Re: [spring] SRv6 Network Programming - ICMP Source Address Selection
Mark Smith <markzzzsmith@gmail.com> Mon, 13 January 2020 21:44 UTC
Return-Path: <markzzzsmith@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2426012006D for <spring@ietfa.amsl.com>; Mon, 13 Jan 2020 13:44:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.498
X-Spam-Level:
X-Spam-Status: No, score=-0.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N4kk64PJRaKO for <spring@ietfa.amsl.com>; Mon, 13 Jan 2020 13:44:12 -0800 (PST)
Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1DCA12002F for <spring@ietf.org>; Mon, 13 Jan 2020 13:44:11 -0800 (PST)
Received: by mail-ot1-x334.google.com with SMTP id 66so10460525otd.9 for <spring@ietf.org>; Mon, 13 Jan 2020 13:44:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NJqP7b2KsL7VA7pkJOG7Wh/Itum31RWVbVRiALNxnBI=; b=DJb9JCoEP3BLMz9T5i/cnPOyLMorb8zEAMw/rx1joKvr89YgtFvAPsDJlx46HBNsIQ ZhruLNAQbqsvnlogQhVEYg3z5HZTK+LPnGJYM3HXajLsf8OjCHPrhR4i26kQDrE4XGLO 6dGwWwN4BMMzKw54nylNbiuG30/dxIoek2lRA/cyv5HUKejSH0/gqBP6PebBJ2W55lww EtgBPyx9ngDPrMdBJPwnyrCI221jZ+gOmzrF8wpEUz1Rr0AfSlxnZGespm2h9NhxG9rD 00f7I+D3ptT4Hj9jE/12iAQKDK6V/Z7y51wpd6ikhaLxPUf6NeNYzAS/Q5aYwwlAeQsT VpEA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NJqP7b2KsL7VA7pkJOG7Wh/Itum31RWVbVRiALNxnBI=; b=ETmyhdVa5giaNmouCaDQ8RAluPZgmYFEDHcENiKxkIe0ilYDaMOOP6SzeHgzEzSVSe 1l/p+wbPtfdqkVnIlR1lqZcIWR4XowM4rNKel4TxXKfxYe4dJ2o5qAa9wwPJOxd2Umno NbmTUeE4ljzbMWR/J0UUye/dK4TxjhF66f/tFWIw4h+ICL8yBfD9QmvHERqhMFJTFgGk E9IUXK3wz2Dh9hlXlNP1R6I/99GPJu3Ao8E6n0lq7wjp2ooBkZgnBs7V1OmmDyjPQMvs VSoDsqJ1chNRkwMl8veyAt5/hDTk474RYngXCGEPOFYNaIIQo7Z+wtg0TPgh/iGPHmpg W5/Q==
X-Gm-Message-State: APjAAAW3NT5Ak5jjQ/UMNhDr+uAVZ2z3NNmDn6ahOpH6xgCY7JTlMKTD NQJxpf9bGZH5QnmZ4Ffs2ihe/tUP7Dyr/jipic6r5A==
X-Google-Smtp-Source: APXvYqziYwMof4EQ6c4K/8q1x4Q4ewlE1WQEblFiLl7ZKOukjdnG6kf/2ZPU7fz4QVjFlvJF80L89otq6MhbIyt18qY=
X-Received: by 2002:a05:6830:151a:: with SMTP id k26mr15415259otp.74.1578951850944; Mon, 13 Jan 2020 13:44:10 -0800 (PST)
MIME-Version: 1.0
References: <B91AA98B-F605-4C6B-AFAF-C9FDEA703460@cisco.com> <BN7PR05MB5699B27F84C5E8051028D97AAE2C0@BN7PR05MB5699.namprd05.prod.outlook.com> <44F0ED35-5684-4594-BB29-BDCC193284A4@cisco.com> <BN7PR05MB39386FA6A2666370FF07FAA7AE3F0@BN7PR05MB3938.namprd05.prod.outlook.com> <CEB721B4-DA87-4838-BA6D-499D38A33936@cisco.com> <BN7PR05MB3938FEE1C2F83C919D4CFA2AAE380@BN7PR05MB3938.namprd05.prod.outlook.com> <DF0DC4A0-37D7-4943-BFC2-D152BB9E8D38@cisco.com> <3b5c9226-6c3a-0670-9f7f-c8dbf363f5d9@joelhalpern.com>
In-Reply-To: <3b5c9226-6c3a-0670-9f7f-c8dbf363f5d9@joelhalpern.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Tue, 14 Jan 2020 08:43:58 +1100
Message-ID: <CAO42Z2x37qaZQ+SRwHB8p9MU88c-PvCHE6ofQoibN_BKwrf1eQ@mail.gmail.com>
To: "Joel M. Halpern" <jmh@joelhalpern.com>
Cc: "Pablo Camarillo (pcamaril)" <pcamaril@cisco.com>, Ron Bonica <rbonica@juniper.net>, "spring@ietf.org" <spring@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000316dae059c0c6017"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/dgfaoy6K7E1vd4lktfhwqt3fdrk>
Subject: Re: [spring] SRv6 Network Programming - ICMP Source Address Selection
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jan 2020 21:44:15 -0000
On Tue, 14 Jan 2020, 05:29 Joel M. Halpern, <jmh@joelhalpern.com> wrote: > Let me try asking the question a different way. (I hope I understand > Ron;s question.) > > RFC 4443 clearly allows the ICMP source to be the destination address of > the offending packet. You seem to be saying that sometimes that is okay > for SRH / network programming. > > At the same time, the SRH document and the network programming document > are both quite clear that SRv6 SIDs are not IPv6 addresses. They are > other kinds of things that can be prefix routed. > If SRv6 SIDs are NOT IPv6 addresses, then there would seem to be a > problem with putting them in the source address field of an ICMP > message. I'd say if SRv6 SIDs are stated not to be IPv6 addresses, then I think there is a problem with using their values anywhere with and in the IPv6 protocol, including packets' DA fields, unless there is a translation function between SRv6 SIDs and IPv6 addresses. The translation function might be nothing more than a simple copy of the 128 bit SID value into the place where it will be used in IPv6, and I understand this would be the motivation for having 128 bit SIDs in SRv6 and 20 bit SIDs in SR-MPLS. However that then means SID values always have to comply with IPv6 address requirements and formats, regardless of SR context. Otherwise, the translation function needs to be a transform between SRv6 SIDs and IPv6 addresses. There is no document that describes or allows anything other > than an IPv6 address as the source address of an IPv6 ICMP. > > It seems like it ought to be possible to clarify this with some text. > It does seem that something ought to be said. > > Yours, > Joel > > On 1/13/2020 12:30 PM, Pablo Camarillo (pcamaril) wrote: > > Ron, > > > > You cannot pre-select or enforce one of the two options you refer to > below. > > > > The ICMP behaviors/considerations for SRv6 NET-PGM are the same as in > > the SRH. > > > > It boils down to: when you generate an ICMP Parameter Problem Message > > you follow the logic described in RFC4443 section 2.2 to choose the > > source address of the packet. > > > > RFC4443 offers two options A and B. > > > > In your implementation you need to develop both options and depending on > > the type of address you will choose either A or B. It is not possible to > > create an implementation shortcut and pre-select/enforce only one of > them. > > > > Can you please point me to the text in > > draft-ietf-spring-srv6-network-programming that suggests that the ICMP > > considerations are changed with respect to the SRH? I believe there is > none. > > > > Thank you, > > > > Pablo. > > > > *From: *Ron Bonica <rbonica@juniper.net> > > *Date: *Friday, 10 January 2020 at 20:09 > > *To: *"Pablo Camarillo (pcamaril)" <pcamaril@cisco.com> > > *Cc: *"spring@ietf.org" <spring@ietf.org> > > *Subject: *RE: [spring] SRv6 Network Programming - ICMP Source Address > > Selection > > > > Pablo, > > > > So, in Section 4.1, Line S03, an SRv6 node sends an ICMP Parameter > > Problem Message. What is the source address in that message? > > > > Is it the destination address of the offending packet (i.e., A SID)? Or > > is in the address of an interface on the SRv6 node? > > > > > > Ron > > > > Juniper Business Use Only > > > > *From:*Pablo Camarillo (pcamaril) <pcamaril@cisco.com> > > *Sent:* Friday, January 10, 2020 11:54 AM > > *To:* Ron Bonica <rbonica@juniper.net> > > *Cc:* spring@ietf.org > > *Subject:* Re: [spring] SRv6 Network Programming - ICMP Source Address > > Selection > > > > Ron, > > > > There is no behavior in draft-ietf-spring-srv6-network-programming that > > proposes to encode a SID in the source address of the IPv6 header. > > > > If in the future someone would propose to do such thing in another I-D; > > it is up to those authors to justify why they would want to do this, and > > how to ensure that the processing does not break any other protocol. But > > as said, this is not in the scope of > > draft-ietf-spring-srv6-network-programming. > > > > Regarding the ICMP messages: > > > > SRH follows RFC4443 Section 2.2 with respect to how to select the ICMP > > Source Address. > > > > SRv6 Network Programming does not change this (it simply follows the > > SRv6 rules defined by the SRH). > > > > In your email you refer to a possibility of future protocols breaking > > this. I don’t think that we can guess what future protocols will do, and > > it is up to those future protocols to ensure compatibility with the > > existing standards. > > > > Thanks, > > > > Pablo. > > > > *From: *Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net>> > > *Date: *Tuesday, 7 January 2020 at 19:07 > > *To: *"Pablo Camarillo (pcamaril)" <pcamaril@cisco.com > > <mailto:pcamaril@cisco.com>> > > *Cc: *SPRING WG <spring@ietf.org <mailto:spring@ietf.org>> > > *Subject: *RE: [spring] SRv6 Network Programming - ICMP Source Address > > Selection > > > > Pablo, > > > > Let me try to ask the question another way: > > > > 1)Is it generally acceptable for a SID to appear in the source address > > field of an IPv6 header? > > > > 2)Can an exception be made for ICMP messages? > > > > I think that the answer to the first question is “no”, because doing so > > would break ICMP. Think about what would happen if: > > > > -Node S sends a packet to Node D with a SID S as its source address. > > > > -Node Q is an intermediate node on the path from Node S to Node D. For > > some reason, Node Q cannot forward the packet. > > > > -Node Q sends an ICMP message to Node S. The ICMP destination address is > > SID S. > > > > -The ICMP message arrives at Node A > > > > -Node A discards the ICMP message, because the payload is ICMP > > > > It might be OK to make an exception for ICMP messages. This is because > > RFC 4443 forbids sending an ICMP message in response to another ICMP > > message. However, I am not entirely sure that this is a good idea. One > > day in the future, some protocol other than ICMP may try send a response > > to the source address of the ICMP message. > > > > > > Ron > > > > Juniper Business Use Only > > > > *From:*Pablo Camarillo (pcamaril) <pcamaril@cisco.com > > <mailto:pcamaril@cisco.com>> > > *Sent:* Tuesday, January 7, 2020 4:18 AM > > *To:* Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net>> > > *Cc:* SPRING WG <spring@ietf.org <mailto:spring@ietf.org>> > > *Subject:* Re: [spring] SRv6 Network Programming - ICMP Source Address > > Selection > > > > Ron, > > > > It’s good to see agreement on the fact that SRH follows RFC4443 Section > > 2.2 with respect to how the ICMP Source Address is selected. > > > > Can you please point me to the text in > > draft-ietf-spring-srv6-network-programming that changes the behavior > > below from RFC4443 Section 2.2? I believe there is no such text. > > > > Thanks, > > > > Pablo. > > > > *From: *Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net>> > > *Date: *Saturday, 21 December 2019 at 20:59 > > *To: *"Pablo Camarillo (pcamaril)" <pcamaril@cisco.com > > <mailto:pcamaril@cisco.com>> > > *Cc: *"spring@ietf.org <mailto:spring@ietf.org>" <spring@ietf.org > > <mailto:spring@ietf.org>> > > *Subject: *RE: [spring] SRv6 Network Programming - ICMP Source Address > > Selection > > > > Pablo, > > > > Section 2.2 of RFC 4443 offers the following options: > > > > “ (a) If the message is a response to a message sent to one of the > > > > node's unicast addresses, the Source Address of the reply MUST be > > > > that same address. > > > > (b) If the message is a response to a message sent to any other > > > > address, such as > > > > - a multicast group address, > > > > - an anycast address implemented by the node, or > > > > - a unicast address that does not belong to the node > > > > the Source Address of the ICMPv6 packet MUST be a unicast address > > > > belonging to the node. “ > > > > So, the question boils down to whether you consider a SID to be one of > > the node’s unicast addresses. If so, the answer is a). If not, the > > answer is b). > > > > So, which is it? > > > > Happy Holidays, > > > > Ron > > > > Juniper Business Use Only > > > > *From:*Pablo Camarillo (pcamaril) <pcamaril@cisco.com > > <mailto:pcamaril@cisco.com>> > > *Sent:* Friday, December 20, 2019 12:30 PM > > *To:* Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net>> > > *Cc:* spring@ietf.org <mailto:spring@ietf.org> > > *Subject:* Re: [spring] SRv6 Network Programming - ICMP Source Address > > Selection > > > > Ron, > > > > I guess that draft-ietf-6man-segment-routing-header does not contain any > > explicit text about it because it is not needed. > > > > Instead draft-ietf-6man-segment-routing-header contains a reference to > > RFC4443 that details in section 2.2 how to select it. > > > > There is no text in draft-ietf-spring-srv6-network-programming that > > changes such behavior. > > > > Happy Holidays, > > > > Pablo. > > > > *From: *spring <spring-bounces@ietf.org > > <mailto:spring-bounces@ietf.org>> on behalf of Ron Bonica > > <rbonica=40juniper.net@dmarc.ietf.org > > <mailto:rbonica=40juniper.net@dmarc.ietf.org>> > > *Date: *Thursday, 19 December 2019 at 14:59 > > *To: *"Pablo Camarillo (pcamaril)" <pcamaril@cisco.com > > <mailto:pcamaril@cisco.com>>, "spring@ietf.org <mailto:spring@ietf.org>" > > > <spring@ietf.org <mailto:spring@ietf.org>> > > *Subject: *Re: [spring] SRv6 Network Programming - ICMP Source Address > > Selection > > > > Pablo, > > > > Can you provide a specific reference into > > draft-ietf-6man-segment-routing-header? I can’t find the answer to my > > question in there. > > > > > > Ron > > > > Juniper Business Use Only > > > > *From:*Pablo Camarillo (pcamaril) <pcamaril@cisco.com > > <mailto:pcamaril@cisco.com>> > > *Sent:* Thursday, December 19, 2019 6:47 AM > > *To:* Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net>>; > > spring@ietf.org <mailto:spring@ietf.org> > > *Subject:* Re: SRv6 Network Programming - ICMP Source Address Selection > > > > Ron, > > > > This is exactly the same as in the SRH. > > > > There is no text in draft-ietf-spring-srv6-network-programming that > > changes this. > > > > Cheers, > > > > Pablo. > > > > *From: *Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net>> > > *Date: *Monday, 9 December 2019 at 23:48 > > *To: *"Pablo Camarillo (pcamaril)" <pcamaril@cisco.com > > <mailto:pcamaril@cisco.com>>, SPRING WG <spring@ietf.org > > <mailto:spring@ietf.org>>, 6man <6man@ietf.org <mailto:6man@ietf.org>> > > *Subject: *RE: SRv6 Network Programming - ICMP Source Address Selection > > > > Pablo, > > > > Section 2.2 of RFC 4443 offers two options. If you think that a SID is a > > unicast address, the first option is applicable. If you think that a SID > > is not a unicast address, the second option is applicable. > > > > Which did you choose? > > > > > Ron > > > > Juniper Business Use Only > > > > *From:*Pablo Camarillo (pcamaril) <pcamaril@cisco.com > > <mailto:pcamaril@cisco.com>> > > *Sent:* Monday, December 9, 2019 10:18 AM > > *To:* Ron Bonica <rbonica@juniper.net <mailto:rbonica@juniper.net>>; > > SPRING WG <spring@ietf.org <mailto:spring@ietf.org>>; 6man > > <6man@ietf.org <mailto:6man@ietf.org>> > > *Subject:* Re: SRv6 Network Programming - ICMP Source Address Selection > > > > Ron, > > > > As you pointed out in your email, RFC4443 Section 2.2 is very clear > > about how to select the source address. > > > > draft-ietf-spring-srv6-network-programming does not change this. > > > > Thanks, > > > > Pablo. > > > > *From: *ipv6 <ipv6-bounces@ietf.org <mailto:ipv6-bounces@ietf.org>> on > > behalf of Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org > > <mailto:rbonica=40juniper.net@dmarc.ietf.org>> > > *Date: *Friday, 6 December 2019 at 17:40 > > *To: *SPRING WG <spring@ietf.org <mailto:spring@ietf.org>>, 6man > > <6man@ietf.org <mailto:6man@ietf.org>> > > *Subject: *SRv6 Network Programming - ICMP Source Address Selection > > > > Authors, > > > > When an SRv6 node sends an ICMP message, how does it select the ICMP > > message’s source address? > > > > Section 2.2 of RFC 4443 offers two options. If you think that a SID is a > > unicast address, the first option is applicable. If you think that a SID > > is not a unicast address, the second option is applicable. > > > > Ron > > > > Juniper Business Use Only > > > > Please excuse any typos, sent from my 'smart'phone. > > > > Please excuse any typos, sent from my 'smart'phone. > > > > Please excuse any typos, sent from my 'smart'phone. > > > > > > _______________________________________________ > > spring mailing list > > spring@ietf.org > > https://www.ietf.org/mailman/listinfo/spring > > > > _______________________________________________ > spring mailing list > spring@ietf.org > https://www.ietf.org/mailman/listinfo/spring >
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- [spring] SRv6 Network Programming - ICMP Source A… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- Re: [spring] SRv6 Network Programming - ICMP Sour… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- Re: [spring] SRv6 Network Programming - ICMP Sour… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- Re: [spring] SRv6 Network Programming - ICMP Sour… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- Re: [spring] SRv6 Network Programming - ICMP Sour… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- Re: [spring] SRv6 Network Programming - ICMP Sour… Joel M. Halpern
- Re: [spring] SRv6 Network Programming - ICMP Sour… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Mark Smith
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- Re: [spring] SRv6 Network Programming - ICMP Sour… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Ron Bonica
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)
- Re: [spring] SRv6 Network Programming - ICMP Sour… Erik Kline
- Re: [spring] SRv6 Network Programming - ICMP Sour… Pablo Camarillo (pcamaril)