IETF Logo Mail Archive

Re: [spring] Spirit and Letter of the Law (was: Question about SRv6 Insert function)

Ron Bonica <rbonica@juniper.net> Thu, 05 September 2019 17:52 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A4981200D6; Thu, 5 Sep 2019 10:52:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0DPxOfu5X-6N; Thu, 5 Sep 2019 10:52:01 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56F11120048; Thu, 5 Sep 2019 10:52:01 -0700 (PDT)
Received: from pps.filterd (m0108156.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x85He676005112; Thu, 5 Sep 2019 10:51:57 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=QWuV9CcRg978o5yzjWqisbXkihViDXLJc1SYbSzxb4w=; b=CPVaIejZxcDWWk3wtUuyI0xfZ6LP8fd7bCuX1wEtqKyUYOOVcrTtD9L0tC1agO75GIp9 +gDdmR7jXyvqkcXh2sp/SBlOhkuxt0cDTh81PUfJ7WabKH3gPBEgEK1jW0lMiSH+ABJG eIUP4MxnY0jjIZRsbyOpYQSipBxkPmj2c4E/whIK3um2LvIOuJ2Kfbr4ijDk9jW7aGvr AK+OW4fvW46/wR6Lpv7ALUd85MPPpqOC1qhjTu0QyA6BIjxP5PfQqnZjQdifKeX02Cik 5vVqLRSozif+gE9gcZjwmMBd0oP2e/MMEJni3bLRWGrcQ4YKBugxMWOVJYO5WxdWqbwC Ag==
Received: from nam04-co1-obe.outbound.protection.outlook.com (mail-co1nam04lp2055.outbound.protection.outlook.com [104.47.45.55]) by mx0a-00273201.pphosted.com with ESMTP id 2utqg39uwg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 05 Sep 2019 10:51:57 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Sy8eXgUIfmDOfUkVCNninIKPJtiYWFpvpN9k+PNijzw6iAB/z6dQUZ/SRbQ0B/W+evNmK5tfL0wllQn/8vOQSPOmAfg2JnLY9Em5EttRzLDeQuHDv6Ua6rv/FSkMBOyAzGkvSAz00S/vfNG2yL60VzhxEsmnEHyb89s5Mn2KJQKehBwy36SK99xKKYgp3obpSxDEW1E55Bh63N7sUfDU7/46pAVi5qAsxjk8JSTwxiOGaodXBff51AhV+xKGP/mhig26JnLzSTU1WQcHMozt8laQfW1Stic1JO3IIv6ZE+oglMwVpvuJhk4x8OLv1TjoUQvCZoTu/nm2uOa2Mu2Bag==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QWuV9CcRg978o5yzjWqisbXkihViDXLJc1SYbSzxb4w=; b=HFRnpgtL2YSskt1yKYriGPv2NMmvYkvWpI0QsyfOfCjYx7EbkK7Cd8CUHLlhzxWo+6zwNuo36dqSKCyYbj5mq6EaiJx+VxLKPyMKYFEbnZzqd7VHfQKE+ud1MaYxl9PqIoHoP5d9JsrJCYxEWmwC9lu/17gLZFfGj5DkspfGGDE/SuPoLZ31yKl55OlmTHHAfVlWWWZIwMvNGCumsHx0VEdfBOdoIUDogeApO9kJbd8FnLgKQBXHMRq0msF5Qeov7Sst//pV4IElHotfdzHI0rMF2tA8QCddLZUEViLZkxBoUYYq33qScRlWWtAKwbBQRHMu3QxflSbQTMuPteYqPA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
Received: from BYAPR05MB5463.namprd05.prod.outlook.com (20.177.185.144) by BYAPR05MB6215.namprd05.prod.outlook.com (20.178.55.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2241.5; Thu, 5 Sep 2019 17:51:55 +0000
Received: from BYAPR05MB5463.namprd05.prod.outlook.com ([fe80::f4f2:f284:d49a:890a]) by BYAPR05MB5463.namprd05.prod.outlook.com ([fe80::f4f2:f284:d49a:890a%4]) with mapi id 15.20.2263.005; Thu, 5 Sep 2019 17:51:55 +0000
From: Ron Bonica <rbonica@juniper.net>
To: Robert Raszuk <rraszuk@gmail.com>, Fernando Gont <fgont@si6networks.com>
CC: Suresh Krishnan <suresh.krishnan@gmail.com>, "6man@ietf.org" <6man@ietf.org>, Ole Troan <otroan@employees.org>, "Joel M. Halpern" <jmh@joelhalpern.com>, "spring@ietf.org" <spring@ietf.org>
Thread-Topic: [spring] Spirit and Letter of the Law (was: Question about SRv6 Insert function)
Thread-Index: AdVjS14TVsuRj78sSeu1r8rfsn3VOQAdy3cAAAexfYAAAk8hAAAAOwIAAADNfYAAAGUuAAABdukAAAbfInA=
Content-Class:
Date: Thu, 05 Sep 2019 17:51:55 +0000
Message-ID: <BYAPR05MB5463F429E6AA307D0F313B9AAEBB0@BYAPR05MB5463.namprd05.prod.outlook.com>
References: <BYAPR05MB54637FEAE1518F83977D274FAEB80@BYAPR05MB5463.namprd05.prod.outlook.com> <538732E2-915B-4952-A439-F4678FCC21B2@employees.org> <4c6b2456-db05-0771-5b98-bfd9f07b220b@si6networks.com> <34AB9F0F-614B-45C2-BD84-7DD53A1D5188@employees.org> <ea9557e5-9025-db78-8862-18454dd549c3@joelhalpern.com> <5200FFA0-E2F1-4491-8D06-0DC6BF87F77A@employees.org> <cdc190f4-315f-f716-951c-6d4ba1f4888d@si6networks.com> <CA+b+ERn6KMGCboERKOMeKAwM3y=1p=sc8j2LnEGYa7h5mz_xxw@mail.gmail.com>
In-Reply-To: <CA+b+ERn6KMGCboERKOMeKAwM3y=1p=sc8j2LnEGYa7h5mz_xxw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbonica@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-09-05T17:51:53.6870010Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=249f65bc-bb74-4076-9234-b717c1136ec9; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic
dlp-product: dlpe-windows
dlp-version: 11.2.0.14
dlp-reaction: no-action
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3ef3ecf2-3d4d-4e23-3c50-08d73229bdbe
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:BYAPR05MB6215;
x-ms-traffictypediagnostic: BYAPR05MB6215:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BYAPR05MB62152E6D4DC4D36EA5277DB5AEBB0@BYAPR05MB6215.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 015114592F
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(396003)(346002)(376002)(366004)(39850400004)(136003)(51444003)(199004)(189003)(478600001)(99286004)(7696005)(316002)(81166006)(76116006)(81156014)(54906003)(790700001)(3846002)(14454004)(8936002)(33656002)(6116002)(110136005)(8676002)(229853002)(11346002)(25786009)(446003)(55016002)(54896002)(5660300002)(6306002)(52536014)(6436002)(66946007)(53936002)(76176011)(6246003)(9686003)(4326008)(74316002)(186003)(66476007)(2906002)(7736002)(71190400001)(71200400001)(66556008)(64756008)(102836004)(476003)(66066001)(256004)(486006)(26005)(6506007)(86362001)(53546011)(14444005)(66446008)(6234004); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB6215; H:BYAPR05MB5463.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: zVBRLHr3HTn6s0C4rKw1AiJWCnjMeOGjIwAzFSTL4NeHgHyp+DoDriYxeHMomWUYiqhae2Ux8gJzeesY4VutPl94SMhI7T3sTZACk9InEzAV/De6lFKIHQVMIgw2tvL4mLz8rUwAytgXUG89J6fqsoFJ2RGE4Sl6jVv74OJP9BQU120DChjHdzeUaiuMUffhyNZSN5CoDbm9M6vDpbBerO1yv74+zICUamed/bZie4s+JCbPMyU87+XGmhLmlEwL/qHKQAkphfXW1s6NglaJtz/zBt/O3Oy8E47moxWVL9mzVVLHjBdfxBEATywig7DlkeuLG8UkEw8QAGX0ZY3MupkSbbhUXznkYwMmZtLKbwHarEaCQdxaTIMb1rW+GVtFo4z+d1SjdvLiJ68jiFw58ZtdzVMAq4tdsFeRA1ryHk4=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR05MB5463F429E6AA307D0F313B9AAEBB0BYAPR05MB5463namp_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 3ef3ecf2-3d4d-4e23-3c50-08d73229bdbe
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Sep 2019 17:51:55.2364 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 1mkSsMnEq7oaqyFPl297SAL+GvaBFfjp6euxyMHkMe8sfJJhJTAEz8mvFJO1RV1y32vZe5Bergc1W2Wf2WTNgg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB6215
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.70,1.0.8 definitions=2019-09-05_05:2019-09-04,2019-09-05 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 bulkscore=0 adultscore=0 mlxscore=0 lowpriorityscore=0 spamscore=0 clxscore=1011 priorityscore=1501 phishscore=0 impostorscore=0 malwarescore=0 mlxlogscore=999 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1906280000 definitions=main-1909050168
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/W6ytRNNtQov3HJDiuk0udCDGVeQ>
Subject: Re: [spring] Spirit and Letter of the Law (was: Question about SRv6 Insert function)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Sep 2019 17:52:04 -0000

Robert,

I think that I can summarize what you are saying as follows:


  *   An IPv6 path contains a source node, a destination node, and transit nodes
  *   Some transit nodes are also segment endpoints. Segment endpoints are identified by either of the following:
     *   The initial value of the IPv6 address
     *   An entry in the segment list of the Routing header
  *   According to RFC 8200, segment endpoints can insert, change, or delete extension headers. However, transit nodes that are not segment headers cannot insert, change or delete extension headers

Have I read your email, below, correctly? Is this what you are actually saying?

                                                                  Ron

From: spring <spring-bounces@ietf.org> On Behalf Of Robert Raszuk
Sent: Thursday, September 5, 2019 10:28 AM
To: Fernando Gont <fgont@si6networks.com>
Cc: Suresh Krishnan <suresh.krishnan@gmail.com>; 6man@ietf.org; Ole Troan <otroan@employees.org>; Joel M. Halpern <jmh@joelhalpern.com>; spring@ietf.org
Subject: Re: [spring] Spirit and Letter of the Law (was: Question about SRv6 Insert function)


3) Now there's at least one I-D in spring that ignores RFC8200, and
proposes EH-insertion as if it was allowed, essentially circumventing
RFC8200, and IETF consensus.

Incorrect. RFC8200 makes it black on white clear that insertion, deletion and mangling is allowed in IPv6 if destination is yourself in the packet's IPv6 outer header.

So functions to insert SRH or delete it discussed in SPRING DO NOT violate anything.

Remember - in SRv6 you *change* IPv6 dst at each end of segment. So each SR segment node can legally  do whatever it needs with EH.

Is this clear enough?

- - -

There is other individual document in 6man proposing a solution for FRR in IPv6 which goes beyond the above. But it in no way that should impact base specs. As written base specs can be used 100% legally according to RFC8200 as it stands today.

Now if 6man response to proposl of SRv6 use case for FRR with TI-LFA will state "IPv6 was not designed for that" - I am fine. It will make IPv6 deployments for sure much more robust. It may even help end to end principle shine again and get all of your end IPv6 compute and set-top boxes full open to global hackers.

Thx,
R.


Juniper Business Use Only

v2.23.0 | Report a Bug | By Email