[tsvwg] ECN tunnel update to UDP Guidelines (was: David Black's WGLC review of draft-ietf-tsvwg-rfc6040update-shim-08)
Bob Briscoe <ietf@bobbriscoe.net> Tue, 21 May 2019 09:39 UTC
Return-Path: <ietf@bobbriscoe.net>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43A5D120045 for <tsvwg@ietfa.amsl.com>; Tue, 21 May 2019 02:39:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bobbriscoe.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9moXPkAUfrnI for <tsvwg@ietfa.amsl.com>; Tue, 21 May 2019 02:39:55 -0700 (PDT)
Received: from server.dnsblock1.com (server.dnsblock1.com [85.13.236.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2309120048 for <tsvwg@ietf.org>; Tue, 21 May 2019 02:39:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bobbriscoe.net; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date: Message-ID:From:References:To:Subject:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=izAysVnFKfJTiyHbmLjDeAGT3Pi3xwrq5V1gw2uSraI=; b=1PB37Ygd5myXEQPh5kRK96AB+ oaCYYgfbtorTEwRKQZKbY0/1VddRqF02Wnnbfv8DPKeolOrhPPI5kI3EeK58062mRWNINt5JXhlDp QKU86B/lBVJ6zlIYNSVJhaQjR867VvDpJ1OdnvVZ2IcfKX4YsX2KF6ECOAOlbVjrlBza5PUx5MwN7 pf7/ye2EsZ3Re6bDqhTq9DOFkZKVeCItBXE7lgEP20JGds2NqzgqJpM5AqAGGmomEsAyDtQy2QIkl ZKhB+vsxdNDuEo/OtHcZCgx/Wgye85ernNZ0eBCsTF1FX0GqzVqOCzdvI/v5BSGzpNcz5dZk3Ahwc n4J6jy1rg==;
Received: from [31.185.135.221] (port=35624 helo=[192.168.0.5]) by server.dnsblock1.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91) (envelope-from <ietf@bobbriscoe.net>) id 1hT1FP-0006Uo-Ci; Tue, 21 May 2019 10:39:51 +0100
To: "Black, David" <David.Black@dell.com>, "tsvwg@ietf.org" <tsvwg@ietf.org>, "EGGERT, Lars" <lars@netapp.com>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, Greg Shepherd <gjshep@gmail.com>
References: <CE03DB3D7B45C245BCA0D243277949363055BC3F@MX307CL04.corp.emc.com> <CE03DB3D7B45C245BCA0D243277949363055BDDC@MX307CL04.corp.emc.com> <8ddc9156-7da9-8cb0-3d1c-1122cd7fbb34@bobbriscoe.net> <CE03DB3D7B45C245BCA0D24327794936305726B8@MX307CL04.corp.emc.com>
From: Bob Briscoe <ietf@bobbriscoe.net>
Message-ID: <e528316f-c402-b12e-252c-1376848a8d88@bobbriscoe.net>
Date: Tue, 21 May 2019 10:39:50 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <CE03DB3D7B45C245BCA0D24327794936305726B8@MX307CL04.corp.emc.com>
Content-Type: multipart/alternative; boundary="------------44FC735D5FE6EE48D2EDFF3D"
Content-Language: en-GB
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server.dnsblock1.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bobbriscoe.net
X-Get-Message-Sender-Via: server.dnsblock1.com: authenticated_id: in@bobbriscoe.net
X-Authenticated-Sender: server.dnsblock1.com: in@bobbriscoe.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/VZ_lZGrmyrif0Z1WT3ScUSOwOJY>
Subject: [tsvwg] ECN tunnel update to UDP Guidelines (was: David Black's WGLC review of draft-ietf-tsvwg-rfc6040update-shim-08)
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 09:39:58 -0000
David,
[I've added the UDP Guidelines authors to the distr. and digested the
relevant parts of this otherwise long thread at the end for them.]
On 20/05/2019 15:52, Black, David wrote:
> 1.
>
>
> 2. RFC 8085 on UDP Guidelines is a BCP, and should be updated
> directly for that reason (vs. indirectly via an update of RFC
> 6040). No other RFC that cites RFC 6040 would be affected, unless
> it’s also a BCP.
>
I've searched through RFC8085 and I do not think detailed discussion of
this update to RFC6040 would be appropriate for the following reasons.
Nonetheless, a pointer from RFC8085 to flag the tunnel configuration
updates in this shim RFC could be appropriate.
UDP tunnels are a small part of RFC8085, tucked away at the bottom of
Section 3.1 about congestion control; in Section 3.1.11 "UDP Tunnels"
<https://tools.ietf.org/html/rfc8085#section-3.1.11>. Most of 3.1.11 is
about congestion control, then there's a list of brief bullets with
other considerations for UDP tunnels. There is no place where UDP tunnel
management is mentioned, whether by config or auto-controlled set-up.
For your convenience, I've repeated the ECN bullet and the sentence that
opens the list below:
Designing a tunneling mechanism requires significantly more expertise
than needed for many other UDP applications, because tunnels are
usually intended to be transparent to the endpoints transmitting over
them, so they need to correctly emulate the behavior of an IP link
[INT-TUNNELS <https://tools.ietf.org/html/rfc8085#ref-INT-TUNNELS>], for example:
o Requirements for tunnels that carry or encapsulate using ECN code
points [RFC6040 <https://tools.ietf.org/html/rfc6040>].
o ...
I propose to update that by replacing the bullet as follows:
o Requirements for how tunnel endpoints propagate any ECN field
within the UDP header to and from the outer IP header [RFC6040
<https://tools.ietf.org/html/rfc6040>]. This includes the
requirement for a tunnel ingress to zero the outer ECN field unless
it is known that the tunnel egress implements ECN logic [RFCXXXX].
{RFCXXXX refers to the present document so it will need to be
inserted by the RFC Editor}
I've changed the existing bullet, because it is itself incorrect. It
makes the common mistake of implying UDP tunnels can choose whether to
use ECN codepoints. They can't. The UDP encapsulation will itself always
be encapsulated by an IP header, which always "uses ECN codepoints"
whether the tunnel designer likes it or not. That is the nub of the
problem that this update to RFC6040 attempts to solve.
More specifically, in the shim draft I will remove the UDP paragraph
from the opening text in section 5, and instead create a sub-section of
5.1 for UDP tunnels, alongside all the other specific RFC updates. I'll
also add RFC8085 to the updates header. Then in that new section I'll
paste the UDP paragraph, but with the end altered as follows:
Section 3.1.11
<https://tools.ietf.org/html/draft-ietf-tsvwg-rfc6040update-shim-08#section-3.1.11>
of the UDP usage guidelines [RFC8085
<https://tools.ietf.org/html/rfc8085>] includes the following brief
guidance about how a tunnel that encapsulated packets with a UDP/IP
header handles the ECN field:
" o Requirements for tunnels that carry or encapsulate using ECN
code points [RFC6040]."
The following text replaces that bullet as an update to RFC 8085:
"<the replacement bullet text I've already proposed above>"
Bob
> Thanks, --David
>
>
> On 09/05/2019 02:08, Black, David wrote:
>
>
>> **
>>> *From:* Black, David
>>> *Sent:* Wednesday, May 8, 2019 8:50 PM
>>> *To:* tsvwg@ietf.org
>>> *Subject:* David Black's WGLC review of
>>> draft-ietf-tsvwg-rfc6040update-shim-08
>>>
>>> On 17/05/2019 23:54, Bob Briscoe wrote:
>>
>
[snip]
>
>> [D] Section 5
>>
>> Section 3.1.11 of the UDP usage guidelines [RFC8085] already explains
>>
>> that a tunnel that encapsulates an IP header directly within a UDP/IP
>>
>> datagram needs to follow RFC 6040 when propagating the ECN field
>>
>> between inner and outer IP headers. The requirements in Section 4
>>
>> update RFC 6040 so, by reference, they automatically update RFC 8085
>>
>> to add the important but previously unstated requirement that, if the
>>
>> UDP tunnel egress does not, or might not, support ECN propagation, a
>>
>> legacy UDP tunnel ingress has to clear the outer IP ECN field to
>>
>> 0b00, e.g. by configuration.
>>
>>
>> [DB] That's too clever/subtle - this draft should explicitly update
>> RFC 8085.
> [BB] Not happy about this. Followed to its logical conclusion, as well
> as updating RFC6040, this draft would then need to update every RFC
> that already normatively references RFC6040 (e.g. GUE, Geneve, etc).
>
> Wouldn't such an update get kicked out during IESG review, as a
> duplicate update? Certainly it might make the ID nits checker issue a
> high-pitched scream as it runs round a tight loop of "Updates" headers.
>
> So, instead, how about stating the above para in the opposite order as
> follows:
>
> This document indirectly updates the UDP usage guidelines [RFC8085]
>
> to add the important but previously unstated requirement that, if the
>
> UDP tunnel egress does not, or might not, support ECN propagation, a
>
> legacy UDP tunnel ingress has to clear the outer IP ECN field to
>
> 0b00, e.g. by configuration. Section 3.1.11 of RFC 8085 already
> explains
>
> that a tunnel that encapsulates an IP header directly within a UDP/IP
>
> datagram needs to follow RFC 6040 when propagating the ECN field
>
> between inner and outer IP headers. And the requirements in Section 4
>
> update RFC 6040 so, by reference, they indirectly update RFC 8085.
>
>
--
________________________________________________________________
Bob Briscoe http://bobbriscoe.net/
- [tsvwg] David Black's WGLC review of draft-ietf-t… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Gorry Fairhurst
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- [tsvwg] ECN tunnel update to UDP Guidelines (was:… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] ECN tunnel update to UDP Guidelines Gorry Fairhurst
- Re: [tsvwg] ECN tunnel update to UDP Guidelines Bob Briscoe
- Re: [tsvwg] ECN tunnel update to UDP Guidelines Black, David