IETF Logo Mail Archive

Re: [spring] A permanent change to/violation of RFC8200 for a temporary situation. (Re: Is srv6 PSP a good idea)

"Pablo Camarillo (pcamaril)" <pcamaril@cisco.com> Thu, 27 February 2020 20:51 UTC

Return-Path: <pcamaril@cisco.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73FB53A0BC8 for <spring@ietfa.amsl.com>; Thu, 27 Feb 2020 12:51:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.6
X-Spam-Level:
X-Spam-Status: No, score=-9.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=LXIN5BLk; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=WdkyMMED
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Un2RZ760BpoQ for <spring@ietfa.amsl.com>; Thu, 27 Feb 2020 12:51:20 -0800 (PST)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A2883A0BC2 for <spring@ietf.org>; Thu, 27 Feb 2020 12:51:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=11348; q=dns/txt; s=iport; t=1582836680; x=1584046280; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=CeuiEEICvz+X5HvqMsSFj0I/uxhSr5UmQldPHX12PSQ=; b=LXIN5BLkcN3NaTzoSYKxCONrrADmaqRM5JXJgCrd1FP2c8000j8anRoA 8DPWK+xuc2MMp0jWcjAlwh1oAlqyPihKPNXrhQVThfEKxn0CGq8d8RTtM RA9oHh8v2V8O3nWDxGKlFXhQzwhUEf9NnSchTNtt1V5kuL/tRKERBup+6 k=;
IronPort-PHdr: 9a23:k0Knyxf8xqWz59bpl+AfzVZzlGMj4e+mNxMJ6pchl7NFe7ii+JKnJkHE+PFxlwGQD57D5adCjOzb++D7VGoM7IzJkUhKcYcEFnpnwd4TgxRmBceEDUPhK/u/dyczGc1YVVtN9HCgOk8TE8H7NBXf
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DyBQAZK1he/5BdJa1mHAEBAQEBBwEBEQEEBAEBgXuBVCQsBWxYIAQLKgqECoNGA4pngl+JY44xgUKBEANUCQEBAQwBARgLCgIEAQGBTIIvRQIXgXEkOBMCAw0BAQUBAQECAQUEbYULBScMhWMBAQEBAgEBARARBA0MAQEsCwELBAIBCBEBAgEBAQECAh8EAwICAh8GCxQBAgYIAgQOBSKDBAGCSgMOIAEDC6R7AoE5iGJ1fzOCfwEBBYUPDQuCDAMGgQ4qjCUagUE/gREnIIJMPoEEgRdJAQGBMAESAQcCCQ8XgnoygiyNTCAEMIJFj0+PIkQKgjyNHoURhDYcgkmIG4cBiUmMBY4VkB0CBAIEBQIOAQEFgWkiZ3FwFTsqAYJBUBgNiB+FfgkDDAsVgzuFFIVBdIEpi0cCJgSBBwGBDwEB
X-IronPort-AV: E=Sophos;i="5.70,493,1574121600"; d="scan'208";a="461759582"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 Feb 2020 20:51:19 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 01RKpJYs002185 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 27 Feb 2020 20:51:19 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 27 Feb 2020 14:51:18 -0600
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 27 Feb 2020 15:51:17 -0500
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 27 Feb 2020 14:51:17 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FEtjpdRh/d+XYNe8Bg2UQwFS1JWg3N5IfO54T0Tm8Fgrud74FVMzMjjqotsp/JDkLAWTnKwyXVuin7xMEB4N0y+m8Td6LQ7MaMKIrrfbYNFBmiOZFxb2+NyQhDGMc9qbCWAfh5+2R4AbdxGmaDvpG4M0rPn/50wIbCme2u/1Me8n0sMyKBqLeiMLGKBfB1+jmKsR1I9Gh6c+H201A8n4z+t63BTvxPDqiusLw0enrdRtUBo00lx9UzCgNr+7xO/VmcbsH/nPSrP2Tdr1m6bHFE9SKiQf3F2V1XXMDGklbbRLICJDU3LyMt2EGuCPIYqnGpO8VcfjJYcPpYBdFzelMQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CeuiEEICvz+X5HvqMsSFj0I/uxhSr5UmQldPHX12PSQ=; b=hovjFknUcMcZ5Yd/MlOzvXZqJBL5kUg2jyvTsMU3zNiYLbDSTf5tgJzuyWevBk2jhWg6BL6OB+vkdKGEFVlFKT1BqYDYzGsfVAsT3r6yyaj08Au4SPsm8v8g72DvqLvLMMLCUTbWCkRWAzYvyEHp66k30UEgVsf3zFm5797sjq1OwWiTv+DkN7tlFcYH7lVlkml6yrBzJDZtPKafFsXYvTXQL67qv9tpZ7a65P0tkqHENWjor7ivrQoN2Idetqvnf3ylwHZeuh6I/6ug57d6vfIiqSpWC/ZQNU11ceejleNM0vjqW75OWn8cuuB39pW/5fhXk3I1S/8OWHZXfeD5zQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CeuiEEICvz+X5HvqMsSFj0I/uxhSr5UmQldPHX12PSQ=; b=WdkyMMED92/MhNdXujYdqyATjCa0MV5B9WT+xRluJyih/HikDe3Dd4WjgMJGi3UOrQ9mVzzR5gWcKf8sQSrggpfuISrPRIWNH1+VipbO6X/IWMrkg5Y5qpGVgjBxxf9wnJbHxoLCTNl9y60qePUogu84OkW8MjxO8fOuAIbhYYQ=
Received: from MWHPR11MB1374.namprd11.prod.outlook.com (10.169.234.8) by MWHPR11MB1566.namprd11.prod.outlook.com (10.172.56.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2772.14; Thu, 27 Feb 2020 20:51:16 +0000
Received: from MWHPR11MB1374.namprd11.prod.outlook.com ([fe80::e481:a191:e31:f948]) by MWHPR11MB1374.namprd11.prod.outlook.com ([fe80::e481:a191:e31:f948%12]) with mapi id 15.20.2772.012; Thu, 27 Feb 2020 20:51:16 +0000
From: "Pablo Camarillo (pcamaril)" <pcamaril@cisco.com>
To: Mark Smith <markzzzsmith@gmail.com>
CC: "spring@ietf.org" <spring@ietf.org>, "Voyer, Daniel" <daniel.voyer@bell.ca>, "Xiejingrong (Jingrong)" <xiejingrong@huawei.com>
Thread-Topic: [spring] A permanent change to/violation of RFC8200 for a temporary situation. (Re: Is srv6 PSP a good idea)
Thread-Index: AQHV7Vq1FHArkalwI0+Ao/2j5nGjJagvkXoA
Date: Thu, 27 Feb 2020 20:38:47 +0000
Message-ID: <5C583745-894A-4B9C-83B0-9AF8F85D3A3A@cisco.com>
References: <EC02B3AB-9E11-4F85-B618-1092B1B8E085@bell.ca> <CAO42Z2xPR1N-7aeisyb=gT1hFQmi1KNTtbc7fHUA0YbfXu_o1Q@mail.gmail.com>
In-Reply-To: <CAO42Z2xPR1N-7aeisyb=gT1hFQmi1KNTtbc7fHUA0YbfXu_o1Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.22.0.200209
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pcamaril@cisco.com;
x-originating-ip: [213.4.210.210]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c7633124-c53c-44bb-7bc4-08d7bbc6ca07
x-ms-traffictypediagnostic: MWHPR11MB1566:
x-microsoft-antispam-prvs: <MWHPR11MB156636B0A0451138396BB802C9EB0@MWHPR11MB1566.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 03264AEA72
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(396003)(366004)(136003)(376002)(39860400002)(199004)(189003)(53546011)(66574012)(6486002)(6916009)(6512007)(26005)(186003)(2616005)(6506007)(4326008)(33656002)(2906002)(8936002)(316002)(91956017)(64756008)(66946007)(478600001)(71200400001)(8676002)(6666004)(66476007)(86362001)(76116006)(966005)(4001150100001)(36756003)(54906003)(81156014)(66556008)(81166006)(66446008)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR11MB1566; H:MWHPR11MB1374.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: xREpNbdabbcHk8yUgwUZUw/l+jiF2EYLKvbwnaYq/7poJPrMi3NbFVoeHF+jw2ZQ5doLhmvMo02R1rv3mSER2sJI14PKjYTs6ynrwoZJ7z95Wz+0QirYKFYSie+zSZOYNXfOB5PaH9c8MJdnzzSIziZ2+I3HushOmafmiOAor6qwXfPgpHrm6rkqwnNmQWilg+onwT5KcX4Sl9afVAzKiR4OmE7Kdj2bRvUe/NTPaT4B2k/bIkXvSy2N2VnIoZYDxugp2SkeKo+m72AbuLnu5l3be+gOapgnIKi7B8IDhfMstE889tQ3eIWrjFEuLaRHnYQzylIIF6q49xOWZMR0QkfednZmb1kO8xIQ+hEgERU6CYpDNNbbky2I/RlGW832Nmtz2U6vrgsct9KxDbKlDk/PP+aVOHV3uRcq1EAHnknnZtGAOrFXodZoFl0z7oQKo9aouh1Dctt1UMhTnp7mzc0yDRsa+UoyCXNz4TKKVUVO1QcFuJa7yi+ePZE2YxkESvl3+qMiW8WIKJ/TbZaLjw==
x-ms-exchange-antispam-messagedata: i+vfTYcYDzEqcBtY2x1CSGbWSL1OHPgDoulmi7uopFav4kQDIivyHpxMBO1SJIf0dk4fJoHuXiuM58g/CdViDpj5r9yCqqKVi2GhfMmtreB3UXqZkkFGDU6qG40XeAKe8JlDFF8rPjxAeSmoD31f7w==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <2763C28664E43E408DB1BDF8CA3A4EEC@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: c7633124-c53c-44bb-7bc4-08d7bbc6ca07
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Feb 2020 20:51:16.1082 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: npimhX2r7dJYr7zmkMoP7wDvmaXt8/bC8qLxKbrgLByF6p7emnE48iHh9AjqxMyL+uY48cLCLwX4Do0zZf6YuA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1566
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.15, xch-aln-005.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/KbZiDkzuNwTe3bKhsILjR_yhEwY>
Subject: Re: [spring] A permanent change to/violation of RFC8200 for a temporary situation. (Re: Is srv6 PSP a good idea)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2020 20:51:23 -0000

Mark,

Both the SRv6 control plane and dataplane operate between PEs. The legacy egress PE only executes End.DT/End.DX and is not capable of doing SRH processing at linerate in the use-case described by Dan. And as a reminder this is only one of the use-cases of PSP. 

Cheers,
Pablo.

-----Original Message-----
From: spring <spring-bounces@ietf.org> on behalf of Mark Smith <markzzzsmith@gmail.com>
Date: Thursday, 27 February 2020 at 11:43
To: "Voyer, Daniel" <daniel.voyer@bell.ca>
Cc: "Xiejingrong (Jingrong)" <xiejingrong@huawei.com>, "spring@ietf.org" <spring@ietf.org>
Subject: [spring] A permanent change to/violation of RFC8200 for a temporary situation. (Re: Is srv6 PSP a good idea)

    On Sat, 14 Dec 2019 at 09:14, Voyer, Daniel <daniel.voyer@bell.ca> wrote:
    >
    > I agree 100% with Jingrong,
    >
    > PSP allows us to bring SRv6 to legacy PE devices that are not capable of processing the SRH in the dataplane, but are capable of supporting SRv6 in the control plane.
    >
    > See this example:
    > I am streaming traffic from a server to a customer;
    > The ingress PE (near the server) encapsulates the packet and adds an SRH with a low-latency list of segments;
    > The penultimate node in the SRH executes PSP;
    > The egress PE (near the customer) decapsulates the IPv6 header and forwards the inner packet to the customer.
    >
    
    I want to understand this example better, because it sounds very strange to me.
    
    So the SRv6 control plane is extended past the edge of the SRv6
    forwarding plane?
    
    In all other protocols and networks I'm aware of, the control plane
    domain and devices, and the forwarding plane domain and devices
    it/they controls are either congruent, or the control plane is
    "smaller" than the forwarding plane e.g. a couple of BGP Route
    Reflectors controlling a cluster of many more routers.
    
    What value is an SRv6 control plane on a router/PE that doesn't
    implement the SRv6 forwarding plane?
    
    This value would only exist during a temporary period until the router
    forwarding plane could be upgraded to an SRv6 forwarding plane,
    returning to the common convention of congruent control and forwarding
    planes.
    
    So it seems in this case that RFC 8200 is being violated with the PSP
    proposal to accommodate extending an SRv6 control plane past a
    network's SRv6 forwarding plane for a relatively short temporary
    period, for any particular network, perhaps no more than 2 to 3 years
    maximum.
    
    Why not have the SRv6 control and forwarding domains always match, as
    is usual and conventional for other matched pairs of control and
    forwarding plane protocols and deployments, including new
    protocol/forwarding plane deployments, and entirely avoid the issue of
    fundamental violations of or making fundamental changes to a full
    Internet standard protocol?
    
    > We can include SLA unidirectionally from the server to the customer even though that the egress PE has a legacy ASIC. Legacy equipment are a reality and are not easy to replace, hence interoperability with brownfield is key for any innovative approach.
    >
    
    This is exactly the fundamental justification for not violating RFC
    8200, and only minimally extending it where necessary and permitted,
    fitting within the architecture rather than trying to change it. As
    much SR magic as possible should be put into the much easier to
    upgrade control plane, ideally avoiding or at least minimising
    forwarding IPv6 plane changes.
    
    Regards,
    Mark.
    
    
    
    
    > dan
    >
    > On 2019-12-10, 11:15 PM, "spring on behalf of Xiejingrong (Jingrong)" <spring-bounces@ietf.org on behalf of xiejingrong@huawei.com> wrote:
    >
    >     I think it's a good idea.
    >     Nothing new, but benefits that people have already said seems notable to me.
    >
    >     (1) reduce the load of final destination. This benefit can be notable for the following sub reasons.
    >     (1.1) final destination tends to have heavy load. It need to handle all the EHs and do the delivery/demultiplex the packet to the right overlay service.
    >     (1.2) example 1, the final destination may need to handle the DOH after the RH.
    >     (1.3) example 2, the final destination may need to do the assembly of fragmented packets.
    >     (1.4) example 3, the final destination may need to do AH/ESP after the Fragmentation Header.
    >     (1.5) example 4, the final destination may need to deliver the packet to the right overlay service.
    >
    >     (2) support the incremental deployment when final destination(s) do not process/recognize SRH. This benefit can be notable for the following sub reasons.
    >     (2.1) A core router may (fan-out) connected with a big number of low-end routers that do not support SRH but support tunnel-end/service-demultiplex function of SRv6.
    >
    >     Thanks
    >     Jingrong
    >
    >     -----Original Message-----
    >     From: spring [mailto:spring-bounces@ietf.org] On Behalf Of Joel M. Halpern
    >     Sent: Wednesday, December 11, 2019 10:55 AM
    >     To: spring@ietf.org
    >     Subject: [spring] Is srv6 PSP a good idea
    >
    >     For purposes of this thread, even if you think PSP violates RFC 8200, let us assume that it is legal.
    >
    >     As I understand it, the PSP situation is:
    >     o the packet arrives at the place (let's not argue about whether SIDs are locators) identified by the SID in the destination address field o that SID is the next to last SID in the SID list o that sid is marked as / known to be PSP o at the intended place in the processing pseudocode, the last (first) entry in the SRH is copied into the destination IPv6 address field of the packet
    >     -> The SRH being used is then removed from the packet.
    >
    >     In order to evaluate whether this is a good idea, we have to have some idea of the benefit.  It may be that I am missing some of the benefit, and I would appreciate clarification.
    >     As far as I can tell, the benefit of this removal is that in exchange for this node doing the work of removing the SRH, the final node in the SRH does not have to process the SRH at all, as it has been removed.
    >
    >     I have trouble seeing how that work tradeoff can be beneficial.
    >     Removing bytes from the middle of a packet is a complex operation.
    >     Doing so in Silicon (we expect this to be done in the fast path of significant forwarders as I understand it) requires very special provision.  Even in software, removing bytes from the middle of a packet requires somewhere between some and a lot of extra work.  It is distinctly NOT free.
    >
    >     In contrast, we have assumed that the work of processing SRH itself is tractable, since otherwise all of SRv6 would be problematic.  So why is this necessary.
    >
    >     Yours,
    >     Joel
    >
    >     PS: Note that both the MPLS case and the encapsulation case are very different in that the material being removed is at the front of the IP packet.  Pop or prepend are MUCH easier than middle-removal (or middle-insertion).
    >
    >     _______________________________________________
    >     spring mailing list
    >     spring@ietf.org
    >     https://www.ietf.org/mailman/listinfo/spring
    >
    >     _______________________________________________
    >     spring mailing list
    >     spring@ietf.org
    >     https://www.ietf.org/mailman/listinfo/spring
    >     ------------------------------------------------------------------------------
    >     External Email: Please use caution when opening links and attachments / Courriel externe: Soyez prudent avec les liens et documents joints
    >
    >
    >
    > _______________________________________________
    > spring mailing list
    > spring@ietf.org
    > https://www.ietf.org/mailman/listinfo/spring
    
    _______________________________________________
    spring mailing list
    spring@ietf.org
    https://www.ietf.org/mailman/listinfo/spring

v2.23.0 | Report a Bug | By Email