Re: [spring] Question from SPRING regarding draft-filsfilscheng-spring-srv6-srh-compression
Nick Hilliard <nick@foobar.org> Sun, 17 October 2021 22:38 UTC
Return-Path: <nick@foobar.org>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94B3F3A132D; Sun, 17 Oct 2021 15:38:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FGLGShPipHXk; Sun, 17 Oct 2021 15:38:50 -0700 (PDT)
Received: from mail.netability.ie (mail.netability.ie [IPv6:2a03:8900:0:100::5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B674F3A132B; Sun, 17 Oct 2021 15:38:48 -0700 (PDT)
X-Envelope-To: ipv6@ietf.org
Received: from crumpet.local (admin.ibn.ie [46.182.8.8]) (authenticated bits=0) by mail.netability.ie (8.17.1/8.16.1) with ESMTPSA id 19HMciK8096722 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 17 Oct 2021 23:38:44 +0100 (IST) (envelope-from nick@foobar.org)
X-Authentication-Warning: cheesecake.ibn.ie: Host admin.ibn.ie [46.182.8.8] claimed to be crumpet.local
To: "Joel M. Halpern" <jmh@joelhalpern.com>
Cc: "ipv6@ietf.org" <ipv6@ietf.org>, "spring@ietf.org" <spring@ietf.org>
References: <85fddbe9-4eb8-7d90-d246-a888fe8bdcd3@joelhalpern.com>
From: Nick Hilliard <nick@foobar.org>
Message-ID: <66bcaafc-ab55-7884-d002-c4be439e2062@foobar.org>
Date: Sun, 17 Oct 2021 23:38:43 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:52.0) Gecko/20100101 PostboxApp/7.0.49
MIME-Version: 1.0
In-Reply-To: <85fddbe9-4eb8-7d90-d246-a888fe8bdcd3@joelhalpern.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/A4oi_CrNUDK6nDcQSBVI5glA4lM>
Subject: Re: [spring] Question from SPRING regarding draft-filsfilscheng-spring-srv6-srh-compression
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Oct 2021 22:38:55 -0000
Joel M. Halpern wrote on 13/10/2021 04:52: > 1) Does the placement of a list of sids in the IPv6 DA field change the > IPv6 architectural description of that field. the draft, as I understand it, specifies that inside the srv6 limited domain, the DA is overwritten in-flight with a locator of configurable mask length, followed by a stack containing CSIDs. On each node that the packet passes through, the router left-shifts the stack of CSIDs by a number of bits, which causes an implicit stack pop of the CSID list. The locator remains unchanged. Once the stack is empty, the DA field is reverted to the original DA. The question from the point of view of IPv6 architecture is whether the modified DA a) represents the ipv6 address of an interface (rfc4291, section 2.1) and b) represents the "128-bit address of the intended recipient of the packet" (rfc8200, section 3). The answer to both of these questions seems to be no. -- If we take the examples in draft-clad-spring-srv6-srh-compression-illus, the locator is 2001:db8:000b (block length 48), normally written as 2001:db8:b::/48. At no point is there necessarily a node in the network with an interface which which is bound to an ip address constructed as [locator].[csid1]..[csidN]. It might happen that there was such an interface, but this is not necessary for the protocol to function as specified. From this point of view, the draft does not appear to comply with the definition of the destination address field of the ipv6 header, as defined in rfc8200. -- Question b (i.e. whether the address represents the "128-bit address of the intended recipient of the packet"). It is presumed that the address space carved out by the operator allocates a unique block of IP addresses for the locator. The modified DA will not generally (and probably not ever) represent the intended recipient of the packet, so on this basis it seems that the draft introduces a semantic change to the addressing architecture of ipv6 as defined in rfc4291. -- In simple terms, the srh compression draft appears to repurpose the ipv6 DA field as a temporary storage stack. This changes the semantics of the DA field into something different that rfc8200 / rfc4291 aren't aware of. Some people have brought up NAT and mutable ipv6 header fields. I don't see an issue with modifying source or destination IP addresses / ports in-flight, as long as they represent actual endpoints as defined in rfc8200/4291. We have 25 years of precedent in the form of NAT, so this simply isn't a problem. What is a problem is changing the semantics of a well-known field to mean something else other than what's defined in 8200/4291. The rationale for doing this is not relevant. On a constructive point, I have no doubt that the authors need space to store the SID stack, so it may be better for them to consider using an EH for this purpose. If this were handled in a similar way to how standard SRv6 forwards packets using EHs for SID lists, I don't believe that there would be an issue for 6man to be concerned about, and as there is already running code which uses EHs to determine next-hops for SRv6 packets, there is no reason not to do something similar for C-SIDs. > 2) Does the operation of shifting information around in the IPv6 > destination address field represent a modification or extension of the > IPv6 data plane. Although the syntax remains the same, the draft proposes that the semantics of the ipv6 header be modified. In a SRv6 domain, a packet modified as described will do one thing, and outside the domain it mean something quite different. Rather than answering this question directly, let's take the heterogeneous brown-field network example provided in: https://mailarchive.ietf.org/arch/msg/ipv6/LQyfNkJjCEijP0v8mHYIQPBT7-A/ In this network, if a packet has its DA modified as described in this draft, then the packet would not necessarily arrive at its endpoint if it needed to traverse a section of the network which wasn't srv6 aware. If no modification had been made to the ipv6 data plane, then the packet would be expected to arrive at its destination. This is in contrast with standard srv6, which can apparently support this style of configuration. It is true that SRv6 is defined only in terms of its rfc8799 limited domain and you could argue that as the limited domain is not properly specified according to what the I-D authors intended, that this is a configuration problem rather than a protocol problem. Flip side, this example describes what happens when limited domains hit operational reality, i.e. this is an interesting example of why modifying data plane semantics is considered to be a red-flag issue from the point of view of baseline protocol semantics - things break. Nick
- Re: [spring] Question from SPRING regarding draft… Stefano Salsano
- [spring] Question from SPRING regarding draft-fil… Joel M. Halpern
- [spring] Typo correction Re: Question from SPRING… Joel M. Halpern
- Re: [spring] Typo correction Re: Question from SP… Brian E Carpenter
- Re: [spring] Typo correction Re: Question from SP… Michael Richardson
- Re: [spring] Typo correction Re: Question from SP… Ted Hardie
- Re: [spring] Typo correction Re: Question from SP… Carsten Bormann
- Re: [spring] Question from SPRING regarding draft… Erik Kline
- Re: [spring] Typo correction Re: Question from SP… Brian E Carpenter
- Re: [spring] Typo correction Re: Question from SP… Tom Herbert
- Re: [spring] Typo correction Re: Question from SP… mohamed.boucadair
- Re: [spring] Typo correction Re: Question from SP… Mark Smith
- Re: [spring] Typo correction Re: Question from SP… mohamed.boucadair
- Re: [spring] Typo correction Re: Question from SP… Ted Hardie
- [spring] short term plan regarding adoption call … Joel M. Halpern
- Re: [spring] Typo correction Re: Question from SP… Tom Herbert
- Re: [spring] Question from SPRING regarding draft… Andrew Alston
- Re: [spring] Question from SPRING regarding draft… Francois Clad (fclad)
- Re: [spring] Typo correction Re: Question from SP… Michael Richardson
- Re: [spring] Typo correction Re: Question from SP… Brian E Carpenter
- [spring] All IPv6 fields are now mutable (Re: Typ… Mark Smith
- Re: [spring] Question from SPRING regarding draft… Brian E Carpenter
- Re: [spring] Question from SPRING regarding draft… Brian E Carpenter
- Re: [spring] All IPv6 fields are now mutable (Re:… Andrew Alston
- Re: [spring] Question from SPRING regarding draft… Mark Smith
- Re: [spring] Question from SPRING regarding draft… Brian Carpenter
- Re: [spring] Question from SPRING regarding draft… Michael Richardson
- Re: [spring] Question from SPRING regarding draft… Darren Dukes (ddukes)
- Re: [spring] All IPv6 fields are now mutable (Re:… Tom Herbert
- Re: [spring] Question from SPRING regarding draft… Brian E Carpenter
- Re: [spring] All IPv6 fields are now mutable (Re:… Brian E Carpenter
- Re: [spring] Question from SPRING regarding draft… Nick Hilliard
- Re: [spring] All IPv6 fields are now mutable (Re:… Tom Herbert
- Re: [spring] Question from SPRING regarding draft… Darren Dukes (ddukes)
- Re: [spring] Question from SPRING regarding draft… Brian E Carpenter
- Re: [spring] All IPv6 fields are now mutable (Re:… Brian E Carpenter
- Re: [spring] Question from SPRING regarding draft… otroan
- Re: [spring] Typo correction Re: Question from SP… Ted Hardie
- Re: [spring] Typo correction Re: Question from SP… Brian E Carpenter
- Re: [spring] Typo correction Re: Question from SP… Brian E Carpenter
- Re: [spring] Typo correction Re: Question from SP… Mark Smith
- [spring] Administrative interfaces (was draft-fil… Ted Hardie
- Re: [spring] Administrative interfaces (was draft… Robert Raszuk
- Re: [spring] Typo correction Re: Question from SP… Tom Herbert
- Re: [spring] Typo correction Re: Question from SP… Brian E Carpenter
- Re: [spring] Typo correction Re: Question from SP… Greg Mirsky
- Re: [spring] Typo correction Re: Question from SP… Brian E Carpenter
- Re: [spring] Question from SPRING regarding draft… Nick Hilliard
- Re: [spring] Typo correction Re: Question from SP… Darren Dukes (ddukes)
- Re: [spring] Typo correction Re: Question from SP… Gyan Mishra
- Re: [spring] Typo correction Re: Question from SP… Gyan Mishra
- Re: [spring] Typo correction Re: Question from SP… Chengli (Cheng Li)
- Re: [spring] Typo correction Re: Question from SP… Darren Dukes (ddukes)
- Re: [spring] Question from SPRING regarding draft… Erik Kline
- Re: [spring] Typo correction Re: Question from SP… Gyan Mishra
- Re: [spring] Typo correction Re: Question from SP… Greg Mirsky
- Re: [spring] Typo correction Re: Question from SP… Darren Dukes (ddukes)
- Re: [spring] Typo correction Re: Question from SP… Erik Kline
- Re: [spring] Typo correction Re: Question from SP… Erik Kline