IETF Logo Mail Archive

Re: [spring] C-SIDs and upper layer checksums (draft-ietf-spring-srv6-srh-compression)

Andrew Alston - IETF <andrew-ietf@liquid.tech> Thu, 04 April 2024 13:55 UTC

Return-Path: <andrew-ietf@liquid.tech>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECA64C169402 for <spring@ietfa.amsl.com>; Thu, 4 Apr 2024 06:55:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=liquid.tech
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L1PWRkP2YD0f for <spring@ietfa.amsl.com>; Thu, 4 Apr 2024 06:55:03 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2105.outbound.protection.outlook.com [40.107.21.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF9E7C180B43 for <spring@ietf.org>; Thu, 4 Apr 2024 06:54:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=R8d2X9X5LOU6OULwaxKWhYg/KNM+W0n0lwD0ogp+kLjZDeNfrOI+5DbW5uhaWU6tL7Ma1/q+lym9/5ZvTx1Z9nmQMwyBG16WJXOZT/DlAyjGUvIv/gHSCQ3xSAFrpGIfil527rloGll3d8bbEVcelFzexm2eFX3Q72XZ5fx1EKn3WzM7IlRmycSkFFgM08wZc+vHtS1IPv3TBR+ncBNB80VRsqQXVVryiLVi3sZRzAaKat3nw3OlkgA5Z85Goe0ko6cA1GZ+rpkJZuZdFg+t+6R/I8eFz7fkKuwGfq+VRlQMGS2nS1UpdUfJAu4doPiI4JISZeBMPtA5cG08PNeqbQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sp4rieEZRpJZtz7v5UTNvTnjAEZOtZUikDqFkoQRFAw=; b=bVwRkra0ZRrj8+NVbJ5rA29OjITnapI5PfgDN3n/4xpXd/fnB/RCP7VpJXANSIE4J4qxHg153GQt4KCsJzOsXwxwcPwdAt+MTk9MQz18gR3wSjNowgQSXUVYtGoj4OqqWWHti8EiU1A2oAVkx8AtAnbHt/tc4aowtIe27E1zXjEBrm/YPbI7uEmZVO5iDlu4Fu3bM3pMPzvcRY6Qid63ZFP/rJtWWTlT2kSAeI9/W/uCgI2t8ZgUkD7zQDkym1K26rVgY3L/G1ih0DyPD0F0sOQAhFLFT7lm5L7InoevSQ+W/3n7vfNtijBXJa0YeRIEaT0MsEyUdTUycUZkECwITQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=liquid.tech; dmarc=pass action=none header.from=liquid.tech; dkim=pass header.d=liquid.tech; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=liquid.tech; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sp4rieEZRpJZtz7v5UTNvTnjAEZOtZUikDqFkoQRFAw=; b=wbuG231b257CnfQQozv9rbZN0IlQKDV+ciFotp7phJgSrKlogcF6fmxVfqw/AjDS1gefCg1KIYhvW9Ca2kfclMb2moGEmdz0mgpImj5m2pi7Nk0e/uJGhNDCu+x6O0H4i9gcQJp+9w7oYj5kpBo9PE+v/6PfMwn3eR8b9iU0mLAEc4OfrX5Wk3X4VE9NjqutYtL804hLodOCyvndteot2gH8NOJ4+JnKQW/kBmpP3Qd/d5sErsPa1Xp6eQVaRQGjlSyerFaf3YmZXWKHOLykGpJMLhcPzR3RIwKDM32aUT4MkPuGqsfQvQp4DcSYe9eMnL7g9bSiRvaJwwhZscaxnA==
Received: from DU2PR03MB8021.eurprd03.prod.outlook.com (2603:10a6:10:2dc::9) by AM9PR03MB7694.eurprd03.prod.outlook.com (2603:10a6:20b:41e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.32; Thu, 4 Apr 2024 13:54:50 +0000
Received: from DU2PR03MB8021.eurprd03.prod.outlook.com ([fe80::1ed8:108f:76c2:adf7]) by DU2PR03MB8021.eurprd03.prod.outlook.com ([fe80::1ed8:108f:76c2:adf7%6]) with mapi id 15.20.7409.042; Thu, 4 Apr 2024 13:54:50 +0000
From: Andrew Alston - IETF <andrew-ietf@liquid.tech>
To: Robert Raszuk <robert@raszuk.net>
CC: Francois Clad <fclad.ietf@gmail.com>, Joel Halpern <jmh.direct@joelhalpern.com>, SPRING WG List <spring@ietf.org>
Thread-Topic: [spring] C-SIDs and upper layer checksums (draft-ietf-spring-srv6-srh-compression)
Thread-Index: AQHagQglTBAWLjx2/E+beXYg3VAJo7FXBz6AgAANLwCAAAGYAIAAA7wAgAAKJwCAAAGggIAA5IKAgAAb4YOAAAVDAIAAAZPy
Date: Thu, 04 Apr 2024 13:54:50 +0000
Message-ID: <DU2PR03MB80218B282BD8C6BD943E6B7BFA3C2@DU2PR03MB8021.eurprd03.prod.outlook.com>
References: <CAMMESsyCYJwWP48=a9RWx3n8txS1eR4VLnUeE++VEdHKFeKOjw@mail.gmail.com> <CAOj+MMH9-F0nWG6zDZXxAGOQ7T8T9bUn74f4o=Fh2p0zah86Gg@mail.gmail.com> <e50b6a1b-08ae-4c8c-b3f0-0900fe8a9158@joelhalpern.com> <CAOj+MME5yL2S9Y8woVhLpkx8Xjq8g1+Ngw0RjH7o5u82p-38yg@mail.gmail.com> <71b6f07e-08d6-40a0-9436-e4acebf96c3b@joelhalpern.com> <CAOj+MMGNbYy=QZdptdKfYa-1pGfO0OeEbc_SsOVcvhgR+==sHQ@mail.gmail.com> <e9731f5f-f583-456f-b1a2-ba99e1b9dda8@joelhalpern.com> <CAHT6gR8+y0nn8TndTsB5=uJXCpLW-01F6s1o9ZRrBA9yxQiqwQ@mail.gmail.com> <DU2PR03MB8021725C40A8BFF037A97C8FFA3C2@DU2PR03MB8021.eurprd03.prod.outlook.com> <CAOj+MMG+hEBGxpah7LDHE+8HRY1fd1sEbuoFpdsJufA24fe07A@mail.gmail.com>
In-Reply-To: <CAOj+MMG+hEBGxpah7LDHE+8HRY1fd1sEbuoFpdsJufA24fe07A@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_Enabled=True; MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_SiteId=68792612-0f0e-46cb-b16a-fcb82fd80cb1; MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_SetDate=2024-04-04T13:53:01.4225896Z; MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_ContentBits=0; MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_Method=Standard
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU2PR03MB8021:EE_|AM9PR03MB7694:EE_
x-ms-exchange-atpmessageproperties: SA
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: PSKoP8eO4Lo+ehiuSKKCJGNSK4TG6PHQJShLAYLDfq9478gkR3v3yc9zpVss0/C4rouc4xXiIDKvy4N7gBObNMJpZ5Kv2vlpDfo2W9hpB4te6qvz6fZ4iHp6daiqMXAtAulV8IHBOHPatwhbGi7JFDOKVMvcQdaRWGC3+WxWgyl0qcW4l8GiD5eD04jJAreHsTSsWoDfd0tiaSzZMlfX5w5kN7sVAgV3H7gVe/urJT13ZNaNcdlw45GfkyWrska7jImWP1tUl/8eBhBnSwYfYSyA6ATRbpAusXLimxCi6G//Cd62PMTFH/uemL3slNeCA7vumthHCfRla8k2FjmK9iy/oOoOuBC389d0z2SiyglblnD565Zj/Qgr4nEjYzCCYTOTMZsrIEZEesljQjAfPgugQDCF606k33KdokaueFXPxt3PBeARrCiZFdoV5Vn4g1k0kG1g4OT+RfaSjLBzWX3yxCkqNU6g4vZ4lmEt/08Gfcg3A7OH9yY6XPxNs8UVaoGgHf5/EXBUchTs837WVqEDej37hF3mQYKt4n/hI2UWBCFdOHAPqb1gex1nz6KUtchBQkcXa4YinTVN0d9HfSoKLvUUbgjB5gHFxBdia+w=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU2PR03MB8021.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(376005)(366007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: zEvvM3VlSnH0A0CADIH7r95j5V/ZgVh5nj5D7CxXm5/5pp0OvJHzS9pAFYyag3FAj5IBrFTyH24FrCwQc+mAhKn4KMyOPziL3QhkFF7GTOG1ZW4xImD4dxKiXWcD46ZlVGcEKCjhCfDGlMZnG9FWeiT0LIsK4AIRCAkHdSJVMNGrPh1X177ComSl5X4nvRGxhuyLHs+9aLIX3l5GfHgyQFabXkyNPgBYs5GBwSgujIeibolgLF5HuegzYs9Wf9GP3JW7nON9u+iL/ril23EkDgNDL1dTku5JnpA4ubjd7smdISzE0J/+E0/ENoDqirKiTJFxbDLne8LMd/yUjC35uH2IXScJLbo4tNv8mxTTdOxnyOhQw7Fd1HJMLQ/zPNjcjzztbs4qGe7/pr81FKjGGjZE7XAYfmdZ6aqUbUyxnReyycaLcCn1b8AEVsOHFoY+x59RtFkjKUZZK3lhjfHLJ+jMQm6lqkbfR9Q+qIf+qVwJVgdxYZs0o6FZZo9Ve5BK+D7+PnTOxqKOayDAGcr9bvomwglUizRFzCP3Qds1em8lZkU9K5Re1Sn2UIWCBz8WzWUZ7DxjMbfgGfEih8gwU4KR7IdOacQFLiQ3Nmn8ixnJIRACy83lQpoAttBuej8GgAZiB4x+Y6Bnt0i7VGdPUrViVUb3o3DdT0ux92TYHIF7QAMsw4eGNauMT8cUDUxGhciAVroVdqnu3HDMlhvHQpsEn2EbQaT4UAYy8XyYbuyaQB79H8CRAF4zpvaddo829HYH/3fv0tev3me942tvYqBW9wPMFoyD8kv4PxfEjpWzctEYBxrmy7+7gCatkmi3syLegIB9O7sLMCLsM63o7qjcTdWbv7TL9TR6BInZ6oP7tBiipS+eA8feOfmq3iOxyKLcivSq4NWpkjwV7wVLzyg6q/yPWS6P+eZTAyQjuYSTPm+HINhT0mmLUii2v0ThdYkvRNHgPl/+FcW4fRQCtZcp/SObybpVPkeIwWPMHmt/t3GBFKKWLF6TywcApgRTF8l851HDmFxqcU4NMqWMSovVbAMbOHqp2ywhTg6ZK2m/YkdYo4rtwCA5MfyRwpaM1lyeDiPCn+ZJTDXa6T/vCWz8kb2WwYDDIJP8S27WCQ9dpS/XQK1MJqQn910owIJfpTwpVnEtqB9N/dxsbcO5ivV4aZYak8vzEDYYZZtpenBQzykBRLWhm/+VQ2y1YCKmtNac3heQCiDT/Ra5mh+tb+KOyAHGnCjX75oiMoOK3qYnYtnmaRn5CkprQXOgL4oMg/A255A4VspByaK4VT/KVhM/AxV0++Q5IMvjgUtQY43LmqGVS8Shjp0rgHDABdrNheex65PjdVkNnrTrdgQR/rYe5LPF69dfUgRFMS2hWptDCbPNg03IlJLp1wINpg7NOSO+7oUdwxFYcDOoranPfqkgNsRKLYqfvGudPvJg1EFtQ0EzV8/RHOYa0JCsliLdZUMikCSpwEixUlL2wagPvxMdr9PRcEx4/myeBe7fL7zpMpdPvajRPtvq4oA9o+u0YvkO2dm4zCIJ+Aln6TYM9Sw6RazuXYYDqFhZ245zejIF2l1d7blyYkUT0JlJpI3yLCU7RHWGt23QZwUgYFuDnScDqsb0D9r6n8Zm5LHKDn8p1uOKHhYKYxoB+0lqRhwGl0ToVIypsxSmTinsBxTXNQ==
Content-Type: multipart/alternative; boundary="_000_DU2PR03MB80218B282BD8C6BD943E6B7BFA3C2DU2PR03MB8021eurp_"
MIME-Version: 1.0
X-OriginatorOrg: liquid.tech
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU2PR03MB8021.eurprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cf87440f-b2b7-45be-912f-08dc54aecc07
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Apr 2024 13:54:50.3757 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 68792612-0f0e-46cb-b16a-fcb82fd80cb1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: S3KJ+vSYOobbhwBP0C7CzVAyd7zwas8WRdn3GiLpRfiBx2JNazHfankt3+kK/Mfh2pENRZYZLtC6yCz/XgGhHQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR03MB7694
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/YQo6uIuHy1zz9TXIeE_yDtuMPnE>
Subject: Re: [spring] C-SIDs and upper layer checksums (draft-ietf-spring-srv6-srh-compression)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 13:55:08 -0000

Actualy Robert,

This will not work with or without TX hardware offload.

Please explain to me how the kernel will differentiate between a microsid destined packet with no SRH – and a normal Ipv6 packet – which btw – it can generate checksums for just fine.

Again – there is no encap here – it’s a packet – destined for a microsid – the kernel will have no way to differentiate.  Linux kernel checksumming will therefore break becauise it wont know that’s a microsid and the DA aint the final DA.

Andrew




Internal All Employees

From: Robert Raszuk <robert@raszuk.net>
Date: Thursday, 4 April 2024 at 16:47
To: Andrew Alston - IETF <andrew-ietf@liquid.tech>
Cc: Francois Clad <fclad.ietf@gmail.com>, Joel Halpern <jmh.direct@joelhalpern.com>, SPRING WG List <spring@ietf.org>
Subject: Re: [spring] C-SIDs and upper layer checksums (draft-ietf-spring-srv6-srh-compression)
Hi Andrew,

I am afraid this is nothing new. Moreover even if there is SRH or for that matter any other Routing Header none of the NIC drivers I know of can handle it correctly as far as TX Offload for checksum computation. Yet it did not stop RFC8200 from getting published.

Those deployment issues (in fact more then you have listed) with no encap has been well known and well documented for over 8 years now: https://segment-routing.org/index.php/Implementation/Issues

Last time I checked The IETF is not in the business of blocking documents based on implementation deficiencies and bugs. Quite contrary - it provides guidelines on what proper implementation should be doing which is exactly what section 6.5 does here.

Kind regards,
R.


On Thu, Apr 4, 2024 at 3:32 PM Andrew Alston - IETF <andrew-ietf@liquid.tech> wrote:
So in investgiating this further, there is a further problem.

I’ve checked on 4 different linux boxes with 4 different network cards.

Linux by default offloads TX checksumming on a lot of network cards.  If you originate a packet with a microsid and no SRH – and the linux box offloads the checksum generation – the checksum generated by the NIC will be incorrect – and when the packet arrives at the end host – if that end host is running RX checksumming – the checksum will fail and the packet will be dropped.

If you disable TX checksumming – the kernel will have no way to tell if the packet is an Ipv6 or a microsid packet, it will therefore use the DA – and generate an incorrect checksum.  Again – if RX checksumming is enabled on the receiving end point – the packet will get dropped.

Effectively this does NOT just affect middle boxes – it effects anything generating a packet directed to a microsid that either offloads the tx to hardware (whichi will have no clue this is a microsid) or in the alternative is generating tx checksums itself via kernel mechanisms that will treat these packets as standard Ipv6 packets.

This is broken – severely broken.

Andrew



Internal All Employees
From: spring <spring-bounces@ietf.org<mailto:spring-bounces@ietf.org>> on behalf of Francois Clad <fclad.ietf@gmail.com<mailto:fclad.ietf@gmail.com>>
Date: Thursday, 4 April 2024 at 14:49
To: Joel Halpern <jmh.direct@joelhalpern.com<mailto:jmh.direct@joelhalpern.com>>
Cc: SPRING WG List <spring@ietf.org<mailto:spring@ietf.org>>, Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>
Subject: Re: [spring] C-SIDs and upper layer checksums (draft-ietf-spring-srv6-srh-compression)
Some people who received this message don't often get email from fclad.ietf@gmail.com<mailto:fclad.ietf@gmail.com>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
CAUTION: This email has originated from a free email service commonly used for personal email services, please be guided accordingly especially if this email is asking to click links or share information.

Hi all,

Section 6.5 of draft-ietf-spring-srv6-srh-compression specifies how an SR source node originating a packet with an upper layer checksum determines the Destination Address for use in the IPv6 pseudo-header.

As a co-author, I’d say that the current text of 6.5 is good.

This text is aligned with RFC 8200. It only indicates how the text in Section 8.1 of RFC 8200 applies to the SIDs of draft-ietf-spring-srv6-srh-compression. This is necessary since RFC 8200 does not specify the format nor behavior of any source routing scheme.

Thanks,
Francois


On 4 Apr 2024 at 00:10:55, Joel Halpern <jmh.direct@joelhalpern.com<mailto:jmh.direct@joelhalpern.com>> wrote:

I can not speak to the "norm" for other working groups.  The SPRING charter is very specific about what we have to do if we want to change an underlying protocol.  We have to go back to the WG which owns that protocol.

6man gets to decide if the change is acceptable, and if it is acceptable how it is to be represented.  SPRINGs job is to make sure we are asking the question we intend.

Yours,

Joel
On 4/3/2024 6:05 PM, Robert Raszuk wrote:
Ok Joel,

Thank you for this clarification.

To me the actual spirit of RFC8200 8.1 is to say that it is ok to compute the checksum by the src such that it comes out right at the final destination.

But I guess we can have different opinions about that.

But what I find specifically surprising here is that it is a norm in IETF to have new specifications defining protocol extensions and their behaviour and never go back to the original protocol RFC to check if this is ok or not. If that would not be a normal process I bet we would still be using classful IPv4 routing all over the place.

Regards,
Robert


On Wed, Apr 3, 2024 at 11:28 PM Joel Halpern <jmh@joelhalpern.com<mailto:jmh@joelhalpern.com>> wrote:

The concern with regard to the text that the chairs are asking about is not about intermediate nodes verifying the checksum.  The text does not talk aabout that, so we are not asking about that.

But, the text in 8200 specifies how the originating node is to compute the upper layer checksum.  It doesn't say "do whatever you need to do to make the destination come out right".  It provides specific instructions.  Yes, it is understandable that those instructions do not cover the compressed container cases.  Which is why the compression document specifies changes to those procedures.

Thus, we need to ask 6man how they want to handle the change in the instructions in 8200.

the question we are asking SPRING is whether there is any clarification people want to the text in the compression draft before we send the question over to 6man.

Yours,

Joel
On 4/3/2024 5:15 PM, Robert Raszuk wrote:
Hi Joel,

My interpretation of text from RFC8200 is that it allows discrepancy between the header and the upper layer checksum as long as final packet's destination sees the correct one.

The last condition is met.

So I see no issue.

Sure RFC8200 does not talk about SRH nor cSIDs, but provides a hint on how to handle such future situations.

With that being said I would like to still understand what real problem are we hitting here ...

Kind regards,
Robert

On Wed, Apr 3, 2024 at 11:09 PM Joel Halpern <jmh@joelhalpern.com<mailto:jmh@joelhalpern.com>> wrote:

There are two cases covered in section 6.5 of the compression draft that appear to be at variance with secton 8.1 of RFC 8200.

First, if the final destination in the routing header is a compressed container, then the ultimate destination address will not be the same as the final destination shown in the routing header.

Second, if a uSID container is used as the destination address and no SRH is present, then in addition to the above problem there is no routing header to trigger the behavior described.

Yours,

Joel
On 4/3/2024 4:22 PM, Robert Raszuk wrote:
Hi Alvaro,

Section 6.5 of draft-ietf-spring-srv6-srh-compression describes the
behavior when an originating node inside an SRv6 domain creates a
packet with a C-SID as the final destination. This description differs
from the text in Section 8.1 of RFC8200.

I would like you to clarify the above statement - specifically of the last sentence.

Reason for this that after looking at both drafts I find section 6.5 of the subject draft to be exactly in line with RFC8200 section 8.1 especially with the paragraf which says:

         If the IPv6 packet contains a Routing header, the Destination
         Address used in the pseudo-header is that of the final
         destination.  At the originating node, that address will be in
         the last element of the Routing header; at the recipient(s),
         that address will be in the Destination Address field of the
         IPv6 header.

So before we dive into solutions (as Andrew has already provided a few of) I think we should first agree on what precise problem are we solving here ?

Many thx,
Robert

PS. As a side note I spoke with my hardware folks - just to check if validation of upper-layer checksum is even an option for transit nodes. The answer is NO as most data plane hardware can read at most 256 bytes of packets. So unless there is some specialized hardware processing up to 9K packets in hardware at line rates this entire discussion about checksum violations, fears of firing appeals is just smoke.

_______________________________________________
spring mailing list
spring@ietf.org<mailto:spring@ietf.org>
https://www.ietf.org/mailman/listinfo/spring

v2.23.0 | Report a Bug | By Email