Re: [spring] to drop or to forward unlabeled (Re: Question on RFC8660)
Alexander Vainshtein <Alexander.Vainshtein@rbbn.com> Wed, 09 September 2020 09:00 UTC
Return-Path: <alexander.vainshtein@rbbn.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65BCE3A111D for <spring@ietfa.amsl.com>; Wed, 9 Sep 2020 02:00:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.576
X-Spam-Level:
X-Spam-Status: No, score=-1.576 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, PDS_BTC_ID=0.499, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, T_FILL_THIS_FORM_SHORT=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rbbn.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nvY5vDL3dGhI for <spring@ietfa.amsl.com>; Wed, 9 Sep 2020 02:00:20 -0700 (PDT)
Received: from us-smtp-delivery-181.mimecast.com (us-smtp-delivery-181.mimecast.com [63.128.21.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CCFBF3A1114 for <spring@ietf.org>; Wed, 9 Sep 2020 02:00:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rbbn.com; s=mimecast20180816; t=1599642018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type; bh=2oj5ojkXdMOb1ie3Ryj7OqcuK63M+5u3fpZVx5PVxWc=; b=e6uL0OXjtDepODT8Mn8u7ae0iMpukciV1SBRl91gbKADqna4bK8/vGZsgvaWEUccC3zjy9 a1tHiNB6M0YZQq1I8/fMvx7/k2mUmldtXa0pRzmxAAJ9JEgsULmm2tMeFYp6/Kd64z8uUt mmvqTF+om3xWImfwhKgtlBfvR5r/tlY=
Received: from AZWPVEXEdge02.ecitele.com (13.81.42.245 [13.81.42.245]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-396-pc7BuqLVOEiDaz4rUt7itA-1; Wed, 09 Sep 2020 05:00:16 -0400
X-MC-Unique: pc7BuqLVOEiDaz4rUt7itA-1
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (40.114.150.83) by AZWPVEXEdge02.ecitele.com (10.0.2.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.595.3; Wed, 9 Sep 2020 12:00:15 +0300
Received: from AM0PR03MB4499.eurprd03.prod.outlook.com (2603:10a6:208:c4::33) by AM0PR03MB4372.eurprd03.prod.outlook.com (2603:10a6:208:cd::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.16; Wed, 9 Sep 2020 09:00:14 +0000
Received: from AM0PR03MB4499.eurprd03.prod.outlook.com ([fe80::8920:3fbc:c06a:49a1]) by AM0PR03MB4499.eurprd03.prod.outlook.com ([fe80::8920:3fbc:c06a:49a1%6]) with mapi id 15.20.3348.019; Wed, 9 Sep 2020 09:00:14 +0000
From: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>
To: Jeff Tantsura <jefftant.ietf@gmail.com>, "bruno.decraene@orange.com" <bruno.decraene@orange.com>, Martin Horneffer <maho@lab.dtag.de>
CC: "spring@ietf.org" <spring@ietf.org>
Thread-Topic: [spring] to drop or to forward unlabeled (Re: Question on RFC8660)
Thread-Index: AdaGh574ZRtkkER8Q7OodnlC7H17UQ==
Date: Wed, 09 Sep 2020 09:00:14 +0000
Message-ID: <AM0PR03MB4499774DE387FC1729EF57189D260@AM0PR03MB4499.eurprd03.prod.outlook.com>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [79.182.9.212]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: da2abf32-6845-48b3-31e9-08d8549ec3fe
x-ms-traffictypediagnostic: AM0PR03MB4372:
x-microsoft-antispam-prvs: <AM0PR03MB43722136E8B16951FE77A58F9D260@AM0PR03MB4372.eurprd03.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: k5SZAq3eIh3fC7k0OyPnzvCgXsgvg4G5zA4Fs1ZdXRpd/WNcwz1cfgMMDLKgd7FagAN8wRqyyGeqYqIZXOcttYgVhjZukurqINZdradL6d47kNjtzFyaAsjlpai5u1ePkggjFgd4ipNM78440TA65VW7H6o77qd7ajV/DE6+pxaC6arFPRdg2WXvwWGW+Yb8qZkpoM1wd66h8CC9JByOMjU9AeVVyB5BffLJF0GJLn+J/1IZjmuzmx3cQRWXaWayzSzb+08vHO6WqomxCuX6UhFWmb2jxbo700ZeoccEM/aoCvdc+P7b7o9MKIQE7EZKeneQ/JrM2JYNCPvoEHyJiTAm7Dpvts+SQ5NIPhj5xSKSrhKNqNEZS5P7lTQToFVpXHhKBSzTKulyJJCxW0lYeA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR03MB4499.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(39860400002)(346002)(376002)(396003)(366004)(5660300002)(76116006)(66476007)(66556008)(66446008)(7696005)(2906002)(64756008)(55016002)(71200400001)(53546011)(52536014)(6506007)(86362001)(9686003)(4326008)(966005)(26005)(33656002)(186003)(66574015)(8936002)(66946007)(478600001)(110136005)(83380400001)(8676002)(316002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: /F+6siL41AlI4t7ll6s0xCGDJyWJquoFPea7bsBBvETKY4rP7bUZeQKJseGcy2kadVReOykjHdarTMLeZmFoxFxBMAnhNEvzQAW8SXpePy3sO1Oj/mFh/oFYxPwFSDbjLSlGYfL5DLF8udSNK61SsVmK8buQZ3KPyVK+nR35eCJlR8QVnDrWS+RvLgDvoeZytuX2e54mQb5GZfWE19ABkKazNqf+HQ7ycHhrL1+Zz3NKoYnm+2W/uyv1wDzQOLw36YpCcuIBQcvmSY8f13ZPfK26mZBq+KUcALFJ5EnCRwCmSe99QHAG8EkC/Ltp2EERHP7JA8Mj2uQuNE/pPub1syYkADXGe9c8OiMvuaW7qQA8/3By8ZeUBWPI9R6xnNeSV9oZSeR9MwoKF3687d+TkNVhHjBRT38/Fp2VsSgbCXFaISSn7F+YZSikvtKkSaaZg6/NYgBixsjdiWY0HVg9aQ11mZvlfKO4+TLDUuSDmzTpW2RrTWBSdIQ5Q2jDasnls9JreeqjhAlVihUMOyLa6aAnGG+h/LVHNxOx81vX+8/J+jaTevgzC9M9PY0w4C+m94VhC1NFHUyx/PY/+6+hnVOVPi+eiNz4lhXTJpF28cHgNLqyPU2zJ+P1A5jLky+Ci9GFE0/3y4VIo9prc+vtgw==
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR03MB4499.eurprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: da2abf32-6845-48b3-31e9-08d8549ec3fe
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Sep 2020 09:00:14.1967 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2c514a61-08de-4519-b4c0-921fef62c42a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dWwG0zU0AStFK6Q3pkMq5CPR5ikgWMLjkrBWm1p7nmOT9QNXLzKWyHBroUipzvrjWx498L7XAq2Atobfx2jIwA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR03MB4372
X-CFilter-Loop: Reflected
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA81A106 smtp.mailfrom=alexander.vainshtein@rbbn.com
X-Mimecast-Spam-Score: 1.002999
X-Mimecast-Originator: rbbn.com
Content-Type: multipart/alternative; boundary="MCBoundary=_12009090500170961"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/uttWzrpKRKgfBOW-3_gVVTR79nw>
Subject: Re: [spring] to drop or to forward unlabeled (Re: Question on RFC8660)
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Sep 2020 09:00:22 -0000
Jeff, Bruno, Martin and all, I definitely concur with Jeff: Drop should be the default MUST-to-implement behavior. What's more, it looks to me as the only possible behavior if the problematic label is not BoS. And even if popping of the problematic BoS label is allowed by local configuration, some mechanism for identifying the resulting packet as IPv4 or IPv6 (or neither - I am aware of at least one vendor who has implemented native L2 transport directly over LSPs without "service labels" years ago), should be used. My 2c, Sasha Office: +972-39266302 Cell: +972-549266302 Email: Alexander.Vainshtein@ecitele.com -----Original Message----- From: spring <spring-bounces@ietf.org> On Behalf Of Jeff Tantsura Sent: Wednesday, September 9, 2020 11:38 AM To: bruno.decraene@orange.com Cc: spring@ietf.org; Martin Horneffer <maho@lab.dtag.de> Subject: Re: [spring] to drop or to forward unlabelled (Re: Question on RFC8660) I’m with Bruno here, and the spec is quite clear on the behavior expected (implementors, please speak up). Given variability and interdependencies in use cases, I’d say, drop should be (and de-jure it is) the default behavior, and if someone wants their vendor of choice to implement a knob to change that - they are free to do so (local behavior) as long as consequences are well understood (rope is short). Cheers, Jeff > On Sep 4, 2020, at 17:49, bruno.decraene@orange.com wrote: > > Hi Martin, > >> From: spring [mailto:spring-bounces@ietf.org] On Behalf Of Martin >> Horneffer >> >> Hello everyone, >> >> may I come back the the question below? Or rather let me update it a little: >> >> In case an SR-MPLS path is broken, should a node rather drop the >> packet, or forward it? >> >> This can happen whenever the IGP points to a certain next hop, but >> that neither supplies a valid SID, nor allows LDP-stitching for >> whatever reason. For PUSH as well as for CONTINUE. > > Speaking as an individual contributor, my reading of RFC 8660 (SR-MPLS) is that the packet is dropped ("Otherwise, drop the packet"). > https://clicktime.symantec.com/3Ac6NfmLToD6pwruqraPjMn6H2?u=https%3A%2 > F%2Fwww.rfc-editor.org%2Frfc%2Frfc8660.html%23name-forwarding-for-push > -and-con > > However that could be seen as a local behavior, hence possibly configurable. > > As a network operator, > - I understand your use case. > - I equally understand the use case of someone preferring/requiring the packet to be dropped, e.g. in the VPN case where the isolation is the main requirement. > > Best regards, > --Bruno > > >> We have been using MPLS transport and a BGP free core since about two >> decades now, using LDP. In the analog case, LDP creates "unlabelled" >> entries in the LFIB, does the equivalent of a POP operation and >> forwards the packet to the next-hop as chosen by the IGP. >> >> This behavior obviously breaks any traffic that relies on a service >> label, but it can protect some traffic. >> In our case a huge percentage of all traffic still is public IPv4. >> This needs MPLS only for a transport label, be it LDP or SR-MPLS. If >> this traffic gets forwarded unlabelled, it follows an IGP default >> route to a central device, where it is 1) redirected to the correct >> destination and >> 2) counted in a way that operators can quickly see whether and where >> this kind of failure occurs at some point in the network. >> >> After more operational experience and several internal discussions we >> agreed that we want packets to be forwarded unlabelled rather than >> dropped. Anyone to share, or oppose this position? >> >> Best regards, Martin >> >> >>> Am 31.01.20 um 16:50 schrieb Martin Horneffer: >>> Hello everyone, >>> >>> again it seems the interesting questions only show up when applying >>> something to the live network... >>> >>> We ran into something that poses a question related to RFC8660: What >>> is the exact meaning of section 2.10.1, "Forwarding for PUSH and >>> CONTINUE of Global SIDs", when the chosen neighbor doesn't provide a >>> valid MPLS path? >>> >>> The relevant sections reads: >>> >>> - Else, if there are other usable next hops, use them to forward >>> the incoming packet. The method by which the router "R0" >>> decides on the possibility of using other next hops is beyond >>> the scope of this document. For example, the MCC on "R0" may >>> chose the send an IPv4 packet without pushing any label to >>> another next hop. >>> >>> Does the part "send an IPv4 packet without pushing any label" apply >>> to PUSH and CONTINUE, or just to PUSH? >>> Does R0 have to validate that neighbor N can correctly process to >>> packet? Or can it forward the packet regardless? >>> >>> The reason for asking is that we are now seeing issues similar to >>> ones we had when starting with LDP based MPLS about two decades ago: >>> traffic being black holed even though a path to the destination >>> exists, because the MPLS path is interrupted somewhere in the middle. >>> >>> With LDP we know the case of LFIBentries called "unlabelled". While >>> this does break connectivity for many kinds of service, e.g. those >>> relying on an additional service labels, it still works for plain >>> IP(v4) traffic. In our cases, this works perfectly fine for all >>> internal routing and control traffic. And even for IPv4 traffic that >>> gets collected by a central router that injects a default route. >>> >>> However, depending on the exact interpretation of the above >>> paragraph, an implementor might feel obliged to chose the next paragraph: >>> >>> - Otherwise, drop the packet. >>> >>> Which is, at least in our case, very unfortunate... >>> >>> Any advice or opinion appreciated! >>> >>> >>> Best regards, Martin >>> >>> >>> >>> >>> _______________________________________________ >>> spring mailing list >>> spring@ietf.org >>> https://clicktime.symantec.com/3Upp6EVdxhZf2uCjs3V6nAi6H2?u=https%3A >>> %2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fspring >> >> _______________________________________________ >> spring mailing list >> spring@ietf.org >> https://clicktime.symantec.com/3Upp6EVdxhZf2uCjs3V6nAi6H2?u=https%3A% >> 2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fspring > > ______________________________________________________________________ > ___________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc pas etre diffuses, > exploites ou copies sans autorisation. Si vous avez recu ce message > par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or > privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > > _______________________________________________ > spring mailing list > spring@ietf.org > https://clicktime.symantec.com/3Upp6EVdxhZf2uCjs3V6nAi6H2?u=https%3A%2 > F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fspring _______________________________________________ spring mailing list spring@ietf.org https://clicktime.symantec.com/3Upp6EVdxhZf2uCjs3V6nAi6H2?u=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fspring ----------------------------------------------------------------------------------------------------------------------- Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments. -----------------------------------------------------------------------------------------------------------------------
- Re: [spring] to drop or to forward unlabeled (Re:… Alexander Vainshtein