Re: [spring] A note on CRH and on going testing
Jeff Tantsura <jefftant.ietf@gmail.com> Fri, 20 September 2019 02:53 UTC
Return-Path: <jefftant.ietf@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0A121200C5 for <spring@ietfa.amsl.com>; Thu, 19 Sep 2019 19:53:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RIEPT7VvDxa4 for <spring@ietfa.amsl.com>; Thu, 19 Sep 2019 19:53:12 -0700 (PDT)
Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6AAC212003E for <spring@ietf.org>; Thu, 19 Sep 2019 19:53:12 -0700 (PDT)
Received: by mail-pl1-x635.google.com with SMTP id y10so1196463plp.2 for <spring@ietf.org>; Thu, 19 Sep 2019 19:53:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=dCg7Vnz1sIYkDVRxKHeDOxHCKnHIvJ86aEy5FqbcjME=; b=RskN573+x6DGO872K6KLUfv+XJTZ8KQSbgKwUYVszIfTM7PhzpSmA//N66P2wsSf89 vLm16cXUUTA48JKXBZlsVok5MpJQsxQ4lH6tEKjnkDkC0o5OB8SwfxM3MgXM75CZqnBS A9Jcnpl5UNoStSfN7ZJKntI89xzdv3ixXxtzeTaUOahhsvbUsCh//BJO0cMfFsUDL4qW VcYFDfEcEK26808P0oZgALpfhDRHpeJuzxNgqY+4+M2ybDU6qtEHi6aFCDImEb9KzDzi bCqLadhAOKpawJesr/7NCUMewOuTisM87AB3VbdK4mXVB5llT+YfD6mufYtj728oYP+K o8zA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=dCg7Vnz1sIYkDVRxKHeDOxHCKnHIvJ86aEy5FqbcjME=; b=Bzsz9EIcGCnt+L+LXttU+IFHhUDxVRVyBZxiIMbke7ZJGszi0JBfGrWUh0ClO2HlLQ sx3AzgXjKxatfQdMgeROq/Hvla+ePKUADNMD2AtkkyI7J37ZGt8zZcfQQ+Lg22wY9tWX YP4y5hRwTCV9dNioN1loj5AHkDTwMQ2EONghu6fW/bRGbP7PgCqidzamVH9mfVJs5VfK rQgS7DIMGdAcDFAE3LW3V/vFq/8o69yu6KljdHJh5ZnX01l1fhFJ0TS2LU3Pp4QSuh2Y 3yiDVowidlaBwxGTGwC6c9KC4jnflSlnymshCL8OTf+rq1BIrAvfppkZyLnLb5x7GC6D Kq3w==
X-Gm-Message-State: APjAAAXOlCUR/FrmnrLscm2hcWd4fBrLkRkZZai5EcCquzI0pXE1OK8d sH33HQNYnJ+GF7YsHSlJS6M=
X-Google-Smtp-Source: APXvYqwV7Bev/kIDGa2TDDJZTa5FX3RE7iDeSqGxKrgeYoZDaLFa1y7AGO/tDv/CG0+sVQmhNtjz1Q==
X-Received: by 2002:a17:902:b201:: with SMTP id t1mr14123040plr.144.1568947991964; Thu, 19 Sep 2019 19:53:11 -0700 (PDT)
Received: from [192.168.1.15] (c-73-189-13-44.hsd1.ca.comcast.net. [73.189.13.44]) by smtp.gmail.com with ESMTPSA id c8sm264628pgw.37.2019.09.19.19.53.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 19 Sep 2019 19:53:11 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-7F120C1D-E1F3-44AB-AC27-D3AA484B267E"
Mime-Version: 1.0 (1.0)
From: Jeff Tantsura <jefftant.ietf@gmail.com>
X-Mailer: iPhone Mail (16G102)
In-Reply-To: <C7C2E1C43D652C4E9E49FE7517C236CB026DDDBE@dggeml529-mbx.china.huawei.com>
Date: Thu, 19 Sep 2019 19:53:10 -0700
Cc: "Bernier, Daniel" <daniel.bernier@bell.ca>, SING Team <s.i.n.g.team.0810@gmail.com>, SPRING WG List <spring@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <FC493433-BCDD-4080-9400-61481E7ADEF8@gmail.com>
References: <1568906072231.1bkuswxveutxvlrzmmzkgs2g@android.mail.163.com> <20625BDC-2D90-4E35-96E3-2BC4B723C06E@bell.ca> <C7C2E1C43D652C4E9E49FE7517C236CB026DDDBE@dggeml529-mbx.china.huawei.com>
To: "Chengli (Cheng Li)" <chengli13@huawei.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/tbPsfAC2RUq7KtCLyHItDPpWYO0>
Subject: Re: [spring] A note on CRH and on going testing
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2019 02:53:17 -0000
There’s number of solutions on the market that extensively use BSID for multi-domain as well as multi-layer signaling. Regards, Jeff > On Sep 19, 2019, at 19:49, Chengli (Cheng Li) <chengli13@huawei.com> wrote: > > +1. > > As I mentioned before, Binding SID is not only for shortening SID list. > We should see the important part of binding SID in inter-domain routing, since it hides the details of intra-domain. Security and Privacy are always important. > > Since the EH insertion related text will be removed from SRv6 NP draft, I don’t think anyone will still say we don’t need binding SID. > Let’s be honest, Encap mode Binding SID is very useful in inter-domain routing. It is not secure to share internal info outside a trusted network domain. > > Cheng > > > From: spring [mailto:spring-bounces@ietf.org] On Behalf Of Bernier, Daniel > Sent: Thursday, September 19, 2019 11:36 PM > To: SING Team <s.i.n.g.team.0810@gmail.com> > Cc: 'SPRING WG List' <spring@ietf.org> > Subject: Re: [spring] A note on CRH and on going testing > > +1 > > This is what we did on our multi-cloud trials. > > Encap with Binding SID to avoid inter-domain mapping + I don’t need to have some sort of inter-domain alignment of PSSIs > > Dan > > On 2019-09-19, 11:18 AM, "spring on behalf of SING Team" <spring-bounces@ietf.org on behalf of s.i.n.g.team.0810@gmail.com> wrote: > > Hi Andrew, > > Good to hear that reality experiment :) > > But is it secure to share internal SID-IP mappings outside a trusted network domain? > > Or is there an analogue like Binding SID of SRv6, in SRv6+? > > Btw, PSSI and PPSI can not do that now, right? > > Best regards, > Moonlight Thoughts > > > (mail failure, try to cc to spring again.) > > On 09/19/2019 17:49, Andrew Alston wrote: > Hi Guys, > > I thought this may be of interest in light of discussions around deployments and running code - because one of the things we've been testing is inter-domain traffic steering with CRH on both our DPDK implementation and another implementation. > > So - the setup we used last night: > > 6 systems in a lab - one of which linked to the open internet. Call these S1 -> S6 > 3 systems in a lab on the other side of the world - no peering between the networks in question. Call these R1 -> R3 > > We applied a SID list on S1, that steered S1 -> S2 -> S3 -> S6 -> R1 -> R3, with the relevant mappings from the CRH SID's to the underlying addressing (S2 had a mapping for the SID for S3, S3 had a mapping for the SID corresponding to S6, S6 had a mapping for the SID corresponding to R1 etc) > > Then we sent some packets - and the test was entirely successful. > > What this effectively means is that if two providers agree to share the SID mappings - it is possible to steer across one network, out over an open path, and across a remote network. Obviously this relies on the fact that EH's aren't being dropped by intermediate providers, but this isn't something we're seeing. > > Combine this with the BGP signaling draft - and the SID's can then be signaled between the providers - work still going on with regards to this for testing purposes. Just as a note - there would be no requirement to share the full SID mapping or topologies when doing this with BGP - the requirement would be only to share the relevant SID's necessary for the steering. > > I can say from our side - with various other providers - this is something that we see *immense* use case for - for a whole host of reasons. > > Thanks > > Andrew > > > _______________________________________________ > spring mailing list > spring@ietf.org > https://www.ietf.org/mailman/listinfo/Spring > _______________________________________________ > spring mailing list > spring@ietf.org > https://www.ietf.org/mailman/listinfo/spring
- [spring] A note on CRH and on going testing Andrew Alston
- Re: [spring] A note on CRH and on going testing SING Team
- Re: [spring] A note on CRH and on going testing Bernier, Daniel
- Re: [spring] A note on CRH and on going testing Bernier, Daniel
- Re: [spring] A note on CRH and on going testing Chengli (Cheng Li)
- Re: [spring] A note on CRH and on going testing Jeff Tantsura
- Re: [spring] A note on CRH and on going testing Chengli (Cheng Li)
- Re: [spring] A note on CRH and on going testing Ron Bonica
- Re: [spring] A note on CRH and on going testing SING Team
- Re: [spring] A note on CRH and on going testing Ron Bonica
- Re: [spring] A note on CRH and on going testing Jeff Tantsura
- Re: [spring] A note on CRH and on going testing Ron Bonica
- Re: [spring] A note on CRH and on going testing Chengli (Cheng Li)
- Re: [spring] A note on CRH and on going testing Ron Bonica