Hi Jeffrey, Sorry for late reply, thanks for your comments for the draft (https://datatracker.ietf.org/doc/draft-hzh-fantel-wan-tunnel) in the session. Regarding the use of ICMPv6 for fast congestion and failure notification, here are a few clarifying points:
1. ICMPv6 messages can be protected by mechanisms such as uRPF and rate limiting, mitigating potential DDoS risks. Therefore, ICMPv6 control messages like PKT-TOOBIG are widely deployed in operator networks. In addition, this draft emphasizes that ICMPv6 congestion notifications should carry information about the affected service or flow, enabling joint authentication based on identifiers like source address and service context. Security considerations will certainly be a key focus in future revisions of this draft. 2. ICMP Source Quench was previously used for congestion control but has been abandoned in ICMPv6, primarily due to poor coordination with TCP congestion control mechanisms. For RoCE or RoCEv2 traffic, which lacks TCP-based congestion control, there is a need for network-side congestion management in the WAN. Therefore, we propose this draft and aim to integrate it with intra-DC mechanisms such as PFC to achieve an E2E congestion control solution. 3. In addition to the ICMPv6-based method, the draft also specifies a UDP encapsulation, and tunnel-based approaches such as SRv6 may be explored in future work. The implementation is still under exploration, and further feedback and discussion are welcome! Best regards, Zehua
_______________________________________________ rtgwg mailing list -- [email protected] To unsubscribe send an email to [email protected]
