On Mon, Mar 29, 2021 at 3:40 PM Ron Bonica <rbon...@juniper.net> wrote: > > Folks, > > Andreas reminds me that you may have the same questions regarding RFC > 8335..... > > The practice of assigning globally reachable IP addresses to infrastructure > interfaces cost network operators money. Normally, they number an interface > from a IPv4 /30. Currently, a /30 costs 80 USD and the price is only > expected to rise. Furthermore, most IP Address Management (IPAM) systems > license by the address block. The more globally reachable addresses you use, > the more you pay. > > They would prefer to use: > > - IPv4 unnumbered interfaces > - IPv6 interfaces that have only link-local addresses > > Ron
Thanks for the context, Ron. That sounds reasonable to me. Andreas's patch series has also been merged by now. > > > > Juniper Business Use Only > > -----Original Message----- > From: Ron Bonica > Sent: Monday, March 29, 2021 10:50 AM > To: David Ahern <dsah...@gmail.com>; Zachary Dodds <zdo...@gmail.com>; Ishaan > Gandhi <ishaangan...@gmail.com> > Cc: Andreas Roeseler <andreas.a.roese...@gmail.com>; David Miller > <da...@davemloft.net>; Network Development <netdev@vger.kernel.org>; Stephen > Hemminger <step...@networkplumber.org>; Willem de Bruijn > <willemdebruijn.ker...@gmail.com>; juniperos...@cs.hmc.edu > Subject: RE: rfc5837 and rfc8335 > > David, > > Juniper networks is motivated to promote RFC 5837 now, as opposed to eleven > years ago, because the deployment of parallel links between routers is > becoming more common > > Large network operators frequently require more than 400 Gbps connectivity > between their backbone routers. However, the largest interfaces available can > only handle 400 Gbps. So, parallel links are required. Moreover, it is > frequently cheaper to deploy 4 100 Gbps interfaces than a single 400 Gbps > interface. So, it is not uncommon to see two routers connected by many, > parallel 100 Gbps links. RFC 5837 allows a network operator to trace a packet > interface to interface, as opposed to node to node. > > I think that you are correct in saying that: > > - LINUX is more likely to be implemented on a host than a router > - Therefore, LINUX hosts will not send RFC 5837 ICMP extensions often > > However, LINUX hosts are frequently used in network management stations. > Therefore, it would be very useful if LINUX hosts could parse and display > incoming RFC 5837 extensions, just as they display RFC 4950 ICMP extensions. But the patch series under review adds support to generate such packets. > Juniper networks plans to support RFC 5837 on one platform in an upcoming > release and on other platforms soon after that. > > > Ron > > > > > Juniper Business Use Only > > -----Original Message----- > From: David Ahern <dsah...@gmail.com> > Sent: Wednesday, March 24, 2021 11:19 PM > To: Ron Bonica <rbon...@juniper.net>; Zachary Dodds <zdo...@gmail.com>; > Ishaan Gandhi <ishaangan...@gmail.com> > Cc: Andreas Roeseler <andreas.a.roese...@gmail.com>; David Miller > <da...@davemloft.net>; Network Development <netdev@vger.kernel.org>; Stephen > Hemminger <step...@networkplumber.org>; Willem de Bruijn > <willemdebruijn.ker...@gmail.com>; juniperos...@cs.hmc.edu > Subject: Re: rfc5837 and rfc8335 > > [External Email. Be cautious of content] > > > On 3/23/21 10:39 AM, Ron Bonica wrote: > > Hi Folks, > > > > > > > > The rationale for RFC 8335 can be found in Section 5.0 of that document. > > Currently, ICMP ECHO and ECHO RESPONSE messages can be used to > > determine the liveness of some interfaces. However, they cannot > > determine the liveness of: > > > > > > > > * An unnumbered IPv4 interface > > * An IPv6 interface that has only a link-local address > > > > > > > > A router can have hundreds, or even thousands of interfaces that fall > > into these categories. > > > > > > > > The rational for RFC 5837 can be found in the Introduction to that > > document. When a node sends an ICMP TTL Expired message, the node > > reports that a packet has expired on it. However, the source address > > of the ICMP TTL Expired message doesn't necessarily identify the > > interface upon which the packet arrived. So, TRACEROUTE can be relied > > upon to identify the nodes that a packet traverses along its delivery > > path. But it cannot be relied upon to identify the interfaces that a > > packet traversed along its deliver path. > > > > > > It's not a question of the rationale; the question is why add this support to > Linux now? RFC 5837 is 11 years old. Why has no one cared to add support > before now? What tooling supports it? What other NOS'es support it to really > make the feature meaningful? e.g., Do you know what Juniper products support > RFC 5837 today? > > More than likely Linux is the end node of the traceroute chain, not the > transit or path nodes. With Linux, the ingress interface can lost in the > layers (NIC port, vlan, bond, bridge, vrf, macvlan), and to properly support > either you need to return information about the right one. > Unnumbered interfaces can make that more of a challenge.
