IETF Logo Mail Archive

Re: [spring] SR-MPLS over IPv6?

Mark Smith <markzzzsmith@gmail.com> Fri, 27 September 2019 00:43 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5A9E120801 for <spring@ietfa.amsl.com>; Thu, 26 Sep 2019 17:43:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.397
X-Spam-Level:
X-Spam-Status: No, score=-0.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nz5SzRAwf7gm for <spring@ietfa.amsl.com>; Thu, 26 Sep 2019 17:43:32 -0700 (PDT)
Received: from mail-oi1-x243.google.com (mail-oi1-x243.google.com [IPv6:2607:f8b0:4864:20::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C17612013C for <spring@ietf.org>; Thu, 26 Sep 2019 17:43:32 -0700 (PDT)
Received: by mail-oi1-x243.google.com with SMTP id i185so3741830oif.9 for <spring@ietf.org>; Thu, 26 Sep 2019 17:43:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=np3I5B1jAGKbfvC3W4Bjznf/IwvPSNZJKT5uA1VHicc=; b=Gr0cSGER/bmwVd1Womjcq01XIIP+QlSKeNXRj8jGBKAQaB3Wvlwuhjiu+W6DqyPrGD jrSHeWVoHC71FTT+GK/+hQf1y6ycVYRWrXsqMGwWcYobb94sJg1ARdA231UBpTu+omzU 8Gp1fHY1sVipdKsXtf+H/GnTTestqcszN1SX8V4Z5Q/LF0fYFA+vtCDtTdnHidexJJPU b2Hf7br6zCAji9afmQLy5fP1xFTxRHpFP43g1OrtV40f45Q7YECmqcmOy2tWRMqqmLpI QvfiA4aebiq5GyEG8CAY2IbuHGLmuoXjwxoX1ZL26Eb8yH7opFejUyjk+9aeiEN8cgFw pOqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=np3I5B1jAGKbfvC3W4Bjznf/IwvPSNZJKT5uA1VHicc=; b=jgfzeGy6/p83U+HrWaKR1UFqLRFNqhdQZpK0v8scqXCjQRNnSNoDsrMsNCm9aCnxDl HfrEND4c8FP/7aLL2WsEVeDcSYSr0O+XwmP+6eODMLC8CIIB58BhvF0l/ThqDpo3n14a 6zv3JJIPQRtsojVRQz7WgwBD+MrONEQeDwIJjEcrXDofz8h1oZfColMKzycCm2/D8STn euzw/DA9Jfu77ld95bvWfPC3H0KLlqaBAx+2n+lWHAv48EWSh2CzgNezev9gbmpULuNN 6CNMB2SOkj/V+zwIMpS5jsE53Go03BBOWPcXA0uEBLTbHYTBML8iBzUVvQidKxZG9pTs axDg==
X-Gm-Message-State: APjAAAV8CF/UIbmve3BE9UuLxDLOwhSaFFDIlt3lAQLUNwvwtb81+ovT f4GtJHZ+zbEmyvMJy64nn2SsvwdnBzeIciF0e/0=
X-Google-Smtp-Source: APXvYqwYThqZRddFvNBzoKmELM89STIFJuiPlTCHl/Eh4WzVoJ6jlQX/FfXRqtrNUyIAeUtPAonZOU+ALq6g6gtKe+I=
X-Received: by 2002:aca:a9c3:: with SMTP id s186mr4936692oie.60.1569545011729; Thu, 26 Sep 2019 17:43:31 -0700 (PDT)
MIME-Version: 1.0
References: <C7C2E1C43D652C4E9E49FE7517C236CB02700FC1@dggeml529-mbx.china.huawei.com> <BN7PR05MB56994D4335D5ECCC9FE591A8AE840@BN7PR05MB5699.namprd05.prod.outlook.com> <3b7e474d-7462-4bc5-310c-6489516a0b1a@gmail.com> <d00cbf3d-823b-41e3-8759-21e50058a7eb@Spark> <4BB0E927-025D-4497-9DD1-0307FCBAFB97@bell.ca> <0613CA2A-E5A5-4D49-9F2B-A57CD9B702A0@cisco.com>
In-Reply-To: <0613CA2A-E5A5-4D49-9F2B-A57CD9B702A0@cisco.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Fri, 27 Sep 2019 10:43:19 +1000
Message-ID: <CAO42Z2xHNre-Sh_kc=qjWrQh-Z7dt77R0z2OdEanMGJmq8UOKw@mail.gmail.com>
To: "Zafar Ali (zali)" <zali@cisco.com>
Cc: "Bernier, Daniel" <daniel.bernier@bell.ca>, Jeff Tantsura <jefftant.ietf@gmail.com>, Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, "Chengli (Cheng Li)" <chengli13@huawei.com>, Stewart Bryant <stewart.bryant@gmail.com>, SPRING WG List <spring@ietf.org>, SING Team <s.i.n.g.team.0810@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000e2197005937e2c47"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/XCfmp9lE6zbvWDFn2ky72iWg4k0>
Subject: Re: [spring] SR-MPLS over IPv6?
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 00:43:36 -0000

Supposedly "Segment Routing" is an architecture according to RFC 8402, so
anything that satisfies the architecture can use the term "Segment Routing".

If SPRING want to play that game, then stop using "IPv6", because a number
of proposals blatantly and purposely don't comply with Internet Standard
RFC 8200, and other Standards Track RFCs like RFC 4291.

A proprietary variant of IPv6 isn't IPv6, it's something else.

On Fri, 27 Sep 2019, 02:17 Zafar Ali (zali), <zali@cisco.com> wrote:

> Hi Ron,
>
>
>
> I agree with Dan, Jeff and others that the name should NOT create
> confusion with an already established technology (SR).
>
> The name should reflect the design and the spirit of your proposal.
>
>
>
> To try to help you differentiate your solution, may I propose
>
>
>
> *“LIMPH: Label Indirection with MultiPle Headers”*
>
>
>
> Here is the rationale:
>
>    - A new system of mapping IDs to IP addresses is being introduced (btw
>    we’ve had MPLS for doing that for ages now and so is this really something
>    different?)
>    - Then these mapped IDs are spread across multiple IPv6 extension
>    headers (introducing 2 new RHs and 2 new DOHs) thereby introducing more
>    complexity in IPv6 processing. We have simpler existing solutions
>    [draft-ietf-mpls-sr-over-ip] i.e. {IPv6 NH = UDP, 8 byte UDP header, stack
>    of mapping IDs aka MPLS labels}.
>    - As Dan mentioned, there is the PSSI for implementing “limited
>    service chaining” which seems very similar to RFC8595 and is stateful and
>    “encodes a logical representation” of an NSH albeit with a simpler
>    encapsulation and without TLVs just as in RFC8595.
>
> Let’s your individual submissions not continue to cause confusion by
> making use of a marketing name that drags on the coattails of SRv6 (which
> has been adopted at the IETF and deployed by the industry).
>
>
>
> Thanks
>
>
>
> Regards … Zafar
>
>
>
>
>
> *From: *spring <spring-bounces@ietf.org> on behalf of "Bernier, Daniel" <
> daniel.bernier@bell.ca>
> *Date: *Wednesday, September 25, 2019 at 3:41 PM
> *To: *Jeff Tantsura <jefftant.ietf@gmail.com>, Ron Bonica <rbonica=
> 40juniper.net@dmarc.ietf.org>, "Chengli (Cheng Li)" <chengli13@huawei.com>,
> Stewart Bryant <stewart.bryant@gmail.com>
> *Cc: *SPRING WG List <spring@ietf.org>, SING Team <
> s.i.n.g.team.0810@gmail.com>
> *Subject: *Re: [spring] SR-MPLS over IPv6?
>
>
>
> Hi Ron,
>
>
>
> Similarly I would refrain from using the SR acronym since a key
> characteristic of the SR architecture as per RFC8402 is statelessness.
>
>
>
> As per current SRv6+ documents, state is required for an intermediate node
> to add the relevant next PSSIs in DOH. This is whether they are domain-wide
> defined or with local significance (i.e. prepending short-SID).
>
>
>
> Cheers,
>
>
>
> Dan B
>
>
>
> On 2019-09-25, 8:43 AM, "Jeff Tantsura" <jefftant.ietf@gmail.com> wrote:
>
>
>
> Agree with Stuart.
>
> SRinUDP is a well defined solution, let’s not mix things.
>
>
>
> Cheers,
>
> Jeff
>
> On Sep 25, 2019, 2:39 PM +0200, Stewart Bryant <stewart.bryant@gmail.com>,
> wrote:
>
>
> I agree.
>
> Inclusion of the term MPLS would cause confusion with
> draft-ietf-mpls-sr-over-ip, which is entitled SR-MPLS over IP. The design
> decribed in draft-ietf-mpls-sr-over-ip works over both IPv4 and IPv6. Also
> course, as Ron states, such a name is not a true refelction of the design.
>
> - Stewart
>
> On 24/09/2019 05:01, Ron Bonica wrote:
>
> Cheng,
>
>
>
> I have no problem with changing the name. SR-MPLS over IPv6 may not be
> appropriate, because MPLS is not part of the solution.
>
>
>
> Something like SR-extensible-6 or SR-compressed-6 might work.
>
>
>
>                                                                Ron
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* Chengli (Cheng Li) <chengli13@huawei.com> <chengli13@huawei.com>
> *Sent:* Monday, September 23, 2019 10:14 PM
> *To:* Ron Bonica <rbonica@juniper.net> <rbonica@juniper.net>; Jeff
> Tantsura <jefftant.ietf@gmail.com> <jefftant.ietf@gmail.com>
> *Cc:* SING Team <s.i.n.g.team.0810@gmail.com>
> <s.i.n.g.team.0810@gmail.com>; EXT - daniel.bernier@bell.ca
> <daniel.bernier@bell.ca> <daniel.bernier@bell.ca>; SPRING WG List
> <spring@ietf.org> <spring@ietf.org>
> *Subject:* RE: [spring] SR-MPLS over IPv6?
>
>
>
> Oh, I misunderstood the BSID in CRH in last email, sorry for that.
>
>
>
> Yes, the SID is not an IPv6 address in CRH, but a 16/32 bit value like
> MPLS label.
>
>
>
> Therefore, IMHO, it may not comply with RFC8402:
> https://tools.ietf.org/html/rfc8402#section-3.1.3
> <https://urldefense.com/v3/__https:/tools.ietf.org/html/rfc8402*section-3.1.3__;Iw!8WoA6RjC81c!WoPYW9IpnDYjcdhli0b80_-KyrOIBYFAZfip_NxPLB1-Bt7oHjt8uGU68K49j2yk$>
>
>
>
> If possible, I suggest to change the name of SRv6+, since it is not SRv6
> based. Something like SR-MPLS over IPv6 maybe better?
>
>
>
> Thanks,
>
> Cheng
>
>
>
>
>
> *From:* Ron Bonica [mailto:rbonica@juniper.net <rbonica@juniper.net>]
> *Sent:* Monday, September 23, 2019 10:45 PM
> *To:* Chengli (Cheng Li) <chengli13@huawei.com>; Jeff Tantsura <
> jefftant.ietf@gmail.com>
> *Cc:* SING Team <s.i..n.g.team.0810@gmail.com
> <s.i.n.g.team.0810@gmail.com>>; EXT - daniel.bernier@bell.ca <
> daniel.bernier@bell.ca>; SPRING WG List <spring@ietf.org>
> *Subject:* RE: [spring] A note on CRH and on going testing
>
>
>
> Cheng,
>
>
>
> In SRv6+, it would be very difficult to pollute the architecture because:
>
> -          A SID is either 16-or 32-bits long
>
> -          An IPv6 address is 128-bits long
>
> -          Therefore, it is impossible to copy a SID to an IPv6 address
> or an IPv6 address to a SID
>
> The binding SID will be a 16-or 32-bit topological instruction, found in
> the CRH. Like all topological instructions, it will identify an SFIB entry.
>
>
>
> There will be a new SFIB entry type that will contain the following
> information:
>
> -          An IPv6 Destination Address (to be used in the outer IPv6
> header)
>
> -          A list of SIDs (to be used in the CRH
>
>                                                                  Ron
>
>
>
>
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* Chengli (Cheng Li) <chengli13@huawei.com>
> *Sent:* Sunday, September 22, 2019 12:01 AM
> *To:* Ron Bonica <rbonica@juniper.net>; Jeff Tantsura <
> jefftant.ietf@gmail.com>
> *Cc:* SING Team <s.i..n.g.team.0810@gmail.com
> <s.i.n.g.team.0810@gmail.com>>; EXT - daniel.bernier@bell.ca <
> daniel.bernier@bell.ca>; SPRING WG List <spring@ietf.org>
> *Subject:* RE: [spring] A note on CRH and on going testing
>
>
>
> Hi Ron,
>
> Good to hear that. Looking forward to seeing it in the next revision.
>
> But I am curious that is a bind SID in CRH an interface IPv6 address only
> without any other semantics? Just like the other SIDs you mentioned in CRH.
>
> If not, this binding SID should not be introduced in to CRH since it
> pollutes the architecture.
>
> If yes, what’s the standard for an Interface IPv6 address?
>
> Thanks for confirming that BSID is needed in CRH. I totally agree with you.
>
> Best regards,
> Cheng
> ------------------------------
>
> 李呈 Cheng Li
> Email: chengli13@huawei.com
>
> *From:* Ron Bonica<rbonica@juniper.net>
>
> *To:* Jeff Tantsura<jefftant.ietf@gmail.com>;Chengli (Cheng Li)<
> chengli13@huawei.com>
>
> *Cc:* SING Team<s.i.n.g.team.0810@gmail.com>;EXT - daniel.bernier<
> daniel.bernier@bell.ca>;SPRING WG List<spring@ietf.org>
>
> *Subject:* RE: [spring] A note on CRH and on going testing
>
> *Time:* 2019-09-22 04:37:17
>
>
>
> Jeff,
>
>
>
> After an off-line conversation with the SRv6+ implementors, we decided
> that it would be trivial to add a binding SID to SRv6+. So, we will do that
> in the next version of the draft.
>
>
>
> In keeping with RFC 8200, it will prepend only. Since the CRH is short,
> insertion is not needed.
>
>
>
>
> Ron
>
>
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* Jeff Tantsura <jefftant.ietf@gmail.com>
> *Sent:* Saturday, September 21, 2019 4:32 PM
> *To:* Chengli (Cheng Li) <chengli13@huawei.com>; Ron Bonica <
> rbonica@juniper.net>
> *Cc:* SING Team <s.i..n.g.team.0810@gmail.com
> <s.i.n.g.team.0810@gmail.com>>; EXT - daniel.bernier@bell.ca <
> daniel.bernier@bell.ca>; SPRING WG List <spring@ietf.org>
> *Subject:* RE: [spring] A note on CRH and on going testing
>
>
>
> Hi Ron,
>
>
>
> Thanks for your comments, exactly, BSID MPLS label = CRH value :)
>
>
>
> Cheers,
>
> Jeff
>
> On Sep 20, 2019, 11:09 AM -0700, Ron Bonica <rbonica@juniper.net>, wrote:
>
> Hi Jeff,
>
>
>
> It would be easy enough to add a binding SID to SRv6+. Given customer
> demand, I would not be averse to adding one.
>
>
>
> However, there is another way to get exactly the same behavior on the
> forwarding plane without adding a new SID type.
>
>
>
> Assume that on Node N, we have the following SFIB entry:
>
>
>
> ·         SID: 123
>
> ·         IPv6 address: 2001:db8::1
>
> ·         SID type: prefix SID
>
>
>
> Now assume that was also have the following route on Node N:
>
>
>
> 2001:db8::1 -> SRv6+ tunnel with specified destination address and CRH
>
>
>
> This gives you the same forwarding behavior as a binding SID.
>
>
>
>                                                            Ron
>
>
>
>
>
>
>
> Juniper Business Use Only
>
> *From:* spring <spring-bounces@ietf.org> *On Behalf Of* Jeff Tantsura
> *Sent:* Thursday, September 19, 2019 10:53 PM
> *To:* Chengli (Cheng Li) <chengli13@huawei.com>
> *Cc:* SING Team <s.i..n.g.team.0810@gmail.com
> <s.i.n.g.team.0810@gmail.com>>; EXT - daniel.bernier@bell.ca <
> daniel.bernier@bell.ca>; SPRING WG List <spring@ietf.org>
> *Subject:* Re: [spring] A note on CRH and on going testing
>
>
>
> There’s number of solutions on the market that extensively use BSID for
> multi-domain as well as multi-layer signaling.
>
>
>
> Regards,
>
> Jeff
>
>
> On Sep 19, 2019, at 19:49, Chengli (Cheng Li) <chengli13@huawei.com>
> wrote:
>
> +1.
>
>
>
> As I mentioned before, Binding SID is not only for shortening SID list.
>
> We should see the important part of binding SID in inter-domain routing,
>  since it hides the details of intra-domain. Security and Privacy are
> always important.
>
>
>
> Since the EH insertion related text will be removed from SRv6 NP draft, I
> don’t think anyone will still say we don’t need binding SID.
>
> Let’s be honest, Encap mode Binding SID is very useful in inter-domain
> routing. It is not secure to share internal info outside a trusted network
> domain.
>
>
>
> Cheng
>
>
>
>
>
> *From:* spring [mailto:spring-bounces@ietf.org <spring-bounces@ietf.org>] *On
> Behalf Of* Bernier, Daniel
> *Sent:* Thursday, September 19, 2019 11:36 PM
> *To:* SING Team <s.i..n.g.team.0810@gmail.com
> <s.i.n.g.team.0810@gmail.com>>
> *Cc:* 'SPRING WG List' <spring@ietf.org>
> *Subject:* Re: [spring] A note on CRH and on going testing
>
>
>
> +1
>
>
>
> This is what we did on our multi-cloud trials.
>
>
>
> Encap with Binding SID to avoid inter-domain mapping + I don’t need to
> have some sort of inter-domain alignment of PSSIs
>
>
>
> Dan
>
>
>
> On 2019-09-19, 11:18 AM, "spring on behalf of SING Team" <
> spring-bounces@ietf.org on behalf of s.i.n.g.team.0810@gmail.com> wrote:
>
>
>
> Hi Andrew,
>
> Good to hear that reality experiment :)
>
> But is it secure to share internal SID-IP mappings outside a trusted
> network domain?
>
> Or is there an analogue like Binding SID of SRv6, in SRv6+?
>
> Btw, PSSI and PPSI can not do that now, right?
>
> Best regards,
> Moonlight Thoughts
>
>
> (mail failure, try to cc to spring again.)
>
> On 09/19/2019 17:49, Andrew Alston <Andrew.Alston@liquidtelecom.com>
>  wrote:
> Hi Guys,
>
> I thought this may be of interest in light of discussions around
> deployments and running code - because one of the things we've been testing
> is inter-domain traffic steering with CRH on both our DPDK implementation
> and another implementation.
>
> So - the setup we used last night:
>
> 6 systems in a lab - one of which linked to the open internet.  Call these
> S1 -> S6
> 3 systems in a lab on the other side of the world - no peering between the
> networks in question.  Call these R1 -> R3
>
> We applied a SID list on S1, that steered S1 -> S2 -> S3 -> S6 -> R1 ->
> R3, with the relevant mappings from the CRH SID's to the underlying
> addressing (S2 had a mapping for the SID for S3, S3 had a mapping for the
> SID corresponding to S6, S6 had a mapping for the SID corresponding to R1
> etc)
>
> Then we sent some packets - and the test was entirely successful.
>
> What this effectively means is that if two providers agree to share the
> SID mappings - it is possible to steer across one network, out over an open
> path, and across a remote network.  Obviously this relies on the fact that
> EH's aren't being dropped by intermediate providers, but this isn't
> something we're seeing.
>
> Combine this with the BGP signaling draft - and the SID's can then be
> signaled between the providers - work still going on with regards to this
> for testing purposes.  Just as a note - there would be no requirement to
> share the full SID mapping or topologies when doing this with BGP - the
> requirement would be only to share the relevant SID's necessary for the
> steering.
>
> I can say from our side - with various other providers - this is something
> that we see *immense* use case for - for a whole host of reasons.
>
> Thanks
>
> Andrew
>
>
> _______________________________________________
> spring mailing list
> spring@ietf..org <spring@ietf.org>
> https://www.ietf.org/mailman/listinfo/Spring
> <https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/Spring__;!8WoA6RjC81c!U4_s7somKP_KyQ3viBMIcXpk_pTMYlY11nTHMB2b-JTdTLKi9mnrF1wu_DoXwIdf$>
>
>
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
> <https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/spring__;!8WoA6RjC81c!U4_s7somKP_KyQ3viBMIcXpk_pTMYlY11nTHMB2b-JTdTLKi9mnrF1wu_Ll7ej5P$>
>
>
>
>
> _______________________________________________
>
> spring mailing list
>
> spring@ietf.org
>
> https://www.ietf.org/mailman/listinfo/spring
>
> ------------------------------
>
> *External Email:** Please use caution when opening links and attachments
> / **Courriel externe:** Soyez prudent avec les liens et documents joints *
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
>

v2.23.0 | Report a Bug | By Email