrnXZLafapNAHeLtfmrIZl/s5JlHiSCw50PE/u1a+kYYN3A5doyIM0lpxZrRBueeTxVPhc6XfzeNjmIXrXgdiZyDeNILSXugIJ/0VoHbOXquaZ7ACB7lKojrYJ5MPtFMAwyVxdN3vfcMiWoRzzMCSfxQz72d18963cMqHGBKFcHp0NAH/SLwDjuGRcT3Yq8UxidOs65KUg7Cs6zPGo2GoRbArDcxGherQZ030MRgZTz5DjbzKwr0aBJJ6bOicbJBySw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0pC9hn1nbf+zZACX50wXweWztK0vb+fav/+qDVj6Wu0=; b=k3VvVPT1Y8zuGgc6tY8ao26pbXZQhPEWSssqTJTAOLKdddC5hApPWnQRACKhZNvE7S37ajImQTd7ZJGsOTE84uLMQEVkuumOU1lwEXW002ZWiXJxmj30sJ2a6vIfjA+afZ5xOPtp0xrVkAmh0uGJG1yKTMMp6bYro5LCinNLYmm7OrrWshT1+Q1WdAC8DI4hRyYo+OUDVyDrd6tudKGYLVLt1/PzLcZtEOzPhnhWVmvE9OkMzC4dfAJ2GvlaFV1hKP5V89vlPZerDNv/GPapuWVd+HBrTSEtqppQt7LdXIIMmpsjqTmTe0dqw4sZfsBodZbB1BhNka5dTYAA4ALXXg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0pC9hn1nbf+zZACX50wXweWztK0vb+fav/+qDVj6Wu0=; b=hCDC60nLhQDgbyY18wO2DtMdF/yiLwJi/tgrhfYhNZJ7SZbX1zoo/hTdkZpbPZSxvc3irePSf/MKbJMTitlIl9tawcP9FzDRu9tB0kaAgKHyzwIKDUsw6DpQbGzyO2y1BRPhT6EYw0n9MR11auDHOnbI4OWJh4b9OUDkt48LKk4=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com;
Received: from AM6PR07MB5560.eurprd07.prod.outlook.com (2603:10a6:20b:6f::22) by AM5PR0701MB2370.eurprd07.prod.outlook.com (2603:10a6:203:11::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.6; Thu, 2 Dec 2021 12:31:08 +0000
Received: from AM6PR07MB5560.eurprd07.prod.outlook.com ([fe80::6cad:f356:5763:7b87]) by AM6PR07MB5560.eurprd07.prod.outlook.com ([fe80::6cad:f356:5763:7b87%6]) with mapi id 15.20.4755.012; Thu, 2 Dec 2021 12:31:08 +0000
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>
Cc: draft-ietf-sfc-nsh-tlv@ietf.org, sfc-chairs@ietf.org, sfc@ietf.org, gregimirsky@gmail.com
References: <163821236125.28147.303890929675278219@ietfa.amsl.com>
From: Martin Vigoureux <martin.vigoureux@nokia.com>
Message-ID: <0a4aa262-af02-a3b4-8ab9-0fa02b41f185@nokia.com>
Date: Thu, 2 Dec 2021 13:30:57 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0
In-Reply-To: <163821236125.28147.303890929675278219@ietfa.amsl.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: CH2PR04CA0003.namprd04.prod.outlook.com (2603:10b6:610:52::13) To AM6PR07MB5560.eurprd07.prod.outlook.com (2603:10a6:20b:6f::22)
MIME-Version: 1.0
Received: from [172.30.2.230] (131.228.2.20) by CH2PR04CA0003.namprd04.prod.outlook.com (2603:10b6:610:52::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4734.22 via Frontend Transport; Thu, 2 Dec 2021 12:31:04 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 4ca4b5d7-1c99-44ef-fe43-08d9b58f9e00
X-MS-TrafficTypeDiagnostic: AM5PR0701MB2370:EE_
X-Microsoft-Antispam-PRVS: <AM5PR0701MB2370D4AFE2D9D525E4BC874E8C699@AM5PR0701MB2370.eurprd07.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: tLrfwZiXbuNb2Gkfx5GHfa2lGxtGHlvtn2VdsVP+KPSgrrUl2SUdM9SQO7in3YijOjrFuC1Zojwq3YwmOYotuphq/Mjy4BdpQmiJQ2ohgOMAKFMRT6b9pKzV3c1EDRzdKAVvJsC2WuRelVB5rGxtS/WK5JGTy+3NfE8wLIHgpoOT5Ard5LXFsDQzxdp846ue5Bc3eoBsK/Zm1fIvlimY5zURHyDzhRMJuUXuHdt8zYjxzJuYkE8zzawvCJoFVXSEcET9Owx6oJswOhTqTXzcIrla3I2+LGLC6bVlAZykG2Jnn7uaACIvKFTFTqvrllrLDnbz+gXYzSrGKzh3ZEiAU6zVQNXpkW5JVUWUyzqpxINCyNBwGjegDNwKazJf32PodkHogVMEaVjT392urePaUZZS5RxueZ8AWUnI+QtNA1pi7n40VwKXBiJLkkREB4V2Ll0iX3I0CkJMlLztS+NT42/PDxz8epCcUBc5jZsiLMsd6F4giS4d8RGq/PfD6KSKOCEr0aiF/FMkoQ1aE4Pvn3Wcio35vmKs8y63xUCxM2xspZyc5/PsvwPFEjQKkaKvrl5V1U4Z8YlN8j/egAd5xLRP3e1coFd0deAYpiJg+nFMsykwg6+Kujm0/s2Epxv2w8l+eAwb4T3SYaAWrIZEs2GJDzSPi2VRPxFWgDKX1pZJVmmFCYOue5AqXTb5xtG6aKVGEa37lISQFEW/aGc7xUQw5PJrvHUWlCVGMyQa7x8OpRHqc9wyAmSMstmz9I5I4ov4a/jJgqN+KWPpoZz0L9JJ9bgGoFRhO2tYD1l3MKEIpRkBd2bENZHBQmjZA9NhKW8OKWi/ewLnNazpnbdVz+7aQ6mgjRCf+BEQl1WhqsQqRjjNimo4kNuA2vLpRPa0wnCkrBJMg1dHE8QIv+BOz5Kixjof3O22hOYHhmp08/gG9niuxOc8bizdON+ggEgE
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR07MB5560.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(4326008)(52116002)(83380400001)(2906002)(86362001)(44832011)(66574015)(4001150100001)(956004)(2616005)(8936002)(5660300002)(66556008)(6486002)(38350700002)(82960400001)(6666004)(31696002)(316002)(186003)(38100700002)(66476007)(66946007)(36756003)(26005)(110136005)(966005)(508600001)(16576012)(31686004)(8676002)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MGdMQytSOVZ5MjVHTmtaU2lPVENUYnZ0TkZlM3BldFRPNTdGSTdjNDBCNWJn?= =?utf-8?B?dWpOblVRYWZhdFBKZ1B3UUdYOVJrOVBSNGZHQU80M1Rvb1Frcml3MlUxVk5w?= =?utf-8?B?b0pwajFVZXZaWkRKVFB3NlBtSU40NVVrc29TeFlDTUVMMTR1UGpkWUtJMVpT?= =?utf-8?B?NzZEQmhoeVpuSWxKcm0wSXFiaDVZS1F0b0NYeHMrZzFoN3JSa1BmVHJMbDY1?= =?utf-8?B?cWVCOTdJWHQza2t2N21QaGR4M1luU0VRNE5LMm9NdkwrSkxDVHVWR2xWYkpx?= =?utf-8?B?Q1pqSStLd3dwSWc4VzZjbWlOZnJrYUNkRFBYZVRaUkNMU0o2U0hENEowUWJt?= =?utf-8?B?Y3R0bUk0Zko0ODJZajB5SVdOOWt6cTh1Nnl6TmpiWFZGT2VvMDN6WkFObUY2?= =?utf-8?B?eFRVSW1xK1RZWk1DNXdVay9rMEFNQWhyWWVwdEU2bDM0SE9HQXIzU2pUOHE4?= =?utf-8?B?NWZsS05tcy8wcjdTWUxIS21WbDN4WC94SENOTEtZTkJMUkp5S3RBY3lkTSty?= =?utf-8?B?ZkVOSlpoMC9sZDdtUVFNK3RBYVhtVEJ5RzJtNEZOV2dyMkxvUzIyTGdVK3RU?= =?utf-8?B?UThJZFhhRmJnYTc3MjVoQ1RQUWRob00zVFRYVHdramVHWUhhbDB2ajl4aEFR?= =?utf-8?B?THFiOWhlUnlBSEl0dXdyK3BNZmtWRllrc3R4WTFhZXM4OUhXQzJ4TFRtSFBH?= =?utf-8?B?em16aFFhUXdqTTkzTzhlNDRtZ1BTZTBFQjQ0VlhacXVFWHBhcGdFbHNkTlMr?= =?utf-8?B?ck43bHY0cjE5TllQbkJrVHVOQW9aNTNtQzMxWTFLRm1xbVRsT0MrMzBjeGlm?= =?utf-8?B?OGtCU21yeFNvZXl4NGtPcHE2U1V5Zk9Xc0VPRlROaFZadStHUXJCdVNWWC9X?= =?utf-8?B?RGx6RWc1Rm1NMzM4eFJMTDd4VnV6cDcwZ0gzL2pUQVBmUjltMGpPcEt3S1Zw?= =?utf-8?B?S2hOK2RUNGwyRFNOVkd5RzFiMTN6R05pQnVXaFRlVWVGSkJ0TnNsSlFhcE92?= =?utf-8?B?bmZzbFB0SHgwckU2RVVqQnNyNnBrcHhxMkFmL3dXb21kRFJlN0oxSzRkUXFn?= =?utf-8?B?S3dSdnh4MlVsM2ppN0llaWNEVVNtMmxoT2xEMkdkVmRKdWlXSlRmZXQzYVNU?= =?utf-8?B?RndadS9NTEFZZTg0R1NxQ3M4dVVsSndpcUxpWitIT3diM3JqS0JiSGFNUCtI?= =?utf-8?B?bHc4NUxvR1c5WXZiNVg1RytHUDlUYXVqaWp2cmJVTlM4aXo0cktTS3NtOVNH?= =?utf-8?B?SWJUM0c3VlVYTkNUa0c1aG50Q3ZObk5VdUFyUDhRZjFyMThYOFhjOUdXaUxN?= =?utf-8?B?em5NYXJNZmdhNm85TUltbzhpZEJrSjJKM0k1aW5yOVV3NHlmUVVleVQ2TW9j?= =?utf-8?B?NEQ3RzlmUEtiNFhTcDRjeG5rekJGdnEvaVY3MUR0ZDZSckVmZ0docktWZ0Ra?= =?utf-8?B?SUpBNEtvNktEei80KzQ1bXB6eFVYcGVVdjVkRzBTQ1NzYnRyOFNPSkFLTzV4?= =?utf-8?B?L2xlMDU4Z05TbXNtQnJMc05nMG4zUXhtcU1seHhFVVJaRDREdVpIZ2tHQ1Ro?= =?utf-8?B?OWtGUU9EK0o0dTBYWjhDeHFSNE5CcGY5TjhVamNtVFdocVloMWtjQ0E0MGNE?= =?utf-8?B?OUlmNWh0enB2cDRpTjlhWlRuSWJtV2d4eU96K215cnl5bUNzY2pLSm90SWZV?= =?utf-8?B?TmhKWmo0cFFodUkxMVBtMzdxVk5WUmNGdCtGbzBhamUxZThLYnNabjJsL3JB?= =?utf-8?B?OVdkUlZZakpLbHE1eU1sYTNyYTZpd1B5bzVZbkphKzBiTWppNFRHeEREM1Y3?= =?utf-8?B?a1gxSUpmSmh1VVpYcHB4cVBraXFiUnFqYnhEN3pKdTNFUU9SN28wNzVVM1Uw?= =?utf-8?B?aFljWjFzRlEycFZnNzhjSnA5MVI0SEZiWWRraWVsTzY3dHdYaDY0UFR4dFNG?= =?utf-8?B?WlI5T2tCME5iUDh1MzNkVUl0UjBiT0pZdkJFcXBKUUtLbitsVzVoVE9jUEp5?= =?utf-8?B?TXpNN3BVRlU2ZGlVc0JWeEs3d1h2cDdFK1pVdXRhQ3dkUFY3aUZ0b0tjcW5V?= =?utf-8?B?RDdCWW5QQjN5Z2ozTldOVldieSt1NlIwQ2JweVhyNWVkazNRSFMybWl6RnpP?= =?utf-8?B?NW1uWit6a3JqV3I0TkUxWTNIQmtvOVJQZnNSN1JjUm5vVk10RFdNcHpncTAr?= =?utf-8?B?clhpcnpoa2VCU1BVNk1MWFNKK25YS2tXUlVyMTk5aUlwMERZNXVWTWdYVVBF?= =?utf-8?B?QVlxSkkycHVtdUQwYXl3WEFjRkpnPT0=?=
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4ca4b5d7-1c99-44ef-fe43-08d9b58f9e00
X-MS-Exchange-CrossTenant-AuthSource: AM6PR07MB5560.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Dec 2021 12:31:08.6857 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: num4NOHpIiTmQ+6Spj3a42Y6D/clKTSNfHHXqO2HQE4q9l8o12uytM3fwGIRQpdiZp8IjtSKHNJZB1KhsL1iNr99ZZXbn5vihc21KbW5adc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0701MB2370
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/L97GsfP0LVV8mSif2GJqw7iv_Ww>
Subject: Re: [sfc] Benjamin Kaduk's Discuss on draft-ietf-sfc-nsh-tlv-09: (with DISCUSS and COMMENT)
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Dec 2021 12:31:30 -0000

Hi Ben,

thank you for your review.
Top posting since I'm only replying to point 1: do you think borrowing 
text/ideas from rfc8979 could help here?

Thank you

-m

Le 2021-11-29 à 19:59, Benjamin Kaduk via Datatracker a écrit :
> Benjamin Kaduk has entered the following ballot position for
> draft-ietf-sfc-nsh-tlv-09: Discuss
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/blog/handling-iesg-ballot-positions/
> for more information about how to handle DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh-tlv/
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> (1) RFC 8300 is pretty clear that "Metadata privacy and security
> considerations are a matter for the documents that define metadata
> format."  Some of the metadata context headers defined in this document
> clearly have privacy considerations that need to be documented (e.g.,
> policy ID and source/destination group serve to concretely identify
> flows that are related in some way), though some may not have much that
> needs documenting (e.g., the forwarding context metadata seems to just
> be extracting out information that is already present in the packet
> being wrapped).  Regardless, we need to have some discussion of the
> privacy and security considerations of the new metadata context headers,
> even if that is just "no new considerations" for some of them.
> 
> (2) I think we need to discuss the Flow ID context header further.  Is
> it intended to just be a container to hold a flow identifier already
> present in the contained packet (such as the IPv6 Flow Label or MPLS
> Entropy Label that are called out), or can it also be used to apply a
> new flow identifier at the SFC layer?
> 
> The named examples of a flow ID are both 20 bits long; if that is an
> exhaustive listing, shouldn't we update the figure accordingly (to
> include Length=3, four leading bits of padding, and a trailing byte of
> padding)?  If that is not an exhaustive listing and longer flow
> identifiers are expected, how do we know what length of flow identifier
> is being conveyed?
> 
> (3) If we are to allow for specifying the "logical grouping of source and/or
> destination objects" in §4.6 (emphasis on "and/or"), but the context
> header always conveys both a source group and dest group field, do we
> need to reserve a dedicated value for "no group information specified"?
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> Section 1
> 
>     This document does not address metadata usage, updating/chaining of
>     metadata, or other SFP functions.  Those topics are described in
>     [RFC8300].
> 
> I'm not entirely sure what is meant by "chaining of metadata" (unless
> it's just a synonym for "updating of metadata"?), and having reviewed
> all 18 instances of "chain" and 88 instances of "metadata" in RFC 8300,
> I am not sure which part you're intending to refer to by it.  Could you
> please point to a more specific part of RFC 8300 (at least in this email
> thread for now, not necessarily in a document update)?
> 
> Section 4.1
> 
> I suggest putting a context (forgive the pun) indicator in the figure
> legends, e.g., "Figure 4: Forwarding Context - 2 (QinQ)".  The
> information is already available elsewhere, but having it in the caption
> helps focus the reader on the important/relevant part of the figure.
> 
> Section 4.3
> 
> It might be interesting to say something about when the SPI itself
> suffices to identify the ingress node vs. when this metadata context
> header is needed.
> 
>        Node ID: Represents an opaque value of the ingress network node
>        ID.  The structure and semantics of this field are deployment
>        specific.  For example, Node ID may be a 4 bytes IPv4 address Node
>        ID, or a 16 bytes IPv6 address Node ID, or a 6 bytes MAC address,
>        or 8 bytes MAC address (EUI-64), etc,.
> 
> There seems to be some dissonance between saying this field is "an
> opaque value" and also saying that it might be an IP or MAC address.  In
> the vein of Francesca's Discuss point, I don't think we can have
> interoperability if the NSH implementation is expected to process this
> as IP/MAC address information (as opposed to just an opaque identifier).
> 
> Section 8.2
> 
> URLs for [GROUPBASEDPOLICY] and [GROUPPOLICY] would be helpful.
> 
> 
> 
>

v2.8.7 | Report a Bug | By Email