IETF Logo Mail Archive

Re: [v6ops] draft-ietf-intarea-tunnels concerns

Joseph Touch <touch@strayalpha.com> Thu, 25 March 2021 17:40 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBDB93A2885; Thu, 25 Mar 2021 10:40:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.199
X-Spam-Level: *
X-Spam-Status: No, score=1.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HAS_X_OUTGOING_SPAM_STAT=2.517, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 87sDhPNOjx4R; Thu, 25 Mar 2021 10:40:55 -0700 (PDT)
Received: from server217-4.web-hosting.com (server217-4.web-hosting.com [198.54.116.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 218B53A2884; Thu, 25 Mar 2021 10:40:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=uA04aERaqVj6hmsbdXbSQS96+8RJxBa0cWtK+b7Bkcw=; b=GZFuvQlGGFqskxciA07JZEh4T NseIrKG9huoQ19jl/ZesU5oS81pJxeWAHQbIv9tvnzhbKWhbRShgn4ZuU+stT4IVcfxSbJ/6kySE7 5UNA9JFxY4jCPqWX1T7wehq5RIK2Oehiqjj/HR6RqC/TzTOWTcffXRTqfEubXq9k5+R00PpjC59zh oKemllLy2a7M1J3yK6RLsYb2ujOEU26SHWSJcns3LB2egn9dfgD318bNa0tbfOR0LZLp5Xk8s8Imc PE+AKD6ghOT50LqscsS2W0rWSr+tcSQesKl+7GgZNT8Umin84lZ+YrKZ24fi2bH085ZbZ5A2jUL68 dNhAucq2Q==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:53818 helo=[192.168.1.14]) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94) (envelope-from <touch@strayalpha.com>) id 1lPTyU-003Agv-0P; Thu, 25 Mar 2021 13:40:54 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_8FF99A89-FC27-4AA4-A6F2-6A0C345C5188"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
From: Joseph Touch <touch@strayalpha.com>
In-Reply-To: <67a4aeb99dc6464c913516d744aa27bd@huawei.com>
Date: Thu, 25 Mar 2021 10:40:39 -0700
Cc: int-area <int-area@ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>, "6man@ietf.org" <6man@ietf.org>
Message-Id: <D3880A0A-7E35-43A3-AB66-C29C01F7961C@strayalpha.com>
References: <67a4aeb99dc6464c913516d744aa27bd@huawei.com>
To: Vasilenko Eduard <vasilenko.eduard@huawei.com>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/taK_1Gh_TH6eqhFgcWAyhfSc1UU>
Subject: Re: [v6ops] draft-ietf-intarea-tunnels concerns
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 17:41:00 -0000

Hi, Eduard,

I’ve repeatedly addressed these, so in the same spirit of “putting it all in one place”, here are the answers.

Joe

> On Mar 25, 2021, at 3:52 AM, Vasilenko Eduard <vasilenko.eduard@huawei.com> wrote:
> 
> Hi Experts,
> I have not received answers (after a long message thread) for me to understand:
>  
> 1.       It is assumed by the draft that Data Plane in the transit router operates right now exactly like a host. Then Generalization is attempted for IP stack operation like on a host.
> It is not the case. Moreover, it is not possible in principle because the hardware is ASIC managing traffic flow, but the host is CPU “running to completion” for control flow. The architecture of hardware is completely different.

Tunnel endpoints act like hosts. ASIC hardware can and does support fragmentation and reassembly at high speeds, and has *for decades* (all ATM hardware did this).

> 2.       It is additional complexity: 2 MTUs for one virtual interface instead of the current 1 in all real data planes. 1st MTU is the buffer size - called “Tunnel MTU”. 2nd MTU is the old tunnel MTU- called “MAP”.

They exist, whether you consider them complex or not. Sometimes they’re the same value (i.e., when no fragmentation is supported over the tunnel) and sometimes they’re fixed and known a-priori, but none of that changes that.

> It looks extremely bad after the decision that 1st MTU (buffer size) is static till some miracle would explain to us how it would become dynamic in the future.

Nobody has claimed that the tunnel pathMTU (MAP in draft-tunnels) or EMTU_R (true tunnel MTU) cannot change. 

> 3.       The draft has deprecated PMTUD and introduced fragmentation instead of it.

Draft-tunnels is intended as BCP. It has no power to deprecate.

Draft-tunnels does not imply that PMTUD should be used less frequently; it merely repeats the observation known for over 20 yrs that ICMPs are largely blocked and reliance on PMTUD is only asking to experience black-holes.

> To be precise: for all bulk traffic that would happen between MTUs.
> Moreover, It is not explained what to do for tunneling that does not want fragmentation now (currently prefer PMTUD). Should all tunnels support fragmentation from now on? (L2TPv3, VxLAN, MPLS, RFC 2473)

Any tunnel that is used directly recursively (X over X, i.e., L2TPv2 over L2TPv3, etc.) must have an EMTU_R larger than its pathMTU. If it does not, it cannot support that use.

Those are factual observations, not requirements to specifications claims.

> 4.       If PMTUD is deprecated, then why it is still used for the 2nd interface MTU? If it is dead, then it is dead, right? Anyone could have the conclusion that the 2nd MTU is static too.

PLPMTUD does not use ICMPs but still relies on these two MTUs.

> 5.       The draft does break all tunneling specifications. Is everything should be changed in production? It is the cost. For what reason?

Draft-tunnels breaks nothing; it observes that some tunneling specifications *are already inherently broken*.

Seeing a broken window and reporting it does not mean that you broke that window.

> It does affect IPv6 too – I had stumbled upon this problem from that direction. RFC 2473 is the best tunneling spec that would be damaged severely.

RFC2473 has errors - as noted in Sec 5.2 of v10 of draft-tunnels.

I welcome discussion on those errors as well as how draft-tunnels should proceed. It is intended for BCP, which cannot update other docs - but it does not itself specify anything. But it could (should?) update all the standards noted in Sec 5.2. 

Can anyone suggest how best to do that?

> Hence, 6man and v6ops on the copy.
>  
> I decided to leave it here for the people that may search for it in the future.

Same here.

> Eduard
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org <mailto:v6ops@ietf.org>
> https://www.ietf.org/mailman/listinfo/v6ops <https://www.ietf.org/mailman/listinfo/v6ops>

v2.23.0 | Report a Bug | By Email