IETF Logo Mail Archive

Re: [sfc] I-D Action: draft-ietf-sfc-nsh-ecn-support-09.txt

Donald Eastlake <d3e3e3@gmail.com> Thu, 21 April 2022 16:03 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E92C33A0BE1 for <sfc@ietfa.amsl.com>; Thu, 21 Apr 2022 09:03:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.853
X-Spam-Level:
X-Spam-Status: No, score=-1.853 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pY32ZkvZZXoW for <sfc@ietfa.amsl.com>; Thu, 21 Apr 2022 09:03:07 -0700 (PDT)
Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E0213A097C for <sfc@ietf.org>; Thu, 21 Apr 2022 09:03:07 -0700 (PDT)
Received: by mail-lf1-x131.google.com with SMTP id x33so9546018lfu.1 for <sfc@ietf.org>; Thu, 21 Apr 2022 09:03:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CBLWQHa6DE8+pJLx25v/oZ+5B6AZlwuNoZWTu+I5fZY=; b=AONO8Vv86xRS9T3ZNIRFkpEb233d/0+ug4M38O77epHn0oipzmuFlEVK/V/ZK/71ib EfFJOiC6wjvPtVERIY6g2p1EGmNvvmMxDxNBY1cwNa0/weLN7lj99cuEBgf5+7pfMaQv kjUVfnLH5dTCOmh1Gg6+11ViwidsM49JezaLk6xMqeG8Rbqa8FR6gOW4YIhG7f9jIP4L ukKHUUuxzakpMDhR9/RZ0jMWyKp7MoSygyM34UpTZ5GytLYmkXmijZb+qxsYrmzxkcAm VYzueICezOR4tITttl+Pr+8p5X6339v1RF24VWT06yuTaplyMnCGbEbDQnsH9/tFORbR NfUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CBLWQHa6DE8+pJLx25v/oZ+5B6AZlwuNoZWTu+I5fZY=; b=LVZfcN9yAd7yPNjLb2lN1i+ziGcd0AoA02FFbAfJM9psV314LTs9E3KcMertPcBHeD dFVZQcJiwYSiFW7szcmDUdRV9mGWMDoGYKAIEt5h0L/kUxQf3IxxfTyjYcOZMbq9yhQk nsQmwRkPM1L9CeQWnSiaLE97aLleQ5134Hs5AYMcv9aWGqPZ6bGfVDYbdpi8G+rHODXX LlG6O2uOulW4QRjJtRXoq7PgHTRoFX53xsqusDlassFx5MBIs4UPusf0fX+tI93c7gxU VZ4AkF6b/3iYAG44ZKladxNZ7uBFA5JS9cSSC8icvhhxzfDEJB5zhs43ms6c6qir6NkA z8tQ==
X-Gm-Message-State: AOAM5327yHXXRSKZ5fg1mYER7bEjaLsHOKUbZRjUPpDAEKW4e+Sw+ymj zQ0Yx0Y3Pjc21NfM+oP4ukadr9sZXcMJ+2vn1aVDBmvk
X-Google-Smtp-Source: ABdhPJwYYKCadiq0YPiPqa/S7ySJidsYhYY14iE9ZLhQCCjkET6JpEgIsk+B9i6tXezjbgg6GtdMtEbYcHXoVCld5R4=
X-Received: by 2002:a05:6512:1155:b0:471:4c94:97c with SMTP id m21-20020a056512115500b004714c94097cmr143355lfg.338.1650556984138; Thu, 21 Apr 2022 09:03:04 -0700 (PDT)
MIME-Version: 1.0
References: <165031936696.2628.12249583234819069643@ietfa.amsl.com> <CAF4+nEFxgS_8MazZjV-RM+xdCuHCcJnNoEmQa+AXnVp_Dqhgxw@mail.gmail.com> <CAA=duU0WXbTkAH50HXV7fT6kfrxMZ6JuJ6v0V1isL54opUR+8A@mail.gmail.com> <16754_1650372035_625EADC3_16754_66_33_eb5e074ed5314a508cb39c47988d8f7f@orange.com> <CAF4+nEFvd8aZTfPRcHrQo_ytiTTrS7TxaU_6_=UnDOkzghR1sw@mail.gmail.com> <23602_1650434890_625FA34A_23602_359_1_5bb576db092f44c39570f0a1d4f66be8@orange.com>
In-Reply-To: <23602_1650434890_625FA34A_23602_359_1_5bb576db092f44c39570f0a1d4f66be8@orange.com>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Thu, 21 Apr 2022 12:02:52 -0400
Message-ID: <CAF4+nEEnWYpPk2-F9sv0rbM4rxZoMFW6s7Y3Vt8ZtWWabd1q-Q@mail.gmail.com>
To: mohamed.boucadair@orange.com
Cc: "sfc@ietf.org" <sfc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b8a18505dd2c3eb8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/OD2Zghy2LfRc7GWdtN442m3MB98>
Subject: Re: [sfc] I-D Action: draft-ietf-sfc-nsh-ecn-support-09.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Apr 2022 16:03:13 -0000

Hi Med,

Thanks for your response and various pointers in it to things that may be
included in the next revision.

However, there is one point on which I disagree with you:
Say you have a network of N nodes and are adding a feature. Furthermore,
there are ways of using that network that need that feature and that make
use of the feature at different subsets of those N nodes. While it might be
desirable to implement the feature on all nodes, it is also possible to
simply choose to make use of the network such that you only use the nodes
at which the feature is implemented. So, I completely disagree
that specification of such a feature must mandate implementation at every
node in such a network.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com


On Wed, Apr 20, 2022 at 2:08 AM <mohamed.boucadair@orange.com> wrote:

> Hi Donald,
>
>
>
> Please see inline.
>
>
>
> Cheers,
>
> Med
>
>
>
> *De :* Donald Eastlake <d3e3e3@gmail.com>
> *Envoyé :* mercredi 20 avril 2022 01:02
> *À :* BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com>
> *Cc :* sfc@ietf.org
> *Objet :* Re: [sfc] I-D Action: draft-ietf-sfc-nsh-ecn-support-09.txt
>
>
>
> Hi Med,
>
>
>
> On Tue, Apr 19, 2022 at 8:40 AM <mohamed.boucadair@orange.com> wrote:
>
> Hi Andy, all,
>
>
>
> One of the reasons why I suggested to consider Experimental is that I’m
> not sure that it is justified to require classifiers and **every** SFFs to
> behave as **both** IPFIX collectors/exporters while other approaches can be
> considered:
>
>
>
> I don't think the draft imposes a requirement on every SFF to be an IPFIX
> collector/exporter, just on the ingress and egress nodes for the flows of
> interest.
>
> *[Med] I think it does. The reasoning is as follows: *
>
> ** The SFC architecture does not make any assumption on the chains that
> can be instantiated in a domain. So, every SFF can potentially terminate a
> service chain.*
>
> ** An SFF that terminates a service chain is the egress for that chain. A
> terminating SFF is responsible for striping the NSH. *
>
>
>
> On the other hand, it is helpful for every SFF and, indeed, every node
> containing a queue that could  be congested, to be ECN-aware.
>
>
>
> But it is not fatal if some are not. It is just the congestion at
> non-ECN-aware nodes will be unmanaged,
>
> *[Med] I think you have already a note in the draft that covers this part.
> *
>
>
>
> e.g., the cumulative data from ingress to last SFF can be passed using a
> dedicated NSH TLV and, as such, we can get rid of this reco:
>
>
>
> The ingress MUST be configured to know the
>
>    relevant egress for a flow.
>
>
>
> I agree that the above "MUST" statement, which was just added in the last
> revision, needs further elaboration. There needs to be some way to get
> IPFIX messages from ingress to egress. I can think of three general ways:
>
> *[Med] Thank you for sharing this fair summary.*
>
>
>
> 1. IPFIX over the SFC domain's transport layer protocol such as sending
> the messages via SCTP over IP if IP is supported throughout the domain,
> which is the recommended method if it is available. This requires the
> ingress to be configured with additional information.
>
>
>
> *[Med] Indeed. Please note that the configured egress for a chain may not
> be the actual one that will be used for a given flow when reclassification
> happens on-path (rfc7665#section-4.8). An approach to avoid the
> configuration of the egress nodes is to use an NSH OAM trace message to
> discover the egress for a chain and then use whatever discovered egress to
> send the ecn data.  *
>
>
>
> 2. IPFIX over NSH. This would require assigning a new Next Protocol value
> for the NSH Next Protocol field for IPFIX. (Alternatively, you could use
> something more complex like IPFIX over UDP over IP over NSH but it is not
> clear what would be gained by the additional complexity and packet length.)
> This would normally use a different SPI, which would have to be configured,
> from the SPI used for data, to convey the IPFIX message more directly from
> ingress to egress.
>
>
>
> *[Med] I guess this one requires also knowing the egress nodes.  *
>
>
>
> 3. IPFIX via NSH TLV. This could be done but it would probably require
> using MD Type 2 and subject IPFIX messages to the same path and data delays
> / loss as user data. On the other hand, it might get the IPFIX message to
> the egress with minimal additional configuration at the ingress.
>
> *[Med] A variant would be to make use of rfc8393.html#section-6.4 to
> interleave these packets with data packets. *
>
>
>
> The draft suggests using NSH steering for IPFIX messages if direct
> transport protocol connectivity between ingress and egress is problematic
> but is not clear whether this means 2 or 3 above and whichever of these it
> is suggesting, the draft does not provide sufficient detail so that needs
> to be added. The draft recommends using a higher priority for IPFIX
> messages than for user data. Methods 1 and 2 above facilitate while this
> might be impractical for Method 3, causing re-ordering.
>
>
>
> I think details for Method 2 should be added to the draft.
>
>
>
> *[Med] I agree that the current mention of IPFIX over NSH in the draft is
> underspecified.   *
>
>
> Thanks,
> Donald
> ===============================
>  Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
>  2386 Panoramic Circle, Apopka, FL 32703 USA
>  d3e3e3@gmail.com
>
>
>
> Cheers,
>
> Med
>
>
>
> *De :* sfc <sfc-bounces@ietf.org> *De la part de* Andrew G. Malis
> *Envoyé :* mardi 19 avril 2022 13:54
> *À :* Donald Eastlake <d3e3e3@gmail.com>
> *Cc :* sfc@ietf.org
> *Objet :* Re: [sfc] I-D Action: draft-ietf-sfc-nsh-ecn-support-09.txt
>
>
>
> Donald,
>
>
>
> Regarding Experimental status, take a look at the guidelines at
> https://www.ietf.org/standards/process/informational-vs-experimental/ ,
> in particular guidelines 3.4 and 3.5. This draft doesn't fit either of
> those.
>
>
>
> Also, in my experience, the SFC WG has not required implementations for
> RFC publication, rather publication has been used to encourage
> implementation.
>
>
>
> Cheers,
>
> Andy
>
>
>
>
>
> On Mon, Apr 18, 2022 at 6:13 PM Donald Eastlake <d3e3e3@gmail.com> wrote:
>
> Hi,
>
>
>
> I have done a significant pass over this draft in light of the reviews and
> I believe the draft is substantially improved; however, this revision does
> not, in my opinion, resolve all of the review comments and another pass
> will be needed before a WG Last Call.
>
>
>
> Also, one person has suggested changing the target status of this draft
> from Proposed Standard to Experimental. I do not have much objection to
> such a change. What do others think?
>
>
> Thanks,
> Donald
> ===============================
>  Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
>  2386 Panoramic Circle, Apopka, FL 32703 USA
>  d3e3e3@gmail.com
>
>
>
>
>
> On Mon, Apr 18, 2022 at 6:02 PM <internet-drafts@ietf.org> wrote:
>
>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Service Function Chaining WG of the IETF.
>
>         Title           : Explicit Congestion Notification (ECN) and
> Congestion Feedback Using the Network Service Header (NSH) and IPFIX
>         Authors         : Donald E. Eastlake
>                           Bob Briscoe
>                           Yizhou Li
>                           Andrew G. Malis
>                           Xinpeng Wei
>         Filename        : draft-ietf-sfc-nsh-ecn-support-09.txt
>         Pages           : 34
>         Date            : 2022-04-18
>
> Abstract:
>    Explicit congestion notification (ECN) allows a forwarding element to
>    notify downstream devices of the onset of congestion without having
>    to drop packets. Coupled with a means to feed information about
>    congestion back to upstream nodes, this can improve network
>    efficiency through better congestion control, frequently without
>    packet drops. This document specifies ECN and congestion feedback
>    support within a Service Function Chaining (SFC) enabled domain
>    through use of the Network Service Header (NSH, RFC 8300) and IP Flow
>    Information Export (IPFIX, RFC 7011).
>
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-sfc-nsh-ecn-support/
>
> There is also an htmlized version available at:
> https://datatracker.ietf.org/doc/html/draft-ietf-sfc-nsh-ecn-support-09
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-sfc-nsh-ecn-support-09
>
>
> Internet-Drafts are also available by rsync at rsync.ietf.org:
> :internet-drafts
>
>
> _______________________________________________
> sfc mailing list
> sfc@ietf.org
> https://www.ietf.org/mailman/listinfo/sfc
>
> _______________________________________________
> sfc mailing list
> sfc@ietf.org
> https://www.ietf.org/mailman/listinfo/sfc
>
> _________________________________________________________________________________________________________________________
>
>
>
> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
>
> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
>
> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
>
> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>
>
>
> This message and its attachments may contain confidential or privileged information that may be protected by law;
>
> they should not be distributed, used or copied without authorisation.
>
> If you have received this email in error, please notify the sender and delete this message and its attachments.
>
> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
>
> Thank you.
>
> _________________________________________________________________________________________________________________________
>
> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>
> This message and its attachments may contain confidential or privileged information that may be protected by law;
> they should not be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
> Thank you.
>
>

v2.23.0 | Report a Bug | By Email