IETF Logo Mail Archive

Re: [spring] C-SIDs and upper layer checksums (draft-ietf-spring-srv6-srh-compression)

"Martin Vigoureux (Nokia)" <martin.vigoureux@nokia.com> Thu, 04 April 2024 18:48 UTC

Return-Path: <martin.vigoureux@nokia.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80294C151995 for <spring@ietfa.amsl.com>; Thu, 4 Apr 2024 11:48:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.176
X-Spam-Level:
X-Spam-Status: No, score=-2.176 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.08, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nokia.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EyZhd8038wFo for <spring@ietfa.amsl.com>; Thu, 4 Apr 2024 11:48:16 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2093.outbound.protection.outlook.com [40.107.22.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFEABC14F69C for <spring@ietf.org>; Thu, 4 Apr 2024 11:47:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fO/oF1NQSZ8V8wMBtd52ohaPePHaYvHz2QwCGdTrO6/TXp89J2u0mJpACdmNY44mYIuIBaM+GhAe2ZgVLKnUycn+TCUN0zhgSd16f1A6hVy5RMPc3Pi54yfHR/KpMYti4XdsZuY/CgTVIyrnyDSSzltrfXP+xzm0oJO8u6C/jbFdU+BiyhmuzZFebY8awjMykWIks8cBkTMZnc+psHox7rnzTB1qAJv15NeA16jaEukdjhF4JBhZDy64/3dfk8ttvFpM/BabbHFrU5Hj3OX8qOzVGbgnl3NUD3DNr0Nwj7W2Io+ZP+qUJhUZvbpOdCz/qfYJIMZ3utHwpGiORuUqWw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=QduJILPwv78O6MaLBGuutLXQDQouV1RDqoqkV/Fjnr8=; b=csi7OoOoc4ot1RC7E0+TFtsHmAgH8pxDW+m/OEvnsPdgb2Ogio+TuqIjxOdOLzGohCtu7o/PW+hv9q6jc5XS1QzaA+2VJuOkOF73l1ZKVe79PNfjcI8eV5ujNEMSxiOY6HXEJNVP5LTcJ+50VcaZ+cBs06J47BK67OLM4m/ypzS4txCWVpedqqZ9K/0pSkkEKlysPLMC87b0+O9/yIa98K1lOF5BctyWfbxqwmZPhuhb9A6upSmcbsxGlSqYSHwTg39uEsQyAp9nkFxV4Au9otIN/CCUzvs5urL9e6O9w0mlue+rEXK8cCCXvSY1ahI4czuLYJ1sUQa0C2ScoZabRg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QduJILPwv78O6MaLBGuutLXQDQouV1RDqoqkV/Fjnr8=; b=lgpHy3U1WOiOLC7nGYTS1dQHyLMz1WHkK/FhazGpXKIkPXpzkwA64CjSt31rPXN+6TqMdu6M1SSaxXrcx6M7uRSSRd20JenweC53ErV3RD/YWNdsTQ8lC1AvKapBkO5sxKEcsptCi1VYpabLtVVdZyGfOqbhr+0xPF4u/1YW9cA6CE1r9nw80652UE9HTGRNxf9v9UznKgCmvtgcfzxkQRpUj/ala1PwcuaZVO00+F1GLfZTZ7nc6En+QS2lUNCvQeQihp0BxwXkCMCjXeF5j++sgiOEpPkNkmEAVc8Hf/2Zq5mVT4TPAEGPilVm8/eWAqPCK/gaMkjmMf4+UWC6kg==
Received: from AM6PR07MB5560.eurprd07.prod.outlook.com (2603:10a6:20b:6f::22) by AM8PR07MB7442.eurprd07.prod.outlook.com (2603:10a6:20b:234::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Thu, 4 Apr 2024 18:47:44 +0000
Received: from AM6PR07MB5560.eurprd07.prod.outlook.com ([fe80::4bba:985b:ad:55e8]) by AM6PR07MB5560.eurprd07.prod.outlook.com ([fe80::4bba:985b:ad:55e8%3]) with mapi id 15.20.7409.042; Thu, 4 Apr 2024 18:47:43 +0000
Message-ID: <548b1fbc-8106-40c0-aced-bc1f92bdf415@nokia.com>
Date: Thu, 04 Apr 2024 20:47:40 +0200
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
To: spring@ietf.org
References: <4V9T74452Sz1nsk5@mailb2.tigertech.net>
From: "Martin Vigoureux (Nokia)" <martin.vigoureux@nokia.com>
In-Reply-To: <4V9T74452Sz1nsk5@mailb2.tigertech.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: PR0P264CA0200.FRAP264.PROD.OUTLOOK.COM (2603:10a6:100:1f::20) To AM6PR07MB5560.eurprd07.prod.outlook.com (2603:10a6:20b:6f::22)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: AM6PR07MB5560:EE_|AM8PR07MB7442:EE_
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: XLevGus+zXIfQAZCS+bkFnTrAtpIH6kyvuwLvzr6tdsKjOBoeZTf8D7YCukeX3ogp1QxS8rkmobCE1uq7Pkf5pXfxNSnjHTKwx/NhAUdr585Aa04UB72r40RF9a4yWmRoiW1ENQbJxT+S7IMsa2bkqLPpnzDrc2CXfPyL5x30/KwVpcI9y39OdB/3yochJKdsSAz1sWwqLcmICVKOXq6W19ZNVwZQ/dqNOT4/0mA8yHgFeT8VYgqHltefdDf9DFyONAUg8Wq0o/n1SIHccrBdtI5BB7xXUao2kkusW5gLUwEURQy4zFzqcQndTcIS3SwVU6O1YWdAI3w16ra43V3vi5W86rd9HeCfEaPgzrgrO15tarqrItrXBbCHsLb2er0c/ElkeMpG4WUbiBz1ulZXdPG2fnVdRIc/10sZSXn+tacCH1qkaWj9ayuNzwCw6lnbpShDm4EgTxSVEvVqMnfSlxXeWKARLFhORY+UTSNnqcPgWIFNmUo1f4C0uaegl2PDKJ2g/hrbeLQThDokdZlVAecrFIBAkWpi6ZTpfsDmRCqaClQuNg0jhObKyeQXP92l+5S/n7mEZ1f+goDWwctOY2VL+FW6eorRt5wgYOvSFtQ1TJCoqKA8s3QQjr/+02O
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR07MB5560.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366007)(376005)(1800799015); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: +GhVgv/LDF2gXhKm+mERaRpDUhX+z3uEjwkUF7FMwYlwZdyZ9cExkB4bT7+Vq0VPg3fAx5VvKVw0OCRh8PQJm8Qi3afdLsriKbvABXhh9ZQn5dJmUI17fsRqx+G7NBcRFSs9Y7VMzxplKcluNEJ9pdzTNnGpMFhL70uBISzT+iBSsS942anNJGhKYW39en4qqeaQCdVEMw6LwTt2ROJO1nOZjbDCVCZ9PFXpL80nbPEHj/CWW1mqfTP8xwr0sY4RqwS0fvHVS8Y3Qspty/uLeStLQazJzC2xLfm/tQyKkeyf7uoHeXi0BPvKsb6ddWzm75Uh+fy7HtlYieIhJb0Rsz9S+x1huhyz/isrBTr6g8GiSNj3MatgqZfzHIkTckNKMq8nWMylPz5EVp7ReUNOu9QFSj7rFs+Ouc3fTWq4HkJg8acUGYTK2XKPznqSgkSwmQhT/+hlvqUdeZaAPeqOwlb/I0+Rlc5LIxB3o1XfyiowZxH6Gh32ObZCUDI8qivHmmBr9eVQQ7gUp7C19TwAtF2WbOqNdhKlPRci8/bQhJ+ZgtmVRnw/nkHwq++vtznjGd1anVfx9iU/yvnE1w6zZctiPxI/wjK86db4lgQl0XFQSAaBxFF5pojsyf4Od8ypvBFTRLy2SixRv24i7jVkfDBIc4lVkvg9RyI02GHc2Vu3s/dtMQifO58ayCEm/fIaXLa6hP/VsMft+NbtzGNIaS67iAkYi8c7w1bC76Rc7rO51n/HYdtuyVD+w9slN16B699M/TCNpDfHxBZ9YAdk+3uDh54HWuTr+LWkU1fa5Vpj2kaKlw/X73f26frXgkbu0HuygdtV75Gk050MQaoaOFa0NKxgo9aPuDKRoA7kZnsXWHDLCR11fuYLvfVd5DnduNn10+wiFkgIJpgYCaMPP9RTKLyMtmPX4UfEjhS5CRfp62L4x/ERxsDhKs+EiYX8ti3zrcxzMnjfRO4g1m9Q/5wbUC1Xb5nHi/oil2znfUETwLAELlGyhNvtRINdH+VZK5x7p3nAGZUbLDayqJmX/PAXW/sgN0oLurE3PKLSJ3LBgfjEfKrq70XmVWPc2UvqYse3DdP5p97JCtbX7tOwxRtglYKLF64W2Vx0EUt369xY7IsjrzD/DkWHHT1QiBQrFSnu5F6V52SDErkl6axSbbCg+Ty2anntzssgUF95sB2zZqmD8v01GpyNvIp94oPbli3U489nIgf3ntCP7bIOJXWdvOP5pph8E1I2KdxGM9zO++3XxoI1vBKCFYEUcvx6Z2XNXIrdyuyOryTgPmHjlRNOhqMb2Pj3MPKX/D6n3DV/ZqoJwMCUX1s8nZHGSXmHdJFp0NQS/BdT/OtKPz6JJuDBsW0O/vST3ZRMZR5qVXI15Aw6kBBlrcF55EvkXCUllqafcR/DnhRmWdjHfaurJGakckamW3wkrJ7GnH9yRYyitqDTT8ORjftwwbJDwq4On2g4SNF41PgpA+Ogz+PQM+Hi2suTCGF5L5pQVUPZ+M2Ws+s0784hLX8PAeG+X0UlP/eplWOvjsG7KYRahJQzJj75axo0nkd0jfLQtYiwJpBlzadVJb4iSWJ8cCl6v/6hme88ItZZ9KEITR9TPiaQR1tdRyCALU7gP9ZX/VivWvS0n394TI9u3RVMvvzq7BbMWNK7gaayiIDht2FdUYtjwQ==
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 37028e74-383c-4e7c-c217-08dc54d7b668
X-MS-Exchange-CrossTenant-AuthSource: AM6PR07MB5560.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Apr 2024 18:47:43.5914 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: lEPB2NdpO2h17UvTPPiSMai83MS6RPPxiC5cD8X0zNBsmMYh36GBwWQ+p+f0wVYQI1ftkX5cku0bYNrlWpWn927hNOL7Xwv6SX/k85t0y/8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR07MB7442
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/4n2YZuwjaGxu0BDPYBKuxPLyCww>
Subject: Re: [spring] C-SIDs and upper layer checksums (draft-ietf-spring-srv6-srh-compression)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 18:48:20 -0000

Joel,

do you mean specifying the sid *list* as the DA?

-m

Le 2024-04-04 à 19:26, jmh.direct a écrit :
> 	
> CAUTION:This is an external email. Please be very careful when clicking 
> links or opening attachments. See the URL nok.it/ext for additional 
> information.
> 
> So you can't ping a uSID list by just specifying the uSID as the DA?
> Yours,
> Joel
> 
> 
> 
> Sent via the Samsung Galaxy S20 FE 5G, an AT&T 5G smartphone
> 
> 
> -------- Original message --------
> From: Francois Clad <fclad.ietf@gmail.com>
> Date: 4/4/24 1:10 PM (GMT-05:00)
> To: Joel Halpern <jmh.direct@joelhalpern.com>
> Cc: SPRING WG List <spring@ietf.org>, Robert Raszuk <robert@raszuk.net>, 
> Andrew Alston - IETF <andrew-ietf@liquid.tech>
> Subject: Re: [spring] C-SIDs and upper layer checksums 
> (draft-ietf-spring-srv6-srh-compression)
> 
> Hi Joel,
> 
> One can ping a SID of this document without a segment list by simply 
> running the ping command with that SID as an argument (2nd paragraph of 
> section 9.1).
> 
> To ping a SID of this document via a SID list, one needs to configure 
> the originator node to impose that SID list, like any other SRv6 SID list.
> 
> Hope this helps.
> 
> Cheers,
> Francois
> 
> 
> On 4 Apr 2024 at 16:29:11, Joel Halpern <jmh.direct@joelhalpern.com 
> <mailto:jmh.direct@joelhalpern.com>> wrote:
>>
>> <No Hats>
>>
>> It seems that the text you quote requires that the ping code or kernel 
>> code know that the user has specified a uSID for the ping DA.   Maybe 
>> I am missing something, but it is not obvious to me how that would be 
>> achieved?  And does seem to imply that an unmodified ping will get 
>> incompatible and unexpected results?
>>
>> Yours,
>>
>> Joel
>>
>> On 4/4/2024 10:23 AM, Francois Clad wrote:
>>> Hi Joel,
>>>
>>> The ping behavior is described in section 9.1 of the draft 
>>> (https://www.ietf.org/archive/id/draft-ietf-spring-srv6-srh-compression-14.html#section-9.1).
>>>
>>> Specifically,
>>> "When pinging a SID of this document via a segment list, the SR 
>>> source node MUST construct the IPv6 packet as described in Section 6 
>>> and compute the ICMPv6 checksum as described in Section 6.5."
>>>
>>> Please let me know if anything in this text is not clear.
>>>
>>> Thanks,
>>> Francois
>>>
>>> On 4 Apr 2024 at 16:10:11, Joel Halpern <jmh.direct@joelhalpern.com> 
>>> wrote:
>>>>
>>>> <No Hat>
>>>>
>>>> Does this mean that if I have a source and destiantion host inside 
>>>> an SRv6 domain, and I am trying to verify a uSID path between them, 
>>>> so I issue the command ping <usUD-DA>, it will fail?  Given that we 
>>>> have documents describing the use of ping and traceroute with SRv6, 
>>>> shouldn't the comrpession document say someething about this?
>>>>
>>>> Your,s
>>>>
>>>> Joel
>>>>
>>>> On 4/4/2024 9:59 AM, Francois Clad wrote:
>>>>> Hi Andrew,
>>>>>
>>>>> The originator (TX Linux box in your case) acting as an SR source 
>>>>> node for C-SID must follow the entire Section 6 of 
>>>>> draft-ietf-spring-srv6-srh-compression, including section 6.5 about 
>>>>> the checksum calculation. One cannot expect it to work if it only 
>>>>> implements half of it.
>>>>>
>>>>> On the receive side, there is nothing special to do. The DA in the 
>>>>> received IPv6 header is the one that was used for the checksum 
>>>>> calculation.
>>>>>
>>>>> I do not see anything broken.
>>>>>
>>>>> Cheers,
>>>>> Francois
>>>>>
>>>>> On 4 Apr 2024 at 15:32:12, Andrew Alston - IETF 
>>>>> <andrew-ietf@liquid.tech> wrote:
>>>>>>
>>>>>> So in investgiating this further, there is a further problem.
>>>>>>
>>>>>> I’ve checked on 4 different linux boxes with 4 different network 
>>>>>> cards.
>>>>>>
>>>>>> Linux by default offloads TX checksumming on a lot of network 
>>>>>> cards.  If you originate a packet with a microsid and no SRH – and 
>>>>>> the linux box offloads the checksum generation – the checksum 
>>>>>> generated by the NIC will be incorrect – and when the packet 
>>>>>> arrives at the end host – if that end host is running RX 
>>>>>> checksumming – the checksum will fail and the packet will be dropped.
>>>>>>
>>>>>> If you disable TX checksumming – the kernel will have no way to 
>>>>>> tell if the packet is an Ipv6 or a microsid packet, it will 
>>>>>> therefore use the DA – and generate an incorrect checksum.  Again 
>>>>>> – if RX checksumming is enabled on the receiving end point – the 
>>>>>> packet will get dropped.
>>>>>>
>>>>>> Effectively this does NOT just affect middle boxes – it effects 
>>>>>> anything generating a packet directed to a microsid that either 
>>>>>> offloads the tx to hardware (whichi will have no clue this is a 
>>>>>> microsid) or in the alternative is generating tx checksums itself 
>>>>>> via kernel mechanisms that will treat these packets as standard 
>>>>>> Ipv6 packets.
>>>>>>
>>>>>> This is broken – severely broken.
>>>>>>
>>>>>> Andrew
>>>>>>
>>>>>> *
>>>>>> *
>>>>>>
>>>>>> *
>>>>>>
>>>>>> Internal All Employees
>>>>>>
>>>>>> From: *spring <spring-bounces@ietf.org> on behalf of Francois Clad 
>>>>>> <fclad.ietf@gmail.com>
>>>>>> *Date: *Thursday, 4 April 2024 at 14:49
>>>>>> *To: *Joel Halpern <jmh.direct@joelhalpern.com>
>>>>>> *Cc: *SPRING WG List <spring@ietf.org>, Robert Raszuk 
>>>>>> <robert@raszuk.net>
>>>>>> *Subject: *Re: [spring] C-SIDs and upper layer checksums 
>>>>>> (draft-ietf-spring-srv6-srh-compression)
>>>>>>
>>>>>> 	
>>>>>>
>>>>>> Some people who received this message don't often get email from 
>>>>>> fclad.ietf@gmail.com. Learn why this is important 
>>>>>> <https://aka.ms/LearnAboutSenderIdentification>
>>>>>>
>>>>>> 	
>>>>>>
>>>>>> CAUTION: This email has originated from a free email service 
>>>>>> commonly used for personal email services, please be guided 
>>>>>> accordingly especially if this email is asking to click links or 
>>>>>> share information.
>>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> Section 6.5 of draft-ietf-spring-srv6-srh-compression specifies 
>>>>>> how an SR source node originating a packet with an upper layer 
>>>>>> checksum determines the Destination Address for use in the IPv6 
>>>>>> pseudo-header.
>>>>>>
>>>>>> As a co-author, I’d say that the current text of 6.5 is good.
>>>>>>
>>>>>> This text is aligned with RFC 8200. It only indicates how the text 
>>>>>> in Section 8.1 of RFC 8200 applies to the SIDs of 
>>>>>> draft-ietf-spring-srv6-srh-compression. This is necessary since 
>>>>>> RFC 8200 does not specify the format nor behavior of any source 
>>>>>> routing scheme.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Francois
>>>>>>
>>>>>> On 4 Apr 2024 at 00:10:55, Joel Halpern 
>>>>>> <jmh.direct@joelhalpern.com> wrote:
>>>>>>
>>>>>>     I can not speak to the "norm" for other working groups.  The
>>>>>>     SPRING charter is very specific about what we have to do if we
>>>>>>     want to change an underlying protocol.  We have to go back to
>>>>>>     the WG which owns that protocol.
>>>>>>
>>>>>>     6man gets to decide if the change is acceptable, and if it is
>>>>>>     acceptable how it is to be represented.  SPRINGs job is to
>>>>>>     make sure we are asking the question we intend.
>>>>>>
>>>>>>     Yours,
>>>>>>
>>>>>>     Joel
>>>>>>
>>>>>>     On 4/3/2024 6:05 PM, Robert Raszuk wrote:
>>>>>>
>>>>>>         Ok Joel,
>>>>>>
>>>>>>         Thank you for this clarification.
>>>>>>
>>>>>>         To me the actual spirit of RFC8200 8.1 is to say that it
>>>>>>         is ok to compute the checksum by the src such that it
>>>>>>         comes out right at the final destination.
>>>>>>
>>>>>>         But I guess we can have different opinions about that.
>>>>>>
>>>>>>         But what I find specifically surprising here is that it is
>>>>>>         a norm in IETF to have new specifications
>>>>>>         defining protocol extensions and their behaviour and never
>>>>>>         go back to the original protocol RFC to check if this is
>>>>>>         ok or not. If that would not be a normal process I bet we
>>>>>>         would still be using classful IPv4 routing all over the
>>>>>>         place.
>>>>>>
>>>>>>         Regards,
>>>>>>
>>>>>>         Robert
>>>>>>
>>>>>>         On Wed, Apr 3, 2024 at 11:28 PM Joel Halpern
>>>>>>         <jmh@joelhalpern.com> wrote:
>>>>>>
>>>>>>             The concern with regard to the text that the chairs
>>>>>>             are asking about is not about intermediate nodes
>>>>>>             verifying the checksum.  The text does not talk aabout
>>>>>>             that, so we are not asking about that.
>>>>>>
>>>>>>             But, the text in 8200 specifies how the originating
>>>>>>             node is to compute the upper layer checksum.  It
>>>>>>             doesn't say "do whatever you need to do to make the
>>>>>>             destination come out right".  It provides specific
>>>>>>             instructions.  Yes, it is understandable that those
>>>>>>             instructions do not cover the compressed container
>>>>>>             cases.  Which is why the compression document
>>>>>>             specifies changes to those procedures.
>>>>>>
>>>>>>             Thus, we need to ask 6man how they want to handle the
>>>>>>             change in the instructions in 8200.
>>>>>>
>>>>>>             the question we are asking SPRING is whether there is
>>>>>>             any clarification people want to the text in the
>>>>>>             compression draft before we send the question over to
>>>>>>             6man.
>>>>>>
>>>>>>             Yours,
>>>>>>
>>>>>>             Joel
>>>>>>
>>>>>>             On 4/3/2024 5:15 PM, Robert Raszuk wrote:
>>>>>>
>>>>>>                 Hi Joel,
>>>>>>
>>>>>>                 My interpretation of text from RFC8200 is that it
>>>>>>                 allows discrepancy between the header and the
>>>>>>                 upper layer checksum as long as final packet's
>>>>>>                 destination sees the correct one.
>>>>>>
>>>>>>                 The last condition is met.
>>>>>>
>>>>>>                 So I see no issue.
>>>>>>
>>>>>>                 Sure RFC8200 does not talk about SRH nor cSIDs,
>>>>>>                 but provides a hint on how to handle such future
>>>>>>                 situations.
>>>>>>
>>>>>>                 With that being said I would like to still
>>>>>>                 understand what real problem are we hitting here ...
>>>>>>
>>>>>>                 Kind regards,
>>>>>>
>>>>>>                 Robert
>>>>>>
>>>>>>                 On Wed, Apr 3, 2024 at 11:09 PM Joel Halpern
>>>>>>                 <jmh@joelhalpern.com> wrote:
>>>>>>
>>>>>>                     There are two cases covered in section 6.5 of
>>>>>>                     the compression draft that appear to be at
>>>>>>                     variance with secton 8.1 of RFC 8200.
>>>>>>
>>>>>>                     First, if the final destination in the routing
>>>>>>                     header is a compressed container, then the
>>>>>>                     ultimate destination address will not be the
>>>>>>                     same as the final destination shown in the
>>>>>>                     routing header.
>>>>>>
>>>>>>                     Second, if a uSID container is used as the
>>>>>>                     destination address and no SRH is present,
>>>>>>                     then in addition to the above problem there is
>>>>>>                     no routing header to trigger the behavior
>>>>>>                     described.
>>>>>>
>>>>>>                     Yours,
>>>>>>
>>>>>>                     Joel
>>>>>>
>>>>>>                     On 4/3/2024 4:22 PM, Robert Raszuk wrote:
>>>>>>
>>>>>>                         Hi Alvaro,
>>>>>>
>>>>>>                             Section 6.5 of
>>>>>>                             draft-ietf-spring-srv6-srh-compression
>>>>>>                             describes the
>>>>>>                             behavior when an originating node
>>>>>>                             inside an SRv6 domain creates a
>>>>>>                             packet with a C-SID as the final
>>>>>>                             destination. _This description differs
>>>>>>                             from the text in Section 8.1 of RFC8200._
>>>>>>
>>>>>>                         I would like you to clarify the above
>>>>>>                         statement - specifically of the last
>>>>>>                         sentence.
>>>>>>
>>>>>>                         Reason for this that after looking at both
>>>>>>                         drafts I find section 6.5 of the subject
>>>>>>                         draft to be exactly in line with RFC8200
>>>>>>                         section 8.1 especially with the paragraf
>>>>>>                         which says:
>>>>>>
>>>>>>                         *         If the IPv6 packet contains a
>>>>>>                         Routing header, the Destination
>>>>>>                                  Address used in the pseudo-header
>>>>>>                         is that of the final
>>>>>>                                  destination.  At the originating
>>>>>>                         node, that address will be in
>>>>>>                                  the last element of the Routing
>>>>>>                         header; at the recipient(s),
>>>>>>                                  that address will be in the
>>>>>>                         Destination Address field of the
>>>>>>                                  IPv6 header.*
>>>>>>
>>>>>>                         So before we dive into solutions (as
>>>>>>                         Andrew has already provided a few of) I
>>>>>>                         think we should first agree on what
>>>>>>                         precise problem are we solving here ?
>>>>>>
>>>>>>                         Many thx,
>>>>>>
>>>>>>                         Robert
>>>>>>
>>>>>>                         PS. As a side note I spoke with my
>>>>>>                         hardware folks - just to check if
>>>>>>                         validation of upper-layer checksum is even
>>>>>>                         an option for transit nodes. The answer is
>>>>>>                         NO as most data plane hardware can read at
>>>>>>                         most 256 bytes of packets. So unless there
>>>>>>                         is some specialized hardware processing up
>>>>>>                         to 9K packets in hardware at line rates
>>>>>>                         this entire discussion about checksum
>>>>>>                         violations, fears of firing appeals is
>>>>>>                         just smoke.
>>>>>>
>>>>>>     _______________________________________________
>>>>>>     spring mailing list
>>>>>>     spring@ietf.org
>>>>>>     https://www.ietf.org/mailman/listinfo/spring
>>>>>>
> 
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring

v2.23.0 | Report a Bug | By Email