[bess] Re: John Scudder's Discuss on draft-ietf-bess-evpn-fast-df-recovery-10: (with DISCUSS and COMMENT)

John Scudder <jgs@juniper.net> Tue, 20 August 2024 17:08 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B19F5C14F6B8; Tue, 20 Aug 2024 10:08:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.252
X-Spam-Level:
X-Spam-Status: No, score=-2.252 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b="jhqTj2lH"; dkim=neutral reason="invalid (public key: not available)" header.d=juniper.net header.b="JLqyYOIz"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DPWu_IH10ond; Tue, 20 Aug 2024 10:08:22 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) by ietfa.amsl.com (Postfix) with ESMTP id A1F07C14F6FE; Tue, 20 Aug 2024 10:08:22 -0700 (PDT)
Received: from pps.filterd (m0108158.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 47KH2RLq006149; Tue, 20 Aug 2024 10:08:22 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h= cc:content-id:content-transfer-encoding:content-type:date:from :in-reply-to:message-id:mime-version:references:subject:to; s= PPS1017; bh=lgqcE8YIRJ+JJ7TJdqPwT7YK1TiheEHa1qAhE9itGjI=; b=jhqT j2lH5iZwSyeENKZ0yrhY20sX3rzi5Z1w0bgNuJRrQgcFY1e9ZSmbZb6oWbskB+Mr 8tgGYkAivcMS2JcIb7vlRWD76sDuFmCbps4CzgatybIQ3SaieCT6uyHLd6IdrSRv U2hpL9ZBOIGeAhW+Bsft/7sZMXh2G2vWseoee0Yx6Ex7iQL6+/VWPWFRUIyC21G6 n2TeBlPYrbe5GF7RQbvikOYUB86srvjQ3P857nwwiY0OKuSwLmloi+AraLA9bT2X qJPf98I/HAlVYJ+kGOxXnJb8CfiRilLMka0zwtORwA9LRzWTcDWO+W4y9YiOUmOo oPAhHYJhKnJ4RDLkpw==
Received: from bn8pr05cu002.outbound.protection.outlook.com (mail-eastus2azlp17011030.outbound.protection.outlook.com [40.93.12.30]) by mx0a-00273201.pphosted.com (PPS) with ESMTPS id 412qjknx1p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 20 Aug 2024 10:08:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=OtzmNACP4GdyreXIgTnpaQgneUQUEfJ070MlHB3H+gwH7HZ3fMr+uTroiYgN34esPkoPhf6UEzAj9ukmGaNpXAQ8mcIsEpimAGQRtsXUtmzsVcgebeCL/K/sOMt3gM2x+O6ZzFWuduHdSw9u22tUcHUFSwGKnbDQo3Eq8VFr4N/+OgVh+QWPU3BYgf4j8NLbUGAf4z8xMeV6ew2gWTBeiOPg2Q5wLRO7voHYViU7kXDRhbXlkXp4gFy1f3rtHZuY1JE9tASNwd2q4EIeR5+CH5PVXE8myjclmoUQj/dnyOPegiQ29CtcuUnW5xUsRfHPSSB7wdMwiQ/+8i7H6T7mBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lgqcE8YIRJ+JJ7TJdqPwT7YK1TiheEHa1qAhE9itGjI=; b=rZRqmk9SV72UPT4VTA5xTwTFdysStejfUYx3mVzqEx4GyKhVoXtO5UgLOXCx5njvZbeKAKY9fF+9pWquGcz9VQ8O64D6+jihGte1vguMVBbPYSPJN9m39S4KMmRodisr4GP/tdjXSjIOHmWW572kc1Xcd0wSBRR0y108iouUpqaWsbeuCSuhfD/OLJ5WrLhWvLt0SQabgvLIZMzS4tIW5BIi0p5JQZ0OrQqnhyPPpMv40CnjvPc4lQ8/ReyA/HEGwf7Tap5ZkybQI/xsAvF/7WNs8wvMpgP2ZugDs8nFG8jCOxNLSuF7CggHTH4xIJcvm75mRM7lV35nZ87tp3ci0w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lgqcE8YIRJ+JJ7TJdqPwT7YK1TiheEHa1qAhE9itGjI=; b=JLqyYOIzjzyTwWyU9VH/6nevxxDmyTe5l8l5c8mv4ItkfG5qNjsDMBDFGe4TuIqBTywCic7vPHeTSQLEsBsBcCfNPCq0fs4cbL1yEY5XGrdMdqKhg8StbcNm1QFqoS8hhRcniVaKHpqRDp7j60GUR5hIbFKUbikXbmrkmyLNvKw=
Received: from LV8PR05MB10374.namprd05.prod.outlook.com (2603:10b6:408:184::11) by IA1PR05MB10127.namprd05.prod.outlook.com (2603:10b6:208:3d8::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7875.21; Tue, 20 Aug 2024 17:08:18 +0000
Received: from LV8PR05MB10374.namprd05.prod.outlook.com ([fe80::5611:fbeb:b227:6aa9]) by LV8PR05MB10374.namprd05.prod.outlook.com ([fe80::5611:fbeb:b227:6aa9%6]) with mapi id 15.20.7875.019; Tue, 20 Aug 2024 17:08:18 +0000
From: John Scudder <jgs@juniper.net>
To: "draft-ietf-bess-evpn-fast-df-recovery@ietf.org" <draft-ietf-bess-evpn-fast-df-recovery@ietf.org>
Thread-Topic: [bess] John Scudder's Discuss on draft-ietf-bess-evpn-fast-df-recovery-10: (with DISCUSS and COMMENT)
Thread-Index: AQHa8pW2V/93A5vs1U2CpIOpxecJ6bIwYdAA
Date: Tue, 20 Aug 2024 17:08:18 +0000
Message-ID: <9449E42F-1241-4119-AC62-D36AF1D3DEC2@juniper.net>
References: <172411275169.1985200.11309811863338610562@dt-datatracker-6df4c9dcf5-t2x2k>
In-Reply-To: <172411275169.1985200.11309811863338610562@dt-datatracker-6df4c9dcf5-t2x2k>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LV8PR05MB10374:EE_|IA1PR05MB10127:EE_
x-ms-office365-filtering-correlation-id: 76679d28-ae3a-4339-8998-08dcc13aafd9
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|4022899009|366016|1800799024|376014|38070700018;
x-microsoft-antispam-message-info: 39AEJF7QU0Hr+O6eSDwjSymPwnZwDwTdwwfptXjB7a1qkJGmHGndTtvAdUoWMfE2mbde5Jd4CRwhEIaZsR+Tu+8zJyXuGiv2J7SzJMLfmzsSrs+FWe3BDmGEXcaVj5LkbBCEka7MQOeyU2a+Embz+ZeAxJ7rjHUTN9csA3jRy4Qq/ZdA8cQkC1pUx/z1RORF3z0igLFmbpMCazxQueSGflo56hwU33M+fOkYLfOM6XdL8ESxiQD8o9b1vtF9k+i/tSi80/86M8YU2UAORQKcu80WJoHB41wA8Vz8PnhdYovKE5oeChQLyiI6MzzMtYyjKju1t2+m63ik6w3/dR5FbgFBb9NSAbXGDLn0sqgqkbNGn0gGbYWGPTd65MkZMHVdDaeRfpGGDW1PTtGC5Rjcftvu9N1CqtCvvQEtCKTB6zJFqAEN9s9HTm2OCYUYOXlIc3O1TAKITh4ro4nW6gr7wm2LVY1jmLzDFBORRYj/V9V+A+ziA6J/ro1lnGIx/mjhq+yhe89S93yHFIQsISPODYSeUQ/rf6pn4DzxQ7No/kn69DwUXJwV/hWWTJyBvIcl2oV54YjdrE3Kwc48wlBKUoZq7NAvkg08Sw3NpqoG2RNdRtX8AG6/f2OVYogAn8h4uNCXsy8l8xhNNvBjmruDWOw53PgM53tcecVLqb6A3OJztr/JzwTszlYWilmxTmUtaXHj8dyP+66UV25twa2zQ8SF81omXLSCY4S+tETo3RE3s//AqXmJP0D4Y9IswvqxASQhWdNbaui6eIrX08Do/jAsMJ8RqUNsAFm5xElloiSLDEz3Zudy21r+o2ScRsNqiP45cFvjNFjrtyLVt+WFnUD9o5PLgHkLFCW6RNx0+wsq5Nm1xUdxKaotLfFmCqQg8SvpOPvY48W0qiwNqEE17ig/l6NYfeCquk7/g7bPEXAd/Uvshpr5ifMaZVNH3Rwt8OYOikd6xF2xkJiC0qVH7VHtlnLodW66n6COIFQf6nZrBdCPPD4N3Bqt6LuJljJsgmzOB1CWmLHHGyMekduCTSUuIKASEle8TOJLT5ncnAsLrc+kwoBTjUyoOT37IJTSVvWeJ+QqAUf+LTVx5FqE2ZcYmM8Qj99lfVkPiAfigOjtEcQhbCLznhDR5K1M+G4xM5tR+SgC3xFG+pnjGr/KU7y3t8h73XXV56GVAyOcXRReI4ppY21HHkLQBOIyAdDkBgtfBTadjoGyW+f9QrV2KlwnElsM/xhwQQyRePwTh2H3gB8CaHw/T+UV83g4HW+pmBMHB5NCs+ME8oio2GVhDTjwiQi+f6jfepxI6dziQ/dnkYBM7ufdbUm+CgC/yBJW0O6EL/4OLw3ZaQQExW3KGKhLAVK55hDhE1p5ZCGYQ1k=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV8PR05MB10374.namprd05.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(4022899009)(366016)(1800799024)(376014)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: LR+p7yGxKcLaPjH/fsZf2ORtHNtbNng8wHOV0neLoHvK2+4AewL1Xu9m85bFVgnem9JPfCxf1WXUU748WctNxPrDgAzuR02Nl7VeqbAQII8xlNMg/IyGrQBjv3l/cvJmNxesGDZyAsnjbHGuI4oXrBv3jp+K0HP4jV22JmX8B1FPomBpJc5YjzCz2wTmAwtNTubaz3TPW4Noo3uj1FDh+NaHWzT1jSnjowuLlt/BQZJcZHwU3vsci2INFC50D52KDZBFbECIAKHfSNB+u8eNc6yRfmm1eiVa/ih+y+iLLJ7y1+SEYlxsFexCGF4VsVNapcZSWypnyl50wBYLSv+a66ii/cxITJ6JtE0i5c2cNhnMZB9vTYoVHVpBhD7egQwXLq3UAX33hc0JbhLYb5HUvczx9swuZHQfPPdPjLNASqOYAViltTPK9Vk1KiE0CP+6fiCM5hLr5tN00GiDnRpZju6clfYs8A5xZx7it2sKDMfvyWMYt5oIiWjuXH3E+/I8Xeqg0swndE6HYCXx2dTVgakVAE0sKBnRTaGsj/WtKXEfCXH+LNpfrdzBdCdEbBmnvk6c23As8YqkhYmAt68Zy7soS2u0xi86M3aPC3QIzeKvIWyN9eaO4TN81zFM3eMaWDMbTC34y68bm4fgByv1qJ5z7LhK73wkzlHreFE1LYkHJjF3GKWV7FMx57A43TG9S2teSHD5y92ySGFevgl/XwDtpNMDf7wo+E6O0xJsjx3xs0WFWbROpbnGqWopqbUOffgDJcL9MGFhETCuA8ubwSrxEtOZkQf3osgeILW1fVPxLMMtvIrry41AcFVwbEIRlmi5k6XV0WPdD3GXKM2B8Ukz+OzFMzFg25M+akwP+2CmE9AGNZaTpaLPxrE9liHvBqXBif1MIDzG/hhnFjG9FczdTaH8GxOgc8nTssDAH6Ucqtx0cbM+a+8bnTtKPH3AEdJyL9u/aHmcSUnM8VfV7M/I7H8hMM5rTm7lYwokqo3MukS5yFFuBezxA18uusw5Ocm0Oc0Lzc+O8GH5IHx1Q8XVRsVwdXKkQplkvtfcegR8TxSCGw9IB6rFWO8zRfHoLJOb53rGrNDYMFL2RMXzt2xbvqmG671VFeuIzB3unQPXuN/D4jigkf8VCaUuyi7e4rq7Y100TYRfEcb6RVQSl63zMW8WsTD+lllZf8LIMLJ9fcmbdDvwi/dDogA2IK7/OER+cjzEA6oH+T3z6O04Z2A55GplgzM1TDyuMTi7jIOr18XG34wEsh+/b5P8uvDDk0QXYojuskXVBacbdl8/EYXEKTqsFkM4H0Ys1H833uBSoiil+aqsM1wKr1g252nFIx9i2xG+jKztv7nIpZzsqPqUHJnJ3PcHvDSxEq+gUXDRZNRHSKznoHFtxTNHp70s8mN1mWSX62PO0ucvh/7FBBN75Ry34m/4yGt5ls8ZJ8DXP/Z04pWJXFCRMYgLtf/fLGZnMWLiMIcMUiDtoZZptfbzKt04cn/0y0aPqjlt6IxXx/FB6xhQn5jSW2+MoGCSrWIIPdAxCnGmUKk0Q39g3KHcl/gmPZkY5W2Ntgg6C5vAPp2VidlsB4EFLpkjQk5W
Content-Type: text/plain; charset="utf-8"
Content-ID: <516B2FD68AF8654182C959EBEAFA1DC2@junipernetworks.onmicrosoft.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LV8PR05MB10374.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 76679d28-ae3a-4339-8998-08dcc13aafd9
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Aug 2024 17:08:18.2042 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: lslVp/s+l65TQg4HvwKLQxwUP5wauCvTZKMPSoqNvULqBLKwStL3d9tJvCY2qiSj
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR05MB10127
X-Proofpoint-GUID: QtC8gllz5AnDjdUql_TSflAnG8GD7J1_
X-Proofpoint-ORIG-GUID: QtC8gllz5AnDjdUql_TSflAnG8GD7J1_
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-08-20_12,2024-08-19_03,2024-05-17_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxscore=0 phishscore=0 bulkscore=0 malwarescore=0 lowpriorityscore=0 spamscore=0 mlxlogscore=999 suspectscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2407110000 definitions=main-2408200127
Message-ID-Hash: 424UFFHQTHLEXOTAKEMJCRA3HX3OKGKQ
X-Message-ID-Hash: 424UFFHQTHLEXOTAKEMJCRA3HX3OKGKQ
X-MailFrom: jgs@juniper.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-bess.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, "bess-chairs@ietf.org" <bess-chairs@ietf.org>, "bess@ietf.org" <bess@ietf.org>, "matthew.bocci@nokia.com" <matthew.bocci@nokia.com>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [bess] Re: John Scudder's Discuss on draft-ietf-bess-evpn-fast-df-recovery-10: (with DISCUSS and COMMENT)
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/2AlXrCsqsy-fp99S5OAI7zk9OqM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Owner: <mailto:bess-owner@ietf.org>
List-Post: <mailto:bess@ietf.org>
List-Subscribe: <mailto:bess-join@ietf.org>
List-Unsubscribe: <mailto:bess-leave@ietf.org>

Briefly: please don’t spend time on this review right now — It was (despite the header) a review of version 9. I’m revising my ballot for version 10, and will update it shortly. 

Thanks and sorry for the noise,

—John

> On Aug 19, 2024, at 8:12 PM, John Scudder via Datatracker <noreply@ietf.org> wrote:
> 
> [External Email. Be cautious of content]
> 
> 
> John Scudder has entered the following ballot position for
> draft-ietf-bess-evpn-fast-df-recovery-10: Discuss
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://urldefense.com/v3/__https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/__;!!NEt6yMaO-gk!B3untsTS8AFOED1akXrUy5rMMVOGawxGSkE84X_nYynb5LWbHIXbXc4V8pT7oNla_vh__vnwi8Ib$
> for more information about how to handle DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-ietf-bess-evpn-fast-df-recovery/__;!!NEt6yMaO-gk!B3untsTS8AFOED1akXrUy5rMMVOGawxGSkE84X_nYynb5LWbHIXbXc4V8pT7oNla_vh__pa0Ay9k$
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> # John Scudder, RTG AD, comments for draft-ietf-bess-evpn-fast-df-recovery-10
> CC @jgscudder
> 
> Thanks for this document. I appreciate the fact it was straightforward to read
> and review, and of course, I appreciate the work on a useful protocol extension!
> 
> ## DISCUSS
> 
> I have two concerns I'd like to discuss.
> 
> ### "Unreasonable" SCT offsets
> 
> Apart from a few words in the Security Considerations section, you don't
> provide any instructions to the implementer about what to do with unreasonable
> SCT offsets, in particular unreasonable SCT future offsets. The language from
> Section 5 is,
> 
>   It is left to implementations to
>   decide what consists an "unreasonably large" SCT value.
> 
> The quotation marks imply that you think the implementor should do something
> about unreasonably large SCT values, but the spec doesn't supply any clarity
> about it. That's too bad, it should. I accept the argument in the preceding
> Security Considerations sentences (not quoted) that the ability to signal
> unreasonable SCT values doesn't introduce a new vulnerability vis-à-vis the
> pre-existing specifications. Nonetheless, it does seem like this specification
> should advise implementers to impose an upper limit on what SCT future offset
> they will accept. The quoted sentence is a backhanded hint in that direction. I
> think you should make it explicit, probably in Section 2 since that seems to be
> where elements of procedure mostly go (see also my later remarks about this in
> the COMMENTS section).
> 
> One way to address this would be to insert something into Section 2.2, along
> the lines of,
> 
>   - Initialize SCT_delay to 0.
>   - If an SCT timestamp is present (etc etc), then,
>     - If the SCT timestamp is further in the future than max_SCT_delay,
>       SCT_delay = max_SCT_delay.
>     - If the SCT timestamp is less than SCT_skew time units in the future,
>       SCT_delay = 0. (This includes the case where it is in the past.)
>     - Else SCT_delay = (SCT timestamp value) - (present time) - SCT_skew
> 
> and then write 9.1 in terms of "wait SCT_delay before proceeding to 9.2".
> 
> This is crudely written, I don't expect you to use the text above, although
> you're welcome to if you want. I'm just trying to demonstrate one way to close
> the gap.
> 
> In addition to inventing SCT_delay and max_SCT_delay, I've incorporated skew
> into the above (and renamed it SCT_skew). An underspecification of skew is
> another, lesser, concern I had (see COMMENTS) and this seemed the natural place
> to work it in.
> 
> ### Assumptions about synchronized clocks
> 
> Although the document assumes synchronized clocks, it doesn't provide any
> details about its assumptions, e.g. how close synchronization needs to be and
> what the consequences are if the requirement isn't met. Normally,
> specifications assuming synchronized clocks will provide at least some basic
> analysis.
> 
> I think probably if you fix the max_SCT_delay thing, the analysis would be easy
> because it would in effect bound the maximum effect of clock desynchronization,
> and I bet the analysis would amount to "if you don't have badly desynchronized
> clocks, it acts like RFC7432." (But this is just a guess, you are the experts.)
> 
> If you choose to add a short analysis, I could see it being a bullet in Section
> 1.4.
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> ## COMMENTS
> 
> ### Section 1.4, this sentence no verb
> 
>   *  The fast DF recovery solution maintains backwards-compatibility
>      (see Section 4) by ensuring that PEs any unrecognized new BGP
>      Extended Community.
> 
> The second clause should have a verb, but it doesn't. I'd propose a rewrite if
> I knew what you were trying to say.
> 
> ### Section 1.4, "normalizes"
> 
>   *  The fast DF recovery solution is agnostic of the actual time
>      synchronization mechanism used, and normalizes to NTP for EVPN
>      signalling only.
> 
> I don't understand what you mean by this, in particular by "normalizes to NTP
> for EVPN signalling only". Can you rephrase it? (Also, BTW, "signaling" has
> only one ell.)
> 
> ### Sections 2 and 3 aren't well-divided
> 
> Section 2 is called "DF Election Synchronization Solution". Based on that, I
> would assume that the entire solution would be specified in this section and
> its subsections. Section 3 is called "Synchronization Scenarios". Based on
> that, I would assume it contains examples, intended to help the reader
> understand the operation of the solution.
> 
> Unfortunately, that's not entirely the case. Section 3 contains instances of
> normative, or should-be-normative, text. I think you should restructure these
> two sections to put the entire solution in Section 2 and keep Section 3 as
> examples. By the way, I did find the examples very useful, thank you for
> including them. I've flagged suggestions for restructuring in other more
> specific comments.
> 
> For that matter, there's also normative text in Section 5: "the receiving PE
> SHALL treat the DF Election at the peer as having occurred already, and proceed
> without starting any timer to futher delay service carving". That's not a
> consideration, that's a requirement, and I think it should also go into Section
> 2. The approach suggested in my DISCUSS would fix this issue. (Also
> s/futher/further/.)
> 
> ### Section 2, several things about skew
> 
>   The receiving partner PEs add a skew (default = -10ms) to
>   the Service Carving Time to enforce this mechanism.  The previously
>   inserted PE(s) must perform service carving first, followed shortly
>   by the newly insterted PE, after the specified skew delay.
> 
> The first sentence says that the default is -10 ms, so the receiving partner
> adds -10 ms, or more simply put, the receiving partner subtracts 10 ms. I think
> the whole quote holds together but it’s unnecessarily hard to follow. Perhaps
> something as basic as,
> 
> NEW:
>   The receiving partner PEs subtract a skew (default = 10ms) from
>   the Service Carving Time to enforce this mechanism.  The previously
>   inserted PE(s) must perform service carving first, followed shortly
>   by the newly inserted PE, after the specified skew delay.
> 
> Note I also made the correction s/insterted/inserted/
> 
> Of somewhat greater concern, I don't think Section 2 is precise enough about
> when and how the skew is applied. It's possible to work it out by referring to
> the example in Section 3, but it shouldn't be necessary to do this to glean
> what an implementation MUST do.
> 
> The approach suggested in my DISCUSS would probably make the problem go away.
> 
> ### Section 2.1, that's not 8 octets
> 
> ```
>   A new BGP extended community is defined to communicate the Service
>   Carving Timestamp for each Ethernet Segment.
> 
>   A new transitive extended community where the Type field is 0x06, and
>   the Sub-Type is 0x0F is advertised along with the Ethernet Segment
>   route.  The expected Service Carving Time is encoded as an 8-octet
>   value as follows:
> 
>                        1                   2                   3
>    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
>   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>   | Type = 0x06   | Sub-Type(0x0F)|      Timestamp Seconds        ~
>   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>   ~  Timestamp Seconds            | Timestamp Fractional Seconds  |
>   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> ```
> 
> Did you mean six octets? Because that’s what the diagram shows... unless you're
> calling 0x060F part of the service carving time, which doesn't make much sense.
> I don't know, maybe you meant that it's an eight-octet value encoded in six
> octets, but you explain that just fine in the text that follows. I think you'd
> be better off simplifying the introductory text to something like this,
> 
> NEW:
>   A BGP extended community, with Type 0x06 and Sub-Type 0x0F, is defined
>   to communicate the Service Carving Timestamp for each Ethernet Segment:
> 
>                        1                   2                   3
>    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
>   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>   | Type = 0x06   | Sub-Type(0x0F)|      Timestamp Seconds        ~
>   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>   ~  Timestamp Seconds            | Timestamp Fractional Seconds  |
>   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> 
> Note I also elided "new" because fairly soon after publication as an RFC, the
> community will no longer be "new". Then you let the following text supply the
> additional detail that I've removed from my NEW text.
> 
> ### Section 2.1, "outside of the scope of this document"
> 
> “A DF Election operation occurring exactly at the Era transition boundary some
> time in 2036 is outside of the scope of this document.”
> 
> That’s fine as long as the consequences of such an incident wouldn’t be
> serious. Have you analyzed this? A few words to this effect would be desirable;
> the rollover is less than twelve years in the future and your specification is
> likely to still be in use then.
> 
> I bet that, again, the change suggested in my DISCUSS would make this easy to
> cover because even a naïve implementation would treat era rollover as nothing
> worse than severe clock skew, and the window of vulnerability would be bounded
> to max_SCT_delay. I'd still encourage you to say a few words about it, to
> console any readers doing a Y2036 review sometime in the future.
> 
> ### Section 3.1, concurrent elections
> 
>   In the case of multiple concurrent DF elections, each initiated by
>   one of the recovering PEs, the SCTs must be ordered chronologically.
>   All PEs shall execute only a single DF Election at the service
>   carving time corresponding to the largest (latest) received timestamp
>   value.  This DF Election will involve all active PEs in a unified DF
>   Election update.
> 
> This looks and feels exactly like normative specification, which makes me think
> it belongs in Section 2. I also wonder if you want SHALL instead of "shall".
> 
> ## Notes
> 
> This review is in the ["IETF Comments" Markdown format][ICMF], You can use the
> [`ietf-comments` tool][ICT] to automatically convert this review into
> individual GitHub issues.
> 
> [ICMF]: https://urldefense.com/v3/__https://github.com/mnot/ietf-comments/blob/main/format.md__;!!NEt6yMaO-gk!B3untsTS8AFOED1akXrUy5rMMVOGawxGSkE84X_nYynb5LWbHIXbXc4V8pT7oNla_vh__hYvFh_S$
> [ICT]: https://urldefense.com/v3/__https://github.com/mnot/ietf-comments__;!!NEt6yMaO-gk!B3untsTS8AFOED1akXrUy5rMMVOGawxGSkE84X_nYynb5LWbHIXbXc4V8pT7oNla_vh__tnvVed1$
> 
> 
> 
> _______________________________________________
> BESS mailing list -- bess@ietf.org
> To unsubscribe send an email to bess-leave@ietf.org