Re: [spring] Roman Danyliw's Discuss on draft-ietf-spring-srv6-network-programming-19: (with DISCUSS and COMMENT)
Roman Danyliw <rdd@cert.org> Mon, 28 September 2020 19:27 UTC
Return-Path: <rdd@cert.org>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7466F3A1338; Mon, 28 Sep 2020 12:27:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X-94ZUc3UF-i; Mon, 28 Sep 2020 12:27:52 -0700 (PDT)
Received: from veto.sei.cmu.edu (veto.sei.cmu.edu [147.72.252.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BAFF23A090D; Mon, 28 Sep 2020 12:27:51 -0700 (PDT)
Received: from korb.sei.cmu.edu (korb.sei.cmu.edu [10.64.21.30]) by veto.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id 08SJRmhB044663; Mon, 28 Sep 2020 15:27:48 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 veto.sei.cmu.edu 08SJRmhB044663
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1601321268; bh=TRnZRqGs13Lt5+yzco+OVCaMZL6dBEzxwZvwMPOj8F4=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=lkxSPCMNMVr8VX3dqFsyWmsxezKYHRiQGy7LM2qKQwYlNI23uE34TuD5/lCKrR8iM xQdap60YMx660zNOMjIxLf6zu2GX6mXvXmNgDajD3XBOhTc7lG4Dzk0GqF4p7G6riQ RV3SMyXZHuU364p9/qb+NKdNhYmCxf8Mryd9O7Bk=
Received: from MURIEL.ad.sei.cmu.edu (muriel.ad.sei.cmu.edu [147.72.252.47]) by korb.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id 08SJRi26004841; Mon, 28 Sep 2020 15:27:44 -0400
Received: from MORRIS.ad.sei.cmu.edu (147.72.252.46) by MURIEL.ad.sei.cmu.edu (147.72.252.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Mon, 28 Sep 2020 15:27:44 -0400
Received: from MORRIS.ad.sei.cmu.edu ([fe80::555b:9498:552e:d1bb]) by MORRIS.ad.sei.cmu.edu ([fe80::555b:9498:552e:d1bb%13]) with mapi id 15.01.1979.003; Mon, 28 Sep 2020 15:27:44 -0400
From: Roman Danyliw <rdd@cert.org>
To: "Pablo Camarillo (pcamaril)" <pcamaril@cisco.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-spring-srv6-network-programming@ietf.org" <draft-ietf-spring-srv6-network-programming@ietf.org>, "spring-chairs@ietf.org" <spring-chairs@ietf.org>, "spring@ietf.org" <spring@ietf.org>, Bruno Decraene <bruno.decraene@orange.com>, Joel Halpern <jmh@joelhalpern.com>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-spring-srv6-network-programming-19: (with DISCUSS and COMMENT)
Thread-Index: AQHWkERzyjixneZo/UivXsdtFR9Pk6l1WCGAgAJwFtCAAi3TAIAEUFHw
Date: Mon, 28 Sep 2020 19:27:43 +0000
Message-ID: <259b131f40b44a1ea77c1ce2aef24a3c@cert.org>
References: <160071265366.14948.8163350323208659826@ietfa.amsl.com> <MWHPR11MB1374D5D6DCA0A44C98A29FB3C93B0@MWHPR11MB1374.namprd11.prod.outlook.com> <59b404f1dcdc485485813b2b80376976@cert.org> <MWHPR11MB13744A4E60015C761E00B270C9360@MWHPR11MB1374.namprd11.prod.outlook.com>
In-Reply-To: <MWHPR11MB13744A4E60015C761E00B270C9360@MWHPR11MB1374.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.202.177]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/iK23X0DkkuES8BUHMd2tQ1sgI_w>
Subject: Re: [spring] Roman Danyliw's Discuss on draft-ietf-spring-srv6-network-programming-19: (with DISCUSS and COMMENT)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Sep 2020 19:27:55 -0000
Hi Pablo! Thanks for the explanation. I've cleared my DISCUSS. Regards, Roman > -----Original Message----- > From: Pablo Camarillo (pcamaril) <pcamaril@cisco.com> > Sent: Friday, September 25, 2020 2:29 PM > To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org> > Cc: draft-ietf-spring-srv6-network-programming@ietf.org; spring- > chairs@ietf.org; spring@ietf.org; Bruno Decraene > <bruno.decraene@orange.com>; Joel Halpern <jmh@joelhalpern.com> > Subject: RE: Roman Danyliw's Discuss on draft-ietf-spring-srv6-network- > programming-19: (with DISCUSS and COMMENT) > > Hi Roman, > > Please see inline with [PC2]. > > Thanks, > Pablo. > > -----Original Message----- > From: Roman Danyliw <rdd@cert.org> > Sent: jueves, 24 de septiembre de 2020 15:20 > To: Pablo Camarillo (pcamaril) <pcamaril@cisco.com>; The IESG > <iesg@ietf.org> > Cc: draft-ietf-spring-srv6-network-programming@ietf.org; spring- > chairs@ietf.org; spring@ietf.org; Bruno Decraene > <bruno.decraene@orange.com>; Joel Halpern <jmh@joelhalpern.com> > Subject: RE: Roman Danyliw's Discuss on draft-ietf-spring-srv6-network- > programming-19: (with DISCUSS and COMMENT) > > Hi Pablo! > > Thanks for the updates in -20. A few more comments inline ... > > > -----Original Message----- > > From: Pablo Camarillo (pcamaril) <pcamaril@cisco.com> > > Sent: Tuesday, September 22, 2020 3:59 PM > > To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org> > > Cc: draft-ietf-spring-srv6-network-programming@ietf.org; spring- > > chairs@ietf.org; spring@ietf.org; Bruno Decraene > > <bruno.decraene@orange.com>; Joel Halpern <jmh@joelhalpern.com> > > Subject: RE: Roman Danyliw's Discuss on > > draft-ietf-spring-srv6-network- > > programming-19: (with DISCUSS and COMMENT) > > > > Hi Roman, > > > > Many thanks for your thorough review. Please see inline with [PC]. > > > > Thanks, > > Pablo. > > > > -----Original Message----- > > From: Roman Danyliw via Datatracker <noreply@ietf.org> > > Sent: lunes, 21 de septiembre de 2020 20:24 > > To: The IESG <iesg@ietf.org> > > Cc: draft-ietf-spring-srv6-network-programming@ietf.org; spring- > > chairs@ietf.org; spring@ietf.org; Bruno Decraene > > <bruno.decraene@orange.com>; Joel Halpern <jmh@joelhalpern.com>; > > jmh@joelhalpern.com > > Subject: Roman Danyliw's Discuss on draft-ietf-spring-srv6-network- > > programming-19: (with DISCUSS and COMMENT) > > > > Roman Danyliw has entered the following ballot position for > > draft-ietf-spring-srv6-network-programming-19: Discuss > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut > > this introductory paragraph, however.) > > > > > > Please refer to > > https://www.ietf.org/iesg/statement/discuss-criteria.html > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-spring-srv6-network-progra > > mming/ > > > > > > > > ---------------------------------------------------------------------- > > DISCUSS: > > ---------------------------------------------------------------------- > > > > Section 3.1. (In case I missed it, please provide the obvious > > reference) Per “In such a case, the semantics and format of the ARG > > bits are defined as part of the > > SRv6 endpoint behavior specification”, is “endpoint behavior specification” > > Section 4 or another document? If the former, I don’t see any > > references to argument bits in the pseudo-code of the Section 4.* > subsections. > > If the latter, what document? Can the behaviors be polymorphic (i.e., > > same network behavior accepting different arguments)? > > > > [PC] The End.DT2M behavior in section 4.12 has an argument called > “Arg.FE2”. > > The behavior specification explains the semantics of the argument and > > the pseudocode describes how it is handled. The arguments to the > > function can indeed vary. > > Thanks for pointing this out. What I still don't understand is whether > End.DT2M the only behavior that uses the arguments? > [PC2] Correct, the only behavior defined in this document with arguments is > End.DT2M. > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > Thanks for responding to the SECDIR review (and thank you to Brian > > Weis for doing it) > > > > ** Section 3.2. Per “An SR Source Node cannot infer the behavior by > > examination of the FUNCT value of a SID”, isn’t there at least some > > hint provided by the use of the FUNCT from the IANA registry? > > [PC] Recall that Section 3.1 says the following (there is no hint): > > The FUNCT is an opaque identification of a local behavior bound to > > the SID. > > The term "function" refers to the bit-string in the SRv6 SID. The > > term "behavior" identifies the behavior bound to the SID. The > > behaviors are defined in Section 4 of this document. > > > > [PC] The FUNCT is part of the SID value assigned by the operator. This > > SID is associated with a behavior (defined in the IANA registry). The > > control plane is going to advertise the association of the SID > > (including the FUNCT) and the particular behavior (using the IANA codepoint). > > An intermediate node that only has access to the SRv6 user traffic, > > only by looking at the FUNCT value (and with no control plane > > information), cannot know what the behavior is associated to such SID. > > Looking ahead at your next comment, I believe the confusion might > > arise from the values used in the example in this section. > > > > ** Section 3.2. > > Per “Function 11 associated with the behavior End.X …” AND > > > > Per “Function 12 associated with the behavior End.X …” > > > > The initial registrations for Endpoint Behavior per Section 10.2.1 > > suggest that Function 11 and 12 are End.T. > > [PC] Please see response to previous comment. Indeed, the example can > > be improved. I’ll replace 11 and 12 for 100 and 101 that are > > unassigned on the IANA registry to more clearly differentiate between FUNCT > and Behavior. > > Understood. > > > ** Section 4.1. Pseudo-code without formal definition might be open > > to interpretation. My nits (which likely apply to other sections) are > > that: -- it might not be clear that S03, S06 and S10 are effectively > > returns/exits from this “behavior”, and if they are run, S12-S15 > > should never be reached (otherwise Segments Left or Hop Limit = -1) > > [PC] Indeed, it would be clearer if we call out where there is a return/exit. > > <OLD> > > S03. Proceed to process the next header in the packet, > > whose type is identified by the Next Header field in > > the routing header. > > </OLD> > > <NEW> > > S03. Stop processing the SRH, proceed to process the next > > header in the packet, whose type is identified by the > > Next Header field in the routing header. > > </NEW> > > > > [PC] For lines S06 and S10 currently include “Interrupt packet > > processing and discard the packet”. Do you think this is sufficient to > > indicate there is no more SRH processing done? > > I'd recommend using consistent language. Since you're using "stop" in S03, I'd > recommend using the same thing in S06 and S10 [PC2] We believe that it might > be good to use "Stop" on S03 because we are only stopping the SRH processing, > but proceeding to process the next headers in the chain. While S06 and S10 are > really stopping the packet processing at all (packet will be discarded after > generating an ICMP error). If you still believe we should use the same word in > the three, please let me know and Ill do in the next revision of the document. > > > -- (for consistency) the IF … ELSEIF … END construct is used in > > Section 4.8, but not here. > > [PC] Indeed, pseudocodes should be consistent. > > > > -- What does it mean to indent the code? For example S06 is: > > S06. Send an ICMP Time Exceeded message to the Source Address, > > Code 0 (Hop limit exceeded in transit), > > Interrupt packet processing and discard the packet. > > > > I can see why “Code 0 …” is indented under “Send an … “ as this is a > > line wrap, but why is “Interrupt packet processing?” > > [PC] Yes. The indentation of interrupt packet processing is incorrect. > > It should be part of the same statement as above (the period should > > not be there). I’ll review the indentation of all pseudocodes. > > > > > > ** A few other psuedo code nits: > > -- Section 4.1. S05 uses “IPv6 Hop Limit” but S12 uses “Hop Limit”. > > Recommend consistency. > > [PC] Ack. Fixed for next next rev. > > > > > > -- Section 4.4. Per S05. Is “next header” purposely lower case? I > > asked because it looks like explicit field names are in upper case > > (e.g., S03 says “Segments Left field”). > > [PC] Ack. Fixed for next next rev. > > > > -- Section 4.16.3. As a style/consistency note, the other sections > > which check the upper header type seem use of a construct of != 41 or > > 4 to “Process per Section 4.1.1”. (e.g., Section 4.4, 4.5, 4.6, etc.) [PC] Ack. > Fixed for next next rev. > > > > ** Section 8. Given how meticulously the Section 4 guidance was > > described, it would be helpful to say that the HMAC TLV processing, if > > present, happens as a notional Step “S0” per guidance in Section 2.1.2.1 of > RFC8754. > > [PC] Ack. I would propose the following addition at the end of the > > security considerations. > > <NEW> > > When enabled by local configuration, HMAC processing occurs at the > > beginning of SRH processing as defined in Sec 2.1.2.1 of RFC8754. > > </NEW> > > > > ** Editorial Nits: > > -- Section 3.2. Typo. s/an network/a network/ > > -- Section 3.2. Typo. s/is minimum/is minimal/ [PC] Acking both. Fixed > > for next next rev. > > Thanks for all of the changes described above. > > Regards, > Roman
- [spring] Roman Danyliw's Discuss on draft-ietf-sp… Roman Danyliw via Datatracker
- Re: [spring] Roman Danyliw's Discuss on draft-iet… Pablo Camarillo (pcamaril)
- Re: [spring] Roman Danyliw's Discuss on draft-iet… Pablo Camarillo (pcamaril)
- Re: [spring] Roman Danyliw's Discuss ondraft-ietf… peng.shaofu
- Re: [spring] Roman Danyliw's Discuss on draft-iet… Roman Danyliw
- Re: [spring] Roman Danyliw's Discuss on draft-iet… Pablo Camarillo (pcamaril)
- Re: [spring] Roman Danyliw's Discuss on draft-iet… Roman Danyliw