Re: [bess] WGLC, IPR and implementation poll for draft-ietf-bess-mvpn-fast-failover

"Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net> Tue, 07 May 2019 14:43 UTC

Return-Path: <zzhang@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52261120152; Tue, 7 May 2019 07:43:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.709
X-Spam-Level:
X-Spam-Status: No, score=-2.709 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OUsuh9H-ge0Z; Tue, 7 May 2019 07:43:06 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1EC1120043; Tue, 7 May 2019 07:43:06 -0700 (PDT)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x47EZLCj016224; Tue, 7 May 2019 07:43:05 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=NiCu2/Bu5tEc2L2Ts88OW6hhGxDNY+/AtCBE6zjwGDU=; b=HyDVradYhJo1qXEPIWynpdRG66w2iluPsIRW/iJ4+nPmnd7NhoJhk2RvoxqmB1MYGd9t YapnwnLluskavgcBAehzRgpa2o6lVIUAlm3+MlhyJrWGZihPNWjZJ82fhcrVMZ3Ep8Ze eZY4uvQi0bJ1gSos3FKJmSITz6WlXzzqKhbj7BO2+YjsWD7tu5onRXsDfLa92BFTYwyd s+zCipg/DLfpU4oJF1nOuuwAjJ66fLvGofkfEJ5+vK9GFsaz0wHXsVaRKlM+aGX96oFo GGoqS2LoL31kqTGNkz4tse1nC1Ke0zatosCdIrV/Ea+rGGG/fPG+NfBDxvb2LTSHeFqv oA==
Received: from nam03-dm3-obe.outbound.protection.outlook.com (mail-dm3nam03lp2050.outbound.protection.outlook.com [104.47.41.50]) by mx0a-00273201.pphosted.com with ESMTP id 2sb3p9gtem-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 07 May 2019 07:43:05 -0700
Received: from DM5PR05MB3548.namprd05.prod.outlook.com (10.174.242.153) by DM5PR05MB3178.namprd05.prod.outlook.com (10.173.219.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1878.19; Tue, 7 May 2019 14:43:02 +0000
Received: from DM5PR05MB3548.namprd05.prod.outlook.com ([fe80::71a0:993e:dee4:3ebc]) by DM5PR05MB3548.namprd05.prod.outlook.com ([fe80::71a0:993e:dee4:3ebc%6]) with mapi id 15.20.1878.019; Tue, 7 May 2019 14:43:02 +0000
From: "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>
To: Greg Mirsky <gregimirsky@gmail.com>
CC: "bess-chairs@ietf.org" <bess-chairs@ietf.org>, "EXT - thomas.morin@orange.com" <thomas.morin@orange.com>, Robert Kebler <rkebler@juniper.net>, BESS <bess@ietf.org>
Thread-Topic: [bess] WGLC, IPR and implementation poll for draft-ietf-bess-mvpn-fast-failover
Thread-Index: AdSCOGobvyszpShjQe6cTmshOOxpcQGwJ0SwAPQjNQATOVJRcARi+wgABmfoLQA=
Content-Class:
Date: Tue, 7 May 2019 14:43:02 +0000
Message-ID: <DM5PR05MB354829730C814ADE41F373CFD4310@DM5PR05MB3548.namprd05.prod.outlook.com>
References: <26502_1542873261_5BF660AD_26502_47_1_9E32478DFA9976438E7A22F69B08FF924B7752E9@OPEXCLILMA4.corporate.adroot.infra.ftgroup> <BL0PR05MB5025A934922FDDC316AFD2E4D4AC0@BL0PR05MB5025.namprd05.prod.outlook.com> <CA+RyBmXcu3b9dObX=G9vyHNJtEuJ4wWqMtQXvxCNxgNOSCsmWw@mail.gmail.com> <CO2PR05MB24550CC9932A560B1DC7B19BD44B0@CO2PR05MB2455.namprd05.prod.outlook.com> <CA+RyBmV6oigz+ODY9C6QEqkDQY1X+x=yDpWqPoiODyyqVeTwHA@mail.gmail.com>
In-Reply-To: <CA+RyBmV6oigz+ODY9C6QEqkDQY1X+x=yDpWqPoiODyyqVeTwHA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.1.100.23
dlp-reaction: no-action
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=zzhang@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-05-07T14:42:57.2623439Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Internal; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic; Sensitivity=Juniper Internal
x-originating-ip: [66.129.241.10]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fe8e7119-9818-40b4-cbea-08d6d2fa4ebd
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(4618075)(2017052603328)(7193020); SRVR:DM5PR05MB3178;
x-ms-traffictypediagnostic: DM5PR05MB3178:
x-ms-exchange-purlcount: 2
x-ld-processed: bea78b3c-4cdb-4130-854a-1d193232e5f4,ExtAddr
x-microsoft-antispam-prvs: <DM5PR05MB317851B0F60193A74EEFB269D4310@DM5PR05MB3178.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0030839EEE
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(376002)(39860400002)(136003)(346002)(366004)(189003)(199004)(60444003)(37854004)(486006)(6436002)(33656002)(14454004)(81156014)(68736007)(8676002)(478600001)(5070765005)(74316002)(229853002)(86362001)(53936002)(9326002)(14444005)(256004)(316002)(6246003)(55016002)(6306002)(236005)(9686003)(54896002)(25786009)(71190400001)(8936002)(71200400001)(4326008)(6506007)(53546011)(102836004)(6116002)(7696005)(3846002)(790700001)(81166006)(52536014)(6916009)(7736002)(76176011)(2906002)(54906003)(76116006)(73956011)(66946007)(99286004)(66476007)(66556008)(64756008)(66446008)(66066001)(5660300002)(1411001)(11346002)(446003)(26005)(186003)(53946003)(476003)(559001)(579004)(569006); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR05MB3178; H:DM5PR05MB3548.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: TT0D/iOFwQBLArAh7fNm7vlAgjbPv1tg7JkJfyrMMYoWJAJkJK3hGLj0FfvLIxXkMrO7lTYDsIj9nCREM+t2pyZSKIwdK7D5f4z66YQ2W+n1B94wfECKdZcZ0mciJwImMsg+vIaRklo8OGzNbhYxc14nMbuht0mZSAS1DA79jTYpMIk611Mpu7wIcONnAe9NiORkKysrXPu2tHM7Jrh5vew7Ru8kcv86eb925EutIKafWkFyRsMJsAudVQz+lJipteNUvrlWIcJvPP/1AeXvAZWjl7QsCL4RuvdFbuQXBbse5v6u86nmP0cpa9Zu/NP7ff/cUUWJv4pVlUAfB4Ac24twSyW7fOIXfFTYtg9B61ERAtP7LnoeHuL29e5506WtgH579flNW7Ce3HWb3ktDQ1f3feH49zUp8IeTMXBEZdk=
Content-Type: multipart/alternative; boundary="_000_DM5PR05MB354829730C814ADE41F373CFD4310DM5PR05MB3548namp_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: fe8e7119-9818-40b4-cbea-08d6d2fa4ebd
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 May 2019 14:43:02.2813 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR05MB3178
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-05-07_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1905070095
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/Vbnyvt6Vpbn4aut0VdMvhnI7Lhs>
Subject: Re: [bess] WGLC, IPR and implementation poll for draft-ietf-bess-mvpn-fast-failover
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 May 2019 14:43:12 -0000

Hi Greg,

Most of changes are fine; though I suggest to replace the following:

   For P-tunnels of type P2MP MPLS-TE, the status of the P-tunnel is
   considered up if one or more of the P2MP RSVP-TE LSPs to the same PE,
   identified by the P-tunnel Attribute, are in Up state.

With the following:

   For P-tunnels of type P2MP MPLS-TE, the status of the P-tunnel is
   considered up if the sub-LSP to this downstream PE is in Up state.

Not all comments have been addressed, though. I trimmed some text below and highlighted the outstanding ones with “=============”. You may need to refer to my previous email for correlation/details.

Jeffrey

On Thu, Mar 14, 2019 at 3:04 AM Jeffrey (Zhaohui) Zhang <zzhang@juniper.net<mailto:zzhang@juniper.net>> wrote:
Thomas, Bob,

Some questions below for you. Some old, and some new.
 ==============================


Zzh> It’s not that the “rules … are not consistent”. It’s that by nature some PEs may think the tunnel is down while the others may think the tunnel is still up (because they’re on different tunnel branches), even when they follow the same rules. Traffic duplication in this case is also only with inclusive tunnels – so how about the following?

   Because all PEs may arrive at a different
   conclusion regarding the state of the tunnel,
   procedures described in Section 9.1.1 of [RFC 6513] MUST be used
   when using inclusive tunnels.
===============================
 Additionally, the text in section 3 seems to be more biased on Single Forwarder Election choosing the UMH with the highest IP address. Section 5 of RFC6513 also describes two other options, hashing or based on “installed UMH route” (aka unicast-based). It is not clear how the text in this document applies to hashing based selection, and I don’t see how the text applies to unicast-based selection. Some rewording/clarification are needed here.
GIM>> How would the use of an alternative UMH selection algorithm change documented use of p2mp BFD? Do you think that if the Upstream PE selected using, for example, hashing then defined use of BGP-BFD and p2mp BFD itself no longer applicable?

Zzh> It’s not that the alternative UMH selection algorithm change documented use of p2mp BFD. It’s the other way around – tunnel state changes the selection result. I guess hashing can still be used (this document only controls what goes into the candidate pool). For unicast based selection I thought it’d no longer work, but then I noticed the following:

   o  second, the UMH candidates that advertise a PMSI bound to a tunnel
      that is "down" -- these will thus be used as a last resort to
      ensure a graceful fallback to the basic MVPN UMH selection
      procedures in the hypothetical case where a false negative would
      occur when determining the status of all tunnels

Zzh> So this should still work, although Ideally, the PE advertising the next best route should be considered before going to the last resort (of using the PE advertising the best route but whose tunnel is down).
========================================
zzh> BTW, the same applies to 3.1.7 as well.
GIM>> Agree

==================================

3.1.7.  Per PE-CE link BFD Discriminator

   The following approach is defined for the fast failover in response
   to the detection of PE-CE link failures, in which UMH selection for a
   given C-multicast route takes into account the state of the BFD
   session associated with the state of the upstream PE-CE link.

3.1.7.1.  Upstream PE Procedures

   For each protected PE-CE link, the upstream PE initiates a multipoint
   BFD session [I-D.ietf-bfd-multipoint] as MultipointHead toward
   downstream PEs.  A downstream PE monitors the state of the p2mp
   session as MultipointTail and MAY interpret transition of the BFD
   session into Down state as the indication of the associated PE-CE
   link being down.

Since the BFD packets are sent over the P2MP tunnel not the PE-CE link, my understanding is that the BFD discriminator is still for the tunnel and not tied to the PE-CE link; but different from the previous case, the root will stop sending BFD messages when it detects the PE-CE link failure. As far as the egress PEs are concerned, they don’t know if it is the tunnel failure or PE-CE link failure.

If my understanding is correct, the wording should be changed.
GIM>> There are other than stopping transmission of BFD control packets ways to distinguish two conditions for the egress PE. For example, the MultipointHead MAY set the State to AdminDown and continue sending BFD control packets. If and when PE-CE link restored to Up, the MultipointHead can set the state to Up in the BFD control packet.
===================== this needs more discussion =====
===== should be clear on which way is done – stop sending BFD message or use AdminDown
===== an PMSI may be used for many flows, which may use different PE-CE interfaces on the ingress PE. A downstream PE would not know which interface it should track for a particular flow.

   …  If the route to the
   src/RP changes such that the RPF interface is changed to be a new PE-
   CE interface, then the upstream PE will update the S-PMSI A-D route
   with included BGP-BFD Attribute so that value of the BFD
   Discriminator is associated with the new RPF link.

If the RPF interface changes on the upstream PE, why should it update the route to send a new discriminator? As long as there is a new RPF interface couldn’t the upstream PE do nothing but start tracking the new RPF interface?
GIM>> I'll defer this one to Thomas and Rob.
===========================================
Zzh> I re-read section 3.1.6 and 3.1.7 and have more questions 😊
Zzh> 3.1.6 seems to be about tracking tunnel itself while 3.1.7 is about tracking PE-CE interfaces. From an egress point of view, (how) does it know if the discriminator is for the tunnel or for PE-CE interface 1 or PE-CE interface 2? Does it even care? It seems to me that an egress PE would not need to care. If so, why are there different procedures for 3.1.6/3.1.7 (at least for the egress PE behavior)? Even for the upstream PE behavior, shouldn’t 3.1.6.1 apply to 3.1.7 as well?
GIM>> Added the following text to the first paragraph of section 3.1.7:
NEW TEXT:
The mechanism to communicate the mapping between the PE-CE link
and the associated BFD session is outside the scope of this document.

=============== the above added text does not address my questions

Regardless which way (the currently described way and my imagined way), some text should be added to discuss how the downstream would not switch to another upstream PE when the primary PE is just going through a RPF change.
GIM>>  Would appending the following text be acceptable to address your concern:
NEW TEXT:
   To avoid unwarranted switchover a downstream PE MUST gracefully handle the
   updated S-PMSI A-D route and switch to the use of the associated BFD
   Discriminator value.
================= how that is done needs to be discussed

4.  Standby C-multicast route

   The procedures described below are limited to the case where the site

   that contains C-S is connected to exactly two PEs. The procedures
   require all the PEs of that MVPN to follow the single forwarder PE
   selection, as specified in [RFC6513].


Why would it not work with more than two upstream PEs?
Why is it limited to single forwarder selection? What about unicast based selection?
GIM>> Again, asking for Thomas and Rob to help..
==========================



Juniper Internal