Hi Brian and Robert, So it really makes much more sense to encode everything in the same EH rather than scatter them around. ----[xjr1] I agree with Robert 100%.
so header formats should be rigid enough that conditional or linked-list processing can be largely avoided. ----[xjr2] Sorry Brian, but I think this is truly important! I've been lectured on the bad design of IPv6 extension headers in a way that only makes sense from an ASIC or FPGA viewpoint. ----[xjr3] Brian I agree with your principle that it is bad design of IPv6 EH in a way *only* make sense from ASIC/FPGA. ----But in the case we are discussing, I have the strong opinion that "as less as possible EH for a solution" is better than "scatter them around" in any case. But anybody who's building the fast path using a network processor doesn't have that constraint and can use the existing extension header design happily enough. ----[xjr4] Brian, are you saying 'DOH before RH' and 'DOH after AH/ESP' as the 'existing extension header design' ? ----I am afraid the recommended order of 'DOH before RH', 'DOH after AH/ESP' is not the 'existing extension header design'. ----Instead, 'DOH after RH' and 'DOH before AH/ESP' is more preferred. Need examples ? ----RFC8200 as an architecture of IPv6 is just very wisely open for EHs order, because 8200 doesn't know what is the best practice: ----RFC8200: When more than one extension header is used in the same packet, it is recommended that those headers appear in the following order. ----it is recommended, but I guess the 8200 is not sure. ----RFC8200: IPv6 nodes must accept and attempt to process extension headers in any order and occurring any number of times in the same packet, except for the Hop-by-Hop Options header. ----Except for HBH, relative order of other EHs is widely open. ----RFC8200: Nonetheless, it is strongly advised that sources of IPv6 packets adhere to the above recommended order until and unless subsequent specifications revise that recommendation. ----The subsequent spec can revise the order. ----The need of DOH+RH+AHESP+DOH as a solution is more like a flaunty showing of understand of 8200 rule, but 8200 doesn't have such rule IMO. Best Regards, Jingrong -----Original Message----- From: spring [mailto:spring-boun...@ietf.org] On Behalf Of Brian E Carpenter Sent: Friday, September 13, 2019 6:32 AM To: Robert Raszuk <rob...@raszuk.net>; Ron Bonica <rbon...@juniper.net> Cc: xie...@chinatelecom.cn; Rob Shakir <ro...@google.com>; SPRING WG <spring@ietf.org>; 6man <6...@ietf.org>; Tarek Saad <tsaad....@gmail.com> Subject: Re: [spring] Beyond SRv6. Robert, > But what is most important that common hardware reads just entire > header then starts processing. So it really makes much more sense to > encode SR SIDs and related functions and their parameters in the same > EH rather then scatter them around. Sorry to get all philosophical, but it seems to me that there's another elephant in the room here (and he's been around for twenty years or so). There seems to be an assumption that we should design on the assumption that fast path processing is done by ASICs or FPGAs, so header formats should be rigid enough that conditional or linked-list processing can be largely avoided. I've been lectured on the bad design of IPv6 extension headers in a way that only makes sense from an ASIC or FPGA viewpoint. But anybody who's building the fast path using a network processor doesn't have that constraint and can use the existing extension header design happily enough. To what extent is this behind the present argument? Regards Brian Carpenter On 13-Sep-19 07:33, Robert Raszuk wrote: > Dear Ron, > > I was trying to stop responding but its pretty hard when I see such > post like your last one ... > >> A single IPv6 Option, the PPSI, replaces all of the following SID > > Please understand that this is like stating that: > > "A single new additional airport replaces all the planes which operate > to the old airport. " > > At most you could say that single new PPSI could contain 2^32 SR > functions which you call in your draft as "PPSI identifiers" From > your documents it also seems that you are defining a service > instruction identifier in a flat space which can contain the demux for the > following technologies: > > o Layer 2 VPN (L2VPN) [RFC6624 > <https://tools.ietf.org/html/rfc6624>]. > > o Layer 3 VPN (L3VPN) [RFC4364 <https://tools.ietf.org/html/rfc4364>]. > o Virtual Private LAN Service (VPLS) [RFC4761 > <https://tools.ietf.org/html/rfc4761>][RFC4762]. > o Ethernet VPN (EVPN) [RFC7432 <https://tools.ietf.org/html/rfc7432>]. > o Pseudowires [RFC8077 <https://tools.ietf.org/html/rfc8077>]. > > > It also needs to be observed that putting all of those services into > single flat table lookup is not a sound design. > > But what is most important that common hardware reads just entire > header then starts processing. So it really makes much more sense to > encode SR SIDs and related functions and their parameters in the same > EH rather then scatter them around. > > > Thank you, > > R. > > > > > > > > > > > > > > > > > > > On Thu, Sep 12, 2019 at 8:51 PM Ron Bonica <rbon...@juniper.net> wrote: > >> Daniel, >> >> >> >> Not really. A single IPv6 Option, the PPSI, replaces all of the >> following >> SIDs: >> >> >> >> - END.DX2 >> - END.DX2V >> - END.DX2U >> - END.DX2M >> - END.DT4 >> - END.DX4 >> - END.DT6 >> - END.DX6 >> - END.DT46 >> - END.T >> >> >> >> >> >> >> Ron >> >> >> >> >> >> Juniper Business Use Only >> >> *From:* Bernier, Daniel <daniel.bern...@bell.ca> >> *Sent:* Thursday, September 12, 2019 2:26 PM >> *To:* Ron Bonica <rbon...@juniper.net>; Mark Smith >> <markzzzsm...@gmail.com >>> >> *Cc:* Rob Shakir <ro...@google.com>; SPRING WG <spring@ietf.org>; >> 6man < 6...@ietf.org>; Robert Raszuk <rob...@raszuk.net>; >> xie...@chinatelecom.cn; Tarek Saad <tsaad....@gmail.com> >> *Subject:* RE: [spring] Beyond SRv6. >> >> >> >> That was precisely my point >> >> >> >> Having been involved in pushing SRv6 END behaviours in various >> targets, I can first hand say that the primitives behind SRH >> processing is quite simple to extend. In your extensibility model, >> every predefined or custom behavior becomes a new DOH. On SRH, the EH >> does not change I just need to inform the data plane that when >> receiving a packet with a specific SID in SRH, do this internal processing. >> >> >> >> >> >> On 2019-09-12, 12:34 PM, "Ron Bonica" <rbon...@juniper.net> wrote: >> >> >> >> Mark, >> >> >> >> I think that you may have exposed yet another elephant in the room…… >> >> >> >> IPv6 defines a robust extensibility architecture, that includes >> multiple extension headers. Initially, IPv6 adoption was slow and >> router vendors were not highly motivated commit extension headers to >> ASICs. Also, in those days, ASICs were not so capable as they are today. >> >> >> >> From the above-mentioned data points, we should not infer that it is >> beyond the capability of a modern vendor to develop an ASIC that >> supports a more complete set of extension headers. Two things have >> changed. As IPv6 adoption progresses, vendors are becoming more >> committed to IPv6. Beyond that, ASICs have become more capable over the >> decades. >> >> >> >> We shouldn’t abandon the IPv6 extensibility architecture based on a >> claim that ASICs cannot and will never be able to process multiple >> extension headers. >> >> >> >> >> Ron >> >> >> >> >> >> >> >> >> >> *From:* ipv6 <ipv6-boun...@ietf.org> *On Behalf Of *Mark Smith >> *Sent:* Thursday, September 12, 2019 1:30 AM >> *To:* EXT - daniel.bern...@bell.ca <daniel.bern...@bell.ca> >> *Cc:* Rob Shakir <ro...@google.com>; SPRING WG <spring@ietf.org>; >> 6man < 6...@ietf.org>; Robert Raszuk <rob...@raszuk.net>; >> xie...@chinatelecom.cn; Tarek Saad <tsaad....@gmail.com> >> *Subject:* Re: [spring] Beyond SRv6. >> >> >> >> It's simple because IPv6 doesn't look past the fixed IPv6 header to >> perform its forwarding, and matches on the Destination Address to >> determine if to perform deeper packet host processing. >> >> >> >> >> >> You're building much more complicated forwarding services if you're >> going to be marching on TLVs etc. past the IPv6 fixed header. >> >> >> >> However vendors and carrier engineering groups like selling and >> deploying new gear, so I suppose that's ok. They don't have to >> operate it or fix it when it breaks. >> >> On Thu, 12 Sep 2019, 13:41 Bernier, Daniel, <daniel.bern...@bell.ca> >> wrote: >> >> +1 >> >> >> >> The ability of using a single SRH to convey behaviour information >> wether they are per-segment or per-path has proven to be very simple >> and quick to define in various data plane targets. >> >> >> >> At first analysis, trying to replicate with CRH + DOH variants, the >> logic required for service programs is more complex. >> >> >> >> What happens if I need TLVs mid-point in a path but not at its end (e.g. >> referring to the Ole's ACME analogy) ? Would they now be defined in a >> seg-end-opt or a vpn-dest-opt ? If seg-end-opt then it means >> non-interested midpoint devices will have to lookup beyond the TLVs >> to get to CRH for next segment ? >> >> >> >> Similar question would be on how would we implement proxy behaviours >> either dynamic or static ? If I read >> https://tools.ietf.org/html/draft-bonica-6man-seg-end-opt-04 >> <https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-bonica- >> 6man-seg-end-opt-04__;!8WoA6RjC81c!WhasJYFTRmXzKd1g-oMU5hza4EoH-63AFe >> 6qzFFZtlfTRAiabJjCZB0f5dp14y8L$> correctly, we then need NSH for >> richer service chains constructs (think Gi-LAN). This means I need >> CRH, some variants of DOH + NSH. >> >> >> >> I fail to see the simplicity there. >> >> >> >> Dan B >> ------------------------------ >> >> *From:* spring <spring-boun...@ietf.org> on behalf of >> xie...@chinatelecom.cn <xie...@chinatelecom.cn> >> *Sent:* Wednesday, September 11, 2019 8:57 PM >> *To:* List >> *Cc:* Rob Shakir; 6man; Tarek Saad; Robert Raszuk >> *Subject:* [EXT]Re: [spring] Beyond SRv6. >> >> >> >> >> >> Hi, folks, >> >> >> Last year China Telecom begun to implement SRv6 trial in Sichun province for >> the bearing and interconnection of video platforms which are located in >> different cities, service agilities,secure sepertion, traffic steering and >> other features of SRv6 have been demonstrated in this trial. Based on this, >> SRv6 will be implementated in larger-scale in CT. >> >> >> No technologies is 100% perfect,I agree that compression mechanism is needed >> to reduce the the overhead of long SID in the long term, but it is better to >> be compatible withe SRH, instead of designing a complete new one. CRH is a >> complete new design, it move the complexities from SRH to DOH. >> >> Moreover, I hope more efforts of SRv6 should be given on how to >> support new services,for instance, Application-aware network (APN). >> Meanwhile, we should consider more on how to implmement smooth transition >> and protect the network assetof carriers. >> >> >> >> Best regards >> >> Chongfeng >> >> >> >> >> >> *From:* Dirk Steinberg <d...@lapishills.com> >> >> *Date:* 2019-09-09 21:31 >> >> *To:* Gyan Mishra <hayabusa...@gmail.com> >> >> *CC:* SPRING WG List <spring@ietf.org>; 6...@ietf.org; Robert Raszuk >> <rob...@raszuk.net>; Rob Shakir <ro...@google.com>; Tarek Saad >> <tsaad....@gmail.com> >> >> *Subject:* Re: [spring] Beyond SRv6. >> >> There seems to be some confusion regarding TI-LFA. >> >> A couple of comments: >> >> >> >> - Remote LFA tunnel is not used with SR, only TI-LFA which >> >> only operates on the node that is the PLR (point of local repair). >> >> >> >> - Any encapsulation on the ingress PE with or without EH has nothing >> >> to do with TI-LFA except for the special case where the ingress PE >> >> itself is the PLR. >> >> >> >> - TI-LFA is not an IGP extension and does not require one. >> >> It is a purely local computation based on IGP topology. >> >> >> >> - The PLR for TI-LFA may need to insert some SIDs into the SID >> >> list to steer the packet around the failure. For the LFA base case >> >> no SIDs are needed at all. If SID insertion is needed, the PLR >> >> will push the required number of labels in the MPLS case. >> >> >> >> For SRv6, the equivalent operation to the label push is to >> >> insert an EH with the required SID list. The packet will already >> >> have been encapsulated on the ingress PE and in the most >> >> common Internet or VPN base use case it will not even have >> >> an EH so that this EH insertion will result only in a single EH.. >> >> >> >> Alternatively, the PLR could also be configured to perform >> >> encapsulation with a new IPv6 header using the repair SID >> >> as IPv6 destination address, without needing any EH. >> >> This will work for the vast majority of cases. >> >> Remember that one 128-bit SID in SRv6 is in most cases >> >> equivalent to 2 MPLS labels, i.e. a node label plus an >> >> adjacency SID can be encoded in a single SRv6 SID. >> >> >> >> Only in extreme cases would the PLR need to add an >> >> EH to the new IPv6 header with more SIDs. >> >> >> >> - EH insertion for TI-LFA has nothing to do with stitching SRv6 domains. >> >> >> >> Hope it helps. >> >> >> >> Cheers >> >> Dirk >> >> >> >> Am 08.09.2019 um 09:19 schrieb Gyan Mishra <hayabusa...@gmail.com>: >> >> >> >> >From reading through all the discussion threads the SR insertion is >> >two >> fold one being for FRR capabilities using Ti-LFA or remote LFA tunnel >> so end up requiring double EH insertions on the Ingress PE tunnel >> head end >> SRv6 source node and then second scenario being a possible EH >> insertions occurrence on intermediate nodes. I have not read through >> the drafts or RFC regarding Ti-LFA with SR but since that is an IGP >> extension I am guessing an opaque LSA and is not the traditional MPLS >> FRR link/node/path protection that adds an additional mpls shim so >> not sure why an EH insertion needs to occur for Ti-LFA. Can someone >> clarify that use case for me. Also the EH insertion on intermediate >> node what is the use case or reason for that. My guess is it’s for >> special use case of stitching SRv6 domains together. Please clarify.. >> >> >> >> >> >> _______________________________________________ >> spring mailing list >> spring@ietf.org >> https://www.ietf.org/mailman/listinfo/spring >> <https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/spr >> ing__;!8WoA6RjC81c!WhasJYFTRmXzKd1g-oMU5hza4EoH-63AFe6qzFFZtlfTRAiabJ >> jCZB0f5aWDOXgb$> >> >> >> >> Juniper Business Use Only >> >> > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > i...@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > _______________________________________________ spring mailing list spring@ietf.org https://www.ietf.org/mailman/listinfo/spring _______________________________________________ spring mailing list spring@ietf.org https://www.ietf.org/mailman/listinfo/spring
