Hi Jim, and WG chairs: For Jim’s comment: ”[Jim] Section 4.3.1 of RFC 8754 would appear to agree with you but I welcome the WGs comments on this if there is disagreement.”
I think the sentence “Future documents may define additional SRv6 SIDs. In such a case, the entire content of this section will be defined in that document.” in 4.3.1 of RFC8754 does agree with that a Replication-SID can be defined in a document, but that does not mean that a Replication-SID defined in a document is technically correct. Just in the same section, the following sentence is technical guideline of correctly using the SRH: “If the FIB entry represents a locally instantiated SRv6 SID, process the next header chain of the IPv6 header as defined in Section 4<https://www.rfc-editor.org/rfc/rfc8200#section-4> of [RFC8200<https://www.rfc-editor.org/rfc/rfc8754.html#RFC8200>]. Section 4.3.1.1<https://www.rfc-editor.org/rfc/rfc8754.html#SRHPROC> describes how to process an SRH; Section 4.3.1.2<https://www.rfc-editor.org/rfc/rfc8754.html#UPPERHEADER> describes how to process an upper-layer header or the absence of a Next Header.” And please let me cite the pseudo-code of section 4.3.1.1 here below, and point out that, the normal behavior that implied in the meaning of SRv6/SID-List/SRH/Segment-Left, as shown in the S15/S16/S21/S22, is overridden by the state of Replication-SID, and hence breaking the SRv6 architecture. S01. When an SRH is processed { S02. If Segments Left is equal to zero { S03. Proceed to process the next header in the packet, whose type is identified by the Next Header field in the routing header. S04. } S05. Else { S06. If local configuration requires TLV processing { S07. Perform TLV processing (see TLV Processing) S08. } S09. max_last_entry = ( Hdr Ext Len / 2 ) - 1 S10. If ((Last Entry > max_last_entry) or S11. (Segments Left is greater than (Last Entry+1)) { S12. Send an ICMP Parameter Problem, Code 0, message to the Source Address, pointing to the Segments Left field, and discard the packet. S13. } S14. Else { S15. Decrement Segments Left by 1. S16. Copy Segment List[Segments Left] from the SRH to the destination address of the IPv6 header. S17. If the IPv6 Hop Limit is less than or equal to 1 { S18. Send an ICMP Time Exceeded -- Hop Limit Exceeded in Transit message to the Source Address and discard the packet. S19. } S20. Else { S21. Decrement the Hop Limit by 1 S22. Resubmit the packet to the IPv6 module for transmission to the new destination. S23. } S24. } S25. } S26. } To the chairs: The authors had never answer my questions ( like “what is the 128bit DCB SRv6 SID looks like ?” in [4] and many others), but try to use such pieces of sentences to argue that the “VPN SID after Replication SID” is a valid solution. I am very sad and worried about that. To make my point clear, I had suggested in [A] that we have a comparative thinking like this: What are the benefits of using SRH for VPN SID in multicast instead of using DOH ? ----DOH does not have the restriction in semantics of SRH/RH/SL that is conflicting. What are the benefits of using SRH for VPN SID in multicast instead of using Src.DT4 as defined in [6] ? ----Src.DT4 does not have the restriction in semantics of SRH/RH/SL and can save the encapsulation cost. Let us think about it in another way ---- what is the implications of allowing an SRH SID-list to carry an identifier like SRv6 DCB SID? ----SRH would be abused to carry any information that is not an SRv6 SID in SID-List IMO. ----Even SRH TLV is more suitable for carrying such “Non SRv6 SID” thing than such an abuse of SID-List IMO, not to mention the above two alternatives (using DOH or Src.DT4). ----Once the abuse of SRH is made by the WGLC document, IMO it will not stop, by claiming the correct use of “SRH”, or even claiming to be superior because of “using existing SRH data plane”. Is my point about “breaking SRv6 architecture” more clear by the above comparative thinking and the analysis of “implications” ? Thanks, Jingrong. [A] https://mailarchive.ietf.org/arch/msg/spring/5iLxCBmOrSNqOafiCRYy3BZGvkg/ 本邮件及其附件可能含有华为公司的保密信息,仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、或散发)本邮件中的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本邮件! This e-mail and its attachments may contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it! From: spring [mailto:spring-boun...@ietf.org] On Behalf Of James Guichard Sent: Thursday, February 16, 2023 10:08 PM To: Rishabh Parekh <risha...@gmail.com> Cc: bruno.decra...@orange.com; SPRING WG <spring@ietf.org>; spring-cha...@ietf.org Subject: Re: [spring] WGLC for draft-ietf-spring-sr-replication-segment Hi Rishabh, Please see inline [Jim] On Wed, Feb 15, 2023 at 6:58 AM James Guichard <james.n.guich...@futurewei.com<mailto:james.n.guich...@futurewei.com>> wrote: Hi Rishabh, Authors, & WG: Having reviewed the latest version of https://datatracker.ietf.org/doc/draft-ietf-spring-sr-replication-segment/<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-spring-sr-replication-segment%2F&data=05%7C01%7Cjames.n.guichard%40futurewei.com%7Cbdcb0e652a84487b56d008db0fdedb81%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C638121222064204376%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=jc%2FjseIG6xUGJ37UWvP0x8QYl027YZMOojcWM7pbt%2BA%3D&reserved=0> I would appreciate some clarification from the authors on the specifics of packet replication and forwarding between the replication point and downstream nodes. The draft as I read it bases forwarding at a replication point on the combination of a replication SID which triggers and selects the behavior and the replication state held at that node. The replication state indicates which downstream nodes the packet should be replicated to and those nodes may or may not be adjacent to the replication node. In the non-adjacent case my understanding is that the replication state may include an additional segment-list and this seems to be what the text in section 2.2. is saying by referencing H.Encaps.Red to re-encapsulate the packet with a new SRH and outer IPv6 header. If this is correct could it be made more explicit; at a minimum I would expect to see a reference to RFC 8986 section 5.2. [RP] Your understanding is correct. We can add a reference to RFC 8986 Section 5.2 as you suggest, but you say "... could it be made more explicit ..". Do you mean the current text is not clear about this? [Jim] thank you the addition of the reference is helpful. [Jim] I think the document could be more explicit by adding pseudo-code which shows the actual processing logic of the newly defined SID. RFC 8754 section 4.3.1 is very clear on this point. Please review https://www.rfc-editor.org/rfc/rfc8754.html#name-fib-entry-is-a-locally-inst You will see that the RFC says “This document and section define a single SRv6 SID. Future documents may define additional SRv6 SIDs. In such a case, the entire content of this section will be defined in that document”. It is clear that your document is defining a new SID, the Replication SID, and the processing logic of that SID is different to the SRv6 SID as defined in RFC 8754. Showing in your document the processing logic pseudo-code will make this clearer and will also follow the guidelines from RFC 8754. In addition to this I would like to clarify the case where re-encapsulation is not needed i.e. when an explicit path to a downstream node is not necessary and best path forwarding suffices. The text says that in this case the outer IPv6 header is re-used and the downstream replication SID is written into the IPv6 header destination address. This address is most likely NOT contained within the SRH which is a detachment from the normal SRv6 forwarding case and I would like to hear the authors and WGs opinions on this. [RP] Yes, an encapsulation is not needed when a Downstream node is adjacent or best path forwarding to a non-adjacent node is sufficient. The downstream node's Replication SID (from Replication State) is written in outer IPv6 DA and packet is forwarded based on the locator of the downstream node. Our (i.e. authors) opinion is that is permissible within the SRv6 architecture by new End.Replication behavior (associated with incoming local Replication SID) defined in the draft. [Jim] Section 4.3.1 of RFC 8754 would appear to agree with you but I welcome the WGs comments on this if there is disagreement. Jim Furthermore, there is already precedence in SRv6 architecture to process an incoming packet based on local state and forward the modified packet. RFC 8986 defines End.B6.Encaps and End.B6.Encaps.Red (and End.BM) functions that rely on local SR policy state to modify an incoming packet. Thanks, -Rishabh
_______________________________________________ spring mailing list spring@ietf.org https://www.ietf.org/mailman/listinfo/spring
