> On Aug 5, 2019, at 18:29, Gray, Andrew A <[email protected]> wrote: > > Joe, > > Thanks for your review and comments. Responses in-line. > > On 8/5/19, 3:20 PM, "Joe Clarke (jclarke)" <[email protected]> wrote: > >> On Aug 5, 2019, at 10:45, Gray, Andrew A <[email protected]> wrote: >> >> Hello opsawg, >> >> I spoke to a number of IETF folks at IETF 105, along with Tianran and Ignas >> (who I thank for their feedback and suggestions), and it was decided that >> opsawg would be the best place to at least start the conversations about a >> new draft I am proposing, as detailed below. >> >> I document several use cases in the draft, but the short version is we are >> wanting to standardize a method for different vendors to handle ASIC-level >> replication of packets, to a remote server, including any and all >> information that ASIC may have about the packet, along with at least part of >> the payload, with a configurable sampling rate and filtering capabilities. >> >> Some things on my TODO list for it still: >> >> 1. I want to take a closer look at Flowspec rule definition, and see if that >> can be adequately encoded here. It looks like the YANG model for Flowspec >> rules was draft-wu-idr-flowspec-yang-cfg but that has since expired. >> 2. I'm planning on talking at NANOG 77 in Austin with other operators to see >> if there's additional use cases and how much appetite there is. >> 3. I'm talking with a couple vendors about implementations - there is >> interest here about it as well. >> >> I am sending out the -00 version of this draft and very much welcome >> comments and feedback. > > Hello, Andrew. I’ve read through this draft, and I have a few comments. > I put it up in GitHub to make it a bit easier. In addition to your TODO, I > know Cisco proposed ERSPAN to the IETF a few years ago, but I do not know > what the discussion was around that > (https://tools.ietf.org/html/draft-foschiano-erspan-03). Conceptually, your > idea seems very similar. It is perhaps worth exploring what happened with > that work. > > [AG] ERSPAN doesn't include the potentially useful information the ASIC has > about the packets (i.e. what it's going to do with it, what the receive > timestamp was). That draft seems to only standardize a single encapsulation > - my desire is to get as much information out of the forwarding ASICs as > possible, in whatever format works best for the chipset, but still allow > interop with different receiving packets.
It seems like the ASIC bit blends with what IOAM is doing. In fact, the “framework” you describe might incorporate work like https://tools.ietf.org/html/draft-spiegel-ippm-ioam-rawexport-02 with the exception that it is using IPFIX for export (which is more overhead than you want). My overarching point is that there is similar work, and it sounds like you’re making the right connections to understand what is out there. > > More to the contents of your doc, you have it marked informational, but > you mention a few times about standardizing the interactions between > components. You’re not standardizing as much as you’re defining a specific > interaction. > > [AG] True - it started as informational but has become more standards track - > will update. Well, for a standards track, you would have to determine an encap. And then it might be worth breaking out the encap from the YANG module. > > In > https://github.com/xorrkaz/ietf-docs/blob/master/draft-gray-sampled-streaming-00#L195 > you mention NETCONF explicitly. Why can’t this be done with RESTCONF, gRPC, > etc.? > > [AG] Good point - it very well could be. I suppose that could be reworded to > be more as an example. > > In > https://github.com/xorrkaz/ietf-docs/blob/master/draft-gray-sampled-streaming-00#L249, > why must a Client re-query? This seems like telemetry would be ideal to > update the Client about configuration changes to the stream. > > [AG] The re-query is basically the response to the initial configuration > request - in effect the client pushes part of the configuration (the desired > filters and such), and the Replicator fills in the rest (what the resulting > packet format will be, based on ASIC or location or capability or > what-have-you). Telemetry seems a bit overkill for what was intended to be a > single re-pull, but I am open to input? There has been examples of using YANG push as a way push config and then look to see what is actually applied. This seems to fit in that paradigm of use case. > > > https://github.com/xorrkaz/ietf-docs/blob/master/draft-gray-sampled-streaming-00#L298, > are these bit widths or byte? Either way, they seem too short for things > like an interface-ref list. If it is bit width, then it wouldn’t even be > long enough for a list of actions. > > [AG] Those are bits, and it's an example of the resulting data format - the > actual format returned by the device could be whatever bit width is desirable > for it. A few reviewers have thought that packet header and table are > requirements - I added "example" language to a few different places to try > and fix that, but apparently it's still too easy to assume those listings are > the requirements. I did understand that this was an example. My point is that I don’t see how this is a feasible example. Based on your description of the fields, I couldn’t rationalize how they are used or how they would look. How could a 8-bit field present a list of interface-refs? > > > https://github.com/xorrkaz/ietf-docs/blob/master/draft-gray-sampled-streaming-00#L309, > if this is 24 bytes, that seems excessive for two 32-bit integers. If it’s > bits, it’s not long enough. > > [AG] See previous comment. > > I have other more typographical comments at > https://github.com/xorrkaz/ietf-docs/commit/7a849d2b12cd2dff151654f3ef37a87ac870a452#diff-580cadc3568cc3a979bb37410222e08b > . > > [AG] I'll roll those in - I'm working from a .xml version and separate .yang > file, then regenerating the .txt using xml2rfc (but I can't quite upload the > .xml as I use a <xi:include href="[email protected]" > parse="text" /> to have the parser pull in the separate yang file for > formatting. I can upload those to the Git repository and use those for work, > if that's easier? As I said in unicast, I think if you could spin up your own repo, it would be easier to add comments/issues or PRs. Additionally, as a co-chair, I’d like to add that it is always good to see operators presenting work to the IETF that would make their lives easier. I appreciate you bringing this discussion to opsawg. Joe _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
