Re: [spring] [IPv6] Subject: Mandating SRH when using C-SIDs (draft-ietf-spring-srv6-srh-compression)
Mark Smith <markzzzsmith@gmail.com> Mon, 08 April 2024 19:16 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C025C151547; Mon, 8 Apr 2024 12:16:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.595
X-Spam-Level:
X-Spam-Status: No, score=-0.595 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XJRe0uUxFL07; Mon, 8 Apr 2024 12:16:01 -0700 (PDT)
Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AAE2C14F6AC; Mon, 8 Apr 2024 12:16:01 -0700 (PDT)
Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-a465ddc2c09so349531766b.2; Mon, 08 Apr 2024 12:16:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712603759; x=1713208559; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=1ENUXbRRwI08+g8735bbunfbogVO826PtUrCJBV4OTI=; b=EwfWaD3eKSiNhxiDVbJ4+XMjZs2kB48nJEjzDVA1Opbv0Vk8Ey34y9194vcUgEaRuy 9dFZQU72bUh4W/v5KTgk56ZshYHNLDE0PJGzWt4cJZIgCBcKCy/YHURbm7lcvAxIgGyK gOJDFot0cqYv2YjMdAHW437SdHksJNwhLg37ZqbnBiMgRMK6rNfcOtJWkZaknYCZ+7W8 TYsKDeA3ZpnUdu8+0/pxBbW49j61U+buLRLmAkWqkdUcVjcoc2IOeWAVK020PL12Mtj6 X3Tpca3GDRYKW8DXJ5CoJFP8bJM2X+WUUP0+RwWxjSd6L9FB8G16W+IGAnohwdDxEcic 0xhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712603759; x=1713208559; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1ENUXbRRwI08+g8735bbunfbogVO826PtUrCJBV4OTI=; b=PSE8J/K5pqs/wIG9fItQR6v/BUnUkWa0OzbgIOjGbza7S188abqoMj/9Em0K4H3gWI /7bNhcilWP3hLPFY1Btg/Gk4Yht8YNbM+/gkKsbVuxKSRVfp/JS7cHPCrziPaepbEI5T X55+AbHKlgVBs4sq0g+sTIAAhYf05nr621Qs7uPW3uzD3lHaFt9gLGz0IDQWOQq5wP8l JX6TV1AXvRLXNyX6x8ZFfUIC3fYKP3edad6Q+HgglWUFOYJEyM/k46P7BmAmfdyxBd6l Z6M1zQn60mC+omtfGGMD5v5sZzWUWLowBOJ9vn9HF7tpDzK1d/ln5xysPBGtEjufgLBf rnIQ==
X-Forwarded-Encrypted: i=1; AJvYcCVFW05D6Vgw2WOhH4yMI5H3DoTN4JY/KQklAUpubACySuuKmpmDL/p1RSsAQ7NXmXwTFnoGlb7kgij7Jl0sfxktPxckKMw4QjHR43ZPUqS+PDn4hklb1flb8UW92vsf2ASfqeWGcJI=
X-Gm-Message-State: AOJu0YwsQo9ZY+oJzESB4n9kq9oF8263aSjoPSfSKK+99NRoV04YCCgJ QiJTO1lwtCqdoOMOyWyNRq5xE1CPGBJ2mjw2M+LFhnCR2V2vku8jUaUCBCqHsZP+MSpInUEUdft jXjI+wqZ9EBG9MP3bzzK7kv3ZQJWWX/jf
X-Google-Smtp-Source: AGHT+IGKOmg9IuwmOkxYwyTAM55/PaJQZC89BlLD0JtK5sJLMW51V31wwsDPN26OzRm1S7kr1+RkzLRZO882eYYgCtI=
X-Received: by 2002:a50:8709:0:b0:56e:2a05:a0e3 with SMTP id i9-20020a508709000000b0056e2a05a0e3mr8098480edb.21.1712603758843; Mon, 08 Apr 2024 12:15:58 -0700 (PDT)
MIME-Version: 1.0
References: <CAMMESszUUdDw-xnDtZKqz75g6SXZ+7mXtZujBKwN+hxypC-Kuw@mail.gmail.com> <CAH6gdPzm-VXPwaPOjN0GqitDrNfMOyiXZRtMZDF7n5kjCu=X7g@mail.gmail.com>
In-Reply-To: <CAH6gdPzm-VXPwaPOjN0GqitDrNfMOyiXZRtMZDF7n5kjCu=X7g@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Tue, 09 Apr 2024 05:15:46 +1000
Message-ID: <CAO42Z2wsCcw_TBZ=vEOB63C-cd9ug0QpYCz9Rpz+rqFe0CktDQ@mail.gmail.com>
To: Ketan Talaulikar <ketant.ietf@gmail.com>
Cc: Alvaro Retana <aretana.ietf@gmail.com>, SPRING WG List <spring@ietf.org>, 6man <ipv6@ietf.org>, spring-chairs@ietf.org
Content-Type: multipart/alternative; boundary="000000000000afe19a06159aa20a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/D1-4kNCUNs8_HGvYf9lQHQvrPOo>
Subject: Re: [spring] [IPv6] Subject: Mandating SRH when using C-SIDs (draft-ietf-spring-srv6-srh-compression)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2024 19:16:03 -0000
Hi Ketan, On Tue, 9 Apr 2024, 01:55 Ketan Talaulikar, <ketant.ietf@gmail.com> wrote: > Hi Alvaro, > > I have some concerns about the second paragraph of your email. Compressed > SRv6 SIDs (C-SID) are still SRv6 and therefore everything from existing > SRv6 RFCs apply and those aspects are very much foundational to this C-SID > document as well. > > RFC8754 has introduced the omission of SRH (sec 4.1) and reduced SRH > behavior (sec 4.1.1) when not required. When taken along with RFC8986 > (H.Encap.*) and the most common use-cases for BGP services (RFC9252) where > for many scenarios (best effort or flex algo) SRH is not needed. This is > something that is already widely deployed by operators around the world in > production networks. Mandating SRH, when one is not required, compromises > compression efficiency without bringing any advantages. > I don't think compression efficiency is a valid argument compared to the drawbacks. When IPv6 was first published in 1995, in RFC 1883, the highest specified 802.3/Ethernet standard was 100 Mpbs. Today it is 800 Gbps. If removing the SRH makes a useful efficiency gain, then the IPv6 40 octet header itself must be too heavy for SR. (Which I think it is, otherwise the C-SID hack on the IPv6 Destination Address field wouldn't be being standardised as a workaround to the fundamentally unnecessarily too large, IPv6 address derived, 128 bit SIDs.) > > The presence of SRH is never a necessary or sufficient criterion for > identification of "SRv6 packets" in any SRv6 related RFC - perhaps this may > not be evident to some folks that are not closely following SRv6. > Even when SRH is encoded by the SR Source Node, it can be removed by > Segment Endpoint Node when using PSP flavors per RFC8986. The base SRv6 > RFCs, therefore, refer to allocation of SRv6 SIDs from within an SRv6 SID > block and use that for identification (e.g., filtering for security > purposes in RFC8754 ) of traffic flows being steered using SRv6 SIDs. > You have not mentioned any IPv6 RFCs. RFC8200 specifies explicit upper layer protocol identification in the Next Header field of the fixed header or in EHs' Next Header fields. Regarding filtering using the SID prefix, realise for some operators that isn't just perhaps 100s or maybe 1000s of packet filter deployments, it can literally be millions for operators with residential broadband customers. If SRv6 is considered a separate derivative protocol of IPv6, rather than a use of IPv6, then you wouldn't have to include the SRH when the IPv6 DA holds that information, and it would be given its own Ethernet type, saving some operators literally millions of IPv6 packet filter deployments. Regards, Mark. > Finally, regarding the so-called "issue" related to the upper layer > checksum validation by transit nodes. Here, I will say that those nodes > need to be SRv6/C-SID (or, in general, any RH) aware for doing such > checksum validation - the presence or absence of SRH makes zero difference. > I've responded in more detail on the other thread on this. > > Thanks, > Ketan > > On Thu, Mar 28, 2024 at 5:36 PM Alvaro Retana <aretana.ietf@gmail.com> > wrote: > >> Focusing on the C-SID draft, some have suggested requiring the >> presence of the SRH whenever C-SIDs are used. Please discuss whether >> that is the desired behavior (or not) -- please be specific when >> debating the benefits or consequences of either behavior. >> >> Please keep the related (but independent) discussion of requiring the >> SRH whenever SRv6 is used separate. This larger topic may impact >> several documents and is better handled in a different thread (with >> 6man and spring included). >> >> Thanks! >> >> Alvaro >> -- for spring-chairs >> >> -------------------------------------------------------------------- >> IETF IPv6 working group mailing list >> ipv6@ietf.org >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >> -------------------------------------------------------------------- >> > _______________________________________________ > spring mailing list > spring@ietf.org > https://www.ietf.org/mailman/listinfo/spring >
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- [spring] Subject: Mandating SRH when using C-SIDs… Alvaro Retana
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- [spring] Requiring Tunneling - subject change Joel Halpern
- Re: [spring] [IPv6] Requiring Tunneling - subject… Martin Vigoureux (Nokia)
- Re: [spring] [IPv6] Requiring Tunneling - subject… Bob Hinden
- Re: [spring] Requiring Tunneling - subject change Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] Subject: Mandating SRH when using C-… Alvaro Retana
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Francois Clad
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Mark Smith
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Francois Clad
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Francois Clad
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Ole Troan
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Michael Richardson
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Ole Trøan
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Suresh Krishnan
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Francois Clad
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Adrian Farrel
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Bob Hinden
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Cheng Li
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Michael Richardson
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Michael Richardson
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Suresh Krishnan
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tal Mizrahi
- Re: [spring] Subject: Mandating SRH when using C-… Antoine FRESSANCOURT
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Tom Herbert
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Robert Raszuk
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Martin Vigoureux (Nokia)
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Ketan Talaulikar
- Re: [spring] [IPv6] Subject: Mandating SRH when u… Mark Smith