IETF Logo Mail Archive

Re: [spring] A note on CRH and on going testing

Jeff Tantsura <jefftant.ietf@gmail.com> Sat, 21 September 2019 20:32 UTC

Return-Path: <jefftant.ietf@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E973512010D for <spring@ietfa.amsl.com>; Sat, 21 Sep 2019 13:32:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zACfcWpuNDuL for <spring@ietfa.amsl.com>; Sat, 21 Sep 2019 13:31:58 -0700 (PDT)
Received: from mail-pf1-x429.google.com (mail-pf1-x429.google.com [IPv6:2607:f8b0:4864:20::429]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 444351200DE for <spring@ietf.org>; Sat, 21 Sep 2019 13:31:58 -0700 (PDT)
Received: by mail-pf1-x429.google.com with SMTP id a2so6676627pfo.10 for <spring@ietf.org>; Sat, 21 Sep 2019 13:31:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:message-id:in-reply-to:references:subject :mime-version; bh=01VGv7pBaS8yz81RjzGf6DdDdFqSij+McncAghUycPM=; b=XCUtnUqDacBO9srG401oQkVJj2a7xAmN6v0l2jxq0JuYmq6QPN4U7IkU+0pP0u4PNt OdovcoWJ4DHZNlS6cc4wgraBqWIcVt1yojsNnB86QY5qhAKDjIKTlLkuIZfG5TuYyO6D MlMXiSAEezS07v5wZkS2SqVp2DrTPPiGY4jPGwUja582DR81xml87giwO0K4rX3sArZR MFk2VHrSGOMoV0LM+uwiOuI9ED/i1lG/je9gzE6ynD6zQuLtnvUUUIzKobrLEKtScC4H kniICZHsO2KPRoeiMkD4/hy0LNzkP4y9nIN5SF7BQOM69tiyNbtyG0P+blnCKTGlcimj qutA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:message-id:in-reply-to :references:subject:mime-version; bh=01VGv7pBaS8yz81RjzGf6DdDdFqSij+McncAghUycPM=; b=KrTuNqaG1Pp0rY7fX/q0qRoOj7Mthb6iEHMX8+j0BBCLJnmUhUuUfKe8i+0BrwG8qP HyXdVBZnwRPfddpMA7N/e3CptkupF9J/0kl0Q+jPqw13dX71+unT3h4SGba0jM+JQ05e /4VdQRzOeriDYZUKCZCH3k0yp/7AkfRIuC9uJtnUQC8X7alTbtiOmyLnj8q5aUETcNVL cmTun0XncYRADugNcBng5tg3Ct1w3mAD58XVnXyGi/8i1+LyDIm0G0FYJPR6F2L+1+Nb NZufcLfanrUYyBBYLd4J/bIpYaGbM0z1mel4o2HQCcoFnFr/TyFvZ5WUo0JAC5SdU2rk t34Q==
X-Gm-Message-State: APjAAAWL+rGhGAFUE+I/ueVz9erwIACqOB5le4/WHMz/N66X9lHyHOZn z0ornEMlhB5upPZHqh2awlk=
X-Google-Smtp-Source: APXvYqwUiFWUgkoEaP84/rI3fY/I0/oAeUajl6b9FTE+1kQlXIMIudpGqfGRYaJgxjRaQrzFx/6aYQ==
X-Received: by 2002:a17:90a:fe0b:: with SMTP id ck11mr557448pjb.87.1569097917168; Sat, 21 Sep 2019 13:31:57 -0700 (PDT)
Received: from [192.168.1.12] (c-73-189-13-44.hsd1.ca.comcast.net. [73.189.13.44]) by smtp.gmail.com with ESMTPSA id 202sm5309685pfu.161.2019.09.21.13.31.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 21 Sep 2019 13:31:56 -0700 (PDT)
Date: Sat, 21 Sep 2019 13:31:46 -0700
From: Jeff Tantsura <jefftant.ietf@gmail.com>
To: "Chengli (Cheng Li)" <chengli13@huawei.com>, Ron Bonica <rbonica@juniper.net>
Cc: SING Team <s.i.n.g.team.0810@gmail.com>, "EXT - daniel.bernier@bell.ca" <daniel.bernier@bell.ca>, SPRING WG List <spring@ietf.org>
Message-ID: <e0776cf0-fbf9-4b13-9aed-54d82c9ee16e@Spark>
In-Reply-To: <BYAPR05MB546372D1E0559F75D7DA5F61AE880@BYAPR05MB5463.namprd05.prod.outlook.com>
References: <1568906072231.1bkuswxveutxvlrzmmzkgs2g@android.mail.163.com> <20625BDC-2D90-4E35-96E3-2BC4B723C06E@bell.ca> <C7C2E1C43D652C4E9E49FE7517C236CB026DDDBE@dggeml529-mbx.china.huawei.com> <FC493433-BCDD-4080-9400-61481E7ADEF8@gmail.com> <BYAPR05MB546372D1E0559F75D7DA5F61AE880@BYAPR05MB5463.namprd05.prod.outlook.com>
X-Readdle-Message-ID: e0776cf0-fbf9-4b13-9aed-54d82c9ee16e@Spark
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="5d8688ba_885e1b_2a6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/5QeCT1-A2dseS8sD8iCKa4MkwXs>
Subject: Re: [spring] A note on CRH and on going testing
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Sep 2019 20:32:01 -0000

Hi Ron,

Thanks for your comments, exactly, BSID MPLS label = CRH value :)

Cheers,
Jeff
On Sep 20, 2019, 11:09 AM -0700, Ron Bonica <rbonica@juniper.net>, wrote:
> Hi Jeff,
>
> It would be easy enough to add a binding SID to SRv6+. Given customer demand, I would not be averse to adding one.
>
> However, there is another way to get exactly the same behavior on the forwarding plane without adding a new SID type.
>
> Assume that on Node N, we have the following SFIB entry:
>
>
> • SID: 123
> • IPv6 address: 2001:db8::1
> • SID type: prefix SID
>
>
> Now assume that was also have the following route on Node N:
>
> 2001:db8::1 -> SRv6+ tunnel with specified destination address and CRH
>
> This gives you the same forwarding behavior as a binding SID.
>
>                                                            Ron
>
>
>
> Juniper Business Use Only
> From: spring <spring-bounces@ietf.org> On Behalf Of Jeff Tantsura
> Sent: Thursday, September 19, 2019 10:53 PM
> To: Chengli (Cheng Li) <chengli13@huawei.com>
> Cc: SING Team <s.i.n.g.team.0810@gmail.com>; EXT - daniel.bernier@bell.ca <daniel.bernier@bell.ca>; SPRING WG List <spring@ietf.org>
> Subject: Re: [spring] A note on CRH and on going testing
>
> There’s number of solutions on the market that extensively use BSID for multi-domain as well as multi-layer signaling.
>
> Regards,
> Jeff
>
> On Sep 19, 2019, at 19:49, Chengli (Cheng Li) <chengli13@huawei.com> wrote:
> > +1.
> >
> > As I mentioned before, Binding SID is not only for shortening SID list.
> > We should see the important part of binding SID in inter-domain routing,  since it hides the details of intra-domain. Security and Privacy are always important.
> >
> > Since the EH insertion related text will be removed from SRv6 NP draft, I don’t think anyone will still say we don’t need binding SID.
> > Let’s be honest, Encap mode Binding SID is very useful in inter-domain routing. It is not secure to share internal info outside a trusted network domain.
> >
> > Cheng
> >
> >
> > From: spring [mailto:spring-bounces@ietf.org] On Behalf Of Bernier, Daniel
> > Sent: Thursday, September 19, 2019 11:36 PM
> > To: SING Team <s.i.n.g.team.0810@gmail.com>
> > Cc: 'SPRING WG List' <spring@ietf.org>
> > Subject: Re: [spring] A note on CRH and on going testing
> >
> > +1
> >
> > This is what we did on our multi-cloud trials.
> >
> > Encap with Binding SID to avoid inter-domain mapping + I don’t need to have some sort of inter-domain alignment of PSSIs
> >
> > Dan
> >
> > On 2019-09-19, 11:18 AM, "spring on behalf of SING Team" <spring-bounces@ietf.org on behalf of s.i.n.g.team.0810@gmail.com> wrote:
> >
> > Hi Andrew,
> >
> > Good to hear that reality experiment :)
> >
> > But is it secure to share internal SID-IP mappings outside a trusted network domain?
> >
> > Or is there an analogue like Binding SID of SRv6, in SRv6+?
> >
> > Btw, PSSI and PPSI can not do that now, right?
> >
> > Best regards,
> > Moonlight Thoughts
> >
> >
> > (mail failure, try to cc to spring again.)
> >
> > On 09/19/2019 17:49, Andrew Alston wrote:
> > Hi Guys,
> >
> > I thought this may be of interest in light of discussions around deployments and running code - because one of the things we've been testing is inter-domain traffic steering with CRH on both our DPDK implementation and another implementation.
> >
> > So - the setup we used last night:
> >
> > 6 systems in a lab - one of which linked to the open internet.  Call these S1 -> S6
> > 3 systems in a lab on the other side of the world - no peering between the networks in question.  Call these R1 -> R3
> >
> > We applied a SID list on S1, that steered S1 -> S2 -> S3 -> S6 -> R1 -> R3, with the relevant mappings from the CRH SID's to the underlying addressing (S2 had a mapping for the SID for S3, S3 had a mapping for the SID corresponding to S6, S6 had a mapping for the SID corresponding to R1 etc)
> >
> > Then we sent some packets - and the test was entirely successful.
> >
> > What this effectively means is that if two providers agree to share the SID mappings - it is possible to steer across one network, out over an open path, and across a remote network.  Obviously this relies on the fact that EH's aren't being dropped by intermediate providers, but this isn't something we're seeing.
> >
> > Combine this with the BGP signaling draft - and the SID's can then be signaled between the providers - work still going on with regards to this for testing purposes.  Just as a note - there would be no requirement to share the full SID mapping or topologies when doing this with BGP - the requirement would be only to share the relevant SID's necessary for the steering.
> >
> > I can say from our side - with various other providers - this is something that we see *immense* use case for - for a whole host of reasons.
> >
> > Thanks
> >
> > Andrew
> >
> >
> > _______________________________________________
> > spring mailing list
> > spring@ietf..org
> > https://www.ietf.org/mailman/listinfo/Spring
> > _______________________________________________
> > spring mailing list
> > spring@ietf.org
> > https://www.ietf.org/mailman/listinfo/spring

v2.23.0 | Report a Bug | By Email