Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11

Tony Przygienda <tonysietf@gmail.com> Tue, 26 March 2024 16:36 UTC

Return-Path: <tonysietf@gmail.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9859DC14CEFC for <spring@ietfa.amsl.com>; Tue, 26 Mar 2024 09:36:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id norjtHB2r-HU for <spring@ietfa.amsl.com>; Tue, 26 Mar 2024 09:36:34 -0700 (PDT)
Received: from mail-vs1-xe2c.google.com (mail-vs1-xe2c.google.com [IPv6:2607:f8b0:4864:20::e2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9D89C14F6F6 for <spring@ietf.org>; Tue, 26 Mar 2024 09:36:34 -0700 (PDT)
Received: by mail-vs1-xe2c.google.com with SMTP id ada2fe7eead31-4765cffb446so2511488137.0 for <spring@ietf.org>; Tue, 26 Mar 2024 09:36:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1711470993; x=1712075793; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=ELz71bKFpBEVtVih1/MnQfr6hw/r89GCiL55kCgLk+M=; b=Z5SpegRlI5W1MN6vQ0rSSslas4zB/+F3Uem5tpQeoz+leb7xTk0Yqf8fo3pBX3unGh DgNGRLUYRkZO9faoKQ+4PTjzlP/uMzDec5UaWBodCX9BoHVd/KuFhus2moqB5xmTqMRN d/uL42ijcbv354ghM0yyBQr3qvyahcvVl/Wj86MtjD7mzr7akQPGmJ3XIoEBTQw4HAoE nIbpyy1r89D+OEIsrFqXhA1o7UlXXzJ+MPGO2Wu+KOeXBmWaEwpbYKmdkr3gU4z8GItC 7APHy0cUQ93HWyH+PwJH6xSuZP/7bnWeiH8eGfEbMGlkw9HR1IUBfiDkvwLgmyNSOMgx 737w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711470993; x=1712075793; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ELz71bKFpBEVtVih1/MnQfr6hw/r89GCiL55kCgLk+M=; b=M6BMbVE80nG5TkY7R9ITcq117DR9rwy92t6gOR/VRJjpYqsEUNWZqGY7hNiSDh2PUc sGqrIDZNh2PlTz+CoShRIyTNQddBDeJnydQzjpxHuaStDs7jje+U0i5Q2RaIO8ePhM5R SyhGEc1ji229/V5RoOjQ3ViIGje2ux2plmTtOvrrL2Tf39oeirvM3P0HiZoR/o53r2cl w3SChSVGDrtmfkVVPt/brZhPZXvaQcgvIylw0xx/AaLAbCRDY2CHZEgMP4AuAgc5gxdJ +Y7VDHEehR08poVyYzx6do2X+KNwLnlcrUOUhqh5q1XaModLJk5opSD2HTxdy8NnGAu2 tmAQ==
X-Forwarded-Encrypted: i=1; AJvYcCXzf6dLeIX7IXxHe5GbFD4gBhgDS26PZKq6eXBOUNcvv8L4FEobDYgDcj20v6iq2EmQX1vADX0H6WFH1GqZ3bg=
X-Gm-Message-State: AOJu0YydHoMqx9qbF9HKD2rQ/R319+gsiT9i1dFApq33Nk1xonp1JzHu fIgpPKUrLPUEG577oZtorCw+mPxvQxaLljtZc2T0A+fiE2FM/v1oAJOu1PfPjZbUxT40cmRNWGG w4awkhTddd0JSfFqp/ungupOJ9DA=
X-Google-Smtp-Source: AGHT+IED163DUfdUy7Riz85sYu6WmMyOWvzrmpkX7OYEe2Z38MGR+gx4fxgplaNKJLPVgj9F7szbCG3v63C80+BgQHc=
X-Received: by 2002:a05:6102:24ba:b0:478:303b:45e3 with SMTP id s26-20020a05610224ba00b00478303b45e3mr1429022vse.6.1711470992670; Tue, 26 Mar 2024 09:36:32 -0700 (PDT)
MIME-Version: 1.0
References: <CAMMESsw=PihfkO3nECiBnCALfCC=vTRn6c1_OYPK-jT5=yHFZA@mail.gmail.com> <DU2PR03MB802141D381DD2C716442D01DFA362@DU2PR03MB8021.eurprd03.prod.outlook.com> <CAOj+MMGWkyLqfk-PM8rTCyEpMLQDvujO3P6O=NxGQunB5GBxdA@mail.gmail.com> <DU2PR03MB8021817EDB0676FCDFC0FF3CFA362@DU2PR03MB8021.eurprd03.prod.outlook.com> <CAOj+MMEPZ4O1sTEUm4u-v72MwcptejNWLfcBvFJA98-2qDzzfg@mail.gmail.com> <DU2PR03MB8021CFB963C174317CF604E2FA362@DU2PR03MB8021.eurprd03.prod.outlook.com> <CAOj+MMFDrRq9igN16Dy0LXR=QiopdmHJbTd0SRT=_XdVGgjt+g@mail.gmail.com> <DU2PR03MB80213CDDFC54A4A9C456D654FA362@DU2PR03MB8021.eurprd03.prod.outlook.com> <CAOj+MMGyoo3afahjqfqK50E0NQRN6C-HyZ8HMaK7ZEegRhacsg@mail.gmail.com> <DU2PR03MB8021359DEE67FF457F914384FA362@DU2PR03MB8021.eurprd03.prod.outlook.com> <CAOj+MMHhKVBg2LDqDqZRzAiLLRfCcwv_3g2Jpmud1aLsF2hL_Q@mail.gmail.com> <CALx6S35FDPDMinDYxTL9Bj8bmjzx5q-JGWMTJObCn=uyVVfrZA@mail.gmail.com> <CAOj+MMH95uErZXS7+02KQrguL6S96EzyP1qdf7sXAGtuCjMtxw@mail.gmail.com> <5e644c97-c316-4618-97ec-cb8ec8c097bd@joelhalpern.com> <CAMMESswrX3E3y8EbRmJ2rrE08aF6_vBP9GjuLYtnfJo48fAwCA@mail.gmail.com> <CALx6S36poDF5t1CjSDsjBoC4jKgKhyA3OqhmZ=UJ-L4D075g=g@mail.gmail.com> <CAMMESszTSki9ct+B+spuX=JOo33Uecv=AFwLmVcQw_cdkBu0Tw@mail.gmail.com> <CALx6S36VW9R+vfsM4Q9mxbVCRg1JBdw8kJF+chpnnLneNF36RQ@mail.gmail.com>
In-Reply-To: <CALx6S36VW9R+vfsM4Q9mxbVCRg1JBdw8kJF+chpnnLneNF36RQ@mail.gmail.com>
From: Tony Przygienda <tonysietf@gmail.com>
Date: Tue, 26 Mar 2024 17:35:56 +0100
Message-ID: <CA+wi2hP4g_xtWfjodOnJLLaAopKFnKbWHgOS3yeXNbLKNgy-PQ@mail.gmail.com>
To: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org>
Cc: Alvaro Retana <aretana.ietf@gmail.com>, Ron Bonica <rbonica@juniper.net>, "spring@ietf.org" <spring@ietf.org>, Andrew Alston - IETF <andrew-ietf@liquid.tech>, Robert Raszuk <robert@raszuk.net>
Content-Type: multipart/alternative; boundary="0000000000008fcc06061492e438"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/yG-GEkinckXBfI7zKCb8P8Vqf58>
Subject: Re: [spring] Chair Review of draft-ietf-spring-srv6-srh-compression-11
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Mar 2024 16:36:38 -0000

which has been said many times since the effort started by people who have
been around many architectures in networking space and lived the dreams of
violating/bending standards, shortcutting layers and other "clever"
solutions justified by exigency, limited-use-only or whatever other
figleaves could be conjured while the reality at the end always asserted
itself, either by economics or operational impact.

I for myself  have by now largely given up figuring out _what_ SRv6 is
supposed to be, it's NAT but not NAT, it's a tunnel but not a tunnel, it's
IPv6 but it's not, it's limited domain but not really. As in being limited
domain now it generates BoFs about inter-AS interoperability as was utterly
predictable.

The real, big ticket impact will be security given that it seems to able to
masquerade as IPv6 with suggested properties that will make it
indistinguishable from faulty hardware, possible attacks, whatever ... And
hence needs at minimum a fail-safe trusted domain per default for customers
unless they specifically decide to configure it as open on specific easily
dispatchable property or otherwise feel daring and try to untangle the
implications of it running as IPv6 masquerade. Ether type or
MUST-include-SRH-on-each packet seem architecturally and economically
simplest and safest solutions.

But I guess the argument has been made during last internet area already
and with each of those it-is-it-is-not tortured threads appearing now is
being validated.

-- tony

On Mon, Mar 25, 2024 at 8:40 PM Tom Herbert <tom=
40herbertland.com@dmarc.ietf.org> wrote:

> On Mon, Mar 25, 2024 at 12:31 PM Alvaro Retana <aretana.ietf@gmail.com>
> wrote:
> >
> > Tom:
> >
> > Hi!
> >
> > I understand your point.
> >
> > I put the option out there because it came up at last week’s spring
> meeting and it should be discussed.
>
> Alvaro,
>
> This seems to come back to the fundamental question: is SRv6 still
> IPv6 or is it a new protocol. If it's IPv6 then it should adhere to
> all the requirements and expectations of IPv6, if it's a new protocol
> that is going to diverge from the standard IPv6 then maybe it needs
> its own EtherType and standards development path.
>
> Tom
>
>
> >
> > Thanks!
> >
> > Alvaro.
> >
> >
> > On March 25, 2024 at 2:58:48 PM, Tom Herbert (tom@herbertland.com)
> wrote:
> >
> > On Mon, Mar 25, 2024 at 11:17 AM Alvaro Retana <aretana.ietf@gmail.com>
> wrote:
> > >
> > > FWIW, I agree with most of what Joel wrote. ;-)
> > >
> > > I see another path forward: Given that the issue is constrained to an
> SR domain, the draft could also point out the issues as
> operational/deployment considerations. Operators can then make an informed
> decision on whether they want to/can use C-SIDs without an SRH in their
> network. This path forward (or leaving it out of scope, as Joel suggests
> below) is something the spring WG can reach consensus on by itself (i.e.,
> without needing to consult or agree with other WGs).
> >
> > Alvaro,.
> >
> > This wouldn't be robust and would seem to violate the "be conservative
> > in what you send clause". Punting this to the operators doesn't seem
> > practical either, in an even moderately large network they wouldn't be
> > able to know all the potential problems they might hit in devices.
> > They're about one misconfiguration away from having to debug a rather
> > unpleasant problem. For instance, if operator gets a packet trace from
> > a router they would see a whole bunch of packets with bad checksums,
> > but they would have no way of knowing if these were cases of segment
> > routing or actually corrupted packets.
> >
> > Tom
>
> _______________________________________________
> spring mailing list
> spring@ietf.org
> https://www.ietf.org/mailman/listinfo/spring
>