IETF Logo Mail Archive

Re: [Anima-signaling] draft-ietf-anima-grasp-04A

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 11 March 2016 04:41 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima-signaling@ietfa.amsl.com
Delivered-To: anima-signaling@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FCC812E07D for <anima-signaling@ietfa.amsl.com>; Thu, 10 Mar 2016 20:41:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W5-Ruxp3E-Jm for <anima-signaling@ietfa.amsl.com>; Thu, 10 Mar 2016 20:41:02 -0800 (PST)
Received: from mail-pa0-x22c.google.com (mail-pa0-x22c.google.com [IPv6:2607:f8b0:400e:c03::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D851712E07B for <anima-signaling@ietf.org>; Thu, 10 Mar 2016 20:41:02 -0800 (PST)
Received: by mail-pa0-x22c.google.com with SMTP id td3so56895222pab.2 for <anima-signaling@ietf.org>; Thu, 10 Mar 2016 20:41:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=py5g07X3l5QS224NXtU/wdLvNUQEoIqIkbERy1UoQg4=; b=xQjcWfEBwq/NJ0ioFTtxdmXp4sk8DxUtGxKLff/UKpI8yEf/fqf1JI4TjRzHowpsNN 7mp/Pk0okqW5nJ48EKVx8lZlOYFfa1n+eIVVxxcO87gFtPasYlgR6kY6t5XTZXU5dzVS PpoaiY2cC2d+43TNPr+IS8B/cb/WyF0ZCk8lPNpz9kT/PWRCWyDgn2SlY2YR66z0DF75 9hJDQ40peUw+zkt6p4atHPmmEG/Cio5Nr38WTSlHhxr4uU7K7HVwiFhHspUkiT7gJzLV v6AvThzLU9DE+JX/ZZ5A98VrKBJkkidn0u2+DecsH96XaHt0FYQOTqTHRs6T60L26W4w miAQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding; bh=py5g07X3l5QS224NXtU/wdLvNUQEoIqIkbERy1UoQg4=; b=f254N+mPe4gavtw77WTlTeuAZ1FCKB9dd26ayCKBJ7392F/j13eLuGXNMnGGE1Ajcp Jhg9rXBLaXMaMZtC5rrVaP9CEp6ZqREokVcQ9ydZ+g+lvLnnE+7tDzn4p7L7CC7qidH4 9VUtU+296Rkl+Uub4nE5VwYPwL+2i65bFaf5Mzw6/akIAC6PK3og844sZFomSr1QEp3y tPHR8xXF1EWjkFFpLHdkQrnUE89PvPBpYm030cMRzQkQ3V0i10D1XkJMbajbCaPl4sSS e1w6nA67mjT7l6BZjK1cd5a8pkvKCLX8mVymVkkjyqEV7IJMpZ97LUNF9psX003jPvaf MqwQ==
X-Gm-Message-State: AD7BkJKeWEnB4AyYv4sngZjOjZnvhFfhNLUJLYx6IkBxHYqy0yNgF4GE/+WIAEZW+P5hsQ==
X-Received: by 10.66.248.198 with SMTP id yo6mr10515802pac.54.1457671262380; Thu, 10 Mar 2016 20:41:02 -0800 (PST)
Received: from ?IPv6:2406:e007:64b4:1:28cc:dc4c:9703:6781? ([2406:e007:64b4:1:28cc:dc4c:9703:6781]) by smtp.gmail.com with ESMTPSA id yh5sm9029892pab.13.2016.03.10.20.40.59 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 10 Mar 2016 20:41:01 -0800 (PST)
To: "Liubing (Leo)" <leo.liubing@huawei.com>, Anima signaling DT <anima-signaling@ietf.org>
References: <56DE05D2.1070802@gmail.com> <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B25D@nkgeml514-mbx.china.huawei.com> <56E23546.2020809@gmail.com> <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B297@nkgeml514-mbx.china.huawei.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <56E24C63.8020700@gmail.com>
Date: Fri, 11 Mar 2016 17:41:07 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <8AE0F17B87264D4CAC7DE0AA6C406F45C2D4B297@nkgeml514-mbx.china.huawei.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-signaling/Ru1Rki-w58-COw0cqHUOilyg8_8>
Cc: "Joel M. Halpern" <jmh@joelhalpern.com>
Subject: Re: [Anima-signaling] draft-ietf-anima-grasp-04A
X-BeenThere: anima-signaling@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the signaling design team of the ANIMA WG <anima-signaling.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-signaling/>
List-Post: <mailto:anima-signaling@ietf.org>
List-Help: <mailto:anima-signaling-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Mar 2016 04:41:05 -0000

On 11/03/2016 16:06, Liubing (Leo) wrote:
>> -----Original Message-----
>> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com]
>> Sent: Friday, March 11, 2016 11:03 AM
>> To: Liubing (Leo); Anima signaling DT
>> Cc: Joel M. Halpern
>> Subject: Re: [Anima-signaling] draft-ietf-anima-grasp-04A
>>
>> On 11/03/2016 15:33, Liubing (Leo) wrote:
>>> Hi Brian,
>>>
>>> Thanks for the update. I only have a minor comment.
>>>
>>>  " It MUST cache the
>>>    Session ID value and initiator address of each relayed
>>>    discovery message until the discovery process has ended or
>>>    timed out.  To prevent loops, it MUST NOT relay a Discovery
>>>    message which carries a given cached Session ID and initiator
>>>    address more than once."
>>>
>>> I think it is hard for the relays to judge whether the Discovery process has
>> ended/time out. Even the initiator could only do "time out" count
>> (GRASP_DEF_TIMEOUT), not solid judgment of "Discovery end".
>>
>> Actually the end of discovery is well-defined. Either the relayed discovery
>> receives a Response message or the discovery timeout itself expires.
>> So the discovery code already does disactivate the cached entry
>> automatically, even for a normal (not relayed) discovery.
> [Bing] The Response message probably not pass through the relay devices;

It must - it's an on-link process. The Discovery Response goes to the relay node
that sent the link-local multicast. Then the relay has to send a Discovery
Response itself to the initiator. I have added some text for that.

> and the Discovery timeout is only available for the discovery initiator.

Yes, there is a point missing there: the relaying node doesn't know the
original timeout, so it has to use the default. I will add that to the text.

Actually there's no real solution to that in any case: if a Discovery Response
arrives too late, it will be wasted. So if the initiator sets a very small timeout
it will never get an answer. The only real purpose of the timeout is to avoid
wating for ever.

So now the text reads:

         If an ASA in the neighbor device supports the requested
         discovery objective, it MAY respond to the link-local multicast
         with a unicast Discovery Response message (Section 3.7.4) with
         locator option(s). ...

         <snip>

         A GRASP device with multiple link-layer interfaces (typically a
         router) MUST support discovery on all interfaces.  If it
         receives a Discovery message on a given interface for a
         specific objective that it does not support and for which it
         has not previously cached a Discovery Responder, it MUST relay
         the query by re-issuing a Discovery message as a link-local
         multicast on its other interfaces.  The relayed discovery
         message MUST have the same Session ID as the incoming discovery
         message and MUST be tagged with the IP address of its original
         initiator.  Since the relay device is unaware of the timeout
         set by the original initiator it SHOULD set a timeout at least
         equal to GRASP_DEF_TIMEOUT milliseconds.

         The relaying device MUST decrement the loop count within the
         objective, and MUST NOT relay the Discovery message if the
         result is zero.  Also, it MUST limit the total rate at which it
         relays discovery messages to a reasonable value, in order to
         mitigate possible denial of service attacks.  It MUST cache the
         Session ID value and initiator address of each relayed
         Discovery message until any Discovery Responses have arrived or
         the discovery process has timed out.  To prevent loops, it MUST
         NOT relay a Discovery message which carries a given cached
         Session ID and initiator address more than once.  These
         precautions avoid discovery loops and mitigate potential
         overload.

         The discovery results received by the relaying device MUST in
         turn be sent as a Discovery Response message to the Discovery
         message that caused the relay action.

The relay process needs a diagram to explain but I don't have time today.
OK if I submit the draft? I can clarify this in the slides for the IETF.

Regards
    Brian



> So for the relay devices, it should be hard to judge the end?
> 
> B.R.
> Bing
> 
>> I'm not sure I know how to explain that in the text though, let me have a
>> quick look. Then I will submit the draft because I will be on travel from
>> tomorrow.
>>
>> Regards
>>    Brian
>>
>>> So maybe we also recommend a value of twice the GRASP_DEF_TIMEOUT,
>> just as the Flood Synchronization case.
>>>
>>> Best regards,
>>> Bing
>>>
>>>
>>>> -----Original Message-----
>>>> From: Anima-signaling [mailto:anima-signaling-bounces@ietf.org] On
>>>> Behalf Of Brian E Carpenter
>>>> Sent: Tuesday, March 08, 2016 6:51 AM
>>>> To: Anima signaling DT
>>>> Cc: Joel M. Halpern
>>>> Subject: [Anima-signaling] draft-ietf-anima-grasp-04A
>>>>
>>>> Hi Design Team, Joel,
>>>>
>>>> Attached is proposed update to GRASP that hopefully fixes a serious
>>>> looping issue that Joel noticed in the -03 draft.
>>>>
>>>> The issue was that in a physical topology with 3 or more LANs
>>>> connected in a loop by 3 or more routers, GRASP multicasts (Discovery
>>>> and Flood Synch
>>>> messages) would have looped until the loop count reached zero.
>>>>
>>>> The fix was to revert to the 'initiator' field previously included in
>>>> the -02 draft, but with the logic properly worked out this time ;-).
>>>>
>>>> I've both observed the problem in the -03 version of the prototype
>>>> code, and shown that the fix works in a new -04 version of the code.
>>>> (I didn't need to build a router loop; when the code is set to listen
>>>> to its own multicasts, it simulates an infinite router loop.)
>>>>
>>>> Co-authors: any comments or objections? I'd like to post this draft
>>>> during this week, as I will be on vacation next week.
>>>>
>>>> Txt file and diffs attached. I will post the XML to GitHub.
>>>>
>>>> Regards
>>>>    Brian
>>>

v2.8.7 | Report a Bug | By Email