[spring] Further thoughts on g-srv6/csid
Andrew Alston <Andrew.Alston@liquidtelecom.com> Wed, 13 October 2021 14:38 UTC
Return-Path: <andrew.alston@liquidtelecom.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 245993A0B5E for <spring@ietfa.amsl.com>; Wed, 13 Oct 2021 07:38:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=liquidtelecom.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XcndDHshT5_L for <spring@ietfa.amsl.com>; Wed, 13 Oct 2021 07:38:32 -0700 (PDT)
Received: from eu-smtp-delivery-182.mimecast.com (eu-smtp-delivery-182.mimecast.com [185.58.86.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06A573A0B41 for <spring@ietf.org>; Wed, 13 Oct 2021 07:38:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=liquidtelecom.com; s=mimecast20210406; t=1634135906; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=w2clDmWcdZBCtKCwnL6TgI5q1HiJUB4mLmc1u84Al3Q=; b=DyVvSmYBppbz7YXG61ZZOklersgC2NjaMxcXZG49D+qPembEm/RtLt1PIOC1yTESGX4TVU kObE5IsLKNd5Gh2RioUB+LhzdzXK/Bs8CfyAEYBdacvpUL/RAK38MosL8iKlxjSFUqbJuo TY2niu5ecag/KE9Nup2p6D6Ngx15KIg=
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05lp2174.outbound.protection.outlook.com [104.47.17.174]) (Using TLS) by relay.mimecast.com with ESMTP id uk-mta-55-puRqDC9QN52hCxT8dSGnkA-1; Wed, 13 Oct 2021 15:38:24 +0100
X-MC-Unique: puRqDC9QN52hCxT8dSGnkA-1
Received: from AS8PR03MB7622.eurprd03.prod.outlook.com (2603:10a6:20b:346::6) by AS8PR03MB7873.eurprd03.prod.outlook.com (2603:10a6:20b:420::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.20; Wed, 13 Oct 2021 14:38:23 +0000
Received: from AS8PR03MB7622.eurprd03.prod.outlook.com ([fe80::90ec:90d5:59c4:fef9]) by AS8PR03MB7622.eurprd03.prod.outlook.com ([fe80::90ec:90d5:59c4:fef9%5]) with mapi id 15.20.4587.030; Wed, 13 Oct 2021 14:38:23 +0000
From: Andrew Alston <Andrew.Alston@liquidtelecom.com>
To: SPRING WG <spring@ietf.org>
Thread-Topic: Further thoughts on g-srv6/csid
Thread-Index: AdfAPVhAcfWL+VyISxOgIvLlngm3RA==
Date: Wed, 13 Oct 2021 14:38:23 +0000
Message-ID: <AS8PR03MB7622B9A3BAE56F3ABD8B55B1EEB79@AS8PR03MB7622.eurprd03.prod.outlook.com>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f32bf2a9-25ae-4778-78b1-08d98e571c09
x-ms-traffictypediagnostic: AS8PR03MB7873:
x-microsoft-antispam-prvs: <AS8PR03MB78730E34CAE6F9221055C81BEEB79@AS8PR03MB7873.eurprd03.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: Be28sVurlVk7ORC8N7BwBgc1MYQIMHoNJ9umwzwEYqVxaoRSbaKwj2YvilNiAzsEUXeNoXa/PQNCPMMsTwpP74Gc2DndZuPGUX3vgAwrkFwhjN65dgK6ki6Y+8v+vlUuIFFxk6zYForiv5zuuMBXk3FKkvA8OqMnAtJUljqRr9ZL+Spi7o6kjVGlztZHNGvE8lRz3gBicuVUZD39WS7dB28V52gVmS04bCJ3LFbujWCmCN0LBmwH3KRcI44zpIjtJeSQftjjywVj4TqlwnjJNrhdYGOThxMenrL1bxVKoCG9wb3LMP2jQYj7tHZ2K1yKqMm7h83xby0xVZGJpnSrVWl10idDMv6RWA1E2WmZWPe6wiJ16KuVVpuDrbzW1lczOW1f5ezQamtKCgxIWvR2NP4gRb9lllaDpCNdZU+WSA4GJxVOhY1ceiWYfDHMaiauDzl6sBZMUUc9PF/nx56gYB3kyh0buGKXanV1dbsiXrFZB5KVasfjXM4fArgp4xqksFNUj5fWdyK2P66MjiW+mESgns8va/8zmT7+36T/ULvIjeW8RxLuVLJnrWCp7wMnDYK7vr2nxV6viWcQiTsgpSWCsttq025tuCQa0KSWzzbIEJPnAinRHcNPS4N7xje5AbMBVPn1Og1si72C0DkbldcDUGGvIMswh9RqXabZwe799fy29IrFgUxRmB2qbnrtgemfG5qXzien5cbGLMtVlA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS8PR03MB7622.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(186003)(38070700005)(9326002)(7696005)(6506007)(8676002)(71200400001)(66574015)(8936002)(86362001)(6916009)(83380400001)(9686003)(122000001)(316002)(5660300002)(76116006)(66476007)(38100700002)(66946007)(52536014)(55016002)(66446008)(64756008)(66556008)(2906002)(33656002)(508600001); DIR:OUT; SFP:1102
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Pb74AFZm8ZU1zCawL3Qovo8s7S+IZJr/w4ycZsRfCEXnIlMO2rNTd+OQucFp9tBLZOBWNKBig2Ceb8VtgjZ1XXg17RxJouwWYELQWBUK3ykJewuCb6exgdQ5BRVZQSaAWGtJin8NdGJpCMuqRPU9xGgxD3D3e7Q/+9X9JkWDxy17j1RnmdNm2sbcj9YqeKVUKBG7zmjsAiLkoSHFEzVMp+vbaZOfzHucUU+VQzdLFWeOn+vtMTkUA40y+Q3SPe2ToulwrbSd7Qcb6ci2Rgt3rA55W1V8LosyPXhPsrQ1YGKxht0uIoK1nAz/1/GzFe9foAT7YuOxHjHWNcnJtad+ABcoLX72WE4NXfuaWAIl/P1D6G4W94x7h4/93KRpCuDpK7R79nCy+b7u1SbUl/6QZh17AUIWkhZw/rA8f36fzqs6dyFkF2P7EXfLfWi6yYly7HQqtWGmVUVvaJMWJJbEPUp6Jmb1NCah88bHnu+vz+wdKZueFS1Y8Wy29q5nUv1VOXAubXGD7fe7YmnE4pxQHdavl1EvTrkLzJVgjHg83NbOGVQ/Ui5n0J6yK5HrmPuHWYmMukYK2qUv69iG2nTPadJEUZk9IczhlzMZ8MUUbhKTrphdxinlmSJE0jhpEItfJqYmxgk/LB3WMx34FVMsXkZBhNeL7arZoHBruRtsMOUvaj1GzPKP/g9VXrBUsxG5fqAe8XSHc26ES6Z0zwOQeuolERAG8n9A/XZgsuFcL76sgpHNpzfOmX3/DjgEsmmIJGY9cI+7tIORSiZI1m5cO6PE9W2gzldfTrnwRKujBtHyuKUBEDN3kfDfth6XlSIf9rXrIdm9pSbOuprIe9TyEBjgSAXYDZ0JdPFS4LWV7IjmB9zSPcKr2yE2SwJNDaWXA9CiSjcLnqZfFoV1cjYivCI3ii1Nq2vjZgBHBgPj7Itfe3Hy4tQqqmcr8SlEZIZy+GThMFdSCTkKAAFJ7OEEKb6TVkr9lUpPezXyOVrGljms63edZh+MvN1rvdgPR33DiQk+LAVfSU1DlvCEfB+bpQm9jaLy/ReqXLfZHMojJTQbtDiaVzuQpQnGDlgcjHcga7K886Pj3IWA2fg0pHGcs6Hcjk+6mALMOIglx93SwTOEKDZrL5ugnRezldv0W3rGUKN0CpOQE3T4FJNrExqGI7H4rQwJTIsREXNjerjEq7TpQ2USHATiUA7qsAjxwoNh0CmsDBsQlvIpawKNdwHD0LEu/Yq48cxBQEUGym5PBiLTXxRuu86gxvBfEwmtIDsQTgWRu0Lx6qLzXKBHdFMkG4aGapzPC80BeOdZ7eJD1+8cOaBW00mT/tCPsdjzwCePj4u1YqRzL1cGImHnFjX/edxFPIZbrLx62XGVIn3GYbE=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: liquidtelecom.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AS8PR03MB7622.eurprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f32bf2a9-25ae-4778-78b1-08d98e571c09
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Oct 2021 14:38:23.2600 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 68792612-0f0e-46cb-b16a-fcb82fd80cb1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: LV5YfmFE/ZYSpkJyiToM/btgo0wJRgEqiFSHcmWnYRdWX1i7VehHGC0XTYGGsN7wHf1LRbXjoh5ilWxggHYNNlYR47Xzxz0a/ZV64Tng7vA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR03MB7873
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=C82A168 smtp.mailfrom=andrew.alston@liquidtelecom.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: liquidtelecom.com
Content-Language: en-US
Content-Type: multipart/alternative; boundary="_000_AS8PR03MB7622B9A3BAE56F3ABD8B55B1EEB79AS8PR03MB7622eurp_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/O6XHqhAge806F56dx0zqG_v1ndA>
Subject: [spring] Further thoughts on g-srv6/csid
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Oct 2021 14:38:43 -0000
Hi All, So - to understand the claims of compatibility between the behaviors within the same domain - I decided the best way to test this was to write some actual code to simulate it. I'm hoping to get the full simulation code out in the next 24 hours - but in the mean time I figured I'd add some thoughts here on the list so that any assumptions and readings I have of the documents that are incorrect can be corrected so I can adjust my code for these things to make it more accurate. However - so far, I observe the following. Firstly - on an ingress node that must encapsulate with a stack of srh headers - there is an assumption that the encapsulation is always going to be correct as regards the various node sid sizes and behaviors. For example - if you were to create something using purely next behavior - and in the network you were running a combination of 16bit and 32bit - the assumption is that the node receiving the packet is configured for that size - and the shift it does on the address matches that size. However, if the encapsulation is wrong - you could end up shifting 32bit when you meant to shift 16bit or vice versa - and ending up with some entirely undefined behavior - since the packet itself contains no information that lets the node determine the sid size its meant to shift by - it ASSUMES the encapsulating node got it right. That seems very fragile to me. This gets even worse in a mixed replace/next scenario. Again - because the node receiving the encapsulated packet has no way to determine from what I can see, what is in that routing header, you can end up with a situation where a node applies replace behavior to what is meant to be next behavior or vice versa - and again - undefined behavior. That's the very definition of fragile, since it assumes that either the controller always got it right, or in the case of something being statically configured for pathing, that the human who configured the path got the flavors right in their path definition - because there ain't no room for error there. Then - we get to the issue of the encapsulation itself. In the event that this is all controller driven - and the controller is constructing that SRH and the router is basically storing the SRH and just applying it - that's not gonna hurt. However, if the router itself has to do a mixed construction - that - is a pretty performance heavy operation by anyone's standards. Yes, the transit node can handle the behaviors at line rate - but the header construction at the ingress node makes me wonder about potential performance hits. (there are ways to mitigate this - which are going to be implementation dependent, but it would be worth making some suggestions on this in the document) Basically - what we've now got is a situation where - it can be argued these things can work together in the same domain - but the potential for breakage and undefined behavior is off the charts. Without some way embedded in the packet to verify what behavior and sid size is in that routing header - I can see not only mistakes happening - but potential exploitable issues here - because of the potential for defined behavior against wrong data which will produce undefined results. This is over and above the cases that Greg mentioned in his email - and in the simulation code - those things will be able to be simulated and it will become pretty clear as to the results. But - as I said - if anyone sees any problems with my assumptions here - please - let me know and I can adjust the simulation code before release. Thanks Andrew
- [spring] Further thoughts on g-srv6/csid Andrew Alston