Re: [Anima-signaling] draft-ietf-anima-grasp-04A

"Liubing (Leo)" <leo.liubing@huawei.com> Fri, 11 March 2016 08:00 UTC

Return-Path: <leo.liubing@huawei.com>
X-Original-To: anima-signaling@ietfa.amsl.com
Delivered-To: anima-signaling@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8284D12D562 for <anima-signaling@ietfa.amsl.com>; Fri, 11 Mar 2016 00:00:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.222
X-Spam-Level:
X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4rdW0jq0O9Tm for <anima-signaling@ietfa.amsl.com>; Fri, 11 Mar 2016 00:00:14 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09FF512D564 for <anima-signaling@ietf.org>; Fri, 11 Mar 2016 00:00:12 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml705-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CKI03198; Fri, 11 Mar 2016 08:00:10 +0000 (GMT)
Received: from NKGEML406-HUB.china.huawei.com (10.98.56.37) by lhreml705-cah.china.huawei.com (10.201.5.168) with Microsoft SMTP Server (TLS) id 14.3.235.1; Fri, 11 Mar 2016 08:00:09 +0000
Received: from NKGEML514-MBX.china.huawei.com ([fe80::40a8:f0d:c0f3:2ca5]) by nkgeml406-hub.china.huawei.com ([10.98.56.37]) with mapi id 14.03.0235.001; Fri, 11 Mar 2016 16:00:02 +0800
From: "Liubing (Leo)" <leo.liubing@huawei.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, Anima signaling DT <anima-signaling@ietf.org>
Thread-Topic: [Anima-signaling] draft-ietf-anima-grasp-04A
Thread-Index: AQHReMPmtQj+y7J9n0y3e3GHaF/Kip9TgGyQ//+M1gCAAIZcEP//lTGAgACz5AA=
Date: Fri, 11 Mar 2016 08:00:01 +0000
Message-ID: <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B369@nkgeml514-mbx.china.huawei.com>
References: <56DE05D2.1070802@gmail.com> <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B25D@nkgeml514-mbx.china.huawei.com> <56E23546.2020809@gmail.com> <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B297@nkgeml514-mbx.china.huawei.com> <56E24C63.8020700@gmail.com>
In-Reply-To: <56E24C63.8020700@gmail.com>
Accept-Language: en-US, zh-CN
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.111.98.117]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020205.56E27B0A.016F, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 6dc5bf670d6a0eb8c409bf0e9ae588ea
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-signaling/AGBJdLvwqkmZuvLVO7a8UGiNv-A>
Cc: "Joel M. Halpern" <jmh@joelhalpern.com>
Subject: Re: [Anima-signaling] draft-ietf-anima-grasp-04A
X-BeenThere: anima-signaling@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the signaling design team of the ANIMA WG <anima-signaling.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-signaling/>
List-Post: <mailto:anima-signaling@ietf.org>
List-Help: <mailto:anima-signaling-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Mar 2016 08:00:16 -0000

Hi Brian,

I was out for a little errand this noon, so didn't reply you timely. The new version looks good to me, thank you.


Just a bit more discussion as the following. (Not necessary to finish the discussion this time, we can always discuss it after your travel.)

> > [Bing] The Response message probably not pass through the relay
> > devices;
> 
> It must - it's an on-link process. The Discovery Response goes to the relay
> node that sent the link-local multicast. Then the relay has to send a
> Discovery Response itself to the initiator.

[Bing] If the initiator is a GUA/ULA, maybe it's good to allow the responder directly send the Discovery-Response msg to the initiator?

From technical perspective, relaying Discovery-Response is only necessary when the initiator is an link-local address. But in this case, the relay devices need to record the multicast source of a given SessionID+Initiator pair, and route back the Discovery-Response in a complete reverse path. That is some additional complexity. 

So, I was wondering whether the link-local address initiator is a corner case? If it is, is it worth to be addressed by this additional complexity?
So far I don't have a clear answer, I'd like to hear your opinions.

Have a good trip.

Best regards,
Bing


> -----Original Message-----
> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com]
> Sent: Friday, March 11, 2016 12:41 PM
> To: Liubing (Leo); Anima signaling DT
> Cc: Joel M. Halpern
> Subject: Re: [Anima-signaling] draft-ietf-anima-grasp-04A
> 
> On 11/03/2016 16:06, Liubing (Leo) wrote:
> >> -----Original Message-----
> >> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com]
> >> Sent: Friday, March 11, 2016 11:03 AM
> >> To: Liubing (Leo); Anima signaling DT
> >> Cc: Joel M. Halpern
> >> Subject: Re: [Anima-signaling] draft-ietf-anima-grasp-04A
> >>
> >> On 11/03/2016 15:33, Liubing (Leo) wrote:
> >>> Hi Brian,
> >>>
> >>> Thanks for the update. I only have a minor comment.
> >>>
> >>>  " It MUST cache the
> >>>    Session ID value and initiator address of each relayed
> >>>    discovery message until the discovery process has ended or
> >>>    timed out.  To prevent loops, it MUST NOT relay a Discovery
> >>>    message which carries a given cached Session ID and initiator
> >>>    address more than once."
> >>>
> >>> I think it is hard for the relays to judge whether the Discovery
> >>> process has
> >> ended/time out. Even the initiator could only do "time out" count
> >> (GRASP_DEF_TIMEOUT), not solid judgment of "Discovery end".
> >>
> >> Actually the end of discovery is well-defined. Either the relayed
> >> discovery receives a Response message or the discovery timeout itself
> expires.
> >> So the discovery code already does disactivate the cached entry
> >> automatically, even for a normal (not relayed) discovery.
> > [Bing] The Response message probably not pass through the relay
> > devices;
> 
> It must - it's an on-link process. The Discovery Response goes to the relay
> node that sent the link-local multicast. Then the relay has to send a
> Discovery Response itself to the initiator. I have added some text for that.
> 
> > and the Discovery timeout is only available for the discovery initiator.
> 
> Yes, there is a point missing there: the relaying node doesn't know the
> original timeout, so it has to use the default. I will add that to the text.
> 
> Actually there's no real solution to that in any case: if a Discovery Response
> arrives too late, it will be wasted. So if the initiator sets a very small timeout
> it will never get an answer. The only real purpose of the timeout is to avoid
> wating for ever.
> 
> So now the text reads:
> 
>          If an ASA in the neighbor device supports the requested
>          discovery objective, it MAY respond to the link-local multicast
>          with a unicast Discovery Response message (Section 3.7.4) with
>          locator option(s). ...
> 
>          <snip>
> 
>          A GRASP device with multiple link-layer interfaces (typically a
>          router) MUST support discovery on all interfaces.  If it
>          receives a Discovery message on a given interface for a
>          specific objective that it does not support and for which it
>          has not previously cached a Discovery Responder, it MUST relay
>          the query by re-issuing a Discovery message as a link-local
>          multicast on its other interfaces.  The relayed discovery
>          message MUST have the same Session ID as the incoming
> discovery
>          message and MUST be tagged with the IP address of its original
>          initiator.  Since the relay device is unaware of the timeout
>          set by the original initiator it SHOULD set a timeout at least
>          equal to GRASP_DEF_TIMEOUT milliseconds.
> 
>          The relaying device MUST decrement the loop count within the
>          objective, and MUST NOT relay the Discovery message if the
>          result is zero.  Also, it MUST limit the total rate at which it
>          relays discovery messages to a reasonable value, in order to
>          mitigate possible denial of service attacks.  It MUST cache the
>          Session ID value and initiator address of each relayed
>          Discovery message until any Discovery Responses have arrived or
>          the discovery process has timed out.  To prevent loops, it MUST
>          NOT relay a Discovery message which carries a given cached
>          Session ID and initiator address more than once.  These
>          precautions avoid discovery loops and mitigate potential
>          overload.
> 
>          The discovery results received by the relaying device MUST in
>          turn be sent as a Discovery Response message to the Discovery
>          message that caused the relay action.
> 
> The relay process needs a diagram to explain but I don't have time today.
> OK if I submit the draft? I can clarify this in the slides for the IETF.
> 
> Regards
>     Brian
> 
> 
> 
> > So for the relay devices, it should be hard to judge the end?
> >
> > B.R.
> > Bing
> >
> >> I'm not sure I know how to explain that in the text though, let me
> >> have a quick look. Then I will submit the draft because I will be on
> >> travel from tomorrow.
> >>
> >> Regards
> >>    Brian
> >>
> >>> So maybe we also recommend a value of twice the
> GRASP_DEF_TIMEOUT,
> >> just as the Flood Synchronization case.
> >>>
> >>> Best regards,
> >>> Bing
> >>>
> >>>
> >>>> -----Original Message-----
> >>>> From: Anima-signaling [mailto:anima-signaling-bounces@ietf.org] On
> >>>> Behalf Of Brian E Carpenter
> >>>> Sent: Tuesday, March 08, 2016 6:51 AM
> >>>> To: Anima signaling DT
> >>>> Cc: Joel M. Halpern
> >>>> Subject: [Anima-signaling] draft-ietf-anima-grasp-04A
> >>>>
> >>>> Hi Design Team, Joel,
> >>>>
> >>>> Attached is proposed update to GRASP that hopefully fixes a serious
> >>>> looping issue that Joel noticed in the -03 draft.
> >>>>
> >>>> The issue was that in a physical topology with 3 or more LANs
> >>>> connected in a loop by 3 or more routers, GRASP multicasts
> >>>> (Discovery and Flood Synch
> >>>> messages) would have looped until the loop count reached zero.
> >>>>
> >>>> The fix was to revert to the 'initiator' field previously included
> >>>> in the -02 draft, but with the logic properly worked out this time ;-).
> >>>>
> >>>> I've both observed the problem in the -03 version of the prototype
> >>>> code, and shown that the fix works in a new -04 version of the code.
> >>>> (I didn't need to build a router loop; when the code is set to
> >>>> listen to its own multicasts, it simulates an infinite router
> >>>> loop.)
> >>>>
> >>>> Co-authors: any comments or objections? I'd like to post this draft
> >>>> during this week, as I will be on vacation next week.
> >>>>
> >>>> Txt file and diffs attached. I will post the XML to GitHub.
> >>>>
> >>>> Regards
> >>>>    Brian
> >>>