Re: [Snac] draft-ietf-snac-simple-01 review comments
Ted Lemon <mellon@fugue.com> Fri, 19 May 2023 00:09 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: snac@ietfa.amsl.com
Delivered-To: snac@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46BC1C14F75F for <snac@ietfa.amsl.com>; Thu, 18 May 2023 17:09:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.898
X-Spam-Level:
X-Spam-Status: No, score=-6.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20221208.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UjLqCfj0KcSy for <snac@ietfa.amsl.com>; Thu, 18 May 2023 17:09:53 -0700 (PDT)
Received: from mail-qk1-x72f.google.com (mail-qk1-x72f.google.com [IPv6:2607:f8b0:4864:20::72f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 005D0C151060 for <snac@ietf.org>; Thu, 18 May 2023 17:09:52 -0700 (PDT)
Received: by mail-qk1-x72f.google.com with SMTP id af79cd13be357-75771dd7242so152998985a.1 for <snac@ietf.org>; Thu, 18 May 2023 17:09:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20221208.gappssmtp.com; s=20221208; t=1684454991; x=1687046991; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=YeyioB5ionErn1sHYOYcnTECdeNENjdVvlomgw/w54s=; b=yV2cWpSOFD+5pwH3ZuTq0Fjky4tMyReGUtq/SLTAqGUW3Kz6ojS7GXK/PcD+HPe0go mCI2yIa5eNWPB2q2ZoeQzUUd88r/xGMYc9ZsCvSskYBcrOfsVB4WKHzd3Zzn5Mst3bS7 nu8IS313FqGlvF9IgL+b9BNkpHvyU9VXK2FegTFbJ+3otkj4F0LnXbs3NuksYrDRk6P1 v32fP8Z4+vqYxO8SGTQVm4Foj/sewE1IbO0MnbxGjVig0XlGtK1zE1aknxvjBIFv3a2e GSm6nQZPpUjVxMkbEoeqg/CkNtnwaFItuiMlu3eJyw6ZHD4kfapAx/kCo2LSRNXWRDhc NtwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684454991; x=1687046991; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=YeyioB5ionErn1sHYOYcnTECdeNENjdVvlomgw/w54s=; b=aydjYJlJf8B+uJjki7O5/p1tvOFGrJfQ7WonZ2w3YKE/ptJgWmhVHYRZ6t4g4IwN2M /BUduxyHTV4NLKdCezg3msvfgfezn8smB8Y37Kjkcj01NYs63Lpc4VmIyDP9+YLFszlk scbO+lWzLHS4eN6EPMoACT4FPxR7M1B9UG2sL2iQ2GTF3xOhYsZLbt21LAn++RiEWuz2 VZ21rCy8d9DUgZxJFixc3ytMG3gY0JX7E8RKKN6epfOr/OlnFVD8ucR9fwZFTpyGcYf+ lLO/XDqA/k+m+Ji6RtCsKvkup6ZKS1uROMK5FJXLZs76jmWnM6wPghFHdDBCEr2GiLcm XMTw==
X-Gm-Message-State: AC+VfDzS0+gAdZr8wRf1OsMU7Ja5FCLFaQ6lquuWzp2cWuVAPVyLJblC 8SoZCsD3nN37D/APUWiLDTyaP5o2CsW44j/hauzdk+z8S/hvT9wNhx7IdQ==
X-Google-Smtp-Source: ACHHUZ7bIC3QqKP1ZnbSGi9tsO5ouook3giZAWhPmPGW6dmdu5u8JKOYbWRTXODHF2x/qxqfy5JfyQMZMW2nMO/mIKc=
X-Received: by 2002:a05:6214:2aab:b0:61b:73b2:72c with SMTP id js11-20020a0562142aab00b0061b73b2072cmr1700611qvb.16.1684454991620; Thu, 18 May 2023 17:09:51 -0700 (PDT)
MIME-Version: 1.0
References: <BL1PR11MB5366C82D3ECC50F851E4EC9DC87F9@BL1PR11MB5366.namprd11.prod.outlook.com> <CAPt1N1kj9aMAtPE+roPjF2WUvL703gi0CgU4fQy8Q1y8rnbaFQ@mail.gmail.com>
In-Reply-To: <CAPt1N1kj9aMAtPE+roPjF2WUvL703gi0CgU4fQy8Q1y8rnbaFQ@mail.gmail.com>
From: Ted Lemon <mellon@fugue.com>
Date: Thu, 18 May 2023 20:09:15 -0400
Message-ID: <CAPt1N1=icmRKMLbVniuoM7MuHT1CkdW4PCXPhV13AROrbPULPw@mail.gmail.com>
To: "Darren Dukes (ddukes)" <ddukes=40cisco.com@dmarc.ietf.org>
Cc: "draft-ietf-snac-simple.authors@ietf.org" <draft-ietf-snac-simple.authors@ietf.org>, "snac@ietf.org" <snac@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006a838a05fc00bd91"
Archived-At: <https://mailarchive.ietf.org/arch/msg/snac/PTVdXzkl2ChjON5ExdF-X4o437U>
Subject: Re: [Snac] draft-ietf-snac-simple-01 review comments
X-BeenThere: snac@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Mailing list for discussing problems relating to the automatic connection of stub networks to existing infrastructure networks. " <snac.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/snac>, <mailto:snac-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/snac/>
List-Post: <mailto:snac@ietf.org>
List-Help: <mailto:snac-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/snac>, <mailto:snac-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 May 2023 00:09:55 -0000
I've added this issue to the github tracker in addition to your pull request—thanks for that! https://github.com/ietf-wg-snac/draft-ietf-snac-simple/issues/29 On Thu, May 18, 2023 at 8:06 PM Ted Lemon <mellon@fugue.com> wrote: > On Thu, May 18, 2023 at 6:54 PM Darren Dukes (ddukes) <ddukes= > 40cisco.com@dmarc.ietf.org> wrote: > >> Hello Ted and Jonathan, I reviewed this draft and found it very readable >> and clear. >> > > Thanks! > > >> 1 – The term beacon is used in a few places, but I think what you mean is >> RA. If this is the case then BEACON_INTERVAL may be better defined as >> RA_INTERVAL, and s/beacon/RA/g may simplify the terminology. If I’m off >> course please let me know. >> > > Thanks, this is a good point. That term is coming from my implementation, > and I can see why it would be confusing. > > 2 – Section 5.1.2.4 – doesn’t account for receipt of multiple prefixes, is >> there a reason for that? It seems to say any prefix received that is not >> equal to the currently advertised prefix results in STATE-DEPRICATING or >> changes in the advertising on the stub network. >> > > That's also a really good point. Of course we need to consider each usable > on-link prefix if more than one shows up in an RA! > > >> 3 – section 5.2.1 discusses stub router restarts. I assume the two stub >> routers are connected to the same AIL **and** to the same stub network. I >> also assume the remembered prefix time includes remembering the prefix... >> The text doesn’t state this clearly. >> > > Actually, the two stub routers might not be connected to the same stub > network, and that should be okay. The point is to stabilize the on-link > prefix on the AIL if it's provided by a stub router. If stub routers A and > B are connected to the same AIL, only one will advertise an on-link prefix. > If that one reboots, the other will remember that that prefix is on-link, > so it will do the right thing with responses send to hosts on that prefix. > The goal is to make sure that the router that rebooted _also_ considers > that prefix on-link, even though it's never seen an RA. I think this > section needs a bit of work; the clarifications you've requested would be > part of that, but it was useful to re-think this based on your comments as > well, because I think I see how to make this work in a relatively clean way. > > >> The WG comments were good, but I would add that the remembered prefix is >> immediately usable again if it’s a generated ULA, as mentioned in 5.2.2. >> For any other stored prefix, would we not be better off to just follow the >> state machine, because we don’t know if we’ve changed infrastructure >> networks while shut down? >> > > If we are not advertising the prefix on the link, because there's a usable > prefix on the link, and we get a message from the stub network for an > address on the remembered prefix, there are the following possibilities > that I can think of: > > 1. The prefix is a DHCP prefix, meaning it's routable and doesn't belong > to the stub router. In this case, the stub router could try to renew it; if > that succeeds, it could assume that the prefix is valid on the AIL and > forward packets to that prefix to the AIL. If that fails, it assumes the > prefix is only reachable through a router, so it forwards the packet using > its routing table, and hopes for the best. > 2. The prefix is a prefix generated by that stub router. In this case, if > the stub router is on a different AIL, it's immaterial, since the prefix > isn't routable. So the stub router can assume that that prefix is on-link > and forward packets for that prefix to the link; if they reach their > intended destination, great. If not, nothing is lost. > 3. The prefix is a stub-network-specific prefix. As an example, Thread > uses the thread XPANID, which is a 48-bit number unique to a Thread network > and its set of credentials, to generate a ULA prefix for the AIL. This > means that if there are several stub routers connected to the same AIL and > the same Thread network, they will all always advertise the same ULA on the > AIL if there's no usable prefix there. This has a really nice benefit of > increasing the stability of numbering on the wire in the presence of stub > router reboots. This prefix isn't routable, so if the stub router gets > connected to a different AIL, there's not much it can do about it. It's not > actually clear what to do in this situation, since if there's another stub > router still connected to the old AIL, we have ambiguous routing to that > prefix on the stub network. In the case of Thread, we don't consider this a > serious concern, since thread has similar locality to home networks: if you > can't reach the home router, you probably can't reach the thread network > you were connected to before either. > > >> 4 – Section 5.2.3 mentions “cloud services will not be reachable via >> IPv6”. How is this relevant to DHCPv6 PD? Is it more accurate to say “any >> address outside the stub network will not be reachable via IPv6”? >> > > No, IPv6 addresses on the AIL will be reachable. We need a DHCPv6 prefix > on the stub network to participate in IPv6 routing on non-adjacent links > northbound of the stub network. > > >> 5 – Section 8. Should you add NAT64 as a service provided by Stub Routers? >> > > Good point. > > Thanks for the review! Either Jonathan or I will do an update based on > these comments (and any further comments that come as part of this > conversation)! > >
- [Snac] draft-ietf-snac-simple-01 review comments Darren Dukes (ddukes)
- Re: [Snac] draft-ietf-snac-simple-01 review comme… Ted Lemon
- Re: [Snac] draft-ietf-snac-simple-01 review comme… Ted Lemon
- Re: [Snac] draft-ietf-snac-simple-01 review comme… Darren Dukes (ddukes)
- Re: [Snac] draft-ietf-snac-simple-01 review comme… Michael Richardson
- Re: [Snac] draft-ietf-snac-simple-01 review comme… Ted Lemon
- Re: [Snac] draft-ietf-snac-simple-01 review comme… Ted Lemon
- Re: [Snac] draft-ietf-snac-simple-01 review comme… Michael Richardson
- Re: [Snac] draft-ietf-snac-simple-01 review comme… Ted Lemon