IETF Logo Mail Archive

Re: [Tsv-art] ECMP [Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06]

Stewart Bryant <stewart.bryant@gmail.com> Thu, 06 December 2018 13:36 UTC

Return-Path: <stewart.bryant@gmail.com>
X-Original-To: tsv-art@ietfa.amsl.com
Delivered-To: tsv-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3ED41277D2; Thu, 6 Dec 2018 05:36:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yOfb1L_Dr6-D; Thu, 6 Dec 2018 05:36:08 -0800 (PST)
Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com [IPv6:2a00:1450:4864:20::331]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32C0D126CC7; Thu, 6 Dec 2018 05:36:08 -0800 (PST)
Received: by mail-wm1-x331.google.com with SMTP id c126so1067204wmh.0; Thu, 06 Dec 2018 05:36:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=jBdRFRwUiyJcptaE9gUN580D0C9ECU1NekEqw2HsXvE=; b=Te6I31lXc6yw4gwSnUM01ctihLG1T5oKzq591HtRo7dmN2VbP7i+ZnagU9qsukcEZT wEow7RZFwz9FjaIPEEJ3lsZ9XXFo2UmR6jusqTVb0Eiw+2yOTjvCOZpWFomPwCQDqvt7 YNaCeatxnrS4VNuvzvPwMYk6pNk9VOrV1hZ8Jlq1YWIOU8P3AB5ROf9lq9OuvhXVIfh1 QirLLaOvv+AcpX6lDbEbhNLSBckF4l0VrPc8W9H+6Q1RNRLmNjBUXRSe8fsAGi5N35T7 dRxXwdoO577K36JkrQSBWR7FnGpdWW/SLcl+hHz5WcVjGiQSBPGNekXlZ8jN/iYyTH3n R27g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=jBdRFRwUiyJcptaE9gUN580D0C9ECU1NekEqw2HsXvE=; b=FvkkXey7e1lvl7UIUjFE0bKrCE2N3MjSAdWr0uQ+j1xCM35aGid20uQz6udxu6D7UI LQZVNOoS9IIO14hKuscmnM9J9cYWp6B2tqTDAOFYfiNhr3AfPWDJCtZn3PG7oyd2KUlu LpWiXvzmk+nZ8yc0MMiKzeRJrMOZZT7Ag0IwCOM5dXjmf4JewJnWnjBkbVNn7CzLUN2/ AjDyy5x1xSx3SR7QXoKENEdlSd11xW8EmJbYbWAsZWzpE9D0EMKkovvIfS6oKltH8mLj tVmHNbc+bMPWdmvBC54sOjTEPfNtIczILLIktg4HDl0zxLQP2WqoN8q5Pk4aLX3SxrBd t28A==
X-Gm-Message-State: AA+aEWaq9794g6jG2TcHfwkBIOIHho8WkiGSZNALIUlxntcvwT6AL3qf +9UtELagw9Hyms/W/qjccg561u7Ot6Y=
X-Google-Smtp-Source: AFSGD/VCGtkHcxV/c0Syisam1EM6npwENl5TC1R4CMIAbrwcVgBMtaL59NrGZ6IYyTaba8xsAU23MA==
X-Received: by 2002:a1c:2b45:: with SMTP id r66mr19048943wmr.7.1544103366102; Thu, 06 Dec 2018 05:36:06 -0800 (PST)
Received: from [192.168.2.198] (host213-123-124-182.in-addr.btopenworld.com. [213.123.124.182]) by smtp.gmail.com with ESMTPSA id z12sm594438wrh.35.2018.12.06.05.36.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Dec 2018 05:36:04 -0800 (PST)
To: Ole Troan <otroan@employees.org>
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>, Gert Doering <gert@space.net>, tsv-art <tsv-art@ietf.org>, OPSEC <opsec@ietf.org>, IETF-Discussion Discussion <ietf@ietf.org>, draft-ietf-opsec-ipv6-eh-filtering.all@ietf.org
References: <CAL9jLaYHVdHr+rVoWeNtXTXgLxbTaX8V9gn3424tvsLW60Kvow@mail.gmail.com> <5E70C208-0B31-4333-BB8C-4D45E678E878@isc.org> <CAN-Dau0go6_Puf0A9e7KBpk0ApJBUvcxYtezxnwNc-8pKJ3PwQ@mail.gmail.com> <4D69FA8E-FB8A-4A16-9CA6-690D8AE33C9E@strayalpha.com> <20181205122142.GJ1543@Space.Net> <F17C4944-09EC-4AAC-84A0-B660E36AAE89@strayalpha.com> <20181205133821.GL1543@Space.Net> <B6280E0C-6B20-43C1-BB34-170FB06F1EF7@strayalpha.com> <20181205135723.GN1543@Space.Net> <54C715AE-8931-4FA9-AA01-2311EB0055F0@employees.org> <20181205164558.GQ1543@Space.Net> <CCFEFC5B-53AE-4079-B64A-A72A71274FAD@employees.org> <cda0e10e-a56d-4598-dcd4-eabeeac52fb0@gmail.com> <a1b478a7-4396-3d9e-0282-c8c66250526c@gmail.com> <99f0a622-b1f8-cc8a-dcba-a608c37eeb0c@gmail.com> <B6EF08AB-AAB1-42EF-B876-629B3DEC13DD@employees.org>
From: Stewart Bryant <stewart.bryant@gmail.com>
Message-ID: <bd3d77b4-3d8d-18a1-72bd-ef15b04d72fb@gmail.com>
Date: Thu, 06 Dec 2018 13:36:03 +0000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <B6EF08AB-AAB1-42EF-B876-629B3DEC13DD@employees.org>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsv-art/k-Xu8VLsT3lrYlWFw95vXn7lw3I>
Subject: Re: [Tsv-art] ECMP [Tsvart last call review of draft-ietf-opsec-ipv6-eh-filtering-06]
X-BeenThere: tsv-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Review Team <tsv-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsv-art/>
List-Post: <mailto:tsv-art@ietf.org>
List-Help: <mailto:tsv-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Dec 2018 13:36:11 -0000


On 06/12/2018 11:42, Ole Troan wrote:
> Stewart,
>
>>>> If it has to look at any it has a much more complex set of tests, or a
>>>> large vector table  given the way the EH space is fragmented.
>>> Frankly doing it without a network processor seems wrong. You can't expect
>>> an ASIC or FPGA based device to handle the EH structures.
>> Something that has served the IETF well over the years is not to constrain the forwarding
>> implementation, and I think we would be wise to continue in that mould. Also we need
>> to remember that an NP is an application specific processor, and thus has various
>> hardware assists.
>>
>> No one talks about the internals of an NP, and I am not current on any vendor's design,
>> but it is reasonable to suggest that in addition to the s/w parser there might
>> be a h/w parser that does the heavy lifting, i.e. if IPv6 packet of expected type, dec
>> TTL and do what the TCAM say picking this ECMP option else parse it the hard way.
>>
>> Then there is something that we do not talk at all about in such designs: electrical power.
>> There is no question that it takes more power to s/w parse a packet, and sooner of later
>> the power burn of the Internet is going to come under scrutiny, and we will be asked
>> to reduce its carbon footprint.
> So you are arguing that we need to define ULPs that are easy for routers to parse?
I don't see how you would conclude that from the above. What is needed 
is that whatever the parser needs to parse needs to be easy and cheap to 
parse.

> At arbitrary depth? Because why would the buck stop at the UDP header when transport has moved one layer up?
What is the status of the flow label in practice? As I said earlier in 
the thread, I know the five tuple is trusted for ECMP, but I hear very 
little discussion of the flow label being a trusted source of entropy to 
feed the ECMP selector.

> As opposed to the 6man argument which is that IPv6 is explicitly designed to only require routers to need to process the first 40 bytes (with the one exception hook).
> And the design of EHs is specifically done to make it hard to parse for intermediate devices…
That seems a fundamentally bad idea. Why would you go out of your way to 
make something difficult when you never know what path future protocol 
development will take you?

> Is that really the Internet we want? Of course it will be countered with encryption, but I foresee a raft of problems if the IETF as a whole would redefine the “formal Internet architecture”.
I think I have been describing the Internet architecture as it exists 
today regardless of the what the RFCs say.

- Stewart

> Cheers,
> Ole

v2.23.0 | Report a Bug | By Email