IETF Logo Mail Archive

Re: [spring] “SRV6+” complexity in forwarding

Gyan Mishra <hayabusagsm@gmail.com> Fri, 20 September 2019 19:58 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEAA3120099; Fri, 20 Sep 2019 12:58:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H1jzZ5uk4YhJ; Fri, 20 Sep 2019 12:58:26 -0700 (PDT)
Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C799D1208BC; Fri, 20 Sep 2019 12:58:25 -0700 (PDT)
Received: by mail-io1-xd30.google.com with SMTP id b19so18954373iob.4; Fri, 20 Sep 2019 12:58:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2qrYthNXrKXSbsi6dvAsAgQI4FrY9ZVL7wsl6Zge3s4=; b=Y6CH2OvS/JgL5Av2M8fAkfervvU9o5F7X79HhGXrT0upFVjNjxGES4kp4Ym/rrrBCr dhI+xsFKq0ydyOQO85jTRvH34KM+AlErrQC3n+u+m/SX2obKvWzQ2DuhSrRkvf+w/qxu gtg4da9HJrOPVe4nONLIouuK1OUjDfwUHvez79AulmmXoXnGX4Btj8zxrDd+VCfXxL3I gpJuvIRekJEY6RM++7zsTBmVxfbOtlNaD1RirJvdHsW+xs4Uox+DtQZZrmG1ECNDL4wy CWd0ZnLR2D75LsXDDmGjoaZxv3MTE37+wST+9cGQ8ixJhUDa09OQIWDz5KU55wiMetJo A4oA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2qrYthNXrKXSbsi6dvAsAgQI4FrY9ZVL7wsl6Zge3s4=; b=eBpNBT6iEsxBqGi8Y6MaVc12l/sLMlqq6CUzPoNIcC7RqcCfvPgfEBukI8nSAtq3+u TqHmv3zbbazkMckuKWdSAaaYNEYPYAzhHO2Q4sVOodEZJZvdFTkEKdeimXd4eS+ktpWa C+UUoUyzoyqPeV/Ys92pJ2N+zV51e0dZSbzpDAd9lNXm6S8CpQX3E1LAy4s2Lb3h7K0d PB46vHwQwgLmcrI17OjpoRPj7puZZK1cxiSyiYFTBaWe84Lq3WVCEf6fFEVkRh7SJ6xN 72nI889o1HqgWw5UOMEm9FwGQVUOOrdY58Bp4tXWbPAoeC+2qyfMhLMDYtZWa3guebq5 M6FA==
X-Gm-Message-State: APjAAAXHju8VG26bEr/0Y9AsM7CyxNalQMxNMB6kckzl8V1EEfBsChxN ecBW772O0elsH8iVxTKFc7OhiE3oEEh5Ypz2sBY=
X-Google-Smtp-Source: APXvYqwHOpEbckPMGA6jTmjuxZvot9FmdrEPG0s7md6Dj5p2jdngH5Xt52m5zVI2PHY908ZU0WY6rpLtwwnRFnZn944=
X-Received: by 2002:a6b:b213:: with SMTP id b19mr1715239iof.58.1569009504730; Fri, 20 Sep 2019 12:58:24 -0700 (PDT)
MIME-Version: 1.0
References: <CAHd-QWtA21+2Sm616Fnw0D-eB7SNb_BeG8-A-MCLLFgTwSpOsg@mail.gmail.com> <BYAPR05MB54632F09C712ADB30138CFA9AEBE0@BYAPR05MB5463.namprd05.prod.outlook.com> <BYAPR19MB3415D21403394F8129A4BAD8FCB90@BYAPR19MB3415.namprd19.prod.outlook.com> <30491F13-C652-45C3-AB2B-95F765FBB4EA@juniper.net> <65C5CB04-3A2F-4F83-A7C8-2045154F93AE@cisco.com> <BYAPR05MB5463EC3250F2A303A3641839AEBA0@BYAPR05MB5463.namprd05.prod.outlook.com> <91CBADAD-EFE6-46E1-A9D3-DAA111357179@juniper.net> <CAOj+MMGyUFRPDqCBo5SbLX486o_9GLpM6Zxf8KSt1voWiqhkGQ@mail.gmail.com> <E8D473B5-3E8D-4339-9A79-0CAE30750A55@juniper.net> <CAOj+MMFOy5PyTo=jPJkVrQOctdWjsTbD=7ix-2n89vodKzT3gQ@mail.gmail.com> <2F604D74-51CF-4F2F-AEA9-1CBDEEA9B9F7@gmail.com> <F09C2D09-D769-4817-AF73-97D6ED1BC4BF@lapishills.com> <201909120857387140042@chinatelecom.cn> <1568259664564.62561@bell.ca> <CAO42Z2wQ_8GEE+=nAMFBj+ape9Vf7fARVoOwGdCiUxdffkyXgw@mail.gmail.com> <BYAPR05MB5463A04B05B4BD6AA294F7F0AEB00@BYAPR05MB5463.namprd05.prod.outlook.com> <6EA6F7C0-BEB2-4749-A6AB-62B1337213B2@cisco.com> <BYAPR05MB5463426F1668202EE5F183EFAE8F0@BYAPR05MB5463.namprd05.prod.outlook.com> <634900D2-FBCE-47CF-8907-C8B9CB3A4102@cisco.com> <CALx6S34=Tw-u4Hz-07-Rs-GjsungkqnD_fMoQnGc17u3VJhY1g@mail.gmail.com> <CAFqxzqYr7g2jzwJrhvjL_DXYZsDzbzqx01cy0zB1aBweDde1XQ@mail.gmail.com> <CAO42Z2yrjwRMykWxmEo5=18fMvuZdMtuyz5g1p=8oSzp_ro9Vw@mail.gmail.com> <52FDA21F-E860-45E2-846A-43B969DEDC87@juniper.net> <CAOj+MMFjCcQt7FLf9NjfEKruEYktU0iJEs8Q+qFG8Pjkt7jDaA@mail.gmail.com> <9EA2D501-4382-4071-A89C-8C593B66E2F1@juniper.net> <CA+b+ERmnw412sboPtMow6=WUFK_FW2iO+rQxOu4dQ0yV2cuukQ@mail.gmail.com> <CAA8Zg7G-Aa+mVWxax3EqJOs9V7T8Bu=mfvng8Om9bEw59D7Orw@mail.gmail.com> <CAOj+MMFuQqMcGdjLT0piyuyUNpgLka7Pn5suA+LRi+rzFeKwow@mail.gmail.com> <CAA8Zg7HtdoMtzqg6o04TjAnyg8NUaoijVi40NoUPeERcycGssA@mail.gmail.com> <CAOj+MMF7X2nar9TkvWc2LunwdL2A6pfzpvROeZ3XfCGcv4zBZQ@mail.gmail.com> <02987E0C-3512-4BDD-A888-32CF4C8EB78E@gmail.com> <F183D162-DE73-486C-ACBD-1200E991D8B7@gmail.com> <982B4570-F379-4451-8F50-11C932E241B0@gmail.com> <5575c33f-2152-4753-99e1-81acdbf34749@Spark>
In-Reply-To: <5575c33f-2152-4753-99e1-81acdbf34749@Spark>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Fri, 20 Sep 2019 15:58:11 -0400
Message-ID: <CABNhwV0F7yWEchPJXdwJ1ZABysWw3iySDooXzd7Ob9H492Hxww@mail.gmail.com>
To: Jeff Tantsura <jefftant.ietf@gmail.com>
Cc: Robert Raszuk <robert@raszuk.net>, Rob Shakir <robjs@google.com>, SPRING WG <spring@ietf.org>, 6man <6man@ietf.org>, Dirk Steinberg <dirk@lapishills.com>, "xiechf@chinatelecom.cn" <xiechf@chinatelecom.cn>, Tarek Saad <tsaad.net@gmail.com>, Srihari Sangli <ssangli=40juniper.net@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002dc8dc0593017e57"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/Im5UHDFNUc413WOHHCVpeaJ39nQ>
Subject: Re: [spring] “SRV6+” complexity in forwarding
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2019 19:58:30 -0000

On Fri, Sep 20, 2019 at 2:30 PM Jeff Tantsura <jefftant.ietf@gmail.com>
wrote:

> Hi Gyan,
>
> Always a pleasure!
> See inline, please  let me know if you have got any other questions.
>


> [Gyan]  Thanks Jeff for the detailed responses!
>

   I am with Verizon Communications and SME of Verizon's Network
Engineering & Technology org and head up their Planning, Engineering &
Design & Proof of concept lab so represent Verizon at the IETF from an
"operators" perspective for real world use cases as well as industry needs
standpoint and so to be on top of new and upcoming technologies  have been
part of the IETF Working Groups below related to Routing & Internet of
which as we can see on this thread has  a lot of overlap between many
working groups.


6MAN (IPv6 Maintenance) WG

MPLS (Multi Protocol Label Switching) WG

LSR (Link State Routing) WG

RTG-BFD (Routing Group - Bi Directional Forwarding) WG

SPRING  (Source Packet Routing in Network) WG

NFVCON (Network Function Virtualization) WG

PALS (Pseudowire And LDP-enabled Services) WG

RTGWG (Routing Area Working Group) WG

TEAs (Traffic Engineering Architecture and Signaling) WG

QUIC (QUIC UDP Internet Connections) WG

PIM (Protocol Independent Multicasting) WG

BESS (BGP Enabled Services) WG


[comments in-line]


Cheers,


Gyan

> Cheers,
> Jeff
> On Sep 20, 2019, 10:20 AM -0700, Gyan Mishra <hayabusagsm@gmail.com>,
> wrote:
>
>
>
> Sent from my iPhone
>
> On Sep 19, 2019, at 10:43 PM, Jeff Tantsura <jefftant.ietf@gmail.com>
> wrote:
>
> Gyan,
>
> IPFRR doesn’t use/need any IGP extensions and is local to the device
> computing LFA.
> As RTGWG chair - I welcome you to read a number of rather well written
> RFCs on the topic we have published in RTGWG over the last 7 years.
> Pay attention on how LFAs are computed, this would clarify your question
> as to why there’s no need for additional imposition as well as why LFA
> provides partial coverage.
> There’s also TI-LFA draft that explains how TI-LFA is computed and why it
> relies on additional imposition if LFA is unavailable.
>
> Regards,
> Jeff
>
>
> Thanks you Jeff!
>
> I am part of the RTGWG and will definitely read through all the RFCs as
> well as Ti-LFA draft I detail.
>
> I read through RFC 5286 IP LFA the LFA algorithm uses the underlying IGP
> to for alternative loop free next hop for link and node protection but
> since it’s the algorithm runs locally to build the “backup” path pre
> programmed it does not require IGP extensions.
> IP LFA is similar algorithm to the CISCO proprietary EIGRP topology
> loopfree feasible successor backup paths.  Am I stating that correctly
> reason why LFA does not rely on IGP extensions.
>
> [jeff] IP LFA relies on the fact that in LS routing protocols, all routers
> in area/level share same LSDB, hence LFA's can be computed, DUAL (EIGRP)
> has some similarities, you could further read RFC7868 (Feasibility
> Condition)
>
>
> RFLA RFC 7490 - so I had a question - always wondered about - so RLFA is
> used when a LFA path does not exist so a ldp tunnel is built to the PQ node
> for backup RLFA pre programmed path to get built.
>
> [jeff] it is a local policy matter, in the implementation I worked on,
> this was the default behavior.
>
>   So when that LDP tunnel is build an extra mpls shim is added to the
> label stack.  Is that correct for RLFA backup paths. Is it just a single
> shim or multiple to do the RLFA LDP tunneling.
>
> [jeff] this is a single MPLS(transport) label
>
>
> I read through the Ti-LFA draft
>
> [jeff] we have adopted the draft as wg document, it has been updated,
> please read draft-ietf-rtgwg-segment-routing-ti-lfa-01
>
>
>
> https://datatracker.ietf.org/doc/draft-bashandy-rtgwg-segment-routing-ti-lfa/
>
> So Ti-LFA uses loop free uses a traffic engineered IGP independent
> topology independent path that is desired with SR-MPLS or with SRv6 uses
> the EH SRH SID list for the pre programmed backup path.  So an additional
> EH insertion has to occur on the ingress PE to the SR or SRV6 domain.
>
> [jeff] No, the insertion is happening at the PLR (point of local repair)
> and is local to the PLR, if a backup path is instantiated at
> head-end/ingress PE, we are talking about “path protection”, e.g. - when
> head-end desired to switch over to a backup path it does so without help of
> any intermediate nodes.
>
>  I have to read through more carefully but I am not seeing how an
> intermediate node would require EH insertion since that function is always
> on the source node head end of the traffic engineered path.
>
> [jeff] see my previous comment, it is indeed the intermediate node (PLR)
> that computes LFA and if PQ node is not available thru shortest path (think
> ring topology) it has to impose additional piece of data-plane information
> (MPLS labels/EHs) that would be used by intermediated nodes to get to the
> PQ node.
>
> [Gyan]  So that makes sense now why the intermediate node EH insertion is
> required at the (PLR) intermediate node that computes LFA and if LFA is not
> available through the IGP SPF local topology database a single EH SRH
> header needs be inserted  at the PLR node for the PSSI segment SR source
> route list to source route traffic engineer along the protected path to the
> egress PQ node.
>
>         In some of the discussion I heard rumblings about TLVs processing
on the intermediate node and performance hit with EH insertion & TLV
processing hit impacting asic line rate performance. How do we get around
that issue with intermediate node EH insertion impacting performance for
Ti-LFA.

Also is Ti-LFA the only use case that requires EH insertion?


> Regards,
>
> Gyan
>
> On Sep 19, 2019, at 18:06, Gyan Mishra <hayabusagsm@gmail.com> wrote:
>
> Hi Robert
>
> I know we have gone through many many lengthy discussions adnosium and I
> know the question has come up a few times and I know you replied back a few
> times related to the service provider use case where we end up with the
> multiple violations of RFC 8200 related to intermediate nodes EH insertion
> as well as many EH insertions occurring and what was mentioned was Ti-LFA.
> So since LFA and Remote LFA are extensions of the IGP providing the 50ms
> failover similar to traditional mpls Fast Reroute capabilities NH & NNH
> link/node/path protection in the legacy TE FRR pce the head end PE LSR adds
> and additional mpls shim for FRR.
>
> With IP LFA and remote LFA used with LDP there are IGP extensions opaque
> LSA’s that provide the pre programmed backup path provided by LFA loop free
> backup path.  In that scenario with LDP there is not any additional label
> with LFA but with remote LFA is added for the Remote LFA backup path with
> LDP session protection enabled with targeted LDP session tunnled through
> the RLFA node.
>
> So now talking SRv6 with Ti LFA why is there an EH insertion as we are not
> using mpls LDP and not doing remote LFA and this is not the traditional
> mpls TE FRR.
>
> I am not getting it from a network engineering technical standpoint what
> the use case is and why EH insertion would occur on any intermediate node
> as that even in the legacy mpls TE world its on the ingress LSR PE and for
> that matter in this case the benefit of SRv6 is “native TE” source routing
> via SRH pssi instructions and not maintaining state on the intermediate
> nodes which just do the PSSI and copy the SRH destination rewrite of IPv6
> destination for the traffic engineered path and then do PSP or USP on the
> egress node of the service provider core.
>
> I designed and manage a fairly large mpls core for Verizon and if their is
> a asic processing penalty hit due to intermediate node EH insertion we
> don’t want it and will stay course with LDP and stick with our path
> targeting SR-MPLS and ditch any ideas of ever going to SRv6.
>
> Thanks in advance for help in clarification of this topic and I think
> understanding the use case would help 6man overall understand the
> justification of the RFC 8200 violations.
>
> Thank you
>
> Gyan Mishra
> Verizon Communications
> Cell 301 502-1347
>
> Sent from my iPhone
>
> On Sep 19, 2019, at 3:50 PM, Robert Raszuk <robert@raszuk.net> wrote:
>
> Hi Reji,
>
> Notice what it says: *" ... explicitly listed intermediate nodes ... "*
>
> CRH which is used in SRv6+ does not explicitly list intermediate nodes so
> I do not think the procedures in IPv6 spec apply as the way you interpret
> them.
>
> But I am i no way authoritative ... still learning IPv6 and this thread
> become great education.
>
> An real example where those procedure apply is documented in RFC6554 which
> does put the addresses explicitly.
>
> Many thx,
> Robert.
>
>
>
>
>
>
>
>
> On Thu, Sep 19, 2019 at 9:14 PM Reji Thomas <rejithomas.d@gmail.com>
> wrote:
>
>> Hi Robert,
>>
>> >>I do not know what is the difference between IPv6 Destination Address
>> in the fixed header and "final destination". Where do you carry "final
>> destination" address ?
>>
>> See Section 4.4 in RFC 8200.  Hope its clear what's the final destination
>> and the context in which it is used.
>>
>>       Segments Left       8-bit unsigned integer.  Number of route
>>                           segments remaining, i.e., number of explicitly
>>                           listed intermediate nodes still to be visited
>>                           before reaching the final destination.
>>
>>
>> Regards
>>
>> Reji
>>
>>
>> On Thu, Sep 19, 2019 at 10:26 PM Robert Raszuk <robert@raszuk.net> wrote:
>>
>>> IPv6 fixed header has only one destination address. So TE midpoint is
>>> either a packet's destination or not. It can not be both.
>>>
>>> I do not know what is the difference between IPv6 Destination Address in
>>> the fixed header and "final destination". Where do you carry "final
>>> destination" address ?
>>>
>>> Many  thx,
>>> R.
>>>
>>> On Thu, Sep 19, 2019 at 6:17 PM Reji Thomas <rejithomas.d@gmail.com>
>>> wrote:
>>>
>>>> Hi Robert,
>>>>
>>>>
>>>> >>Well the crux of the matter is that you still need to process all EHs at each IPv6 destination which here means each transit node per RFC8200
>>>>
>>>>
>>>>  From RFC 8200 that doesn't seem to be the case or at least as I understand. See  Section 4..1 note 1 and note 3. Am I missing something?
>>>>
>>>>  IPv6 header
>>>>       Hop-by-Hop Options header
>>>>       Destination Options header (note 1)
>>>>       Routing header
>>>>       Fragment header
>>>>       Authentication header (note 2)
>>>>       Encapsulating Security Payload header (note 2)
>>>>       Destination Options header (note 3)
>>>>       Upper-Layer header
>>>>
>>>>       note 1: for options to be processed by the first destination that
>>>>               appears in the IPv6 Destination Address field plus
>>>>               subsequent destinations listed in the Routing header.
>>>>
>>>>       note 2: additional recommendations regarding the relative order of
>>>>               the Authentication and Encapsulating Security Payload
>>>>               headers are given in [RFC4303 <https://tools.ietf.org/html/rfc4303>].
>>>>
>>>>       note 3: for options to be processed only by the final destination
>>>>               of the packet.
>>>>
>>>>
>>>> Regards
>>>> Reji
>>>>
>>>> On Thu, Sep 19, 2019 at 9:00 PM Robert Raszuk <rraszuk@gmail.com>
>>>> wrote:
>>>>
>>>>>
>>>>> I disagree. PPSI and PSSI leverages the DOHs in IPv6 architecture
>>>>>> better. The SRv6+ drafts explain the usecases better FYI.
>>>>>>
>>>>>
>>>>> Well the crux of the matter is that you still need to process all EHs
>>>>> at each IPv6 destination which here means each transit node per RFC8200.
>>>>> That is regardless what any other spec says .... unfortunately.
>>>>>
>>>>> Best,
>>>>> R.
>>>>>
>>>>>
>>>>>
>>>>> --------------------------------------------------------------------
>>>>> IETF IPv6 working group mailing list
>>>>> ipv6@ietf.org
>>>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>>> --------------------------------------------------------------------
>>>>>
>>>> _______________________________________________
>>>> spring mailing list
>>>> spring@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/spring
>>>>
>>> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>
>

-- 

Gyan S. Mishra

IT Network Engineering & Technology

Verizon Communications Inc. (VZ)

13101 Columbia Pike FDC1 3rd Floor

Silver Spring, MD 20904

United States

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

www.linkedin.com/in/GYAN-MISHRA-RS-SP-MPLS-IPV6-EXPERT

v2.23.0 | Report a Bug | By Email