Re: [tsvwg] Advance notice on request to poll TSVWG for adoption of draft-kaippallimalil-tsvwg-media-hdr-wireless-03

[Tom Herbert <tom@herbertland.com>]

On Sat, Oct 28, 2023 at 9:18 AM Sebastian Moeller <moeller0@gmx.de> wrote:
>
> Hi Tom,
>
> please, see [SM] below.
>
> > On Oct 28, 2023, at 17:26, Tom Herbert <tom=40herbertland.com@dmarc.ietf.org> wrote:
> >
> > On Fri, Oct 27, 2023 at 4:35 PM Kaippallimalil John
> > <john.kaippallimalil@futurewei.com> wrote:
> >>
> >> Hi Tom, Joe,
> >>
> >>
> >>
> >> With regard to the concerns from Tom and Joe, the behavior needed is outlined in slide 3 of: https://datatracker.ietf.org/meeting/118/materials/slides-118-tsvwg-sessa-92-media-header-extensions-for-wireless-networks
> >>
> >>
> >>
> >> IPv6 HBP does not currently provide the capability needed:
> >>
> >> IPv6 HBH (MED in this case) is provisioned in the “Application Provider” (AP) domain. And the service provided in the same domain (AP domain in this case)
> >> But that is not what we want. MED is inserted by AP domain, and read in the wireless provider domain.
> >
> > Hi John,
> >
> > Can you clarify what "inserted" means in this context? (the word has
> > confusingly been used in different contexts). For instance, there are
> > three uses I know of:
> >
> > 1) A packet was created by a hosts with the data ("inserted" probably
> > isn't the best term for this)
> > 2) A packet is encapsulated inflight and the data is attached to the
> > outer headers
> > 3) The data is inserted into a packet while it's inflight with (no
> > encapsulation)
> >
> > #1 and #2 are generally acceptable (technically, in both cases a host
> > is creating the packets so HBH options or UDP options can be set in
> > the packet safely). #3 is a bit more controversial, but there have
> > been proposals for this like inserting a segment routing header in
> > packets in flight.
> >
> > Please also clarify the processing of the wireless node.
> >
> > 1) Is the wireless always the destination endpoint of UDP
> > encapsulation? If so then it would be appropriate for it to process
> > UDP options in the encapsulation since it's the destination of the
> > encapsulated packet
> > 2) Does the wireless node is inspect the UDP options in flight as an
> > anonymous router in the path that forwards packets and isn't the
> > destination of the packet? In that case, I think using UDP Options is
> > problematic (or putting the information into the UDP payload like SPUD
> > proposed)
> >
> >> The data in MED is sent per packet and
> >
> > FAST allows data to be changed on a per packet basis for flow. If the
> > modifiable variant of the FAST HBH option is used then intermediate
> > nodes can change the data inflight.
> >
> >> Every router on path is going to read/process the IPv6 HBH option. This is also not what is intended.
> >
> > RFC8200 has relaxed the requirements of RFC2460 so that routers may or
> > may not process Hop-by-Hop OPtions. draft-ietf-6man-hbh-processing and
> > draft-ietf-6man-eh-limits make further clarifications to make HBH
> > practical.
> >
> >> Only the wireless router acting on behalf on the client, with explicit provisioning (session setup, policy in figure) needs to read.
> >
> > That's the same expectation we have in FAST. Only an ingress router
> > into a network is expected to process a ticket in HBH options.
> >
> >>
> >>
> >>
> >> The difference will be more obvious when (if) we need to consider encrypted metadata.
> >
> > FAST allows for the signal to be encrypted.
> >
> >>
> >> (PS: In this draft, we don’t see the need to encrypt the metadata as the signals are purely advisory and does not leak content or user information.)
> >
> > Maybe, but for a proposed standard you'll need a strong justification
> > if that's the answer :-).
> >
> >>
> >> However, if we decided that encryption was needed:
> >>
> >> With FAST/ IPv6 HBH, the key management is for the Application Domain (AP) to read, not the wireless domain. (otherwise involves complex multi-domain key agreements).
> >
> > Just like UDP Options, FAST and IPv6 HBH are just carriers of
> > information. There's no semantics enforced on the content. So any data
> > that is carried in UDP Options could just as easily be in HBH options.
> > The difference is about who is permitted to process the information:
> > UDP Options can only be processed by the destination, HBH options can
> > be processed by any, all, one, or no nodes in the path.
>
>         [SM] Unless the respective layer's data is encrypted, intermediate nodes obviously can look into packets at every level they desire, and since they do not need to ask for permission there is really nothing stopping them...

Hi Sebastian,

Yes, that is what motivates us to encrypt as much as the packet as
possible (like TLS encrypts transport payload, QUIC encrypts the
transport header). The interesting thing about host to network
signaling is that we want at least some intermediate nodes to access
and process the data, but not necessarily all of them. Finding a
solution to this is one of the interesting challenges of host to
network signaling.

> (we do have a work-around, that might or might not work with UDP options, namely encrypting the IP packet's payload, or to be kinder to ECMP). Given that fact, it seems academic to claim there is a practical difference in usability of UDP options and IPv6 HBH.

I think there are material differences. UDP Options only work with
UDP, UDP options are in protocol trailers which would be problematic
to support in router hardware data path, and there's no distinction
between transport layer options and network layer options (i.e. last
thing we want is for some router to burn cycles parsing and skip over
a bunch of transport layer options to find the network layer options
they're interested in).

> Personally I think that HBH are a better path forward, as I have higher hopes in IPv4 being delegated into the background faster compared to IPv6 versus TCP compared to UDP (and I do not consider tunneling TCP in UDP an elegant solution if all we are after are host/network communications, but that is subjective).

That's my opinion as well :-)

>
>
> >
> >> With MED, the client to Wireless-CP/Policy signaling can install the MED keys in a simple manner (in 3GPP domain, that would just be small extensions)
> >
> > That's independent of the information carrier, so the same
> > infrastructure will work just as easily with HBH options.
> >
> >>
> >>
> >>
> >> But just to be clear, in the draft, the metadata (MED) and its handling is completely separated from the container/transport (UDP options).
> >
> > Exactly, that's why HBH options can be substituted for UDP options in
> > the design with no semantic differences in the content.
> >
> >
> >>
> >> If IPv6 HBH  or other transport can evolve to support this kind of handling needed, then the draft can be updated to use MED and that (other) transport.
> >>
> >> The key aspect in the draft is the metadata (MED) and how it should be processed on path.
> >
> > Yes, I like those aspects, and the sentiment that a draft like this
> > should focus on the semantics and processing of the data aligns with
> > my view. This draft  is a good use case of host to network signaling,
> > but there are others like draft-reddy-tsvwg-explcit-signal (which also
> > proposes to use UDP options as the carrier) and draft-ravi-ippm-csig
> > (which proposes using L2 to carry the signal).
>
>         [SM] I believe CSIG is conceptually different from the others as L2 seems targeted there purposefully, no?

I don't see that it's conceptually different. The data in CSIG is
being sent end-to-end and is processed by intermediate nodes. IMO,
that seems to fit the definition of a network layer protocol. Also,
CSIG seems like a form of enhanced ECN with just more bits, and ECN is
conveyed in network layer protocols and not link layer-- so I think
ECN is a precedent that end-to-end congestion signaling belongs in the
network layer.

Tom

>
>
> > With the potential
> > benefits of collaboration between applications or hosts and the
> > network, I believe we are going to see even more proposals. In host to
> > network signaling, there are two parts: the carrier of the signal, and
> > the content of the signal.
>
>         [SM] I would rather call that the "format" of the signal, aka the form valid messages are to employ, the content of a signal to me describes the values in individual instances, no?
>
>
> > IMO, if we define a common generic and
> > extensible carrier for host to network signaling, then the various
> > proposals in the area could focus on the semantics and processing of
> > the content and not worry so much about the carrier protocol.
>
>         [SM] +1; that seems like great plan.
>
> Sebastian
>
>
>
> >
> > Tom
> >
> >
> >
> >
> >>
> >>
> >>
> >> Regards,
> >>
> >> John
> >>
> >>
> >>
> >>
> >>
> >> From: tsvwg <tsvwg-bounces@ietf.org> On Behalf Of touch@strayalpha.com
> >> Sent: Friday, October 27, 2023 5:44 PM
> >> To: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org>
> >> Cc: tsvwg <tsvwg@ietf.org>
> >> Subject: Re: [tsvwg] Advance notice on request to poll TSVWG for adoption of draft-kaippallimalil-tsvwg-media-hdr-wireless-03
> >>
> >>
> >>
> >> +1 ;-)
> >>
> >> —
> >>
> >> Dr. Joe Touch, temporal epistemologist
> >>
> >> www.strayalpha.com
> >>
> >>
> >>
> >> On Oct 27, 2023, at 2:55 PM, Tom Herbert <tom=40herbertland.com@dmarc.ietf.org> wrote:
> >>
> >>
> >>
> >> On Fri, Oct 27, 2023 at 2:26 PM Spencer Dawkins at IETF
> >> <spencerdawkins.ietf@gmail.com> wrote:
> >>
> >>
> >> Dear TSVWG,
> >>
> >> We have requested a slot during the IETF 118 meeting to propose that the co-chairs poll the working group for adoption of https://datatracker.ietf.org/doc/draft-kaippallimalil-tsvwg-media-hdr-wireless/, as a basis for further work.
> >>
> >> The chairs have given us a 15-minute slot during the Thursday TSVWG session.
> >>
> >> Face-to-face meeting time is precious, so we thought it would be helpful if we invited people to look over the draft, and let us know if you see significant impediments to adopting this draft. That would reduce the time we need in the meeting itself.
> >>
> >>
> >> Hi Spencer,
> >>
> >> I believe that the use of UDP Options to carry information that is
> >> processed by intermediate nodes is a significant impediment to
> >> adoption.
> >>
> >>
> >> From the draft: "The Wireless Node is responsible for forwarding
> >>
> >> packets to the Client over the Wireless Network.  The Wireless Node
> >> inspects metadata but does not alter the UDP option."
> >>
> >> There was discussion on the list and I believe that there is general
> >> consensus that UDP Options are neither designed nor intended to carry
> >> network layer information like this. They are for carrying End-to-End
> >> transport layer information.
> >>
> >> IMO the proper alternative for carrying network layer information is
> >> Hop-by-Hop Options like in FAST
> >> (https://www.ietf.org/archive/id/draft-herbert-fast-04.txt).
> >>
> >> Tom
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> As a reminder,
> >>
> >> This draft has been presented at IETF 116, 117 and now 118
> >> We had considerable discussion at previous IETF meetings and on the TSVWG mailing list
> >> That feedback has been uniformly helpful, and we've taken it into consideration in the -03 update.
> >> Adoption has been discussed previously at IETF 117
> >>
> >> The updated draft (-03) is described in slides that are uploaded at https://datatracker.ietf.org/doc/draft-kaippallimalil-tsvwg-media-hdr-wireless/
> >>
> >> A diff from version -02, discussed at IETF 117, is here: https://datatracker.ietf.org/doc/draft-kaippallimalil-tsvwg-media-hdr-wireless/
> >>
> >> Please feel free to follow up on this mailing list, or privately with the document authors.
> >>
> >> Best,
> >>
> >> Spencer
>