IETF Logo Mail Archive

Re: [spring] How CRH support SFC/Segment Endpoint option?

Tom Herbert <tom@herbertland.com> Sun, 24 May 2020 23:55 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 134973A0E19 for <spring@ietfa.amsl.com>; Sun, 24 May 2020 16:55:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j3dFC_r7BMJW for <spring@ietfa.amsl.com>; Sun, 24 May 2020 16:55:45 -0700 (PDT)
Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 687033A0E1B for <spring@ietf.org>; Sun, 24 May 2020 16:55:45 -0700 (PDT)
Received: by mail-ej1-x635.google.com with SMTP id yc10so18765020ejb.12 for <spring@ietf.org>; Sun, 24 May 2020 16:55:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=77+PSMAsHSBKk2PcO1RH6sDMy0qACXD5R5RdWBAUkQM=; b=0PeIq5AXk/6dTIJ2ppvwGlnh05CWve1odJaqXLFTx7LbmIj2wApfDRZjMAJdzAsR3R +glk/zoCeSDC64jliUZJZl4c8WrDxS3s//Q2KwWIxm5pHul5rD06Z/wNsNMWiOwE22Ft x7Q48FZtbTV87x9FCCm1tStThmYdY2J0p31uJHbd5lc6fZrNKgNuCwjZT3H4fTeyT0rP Z/9LRrNxH3/lJkNVKRoOnBaH8l8rrCR+D4fObQsI4uxIbeD4mF97/0nF0M25GOKUeEY9 KKGntJdeH6L81YQ77yBhUcF8l/Ib0UCq+Q2i0+7nZ/+dVeI7lfXklCj4KFDrNbCHd5Vc qa4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=77+PSMAsHSBKk2PcO1RH6sDMy0qACXD5R5RdWBAUkQM=; b=AUUj6JLjLxZ4QYo7QUfAkB86vRr4MSTOMgS4ipTNg9m1PtpKBVawtAV7hFtUjIrU3H idT4wH6V9iQeRD2YaL8eHznonAqb/1z6jJkYqfBcHg2MVc16NDLB0m0x0FRexbpsVsnP W3ExSIevyGCJOWkyD6XPMe7JHkGceY5/eOOKn63pzTmFVVZmeP6NlL+o+GNvqf3LLy2H p8tIFQgts/rGGeg9j0tRsLUbAwWJWoOKrpyc+zOVw0sxCZ4vC35+pb/GeFyPX//0wvQl tLVFua3ri+eEWSbFP4BnB6UwPhSSMiYIGwhPxNez5N8oAvn+VroMr8FYBe8sR6pbuHKK X5hg==
X-Gm-Message-State: AOAM530y4s50pEzttwvoPdwTbCUtVJSFRV0qgA3StDs6HV5sZPJ3YoIZ j7RhuW/MK3rAUt+KDFhuiiQfGYr9ythR8XRtr5ZNZg==
X-Google-Smtp-Source: ABdhPJygI74S/IBbBIX5Ww1PiR+08Muoxl/6INvn6sxUfkroXhLUhaXJ+LklYurrHprNUZ1QbDhfh8y/EjedeyFnWo4=
X-Received: by 2002:a17:906:9404:: with SMTP id q4mr16457046ejx.138.1590364543511; Sun, 24 May 2020 16:55:43 -0700 (PDT)
MIME-Version: 1.0
References: <C7C2E1C43D652C4E9E49FE7517C236CB02A2CD12@dggeml529-mbx.china.huawei.com> <DM6PR05MB63482CFA4D5AB938D5A4B818AEB40@DM6PR05MB6348.namprd05.prod.outlook.com> <C7C2E1C43D652C4E9E49FE7517C236CB02A37DC6@dggeml509-mbs.china.huawei.com> <DM6PR05MB63489256A7C8357BEF526EE2AEB20@DM6PR05MB6348.namprd05.prod.outlook.com> <CAOj+MMGLj9OgFCcsB21oWXbcCqHZ7B4qTvCcrK9LXuKDYVu_vQ@mail.gmail.com> <CALx6S36yJ5CS6ykQhd_sW3T6=PjVJNOqewtg2joUtHnbsZPxSA@mail.gmail.com> <15815a80-7fe3-7d85-61a8-f7168a99cabb@gmail.com>
In-Reply-To: <15815a80-7fe3-7d85-61a8-f7168a99cabb@gmail.com>
From: Tom Herbert <tom@herbertland.com>
Date: Sun, 24 May 2020 16:55:33 -0700
Message-ID: <CALx6S35j=c9BUyyf1qs+As-51YVR6DTQAP+Xkc4zS05CGVJCHQ@mail.gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: Robert Raszuk <robert@raszuk.net>, Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, "spring@ietf.org" <spring@ietf.org>, 6man <6man@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/eFNd6ggNeGmMsP_EaoPK6IXWPd8>
Subject: Re: [spring] How CRH support SFC/Segment Endpoint option?
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 May 2020 23:55:48 -0000

On Sun, May 24, 2020 at 2:51 PM Brian E Carpenter
<brian.e.carpenter@gmail.com> wrote:
>
> On 25-May-20 09:08, Tom Herbert wrote:
> > On Sun, May 24, 2020 at 3:23 AM Robert Raszuk <robert@raszuk.net> wrote:
> >>
> >> Hi Ron,
> >>
> >> I have one small question on the Destination Option Header you keep referencing to carry for example VPN demux instructions.
> >>
> >> As DOH follows Fragment Header it is indeed inspected before CRH.
> >>
> >> So please kindly clarify what is there in the IPv6 packet header which would stop each segment endpoint (during the transit over SR anchors)  which destination is obviously in DA of the arriving packet not to inspect DOH and not trying to execute it ?
> >>
> >> If you could please also provide reference to RFC8200 defining it.
> >>
> > Robert,
> >
> > Look at Destination Options before the routing header in RFC8200.
> > These are intended to be processed at every intermediate destination
> > in the routing header
>
> That intention is not specified in the text, and IMHO cannot be deduced from the text. Hence my comment on draft-bonica-6man-ext-hdr-update.
>
Brian,

I think it can be deduced. Extension headers need to be processed in
order, so destination options before the routing header must be
processed before the routing header. If the destination options before
the routing were only to be processed at the final destination, then
we would need to process the routing header before processing the
destination options in order to determine if the destination address
is indeed the final destination. More practically, if destination
options were only to be processed at the final destination then it
doesn't seem like there would be any material between destination
options before and those after the routing header (or maybe there was
some other intent to have two flavors of destination options?)..

I agree that the text could be clarified, It seems like another case
of potential ambiguity in RFC8200 among the terms destination,
destination address, final destination, an intermediate destination.
https://tools.ietf.org/html/draft-herbert-ipv6-update-dest-ops-00 was
an attempt to calirfy this, at least to clarify the significance of a
modifiable destination option (before the routing header).

Tom

>    Brian
>
> > and precede any fragment header.
> >
> > Tom
> >
> >> Keep in mind that in number of networks P routers are also PE routers so executing DOH even if CRH still contains many hops to go may result in very unexpected behaviours. I am sure you recall that L3VPN labels are locally significant and there is no mechanism in place to assure uniqueness of VPN demux values across PEs..
> >>
> >> Why is this important here - because CRH by design is decoupled from any functions or network application handling.
> >>
> >> Many thx,
> >> Robert.
> >>
> >>
> >> On Sun, May 24, 2020 at 3:24 AM Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org> wrote:
> >>>
> >>> Cheng,
> >>>
> >>>
> >>>
> >>> The CRH is a building block. It has exactly one function. That is, to steer a packet along its delivery path.
> >>>
> >>>
> >>>
> >>> The CRH does not attempt to deliver parameters or metadata to service function instances. It relies on other mechanisms. One possibility is a destination options header that precedes the CRH. I am sure that there are other mechanisms. CRH should be compatible with all of them.
> >>>
> >>>
> >>>
> >>> Personally, I am not an NSH expert. Maybe someone who is can speak up.
> >>>
> >>>
> >>>
> >>>                                                                                               Ron
> >>
> >> --------------------------------------------------------------------
> >> IETF IPv6 working group mailing list
> >> ipv6@ietf.org
> >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> >> --------------------------------------------------------------------
> >
> > --------------------------------------------------------------------
> > IETF IPv6 working group mailing list
> > ipv6@ietf.org
> > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> > --------------------------------------------------------------------
> >

v2.23.0 | Report a Bug | By Email