IETF Logo Mail Archive

Re: [spring] Suggest some text //RE: Request to close the LC and move forward//RE: WGLC - draft-ietf-spring-srv6-network-programming

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 05 March 2020 22:32 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66BBE3A09D5; Thu, 5 Mar 2020 14:32:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1aqKEABO_qPn; Thu, 5 Mar 2020 14:32:37 -0800 (PST)
Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 296953A0D48; Thu, 5 Mar 2020 14:32:37 -0800 (PST)
Received: by mail-pl1-x630.google.com with SMTP id j20so4169pll.6; Thu, 05 Mar 2020 14:32:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=RjTvct7J7g10hBXJI9CAmo8i4+F1JcqDyHqGudibqo4=; b=iBDaouX+epsIobfjTguyYkOe+EXQdGeKRDdNwf1LbjnUmOf3kduma88XeqgbLq5P2e 9enU6d5ynnGQKuqQA1DPfvzjU9WkF8mL/690O+D8hEDMoLvS+ApDHRCWYQB4dgHBjqN/ nXNkKtu4LEkO/yuw8ZacW7m3wrDQuLudDRoaUK14DGdkzTaPhc9oyHBzHVfIkkFAK3YD YPG9X+hdzvxUF1llZ81NVyKcTBgfD4S9FCQy73mfun913oQG8Xhdm+mf4GvIm9kLg2B3 PYoZ3EDjp8s5YJAohgqbJDBp5DgCcC4NVL8H8M2u6PAZDd4o1+H+QZENRLoseA46sw+F 4C+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=RjTvct7J7g10hBXJI9CAmo8i4+F1JcqDyHqGudibqo4=; b=hXLWCReGLHt8dGace+ijRgdfTmX+glL3mYyiMrjNKd4KnOQ/IzjAtQMZ7flqTaZUAN 95jOZaPK+zWlCwt4q0yYTNVHFZmWumb67ahe+1hCxGvEFYp76a5unE13i1duq5I+EDva GRbOMTjN4aS8ZQu1d/4QvCjdWlyEkCVHBB9DP+4FM1xXbis/e/taF+0Fyd2Xz8Wgok75 /BWW7BYU83L6KPAEH0RydMF600DAUy83KmJdMsU/1rc8BEj4hUAtKAgcSFevNuVc0oPr VDk7bzJOsSTr4yWT178TFF5/RqBBMIlMSqSjlxdso/1Rnydzj3vyBoaUvniJ24+i5fip xyJQ==
X-Gm-Message-State: ANhLgQ1rhSBqi0FbXhKjMmCgjzioRzrCNzRk3PfscUPJEBJPw1nLGpRs HXS+Dtm0DVj2D4kv7qOL9vo=
X-Google-Smtp-Source: ADFU+vsqgIuwUgR+9KgZcomdJLumDQDABwsvZotfWfpJ8oAS7r49Jpve3bajnb5jnqOSdMglOMNEwQ==
X-Received: by 2002:a17:902:302:: with SMTP id 2mr31699pld.58.1583447556564; Thu, 05 Mar 2020 14:32:36 -0800 (PST)
Received: from [192.168.178.30] ([165.84.25.143]) by smtp.gmail.com with ESMTPSA id j15sm811300pfn.86.2020.03.05.14.32.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 05 Mar 2020 14:32:35 -0800 (PST)
To: "Ketan Talaulikar (ketant)" <ketant=40cisco.com@dmarc.ietf.org>, 神明達哉 <jinmei@wide.ad.jp>, "Pablo Camarillo (pcamaril)" <pcamaril=40cisco.com@dmarc.ietf.org>
Cc: "spring@ietf.org" <spring@ietf.org>, "6man@ietf.org" <6man@ietf.org>, Bob Hinden <bob.hinden@gmail.com>, Robert Raszuk <robert@raszuk.net>
References: <965ff6bbf1cb4c2f8d48b7b535a0cf5b@huawei.com> <CAJE_bqcTNWt==mtYKeNVXOBAzBNLG=+_mXQQ9xMHYOCDRqCb_Q@mail.gmail.com> <CAOj+MMEzbyzy98iFyfe6Z=dQiWHo=triX6bHKx9fNEUCaSuy3Q@mail.gmail.com> <CAJE_bqeiX1xWSMOOr=SGpVJdBSEgg-kYnUd29yeRURcVnx-xuA@mail.gmail.com> <4B3B4F36-7B15-4CBF-A015-274D10AF37B6@cisco.com> <CAJE_bqdJZuJG1SdMYwQQXn7xx8P_nH4HSVRUzwo584rf8W1ZSg@mail.gmail.com> <MW3PR11MB45700D359C86C45895F15608C1E20@MW3PR11MB4570.namprd11.prod.outlook.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <a3394edb-5605-267c-d8f7-24f15ce9c4da@gmail.com>
Date: Fri, 06 Mar 2020 11:32:30 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <MW3PR11MB45700D359C86C45895F15608C1E20@MW3PR11MB4570.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/nbAdEl4HwCeRRzXEWnzxVnBt_YQ>
Subject: Re: [spring] Suggest some text //RE: Request to close the LC and move forward//RE: WGLC - draft-ietf-spring-srv6-network-programming
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2020 22:32:40 -0000

> If we argue this behavior as not violating "extension headers cannot be removed from a packet until it has arrived at its ultimate destination"

That is not, perhaps unfortunately, what RFC 8200 says.

Regards
   Brian Carpenter

On 05-Mar-20 17:08, Ketan Talaulikar (ketant) wrote:
> Hi Jinmei,
> 
>  
> 
> Please check inline below.
> 
>  
> 
> -----Original Message-----
> From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of ????
> Sent: 05 March 2020 05:15
> To: Pablo Camarillo (pcamaril) <pcamaril=40cisco.com@dmarc.ietf.org>
> Cc: spring@ietf.org; 6man@ietf.org; Bob Hinden <bob.hinden@gmail.com>; Robert Raszuk <robert@raszuk.net>
> Subject: Re: [spring] Suggest some text //RE: Request to close the LC and move forward//RE: WGLC - draft-ietf-spring-srv6-network-programming
> 
>  
> 
> At Wed, 4 Mar 2020 12:17:07 +0000,
> 
> "Pablo Camarillo (pcamaril)" <pcamaril=40cisco.com@dmarc.ietf.org <mailto:pcamaril=40cisco.com@dmarc.ietf.org>> wrote:
> 
>  
> 
>> Inline PC1.
> 
>  
> 
> Thank you for the clarification.  I'm not sure why you included the expanded processing logic instead of just saying correct or incorrect
> 
> here:
> 
> */[KT] I believe Pablo might have done this as a hint on how to look at the processing logic of the PSP flavor in the conjunction with the SID behavior pseudocode./*
> 
>  
> 
>> PC1:
> 
>> 
> 
>> This is the exact processing at S2 combined End (4.1) with PSP (4.16.1):
> 
>  
> 
> ....but I interpret the entire response as my understanding is correct.
> 
>  
> 
> Then, going back to the message from Robert:
> 
>  
> 
>>>> "Extension headers cannot be added to a packet after it has left its
> 
>>>> source node and extension headers cannot be removed from a packet
> 
>>>> until it has arrived at its ultimate destination".
> 
>> 
> 
>>> PSP would be still not be violating anything said in this sentence.
> 
>>> Reason being is that we are dealing here with an *encapsulated*
> 
>>> packet which has as its ultimate destination SR node X. That SR node
> 
>>> X is to perform or not PSP. So it is still fully compliant with the specification.
> 
>  
> 
> This explanation is still cryptic to me, but based on the now-hopefully-correct understanding of the PSP behavior,
> 
> - We originally have (T, S1) (S3, S2, S1; SL=2) [payload=encapsulated
> 
> IPv6 pakcet]
> 
>   There are 3 nodes in the routing header.
> 
> - At the node identified by S2 (second node in the routing header), we
> 
>   remove the routing header, so we have (T, S3) [payload=encapsulated
> 
> IPv6 pakcet]
> 
> - Packet arrives at the node identified by S3, the payload is processed
> 
> */[KT] This is correct at a high level. The last line is about processing per the behaviour of the SID S3 – e.g. when it is End.DT6 it would be to decap, perform lookup in the VRF associated with the SID and then forward the inner IPv6 packet./*
> 
>  
> 
> If we argue this behavior as not violating "extension headers cannot be removed from a packet until it has arrived at its ultimate destination" because "segment left" is 0 at that point (and therefore
> 
> S2 is the "final destination"), that's a very innovative interpretation of the specification (not really surprisingly, given how "innovative" SRv6 people are:-).  In fact, with that kind of logic, we could write a specification which allows any intermediate node in a routing header decreases the segment left to 0 (regardless of the previous value of it) at its own discretion, and then claim it's the final (ultimate) destination and does whatever is allowed for the final destination node.
> 
> */[KT] This is definitely not the argument. Please check this link for the explanation of the logic : /*https://mailarchive.ietf.org/arch/msg/spring/kV6By4pnvbURdU1O7khwPbk_saM/
> 
>  
> 
> Overall, it seems so artificial, if not cheating, only for avoiding to be told that it violates RFC8200.  The PSP behavior essentially gives an intermediate ("penultimate") node in the routing header an option to remove the routing header from the packet.  I can't think of a reason why we can't just say so and say that it updates the corresponding part of RFC8200 accordingly, than for cheaply avoiding the discussions involved in updates to an existing standard.
> 
> */[KT] Nothing artificial and no cheating. Things are clear as indicated in the previous link. At least that is what the authors and (in my reading) a significant number of other Spring WG members are saying. Please also check the following:/*
> 
> https://mailarchive.ietf.org/arch/msg/spring/or8086G4iYfee5_Icw4PnhkPLBo/
> 
> https://mailarchive.ietf.org/arch/msg/spring/CmT-8nSZs8O8i9N9dD8gHd6uHAo/ */(and the links provided by Martin on his previous email on that same thread)/*
> 
>  
> 
> Now, I've noticed an argument whether or not this spec violates/updates RFC8200 isn't important.  In a sense I see the point:
> 
> what matters is to discuss the effect of the proposed behavior and make sure it doesn't cause unexpected problems; whether it updates the pre-exiting spec is a matter of formality in some sense.  But in this specific case, I still believe that's a bad move for two reasons:
> 
> */[KT] I see a significant amount of discussion on the WG to discuss and conclude that there are no technical problems. In that same spirit, let us also look at your “reasons”./*
> 
>  
> 
> 1. (seemingly) as a result of trying to insist it's standard
> 
>    compliant, the processing logic becomes unnecessarily cryptic.
> 
>    There's essentially no need to decrease 'segment left' and then
> 
>    check if it is 0.  A more explicit condition that it's the
> 
>    penultimate node is that 'segment left == 1' on receiving the
> 
>    packet; we can simply perform the special PSP behavior from there.
> 
>    If we're willing to say it updates RFC8200, we can simply say the
> 
>    penultimate node has an option to remove the routing header and
> 
>    show the more straightforward logic.
> 
> */[KT] There is no technical problem being stated here. The logic is not cryptic – please consider the hint from Pablo above i.e. to look at the processing as whole. If the pseudocode is complicated for you to consume, then please do refer to the recent text update that make things crystal clear : /*https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming-12#section-4.16.1*//*
> 
> */ /*
> 
>    SR Segment Endpoint Nodes receive the IPv6 packet with the
> 
>    Destination Address field of the IPv6 Header equal to its SID
> 
>    address.  A penultimate SR Segment Endpoint Node is one that, as part
> 
>    of the SID processing, copies the last SID from the SRH into the IPv6
> 
>    Destination Address and decrements Segments Left value from one to
> 
>    zero.
> 
>  
> 
>    The PSP operation only takes place at a penultimate SR Segment
> 
>    Endpoint Node and does not happen at any Transit Node.
> 
> */ /*
> 
> */And then/*
> 
> */ /*
> 
>    This behavior does not contravene Section 4 of [RFC8200] <https://tools.ietf.org/html/rfc8200#section-4> because the
> 
>    current destination address of the incoming packet is the address of
> 
>    the node executing the PSP behavior.
> 
> */ /*
> 
> */ /*
> 
>  
> 
> 2. I'm afraid this would establish an unfortunate precedent for future
> 
>    protocol development to look for a wording loophole in existing
> 
>    standards and exploit it as an easy shortcut to publish something
> 
>    possibly controversial.  Just as we saw, even a very carefully
> 
>   reviewed document like RFC8200 always has some glitches and
> 
>    ambiguities.  If we allow casually exploiting these loopholes for
> 
>    the convenience of new protocol designers, more and more people
> 
>    will follow and we'll eventually have very inconsistent protocols
> 
>    and, in worse cases, loss of interoperabaility and other harm.  On
> 
>    the other hand, we could use this opportunity for a good precedent
> 
>    to show no standard is set in stone and can be updated with new
> 
>    developments and proper discussions and justifications.
> 
>  
> 
> For this reason, I disagree with this text of
> 
> draft-ietf-spring-srv6-network-programming-12:
> 
>  
> 
>    This behavior does not contravene Section 4 of [RFC8200] because the
> 
>    current destination address of the incoming packet is the address of
> 
>    the node executing the PSP behavior.
> 
> */[KT] Again, this is not a technical point. It arises out of our disagreement on RFC8200 text./*
> 
>  
> 
> If I were to offer something in order to be hopefully more constructive, that would be something like this:
> 
>  
> 
> - Add a tag of "Updates RFC8200 (if approved)"
> 
> */[KT] There is no case for doing this. Again it is the same disagreement on RFC8200 text./*
> 
>  
> 
> - In Section 4.16.1, simply say something like: "A penultimate SR
> 
>   Segment Node MAY remove the SRH from the IPv6 packet it forwards,
> 
>   even if it is not the final (ultimate) destination in the path
> 
>   specified in the SRH". (I notice network-programming-12 is already
> 
>   pretty close to this)
> 
> */[KT] What is there in the draft already is a much better text IMHO./*
> 
>  
> 
> - Perhaps change the pseudo code as follows
> 
>   S11.1   If (Segments Left == 1) { /* meaning this is a penultimate node */
> 
>   S11.2      Update IPv6 DA with Segment List[0]
> 
>   S12.3.     Update the Next Header field in the preceding header to the
> 
>              Next Header value of the SRH
> 
>   S12.4.     Decrease the IPv6 header Payload Length by the Hdr Ext Len
> 
>              value of the SRH
> 
>   S12.5.     Remove the SRH from the IPv6 extension header chain
> 
>   S12.6.     Go to S15
> 
>   S12.7.  }
> 
> */[KT] Please look at the processing pseudocode for a SID behavior and the PSP (as well as other non-PSP) flavors as a whole. At the end, any implementer is free to code and implement the logic in their own way as long as the behaviour and result is consistent./*
> 
>  
> 
> - Clarify it's an update to RFC8200, e.g. as follows:
> 
>  
> 
>     This behavior formally updates Section 4 of [RFC8200], which does
> 
>     not allow deleting an extension header until the packet arrives at
> 
>     the destination.  While the literal text of RFC8200 could read as
> 
>     if the deletion were allowed for an intermediate node specified in
> 
>     a routing header, this document takes a safer and tighter
> 
>     interpretation as described in [the expected draft by Ron here]
> 
>     and updates it.
> 
> */[KT] I don’t need to repeat why not required …/*
> 
>  
> 
>     The update is believed to be sufficiently safe and worthwhile:
> 
>     [Justifications here: why we need PSP; explain it doesn't break
> 
>     PMTUD; add considerations on AH, etc]
> 
> */[KT] These are covered already. Can you please re-check /*https://tools.ietf.org/html/draft-ietf-spring-srv6-network-programming-12#section-4.16.1
> 
>  
> 
> Like Brian's proposed text, whether such an update is acceptable is a different question.  But it's at least a fair game to me.  I'd seriously consider the justifications, and, depending on its details, it's quite possible that it's something I can support.
> 
> */[KT] Thanks for your review and feedback. I can only hope to have been able to help clarify and look forward to your support./*
> 
> */ /*
> 
> */Thanks,/*
> 
> */Ketan/*
> 
>  
> 
> (Whether we really need such a hack as PSP may also be a question, as some others have questioned.  It seems cleaner to me if we could avoid the hack in the first place, but I guess I don't have enough knowledge to judge how badly it is needed and whether there's really no "cleaner" alternative, so I wouldn't comment on it here).
> 
>  
> 
> --
> 
> JINMEI, Tatuya
> 
>  
> 
> --------------------------------------------------------------------
> 
> IETF IPv6 working group mailing list
> 
> ipv6@ietf.org <mailto:ipv6@ietf.org>
> 
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> 
> --------------------------------------------------------------------
> 
> 
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email