IETF Logo Mail Archive

Re: [sfc] Adopting draft-mirsky-sfc-pmamm

"Carlos Pignataro (cpignata)" <cpignata@cisco.com> Sun, 16 June 2019 04:32 UTC

Return-Path: <cpignata@cisco.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D02F312009E; Sat, 15 Jun 2019 21:32:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=aGmsiJOS; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=pEWlS9mN
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DcVaxifdTs-i; Sat, 15 Jun 2019 21:32:54 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 509181200E0; Sat, 15 Jun 2019 21:32:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=47695; q=dns/txt; s=iport; t=1560659574; x=1561869174; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=UoPmK/E2aGdfjehIFATD4aXrINblBSjLAUIkQT4pyOs=; b=aGmsiJOSYkOkbMu6K0ZCbUvsI4GSiLq+GZfMmkZ/FPcnKmRSuZ2/Bs7S JhhJJJ1Mg4g2gBMJjkNbM1oET/mBrha6Nb6zKY5ZiyXWb16aeEDvP1yIz ka4dnlrK4CCuME3dvv2G/sN57YaYxm4yK2eD2aZcvFBCk6BA61mDeThNv A=;
IronPort-PHdr: 9a23:r7/alhzeG0Bb2r3XCy+N+z0EezQntrPoPwUc9psgjfdUf7+++4j5YhWN/u1j2VnOW4iTq+lJjebbqejBYSQB+t7A1RJKa5lQT1kAgMQSkRYnBZuOEUz0Kvf2ZgQxHd9JUxlu+HToeUU=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CrAADuxQVd/4QNJK1mHAEBAQQBAQcEAQGBUwUBAQsBgQ4vJCwDalUgBAsoCoNMQGKCZQOOYYIyl1uBLhSBEANQBAkBAQEMAQEYAQoKAgEBhEACF4I1IzYHDgEDAQEEAQECAQRtHAELhUsCAQMBAQoGBgIDBh0BASwLAQ8CAQYCOAEGAwICAiULFBECBA4FGweDAAGBHU0DHQECDIpukGACgTiIX3GBMYJ5AQEFgUZBQIIyGIIQAwaBNAGEcIZtF4FAP4ERJwwTgkw+gmEBAQIBARaBDwUBEgEeLoJdMoImi16CXYR0iEqMfAYKWgkCghCGSI0KG4InhwOECol8jR2BLIV2jDmDCAIEAgQFAg4BAQWBVwIvZ3FwFTsqAYJBPoFRDBeDTYUUhT9yAYEojHeBIgGBIAEB
X-IronPort-AV: E=Sophos;i="5.63,380,1557187200"; d="scan'208,217";a="288186715"
Received: from alln-core-10.cisco.com ([173.36.13.132]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 16 Jun 2019 04:32:52 +0000
Received: from XCH-ALN-016.cisco.com (xch-aln-016.cisco.com [173.36.7.26]) by alln-core-10.cisco.com (8.15.2/8.15.2) with ESMTPS id x5G4WqVN007841 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Sun, 16 Jun 2019 04:32:52 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-ALN-016.cisco.com (173.36.7.26) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sat, 15 Jun 2019 23:32:52 -0500
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sat, 15 Jun 2019 23:32:51 -0500
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Sat, 15 Jun 2019 23:32:51 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UoPmK/E2aGdfjehIFATD4aXrINblBSjLAUIkQT4pyOs=; b=pEWlS9mNgsOddy8xrRecT8c1tfc/HcMcHafKJsZ9nTvieInPK/3bnr403+4JodNl6HdNRAtnSkKMNVjtD0mh/Qie6td0ciZv9enH4/2PyqPbjKKwv4gwjfZAIV+f6PlwXlCNGAWlWcyigxFDeF64Y4avqPIH82H+B4csG9mqeDQ=
Received: from BL0PR11MB3028.namprd11.prod.outlook.com (20.177.204.138) by BL0PR11MB3028.namprd11.prod.outlook.com (20.177.204.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1987.10; Sun, 16 Jun 2019 04:32:50 +0000
Received: from BL0PR11MB3028.namprd11.prod.outlook.com ([fe80::ec33:f4c1:227a:fcb3]) by BL0PR11MB3028.namprd11.prod.outlook.com ([fe80::ec33:f4c1:227a:fcb3%5]) with mapi id 15.20.1987.014; Sun, 16 Jun 2019 04:32:50 +0000
From: "Carlos Pignataro (cpignata)" <cpignata@cisco.com>
To: "gregory.mirsky@ztetx.com" <gregory.mirsky@ztetx.com>
CC: Service Function Chaining IETF list <sfc@ietf.org>, "sfc-chairs@ietf.org" <sfc-chairs@ietf.org>
Thread-Topic: [sfc] Adopting draft-mirsky-sfc-pmamm
Thread-Index: AQHVIA67eOr2Woz9HEyWHbTYKT279qaduP2A
Date: Sun, 16 Jun 2019 04:32:50 +0000
Message-ID: <710BFA32-5866-462A-A3CF-62650C50AC69@cisco.com>
References: <201906111223119530032@zte.com.cn>
In-Reply-To: <201906111223119530032@zte.com.cn>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.104.11)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=cpignata@cisco.com;
x-originating-ip: [173.38.117.70]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d7d19049-2a83-4bd3-6126-08d6f213b0b4
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BL0PR11MB3028;
x-ms-traffictypediagnostic: BL0PR11MB3028:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <BL0PR11MB302868FB38326C6AF05FA859C7E80@BL0PR11MB3028.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0070A8666B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(366004)(346002)(376002)(136003)(39860400002)(189003)(199004)(54906003)(486006)(446003)(33656002)(11346002)(561944003)(4326008)(25786009)(2616005)(476003)(66946007)(7736002)(478600001)(8676002)(57306001)(413944005)(966005)(81156014)(81166006)(66556008)(64756008)(66446008)(66476007)(8936002)(2501003)(229853002)(6246003)(14454004)(76116006)(73956011)(6916009)(6486002)(5640700003)(6436002)(50226002)(236005)(6306002)(68736007)(54896002)(6512007)(606006)(53936002)(76176011)(186003)(256004)(3846002)(14444005)(6116002)(5024004)(316002)(2906002)(36756003)(66066001)(99286004)(71200400001)(71190400001)(86362001)(102836004)(2351001)(26005)(53546011)(6506007)(5660300002)(30864003); DIR:OUT; SFP:1101; SCL:1; SRVR:BL0PR11MB3028; H:BL0PR11MB3028.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Ur7va8oP4IoXoMmZ1k/P2/wElIr5/nxbk+ZHirFpYLcqJpr8DD9ZZoetN79slJ0l6D6ei0CDlK7xDVYUwFjBBU2V5Esx6lQE8odYIeRUr+cPjktqVwPsSWNWxGWywkb9CkuL0JPrC06wS1F1c8BaPhmYwvvtVW7DN8TNMFiVZWJKF3z27z1mbJCLwQGXH8vPjRNySkcF7ViXuHtaV1WeQsND97NpKdfV61/cP4Sd9ujmif+Yhplwq6oJLML9YrTqj7fBROiirPfRFRN2ofMqLJhvZcS5zDcu2hAgPErCpCfyHRY8vFPTvbc0zMpYV+IDWC6gvmxGu29RnAGtOGumUc5yI2qdMxRw2/sDyJAGRCsJ8zstuKJHxnFwAvXWhpV+2b4s32+RCOLPQ9qyHTWPFL0tLKPorqtF5vvvO+f0dHc=
Content-Type: multipart/alternative; boundary="_000_710BFA325866462AA3CF62650C50AC69ciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: d7d19049-2a83-4bd3-6126-08d6f213b0b4
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jun 2019 04:32:50.1286 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cpignata@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR11MB3028
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.26, xch-aln-016.cisco.com
X-Outbound-Node: alln-core-10.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/W1spIfVcXuxNIBvNAMUy0djMLMc>
Subject: Re: [sfc] Adopting draft-mirsky-sfc-pmamm
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Jun 2019 04:32:58 -0000

Hello, Greg,

Please see inline.

On Jun 11, 2019, at 12:23 AM, gregory.mirsky@ztetx.com<mailto:gregory.mirsky@ztetx.com> wrote:


Dear Carlos,

thank you for your review and comments. Please find my responses in-line tagged GIM>>. Attached are the updated version and the diff.


Regards,

Greg Mirsky



Joel, Jim,

I reflected on this adoption call. In the end, I oppose adopting this draft as a working group document at this point.

After all consideration, my evaluation is that, at best, it is very premature.

Here’s some of the technical reasons for this:

1. Fundamental mis-assumptions.

1.1.

The whole basis of this document is using a “marking” method as a passive PM method. This is the only sentence in the Abstract:

   This document describes how the alternate marking method be used as
   the passive performance measurement method in a Service Function
   Chaining (SFC) domain.

However, the definition of a passive method from RFC 7799 is:<https://tools.ietf.org/html/rfc7799#section-3.6>https://tools.ietf.org/html/rfc7799#section-3.6
   o  based solely on observations of an undisturbed and unmodified
      packet stream of interest (in other words, the method of
      measurement MUST NOT add, change, or remove packets or fields or
      change field values anywhere along the path).

This definition says MUST NOT change field values.

I understand the document says:
   alternate marking method in SFC layer can be viewed as a real example
   of passive performance measurement method.

However, that is not saying “it is a passive method because of this thorough analysis”.

I also understand that RFC 8321 gives guidance of when an alternate-marking method can be considered Hybrid vs. Passive.

I remember because I was Document Shepherd on that I-D to become RFC 8321.

However, the SFC NSH can be encapsulated in a number of transport encapsulation protocols. There is no analysis to explain how the changing of this field value will not result in a different forwarding (e.g., path, treatment) decision.
GIM>> I agree that from the classification of the performance measurement methods the AltMark method belongs to Hybrid class. Thus I accept your comments and propose two updates in Abstract:

This comment is fundamental to the document’s approach, and in my opinion, not a quick s/passive/hybrid/g word replacement. As a hybrid method it ought to rationalize the approach with existing hybrid methods.

OLD TEXT:
   This document describes how the alternate marking method be used as
   the passive performance measurement method in a Service Function
   Chaining (SFC) domain.
NEW TEXT:
   This document describes how the alternate marking method can be used
   as the efficient performance measurement method taking advandage of
   the actual data flows in a Service Function Chaining (SFC) domain.
Introduction:
OLD TEXT:
   [RFC8321] describes the passive performance measurement method, which can be
   used to measure packet loss, latency, and jitter on live traffic.
NEW TEXT:
   [RFC8321] describes the hybrid performance measurement method, which can be
   used to measure packet loss, latency, and jitter on live traffic.
and Section 3:
OLD TEXT:
   Because the setting of the field to any value does not affect
   forwarding and/or quality of service treatment of a packet, the
   alternate marking method in SFC layer can be viewed as a real example
   of passive performance measurement method.
NEW TEXT:
   Though the setting of the field to any value likely not affect
   forwarding and/or quality of service treatment of a packet, the
   alternate marking method in SFC layer it is characterized as an
   example of hybrid performance measurement method according to
   [RFC7799].
   For example, there’s an MPLS SFC NSH encapsulation just published as RFC, and here this document attempts to define a bit in the first nibble. RFC 8300 carefully reserved version numbers to prevent ECMP treatment. Here, my point is no to move the bit around, but to exemplify how there’s been lack of captured thought about this proposal and approach.
GIM>> I cannot find a technical foundation for your concern.

Sorry if I was not clear, I will try to be more explicit.

 The proposed M field, as well as already allocated in RFC 8300 O field have no impact on possible ECMP treatment of NSH. The fact is that devices that use DPI after the MPLS stack are acting only on 0x04 and 0x6 values.

This is a bold statement. Do you have a survey of all devices that perform DPI and their behavior in regards to the first nibble? (Assuming you mean 0x4 and not 0x04)

 Because the value 01b is reserved for the V field, an NSH cannot be taken for IPv4 or IPv6 header with any values of O and M fields. If it is not clear from Section 2.2 in RFC 8300, we can add text in the further version.
   1.2.


Indeed, RFC 8300 tried to prevent this as possible by reserving version 1. But my point is that assigning this would need some analysis captured in the document.


There’s been no discussion about whether this specific solution is what SFC needs for Passive OAM, or of the risks of this modifying forwarding. And weather the NSH Base Header is the best place for these measurements.
   GIM>> The draft was presented at the meetings and received a reasonable amount of comments.

Greg, First, what is a “reasonable amount of comments”? Reasonable to whom? And who is making hat call? That seems like a chair responsibility and not a document author’s call.
Second, looking objectively at https://mailarchive.ietf.org/arch/search/?q=draft-mirsky-sfc-pmamm, I do not see many non-author comments.


 Could you point to the text in the draft that proposes a change in forwarding?

Greg, did I write that the draft "proposes a change in forwarding"? Please, again, refrain from mis-attributing text that I did not write or say.

I wrote “or of the risks of this modifying forwarding”, which is quite different, and my point is that the draft should prove that it doesn’t.

 Also, I'd indicate that the measurements are performed at the node that acts on the M field and that the results are not exported in the data packet that triggered the measurement but stored at the node. A possible method to export the results is outside the scope of the draft.


2. Solution looking for a problem.

This draft defines a solution, but it really does not indicate the scope or extend of the problem being solved. It does not explain how this specific solution fits in the potential constellation of OAM solutions for SFC.

And as such, it is impossible to compare it against other potential solutions, or to evaluate or understand how it fits in the overall OAM Framework.

Which exact function of OAM is this solving, and given the graph-nature of SFC, is this too simplistic of a solution for Performance Measurement, where other hybrid solutions can provide a large superset of this functionality?

This is compounded by one additional issue:

There seems to be a tendency of, without explanation, extrapolating RFCs and solutions into all possible protocols, regardless of their need.

For example, after RFC 7110, there were all kinds of specified-return-paths documents for many protocols — even for things that did not make full sense like for SFC. I would cautious us to develop standards based on needs.
   GIM>> I don't see how this is relevant to this WG AP.


On the contrary; in my opinion, this concern goes to the heart of the raison d’être of the document, and the problem it is supposedly solving.


And equally important, to understand the overall landscape of Performance Measurement before pushing too localized solutions.


3. Grossly underdefined and underspecified operations.

3.1.

The Theory of Operation in Section 4 does not really explain the role of any node (headend, tailed, midpoint) or (SF, SFF, Classifier). Which nodes can/must mark/read/change, etc. Sections 4.1, 4.2, 4.2 explains details of the Alternate Marking method, but not the SFC applicability or usage.
GIM>> The general idea is reflected in
   Using the marking method a component of the SFC creates distinct sub-
   flows in the particular service traffic over SFC.  Each sub-flow
   consists of consecutive blocks that are unambiguously recognizable by
   a monitoring point at any component of the SFC and can be measured to
   calculate packet loss and/or packet delay metrics.

This comment is not answering my question. The general idea is clear without this document. The specific idea is not explained in this document.

Also, Section 4.2 describes how AMM can be used to measure the Residence Time of SFF and/or SF. Of course, we'll continue adding more details to explain examples of using AMM in SFC and welcome all contributions, suggestions.

3.2.

What is the default value for the bit?
GIM>> By default the M flag MUST be set to 0. The added text in Section 3:
NEW TEXT
   The Mark field MUST be set to 0 at initialization of NSH and ignored on
   receiption when the method is not in use.
3.3.

The document says it creates sub-flows within SFC:

   Using the marking method a component of the SFC creates distinct sub-
   flows in the particular service traffic over SFC.

How does this interact with Flow concepts in SFC?
GIM>> These sub-flows are only detected by a node that is being enabled to use AMM on the given SFC flow. As stated in Section 3,

RFC 8300 does not use the term “flow”. Therefore, a sub-flow of what? And is this using the Flow definition in Section 5 of draft-ietf-sfc-nsh-tlv-00?

   The Mark field MUST NOT be
   used in defining forwarding and/or quality of service treatment of an
   SFC packet.  The Mark field MUST be used only for the performance
   measurement of data traffic in the SFC layer.
AMM sub-flows must not alter processing of SFC flow they are part of.

4. Effectively null considerations to security.

The security considerations reads:

   This document lists the OAM requirement for SFC domain and does not
   raise any security concerns or issues in addition to ones common to
   networking and SFC.
GIM>> Will expand on Security Consideration in further versions.


Greg, I did not comment that the section needed expanding. I was asking what it means. Maybe it needs full replacing more than expanding.

I hope these responses are useful to the WG.

Best,

Carlos.

It is unclear if that is a copy/paste from another document, or what it really means.


5. Minor issues

The NSH [RFC 8300] does not have “R” bits. It has “U” bits.
GIM>> Thank you. Update the figure.

Thanks,

Carlos.



On May 24, 2019, at 2:17 PM, Joel M. Halpern <jmh@joelhalpern.com<mailto:jmh@joelhalpern.com><mailto:jmh@joelhalpern.com>> wrote:

This email starts the adoption call for draft-mirsky-sfc-pmamm (https://datatracker.ietf.org/doc/draft-mirsky-sfc-pmamm/).

Please speak up if you support or oppose adopting this document as a working group document.  Please provide reasons for that view.
Silence will not be considered consent.

The adoption call will end CoB 10 June 2019.

Yours,
Joel (and Jim

On 5/20/19 1:58 PM, Greg Mirsky wrote:
Dear Joel and Jim,
authors ofdraft-mirsky-sfc-pmamm believe that the draft, that defines how the Alternate Marking (RFC 8321) technique can be used in SFC NSH, is stable, and ready for the working group adoption. Much appreciate your consideration to start the WG AP.
Best regards,
Greg

_______________________________________________
sfc mailing list
sfc@ietf.org<mailto:sfc@ietf.org><mailto:sfc@ietf.org>https://www.ietf.org/mailman/listinfo/sfc


<draft-mirsky-sfc-pmamm-08.txt><Diff_ draft-mirsky-sfc-pmamm-07.txt - draft-mirsky-sfc-pmamm-08.txt.html>

v2.23.0 | Report a Bug | By Email