Re: [spring] WGLC - draft-ietf-spring-srv6-network-programming

"Pablo Camarillo (pcamaril)" <pcamaril@cisco.com> Thu, 19 December 2019 11:59 UTC

Return-Path: <pcamaril@cisco.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 732A91200FF for <spring@ietfa.amsl.com>; Thu, 19 Dec 2019 03:59:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=kTprJTSg; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=pnUS6Wds
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A7S4UL98bmCd for <spring@ietfa.amsl.com>; Thu, 19 Dec 2019 03:59:03 -0800 (PST)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD7AA1200F7 for <spring@ietf.org>; Thu, 19 Dec 2019 03:59:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=23960; q=dns/txt; s=iport; t=1576756742; x=1577966342; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=0Ph6tLsHV3YVBImyIgDyihVS3oPNVKWW5gl1pgPMtLo=; b=kTprJTSgFtIaMTznEiN4j4UmdMzeB0eKOkjiBjkPv5F/rhOKH7WlK5Vw ZpfeVt5IQf/vrwgD8w1g6LCZXyjCeQMdWci4TCYp1Iz4SyaJfQHTIs+GQ QPBXCUiWHkgLvczfnA5fpaJ9OL4SjdRQkaJyl8cQZdn+Zj9PE3zk+ZJ1O k=;
IronPort-PHdr: =?us-ascii?q?9a23=3Ac5ej9xB5jVesAG9GpQxxUyQJPHJ1sqjoPgMT9p?= =?us-ascii?q?ssgq5PdaLm5Zn5IUjD/qs03kTRU9Dd7PRJw6rNvqbsVHZIwK7JsWtKMfkuHw?= =?us-ascii?q?QAld1QmgUhBMCfDkiuNPXjaiUgHcBqX15+9Hb9Ok9QS47z?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CxAACgZftd/5BdJa1kGgEBAQEBAQE?= =?us-ascii?q?BAQMBAQEBEQEBAQICAQEBAYF8gU0kLAWBRCAECyqEBoNGA4p0gl+YB4FCgRA?= =?us-ascii?q?DVAkBAQEMAQEtAgEBhEACF4IEJDgTAgMNAQEEAQEBAgEFBG2FNwyFXgEBAQE?= =?us-ascii?q?CARIREQwBATcBCwQCAQYCEQMBAgMCJgICAjAUAQgIAQEEDgUigwCCRwMOIAG?= =?us-ascii?q?Qf5BkAoE4iGF1gTKCfgEBBYJKgkkYggwJgQ4ojBkagUE/gREnIIFOfj6EGAs?= =?us-ascii?q?OGIMQMoIsjToIgnWFeoIehx6PIAqCNZYUFAeCQ4d5hEGHFIRAhECLVJN3hRQ?= =?us-ascii?q?CBAIEBQIOAQEFgWkigVhwFTsqAYJBUBgNikmCSQkDF4NQilN0gSiNGwEGH4E?= =?us-ascii?q?8XwEB?=
X-IronPort-AV: E=Sophos;i="5.69,331,1571702400"; d="scan'208";a="396050320"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 19 Dec 2019 11:59:01 +0000
Received: from XCH-ALN-008.cisco.com (xch-aln-008.cisco.com [173.36.7.18]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id xBJBx1fA011730 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 19 Dec 2019 11:59:01 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-ALN-008.cisco.com (173.36.7.18) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 19 Dec 2019 05:59:00 -0600
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 19 Dec 2019 06:59:00 -0500
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 19 Dec 2019 05:58:59 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KX5M4V+FeoeIjsFjLZ2FRQuTQls4NsUfMVr43lvL3al5SCUvivKFk0tkxrNTMzMrWoGxzfZVgup3LpiSpXJo96H61i/Ot/4TZnhmY1A5oNFmWOw8V//4JEltrkKVLxn5op0p0byXcabAxEAI6vHC+APZDgosHy7ZYESvqhjFgfaXk/RWTEABv5CMEr+XebRIP0/nqmjVxITFovxLPsxZXlRqeX+UTPLT64m8efAUtYyBuHcZK7PjSXc3rM9I96xlVxdwPhtNj29dyi5oybWTsQSv74vMwE5HzIfQ2v+0UzcCRh39qfOAk2td/6PAOg7nBLlYgySJLS/YITSleWjrMQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0Ph6tLsHV3YVBImyIgDyihVS3oPNVKWW5gl1pgPMtLo=; b=j9nwQ5hwW3Ti7cM7GA/81wgSgD3LDJXCY+wfnl3SYJlShG0LrXNDwtSX0u5IoGwDZB+dx2ZLIRMGteIZ2qVjTwRCWKydoaCAte2QOK93Jj+lC4ZDiF3A7KCvHycY3Mjvl6UWC7R3tO7ox8p0ErN1w9667izw/bV40zOMVz57hfS+0QNIJeNQV1tmhjbnysqBxo+SnkYJK9eqb2EDqCYDdUiqmS2/OzMUToAflWaKUdZy7YcOH+hAz5AS5rpR/xkqvS4GFmdHkqTA9vSt24VgDfAvtNcJ0VUbtjIWQdnDSVD+pjpZnioONON4Z5miGa6z5seIIdzNHEmEBOQ5rY5IKg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0Ph6tLsHV3YVBImyIgDyihVS3oPNVKWW5gl1pgPMtLo=; b=pnUS6Wdsycqs8dtj7VF40n2m4H9JuxyNVRaIY+0cx3HFkmjP/cinrANYHMfwoS7UJNvMAlvmennDSGeiwanLYf6vEt7no0nHNEtqPlI21RRpIr+zpsqgTN5ueHDABTdncS6Y8JHFbyAfgcDnmHSr3Eo9w9B+XfYjj5NycQXe/KI=
Received: from BN6PR11MB1363.namprd11.prod.outlook.com (10.173.33.7) by BN6PR11MB1571.namprd11.prod.outlook.com (10.172.22.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2559.14; Thu, 19 Dec 2019 11:58:57 +0000
Received: from BN6PR11MB1363.namprd11.prod.outlook.com ([fe80::3113:31:4a84:cc4d]) by BN6PR11MB1363.namprd11.prod.outlook.com ([fe80::3113:31:4a84:cc4d%6]) with mapi id 15.20.2559.016; Thu, 19 Dec 2019 11:58:57 +0000
From: "Pablo Camarillo (pcamaril)" <pcamaril@cisco.com>
To: Adrian Farrel <adrian@olddog.co.uk>
CC: "spring@ietf.org" <spring@ietf.org>
Thread-Topic: WGLC - draft-ietf-spring-srv6-network-programming
Thread-Index: AdWrjZKMyJw/FcG0Qj29O28HuDn7+wAwBAwAARTcLgD//51VAIAL+KeA
Date: Thu, 19 Dec 2019 11:58:56 +0000
Message-ID: <E46E18A8-BAD4-4B62-A1DC-4F315BE79E60@cisco.com>
References: <17421_1575566127_5DE93B2F_17421_93_1_53C29892C857584299CBF5D05346208A48D1A3DA@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <035701d5ac4d$a3ea7ad0$ebbf7070$@olddog.co.uk> <0CB8E109-95E3-4A75-BCEF-1186817F68CE@cisco.com> <062c01d5b06f$bf4b76f0$3de264d0$@olddog.co.uk>
In-Reply-To: <062c01d5b06f$bf4b76f0$3de264d0$@olddog.co.uk>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.20.0.191208
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pcamaril@cisco.com;
x-originating-ip: [2001:420:44da:1250:2dac:e1f3:236d:5679]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6c287dca-7cc9-4fe8-d708-08d7847ad3c8
x-ms-traffictypediagnostic: BN6PR11MB1571:
x-microsoft-antispam-prvs: <BN6PR11MB157107C4EB1E612F390CD7EAC9520@BN6PR11MB1571.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0256C18696
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(366004)(376002)(396003)(39860400002)(346002)(13464003)(51914003)(189003)(199004)(6916009)(6506007)(33656002)(2906002)(6512007)(30864003)(36756003)(86362001)(71200400001)(5660300002)(8936002)(81156014)(91956017)(81166006)(66946007)(4326008)(186003)(6486002)(8676002)(2616005)(76116006)(66556008)(66446008)(64756008)(66476007)(478600001)(316002)(71600200004)(574754004); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR11MB1571; H:BN6PR11MB1363.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hceWot+TICCMbJ+cQVFsuCrUC9l+h8Z9Apz/0yqdy0MDXGjTNIhBKqh9w7MCvuwQZRKWHMhHiaPszRMMBQXzYEtGEL8FDBqrDPuMu+7/XkWzRCrZ1UYoZw4Qmam4jPTOMUf1UudKCm0xBlikkFG4xU0jwTsT3KNcaxyuqVq+Bw0tltyFJdFMHT/t4nOOOkk1/J9UtYBatvqvN/rHMb6uL9UF16k9mPUGurY2gurHpfKkUD+Gp4NcIuZu993e14L2RozaG2kwryrOdL3D17q+3AhjUmuH5ZcJtfNNRCtikBzuN1DLgMGB1eNV19Boa1s/f78vD52Xbf9u/SJ7JLZ8XVHJOhqTQwweoN40s7iv/x8Gkp7G69RveBgPX2ii2NdSgaIhk50+x5N2ujRl6Avwf9lkBybW8cnwWdiri8zkQZYCB8px2dhGCfAu2vNCdW0TD6z8iXyQcuUDQ1RhRxRJZ+codAOtQPwOVviN5ZKtLx21Z/sFw6c4VtySE6qKlI+d76PUhZkLiQ0U1xOq55+RnQmmXfOwGZC2wAhrfiblPYD4lQ/gXmfE1/AgO9yNnRpkHY7PURKi0IIogJrpdSKDBg==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <E95788AEDD9D034FBB54E92F35E5B02A@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 6c287dca-7cc9-4fe8-d708-08d7847ad3c8
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Dec 2019 11:58:56.7577 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: uqsQuPFlch7B5t/yfAub7qlcbfAz2tl99igb36vlqMSW/KnXBvwaTOyLzPNrCfLeRZYLdtzrJXVbNSs2cM8X0A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB1571
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.18, xch-aln-008.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/GQkd7YiLzquF-IOoSaiq6EpdBfM>
Subject: Re: [spring] WGLC - draft-ietf-spring-srv6-network-programming
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Dec 2019 11:59:06 -0000

Hi Adrian,

I have reviewed your suggested changes and incorporated them in the latest revision of the document. 
Please see below inline for more detail.

Many thanks,
Pablo.

-----Original Message-----
From: Adrian Farrel <adrian@olddog.co.uk>
Organisation: Old Dog Consulting
Reply to: "adrian@olddog.co.uk" <adrian@olddog.co.uk>
Date: Wednesday, 11 December 2019 at 23:10
To: "Pablo Camarillo (pcamaril)" <pcamaril@cisco.com>om>, "bruno.decraene@orange.com" <bruno.decraene@orange.com>om>, 'SPRING WG List' <spring@ietf.org>
Cc: 'draft-ietf-spring-srv6-network-programming' <draft-ietf-spring-srv6-network-programming@ietf.org>
Subject: RE: WGLC - draft-ietf-spring-srv6-network-programming

    Hi Pablo,
    
    Very good progress. Thanks for the work.
    
    I have snipped down to the conversation points below.
    
    The document has gone through a lot of changes in -06 and clearly there is a -07 in the pipe. I'll wait for that before doing a re-read.
    
    Best,
    Adrian
    
    [snip]
    
    >> Another 'normal' thing to do is check that the draft follows the
    >> editorial guidelines from the RFC Editor. Most notable is that the
    >> Requirements Language text should be moved into section 2.1.
    >
    > PC: Moved into 2.1.
    > Just for my knowledge, why should it be moved into 2.1 and not into 1.1?
     
    1.1 would be acceptable, but since 2. Is all about terminology and stuff, it sits there quite well.
    
    [snip]
    
    >> I think you could usefully spend some time describing the classes of
    >> behaviors. Notably "End behaviors" and "Transit behaviors". This would
    >> go as a new section before section 4.
    >> 
    >> You can describe how/where in the network the behaviors are executed,
    >> and you can describe whether the behaviors are bound to specific SIDs
    >> (SID types) or not.
    >> 
    >> The, probably, rename section 4 to "End behaviors" which keeps it 
    >> aligned with the name of section 5.
    >> 
    > PC: The SRH draft is defining the different types of nodes accurately. 
    > (Transit node, Source SR node, SR Endpoint).
    
    I have no issue with the definition of nodes (other than the way the concept is used in section 5).
    
    > This draft has
    >
    > Section1:
    >   Familiarity with the Segment Routing Header
    >   [I-D.ietf-6man-segment-routing-header] is assumed.
    
    Sure.
    
    > Section 5:
    >   These
    >   behaviors are not bound to a SID and they correspond to source SR
    >   nodes or transit nodes [I-D.ietf-6man-segment-routing-header].
    >
    > Don’t you think that is enough?
    
    Well, obviously I found it unclear. In fact, section 4 had (at the time of my review) "Behaviors Associated with a SID" and I think I struggled with how "associated with" was different to "bound to".
    
    But now you have renamed section 4, this helps.
    
    Nevertheless, in Section 2 you have:
       SRv6 segment behavior: A packet processing behavior executed at an
       SRv6 segment endpoint.  Section 4 of this document defines behaviors
       related to traffic-engineering and overlay use-cases.  Other
       behaviors (e.g. service programming) are outside the scope of this
       document.
    
    This must have confused me, too. Looking at it now, it seems to constrain "behaviour" to the SR Endpoint Behaviors of section 4, meaning that section 5 comes as a "surprise". Indeed, section 2 seems to say that section 5 is out of scope of this document :-Z
    
    All I am asking for is some text early in the document that sets the scene. What is a behaviour? What classes of behaviour are we considering (end, transit, ...)? Who decides what behaviour to apply to what SID at which node? Not looking for pages of text. Probably you could do it in 5 lines.

PC: After reviewing all your comments on this topic: I have removed the previously known as "Transit" behavior.  Section 5 now is only about SR Policy Headend behaviors. All sub-sections have been renamed as well. I believe this helps the document.
    
    [snip]
     
    > 4.1
    >
    > I was surprised by...
    >
    >  S01. When an SRH is processed {
    >  S02.   If (Segments Left == 0) {
    >  S03.      Send an ICMP Parameter Problem message to the Source Address
    >               Code TBD-SRH (SR Upper-layer Header Error),
    >>               Pointer set to the offset of the upper-layer header,
    >>               interrupt packet processing and discard the packet
    >>  S04.   }
    >>  S05.   If (IPv6 Hop Limit <= 1) {
    >>  S06.      Send an ICMP Time Exceeded message to the Source Address,
    >>               Code 0 (Hop limit exceeded in transit),
    >>               interrupt packet processing and discard the packet
    >>  S07.   }
    >>
    >> Are you sure that Hop Limit processing is left so late? Isn't it one of
    >> the first things done with a packet before even the SRH is discovered to
    >> be present?
    >
    > PC: Is there any difference on the hop limit check if I do it two lines earlier? 
    > I believe that the end result is the same.
     
    It makes a difference which ICMP error is sent. I would argue that you shouldn't be looking at the SRH of a packet when the Hop Limit has expired.

PC: I've checked with the SRH draft and the ICMP check is the last check happening in the pseudocode. I would tend to agree that this should be the last thing done once you have determined that the packet needs to be forwarded. 
    
    [snip]
     
    >> 4.1 (and other sections)
    >> 
    >> I spent rather too much time trying to work out
    >> 
    >>  S08.   max_LE = (Hdr Ext Len / 2) - 1
    >>  S09.   If ((Last Entry > max_LE) or (Segments Left > Last Entry+1)) {
    >> 
    >> As far as I can see, for an SRH,
    >> 
    >>   Hdr Ext Len = 7 + (16 * (Last Entry + 1) ) + sum(all TLV lengths)
    >> 
    >> So, while I see that you want to check that Last Entry doesn't point out
    >> beyond the end of the SRH, I don't see how your computation of max_LE 
    >> helps.
    >> 
    >> What have I missed?
    > 
    > PC: How do you propose to check whether Last Entry value exceeds
    > the maximum possible theoretical Last Entry value?
    > The only information you have is the Header Extension Length. Based
    > on this I compute the maximum theoretical Last Entry possible value,
    > and then just compare the values.
    >
    > Maybe I am the one who have missed something. If you have a simpler
    > proposal please let me know.
    
    OK, we agree that the right thing to do is work out the largest possible Last Entry value (max_LE) and compare it to the actual Last Entry value. That is good.
    
    I also agree that all you have in hand is the Header Extension Length (Hdr Ext Len)
    
    I just don't think that you are computing the right value for max_LE using max_LE = (Hdr Ext Len / 2) - 1.
    
    I would agree that max_LE < (Hdr Ext Len / 2) - 1  so that comparing Last Entry with that value provides a check. I just don't think it is a very precise check.
    
    Perhaps my understanding of the actual value of Hdr Ext Len is incorrect, but if I am right, then you could probably get closer to a good number.
   
PC: Ok. I rechecked it and I believe that we cannot get any better than that.
[RFC8200]
Hdr Ext Len         8-bit unsigned integer.  Length of the Routing
                              header in 8-octet units, not including the
                              first 8 octets.
[draft-ietf-6man-segment-routing-header-26]
o  Last Entry: contains the index (zero based), in the Segment List,
   of the last element of the Segment List.

Let us consider an SRH containing k SIDs and 0 or more TLVs.
Hdr Ext Len >= k x (16 / 8) = k x 2
Last Entry = k - 1

Isolating k on one side of each equation:
k <= Hdr Ext Len / 2
k = Last Entry + 1

Combining the two equations together:
Last Entry + 1 <= Hdr Ext Len / 2

Isolating Last Entry on one side of the equation:
Last Entry <= Hdr Ext Len / 2 - 1

Further note that, if no TLV is present, we have:
Last Entry = Hdr Ext Len / 2 - 1

PC: If I'm still missing the point let me know!

    [snip] 
     
    >> 4.12
    >> 
    >> Where arguments are optional, I don't think you have made it clear what 
    >> you do if no argument is supplied. I would presume you set the ARG bits
    >> to zero, but I am not clear whether zero could be interpreted as a 
    >> valid argument.
    >
    > PC: On a per deployment basis the operator decides which value of ARG represent “No arguments”.
    
    Oh, well, I understand that the ARG bits apply to a function that is (presumably) known across the network, so I suppose that what you are saying is that when an operator deploys a function that may take arguments she must configure all participating nodes to have the same understanding of those arguments and how to set the bits when no arguments are supplied (in the case where arguments were optional for the function).
    
    Now, it would be good to make some of that clear (perhaps in the last paragraph of 3.1).
    
    But, we are in the business of making interoperable implementations, so this need to configure this feature needs to be spelled out.

PC: Added a paragraph about it at the end of 3.1.
    
    >> 4.13
    >>
    >>   An End.B6.Encaps SID is never the last segment in a SID list.  Any
    >>   SID instantiation must be associated with an SR Policy
    >>   B[I-D.ietf-spring-segment-routing-policy] and a source address A.
    > 
    > This makes [I-D.ietf-spring-segment-routing-policy] a normative
    > reference.
    >
    > PC: I disagree. Example RFC8660 (Segment Routing with the
    > MPLS Data Plane).
     
    It is a very different usage made in that document.
    Here you are saying that an implementation of this document must do something related to [I-D.ietf-spring-segment-routing-policy].
    To me, that means that you can't implement this document without reading [I-D.ietf-spring-segment-routing-policy]

PC: All the definitions required by this paragraph are covered in RFC8402 section 5. I have removed the reference to draft ietf-spring-segment-routing-policy from the draft.
    
    [snip]
    
    >> 4.16.1 and 4.16.2
    [snip] 
    >> You might want to recast PSP if its purpose is to handle "end" nodes
    >> that are not SRH capable. To do this you would recast the node that you
    >> have called the PSPS node as the edge of the domain (the end node) and
    >> set the action as "Pop and go".
    > 
    > PC: This is one use-case indeed.  I don’t follow you in the notion of
    > “Pop and Go”.
    
    An MPLS concept associated with determining the forwarding behaviour, stripping the label, and forwarding.
    
    [snip]
    
    >> 5.1
    >> 
    >>   This means that N treats the following two packets P1 and P2 with the
    >>   same performance:
    >> 
    >>      P1 = (A, S2)
    >> 
    >>      P2 = (A, S2)(S3, S2, S1; SL=1)
    >> 
    >> I don't think this is necessarily true since packet length and other 
    >> things (e.g., hashing) may vary. So you either need to sharpen your
    >> meaning of "performance" or just content yourself with "MUST NOT
    >> examine the SRH".
    >
    > PC: If the SRH or anything below is not being processed, there is no
    > performance impact, no? 
     
    Oh, you meant "speed of throughput" not "treated identically". The use of "treats" confuses the sentence.
    
    OK. That comes under "sharpen your meaning of performance".
    
    Perhaps:
       This means that N forwards the following two packets P1 and P2 at the
       same rate:
    
    ?

PC: Text removed  (entire section) as per my comment above. 
    

    [snip]
     
    >> 5.2
    >> 
    >> By definition this behavior only applies at source nodes per 8402. In
    >> other words, you are describing domain recursion according to 8402.
    >
    > PC: Not sure what resolution you are looking for here.
     
    I'm not sure either 😊
    
    I think I am wondering how you can have "Transit with Encapsulation" since "Transit" means in the middle of the network (at a transit node) and "Encapsulation" means at a source node.
    If a transit node is doing encapsulation, then you are recursing (which is OK).
    
    When I waffled about behaviors before, it seemed to me that you have source, transit, and end behaviors. What you are describing in this section is a source behaviour. The fact that the source is encapsulating a packet that is already SRv6, is not so interesting as the fact that it is encapsulating a packet.
    
    But then see also 5.3 and this discussion below.
    
    >> I don't think 5.4 or 5.5 can happen at transit nodes. The thing to be
    >> encapsulated is an L2 frame and so is only seen at a source node.
    >> 
    >> At this point, I think only 5.1 describes a transit behavior. 5.2 to 5.5
    >> describe source behaviors.
    >
    > PC: 
    > There are two types of source nodes. 
    > You can have a source node that is doing plain IP transit. You have a
    > local policy to encapsulate all packets matching X to be steered into
    > a segment routing policy with behavior T.Encaps.
    > The other type of source node is the SR endpoints that instantiate a
    > BindingSID. This is also an Source node that steers all packets received
    > with IPv6 DA = BSID.
    > Section 5 is describing transit behaviors. 
    
    Confused me here. You say that these source nodes are transit nodes? That makes the definition of the two node types very unclear.
    
    Just because the node is not a host does not make it a transit node. We have a good and clear definition of a transit node as a node that receives and sends an SRv6 packet. Nodes that add an SRH are source nodes. Nodes that remove the SRH are end nodes.
     
    But in 5.4 the thing that is encapsulated is an L2 frame. So not plain IP transit, and not a packet received with a BSID in the DA.
    At least, the text in 5.4 appears to say that.
    So really, is this transit behaviour?

PC: See comment above about the entire section 5.
    
     
    >> 6.1
    >> 
    >> I agree with this section, but I am concerned that you are updating 
    >> draft-ietf-6man-segment-routing-header by adding normative language to
    >> describe nodes that process the SRH. Does that mean you should use an
    >> "Updates" clause in the document header?
    >>  
    >> After describing CNT-1 and CNt-2 you say...
    >> 
    >>   Furthermore, an SRv6 capable node maintains an aggregate counter
    >>   CNT-3 tracking the IPv6 traffic that was received with a destination
    >>   address matching a local interface address that is not a locally
    >>   instantiated SID and the next-header is SRH with SL>0.
    >> 
    >> That looks like s/maintains/MUST maintain/ unless you have a reference
    >> for the assertion that it does maintain CNT-3.
    >
    > PC: I disagree that this is an update to the SRH. The SRH defines a
    > header and one type of segment processing.
    > Defining a counter is not related to the SRH at all.
     
    Well, perhaps you didn't just say what you meant to say because the text I quoted most clearly says that the counter is counting events related to the SRH.
    
    But to the point: the document says...
       Any SRv6 capable node SHOULD implement the following set of combined
       counters (packets and bytes):
    "Any SRv6 capable node" is clearly in the scope of draft-ietf-6man-segment-routing-header

PC: This document talks of the processing and behaviours of SRv6. And hence the counters are included in this draft.

    >> 6.3
    >> 
    >> I think you have made [I-D.ietf-6man-spring-srv6-oam] a normative
    >> reference.
    > 
    > PC: Why? Its defining new behaviors for the purpose of OAM, but
    > those are not required in NET-PGM.
    
    You're right. Section 6.3 doesn't actually say anything.
    
    [snip]
     
    >> 9.
    >> I am strongly opposed to such a large range being assigned for
    >> experimental use.  RFC 3692 gives some guidance.  The normal idea is 
    >> that there should be enough codepoints to allow two experiments to be
    >> run on the same nodes without conflict, but few enough that they cannot
    >> be used as a proxy for allocating and registering values in the 
    >> registry.
    >> 
    >> I should think that 32 code points is enough.
    >
    > PC: This comment has also been raised by Bruno (as individual). I
    > agree and I have proposed to Bruno this:
    >   Experimental and Private use deleted
    >   Specification Required changed to FCFS as per Bruno’s suggestion
    >   New block in the previous space of experimental and private that
    >   is reserved for future use of IETF.
    
    That works.
    The correct language for the last block is "Reserved. Not to be allocated."
    (Note for you: a future standards track document can change the allocation policy for that block meaning it can then be used.)

PC: Thanks for the correction. Fixed. Thanks.