IETF Logo Mail Archive

Re: [spring] IPv6 Addresses and SIDs

Gyan Mishra <hayabusagsm@gmail.com> Mon, 14 October 2019 20:47 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E4A6120104 for <spring@ietfa.amsl.com>; Mon, 14 Oct 2019 13:47:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PAlobHYHyyl3 for <spring@ietfa.amsl.com>; Mon, 14 Oct 2019 13:47:12 -0700 (PDT)
Received: from mail-lj1-x22c.google.com (mail-lj1-x22c.google.com [IPv6:2a00:1450:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67F0A12003E for <spring@ietf.org>; Mon, 14 Oct 2019 13:47:11 -0700 (PDT)
Received: by mail-lj1-x22c.google.com with SMTP id b20so17972134ljj.5 for <spring@ietf.org>; Mon, 14 Oct 2019 13:47:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=53xjUvsVN638k7gMsypD8ASpvSZpfTiFe8gemczBF40=; b=kFHqy/uZgdLcdykBbH4k/KqZryyBNHXQw5hQBTLU7VFJJZ6w2cGx13JijDL9vjShVe oj5M/e48uOW3xMco7eqs9Kp73GVL1fkaL0iUj4FBXLQWoU5bbN1sMNIxaf5YsfV4nGaG +Mc+dS0cQiH/c/RcDvt6o1JwFl3JbYgbC+JRPI9ikSe3k9c9YHQyqil/pzDaqJBCMGXa D11A/ZUS8Ur9KQk7LE6sMm6SZzVZKq8vB3SrSETfwOWRXOORXtJU98Os4szKmC/lxqNX 0TGG2WQBXa6iidUDJSU9zexOir+CN9RF5hT+WIpcKarnCtJjIZxE6JA+nMelL+Fyj4fS FNJQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=53xjUvsVN638k7gMsypD8ASpvSZpfTiFe8gemczBF40=; b=M5r3G0D7XuOhn1OnZlxVnPB4bslEjz2F52o4MHgOA1xJtbOmCgkqanlzczWWRvO1ej ae4VWjOCm63lVtOOcOVQ7XodRjbm2Ngw3WZl6SH0T2fYVgp8BvX1mJUaoMexI/KTX3aP sViOW7iEUi9K6jRANIFIwb+oNYuBpKjT44Blw1Wdwt98kU9uahB+4hZaa2PPWV7cY7sc S/jUvGpMpbgsFAOlGIbFRAOhZ+3geglIbQAbARKzIxnitJWfE4LPg6dL8Fe9SnsYSfvo mDn6N6ZDbyMXxpwwP1bT31bIHED2wMh9cPJeHAfqTBi9XzwzFnKHshIXTh1VPh07hyFx OS0Q==
X-Gm-Message-State: APjAAAU2Dr1xJY8EKvg7FWEced1lpaQY8P7F4LmZbQpC36bufx2deIVM B4lPb3OaIEea9iMh78hxK35iECTks8yNSvl9dxw=
X-Google-Smtp-Source: APXvYqxk3ECrskqGQdE0sYcFFYkx6zfmLQoOMfrLZ/Emj1fdDSpiORpeMtd3N7dXdg01cF/JGJU9lz23BncL+GVbeng=
X-Received: by 2002:a2e:a179:: with SMTP id u25mr14233449ljl.33.1571086028966; Mon, 14 Oct 2019 13:47:08 -0700 (PDT)
MIME-Version: 1.0
References: <SN6PR05MB5710CBAF8E6DF307401A2166AE9D0@SN6PR05MB5710.namprd05.prod.outlook.com> <f5eb739b-9ae4-433e-e6c0-8bcdb7bc575e@si6networks.com> <BYAPR05MB5703169601886283700608A5AE9F0@BYAPR05MB5703.namprd05.prod.outlook.com> <B6FE2A8B-B23B-4E9C-BB33-F6A5BD78C52B@gmail.com> <BN7PR05MB5699E5EA714CC64456771712AE940@BN7PR05MB5699.namprd05.prod.outlook.com> <1076F074-EB35-4D38-9949-4A241C946E07@gmail.com> <1fce4e24590847348894d10ca8bd5816@nokia-sbell.com> <D3FE1CA3-A8D1-4392-8EEC-CDCC7FC0827F@gmail.com> <BN7PR05MB56993D1127A8CA9CCC0E4A9AAE970@BN7PR05MB5699.namprd05.prod.outlook.com> <213BB95D-0E06-4E9A-B552-2A2466DC42AF@gmail.com> <04711680-e9c4-1159-58af-609517ee8bdf@joelhalpern.com> <CABNhwV3SyZNY6GrJF+wpgTmpM6DSts4gXQgdFTEgWfN876u5WQ@mail.gmail.com> <CABNhwV1Ym_AG7svmPUpmjGz600QyGRvtY5xNP0_K-hoGewUGTA@mail.gmail.com> <424b13a9a9bf4802b57c0609c92baad2@nokia-sbell.com> <BN7PR05MB569958ADB8E7BFF6C7EBC56AAE910@BN7PR05MB5699.namprd05.prod.outlook.com> <CAOj+MMHcTyCyO5Z3KyP5otW1Xgq7un2ypEGtjjWpr00j2t9dGw@mail.gmail.com> <BN7PR05MB5699B5C42BDBD5BF244CB4A8AE910@BN7PR05MB5699.namprd05.prod.outlook.com> <CAOj+MME70PYa7mkTRPKHqhg_1cMAvHLU0qZJx-=CjVy-ZKXpAA@mail.gmail.com> <BN7PR05MB56999C4E2F2D8E045D47E3C1AE900@BN7PR05MB5699.namprd05.prod.outlook.com> <5ae3ab05035f439db46fe5126b1476db@nokia-sbell.com> <CAO42Z2wA0TPFNQkfOA0iNMfojb8D=QcntwoUi0LbWN7no0DRQA@mail.gmail.com> <BN7PR05MB5699758BF49AFF2F70CA2BA3AE900@BN7PR05MB5699.namprd05.prod.outlook.com> <CAO42Z2wU9X-FaR1OZ_FKXMSfGNVw5bb0uJF1j1+7xkkwR9pxbA@mail.gmail.com>
In-Reply-To: <CAO42Z2wU9X-FaR1OZ_FKXMSfGNVw5bb0uJF1j1+7xkkwR9pxbA@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Mon, 14 Oct 2019 16:46:57 -0400
Message-ID: <CABNhwV1DCKOtcrLmD00a3D09uwGZqHCPRoLg21k6AvSFG1sFnA@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
Cc: Robert Raszuk <robert@raszuk.net>, Ron Bonica <rbonica@juniper.net>, SPRING WG List <spring@ietf.org>, "Wang, Weibin (NSB - CN/Shanghai)" <weibin.wang@nokia-sbell.com>
Content-Type: multipart/alternative; boundary="000000000000ab10a70594e4f80f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/RbB5WBLzHLD3dc4EVEZHFcA0zrk>
Subject: Re: [spring] IPv6 Addresses and SIDs
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Oct 2019 20:47:16 -0000

On Mon, Oct 14, 2019 at 4:31 PM Mark Smith <markzzzsmith@gmail.com> wrote:

>
>
> On Tue, 15 Oct 2019, 04:19 Ron Bonica, <rbonica@juniper.net> wrote:
>
>> Mark,
>>
>>
>>
>> Clearly, this does not comply with the addressing architecture. But I
>> think that the best we can do is to limit the damage.
>>
>
> Has SPRING tried?
>
> Assigning this address space to a virtual interface in the device would
> make it comply with the RFC 4291 architecture, and also provide a handle
> within the device for any other functions that could be operationally
> useful..
>
> For example, the SNMP MIB traffic counters for that virtual interface
> could show SR traffic volumes as distinct from other IPv6 traffic to, from
> or through the device. If there a different SR address spaces on the
> device, the could be attached to different virtual interfaces, providing
> more discrete SR traffic counters.
>
> Having a virtual SR interface would also provide a handle to attach a
> packet filter ACL to, which may be useful.
>
> Having used IP encryption implementations that both did and didn't
> represent traffic encryption paths as virtual tunnel interfaces, the tunnel
> virtual interfaces implementations (also eventually adopted by the
> non-virtual interface implementations) far more obvious and intuitive to
> work with.
>
> Regards,
> Mark..
>
> [Gyan]. Since we are requiring IPv6 encapsulation anyway on the ingress
> origin source node adding the  SRH EH in flight we could make it a GRE
> tunnel interface which would add 4 extra GRE bytes but would provide an
> interface for traffic statistics and mib counters depicting the IPv6 data
> plane identical to a 6in6 tunnel.
>


 Other even simpler option is to use a loopback with the dedicated SID /64
> prefix defines so its decoupled from any physical interface.
>

Since the traffic for SRv6 reuses the same IPv6 data plane the traffic
would go normally over the IGP routed enabled path to the next hop SID in
the SID list so the only gain from using GRE tunnel is if you want to be
able to decouple the SRv6 traffic from other IPv6 traffic since both share
the same data plane.

>
>>
>>
>> Ron
>>
>>
>>
>>
>>
>> *From:* Mark Smith <markzzzsmith@gmail.com>
>> *Sent:* Monday, October 14, 2019 4:08 AM
>> *To:* Wang, Weibin (NSB - CN/Shanghai) <weibin.wang@nokia-sbell.com>
>> *Cc:* Ron Bonica <rbonica@juniper.net>; Robert Raszuk <robert@raszuk.net>;
>> SPRING WG List <spring@ietf.org>
>> *Subject:* Re: [spring] IPv6 Addresses and SIDs
>>
>>
>>
>>
>>
>> On Mon, 14 Oct 2019, 16:45 Wang, Weibin (NSB - CN/Shanghai), <
>> weibin.wang@nokia-sbell.com> wrote:
>>
>> Hi Ron:
>>
>>
>>
>> Make sense, If there is a dedicated IPv6 block for SRv6 SID within SRv6
>> domain, then trouble situation you described does NOT occur, because the
>> IPv6 address covered within SRv6 SID prefix does not be involved ICMPv6 ND
>> protocol, because they are not configured under IP interfaces connected to
>> “Link”.
>>
>>
>>
>> That does not comply with the IPv6 Addressing Architecture RFC.
>>
>>
>>
>> (I think this is the 4th time SPRING have or are ignoring IPv6
>> specifications.)
>>
>>
>>
>> I also think that the authors of NET-PGM draft have indicated that SRv6
>> SID has a separate IPv6 block in their Draft, but they don’t yet clearly
>> stated which IPv6 block will be used for it.
>>
>>
>>
>>
>>
>> --------------------------------------
>>
>> *Cheers !*
>>
>>
>>
>>
>>
>> *WANG Weibin  *
>>
>>
>>
>>
>>
>> Juniper Business Use Only
>>
>> *From:* spring <spring-bounces@ietf.org> *On Behalf Of *Ron Bonica
>> *Sent:* 2019年10月14日 9:23
>> *To:* Robert Raszuk <robert@raszuk.net>
>> *Cc:* SPRING WG List <spring@ietf.org>
>> *Subject:* Re: [spring] IPv6 Addresses and SIDs
>>
>>
>>
>> Robert,
>>
>>
>>
>> Yeah, there were a few typos in my original message. What I meant to say
>> was:
>>
>>
>>
>>    - If a /64 contains a SID, it MUST NOT contain any addresses that
>>    represent interfaces.
>>    - If a /64 contains an address that represents an interface, it MUST
>>    NOT contain SIDs.
>>
>>
>>
>> If we don’t do this, we have to specify how nodes behave when they
>> receive ICMPv6 NS messages in which the target is:
>>
>>
>>
>>    - A locally instantiated SID
>>    - A SID learned from the IGP
>>
>>
>>
>>                                                                       Ron
>>
>>
>>
>>
>>
>> *From:* Robert Raszuk <robert@raszuk.net>
>> *Sent:* Sunday, October 13, 2019 6:57 PM
>> *To:* Ron Bonica <rbonica@juniper.net>
>> *Cc:* SPRING WG List <spring@ietf.org>
>> *Subject:* Re: IPv6 Addresses and SIDs
>>
>>
>>
>> Hi Ron,
>>
>>
>>
>> /64 prefix is a pile of addresses ... if someone would be to follow your
>> suggestion I could not allocate some blocks of that prefix on R1, then some
>> other blocks on R2 then yet more on my servers.
>>
>>
>>
>> You said:
>>
>>
>>
>> *“**With a /64, if one /128 represents an IPv6 interface, as described
>> in RFC 4291, all /128 MUST either:*
>>
>>
>>
>>    - *Represent an IPv6 interface, as described in RFC 4291, or*
>>    - *Be unassigned**”*
>>
>>
>>
>> Maybe you meant to say something else:
>>
>>
>>
>> *“**When a /64 is used as SRv6 locator prefix,** if one /128 represents
>> an IPv6 interface, as described in RFC 4291, all /128 MUST either:*
>>
>>
>>
>>    - *Represent an IPv6 interface, as described in RFC 4291, or*
>>    - *Be unassigned**”*
>>
>> But then you sent this to SPRINT indicating that 6MAN should be the
>> audience :).
>>
>>
>>
>> Best,
>> R.
>>
>>
>>
>>
>>
>> On Mon, Oct 14, 2019 at 12:45 AM Ron Bonica <rbonica@juniper.net> wrote:
>>
>> Robert,
>>
>>
>>
>> I’m having a hard time understanding exactly how I have violated the
>> longest match principle. Could you provide:
>>
>>
>>
>>    - A pointer to a statement of the longest match principle
>>    - A few words regarding how I have violated it
>>
>>
>>
>>                                                               Ron
>>
>>
>>
>>
>>
>> *From:* Robert Raszuk <robert@raszuk.net>
>> *Sent:* Sunday, October 13, 2019 5:24 PM
>> *To:* Ron Bonica <rbonica@juniper.net>
>> *Cc:* SPRING WG List <spring@ietf.org>
>> *Subject:* IPv6 Addresses and SIDs
>>
>>
>>
>> Hi Ron,
>>
>>
>>
>> I disagree.
>>
>>
>>
>> Your suggestion violates longest prefix match principle in routing.
>>
>>
>>
>> It is huge waist of address space and is not specific to IPv6 at all.
>>
>>
>>
>> Let me describe the deployment case where your suggestion would cause it
>> to break:
>>
>>
>>
>> I have /64 prefix where a few  /128s from that space I allocate to local
>> interfaces making it a local v6 destinations on those nodes.
>>
>>
>>
>> However in the spirit of CIDR I still want to to use some blocks of that
>> space - say  /126 or /124 as blocks which I only use to trigger local NAT
>> as per rfc6296. And NAT does not require local address to be a destination
>> address so it would be a big disservice to kill such deployment option.
>>
>>
>>
>> Many thx,
>> R.
>>
>>
>>
>>
>>
>> On Sun, Oct 13, 2019 at 10:59 PM Ron Bonica <rbonica=
>> 40juniper.net@dmarc.ietf.org> wrote:
>>
>> Folks,
>>
>>
>>
>> I think that we need a global rule that says:
>>
>>
>>
>> “With a /64, if one /128 represents an IPv6 interface, as described in
>> RFC 4291, all /128 MUST either:
>>
>>
>>
>>    - Represent an IPv6 interface, as described in RFC 4291, or
>>    - Be unassigned”
>>
>>
>>
>> The 6man WG will need to make such a statement since it owns RFC 4291.
>>
>>
>>
>>                                                              Ron
>>
>>
>>
>> Juniper Business Use Only
>>
>>
>>
>> Juniper Business Use Only
>>
>> _______________________________________________
>> spring mailing list
>> spring@ietf.org
>> https://www.ietf.org/mailman/listinfo/spring
>> <https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/spring__;!8WoA6RjC81c!SEkBOAmRsYlBjRKWx1gZ4eegKkzZOKQgTtZuXxMv5TgCiZMT9xl0OH0Q8pbdZee9$>
>>
>> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
>
-- 

Gyan S. Mishra

IT Network Engineering & Technology

Verizon Communications Inc. (VZ)

13101 Columbia Pike FDC1 3rd Floor

Silver Spring, MD 20904

United States

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

www.linkedin.com/in/networking-technologies-consultant

v2.23.0 | Report a Bug | By Email