IETF Logo Mail Archive

Re: [spring] SRH scratch space (was Re: Question about SRv6 Insert function)

Robert Raszuk <robert@raszuk.net> Tue, 10 December 2019 20:18 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAE99120AD2 for <spring@ietfa.amsl.com>; Tue, 10 Dec 2019 12:18:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5mURnAxmK9JJ for <spring@ietfa.amsl.com>; Tue, 10 Dec 2019 12:18:54 -0800 (PST)
Received: from mail-qk1-x743.google.com (mail-qk1-x743.google.com [IPv6:2607:f8b0:4864:20::743]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60EA5120AD0 for <spring@ietf.org>; Tue, 10 Dec 2019 12:18:54 -0800 (PST)
Received: by mail-qk1-x743.google.com with SMTP id m188so17614702qkc.4 for <spring@ietf.org>; Tue, 10 Dec 2019 12:18:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CO+rPgzHWz29tkcdVqdNg9YNNFbxBSFaL6UWvFLqYqo=; b=ONmf/w1HWiS1VMI3M6g1XB7su6oGeogmI4Ei6Tw5mLPkqsHUpnNeHTw7Q96j13Z2s5 fmN8WGa2aEnvtKzPyrZ8Zybo724uCNBYyUssbfwJCcj08dl6tURXwsB7e1pstJk5+my1 s2AHJVsQZTmWlrxMC2HtbFdI8ngf3+HSz9DFezwuC1g1An2HUwJBqfRutOvtGhayddDT jVc3/FcI5GoWWrOJDKAwAWtfoauNTviFMxhfyexBQF4bDXJeVZNctB9xVry2ppqcXnWY iIKG4EcUiBH4uiCvJIYLvBrh3eKkO+3Lfh/+euhIcxrpCvvOOOAMbvm9qpdxNDU5BG8L u67g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CO+rPgzHWz29tkcdVqdNg9YNNFbxBSFaL6UWvFLqYqo=; b=AR3A4pTF8Q+UXuQ20YmFE/5VN9VyHRRszIN1u0yodnfLcnHD+HrhPbl9PobQH8yL/v 8+pqo/NOEoyE8mP+MmziqhQcUbW5vlm8Du+oBHQTeyDk7bdOn8BDUeVGMD4Sk90G6EMu DpYYpuD22Kxptu12XAUv3kOnkwBNpnlkbpZE4ApkSOvG/JP8DA1EgpgVdh41i0H1uHd7 7dcyOngdj1ou3BXLXG/nsEr//vQZk8H1CTeJFAHA2WZ8M2CO6njsGY65kU6SxGcgt5rM a5Tg/rAFSf0Zgolm2hfN6suag5/2Msplzw2mr/eUGVlAe1a/ER5jZTsfvqPzMDbQEF7L dWFA==
X-Gm-Message-State: APjAAAXB0LO2pUeNQXxTHRgDLH+zFaVpYmYIGf+pBPFGj9oNZ/b+2r6h y8v6BXXBRnaMy9nZcjK8NERCA506SUGUvR9o3ReV4A==
X-Google-Smtp-Source: APXvYqywwNkwBCtmXKLWGmTZ9il0n2s0DhHJsCWmHrkkAhZR91hERFWCYEW3hc8D+jxOGT9Jj03Wzk+c0mEumQBPzlE=
X-Received: by 2002:ae9:e887:: with SMTP id a129mr16776213qkg.465.1576009133378; Tue, 10 Dec 2019 12:18:53 -0800 (PST)
MIME-Version: 1.0
References: <HK0PR03MB3970C6DCC635E7CD802D65FDFCBD0@HK0PR03MB3970.apcprd03.prod.outlook.com> <BYAPR05MB54636A2332FED916A26A6F14AEBD0@BYAPR05MB5463.namprd05.prod.outlook.com> <3e31873a-278a-2154-0e71-4d820bba323d@gont.com.ar> <4012D854-2F10-4476-951D-FFFE73C5083C@gmail.com> <cb2f56f8-acdc-d68d-0878-9609cb3d7b1b@gont.com.ar> <28214_1567694772_5D711FB4_28214_238_1_53C29892C857584299CBF5D05346208A48BFA9F3@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <129bbb32-0f14-b799-430c-8f76fb6b1279@gont.com.ar> <1824_1575998223_5DEFD30F_1824_112_1_53C29892C857584299CBF5D05346208A48D24EBD@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <4384c08a-65f5-dbfb-85c7-8365feba9662@gmail.com> <CAOj+MME1+JXth8m4U_E5R6VLvurVR_y_DQvOBy7JmGxHZp7T=Q@mail.gmail.com> <CAMGpriV8BFjOed_-QJYEZc_BANvEuc1hRgYjSdaVUYygVzPj+Q@mail.gmail.com>
In-Reply-To: <CAMGpriV8BFjOed_-QJYEZc_BANvEuc1hRgYjSdaVUYygVzPj+Q@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Tue, 10 Dec 2019 21:18:42 +0100
Message-ID: <CAOj+MMHCA+=9zv_UJAF3gC6R1TWKb6LQJxaGsrRa0N7Amdxrww@mail.gmail.com>
To: Erik Kline <ek.ietf@gmail.com>
Cc: Suresh Krishnan <suresh.krishnan@gmail.com>, Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>, "spring@ietf.org" <spring@ietf.org>, "6man@ietf.org" <6man@ietf.org>, draft-voyer-6man-extension-header-insertion <draft-voyer-6man-extension-header-insertion@ietf.org>, Fernando Gont <fernando@gont.com.ar>, Brian E Carpenter <brian.e.carpenter@gmail.com>, draft-ietf-spring-srv6-network-programming <draft-ietf-spring-srv6-network-programming@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008eecb705995f3836"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/gPROF77qUrfL3cZ7ByKy823JCfE>
Subject: Re: [spring] SRH scratch space (was Re: Question about SRv6 Insert function)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2019 20:18:57 -0000

Hi Erik,

What you are proposing IMHO is not needed.

Each SR node (Segment Endpoint) is effectively applying new IPv6 encap so
is already doing an insertion of new SRH while maintaining src address and
previous  SRH content (modulo updating it). That is legally permitted
operation based on IPv6 tunneling RFC.

The word insertion has been questioned in the context of adding SRH at non
SR midpoints (say for TI-LFA) into existing "private" IPv6 header. For this
sure one could think of more structure (bypass section) of original SRH
already present or addition of 2nd SRH.

Thx
R.






On Tue, Dec 10, 2019 at 9:10 PM Erik Kline <ek.ietf@gmail.com> wrote:

> My apologies for raising something that might have already been discussed
> a rejected, but I'm finding it non-trivial to track this wide-ranging
> discussion across multiple mailing lists.
>
> Regardless of how SRv6 works now (using header insertion, as Darren said
> in Singapore), I'm wondering if it would suffice to say that the ingress
> encapsulation node could/should pad the SRH with an operationally
> determined amount of extra space to allow for header re-writing.
>
> This would effectively turn the SRH into a scratch space could be
> specified as able to be re-written by SR-aware nodes along the path.
>
> For example, if the ingress router new the SR domain's carefully curated
> path MTU, it could pad out the SRH to some fraction of that, a la:
>
>     {segments_left=2, last_entry=5, [sr_rtr_3, sr_rtr_2, sr_rtr_1, ::0,
> ::0, ::0]}
>
> then permit intermediate SR routers to rewrite all of that scratch space
> for router insertion/deletion as needed.  For example, if sr_rtr_1 needs to
> route around sr_rtr_2 via sr_rtr_4 and sr_rtr_5 it could rewrite this as:
>
>     {segments_left=2, last_entry=5, [sr_rtr_3, sr_rtr_5, sr_rtr_4,
> sr_rtr_1, ::0, ::0]}
>
> If there's no scratch space left with which to fiddle then generate an
> ICMP error to the ingress router (ICMP source address selection aside).
> The rules for examining this header scratch space in the returned ICMP
> error might need to be suitably lax.
>
> I'm unsure of how this would interact with the HMAC bits, but overall, if
> this could work then perhaps we don't need to worry about insertion anymore.
>
> Yes, there's more overhead on each packet, but that should be tunable by
> the operator based on things like (1) operational path mtu in the SR
> domain, (2) operationally acceptable padding overhead, (3) expected space
> required for adding routers for re-routing or whatever...
>
> On Tue, Dec 10, 2019 at 11:45 AM Robert Raszuk <robert@raszuk.net> wrote:
>
>> Brian,
>>
>> > Situation has changed since this email: the network programming draft
>>> has now removed text related to SRH insertion.
>>> > Please comment on the text if you see text related to SRH insertion.
>>>
>>> For example:
>>>
>>> https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming-05#section-8.2
>>>
>>> Why would draft-voyer-6man-extension-header-insertion exists if the SRH
>>> proponents do not intend to perform SRH insertion?
>>>
>>
>>
>> What Bruno is describing is the new situation after removal of SRH
>> insertion at non SR midpoints from NP draft under last call...
>>
>> Section 8.2 is referring to SRH insertion at the SR encapsulation node
>> (for example ingress to the domain).
>>
>> draft-voyer-6man-extension-header-insertion  is progressing as
>> recommended to relax the RFC8200 restricting EH insertion at any arbitrary
>> node - not necessarily segment endpoint.
>>
>> Regards,
>> R.
>>
>>
>>
>>
>>
>>
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
>

v2.23.0 | Report a Bug | By Email