IETF Logo Mail Archive

Re: [Anima-signaling] draft-ietf-anima-grasp-04A

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 25 March 2016 02:10 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima-signaling@ietfa.amsl.com
Delivered-To: anima-signaling@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03B6B12D9DD for <anima-signaling@ietfa.amsl.com>; Thu, 24 Mar 2016 19:10:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QZCVKVv_Gdyn for <anima-signaling@ietfa.amsl.com>; Thu, 24 Mar 2016 19:10:40 -0700 (PDT)
Received: from mail-pf0-x22d.google.com (mail-pf0-x22d.google.com [IPv6:2607:f8b0:400e:c00::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C3A012D5FA for <anima-signaling@ietf.org>; Thu, 24 Mar 2016 19:10:40 -0700 (PDT)
Received: by mail-pf0-x22d.google.com with SMTP id u190so72216753pfb.3 for <anima-signaling@ietf.org>; Thu, 24 Mar 2016 19:10:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=8uhXERyDY5RQhnSwg84UIDVVfX1m0hNKPi/ZKTAWzLU=; b=WUZg3HqQH2JjH4XF87d/QDdRIwPuHkJkIsn0gv62X8M5IV0rzJEzvdas27c8DgM9Kz CBr7H+PfQxfk3wGxsYhXOEbbpGErkNaNl36dUVPWg6NQfAEKhJ1T1RHoZi9zaRRcP52W ttZa9MaERdffIVN2lTnpXK3Vk//r00/VFUncuFyy7YDlLxe7kVRipB5RhkV4lhy6bWyt pb7OireeuEuRZb60dm6uPYmqZGlSElSSKxRTurrNeU5uJocrDo+iPqGnx8xd/myNkNVg 5f5iZi60UeA+rvSc4xEygesCI48PsqSMTNj8EobwkzUKYDvRrgrRtPzHYAQ3Hx57IC54 P8HA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=8uhXERyDY5RQhnSwg84UIDVVfX1m0hNKPi/ZKTAWzLU=; b=Hk2ewtOue0WWluZ485EATBSwWVw0O+ALBH6h4TXEcTaDdXhI62IkmClBv4UaZUYQpC Jff601BEdlc7EhUvu5kvQ+2clLOJWBQI6HI+OrAqhy63hGcSu1iHMYBGpOjnJ2zCDHlm xGlSQuSnU2an7CFXMr38C9Nh+V7rChF/cQ23lVhPe23WSOiTJfdWbIDhBwcZSZY6N9SM 6u75d7LvbOc4+54Az+Pok33+LBbfbW6iEA3EXobGYPpv9lqtJqTZyXQ/zeRcAf007KEj Fxg0Zouv8+Z5dV8G1Jdq3w/LXlyaDAV6XvuzHWciEoJ5/N9YH+S3rWJ9Xg/wfoSB8zKF 8nBg==
X-Gm-Message-State: AD7BkJLcavJz33kUN+LXik7ntPGNBSf3UFPpvZrc0Lvj/eCKGKyCrUTTguKwMyFF8aFmjw==
X-Received: by 10.98.10.136 with SMTP id 8mr17476919pfk.67.1458871839581; Thu, 24 Mar 2016 19:10:39 -0700 (PDT)
Received: from ?IPv6:2406:e007:46cc:1:28cc:dc4c:9703:6781? ([2406:e007:46cc:1:28cc:dc4c:9703:6781]) by smtp.gmail.com with ESMTPSA id z68sm12790685pfi.19.2016.03.24.19.10.35 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 24 Mar 2016 19:10:37 -0700 (PDT)
To: "Liubing (Leo)" <leo.liubing@huawei.com>, Anima signaling DT <anima-signaling@ietf.org>
References: <56DE05D2.1070802@gmail.com> <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B25D@nkgeml514-mbx.china.huawei.com> <56E23546.2020809@gmail.com> <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B297@nkgeml514-mbx.china.huawei.com> <56E24C63.8020700@gmail.com> <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B369@nkgeml514-mbx.china.huawei.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <56F49E24.7070908@gmail.com>
Date: Fri, 25 Mar 2016 15:10:44 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.0
MIME-Version: 1.0
In-Reply-To: <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B369@nkgeml514-mbx.china.huawei.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-signaling/8VQ4lA00VXngiU6OdZmqFhfbevY>
Cc: "Joel M. Halpern" <jmh@joelhalpern.com>
Subject: Re: [Anima-signaling] draft-ietf-anima-grasp-04A
X-BeenThere: anima-signaling@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the signaling design team of the ANIMA WG <anima-signaling.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-signaling/>
List-Post: <mailto:anima-signaling@ietf.org>
List-Help: <mailto:anima-signaling-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Mar 2016 02:10:43 -0000

Coming back to this point...
On 11/03/2016 21:00, Liubing (Leo) wrote:
> Hi Brian,
> 
> I was out for a little errand this noon, so didn't reply you timely. The new version looks good to me, thank you.
> 
> 
> Just a bit more discussion as the following. (Not necessary to finish the discussion this time, we can always discuss it after your travel.)
> 
>>> [Bing] The Response message probably not pass through the relay
>>> devices;
>>
>> It must - it's an on-link process. The Discovery Response goes to the relay
>> node that sent the link-local multicast. Then the relay has to send a
>> Discovery Response itself to the initiator.
> 
> [Bing] If the initiator is a GUA/ULA, maybe it's good to allow the responder directly send the Discovery-Response msg to the initiator?
> 
> From technical perspective, relaying Discovery-Response is only necessary when the initiator is an link-local address. 

Mathematically, that is true. But remember that several different Discovery-Responses
may arrive for the same Discovery, some on-link and some off-link. They should all
be collected (as long as they arrive before the timeout).

> But in this case, the relay devices need to record the multicast source of a given SessionID+Initiator pair, and route back the Discovery-Response in a complete reverse path. That is some additional complexity.

Actually it turned out to be quite simple. Every node needs a discovery cache, so
when the relay receives a Discovery-Response it simply caches it. And then the
original discovery thread picks it up automatically from the cache. So there
was no extra code to make this work. (I have to say this is not fully tested
because it needs quite a complicated test network. But every code path has been
tested.) It has the advantage that the relay node now has a cached locator
for any other Discovery initiator, so the next time no relay is needed.

> So, I was wondering whether the link-local address initiator is a corner case? If it is, is it worth to be addressed by this additional complexity?

I think it will be essential during bootstrap, before the ACP addresses are
assigned. I agree that when the ACP is running, we could send direct Discovery-
Responses, but they will not be cached in the relay node.

Regards
    Brian

> So far I don't have a clear answer, I'd like to hear your opinions.
> 
> Have a good trip.
> 
> Best regards,
> Bing
> 
> 
>> -----Original Message-----
>> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com]
>> Sent: Friday, March 11, 2016 12:41 PM
>> To: Liubing (Leo); Anima signaling DT
>> Cc: Joel M. Halpern
>> Subject: Re: [Anima-signaling] draft-ietf-anima-grasp-04A
>>
>> On 11/03/2016 16:06, Liubing (Leo) wrote:
>>>> -----Original Message-----
>>>> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com]
>>>> Sent: Friday, March 11, 2016 11:03 AM
>>>> To: Liubing (Leo); Anima signaling DT
>>>> Cc: Joel M. Halpern
>>>> Subject: Re: [Anima-signaling] draft-ietf-anima-grasp-04A
>>>>
>>>> On 11/03/2016 15:33, Liubing (Leo) wrote:
>>>>> Hi Brian,
>>>>>
>>>>> Thanks for the update. I only have a minor comment.
>>>>>
>>>>>  " It MUST cache the
>>>>>    Session ID value and initiator address of each relayed
>>>>>    discovery message until the discovery process has ended or
>>>>>    timed out.  To prevent loops, it MUST NOT relay a Discovery
>>>>>    message which carries a given cached Session ID and initiator
>>>>>    address more than once."
>>>>>
>>>>> I think it is hard for the relays to judge whether the Discovery
>>>>> process has
>>>> ended/time out. Even the initiator could only do "time out" count
>>>> (GRASP_DEF_TIMEOUT), not solid judgment of "Discovery end".
>>>>
>>>> Actually the end of discovery is well-defined. Either the relayed
>>>> discovery receives a Response message or the discovery timeout itself
>> expires.
>>>> So the discovery code already does disactivate the cached entry
>>>> automatically, even for a normal (not relayed) discovery.
>>> [Bing] The Response message probably not pass through the relay
>>> devices;
>>
>> It must - it's an on-link process. The Discovery Response goes to the relay
>> node that sent the link-local multicast. Then the relay has to send a
>> Discovery Response itself to the initiator. I have added some text for that.
>>
>>> and the Discovery timeout is only available for the discovery initiator.
>>
>> Yes, there is a point missing there: the relaying node doesn't know the
>> original timeout, so it has to use the default. I will add that to the text.
>>
>> Actually there's no real solution to that in any case: if a Discovery Response
>> arrives too late, it will be wasted. So if the initiator sets a very small timeout
>> it will never get an answer. The only real purpose of the timeout is to avoid
>> wating for ever.
>>
>> So now the text reads:
>>
>>          If an ASA in the neighbor device supports the requested
>>          discovery objective, it MAY respond to the link-local multicast
>>          with a unicast Discovery Response message (Section 3.7.4) with
>>          locator option(s). ...
>>
>>          <snip>
>>
>>          A GRASP device with multiple link-layer interfaces (typically a
>>          router) MUST support discovery on all interfaces.  If it
>>          receives a Discovery message on a given interface for a
>>          specific objective that it does not support and for which it
>>          has not previously cached a Discovery Responder, it MUST relay
>>          the query by re-issuing a Discovery message as a link-local
>>          multicast on its other interfaces.  The relayed discovery
>>          message MUST have the same Session ID as the incoming
>> discovery
>>          message and MUST be tagged with the IP address of its original
>>          initiator.  Since the relay device is unaware of the timeout
>>          set by the original initiator it SHOULD set a timeout at least
>>          equal to GRASP_DEF_TIMEOUT milliseconds.
>>
>>          The relaying device MUST decrement the loop count within the
>>          objective, and MUST NOT relay the Discovery message if the
>>          result is zero.  Also, it MUST limit the total rate at which it
>>          relays discovery messages to a reasonable value, in order to
>>          mitigate possible denial of service attacks.  It MUST cache the
>>          Session ID value and initiator address of each relayed
>>          Discovery message until any Discovery Responses have arrived or
>>          the discovery process has timed out.  To prevent loops, it MUST
>>          NOT relay a Discovery message which carries a given cached
>>          Session ID and initiator address more than once.  These
>>          precautions avoid discovery loops and mitigate potential
>>          overload.
>>
>>          The discovery results received by the relaying device MUST in
>>          turn be sent as a Discovery Response message to the Discovery
>>          message that caused the relay action.
>>
>> The relay process needs a diagram to explain but I don't have time today.
>> OK if I submit the draft? I can clarify this in the slides for the IETF.
>>
>> Regards
>>     Brian
>>
>>
>>
>>> So for the relay devices, it should be hard to judge the end?
>>>
>>> B.R.
>>> Bing
>>>
>>>> I'm not sure I know how to explain that in the text though, let me
>>>> have a quick look. Then I will submit the draft because I will be on
>>>> travel from tomorrow.
>>>>
>>>> Regards
>>>>    Brian
>>>>
>>>>> So maybe we also recommend a value of twice the
>> GRASP_DEF_TIMEOUT,
>>>> just as the Flood Synchronization case.
>>>>>
>>>>> Best regards,
>>>>> Bing
>>>>>
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Anima-signaling [mailto:anima-signaling-bounces@ietf.org] On
>>>>>> Behalf Of Brian E Carpenter
>>>>>> Sent: Tuesday, March 08, 2016 6:51 AM
>>>>>> To: Anima signaling DT
>>>>>> Cc: Joel M. Halpern
>>>>>> Subject: [Anima-signaling] draft-ietf-anima-grasp-04A
>>>>>>
>>>>>> Hi Design Team, Joel,
>>>>>>
>>>>>> Attached is proposed update to GRASP that hopefully fixes a serious
>>>>>> looping issue that Joel noticed in the -03 draft.
>>>>>>
>>>>>> The issue was that in a physical topology with 3 or more LANs
>>>>>> connected in a loop by 3 or more routers, GRASP multicasts
>>>>>> (Discovery and Flood Synch
>>>>>> messages) would have looped until the loop count reached zero.
>>>>>>
>>>>>> The fix was to revert to the 'initiator' field previously included
>>>>>> in the -02 draft, but with the logic properly worked out this time ;-).
>>>>>>
>>>>>> I've both observed the problem in the -03 version of the prototype
>>>>>> code, and shown that the fix works in a new -04 version of the code.
>>>>>> (I didn't need to build a router loop; when the code is set to
>>>>>> listen to its own multicasts, it simulates an infinite router
>>>>>> loop.)
>>>>>>
>>>>>> Co-authors: any comments or objections? I'd like to post this draft
>>>>>> during this week, as I will be on vacation next week.
>>>>>>
>>>>>> Txt file and diffs attached. I will post the XML to GitHub.
>>>>>>
>>>>>> Regards
>>>>>>    Brian
>>>>>

v2.8.7 | Report a Bug | By Email