IETF Logo Mail Archive

Re: [spring] Spirit and Letter of the Law (was: Question about SRv6 Insert function)

Robert Raszuk <robert@raszuk.net> Thu, 05 September 2019 18:01 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35C0D120A64 for <spring@ietfa.amsl.com>; Thu, 5 Sep 2019 11:01:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e5-WYWokF11M for <spring@ietfa.amsl.com>; Thu, 5 Sep 2019 11:01:00 -0700 (PDT)
Received: from mail-qk1-x72e.google.com (mail-qk1-x72e.google.com [IPv6:2607:f8b0:4864:20::72e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1CED120A25 for <spring@ietf.org>; Thu, 5 Sep 2019 11:00:59 -0700 (PDT)
Received: by mail-qk1-x72e.google.com with SMTP id u184so84115qkd.4 for <spring@ietf.org>; Thu, 05 Sep 2019 11:00:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Zvg60Asw4SYbR1B6sLjwABkPlDxUXD/T9+G0ApfrGk4=; b=Iyqbum1jgdFiPM/U2CB3nXpnjHqS24iK93gKOawoMHzpHthFToryeWomKB2KAz/c9d pOLfWMFYdwKJ98zvtRhCQk6fTMZZ4JX2Dk5nDu9Bxq4IW2JSsjzv7SZ+79WTv0LH9uzt 8SJtclDnIBmfnnh9a55VbkMMdBXFASAlwgWAy0OgYp6mY3JLISu+fZuWXYKPCW98+MTV 3I6bJ1oxigV+ZyfB3kl8Wgv5o64eOVjpw2em6KCxO3JYgfExyI7R3YtCdJ14ZfzyongY XV+XLAyX0yC06cOXM9ChhKrMYIgVkI7DHUGBgQag/EMEqOpAOdjOGyS/AEy3fWQbodxT yrGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Zvg60Asw4SYbR1B6sLjwABkPlDxUXD/T9+G0ApfrGk4=; b=JNbqtswymxLPnAJu94DTNloakn3KW/abad/gjSkXGtsd6u8xfdUIV/BUnz2JEjlkDd mq+xtmI/9jgy1QaaRDLDwgkJeMnIl32hFq1B3EQcpuvFn80xlhiHFuMD1HeFqeVU1D78 Bl5Qv0Jo7mNi/YpF7pRBEBd0ZmPQqDG1dQUfRLt0M3fAH0a68GY5Ol9vceaB1lUHl5M1 NPuDLTGlVyo4sgNlvkpldEXk6kicKCxXrlTPOwrUbjra0rEuiDrfA6RvSy2PXTwkD9AB 7cJbnhSgIHq53sp/uip+agXQkdhffjf2c+HYCSM/kJpBAPBpGdge2u2Mtt27L+n3m41K 3m7A==
X-Gm-Message-State: APjAAAUWzCy4DP3UyZLnyezhJ8qcNTkWkCnCNPPQZ41rK3LEic6ow0q4 b3qi4iN1FUZaz+OXHWRxoAIHA3Zm6peFVwJV4nFq+A==
X-Google-Smtp-Source: APXvYqxoX3YCSfM+oNmB8vmF1DiPlfcByTqTdZiMWEmKH2Dr6L5+HtozSSX+00rAwjSnbUBMZoGip+KZVhWjMDXA3Fs=
X-Received: by 2002:a37:8547:: with SMTP id h68mr4195015qkd.219.1567706458948; Thu, 05 Sep 2019 11:00:58 -0700 (PDT)
MIME-Version: 1.0
References: <BYAPR05MB54637FEAE1518F83977D274FAEB80@BYAPR05MB5463.namprd05.prod.outlook.com> <538732E2-915B-4952-A439-F4678FCC21B2@employees.org> <4c6b2456-db05-0771-5b98-bfd9f07b220b@si6networks.com> <34AB9F0F-614B-45C2-BD84-7DD53A1D5188@employees.org> <ea9557e5-9025-db78-8862-18454dd549c3@joelhalpern.com> <5200FFA0-E2F1-4491-8D06-0DC6BF87F77A@employees.org> <cdc190f4-315f-f716-951c-6d4ba1f4888d@si6networks.com> <CA+b+ERn6KMGCboERKOMeKAwM3y=1p=sc8j2LnEGYa7h5mz_xxw@mail.gmail.com> <BYAPR05MB5463F429E6AA307D0F313B9AAEBB0@BYAPR05MB5463.namprd05.prod.outlook.com>
In-Reply-To: <BYAPR05MB5463F429E6AA307D0F313B9AAEBB0@BYAPR05MB5463.namprd05.prod.outlook.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Thu, 05 Sep 2019 20:00:48 +0200
Message-ID: <CAOj+MMGH25AoQ6hvoKa4jVonPcauD6xY2pgwnZFtwvF559V+vQ@mail.gmail.com>
To: Ron Bonica <rbonica=40juniper.net@dmarc.ietf.org>
Cc: Robert Raszuk <rraszuk@gmail.com>, Fernando Gont <fgont@si6networks.com>, Suresh Krishnan <suresh.krishnan@gmail.com>, "6man@ietf.org" <6man@ietf.org>, Ole Troan <otroan@employees.org>, "spring@ietf.org" <spring@ietf.org>, "Joel M. Halpern" <jmh@joelhalpern.com>
Content-Type: multipart/alternative; boundary="00000000000099169d0591d21abc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/tnCsjoCWwFGkPu5i8w4TW5tN3CU>
Subject: Re: [spring] Spirit and Letter of the Law (was: Question about SRv6 Insert function)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Sep 2019 18:01:03 -0000

Hi Ron,

Nope that is not correct interpretation. Let me try to rephrase it ...


   - An IPv6 path contains a source node, a destination node, and transit
   nodes
   - Transit nodes belong to network operators which move the packets
   - When packet enters operator's network it can be encapsulated and new
   src, dst and any other elements added to its header - original packet
   becomes just the payload
   - Then new packet (and payload) is send within given domain via transit
   nodes.
   - Some transit nodes just do basic IPv6 forwarding, some may see
   themselves in the dst field of the packet imposed by ingress node.
   - If this is the case (when packet is received by segment endpoint)
   packets are processed as defined by SRv6 rules.
   - According to RFC 8200, segment endpoints can insert, change, or delete
   extension headers. However, transit nodes that are not segment nodes cannot
   insert, change or delete extension headers

Now that is more like what I highlighted few times already ...

Best,
R.



On Thu, Sep 5, 2019 at 7:52 PM Ron Bonica <rbonica=
40juniper.net@dmarc.ietf.org> wrote:

> Robert,
>
>
>
> I think that I can summarize what you are saying as follows:
>
>
>
>    - An IPv6 path contains a source node, a destination node, and transit
>    nodes
>    - Some transit nodes are also segment endpoints. Segment endpoints are
>    identified by either of the following:
>       - The initial value of the IPv6 address
>       - An entry in the segment list of the Routing header
>    - According to RFC 8200, segment endpoints can insert, change, or
>    delete extension headers. However, transit nodes that are not segment
>    headers cannot insert, change or delete extension headers
>
>
>
> Have I read your email, below, correctly? Is this what you are actually
> saying?
>
>
>
>                                                                   Ron
>
>
>
> *From:* spring <spring-bounces@ietf.org> *On Behalf Of *Robert Raszuk
> *Sent:* Thursday, September 5, 2019 10:28 AM
> *To:* Fernando Gont <fgont@si6networks.com>
> *Cc:* Suresh Krishnan <suresh.krishnan@gmail.com>; 6man@ietf.org; Ole
> Troan <otroan@employees.org>; Joel M. Halpern <jmh@joelhalpern.com>;
> spring@ietf.org
> *Subject:* Re: [spring] Spirit and Letter of the Law (was: Question about
> SRv6 Insert function)
>
>
>
>
>
> 3) Now there's at least one I-D in spring that ignores RFC8200, and
> proposes EH-insertion as if it was allowed, essentially circumventing
> RFC8200, and IETF consensus.
>
>
>
> Incorrect. RFC8200 makes it black on white clear that insertion, deletion
> and mangling is allowed in IPv6 if destination is yourself in the packet's
> IPv6 outer header.
>
>
>
> So functions to insert SRH or delete it discussed in SPRING DO NOT violate
> anything.
>
>
>
> Remember - in SRv6 you *change* IPv6 dst at each end of segment. So each
> SR segment node can legally  do whatever it needs with EH.
>
>
>
> Is this clear enough?
>
>
>
> - - -
>
>
>
> There is other individual document in 6man proposing a solution for FRR in
> IPv6 which goes beyond the above. But it in no way that should impact base
> specs. As written base specs can be used 100% legally according to RFC8200
> as it stands today..
>
>
>
> Now if 6man response to proposl of SRv6 use case for FRR with TI-LFA will
> state "IPv6 was not designed for that" - I am fine. It will make IPv6
> deployments for sure much more robust. It may even help end to end
> principle shine again and get all of your end IPv6 compute and set-top
> boxes full open to global hackers.
>
>
>
> Thx,
>
> R.
>
>
>
> Juniper Business Use Only
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
>

v2.23.0 | Report a Bug | By Email