Re: [sfc] I-D Action: draft-ietf-sfc-hierarchical-03.txt
<mohamed.boucadair@orange.com> Thu, 06 July 2017 06:46 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4822D124D6C for <sfc@ietfa.amsl.com>; Wed, 5 Jul 2017 23:46:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.619
X-Spam-Level:
X-Spam-Status: No, score=-2.619 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fubQxywRlkLE for <sfc@ietfa.amsl.com>; Wed, 5 Jul 2017 23:46:39 -0700 (PDT)
Received: from relais-inet.orange.com (mta239.mail.business.static.orange.com [80.12.66.39]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61E7812420B for <sfc@ietf.org>; Wed, 5 Jul 2017 23:46:38 -0700 (PDT)
Received: from opfedar06.francetelecom.fr (unknown [xx.xx.xx.8]) by opfedar23.francetelecom.fr (ESMTP service) with ESMTP id BD255160749; Thu, 6 Jul 2017 08:46:36 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.2]) by opfedar06.francetelecom.fr (ESMTP service) with ESMTP id 996E880062; Thu, 6 Jul 2017 08:46:36 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM21.corporate.adroot.infra.ftgroup ([fe80::e92a:c932:907e:8f06%19]) with mapi id 14.03.0352.000; Thu, 6 Jul 2017 08:46:36 +0200
From: mohamed.boucadair@orange.com
To: Dave Dolson <ddolson@sandvine.com>, Greg Mirsky <gregimirsky@gmail.com>
CC: "sfc@ietf.org" <sfc@ietf.org>
Thread-Topic: [sfc] I-D Action: draft-ietf-sfc-hierarchical-03.txt
Thread-Index: AQHS8dmf4I6jKZB2wkylXEjacAm4O6I90DGAgAayuQCAAQ/SgIAAyM9Q
Date: Thu, 06 Jul 2017 06:46:35 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93300A0016D5@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <149885200412.4686.625724536330402017@ietfa.amsl.com> <E8355113905631478EFF04F5AA706E987062B2B9@wtl-exchp-1.sandvine.com> <CA+RyBmW8WLdGrizcZrqNUWDVfwmGniLDpE99kmutGgv-z6K=qg@mail.gmail.com> <E8355113905631478EFF04F5AA706E9870632A79@wtl-exchp-1.sandvine.com>
In-Reply-To: <E8355113905631478EFF04F5AA706E9870632A79@wtl-exchp-1.sandvine.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.5]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B93300A0016D5OPEXCLILMA3corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/baoHDtTkPGL7Xclxw5WVFAsI8Xg>
Subject: Re: [sfc] I-D Action: draft-ietf-sfc-hierarchical-03.txt
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jul 2017 06:46:42 -0000
Hi Greg, Dave, Please see inline. Cheers, Med De : sfc [mailto:sfc-bounces@ietf.org] De la part de Dave Dolson Envoyé : mercredi 5 juillet 2017 21:48 À : Greg Mirsky Cc : sfc@ietf.org Objet : Re: [sfc] I-D Action: draft-ietf-sfc-hierarchical-03.txt Greg, Thank you for giving your time to reading and providing comments. See inline [DD]. -Dave From: Greg Mirsky [mailto:gregimirsky@gmail.com] Sent: Tuesday, July 4, 2017 6:06 PM To: Dave Dolson Cc: sfc@ietf.org<mailto:sfc@ietf.org> Subject: Re: [sfc] I-D Action: draft-ietf-sfc-hierarchical-03.txt Hi Dave, Authors, thank you for very interesting approach to the problem of SFC complexity. Great well-written document. Please kindly consider my comments, questions: * even though the draft is targeted for Informational track, I'd encourage include wording from RFC 8174 that clarifies use of normative words: Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP<https://tools.ietf.org/html/bcp14> 14<https://tools.ietf.org/html/bcp14> [RFC2119<https://tools.ietf.org/html/rfc2119>] [RFC8174<https://tools.ietf.org/html/rfc8174>] when, and only when, they appear in all capitals, as shown here. [DD] Good point; we have not used any upper-case requirements keywords. I think we would have to very carefully review where those are appropriate. [Med] I would not use the normative language given that we are discussing options and not making a recommendation. · I think that adding section with acronyms listed will be helpful to the reader. [DD] we have tried to define acronyms as they are introduced, but we could easily add that. · Is "stickiness to specific SF instances" another way to say that SF is stateful? And the same question for types of SFs that require bidirectional traffic (I think that such requirement implies what later referred as stickiness, i.e. reverse direction must cross the same SF instance as the forward direction of SFC). [DD] Yes. (NATs and firewalls are listed as examples.) I think I can address your concern with addition of “stateful” adjective. · I'm not sure that assumption in Section 2.2 regarding encapsulation of the packets entering lower-level SFC domain. What you see as the transport between SFF of the higher-level and IBN? [DD] We intend that the IBN acts as an SF of the higher-level domain. Hence it receives packets as any SF would. Is there some place I can make this more clear? [Med] We can make it clear by making this change in Section 2.2: OLD: Unlike the top level, data packets entering the sub-domain are already SFC-encapsulated. Figure 2 shows a sub-domain interfaced with a higher-level domain by means of an Internal Boundary Node (IBN). It is the purpose of the IBN to apply classification rules and direct the packets to the selected local SFPs terminating at an egress IBN. The egress IBN finally restores packets to the original SFC shim and hands them off to SFFs. NEW: Figure 2 shows a sub-domain interfaced with a higher-level domain by means of an Internal Boundary Node (IBN). An IBN acts as an SFC-aware SF in the higher-level domain and as a classifier in the lower-level domain. As such, data packets entering the sub-domain are already SFC-encapsulated. Also, it is the purpose of the IBN to apply classification rules and direct the packets to the selected local SFPs terminating at an egress IBN. The egress IBN finally restores packets to the original SFC shim and hands them off to SFFs. · section 3.1.1 refers to IBN as"terminator of lower-level chain". As I understand, IBN is the representation, proxy of the lower-level chain in the higher-level. Right? If my understanding is correct, some terminology alignment may be helpful. [DD] terminating the lower-level chain is one role of the IBN. In other SFC deployments, a chain terminator may be at a router or a switch; after the chain ends, the packet is removed from NSH and routed or switched according to the IP or link-layer header respectively. However, in the IBN the lower-level termination results in restoration to the upper-level path. Does that help explain it? [DD] I’m unclear on which terminologies need to be aligned with each other. [Med] We can avoid the use of “terminator” and calls explicitly the “SFP terminating” feature of an IBN. A proposed change to Section 3.1.1 is provided below: OLD: When a packet returns to the IBN at the end of a chain (which is the terminator of the lower-level chain) NEW: When a packet returns to the IBN at the end of a chain (which is the SFP terminating node of the lower-level chain). · Figure 3. What is seen as overlay encapsulation? I'd probably refer to the outer header as Transport or Underlay without going into gory details of what it is. But more importantly, in my view, is to clarify where, at which point in hSFC, hSFC packet has format presented in Fig.3. I'd imagine that lower-NSH is to be added by the Classifier of the sub-domain. But would SFF that being handed the resulting packet have the Transport Header to deal with? [DD] In figure 3, “Overlay Header” means how the NSH is carried. Would this be better aligned with draft-ietf-sfc-nsh by referring to it as “NSH Encapsulation”? [Med] This is the “outer-transport encapsulation” as per RFC7665. · I think that sections 3.3 and 3.4 are related as there's some duplication between SI and TTL that was pointed on the NSH thread by Igor. Thus policies that regulate handling of SI and TTL may need to be synchronized or coordinated to have predictable behavior. [DD] I don’t understand why coordination would be required. SI is decremented by SFs, whereas TTL is decremented by SFFs. But I think clarity could be improved here with use of normative words per your first point. [Med] Agree with Dave. Further, if any coordination is required, it wouldn’t be specific to hSFC but be valid for SFC in general. I don’t think we need to discuss this “issue” in this document. · I think that section 3.4 may benefit from using RFC 3443 terminology in regard to TTL handling between inner and outer headers and refer to Unified, Short Pipe, and Pipe. [DD] Thanks for the pointers to Uniform, Pipe and Short Pipe. We will see about using these. · does the first paragraph in section 4 refer to IBN removing higher-level NSH? I thought that is one possible solution and other solutions may rely on information in the higher-level NSH being available to the sub-domain Classifier. [DD] Agreed, this language is incorrect for some of the solutions. We will fix it. · there's another term very close to bidirectional symmetry as defined in section 4 - co-routed path. Co-routed path is bidirectional path that traverses the same set of links and nodes in forward and reverse directions and is viewed as single entity, e.g. failure in one direction viewed as bi-directional failure. May be co-routed path be used as reference or as term in (h)SFC . [DD] Would it suffice to explain, “In other words, a sub-domain classifier can ensure co-routed paths for bidirectional traffic.” ? Regards, Greg On Fri, Jun 30, 2017 at 1:02 PM, Dave Dolson <ddolson@sandvine.com<mailto:ddolson@sandvine.com>> wrote: SFC WG, This new version hopefully addresses some of the comments received on the list. It also uses the new NSH header format, with some language about handling the TTL in the sub-domains. (I've written that whether to expose the hops of the sub-domain is administrator choice.) Hopefully my changes are acceptable to the working group. I'm more than happy to discuss this with anyone. I think the main outstanding issue is whether we should reduce the number of options in sections 3.1.1 thru 3.1.5 be reduced? On one hand, the start and end of sub-domain chains are within the purview of a single vendor. On the other hand, 5 options is too many. See you in Prague, -Dave -----Original Message----- From: sfc [mailto:sfc-bounces@ietf.org<mailto:sfc-bounces@ietf.org>] On Behalf Of internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> Sent: Friday, June 30, 2017 3:47 PM To: i-d-announce@ietf.org<mailto:i-d-announce@ietf.org> Cc: sfc@ietf.org<mailto:sfc@ietf.org> Subject: [sfc] I-D Action: draft-ietf-sfc-hierarchical-03.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Service Function Chaining of the IETF. Title : Hierarchical Service Function Chaining (hSFC) Authors : David Dolson Shunsuke Homma Diego R. Lopez Mohamed Boucadair Dapeng Liu Ting Ao Vu Anh Vu Filename : draft-ietf-sfc-hierarchical-03.txt Pages : 26 Date : 2017-06-30 Abstract: Hierarchical Service Function Chaining (hSFC) is a network architecture allowing an organization to decompose a large-scale network into multiple domains of administration. The goals of hSFC are to make a large-scale network easier to reason about, simpler to control and to support independent functional groups within large network operators. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-sfc-hierarchical/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-sfc-hierarchical-03 https://datatracker.ietf.org/doc/html/draft-ietf-sfc-hierarchical-03 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-sfc-hierarchical-03 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ sfc mailing list sfc@ietf.org<mailto:sfc@ietf.org> https://www.ietf.org/mailman/listinfo/sfc _______________________________________________ sfc mailing list sfc@ietf.org<mailto:sfc@ietf.org> https://www.ietf.org/mailman/listinfo/sfc
- [sfc] I-D Action: draft-ietf-sfc-hierarchical-03.… internet-drafts
- Re: [sfc] I-D Action: draft-ietf-sfc-hierarchical… Dave Dolson
- Re: [sfc] I-D Action: draft-ietf-sfc-hierarchical… Greg Mirsky
- Re: [sfc] I-D Action: draft-ietf-sfc-hierarchical… Dave Dolson
- Re: [sfc] I-D Action: draft-ietf-sfc-hierarchical… mohamed.boucadair