IETF Logo Mail Archive

Re: [Teas] Thoughts about draft-nsdt-teas-ietf-network-slice-definition and isolation

Jeff Tantsura <jefftant.ietf@gmail.com> Mon, 09 November 2020 23:38 UTC

Return-Path: <jefftant.ietf@gmail.com>
X-Original-To: teas@ietfa.amsl.com
Delivered-To: teas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E40203A14F1; Mon, 9 Nov 2020 15:38:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 55-yIfCzLvRe; Mon, 9 Nov 2020 15:38:06 -0800 (PST)
Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3B203A15C9; Mon, 9 Nov 2020 15:37:54 -0800 (PST)
Received: by mail-pf1-x430.google.com with SMTP id e7so9652204pfn.12; Mon, 09 Nov 2020 15:37:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:message-id:in-reply-to:references:subject :mime-version; bh=1AHIioPG772uc09fsJn9MjN4aAF+vuSbXEG6D8DLjj8=; b=AWmj5B2MNphdSwPfJAeOr00kIxh+3TqOUsurRbQ2UMRw9vfCaQNVxTMziog7ashhMR DGG0wlUJoj5Kh6+a0jQxkwAi5bhzT5pNPKn67+co36M9U/UJSXamV0OsHMtGkYRQybNO R7nDbqEuGx2A65OFLsjW3MjF3fn7lvdQZRPFG4ZLK8LorCmE9ytJlU40er9h8JBdKjra 23DxwrFsfJ9FSQdORyWFO5l1+OH8myCDPsHHk88FZlcxCzcw5WGrbNaknSqv5iu8T7LP fH1J4URk29nKhz1cYjs4h5+vmsP2kOvBqDppeYQuXHw5oeFj4JAAnEY7PMVqaQ145UC0 nXCg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:message-id:in-reply-to :references:subject:mime-version; bh=1AHIioPG772uc09fsJn9MjN4aAF+vuSbXEG6D8DLjj8=; b=BaonX/0p5s84WW/n74bZioaew29nQaWnrL+GPP1EPQMLQe1CnqyLleilFiJD3wXOBv McuQnWCNhY8e/WgNnW+YpUc7IJdrVz1B40loOBjkyIUY5L7A81b5MKunD4kfKsujdEKb 46Q0hT6nGAvgGG+p5nA9sdMFmo9nxJJcIJQllPeSUMpVhGEMvxDCuiSAEw1N310c9fmc 352scYJPa/CoNwJWGDI6CSRhWnq4V5Pm0AV+KKUaBjAkac5W6RGinR2aDrB0h6joM712 6PMxfY8cR8uZYQDKek1v+Jor0fBWsE9YbWMvrlknI4ZUQQNwqMoK7D3WROmRXHbC6fiv JrrQ==
X-Gm-Message-State: AOAM531k71rdDbpb01hmRG32KYG5hRnEJ9x96byl0w2Ztdn9O+5O6qfN nbS77CdL+lW4p0EyR6JxoLo=
X-Google-Smtp-Source: ABdhPJy5xceGJr0oo91XtnawtCP4lf8oF65DFbIqxnnpQoPfdwYac4OdZBk42pyan/MvXST0OST9fA==
X-Received: by 2002:a62:63c6:0:b029:18a:8d05:5bdc with SMTP id x189-20020a6263c60000b029018a8d055bdcmr15557763pfb.37.1604965074241; Mon, 09 Nov 2020 15:37:54 -0800 (PST)
Received: from [192.168.1.7] (c-73-63-232-212.hsd1.ca.comcast.net. [73.63.232.212]) by smtp.gmail.com with ESMTPSA id m13sm592791pjr.30.2020.11.09.15.37.52 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 09 Nov 2020 15:37:53 -0800 (PST)
Date: Mon, 09 Nov 2020 15:37:45 -0800
From: Jeff Tantsura <jefftant.ietf@gmail.com>
To: adrian@olddog.co.uk, teas@ietf.org, Joel Halpern Direct <jmh.direct@joelhalpern.com>
Cc: draft-nsdt-teas-ietf-network-slice-definition@ietf.org
Message-ID: <a9d968ed-90af-4889-8cc8-bc57b76edbf3@Spark>
In-Reply-To: <62c127a5-9230-d105-04b7-4b061fdd43c1@joelhalpern.com>
References: <059e01d6b6ce$0f74a830$2e5df890$@olddog.co.uk> <9e8170c6-399b-e954-2abb-5e5f425f172a@joelhalpern.com> <13178999-9168-46fb-8455-36d4d5683a2e@Spark> <62c127a5-9230-d105-04b7-4b061fdd43c1@joelhalpern.com>
X-Readdle-Message-ID: a9d968ed-90af-4889-8cc8-bc57b76edbf3@Spark
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="5fa9d2cf_10233c99_6e9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/teas/WLkPLVANAnJA8gQfzA-CyQLdOzk>
Subject: Re: [Teas] Thoughts about draft-nsdt-teas-ietf-network-slice-definition and isolation
X-BeenThere: teas@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Traffic Engineering Architecture and Signaling working group discussion list <teas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas>, <mailto:teas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas/>
List-Post: <mailto:teas@ietf.org>
List-Help: <mailto:teas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas>, <mailto:teas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2020 23:38:09 -0000

Joel,

There’s no buying of any fibers, a slice is a service provided by a provider to a consumer. A fiber between point A and point B is a valid example of a slice, as much as an LSP, lambda, or any other technology.
We are talking about defintions (terminology) applicable.

Would the following definitions work for you?
dedicated infra (in any way or form) - for example some vendors allow you to have a dedicated NPU on router.
disjointed infra, where backup path is isolated (non fate sharing) from primary, e.g. SRLGs, common devices, etc

I don’t think mixing performance objectives with isolation is a great idea though,
an SLA doesn’t change because there’s someone else sharing infrastructure with you, it is well understood that any changes within other customers should not affect you.

Joel - my last objective in the world would be to have you to object the same draft again, please bear with us in preparing for the adoption.

Cheers,
Jeff
On Nov 9, 2020, 2:47 PM -0800, Joel Halpern Direct <jmh.direct@joelhalpern.com>, wrote:
> If your security policy requires dedicated fiber, buy dedicated fiber.
> If you are going through shared routers, shared roadMs, etc. then
> dedicating the fiber seems to me to completely miss the point.
>
> And none of the definitions I have seen for what "Isolation" could mean
> go to the requisite level of detail. If it means "the entire
> infrastructure must be dedicated", then I do not think it belongs in the
> IETF. If it means "dedicate something, please", then it is not an SLO.
>
> The definitions and framework draft are explicit that they are
> technology agnostic. So it is really hard to see how you can express
> any meaningful and useful isolation, assuming that there is such a thing.
>
> More importantly, I would want to see an actual definition of what is to
> be described if we are to include it.
>
> I am not asking that the placeholders be removed. There may be a
> definition that is useful. But what is there isn't it. Saying that
> there may be some as yet undefined SLO that relates to som as yet
> undefined meaning of Isolation does not cut it for me.
>
> And yes, I am getting tired of refighting the same discussion. We
> agreed on leaving placeholders in the document. I was hoping and
> expecting that we could get the result of that adopted. I do not like
> having to object to the same draft again.
>
> Yours,
> Joel
>
> On 11/9/2020 5:43 PM, Jeff Tantsura wrote:
> > Joel,
> >
> > Thanks for your comments.
> > I respectively disagree with you, if my security policies require use of
> > dedicated infrastructure (fiber is a common one), it is a valid service
> > objective.
> >
> > Cheers,
> > Jeff
> > On Nov 9, 2020, 1:45 PM -0800, Joel M. Halpern <jmh@joelhalpern.com>, wrote:
> > > Thank you Adrian. I mostly agree with what you say (retained below.)
> > >
> > > The only point where I disagree is that the proposed text fro 9.1 still
> > > keeps the notion that there may be an Isolation SLO.
> > > As far as I can tell, Isolation is a mechanism. It is one of many
> > > mechanisms that can be used to meet the SLOs. I have no idea what an
> > > Isolation SLO element would be, or why a customer would ask for it.
> > > So I would be inclined to go a step further and just get rid of 9.1.
> > >
> > > Yours,
> > > Joel
> > >
> > > On 11/9/2020 2:25 PM, Adrian Farrel wrote:
> > > > Hi,
> > > >
> > > > I'm not sure where the right place to discuss this document is. Since it
> > > > replaces the previous terminology document, and since that was
> > > > proposed for
> > > > adoption on the TEAS list, I think this is probably the right place (feel
> > > > free to redirect me).
> > > >
> > > > I'd like to focus this email just on Section 9 - the text on isolation. I
> > > > suspect that this is the largest remaining obstacle to WG adoption.
> > > >
> > > > Firstly, we have to recall that this is a terminology document, not a
> > > > broader architecture. Therefore we should aim to reduce the text to clear
> > > > and simple definitions: further text belongs in some other document
> > > > such as
> > > > the framework draft or a focus-specific document that describes some
> > > > facet
> > > > in detail. So I guess I agree with the Editor's statement at the top of
> > > > Section 9...
> > > > > Editor's note: This content is a work in progress. The section on
> > > > > isolation is too descriptive.
> > > >
> > > > A way to reduce this would be...
> > > >
> > > > == Section 9 ==
> > > >
> > > > OLD
> > > > An IETF Network Slice consumer may request, that the IETF Network
> > > > Slice delivered to them is isolated from any other network slices of
> > > > services delivered to any other customers. It is expected that the
> > > > changes to the other network slices of services do not have any
> > > > negative impact on the delivery of the IETF Network Slice. In a more
> > > > general sense, isolation can be classified in the following ways:
> > > >
> > > > Traffic Separation: Traffic of one network slice should not be
> > > > subjected to policies and forwarding rules of other network
> > > > slices.
> > > >
> > > > Interference Avoidance: Changes in other network slices should not
> > > > impact to the SLOs of the network slice. Here the changes in
> > > > other network slice may include the changes in connectivity,
> > > > traffic volume, traffic pattern, etc.
> > > >
> > > > Service Assurance: In case service degradation is unacceptable due
> > > > to unpredictable network situations producing service degradation
> > > > (e.g., major congestion events, etc.), explicit reservation of
> > > > resources in the network maybe requested for a reduces set IETF
> > > > network slices.
> > > > NEW
> > > > An IETF Network Slice consumer may request, that the IETF Network
> > > > Slice delivered to them is isolated from any other network slices of
> > > > services delivered to any other customers. It is expected that the
> > > > changes to the other network slices of services do not have any
> > > > negative impact on the delivery of the IETF Network Slice.
> > > > END
> > > >
> > > > In making this change I'd note that while these three principles are an
> > > > important part of the discussion of isolation they are out of context
> > > > here.
> > > > Traffic separation is a feature of how isolation may be achieved, but
> > > > it is
> > > > not something that a consumer can or should specifically ask for:
> > > > they have
> > > > no way of measuring it and, indeed, since they don't know the purpose of
> > > > policies and forwarding rules within an operator's network they shouldn't
> > > > ask for control over them. Interference avoidance is a fine goal for a
> > > > consumer to ask for, but you already have this captured in the preceding
> > > > paragraph. Service assurance seems to capture two things: that the
> > > > consumer
> > > > may wish for protection of their service in the event of network failure
> > > > (that's not really an isolation thing) and that a way to protect against
> > > > failure situations is to reserve resources (that's not necessarily an
> > > > isolation thing, and is certainly a question of realisation).
> > > >
> > > > == Section 9.1 ==
> > > >
> > > > I think that this section is a little over-stated. Maybe:
> > > > OLD
> > > > Isolation is an important requirement of IETF network slices for
> > > > services like critical services, emergencies, etc. A consumer may
> > > > express this request through the description of SLOs.
> > > > NEW
> > > > Isolation may be an important requirement of IETF network slices
> > > > for some critical services. A consumer may express this request as
> > > > an SLO.
> > > > END
> > > >
> > > > == Section 9.2 ==
> > > >
> > > > While I think there is value in having this section to note that
> > > > there is a
> > > > concept of isolation in the realisation of a network slice, I don't think
> > > > you should get into details with examples etc. If you want to talk
> > > > about how
> > > > realisation of network slices works, that should be in another document.
> > > >
> > > > Thus, I think you could drop the whole of the fist paragraph: it just
> > > > duplicates some of the ideas in the second paragraph which says it more
> > > > clearly.
> > > >
> > > > Furthermore, the final paragraph in the section seems to be all about
> > > > realisation. I think you should drop it partly because it is technically
> > > > suspect (an L3VPN does not achieve traffic separation in the network,
> > > > that
> > > > is exactly the point of an L3VPN), but mainly because it is a
> > > > discussion of
> > > > the details and technologies of realisation.
> > > >
> > > > == Section 9.3 ==
> > > >
> > > > I tend to think that there will be value in a full and careful
> > > > discussion of
> > > > how IETF network slices meet the requirements of 3GPP transport
> > > > slices, but
> > > > I don't think it should be in this document. Thus, I agree with the
> > > > editor's
> > > > note that the section should be removed. Maybe interested parties could
> > > > start a new document "Applicability of IETF Network Slices to 3GPP
> > > > Transport
> > > > Slices."
> > > >
> > > >
> > > > Thanks,
> > > > Adrian
> > > >
> > > > _______________________________________________
> > > > Teas mailing list
> > > > Teas@ietf.org
> > > > https://www.ietf.org/mailman/listinfo/teas
> > > >

v2.23.0 | Report a Bug | By Email