IETF Logo Mail Archive

Re: [Tsv-art] ECMP [Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06]

Ole Troan <otroan@employees.org> Thu, 06 December 2018 11:42 UTC

Return-Path: <otroan@employees.org>
X-Original-To: tsv-art@ietfa.amsl.com
Delivered-To: tsv-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0036130E05; Thu, 6 Dec 2018 03:42:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xxpUxa1B1Npt; Thu, 6 Dec 2018 03:42:33 -0800 (PST)
Received: from bugle.employees.org (accordion.employees.org [198.137.202.74]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46920130E98; Thu, 6 Dec 2018 03:42:30 -0800 (PST)
Received: from astfgl.hanazo.no (77.16.73.20.tmi.telenormobil.no [77.16.73.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bugle.employees.org (Postfix) with ESMTPSA id 63653FECC051; Thu, 6 Dec 2018 11:42:29 +0000 (UTC)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by astfgl.hanazo.no (Postfix) with ESMTP id 342AAAB4ECD; Thu, 6 Dec 2018 12:42:24 +0100 (CET)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.1 \(3445.101.1\))
From: Ole Troan <otroan@employees.org>
In-Reply-To: <99f0a622-b1f8-cc8a-dcba-a608c37eeb0c@gmail.com>
Date: Thu, 06 Dec 2018 12:42:23 +0100
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, Gert Doering <gert@space.net>, tsv-art <tsv-art@ietf.org>, OPSEC <opsec@ietf.org>, IETF-Discussion Discussion <ietf@ietf.org>, draft-ietf-opsec-ipv6-eh-filtering.all@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <B6EF08AB-AAB1-42EF-B876-629B3DEC13DD@employees.org>
References: <CAL9jLaYHVdHr+rVoWeNtXTXgLxbTaX8V9gn3424tvsLW60Kvow@mail.gmail.com> <5E70C208-0B31-4333-BB8C-4D45E678E878@isc.org> <CAN-Dau0go6_Puf0A9e7KBpk0ApJBUvcxYtezxnwNc-8pKJ3PwQ@mail.gmail.com> <4D69FA8E-FB8A-4A16-9CA6-690D8AE33C9E@strayalpha.com> <20181205122142.GJ1543@Space.Net> <F17C4944-09EC-4AAC-84A0-B660E36AAE89@strayalpha.com> <20181205133821.GL1543@Space.Net> <B6280E0C-6B20-43C1-BB34-170FB06F1EF7@strayalpha.com> <20181205135723.GN1543@Space.Net> <54C715AE-8931-4FA9-AA01-2311EB0055F0@employees.org> <20181205164558.GQ1543@Space.Net> <CCFEFC5B-53AE-4079-B64A-A72A71274FAD@employees.org> <cda0e10e-a56d-4598-dcd4-eabeeac52fb0@gmail.com> <a1b478a7-4396-3d9e-0282-c8c66250526c@gmail.com> <99f0a622-b1f8-cc8a-dcba-a608c37eeb0c@gmail.com>
To: Stewart Bryant <stewart.bryant@gmail.com>
X-Mailer: Apple Mail (2.3445.101.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsv-art/9FeNQrwn2Q9-5R049s7CxBjJiBY>
Subject: Re: [Tsv-art] ECMP [Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06]
X-BeenThere: tsv-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Review Team <tsv-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsv-art/>
List-Post: <mailto:tsv-art@ietf.org>
List-Help: <mailto:tsv-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Dec 2018 11:42:35 -0000

Stewart,

>>> If it has to look at any it has a much more complex set of tests, or a
>>> large vector table  given the way the EH space is fragmented.
>> Frankly doing it without a network processor seems wrong. You can't expect
>> an ASIC or FPGA based device to handle the EH structures.
> Something that has served the IETF well over the years is not to constrain the forwarding
> implementation, and I think we would be wise to continue in that mould. Also we need
> to remember that an NP is an application specific processor, and thus has various
> hardware assists.
> 
> No one talks about the internals of an NP, and I am not current on any vendor's design,
> but it is reasonable to suggest that in addition to the s/w parser there might
> be a h/w parser that does the heavy lifting, i.e. if IPv6 packet of expected type, dec
> TTL and do what the TCAM say picking this ECMP option else parse it the hard way.
> 
> Then there is something that we do not talk at all about in such designs: electrical power.
> There is no question that it takes more power to s/w parse a packet, and sooner of later
> the power burn of the Internet is going to come under scrutiny, and we will be asked
> to reduce its carbon footprint.

So you are arguing that we need to define ULPs that are easy for routers to parse?
At arbitrary depth? Because why would the buck stop at the UDP header when transport has moved one layer up?

As opposed to the 6man argument which is that IPv6 is explicitly designed to only require routers to need to process the first 40 bytes (with the one exception hook).
And the design of EHs is specifically done to make it hard to parse for intermediate devices…

Is that really the Internet we want? Of course it will be countered with encryption, but I foresee a raft of problems if the IETF as a whole would redefine the “formal Internet architecture”.

Cheers,
Ole

v2.23.0 | Report a Bug | By Email