Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11

[Adrian Farrel <adrian@olddog.co.uk>]

Thanks, Ron, for showing some of your typical charity and moderation. I have just been catching up on the SPRING list (a lot can happen in one day) and when I got to Antione’s email I was upset enough to start write to the chairs to ask them to bring some better behaviour back to the conversation. But before I did, I went to read the rest of the thread and found Ron’s email.

 

I agree with Ron that using a separate Ethertype would allow SRv6 to fly more freely. It would, in my opinion, enable features to be added to SRv6 without these seemingly-endless debates over compatibility with IPv6. Indeed, I feel some responsibility for not pushing this idea harder when it was first suggested right at the very beginnings of the SPRING working group. Id didn’t understand then, and I don’t understand now, why the objection to the different Ethertype is so strong.

 

I hesitate to speculate about why there may be concerns about a new Ethertype, but I believe it would make things so much easier for the successful development and deployment of SRv6.

 

Cheers,

Adrian

 

From: spring <spring-bounces@ietf.org> On Behalf Of Ron Bonica
Sent: 27 March 2024 13:50
To: Andrew Alston - IETF <andrew-ietf=40liquid.tech@dmarc.ietf.org>; Antoine FRESSANCOURT <antoine.fressancourt@huawei.com>; Tom Herbert <tom@herbertland.com>
Cc: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>; spring@ietf.org; Robert Raszuk <robert@raszuk.net>; Alvaro Retana <aretana.ietf@gmail.com>
Subject: Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11

 

Folks,

 

Previously in this thread, Antoine Fressancourt wrote:

 

" I think everyone here has realized that the current discussion about C-SID is a proxy for some people’s discontent with Segment Routing at large".

 

At first, I took offense to this comment and was not going to grace it with a response. It is bad form to infer the motivation of others. But now, I understand why Antoine might make such a comment.

 

SRv6 has had a strained relationship with IPv6 since the beginning. Do you remember:

 

*	The debates about inserting and removing extension headers in flight

*	The debates SRv6 and the IPv6 Addressing architecture

 

The checksum discussion is yet another manifestation of the tension between the SRv6 forwarding plane and the IPv6 forwarding plane. Pointing out that tension is not an attack on SRv6. It is a contribution to SRv6.

 

SRv6 can benefit by diverging and forking from IPv6. This is likely because the SRv6 use-case is different from the IPv6 use-case. These differences will only become more pronounced in the future. And as use-cases diverge, so will requirements. And as requirements diverge, the tension between the two forwarding planes will also increase.

 

This doesn't mean that SRv6 is a bad thing. It only means that its future is different from that of IPv6.

 

                                                                    Ron

 

 

 

 

 

Juniper Business Use Only

  _____  

From: Andrew Alston - IETF <andrew-ietf=40liquid.tech@dmarc.ietf.org>
Sent: Wednesday, March 27, 2024 9:01 AM
To: Ron Bonica <rbonica@juniper.net>; Antoine FRESSANCOURT <antoine.fressancourt@huawei.com>; Tom Herbert <tom@herbertland.com>
Cc: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>; spring@ietf.org <spring@ietf.org>; Robert Raszuk <robert@raszuk.net>; Alvaro Retana <aretana.ietf@gmail.com>
Subject: Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11 

 

[External Email. Be cautious of content]

 

100% agree with t hat – the checksum issue is another incremental issue – the sids document documents multiple other issues – and I’m far from convinced it’s a complete list of issues.  I do agree with that Tom that a draft that documents all the divergence that already exists would be useful – and I’m happy to co-author on that.

 

Thanks

 

Andrew

 

 

 

Internal All Employees

From: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>
Date: Wednesday, 27 March 2024 at 15:59
To: Antoine FRESSANCOURT <antoine.fressancourt@huawei.com>, Andrew Alston - IETF <andrew-ietf@liquid.tech>, Tom Herbert <tom@herbertland.com>
Cc: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>, spring@ietf.org <spring@ietf.org>, Robert Raszuk <robert@raszuk.net>, Alvaro Retana <aretana.ietf@gmail.com>
Subject: Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11 

Antoine,

 

The checksum issue is not the first to make us consider whether SRv6 should be forked from IPv6. Nor is it the most significant.

 

Please take a look at draft-ietf-6man-sids. That exercise in equivocation would not have been necessary if SRv6 more clearly conformed to IPv6 standards.

 

                                                    Ron

 

Juniper Business Use Only

 

Juniper Business Use Only

  _____  

From: Antoine FRESSANCOURT <antoine.fressancourt@huawei.com>
Sent: Wednesday, March 27, 2024 4:42 AM
To: Andrew Alston - IETF <andrew-ietf=40liquid.tech@dmarc.ietf.org>; Tom Herbert <tom@herbertland.com>; Ron Bonica <rbonica@juniper.net>
Cc: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>; spring@ietf.org <spring@ietf.org>; Robert Raszuk <robert@raszuk.net>; Alvaro Retana <aretana.ietf@gmail.com>
Subject: RE: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11

 

[External Email. Be cautious of content]

 

Hello,

 

I think it is a bit odd that the question that led us to discuss whether SRv6 was an extension of IPv6 or a separate dataplane protocol on the ground of SRv6’s divergence from the IPv6 standard came from a question about whether middleboxes, which addresses are not in the packet’s IPv6 header, should be able to check the correctness of a L4 checksum, in a layer that they should not mess with because they are not an end of the packet forwarding procedure.

 

If we want to talk about layer violations or non-conformance to standards, I suggest we come back to the initial issue and determine clearly whether those middleboxes’ behavior makes sense or not (and you guessed I think they should not mess with L4 checksum). Maybe this is a question to V6ops, maybe we should clarify what is a packet’s recipient per the RFC Andrew Alston has cited, but I think it is an issue that is more general than C-SID’s discussion.

 

Best regards,


Antoine Fressancourt

 

From: spring <spring-bounces@ietf.org> On Behalf Of Andrew Alston - IETF
Sent: mercredi 27 mars 2024 07:25
To: Tom Herbert <tom@herbertland.com>; Ron Bonica <rbonica@juniper.net>
Cc: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>; spring@ietf.org; Robert Raszuk <robert@raszuk.net>; Alvaro Retana <aretana.ietf@gmail.com>
Subject: Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11

 

Tom,

 

I believe a number of the differences are highlighted in draft-ietf-6man-sids.

 

Though that does not go as far as to say they ipv6 and srv6 are not the same thing – it does highlight that there are key deviations between srv6 and rfc4291 for example.

 

(I hit discuss on this when I was still an AD as seen here https://datatracker.ietf.org/doc/draft-ietf-6man-sids/ballot/#draft-ietf-6man-sids_andrew-alston <https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-ietf-6man-sids/ballot/*draft-ietf-6man-sids_andrew-alston__;Iw!!NEt6yMaO-gk!DU6XFSbAExHKgAEdnXtcbm0bN6GhqSO9_14l7vRnh75fEvCDgOl6QJyZIsqfBfDqWRTFZ654z1iUaN--S3jdcz5hW_LM$>   because as I said in the discuss I believe that the sids document was attempting to have it both ways – and I don’t believe you can do that)

 

I also point out that if we do agree to diverge between srv6 and ipv6 – this can be done without creating further complexity – and by allowing for an *optional* ethertype as per https://datatracker.ietf.org/doc/draft-raviolli-intarea-trusted-domain-srv6/ <https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/draft-raviolli-intarea-trusted-domain-srv6/__;!!NEt6yMaO-gk!DU6XFSbAExHKgAEdnXtcbm0bN6GhqSO9_14l7vRnh75fEvCDgOl6QJyZIsqfBfDqWRTFZ654z1iUaN--S3jdc2SoAa0p$>  this also would allow operators the choice to run srv6 in a way that makes them comfortable or not – without complexity and actually *enhance* the deployment of srv6 – because there are operators out there that will never run srv6 while we continue to insist its ipv6 but violate the ipv6 standards – at the expense of security and other aspects.

 

I have never understood the vendor resistence to giving operators this choice though – especially when it would actually help get their stuff deployed in more networks potentially.

 

Andrew

 

 

Internal All Employees

From: Tom Herbert <tom@herbertland.com <mailto:tom@herbertland.com> >
Date: Wednesday, 27 March 2024 at 02:52
To: Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net> >
Cc: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com <mailto:Alexander.Vainshtein@rbbn.com> >, spring@ietf.org <mailto:spring@ietf.org>  <spring@ietf.org <mailto:spring@ietf.org> >, Andrew Alston - IETF <andrew-ietf@liquid.tech <mailto:andrew-ietf@liquid.tech> >, Robert Raszuk <robert@raszuk.net <mailto:robert@raszuk.net> >, Alvaro Retana <aretana.ietf@gmail.com <mailto:aretana.ietf@gmail.com> >
Subject: Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11

On Tue, Mar 26, 2024 at 4:03 PM Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net> > wrote:
>
> Sasha,
>
> At the moment when SRv6 diverges from  IPv6, the two evolutionary branches are identical. If SRv6 needs link locals, it can use them.
>
> However, SRv6 now has the freedom to evolve in ways that IPv6 cannot.

Hi Ron,

That assumes that SRv6 is forked from IPv6? It might be nice for
someone to write up an I-D to really clarify the relationship between
SRv6 and IPv6.

Tom

>
>                                                                   Ron
>
> Juniper Business Use Only
>
> ________________________________
> From: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com <mailto:Alexander.Vainshtein@rbbn.com> >
> Sent: Tuesday, March 26, 2024 4:24 PM
> To: Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net> >
> Cc: spring@ietf.org <mailto:spring@ietf.org>  <spring@ietf.org <mailto:spring@ietf.org> >; Andrew Alston - IETF <andrew-ietf@liquid.tech <mailto:andrew-ietf@liquid.tech> >; Robert Raszuk <robert@raszuk.net <mailto:robert@raszuk.net> >; Tom Herbert <tom@herbertland.com <mailto:tom@herbertland.com> >; Alvaro Retana <aretana.ietf@gmail.com <mailto:aretana.ietf@gmail.com> >
> Subject: Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11
>
>
> [External Email. Be cautious of content]
>
> Ron,
> I am not sure you can separate just the forwarding plane of SRv6 and IPv6.
>
> E.g., what would happen to all the IPv6 mechanisms that use link-local IPv6 addresses?
>
> Replicating these mechanisms does not make much sense to me.
>
> My 2c,
> Sasha
>
>
> Get Outlook for Android
>
>
> Juniper Business Use Only
>
> ________________________________
> From: Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net> >
> Sent: Tuesday, March 26, 2024 8:36:49 PM
> To: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com <mailto:Alexander.Vainshtein@rbbn.com> >
> Cc: spring@ietf.org <mailto:spring@ietf.org>  <spring@ietf.org <mailto:spring@ietf.org> >; Andrew Alston - IETF <andrew-ietf@liquid.tech <mailto:andrew-ietf@liquid.tech> >; Robert Raszuk <robert@raszuk.net <mailto:robert@raszuk.net> >; Tom Herbert <tom@herbertland.com <mailto:tom@herbertland.com> >; Alvaro Retana <aretana.ietf@gmail.com <mailto:aretana.ietf@gmail.com> >
> Subject: [EXTERNAL] Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11
>
> Sasha,
>
> Good point. In my previous email, I didn't mean suggest that we should divorce SRv6 from the entire suite of Internet protocols. I only meant that we should divorce the SRv6 forwarding plane from the IPv6 forwarding plane. BGP could continue to distribute SIDS exactly as is distributes MPLS service labels today.
>
> You bring up another good point about the parallel evolution of SRv6 and IPv6. Yes, this is an engineering trade off. If you divorce SRv6 from IPv6, and IPv6 develops a useful new feature, SRv6 might need to develop that feature, too. However, if you bind SRv6 to IPv6, SRv6 must strictly adhere to IPv6 standards, both now and in the future.
>
> Which is more painful?
>
>                                                                        Ron
>
> Juniper Business Use Only
>
> ________________________________
> From: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com <mailto:Alexander.Vainshtein@rbbn.com> >
> Sent: Tuesday, March 26, 2024 1:56 PM
> To: Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net> >
> Cc: spring@ietf.org <mailto:spring@ietf.org>  <spring@ietf.org <mailto:spring@ietf.org> >; Andrew Alston - IETF <andrew-ietf@liquid.tech <mailto:andrew-ietf@liquid.tech> >; Robert Raszuk <robert@raszuk.net <mailto:robert@raszuk.net> >; Tom Herbert <tom@herbertland.com <mailto:tom@herbertland.com> >; Alvaro Retana <aretana.ietf@gmail.com <mailto:aretana.ietf@gmail.com> >
> Subject: RE: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11
>
>
> [External Email. Be cautious of content]
>
> Ron and all,
>
> I respectfully disagree with the proposal of separation of SRv6 from the existing IPv6.
>
>
>
> IMHO and FWIW the most important added value of SRv6 is its ability to provide BGP-based overlay services without any changes in the P routers as described in Introduction of RFC 9252:
>
>
>
> To provide SRv6 service with best-effort connectivity, the egress PE signals an SRv6 Service SID with the BGP overlay service route. The ingress PE encapsulates the payload in an outer IPv6 header where the destination address is the SRv6 Service SID provided by the egress PE. The underlay between the PEs only needs to support plain IPv6 forwarding [RFC8200].
>
>
>
> To me this means that SRv6 services can benefit from incremental deployment when new forwarding capabilities (implementation of SRv6 Endpoint Behaviors) would be initially available just in the relevant PEs.
>
>
>
> And best-effort BGP-based SRv6 services would scale up much better than best-effort BGP-based services on top of a SR-MPLS underlay because:
>
> With SR-MPLS, the forwarding HW of the ingress PE would have to maintain at least one dedicated egress encapsulation information element for the local representation of each service instance in each egress PE of this service (the label stack that delivers the packet to the relevant egress PE and the label that identifies the relevant service in this egress PE)
> With SRv6, the forwarding HW of the ingress PE would have to maintain only a dedicated egress encapsulation information element for each local adjacency of this PE.
>
> IMHO and FWIW the flex-algo approach extends the above scalability considerations to BGP-based SRv6 services that require some kind of traffic engineering.
>
>
>
> All these advantages would be lost if SRv6 were separated from IPv6. Such separation would require, at the very least:
>
> HW (or FW) upgrades that would identify received SRv6 packets based on their new Ethertype – across the entire SRv6 network
> SW upgrades supporting new/modified routing protocols dedicated for SRv6 – also across the entire SRv6 network.
>
>
>
> From my POV, SRv6 should try to minimize its deviations from the “normal” IPv6 (e.g., the differences in the address architecture), clearly define them and avoid all attempts to violate the IPv6 rules that do not belong to the “deviated” area.
>
>
>
> My 2c,
>
> Sasha
>
>
>
>
> Juniper Business Use Only
>
> From: spring <spring-bounces@ietf.org <mailto:spring-bounces@ietf.org> > On Behalf Of Ron Bonica
> Sent: Tuesday, March 26, 2024 7:14 PM
> To: Tom Herbert <tom@herbertland.com <mailto:tom@herbertland.com> >; Alvaro Retana <aretana.ietf@gmail.com <mailto:aretana.ietf@gmail.com> >
> Cc: spring@ietf.org <mailto:spring@ietf.org> ; Andrew Alston - IETF <andrew-ietf@liquid.tech <mailto:andrew-ietf@liquid.tech> >; Robert Raszuk <robert@raszuk.net <mailto:robert@raszuk.net> >
> Subject: [EXTERNAL] Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11
>
>
>
> Working Group,
>
>
>
> Might  SRv6 progress much more quickly if we did the following:
>
>
>
> ·       Divorce SRv6 from IPv6
>
> ·       Give SRv6 its own ethertype
>
> ·       Let SRv6 progress along its own evolutionary trajectory, unencumbered by IPv6 restrictions
>
>
>
> At very least, this divorce would end the long and painful debates regarding IPv6 compliance. And would it give SRv6 more degrees of freedom as it evolves,
>
>
>
> As far as I can see, the only benefit of binding SRv6 to IPv6 is in the expectation that IPv6-enabled hardware won't have to change too much to support SRv6. This benefit might still be realized if SRv6 doesn't deviate too much from IPv6.
>
>
>
> My question is not rhetorical. Maybe I am missing something, but is there any real benefit in continuing to bind SRRv6 to IPv6?
>
>
>
>                                                            Ron
>
>
>
> Juniper Business Use Only
>
> ________________________________
>
> From: Tom Herbert <tom@herbertland.com <mailto:tom@herbertland.com> >
> Sent: Monday, March 25, 2024 3:40 PM
> To: Alvaro Retana <aretana.ietf@gmail.com <mailto:aretana.ietf@gmail.com> >
> Cc: Robert Raszuk <robert@raszuk.net <mailto:robert@raszuk.net> >; Andrew Alston - IETF <andrew-ietf@liquid.tech <mailto:andrew-ietf@liquid.tech> >; Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net> >; spring@ietf.org <mailto:spring@ietf.org>  <spring@ietf.org <mailto:spring@ietf.org> >; Joel Halpern <jmh@joelhalpern.com <mailto:jmh@joelhalpern.com> >
> Subject: Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11
>
>
>
> [External Email. Be cautious of content]
>
>
> On Mon, Mar 25, 2024 at 12:31 PM Alvaro Retana <aretana.ietf@gmail.com <mailto:aretana.ietf@gmail.com> > wrote:
> >
> > Tom:
> >
> > Hi!
> >
> > I understand your point.
> >
> > I put the option out there because it came up at last week’s spring meeting and it should be discussed.
>
> Alvaro,
>
> This seems to come back to the fundamental question: is SRv6 still
> IPv6 or is it a new protocol. If it's IPv6 then it should adhere to
> all the requirements and expectations of IPv6, if it's a new protocol
> that is going to diverge from the standard IPv6 then maybe it needs
> its own EtherType and standards development path.
>
> Tom
>
>
> >
> > Thanks!
> >
> > Alvaro.
> >
> >
> > On March 25, 2024 at 2:58:48 PM, Tom Herbert (tom@herbertland.com <mailto:tom@herbertland.com> ) wrote:
> >
> > On Mon, Mar 25, 2024 at 11:17 AM Alvaro Retana <aretana.ietf@gmail.com <mailto:aretana.ietf@gmail.com> > wrote:
> > >
> > > FWIW, I agree with most of what Joel wrote. ;-)
> > >
> > > I see another path forward: Given that the issue is constrained to an SR domain, the draft could also point out the issues as operational/deployment considerations. Operators can then make an informed decision on whether they want to/can use C-SIDs without an SRH in their network. This path forward (or leaving it out of scope, as Joel suggests below) is something the spring WG can reach consensus on by itself (i.e., without needing to consult or agree with other WGs).
> >
> > Alvaro,.
> >
> > This wouldn't be robust and would seem to violate the "be conservative
> > in what you send clause". Punting this to the operators doesn't seem
> > practical either, in an even moderately large network they wouldn't be
> > able to know all the potential problems they might hit in devices.
> > They're about one misconfiguration away from having to debug a rather
> > unpleasant problem. For instance, if operator gets a packet trace from
> > a router they would see a whole bunch of packets with bad checksums,
> > but they would have no way of knowing if these were cases of segment
> > routing or actually corrupted packets.
> >
> > Tom
>
>
>
> Disclaimer
>
> This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
>
>