IETF Logo Mail Archive

Re: [Softwires] softwires-encaps-safi

"Pradosh Mohapatra (pmohapat)" <pmohapat@cisco.com> Wed, 28 May 2008 15:55 UTC

Return-Path: <softwires-bounces@ietf.org>
X-Original-To: softwires-archive@megatron.ietf.org
Delivered-To: ietfarch-softwires-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 268EC28C1E9; Wed, 28 May 2008 08:55:30 -0700 (PDT)
X-Original-To: softwires@core3.amsl.com
Delivered-To: softwires@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 72E2A28C1CA for <softwires@core3.amsl.com>; Wed, 28 May 2008 08:55:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.349
X-Spam-Level:
X-Spam-Status: No, score=-5.349 tagged_above=-999 required=5 tests=[AWL=1.250, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ws6gn47mVWYv for <softwires@core3.amsl.com>; Wed, 28 May 2008 08:55:28 -0700 (PDT)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id 7B7CE28C233 for <softwires@ietf.org>; Wed, 28 May 2008 08:52:15 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.27,556,1204531200"; d="scan'208";a="14440491"
Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-4.cisco.com with ESMTP; 28 May 2008 08:52:23 -0700
Received: from sj-core-4.cisco.com (sj-core-4.cisco.com [171.68.223.138]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id m4SFqN7H002775; Wed, 28 May 2008 08:52:23 -0700
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by sj-core-4.cisco.com (8.13.8/8.13.8) with ESMTP id m4SFqNf7026617; Wed, 28 May 2008 15:52:23 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 28 May 2008 08:52:23 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Wed, 28 May 2008 08:52:21 -0700
Message-ID: <04CAD96D4C5A3D48B1919248A8FE0D5407225D9B@xmb-sjc-215.amer.cisco.com>
In-Reply-To: <200805052235.m45MZ9x12922@magenta.juniper.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Softwires] softwires-encaps-safi
Thread-Index: AcivAYdgQkbzBt9bRvCCdYUdO65FRQRkPNPg
References: Your message of "Mon, 05 May 2008 15:34:31 CDT."<89F15385-FDFE-4973-A8B2-A2F358655DFE@cisco.com> <200805052235.m45MZ9x12922@magenta.juniper.net>
From: "Pradosh Mohapatra (pmohapat)" <pmohapat@cisco.com>
To: Yakov Rekhter <yakov@juniper.net>, David Ward <dward@cisco.com>
X-OriginalArrivalTime: 28 May 2008 15:52:23.0758 (UTC) FILETIME=[D1EF3EE0:01C8C0DA]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=7428; t=1211989943; x=1212853943; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=pmohapat@cisco.com; z=From:=20=22Pradosh=20Mohapatra=20(pmohapat)=22=20<pmohapat @cisco.com> |Subject:=20RE=3A=20[Softwires]=20softwires-encaps-safi |Sender:=20; bh=Y9PjBs38ty+8R2RMufzNWvdPEOXmKDDDp0/Nxj7rY4g=; b=xmZI7kJtJXpb179kTTXJ0mZ/xFz2cLVjZBc0Gs2Yf5MuZl3vIK2sXmhGLe vV01BwUCa5ZcKmGCcURJ2fJ1vyA9uEZ/Vv1qyFcKfQYZebCU/i3o4bPlIiib gpt+iL/bR4;
Authentication-Results: sj-dkim-2; header.From=pmohapat@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
Cc: "Francois Le Faucheur (flefauch)" <flefauch@cisco.com>, Alain Durand <Alain_Durand@cable.comcast.com>, Jari Arkko <jari.arkko@piuha.net>, softwires@ietf.org, jgs@juniper.net, jianping <jianping@cernet.edu.cn>, riw@cisco.com
Subject: Re: [Softwires] softwires-encaps-safi
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/softwires>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: softwires-bounces@ietf.org
Errors-To: softwires-bounces@ietf.org

Hi Yakov,

We have posted another version of the draft that attempts to
address the below concerns. The draft is at
http://www.ietf.org/internet-drafts/draft-ietf-softwire-encaps-safi-01.t
xt

Among the changes are the following:

(1) Added section 4.3 to describe how the color is to be encoded
    as a sub-tlv in the encaps-SAFI. The section also defines a
    new opaque extended community for color that is to be attached
    to payload prefix UPDATE messages.

(2) Added text to section 4.4 to describe the behavior wrt nexthop
    resolution and colors. The following is the excerpt:

   "
   If a BGP speaker originates an update for prefix P with color C and
   with itself as the next hop, then it MUST also originate an encaps-
   SAFI update which contains the color C.

   Suppose that a BGP speaker receives an update for prefix P with color
   C, that the BGP decision procedure has selected the route in that
   update as the best route to P, that the next hop is node N, but that
   an encapsulation SAFI update originating from node N containing color
   C has not been received. In this case, no route to P will be
   installed in the forwarding table unless and until the corresponding
   encapsulation SAFI update is received, or the BGP decision process
   selects a different route.

   Suppose that a BGP speaker receives an "uncolored" update for prefix
   P, with next hop N, and that the BGP speaker has also received an
   encapsulation SAFI originated by N, specifying one or more
   encapsulations that may or may not be colored. In this case, the
   choice of encapsulation is a matter of local policy. The only
   "default policy" necessary is to choose one of the specified
   encapsulations.
   "

   Hope this clarifies the point.

Comments and feedback welcome.

Rgds,
- Pradosh

| -----Original Message-----
| From: softwires-bounces@ietf.org 
| [mailto:softwires-bounces@ietf.org] On Behalf Of Yakov Rekhter
| Sent: Monday, May 05, 2008 3:35 PM
| To: David Ward
| Cc: Francois Le Faucheur (flefauch); Alain Durand; Jari 
| Arkko; softwires@ietf.org; John G. Scudder <jgs@juniper.net>; 
| jianping; Russ White <riw@cisco.com>
| Subject: Re: [Softwires] softwires-encaps-safi
| 
| Dave,
| 
| > All -
| > 	We'd like to LC the suite of mesh related documents at 
| one time since 
| > they are all dependent on each other:
| > 
| >        draft-ietf-softwire-mesh-framework-04.txt
| >        draft-ietf-softwire-v4nlri-v6nh-01.txt
| >        draft-ietf-softwire-encaps-safi-00.txt
| >        draft-ietf-softwire-encaps-ipsec-01.txt
| > 
| > 
| > For this last call, if you have comments or nits please have the 
| > subject line include the draft title. For example Subject: 
| softwire- 
| > encaps-safi (as appropriate) so that your email clearly specifies 
| > which draft you are commenting on. Given that everyone is 
| so familiar 
| > w/ the set of specifications and the delta to this rev is rather 
| > small, we are going to have a 2.5 week Last Call period. It 
| will end 
| > May 23, 2008.
| 
| I think that one area of the document needs further clarification.
| 
| The following covers the discussion I had a while ago with 
| the authors.
| 
| From 4.3:
| 
|    Additionally, the Encapsulation SAFI UPDATE message can contain a
|    community or extended-community as a way to color the corresponding
|    tunnel TLV(s).  The same community or extended community 
| can then be
|    attached to the UPDATE messages that contain payload prefixes. This
|    way, the BGP speaker can express the fact that it expects 
| the packets
|    corresponding to these payload prefixes to be received with a
|    particular tunnel encapsulation header.
| 
| With this in mind consider a scenario where a PE receives an 
| encaps-safi update for a tunnel destined to address A1, and 
| this update is "colored" with a particular community C. The 
| PE also receives an VPN-IPv4 update that carries the same 
| community C, but its next hop is not A1, but A2.
| 
| What should the PE do when resolving the next hop towards 
| VPN-IPv4 routes ?
| 
| One could argue that if the nexthop address in a VPN-IPv4 
| update does not match any of the addresses from an 
| encaps-safi update, the nexthop can not get resolved. In 
| other words, this should be treated as a misconfig -- i.e.  
| there is no way to reach that nexthop using a tunnel encap 
| (unless there is some local config forcing to use an encap).
| 
| However, this argument is incorrect, as just because the 
| nexthop address in the VPN-IPv4 update does not match any of 
| the addresses from an encap-safi update does not really mean 
| that "the next hop can not get resolved".  In other words, 
| just because there is no way to reach the nexthop using the 
| tunnel carried in the encap-safi, does not mean that there is 
| no way to that nexthop.
| 
| Another alternative could be as follows:
| 
| 1. Next hop resolution is done as usual, with no regard to color.
|  
| 2. If  the next hop corresponds to  two encaps-safis, one red 
|  and one blue,
| then:
| 
|     - if the destination address matches a red prefix, use 
| the red encaps
|  
|     - if the destination address matches a blue prefix, use 
| the blue encaps
|  
|     - if the  destination prefix  is not colored,  and there 
| is  no uncolored
|       encaps-safi,  then  we have  a  config error  and  the  
| packet will  be
|       dropped.
| 
| In this alternative the last item seems incorrect - it should 
| be up to the ingress PE to decide whether to forward or to 
| drop (it is a matter of policy).
| 
| Moreover, there is a case that is not covered by the above. 
| Namely, where the Next Hop does not match any of the 
| addresses from the encap-safi updates.  In this case one can 
| not say that the next hop can not get resolved; it can not 
| get resolved *only* via available encap-safi. 
| 
| With all this in mind perhaps the spec should say that if 
| after the next hop resolution, the next hop does not have any 
| encaps info, or does not have encaps info that matches the 
| color of the prefix, then disposition of the packet is a 
| matter of policy on the ingress PE.
| 
| Of course, the next question to ask is what is the default 
| policy that every vendor SHOULD support. Here is a strawman 
| proposal for such default policy:
| 
| 1. Perform the usual procedures for finding the next hop, call it N.
|  
| 2. If no next hop is found, drop the packet and exit.
| 
| 3. If the policy is that there must be a color-matching 
| encaps-safi, then
|  
|     a. If there is none, remove from consideration all routes 
| whose next hop
|        is N, and go to 1.
|  
|     b. If there is a color-matching encaps-safi, tunnel the 
| packet according-
|        ly and exit.
| 
| 4. If the  policy  is  that there  does  not need  to  be a  
| color-matching
|    encaps-safi, then do whatever the policy says.
| 
| Yakov.
| _______________________________________________
| Softwires mailing list
| Softwires@ietf.org
| https://www.ietf.org/mailman/listinfo/softwires
| 
_______________________________________________
Softwires mailing list
Softwires@ietf.org
https://www.ietf.org/mailman/listinfo/softwires

v2.23.0 | Report a Bug | By Email