[Teas] RtgDir Early review of draft-ietf-teas-5g-ns-ip-mpls-02
Alvaro Retana <aretana.ietf@gmail.com> Mon, 08 January 2024 18:55 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: teas@ietfa.amsl.com
Delivered-To: teas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E55BC18DB97; Mon, 8 Jan 2024 10:55:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l3emQtI_FhZj; Mon, 8 Jan 2024 10:55:26 -0800 (PST)
Received: from mail-pj1-x1034.google.com (mail-pj1-x1034.google.com [IPv6:2607:f8b0:4864:20::1034]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1D02C1519AA; Mon, 8 Jan 2024 10:55:22 -0800 (PST)
Received: by mail-pj1-x1034.google.com with SMTP id 98e67ed59e1d1-28cba988d6bso948247a91.2; Mon, 08 Jan 2024 10:55:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1704740122; x=1705344922; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date :mime-version:from:from:to:cc:subject:date:message-id:reply-to; bh=GOai4m0C84rXDmjDaSpubBR+oZGB8S5HfSx69aWScYA=; b=lW71Jldhxom+LfZHR6u+n3BGpGfpS3qulVJ6WvcYQYneWCjXHIY1fsXX22vjsb7HwK MHHVM6Dr834NoDtoDc7GjUI/KCuFtYyO2v4mhOjfsLP/7ivsfK9e4Wzf/XwbMBRY5PNJ e7ozMt0fKACcbvGQBIKBHXiPhZ3yxblKLlWI9RN+uEvlNfYYOUJwkWjOkXDSnphEkZ3T JdCGgq8CuklTGT9PzZpIF89V55VQoCChzHU1evwSvkSJJXmyiLPJJ+rxKdk5+UokRF5Q JvdHNA6J3YAxIoFXLmEN7X10QQ78tw+UBy5kZunBzaMx9uM5L3K5RJ/3lblF76x9TQmy qvzQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704740122; x=1705344922; h=content-transfer-encoding:cc:to:subject:message-id:date :mime-version:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=GOai4m0C84rXDmjDaSpubBR+oZGB8S5HfSx69aWScYA=; b=KxPdBtA2DL2KGZj9Ur9PH5q+9VNGRwQBX+UKvwf279C+IfkWbA8oFmgLz0rvqqnBtC 9KoYIT+sw/OlK68W7/EJdL2fioagy+HBEUmPb6LW6tlopLViudjwU9V/tD91UlGuZNft 1iduf/zBdR+/9orZfMDRUMPEw0x3uFXV/QC040/QMBaUKrIMmsU+u4ii0hY5iSJeg9mX 15J5bj3tyu97b3d4rQJ48kP1Sm7rfhQfcBYHZHiCzkhQ2OeXzbZEwzK+70xkghvSELn8 P9PwIy+3J5gxCIjfwAmgYtjJZ/OZ+cOOvhSgu51ab3EDsOFWjHriiJxP25TkgEqzmAEF TTJg==
X-Gm-Message-State: AOJu0YzwhL2H9cj/qfIDYFTnEuGYjUIZV3YPeL9IJM+hBese9J+rQZrP ZoX4lLa7udWNVhMifVgCGkGqVuMABigbzTfcR1tMxZbxIwI=
X-Google-Smtp-Source: AGHT+IGFeS2WVig5gXQFxZ6r7rySqsiAhbkoqgs2qW6hpQJViAz2b5GUfyHMuJcat76XEw+HD281vhOrYBbQU1EMNzU=
X-Received: by 2002:a17:90a:f995:b0:28d:4ede:5708 with SMTP id cq21-20020a17090af99500b0028d4ede5708mr1016072pjb.47.1704740121365; Mon, 08 Jan 2024 10:55:21 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Mon, 8 Jan 2024 10:55:20 -0800
From: Alvaro Retana <aretana.ietf@gmail.com>
MIME-Version: 1.0
Date: Mon, 08 Jan 2024 10:55:20 -0800
Message-ID: <CAMMESszzurKNY8GpCHnfjU3yTPoJkiTj74pOmB0_DgVB8cc8aA@mail.gmail.com>
To: teas-chairs@ietf.org, draft-ietf-teas-5g-ns-ip-mpls@ietf.org
Cc: "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "teas@ietf.org" <teas@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/teas/Pw7yQvwEYNv3-4wh6LCy85I2K64>
Subject: [Teas] RtgDir Early review of draft-ietf-teas-5g-ns-ip-mpls-02
X-BeenThere: teas@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Traffic Engineering Architecture and Signaling working group discussion list <teas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas>, <mailto:teas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas/>
List-Post: <mailto:teas@ietf.org>
List-Help: <mailto:teas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas>, <mailto:teas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jan 2024 18:55:28 -0000
Hi! I have been selected to do a routing directorate "early" review of this draft. https://datatracker.ietf.org/doc/draft-ietf-teas-5g-ns-ip-mpls/ The routing directorate will, on request from the working group chair, perform an "early" review of a draft before it is submitted to the IESG for publication. The early review can be performed at any time during the draft's lifetime as a working group document. The purpose of the early review depends on the stage that the document has reached. The review focuses on providing a new perspective on the work, intending to catch any issues early on in the document's life cycle. For more information about the Routing Directorate, please see https://wiki.ietf.org/group/rtg/RtgDir . Alvaro. Document: draft-ietf-teas-5g-ns-ip-mpls-02 Reviewer: Alvaro Retana Review Date: Jan. 8, 2024 Intended Status: Informational Summary: This document needs more work before being submitted to the IESG. Comments: >From the abstract: This document describes a basic RFC XXXX Network Slice realization model in IP/MPLS networks with a focus on the Transport Network fulfilling 5G slicing connectivity requirements. This realization model reuses many building blocks currently commonly used in service provider networks. Based on this objective, I expected the document to explain how to realize RFC XXXX Network Slices in IP/MPLS networks. To be up-front about my expectations. RFC XXXX Network Slices represent new technology/functionality introduced in the TN. It is clear that operational and management considerations exist -- I usually turn to rfc5706 (Guidelines for Considering Operations and Management of New Protocols and Protocol Extensions) as a guide. Some of the information is covered in this document and some is not. Of course, my expectations may not match the WG's. Note that I built my expectations despite this text from RFC XXXX indicating that realizing IETF Network Slides is not possible yet: 7.5. Network Slicing and Aggregation in IP/MPLS Networks ... Many approaches are currently being worked on to support IETF Network Slices in IP and MPLS networks with or without the use of Segment Routing. Most of these approaches utilize a way of marking packets so that network nodes can apply specific routing and forwarding behaviors to packets that belong to different IETF Network Slices. Different mechanisms for marking packets have been proposed (including using MPLS labels and Segment Routing segment IDs) and those mechanisms are agnostic to the path control technology used within the underlay network. ... At this stage, it is inappropriate to cite any of these proposed solutions that are currently work in progress and not yet adopted as IETF work. Maybe draft-ietf-teas-ietf-network-slices needs to be updated (even if it's already in the RFC Editor's Queue) to reflect the current state better and perhaps point to this draft. OTOH, this document leaves several important pieces for the realization out of scope. I wonder if some of these are the "proposed solutions" mentioned in RFC XXXX. For example: - "How a Network Slice Service request is placed for realization" (Section 1) - "implications of any change of S-NSSAI on the addressing plans" (Section 4.2) - "how to realize or orchestrate transport planes" (Section 6) - "mechanism...to inform the NSC which DC-pairs are of interest" (Section 7.1) Also, some technology that can be used for the realization is listed as Informative references and examples. Besides the fact that the required technology for the realization should be Normative, their use as examples is not followed by proper guidance to help operators make good decisions for their environment. In fact, the text and the possible realization are full of phrases like "could be", "would be", or "may be" -- a total of over 20 occurrences. Note that only one mention of a "mandatory (function) in the architecture described in this document" is present in the whole document (Section 5.2.1.2. Outbound Edge Resource Control) -- making everything else optional and requiring some guidance. Speaking of terms only mentioned once, "tunnel group" is only used in the first paragraph of Section 6 to introduce "transport planes". Is this indirection necessary? Also, what is the difference between tunnel groups/transport planes and an NRP? Even if it is evident to you, it would help readers if it was clarified. Security Considerations I-D.ietf-teas-ietf-network-slices points to specific issues that need to be addressed in actual implementations or deployments: Conformance to security constraints IETF NSC authentication Specific isolation criteria Data Confidentiality and Integrity of an IETF Network Slice ...but none of these are addressed here. The document reads: Security considerations specific to each of the technologies and protocols listed in the document are discussed in the specification documents of each of these protocols. The existing documentation doesn't always address slicing-specific aspects that may come up. Quoting from I-D.ietf-teas-ietf-network-slices: IETF Network Slices might use underlying virtualized networking. All types of virtual networking require special consideration to be given to the separation of traffic between distinct virtual networks, as well as some amount of protection from effects of traffic use of underlay network (and other) resources from other virtual networks sharing those resources. For example, if a service requires a specific upper bound on latency, then that service could be degraded with added delay caused by the processing of packets from another service or application that shares the same network resources. Thus, without careful planning or traffic policing, it may be possible to attack an IETF Network Slice Service simply by increasing the traffic on another service in the network. The realization requires understanding the potential risks/mitigations that are slice-specific. This document mentions that resources can be shared between slices and even suggests a mechanism that can result in per S-NSSAI monitoring. These issues need to be highlighted in this section. Note that some references are wrong (rfc8754 specifies the SRH; the reference to SRv6 should be rfc8986), and others are missing: I didn't see a reference to where a "5G Network Slice" is defined, and there's no reference for "RSVP-TE or SR-TE LSPs". Are there references for 1r2c/2r3c? I don't believe this document can be used as a guide to realize RFC XXXX Network Slides in IP/MPLS networks because there is missing information. The 5G-related background information is excellent., even if it is too much at times. Given that RFC XXXX provides a "general framework", the technology and recommendations in this document (even if focused on "fulfilling 5G slicing connectivity requirements") should also be generally valid. As other realization documents may be developed, it might be an excellent way to reuse resources if this document could also be used as a general reference. IOW, I imagine there would not be a significant difference (generalizing/taking out 5G-specific things like the 5QI) between what is discussed here and "general" slices using the same technology.
- [Teas] RtgDir Early review of draft-ietf-teas-5g-… Alvaro Retana
- Re: [Teas] RtgDir Early review of draft-ietf-teas… Krzysztof Szarkowicz