IETF Logo Mail Archive

Re: [spring] [IPv6] Subject: Mandating SRH when using C-SIDs (draft-ietf-spring-srv6-srh-compression)

Ketan Talaulikar <ketant.ietf@gmail.com> Mon, 08 April 2024 15:55 UTC

Return-Path: <ketant.ietf@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD36BC151082; Mon, 8 Apr 2024 08:55:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I357DMkQB5TR; Mon, 8 Apr 2024 08:55:30 -0700 (PDT)
Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04286C15107A; Mon, 8 Apr 2024 08:55:29 -0700 (PDT)
Received: by mail-lf1-x135.google.com with SMTP id 2adb3069b0e04-51381021af1so7394510e87.0; Mon, 08 Apr 2024 08:55:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712591728; x=1713196528; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=ebWlL+DzIuxB0DNEpBr9DlXVK35ZEWSyb3ahuQKiGKU=; b=eOSkL3OiN8jDq91yyMICWiOzdvVNT/EyYlvjEmMtfjYdzAPJVj7QP2TZZeLrW0udvv AqpI0huwsfVHvrKCxtHhgScXFrHRwzYcT559wJlCvOi5oMZ/j5T4+intukQX2fO8IpXF q9JnepI9TdBmRSdncWeGVWAIYMjBivuEGycj3Br5TXTIP4YAO19cm81bJdaHT31vqpHd D2mfGPDXH8nXWtNrTxh1ZL+wms/4XYXu6Rm0/hvXOHHhi1zddbK4L5/B/heh11K4cNrP KmDhzrPPbwhy8GHTxyQPX21ndfixus/WhGel6nvunISDesfvKpxfKlV2gmkAHvI3blJ+ Ryrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712591728; x=1713196528; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ebWlL+DzIuxB0DNEpBr9DlXVK35ZEWSyb3ahuQKiGKU=; b=eNSYkKmGuh6PEiQKTiT93t9929NeAT5dfKkVSsz5uwrzXcUpZVJ0gy9KSJJhWVstPK FWtQO3qxjzkSzPfy6lDfpY+6jvcxPV5jLJxYoJuoQfJUTsBTfyYsBFxtI6ThxMTCVgFe /2dTqJOymP8betGBuBRoYQGuwLs1a7feGLkcrZ40wUYfrJTdFbs+3sIdEW+rzb8zI6Gl eVpH4ey4aopusJZZmew7X7vcv4HGuSatog9pDYdPomnmfU9lKwgU/Tf+wGMy4sFPO4F0 koiqGJk8uuhTUhmXHmVE36NDU8XOe1DjBv59l5paVb2UxG/D0WZ4CLH+ouBk7oqihJhE 8ygw==
X-Forwarded-Encrypted: i=1; AJvYcCWbF7fOAP+LlegbU+BYh/8RN7mOPff6Fa7t83GH3LW4qf7RpklS7s/AnIkwTOQSoSZa0YxdWLoV3/L1ySWAsBvE5wxF6lOUmpb9jbmcme66uUsH/Ife
X-Gm-Message-State: AOJu0YwOfW6IW06L5Wxwx5TMHWDHJDmKakIa2jQD3o4ELhUKbRiwD+4J pQigjnP/iKgEtEXglZZkkpLxmIq6VIaoFeFh7jLeFAy/yNcuOZyl3QDtPSztIM4qdEsSPOIH3zV aUb/zPN5TpcBPg+FKLRyApnQLukQa2t0/ysQ=
X-Google-Smtp-Source: AGHT+IGyNVsp3TMLQP9JYVqaSNU1Tva4tnBcFQxhOe9zLD03IJJ1pVyvUkHsgTP/kYcdITv5YQLHT9mG4dFhsKDktRs=
X-Received: by 2002:a05:6512:4d1:b0:515:9c73:e29a with SMTP id w17-20020a05651204d100b005159c73e29amr7285225lfq.66.1712591727366; Mon, 08 Apr 2024 08:55:27 -0700 (PDT)
MIME-Version: 1.0
References: <CAMMESszUUdDw-xnDtZKqz75g6SXZ+7mXtZujBKwN+hxypC-Kuw@mail.gmail.com>
In-Reply-To: <CAMMESszUUdDw-xnDtZKqz75g6SXZ+7mXtZujBKwN+hxypC-Kuw@mail.gmail.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Mon, 08 Apr 2024 21:25:15 +0530
Message-ID: <CAH6gdPzm-VXPwaPOjN0GqitDrNfMOyiXZRtMZDF7n5kjCu=X7g@mail.gmail.com>
To: Alvaro Retana <aretana.ietf@gmail.com>
Cc: SPRING WG List <spring@ietf.org>, 6man <ipv6@ietf.org>, "spring-chairs@ietf.org" <spring-chairs@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008e1f8f061597d5f6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/_P7x9kudG6_C78YbavEULJeU4iI>
Subject: Re: [spring] [IPv6] Subject: Mandating SRH when using C-SIDs (draft-ietf-spring-srv6-srh-compression)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2024 15:55:30 -0000

Hi Alvaro,

I have some concerns about the second paragraph of your email. Compressed
SRv6 SIDs (C-SID) are still SRv6 and therefore everything from existing
SRv6 RFCs apply and those aspects are very much foundational to this C-SID
document as well.

RFC8754 has introduced the omission of SRH (sec 4.1) and reduced SRH
behavior (sec 4.1.1) when not required. When taken along with RFC8986
(H.Encap.*) and the most common use-cases for BGP services (RFC9252) where
for many scenarios (best effort or flex algo) SRH is not needed. This is
something that is already widely deployed by operators around the world in
production networks.  Mandating SRH, when one is not required, compromises
compression efficiency without bringing any advantages.

The presence of SRH is never a necessary or sufficient criterion for
identification of "SRv6 packets" in any SRv6 related RFC - perhaps this may
not be evident to some folks that are not closely following SRv6. Even when
SRH is encoded by the SR Source Node, it can be removed by Segment Endpoint
Node when using PSP flavors per RFC8986. The base SRv6 RFCs, therefore,
refer to allocation of SRv6 SIDs from within an SRv6 SID block and use that
for identification (e.g., filtering for security purposes in RFC8754 ) of
traffic flows being steered using SRv6 SIDs.

Finally, regarding the so-called "issue" related to the upper layer
checksum validation by transit nodes. Here, I will say that those nodes
need to be SRv6/C-SID (or, in general, any RH) aware for doing such
checksum validation - the presence or absence of SRH makes zero difference.
I've responded in more detail on the other thread on this.

Thanks,
Ketan

On Thu, Mar 28, 2024 at 5:36 PM Alvaro Retana <aretana.ietf@gmail.com>
wrote:

> Focusing on the C-SID draft, some have suggested requiring the
> presence of the SRH whenever C-SIDs are used. Please discuss whether
> that is the desired behavior (or not) -- please be specific when
> debating the benefits or consequences of either behavior.
>
> Please keep the related (but independent) discussion of requiring the
> SRH whenever SRv6 is used separate. This larger topic may impact
> several documents and is better handled in a different thread (with
> 6man and spring included).
>
> Thanks!
>
> Alvaro
> -- for spring-chairs
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email