Re: [Softwires] Ops-dir review of draft-ietf-softwire-mesh-framework-05
Pekka Savola <pekkas@netcore.fi> Sat, 20 December 2008 14:26 UTC
Return-Path: <softwires-bounces@ietf.org>
X-Original-To: softwires-archive@megatron.ietf.org
Delivered-To: ietfarch-softwires-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D311C3A690F; Sat, 20 Dec 2008 06:26:14 -0800 (PST)
X-Original-To: softwires@core3.amsl.com
Delivered-To: softwires@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7E7C13A690F; Sat, 20 Dec 2008 06:26:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.28
X-Spam-Level:
X-Spam-Status: No, score=-2.28 tagged_above=-999 required=5 tests=[AWL=-0.281, BAYES_00=-2.599, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dPPiERHT8Jjt; Sat, 20 Dec 2008 06:26:12 -0800 (PST)
Received: from netcore.fi (eunet-gw.ipv6.netcore.fi [IPv6:2001:670:86:3001::1]) by core3.amsl.com (Postfix) with ESMTP id 8D7D23A6861; Sat, 20 Dec 2008 06:26:11 -0800 (PST)
Received: from netcore.fi (localhost [127.0.0.1]) by netcore.fi (8.13.8/8.13.8) with ESMTP id mBKEPfcb003693; Sat, 20 Dec 2008 16:25:41 +0200
Received: from localhost (pekkas@localhost) by netcore.fi (8.13.8/8.13.8/Submit) with ESMTP id mBKEPenw003689; Sat, 20 Dec 2008 16:25:40 +0200
Date: Sat, 20 Dec 2008 16:25:40 +0200
From: Pekka Savola <pekkas@netcore.fi>
To: Eric Rosen <erosen@cisco.com>
In-Reply-To: <26601.1229632452@erosen-linux>
Message-ID: <alpine.LRH.2.00.0812201456210.2044@netcore.fi>
References: <26601.1229632452@erosen-linux>
User-Agent: Alpine 2.00 (LRH 1167 2008-08-23)
MIME-Version: 1.0
X-Virus-Scanned: ClamAV 0.94.2/8785/Fri Dec 19 10:53:51 2008 on otso.netcore.fi
X-Virus-Status: Clean
Cc: softwire-ads@tools.ietf.org, softwires@ietf.org, ops-dir@ietf.org, softwire-chairs@tools.ietf.org, draft-ietf-softwire-mesh-framework@tools.ietf.org
Subject: Re: [Softwires] Ops-dir review of draft-ietf-softwire-mesh-framework-05
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/softwires>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: softwires-bounces@ietf.org
Errors-To: softwires-bounces@ietf.org
Following up is going to be difficult due to the time of the year, but.. On Thu, 18 Dec 2008, Eric Rosen wrote: >> My main concern here is with the O&M implication of dynamically >> created and used softwires, which do not run any routing protocol and >> there is no IETF protocol or management framework which could be used >> to verify the correct operation of these tunnels. > > In fact, we have over a decade of experience with softwires, implemented as > MPLS tunnels. We also have many years of experience with softwires > implemented as L2TPv3 tunnels, and I believe there are also deployments of > softwires implemented as GRE tunnels. So it's a little late to claim that > these constructs pose insuperable management difficulties. > > All that's really new here is that the framework for signaling the tunnels > and for determining which packets get tunneled has been stated in a general > way, and the use of softwires is discussed in the context of a v6/v4 > Internet, rather than in the context of L3VPN. > > The application of OAM to softwires (particularly when realized as MPLS > LSPs) has been quite extensively discussed over the years and I don't think > anything new needs to be mandated by the framework document. I did not say these problems are insurmountable. The problems can be addressed by each operator deploying their own solution that addresses at least some of this. but these problems are not addressed in the IETF framework. We're creating a solution that is more fragile than status quo (a network which has not deployed MPLS and/or L2TPv3 for similar purpose) and IETF is doing disservice to the community if it doesn't clearly describe these problems (not done currently) and provide solutions to them. It would be interesting to get more references on L2TPv3 deployments, but I don't consider MPLS a very good comparison point here; the charter looks for IPx over IPy solution, as does the problem statement; it would seem to be that the MPLS-specific parts of this framework are redundant. For similar reasons, MPLS OAM techniques (such as LSP ping) are not AFAIK applicable here as the softwires framework is targeting non-MPLS deployments. >> In S 5 (this is also bordering on architectural issue): > > This leads to the following softwires deployment > restriction: if a BGP Capability is defined for the case > in which an E-IP NLRI has an I-IP NH, all the AFBRs in a > given transit core MUST advertise that capability. > >> ... is there any way an implementation could verify if this deployment >> restriction holds or not? > > I don't think a service provider with an I-IP core would start offering E-IP > transit service unless all its AFBRs were capable of providing the service. > This not only includes having the appropriate BGP capabilities, but also the > appropriate hardware/software capabilities to do the encapsulation and > decapsulation, support for E-IP and I-IP on appropriate interfaces, etc. > One could imagine configuring the BGP speakers (including route reflectors) > so that IBGP connections are not accepted unless some particular set of BGP > capabilities are advertised, but that's only one small piece of the overall > set of deployment requirements. This does not help much in preventing misconfigurations. For example, the document might say that the BGP Capability MUST NOT be advertised unless manually configured to do so (so that if an implementation would support this but the operator does not want to use it, it wouldn't be used). This still would not detect partial-mesh misconfigurations (I guess this would be similar to non-full ibgp mesh), but would reduce unintended effects. >> At some point, a client might want to upgrade to dual stack. Then, >> client-interface may use both E-IP and I-IP. This solution should be >> applicable then as well > > Depending on policy, one might or might not want to do, e.g., v6/v6 or v4/v4 > encapsulation. However, covering these cases is not within the scope of the > WG charter. I was not referring to v6/v6 or v4/v4 encapsulation. If a client upgrades from v4-only to dual-stack, does it need to switch provider to be able to use v6, or would v6 traffic be dropped on the floor? Obviously this should not be the case, but the framework does not say so. I believe it should, even if it is trivial. For example, enabling this method for v4 E-IP must not prevent the ISP from also providing v6 E-IP (without tunneling) to the user. >> I.e., the longest-prefix matching is no longer sufficient with >> softwires (i.e.: when deciding whether a packet to a particular E-IP >> destination prefix should be tunneled through a softwire or forwarded >> natively). > > I'm not sure what made you think that longest-prefix matching is not > sufficient. I was trying to figure out how 'show ip route [prefix]' or similar for an E-IP prefix would look like at an AFBR router, and I couldn't figure out how BGP could populate the routes in RIB without any softwire-specific mechanism, and conclused that the text in S 7 and later on policy referred to this. If you'd implement this with longest-prefix matching, but with modifications to BGP, what I guess could happen is that for a BGP message for an E-IP prefix, the system where this is configured would need to install the E-IP prefix to RIB, change the next-hop to to be a dynamically created point-to-point tunnel interface. This next-hop would only be changed for "softwire-enabled" BGP sessions. Each BGP I-IP nexthop would be associated with its own unnumbered tunnel interface. Or it could point to a pseudo-tunnel interface, which would have a separate routing table where it looked up where to tunnel packets. If above kind of operation is assumed, instead of talking about policy etc., some text on what's actually going on, even if non-normative, would help the reader grasp the content of what needs to happen and which mechanisms require modification in the process. >> missing standardization [in the area of tunneling multicasts] > > In the unicast area, most of the technology needed is already standardized > or in LC, hence the framework document makes normative references. In the > multicast area, the situation is different, and the framework document lays > out options without making normative references to specified technology. I'd say this is a problem; the problem statement calls rather strongly for the solution to support multicast, and it currently does not do so. >> Have these two things [BGP next hop resolution and stacking of >> encapsulations] been specified somewhere? This calls for a reference. > > I think "recursive route resolution" and "stacking encapsulations" are "terms > of the art" which do not need to be defined in this document, but for which > there is not a standard reference. Did you mean "do not need", because 'but' seems strange here (with this phrasing, I'd have expected 'and')? Nonetheless, I'd still say more specific text is needed, at the minimum clearly naming what is required and how to interoperate it. >> .. I believe this could result in two kinds of attacks which could be >> emphasized better (more below) Above uses "policy violations" which >> may be read to refer to a policy described in Section 7. For example, >> the focus of the second quoted sentence is odd -- and makes this seem like >> an issue in transmitting endpoints while to me the major issue seems to be >> unauthorized endpoints. > > The problem referred to is that if unauthorized nodes masquerade as > authorized transmitting endpoints, there may be a way to side-step the > authorized policies. I'm not quite sure what you are objecting to here. It seems to be emphasizing the wrong thing -- that different kinds of packets may or may not be encapsulated by authorized endpoints, and that unauthorized endpoints are not bound to these policies. The problem is the unauthorized endpoints, the policy (or lack thereof) of authorized endpoints doesn't really matter, because even if it didn't exist, we could think of various kinds of packets sent by unauthorized endpoints that would need to be blocked. The key point here is analyzing how to prevent unauthorized endpoints and what kind of impact failing to do so would cause. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ Softwires mailing list Softwires@ietf.org https://www.ietf.org/mailman/listinfo/softwires
- [Softwires] Ops-dir review of draft-ietf-softwire… Pekka Savola
- Re: [Softwires] Ops-dir review of draft-ietf-soft… Eric Rosen
- Re: [Softwires] Ops-dir review of draft-ietf-soft… Pekka Savola
- Re: [Softwires] Ops-dir review of draft-ietf-soft… Eric Rosen
- Re: [Softwires] Ops-dir review of draft-ietf-soft… Pekka Savola