IETF Logo Mail Archive

Re: [spring] IPv6 Addresses and SIDs

Mark Smith <markzzzsmith@gmail.com> Mon, 14 October 2019 20:31 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E21A01200F7 for <spring@ietfa.amsl.com>; Mon, 14 Oct 2019 13:31:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.497
X-Spam-Level:
X-Spam-Status: No, score=-0.497 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KNW6hdg5p6fI for <spring@ietfa.amsl.com>; Mon, 14 Oct 2019 13:31:25 -0700 (PDT)
Received: from mail-ot1-x336.google.com (mail-ot1-x336.google.com [IPv6:2607:f8b0:4864:20::336]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F60312003E for <spring@ietf.org>; Mon, 14 Oct 2019 13:31:25 -0700 (PDT)
Received: by mail-ot1-x336.google.com with SMTP id m19so14954149otp.1 for <spring@ietf.org>; Mon, 14 Oct 2019 13:31:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=d0YdZEmbI7SAq+qw9BRQvPhr7kd1qOqvdYKHcIVukv8=; b=qnpw80QQ61BVRTwDlazMSV6ZpQTEdWOoPLuYDAIES218lVaFUedeTkaWyJOgpT7o2k ygHLWSlr86C3+cBC8XcsFup8ZYra18ByXpIf5sBneB85ZNt7tqzjSV4cxjsYOL0IQzZQ P1aXK0aIIqpHBQEptOduwCZwgNKEtB7HfKEU8FGUGSY7aUXWtfMR3BqxhbDk96JDAGUG mLoSFTDt9i++1zWXhheQ677kimvO4wMq8Bz0HmbsdsLYCC+9XrF5HTojXdJDNNH3cE45 QwEiXgQ4CH5USyoVfIRwWHy3N3bSjk7hxnKM/txjaenwJN+LteebzgHHfISj2kjhPBKq N+bw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=d0YdZEmbI7SAq+qw9BRQvPhr7kd1qOqvdYKHcIVukv8=; b=QTj5UsZ1qhp+6TBmNEIbi9bS0IYJmcIKNZgi1L5R292XHjTz+Jajj9OE638ZtU5mrB bj9biacdjRy/u8YVnmkfw7OjQ6c7BT1s1pJro8arIBQ/fc57Wy/395LP3Y0UUDx3QGaG IDcs7uQ98uSurWcAHA89BV0lzlY2VdrfTSYQe9jT1/5VfP9LavJpd3G1BAcnwdiNjhp+ +3X2Kwo0DO8JVyJdtux1oHm7ddUotaLDAhp9382LYMxdHY35ZhVWoyLxXX9FcW3UZsx0 HYe+4HaP6IfBL9c6xc0h5TMkidlcw08GgkllzLYVimpUTaviC8lX/PfrR/NWBnpVPwOt PYCA==
X-Gm-Message-State: APjAAAVS564smkIIs3QkXbQDWcreUlOO6YsA8jzz3OmYp+H0dvcufZZL EQkHEl3LsIjvPhoU88QBINyQaXBqJ5ZjgqBRQs8=
X-Google-Smtp-Source: APXvYqwT0JfakhkDdicc6vl6HA8uwGJVF4nk3uK6jYFeQj1atT0LQdfxuGW79K1/uvTuxb5ci1v8+pRALiCRUyiFai8=
X-Received: by 2002:a9d:5e0f:: with SMTP id d15mr24675287oti.348.1571085084745; Mon, 14 Oct 2019 13:31:24 -0700 (PDT)
MIME-Version: 1.0
References: <SN6PR05MB5710CBAF8E6DF307401A2166AE9D0@SN6PR05MB5710.namprd05.prod.outlook.com> <f5eb739b-9ae4-433e-e6c0-8bcdb7bc575e@si6networks.com> <BYAPR05MB5703169601886283700608A5AE9F0@BYAPR05MB5703.namprd05.prod.outlook.com> <B6FE2A8B-B23B-4E9C-BB33-F6A5BD78C52B@gmail.com> <BN7PR05MB5699E5EA714CC64456771712AE940@BN7PR05MB5699.namprd05.prod.outlook.com> <1076F074-EB35-4D38-9949-4A241C946E07@gmail.com> <1fce4e24590847348894d10ca8bd5816@nokia-sbell.com> <D3FE1CA3-A8D1-4392-8EEC-CDCC7FC0827F@gmail.com> <BN7PR05MB56993D1127A8CA9CCC0E4A9AAE970@BN7PR05MB5699.namprd05.prod.outlook.com> <213BB95D-0E06-4E9A-B552-2A2466DC42AF@gmail.com> <04711680-e9c4-1159-58af-609517ee8bdf@joelhalpern.com> <CABNhwV3SyZNY6GrJF+wpgTmpM6DSts4gXQgdFTEgWfN876u5WQ@mail.gmail.com> <CABNhwV1Ym_AG7svmPUpmjGz600QyGRvtY5xNP0_K-hoGewUGTA@mail.gmail.com> <424b13a9a9bf4802b57c0609c92baad2@nokia-sbell.com> <BN7PR05MB569958ADB8E7BFF6C7EBC56AAE910@BN7PR05MB5699.namprd05.prod.outlook.com> <CAOj+MMHcTyCyO5Z3KyP5otW1Xgq7un2ypEGtjjWpr00j2t9dGw@mail.gmail.com> <BN7PR05MB5699B5C42BDBD5BF244CB4A8AE910@BN7PR05MB5699.namprd05.prod.outlook.com> <CAOj+MME70PYa7mkTRPKHqhg_1cMAvHLU0qZJx-=CjVy-ZKXpAA@mail.gmail.com> <BN7PR05MB56999C4E2F2D8E045D47E3C1AE900@BN7PR05MB5699.namprd05.prod.outlook.com> <5ae3ab05035f439db46fe5126b1476db@nokia-sbell.com> <CAO42Z2wA0TPFNQkfOA0iNMfojb8D=QcntwoUi0LbWN7no0DRQA@mail.gmail.com> <BN7PR05MB5699758BF49AFF2F70CA2BA3AE900@BN7PR05MB5699.namprd05.prod.outlook.com>
In-Reply-To: <BN7PR05MB5699758BF49AFF2F70CA2BA3AE900@BN7PR05MB5699.namprd05.prod.outlook.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Tue, 15 Oct 2019 07:31:12 +1100
Message-ID: <CAO42Z2wU9X-FaR1OZ_FKXMSfGNVw5bb0uJF1j1+7xkkwR9pxbA@mail.gmail.com>
To: Ron Bonica <rbonica@juniper.net>
Cc: "Wang, Weibin (NSB - CN/Shanghai)" <weibin.wang@nokia-sbell.com>, Robert Raszuk <robert@raszuk.net>, SPRING WG List <spring@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006364bd0594e4c051"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/Hw6HzyFGvFKwv1mt8gzr8irQhDE>
Subject: Re: [spring] IPv6 Addresses and SIDs
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Oct 2019 20:31:28 -0000

On Tue, 15 Oct 2019, 04:19 Ron Bonica, <rbonica@juniper.net> wrote:

> Mark,
>
>
>
> Clearly, this does not comply with the addressing architecture. But I
> think that the best we can do is to limit the damage.
>

Has SPRING tried?

Assigning this address space to a virtual interface in the device would
make it comply with the RFC 4291 architecture, and also provide a handle
within the device for any other functions that could be operationally
useful.

For example, the SNMP MIB traffic counters for that virtual interface could
show SR traffic volumes as distinct from other IPv6 traffic to, from or
through the device. If there a different SR address spaces on the device,
the could be attached to different virtual interfaces, providing more
discrete SR traffic counters.

Having a virtual SR interface would also provide a handle to attach a
packet filter ACL to, which may be useful.

Having used IP encryption implementations that both did and didn't
represent traffic encryption paths as virtual tunnel interfaces, the tunnel
virtual interfaces implementations (also eventually adopted by the
non-virtual interface implementations) far more obvious and intuitive to
work with.

Regards,
Mark.



>
>
> Ron
>
>
>
>
>
> *From:* Mark Smith <markzzzsmith@gmail.com>
> *Sent:* Monday, October 14, 2019 4:08 AM
> *To:* Wang, Weibin (NSB - CN/Shanghai) <weibin.wang@nokia-sbell.com>
> *Cc:* Ron Bonica <rbonica@juniper.net>; Robert Raszuk <robert@raszuk.net>;
> SPRING WG List <spring@ietf.org>
> *Subject:* Re: [spring] IPv6 Addresses and SIDs
>
>
>
>
>
> On Mon, 14 Oct 2019, 16:45 Wang, Weibin (NSB - CN/Shanghai), <
> weibin.wang@nokia-sbell.com> wrote:
>
> Hi Ron:
>
>
>
> Make sense, If there is a dedicated IPv6 block for SRv6 SID within SRv6
> domain, then trouble situation you described does NOT occur, because the
> IPv6 address covered within SRv6 SID prefix does not be involved ICMPv6 ND
> protocol, because they are not configured under IP interfaces connected to
> “Link”.
>
>
>
> That does not comply with the IPv6 Addressing Architecture RFC.
>
>
>
> (I think this is the 4th time SPRING have or are ignoring IPv6
> specifications.)
>
>
>
> I also think that the authors of NET-PGM draft have indicated that SRv6
> SID has a separate IPv6 block in their Draft, but they don’t yet clearly
> stated which IPv6 block will be used for it.
>
>
>
>
>
> --------------------------------------
>
> *Cheers !*
>
>
>
>
>
> *WANG Weibin  *
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* spring <spring-bounces@ietf.org> *On Behalf Of *Ron Bonica
> *Sent:* 2019年10月14日 9:23
> *To:* Robert Raszuk <robert@raszuk.net>
> *Cc:* SPRING WG List <spring@ietf.org>
> *Subject:* Re: [spring] IPv6 Addresses and SIDs
>
>
>
> Robert,
>
>
>
> Yeah, there were a few typos in my original message. What I meant to say
> was:
>
>
>
>    - If a /64 contains a SID, it MUST NOT contain any addresses that
>    represent interfaces.
>    - If a /64 contains an address that represents an interface, it MUST
>    NOT contain SIDs.
>
>
>
> If we don’t do this, we have to specify how nodes behave when they
> receive ICMPv6 NS messages in which the target is:
>
>
>
>    - A locally instantiated SID
>    - A SID learned from the IGP
>
>
>
>                                                                       Ron
>
>
>
>
>
> *From:* Robert Raszuk <robert@raszuk.net>
> *Sent:* Sunday, October 13, 2019 6:57 PM
> *To:* Ron Bonica <rbonica@juniper.net>
> *Cc:* SPRING WG List <spring@ietf.org>
> *Subject:* Re: IPv6 Addresses and SIDs
>
>
>
> Hi Ron,
>
>
>
> /64 prefix is a pile of addresses ... if someone would be to follow your
> suggestion I could not allocate some blocks of that prefix on R1, then some
> other blocks on R2 then yet more on my servers.
>
>
>
> You said:
>
>
>
> *“**With a /64, if one /128 represents an IPv6 interface, as described in
> RFC 4291, all /128 MUST either:*
>
>
>
>    - *Represent an IPv6 interface, as described in RFC 4291, or*
>    - *Be unassigned**”*
>
>
>
> Maybe you meant to say something else:
>
>
>
> *“**When a /64 is used as SRv6 locator prefix,** if one /128 represents
> an IPv6 interface, as described in RFC 4291, all /128 MUST either:*
>
>
>
>    - *Represent an IPv6 interface, as described in RFC 4291, or*
>    - *Be unassigned**”*
>
> But then you sent this to SPRINT indicating that 6MAN should be the
> audience :).
>
>
>
> Best,
> R.
>
>
>
>
>
> On Mon, Oct 14, 2019 at 12:45 AM Ron Bonica <rbonica@juniper.net> wrote:
>
> Robert,
>
>
>
> I’m having a hard time understanding exactly how I have violated the
> longest match principle. Could you provide:
>
>
>
>    - A pointer to a statement of the longest match principle
>    - A few words regarding how I have violated it
>
>
>
>                                                               Ron
>
>
>
>
>
> *From:* Robert Raszuk <robert@raszuk.net>
> *Sent:* Sunday, October 13, 2019 5:24 PM
> *To:* Ron Bonica <rbonica@juniper.net>
> *Cc:* SPRING WG List <spring@ietf.org>
> *Subject:* IPv6 Addresses and SIDs
>
>
>
> Hi Ron,
>
>
>
> I disagree.
>
>
>
> Your suggestion violates longest prefix match principle in routing.
>
>
>
> It is huge waist of address space and is not specific to IPv6 at all.
>
>
>
> Let me describe the deployment case where your suggestion would cause it
> to break:
>
>
>
> I have /64 prefix where a few  /128s from that space I allocate to local
> interfaces making it a local v6 destinations on those nodes.
>
>
>
> However in the spirit of CIDR I still want to to use some blocks of that
> space - say  /126 or /124 as blocks which I only use to trigger local NAT
> as per rfc6296. And NAT does not require local address to be a destination
> address so it would be a big disservice to kill such deployment option.
>
>
>
> Many thx,
> R.
>
>
>
>
>
> On Sun, Oct 13, 2019 at 10:59 PM Ron Bonica <rbonica=
> 40juniper.net@dmarc.ietf.org> wrote:
>
> Folks,
>
>
>
> I think that we need a global rule that says:
>
>
>
> “With a /64, if one /128 represents an IPv6 interface, as described in
> RFC 4291, all /128 MUST either:
>
>
>
>    - Represent an IPv6 interface, as described in RFC 4291, or
>    - Be unassigned”
>
>
>
> The 6man WG will need to make such a statement since it owns RFC 4291.
>
>
>
>                                                              Ron
>
>
>
> Juniper Business Use Only
>
>
>
> Juniper Business Use Only
>
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
> <https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/spring__;!8WoA6RjC81c!SEkBOAmRsYlBjRKWx1gZ4eegKkzZOKQgTtZuXxMv5TgCiZMT9xl0OH0Q8pbdZee9$>
>
>

v2.23.0 | Report a Bug | By Email