[tsvwg] ECN tunnel update to UDP Guidelines (was: David Black's WGLC review of draft-ietf-tsvwg-rfc6040update-shim-08)
Bob Briscoe <ietf@bobbriscoe.net> Tue, 21 May 2019 09:39 UTC
Return-Path: <ietf@bobbriscoe.net>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43A5D120045 for <tsvwg@ietfa.amsl.com>; Tue, 21 May 2019 02:39:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bobbriscoe.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9moXPkAUfrnI for <tsvwg@ietfa.amsl.com>; Tue, 21 May 2019 02:39:55 -0700 (PDT)
Received: from server.dnsblock1.com (server.dnsblock1.com [85.13.236.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2309120048 for <tsvwg@ietf.org>; Tue, 21 May 2019 02:39:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bobbriscoe.net; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date: Message-ID:From:References:To:Subject:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=izAysVnFKfJTiyHbmLjDeAGT3Pi3xwrq5V1gw2uSraI=; b=1PB37Ygd5myXEQPh5kRK96AB+ oaCYYgfbtorTEwRKQZKbY0/1VddRqF02Wnnbfv8DPKeolOrhPPI5kI3EeK58062mRWNINt5JXhlDp QKU86B/lBVJ6zlIYNSVJhaQjR867VvDpJ1OdnvVZ2IcfKX4YsX2KF6ECOAOlbVjrlBza5PUx5MwN7 pf7/ye2EsZ3Re6bDqhTq9DOFkZKVeCItBXE7lgEP20JGds2NqzgqJpM5AqAGGmomEsAyDtQy2QIkl ZKhB+vsxdNDuEo/OtHcZCgx/Wgye85ernNZ0eBCsTF1FX0GqzVqOCzdvI/v5BSGzpNcz5dZk3Ahwc n4J6jy1rg==;
Received: from [31.185.135.221] (port=35624 helo=[192.168.0.5]) by server.dnsblock1.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91) (envelope-from <ietf@bobbriscoe.net>) id 1hT1FP-0006Uo-Ci; Tue, 21 May 2019 10:39:51 +0100
To: "Black, David" <David.Black@dell.com>, "tsvwg@ietf.org" <tsvwg@ietf.org>, "EGGERT, Lars" <lars@netapp.com>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, Greg Shepherd <gjshep@gmail.com>
References: <CE03DB3D7B45C245BCA0D243277949363055BC3F@MX307CL04.corp.emc.com> <CE03DB3D7B45C245BCA0D243277949363055BDDC@MX307CL04.corp.emc.com> <8ddc9156-7da9-8cb0-3d1c-1122cd7fbb34@bobbriscoe.net> <CE03DB3D7B45C245BCA0D24327794936305726B8@MX307CL04.corp.emc.com>
From: Bob Briscoe <ietf@bobbriscoe.net>
Message-ID: <e528316f-c402-b12e-252c-1376848a8d88@bobbriscoe.net>
Date: Tue, 21 May 2019 10:39:50 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <CE03DB3D7B45C245BCA0D24327794936305726B8@MX307CL04.corp.emc.com>
Content-Type: multipart/alternative; boundary="------------44FC735D5FE6EE48D2EDFF3D"
Content-Language: en-GB
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server.dnsblock1.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bobbriscoe.net
X-Get-Message-Sender-Via: server.dnsblock1.com: authenticated_id: in@bobbriscoe.net
X-Authenticated-Sender: server.dnsblock1.com: in@bobbriscoe.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/VZ_lZGrmyrif0Z1WT3ScUSOwOJY>
Subject: [tsvwg] ECN tunnel update to UDP Guidelines (was: David Black's WGLC review of draft-ietf-tsvwg-rfc6040update-shim-08)
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 09:39:58 -0000
David, [I've added the UDP Guidelines authors to the distr. and digested the relevant parts of this otherwise long thread at the end for them.] On 20/05/2019 15:52, Black, David wrote: > 1. > > > 2. RFC 8085 on UDP Guidelines is a BCP, and should be updated > directly for that reason (vs. indirectly via an update of RFC > 6040). No other RFC that cites RFC 6040 would be affected, unless > it’s also a BCP. > I've searched through RFC8085 and I do not think detailed discussion of this update to RFC6040 would be appropriate for the following reasons. Nonetheless, a pointer from RFC8085 to flag the tunnel configuration updates in this shim RFC could be appropriate. UDP tunnels are a small part of RFC8085, tucked away at the bottom of Section 3.1 about congestion control; in Section 3.1.11 "UDP Tunnels" <https://tools.ietf.org/html/rfc8085#section-3.1.11>. Most of 3.1.11 is about congestion control, then there's a list of brief bullets with other considerations for UDP tunnels. There is no place where UDP tunnel management is mentioned, whether by config or auto-controlled set-up. For your convenience, I've repeated the ECN bullet and the sentence that opens the list below: Designing a tunneling mechanism requires significantly more expertise than needed for many other UDP applications, because tunnels are usually intended to be transparent to the endpoints transmitting over them, so they need to correctly emulate the behavior of an IP link [INT-TUNNELS <https://tools.ietf.org/html/rfc8085#ref-INT-TUNNELS>], for example: o Requirements for tunnels that carry or encapsulate using ECN code points [RFC6040 <https://tools.ietf.org/html/rfc6040>]. o ... I propose to update that by replacing the bullet as follows: o Requirements for how tunnel endpoints propagate any ECN field within the UDP header to and from the outer IP header [RFC6040 <https://tools.ietf.org/html/rfc6040>]. This includes the requirement for a tunnel ingress to zero the outer ECN field unless it is known that the tunnel egress implements ECN logic [RFCXXXX]. {RFCXXXX refers to the present document so it will need to be inserted by the RFC Editor} I've changed the existing bullet, because it is itself incorrect. It makes the common mistake of implying UDP tunnels can choose whether to use ECN codepoints. They can't. The UDP encapsulation will itself always be encapsulated by an IP header, which always "uses ECN codepoints" whether the tunnel designer likes it or not. That is the nub of the problem that this update to RFC6040 attempts to solve. More specifically, in the shim draft I will remove the UDP paragraph from the opening text in section 5, and instead create a sub-section of 5.1 for UDP tunnels, alongside all the other specific RFC updates. I'll also add RFC8085 to the updates header. Then in that new section I'll paste the UDP paragraph, but with the end altered as follows: Section 3.1.11 <https://tools.ietf.org/html/draft-ietf-tsvwg-rfc6040update-shim-08#section-3.1.11> of the UDP usage guidelines [RFC8085 <https://tools.ietf.org/html/rfc8085>] includes the following brief guidance about how a tunnel that encapsulated packets with a UDP/IP header handles the ECN field: " o Requirements for tunnels that carry or encapsulate using ECN code points [RFC6040]." The following text replaces that bullet as an update to RFC 8085: "<the replacement bullet text I've already proposed above>" Bob > Thanks, --David > > > On 09/05/2019 02:08, Black, David wrote: > > >> ** >>> *From:* Black, David >>> *Sent:* Wednesday, May 8, 2019 8:50 PM >>> *To:* tsvwg@ietf.org >>> *Subject:* David Black's WGLC review of >>> draft-ietf-tsvwg-rfc6040update-shim-08 >>> >>> On 17/05/2019 23:54, Bob Briscoe wrote: >> > [snip] > >> [D] Section 5 >> >> Section 3.1.11 of the UDP usage guidelines [RFC8085] already explains >> >> that a tunnel that encapsulates an IP header directly within a UDP/IP >> >> datagram needs to follow RFC 6040 when propagating the ECN field >> >> between inner and outer IP headers. The requirements in Section 4 >> >> update RFC 6040 so, by reference, they automatically update RFC 8085 >> >> to add the important but previously unstated requirement that, if the >> >> UDP tunnel egress does not, or might not, support ECN propagation, a >> >> legacy UDP tunnel ingress has to clear the outer IP ECN field to >> >> 0b00, e.g. by configuration. >> >> >> [DB] That's too clever/subtle - this draft should explicitly update >> RFC 8085. > [BB] Not happy about this. Followed to its logical conclusion, as well > as updating RFC6040, this draft would then need to update every RFC > that already normatively references RFC6040 (e.g. GUE, Geneve, etc). > > Wouldn't such an update get kicked out during IESG review, as a > duplicate update? Certainly it might make the ID nits checker issue a > high-pitched scream as it runs round a tight loop of "Updates" headers. > > So, instead, how about stating the above para in the opposite order as > follows: > > This document indirectly updates the UDP usage guidelines [RFC8085] > > to add the important but previously unstated requirement that, if the > > UDP tunnel egress does not, or might not, support ECN propagation, a > > legacy UDP tunnel ingress has to clear the outer IP ECN field to > > 0b00, e.g. by configuration. Section 3.1.11 of RFC 8085 already > explains > > that a tunnel that encapsulates an IP header directly within a UDP/IP > > datagram needs to follow RFC 6040 when propagating the ECN field > > between inner and outer IP headers. And the requirements in Section 4 > > update RFC 6040 so, by reference, they indirectly update RFC 8085. > > -- ________________________________________________________________ Bob Briscoe http://bobbriscoe.net/
- [tsvwg] David Black's WGLC review of draft-ietf-t… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Gorry Fairhurst
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- Re: [tsvwg] David Black's WGLC review of draft-ie… Black, David
- [tsvwg] ECN tunnel update to UDP Guidelines (was:… Bob Briscoe
- Re: [tsvwg] David Black's WGLC review of draft-ie… Bob Briscoe
- Re: [tsvwg] ECN tunnel update to UDP Guidelines Gorry Fairhurst
- Re: [tsvwg] ECN tunnel update to UDP Guidelines Bob Briscoe
- Re: [tsvwg] ECN tunnel update to UDP Guidelines Black, David