IETF Logo Mail Archive

[sfc] Additional AD review comments on draft-ietf-sfc-nsh-20

Alia Atlas <akatlas@gmail.com> Thu, 07 September 2017 19:39 UTC

Return-Path: <akatlas@gmail.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4285132FAF; Thu, 7 Sep 2017 12:39:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qO_dlqcmh3M1; Thu, 7 Sep 2017 12:39:31 -0700 (PDT)
Received: from mail-wr0-x22a.google.com (mail-wr0-x22a.google.com [IPv6:2a00:1450:400c:c0c::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84F05132FB1; Thu, 7 Sep 2017 12:39:30 -0700 (PDT)
Received: by mail-wr0-x22a.google.com with SMTP id m18so1210461wrm.2; Thu, 07 Sep 2017 12:39:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=futKPCeQk/cQOIpWmKFHL00CMIJtiL86QADiV5j9IGI=; b=d1STxM82C5Jw9vLCP947pBRPSSSfjsJpgyY7KIhICy95a4oiXv1aahtjcwwtPkKDbn xE4WZn+sfXQkLrSFszVVdqb9C1i2e7H89WbFBJiK5b2H4mCcZkBsO/iMR6U28VgCChFi WhlamX9HsSR8CQQhRmln8bf2Q52ZrUB58KJA0/+5zE6s0YlZs9n0li9ekTbPScVeT/IU zbZLUiYpmayFX5t7NhWJs99JdxnZ5Po43XAcDTbS59VMDqYWW4TFnqcQJcwqTdquLvhE SQnIsDp82Eu+cDtZC5lGEKf7zG0ztYr9aipUkBzb3Fei0u5KtEUL3zxzxvNVk2MCDPuL Fktg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=futKPCeQk/cQOIpWmKFHL00CMIJtiL86QADiV5j9IGI=; b=Alcyw5/zOJ7XqUEEo0VtnKlKcKT5G4bLbrO11CB7BbQ+UDTNpn9/SkvgN2yMAtJ9Xq 9FlOaEijdXA5rJuje0TbEdLJLe9cuCZ1FMzja4aQYe+o5qHal9udyZe2/7QDXpUUZKbx jVmOxv+JQpxKN68MMVbLYsKdXADFmNgY+Z64sxjfYcOgBA/jf5KGXjDpJY2EQsJpW6lk ijz9i/0Xr0xgqoZ2CpJYvYidfM9I9w9kdxWi3dCR3RGw9sOIY+cW1n6WlEHNPXCdX/sQ O53NgN0vJV820SVAsb/WkjCgacGb3nqXiwmXLOQF3SjQTkvLzrYz41HGCcHuc8+S2nux nDKw==
X-Gm-Message-State: AHPjjUhuwkRBdFZNeFTs7d5gdxS8n4yb7sDe21INV2L4ETKFzRqbqj46 IlJk9VHAO7jk748jt946UUcUl2CqUVFqPys=
X-Google-Smtp-Source: ADKCNb6ybK0Kj+8YK7e+wzLOpzk34MmOlgUVV2PgL4ogSx64kQkJHbSvZLIY97BTgiUIb82Mt7KvooFlJcYUycP8Km4=
X-Received: by 10.223.135.155 with SMTP id b27mr286741wrb.10.1504813168639; Thu, 07 Sep 2017 12:39:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.170.145 with HTTP; Thu, 7 Sep 2017 12:39:27 -0700 (PDT)
From: Alia Atlas <akatlas@gmail.com>
Date: Thu, 07 Sep 2017 15:39:27 -0400
Message-ID: <CAG4d1rdTfPAD38u++W+OysGz7W76iaZQnzea0U7EFOLE9oHh5A@mail.gmail.com>
To: "sfc@ietf.org" <sfc@ietf.org>, draft-ietf-sfc-nsh@ietf.org
Content-Type: multipart/alternative; boundary="001a11461a065ec4f705589e9e37"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/oUcZfaFwmXz8JCCLWFyNxLjrGEI>
Subject: [sfc] Additional AD review comments on draft-ietf-sfc-nsh-20
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Sep 2017 19:39:33 -0000

Carlos,

The draft is much improved.  Thank you for your hard work.  I still see the
following three issues.


1) Sec 2.2: "The O bit MUST be set for OAM packets and MUST NOT be set for
non-OAM
   packets.  The O bit MUST NOT be modified along the SFP."
What happens if the packet is reclassified - potentially to a different
SFP?

Sec 3 doesn't clarify this."When the logical classifier performs re-
       classification that results in a change of service path, it MUST
       replace the existing NSH with a new NSH with the Base Header and
       Service Path Header reflecting the new service path information
       and MUST set the initial SI.  Metadata MAY be preserved in the
       new NSH."

It would be good to specify the behavior for the unassigned flags as well;
that way there will be consistent assumptions for future extensions, if
needed.

2) Sec 7.1: "For example, if the metadata conveys tenant information, that
information may need to be authenticated and/or encrypted between the
originator and the
   intended recipients (which may include intended SFs only)."
A reference to draft-reddy-sfc-nsh-encrypt, which defines how to encrypt
the meta-data would be most helpful in making this sound less aspirational;
so would having that draft not be 2 years expired and ignored by the WG.

3) Sec 11.2.5: Guidance for the expert review is needed.

Regards,
Alia

v2.23.0 | Report a Bug | By Email