IETF Logo Mail Archive

Re: [bess] Alvaro Retana's Discuss on draft-ietf-bess-mvpn-fast-failover-13: (with DISCUSS and COMMENT)

Greg Mirsky <gregimirsky@gmail.com> Mon, 21 December 2020 00:25 UTC

Return-Path: <gregimirsky@gmail.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A6353A08BB; Sun, 20 Dec 2020 16:25:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.696
X-Spam-Level:
X-Spam-Status: No, score=-0.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_COMMENT_SAVED_URL=1.391, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_HTML_ATTACH=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NXpWV2MbLPmX; Sun, 20 Dec 2020 16:25:36 -0800 (PST)
Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 091AC3A08B1; Sun, 20 Dec 2020 16:25:35 -0800 (PST)
Received: by mail-lf1-x134.google.com with SMTP id h22so10072507lfu.2; Sun, 20 Dec 2020 16:25:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4Al1v7bj9PR7ZPgTr9I3popiLPaEcfZDPzAYHmpoARY=; b=sLQTVKaKVzqjrDCIkQBzF3yAPkq9RZ3+U119xR+CFS04dQvAWMBTRE3NfyXckVPxiB GrgRTtZyKcYA9aETQyX0cLsV+B/F5qHmwNw/WPaH+2FVyN/sF5kty/GN3E9snrAUxxcu YvR2rUwQAxktG8VbzZ5OCZ6UHKDlnp3A4A3i0ZP4OQOeHkw9rtnl/beBQgh6B/+thJDA gAkj46Ys1m+UH4lTRrATeBCL3t0HIVcflTs/HQTMBcp5kuij8GJnOp6hmh9cmegLCDQ+ cIIlHAJI1gfbZHcw0n4HqKR4In8lEIP0j97cN+oO+eQiGOWhKuL34KCCHyGaJBLEAkX1 Xw3g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4Al1v7bj9PR7ZPgTr9I3popiLPaEcfZDPzAYHmpoARY=; b=Tc/Tk3mNHanJGOsfY+b1fjZ3u388ZE1ojXOaQLPn7MQEYuHjQcZw6UpSBD68D+rZEU 3u4RuGTZthSpY/6l9x5A9l6B9CF2ey79wbD/XqpKcoAsarKcZUFt2MimjJK24oip8tg7 mAsZOwehVdJPWpky/RaDIZ1IFPH1jc17fJTbenFHamaApUqqX4cR922Gyvq1et+WsVnq t7W+S4609WMQq6subBIuX6nV3Z+6HagGK4NU7uvhslTIm8VJi/cV9kHEEmQ+ElEC+nG3 3GwkNZES/2A+O7neY7CrqLXOLdd1+dWqVZ8JJ1Ls6E+Uj4oqmLegl2mscofxWSBmG0In x7Xw==
X-Gm-Message-State: AOAM530Gct4WJmBVHvk4qZ2P+L0xB1r8FLnDZKDvezneRkcPj0O/DDW2 tXWyQ2326uH+Qhu4w2yaXzgIFtPpNtMnJvECY5E=
X-Google-Smtp-Source: ABdhPJxdXglZMVL6H+oJXn51Hr6Mnau6obqChwfnyCexw+y1TFLe2B0hmc2uKRtuQ8qDMckEHMFNcP1yFetOse9O5vg=
X-Received: by 2002:a05:6512:3305:: with SMTP id k5mr5271573lfe.35.1608510333254; Sun, 20 Dec 2020 16:25:33 -0800 (PST)
MIME-Version: 1.0
References: <160807379483.25352.17040820176966456047@ietfa.amsl.com> <20201216212141.GB24940@pfrc.org>
In-Reply-To: <20201216212141.GB24940@pfrc.org>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Sun, 20 Dec 2020 16:25:21 -0800
Message-ID: <CA+RyBmXdYBO66J+4-oFAikPgt9YGMHTb9x773RGPEDYV-NF+-Q@mail.gmail.com>
To: Jeffrey Haas <jhaas@pfrc.org>
Cc: Alvaro Retana <aretana.ietf@gmail.com>, The IESG <iesg@ietf.org>, draft-ietf-bess-mvpn-fast-failover@ietf.org, bess-chairs@ietf.org, BESS <bess@ietf.org>, Stephane Litkowski <slitkows.ietf@gmail.com>, bfd-chairs@ietf.org
Content-Type: multipart/mixed; boundary="000000000000081e5d05b6ee7f72"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/VzdGZdoLzC_09uWml8SZI9_yp74>
Subject: Re: [bess] Alvaro Retana's Discuss on draft-ietf-bess-mvpn-fast-failover-13: (with DISCUSS and COMMENT)
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Dec 2020 00:25:45 -0000

Hi Jeff,
your comments and suggestions are much appreciated. Please find my answers
and notes in-lined below and tagger by GIM>>.
Attached, please find the diff and the new working version of the draft.

Regards,
Greg

On Wed, Dec 16, 2020 at 1:04 PM Jeffrey Haas <jhaas@pfrc.org> wrote:

> Alvaro,
>
> Thanks for drawing our attention to this document.
>
> On Tue, Dec 15, 2020 at 03:09:54PM -0800, Alvaro Retana via Datatracker
> wrote:
> > Alvaro Retana has entered the following ballot position for
> > draft-ietf-bess-mvpn-fast-failover-13: Discuss
> >
> > When responding, please keep the subject line intact and reply to all
> > email addresses included in the To and CC lines. (Feel free to cut this
> > introductory paragraph, however.)
> >
> >
> > Please refer to
> https://www.ietf.org/iesg/statement/discuss-criteria.html
> > for more information about IESG DISCUSS and COMMENT positions.
> >
> >
> > The document, along with other ballot positions, can be found here:
> > https://datatracker.ietf.org/doc/draft-ietf-bess-mvpn-fast-failover/
> >
> >
> >
> > ----------------------------------------------------------------------
> > DISCUSS:
> > ----------------------------------------------------------------------
> >
> > (1) This document describes several methods to determine the status of a
> > tunnel (in §3), none of which "provide a "fast failover" solution when
> used
> > alone, but can be used together with the mechanism described in Section
> 4"
> > (§1).  §3 also says this:
> >
> >    An implementation may support any combination of the methods
> >    described in this section and provide a network operator with control
> >    to choose which one to use in the particular deployment.
> >
> > While §3.1 is clear in the fact that it is not a requirement for all
> > downstream PEs to use the same mechanism, there are no guidelines to aid
> the
> > operator to chose which mechanism to use.  Some cases may be obvious
> (e.g.
> > §3.1.3 applies to tunnels of a specific type), but others are not.  I
> would
> > like to see deployment considerations related to the
> advantages/disadvantages
> > that each method may have in specific situations (including their
> possible
> > combination).
> >
> >
> > (2) The BFD Discriminator Attribute has a very narrow application in this
> > document when compared to the potential other uses given the
> extensibility
> > possibilities related to bootstrapping BFD.  I have serious concerns
> about
> > the attribute being defined in this document, amongst a series of other
> > mechanisms.
>
> I have the following comments about the BGP Path Attribute in question:
>
> - BGP Packet space is sometimes at a premium.  The initial 3 octet reserved
>   padding should be removed.
>
GIM>> Agree. Removed

> - The TLVs having a required length of multiples of 4 similarly are space
>   wasting.
>
GIM>> Agree. Updated the check on the receipt accordingly.

> - The attribute does not make adequate provision for more than one type of
> a
>   BFD Mode.  This likely limits the general purpose re-use of this
> attribute
>   for other purposes.
>
GIM>> In Section 7.2 we're requesting IANA to create a new sub-registry.
New types of a BFD session can be bootstrapped using the BGP BFD
Discriminator attribute. For example, draft-ietf-bess-evpn-bfd
<https://datatracker.ietf.org/doc/draft-ietf-bess-evpn-bfd/?include_text=1> may
introduce a new BFD Mode value. Would you suggest larger field for BFD Mode
or an alternative method to signal the type of the BFD session to which the
value in the BFD Discriminator field is applicable? I thought that, in some
cases, a new value for p2mp with Active Tail Unsolicited Notifications or
p2mp Active Tail with Polling would be added.

> - The length handling text is likely not correct:
>   "The BFD Discriminator attribute MUST be considered malformed if its
>    length is not a non-zero multiple of four."
>   The implication is a length of four, which would have no BFD
>   Discriminator, should be considered a valid PDU.  Note that the length
>   considerations are further compounded by the padding issue for optional
>   sub-tlvs in the prior point.
>
GIM>> Thank you for pointing this case out. I agree, that is not what we
wanted. Following updates noted above the new text is as follows:
NEW TEXT:
   The BFD Discriminator attribute MUST be considered malformed if its
   length is smaller than five octets or the value of the BFD Mode field
   is unrecognized.  If the attribute is deemed to be malformed, the
   UPDATE message SHALL be handled using the approach of Attribute
   Discard per [RFC7606].

>
> Since a BFD discriminator is 4-octets, I'm curious as to what discussion
> the
> working group may have had with regard to using a BGP Extended Community
> instead?  In particular, the BGP Extended Community's Transitive bit might
> be useful in many multicast VPN scenarios operating over a single AS to
> limit the distribution scope of this Discriminator.
>
GIM>> I agree that the BGP Extended Community attribute can address the
immediate problem and be used to bootstrap a p2mp BFD session. It would
even have space for the BFD Mode field. But because the length of the BFD
Extended Communities attribute is fixed, it seems that no further
extensions (e.g., providing the MultipointHead's source IP address) be
possible.

>
> The IANA allocation strategies for the Path Attribute and the Optional
> Sub-TLVs seems reasonable.  Note that Experimental code points have proven
> to be poorly used in BGP and that their use in the public Internet may
> result in unexpected discard of the attribute.
>
>
> >
> > (2a) The tunnel can be monitored without the new BGP Attribute (assuming
> > proper configuration of course).  Why is that option is not even
> mentioned in
> > the document?
> >
> > In fact, the document recommends deleting the BFD session if the
> Attribute is
> > not present.  Why is that recommendation in place, and what are the
> cases when
> > it can not be followed?
> >
> >
> > (2b) The fact that BFD monitoring can be achieved without the new
> attribute
> > makes me think that the bootstrapping of BFD using BGP would be better
> served
> > in a document produced by the BFD WG.  One of the editors has expressed
> the
> > same opinion [1] [2].  Has a discussion taken place in the BFD WG (or at
> least
> > with the Chairs) about this work?  Why was it not taken up there?
> >
> >
> > [1]
> https://mailarchive.ietf.org/arch/msg/rtg-bfd/T1jVpgyXuPatTpuD_wA0JC3CT1c/
> > [2] https://tools.ietf.org/wg/bess/minutes?item=minutes-96-bess.html
>
> I will not speak for Reshad, but I don't recall this issue.  I may simply
> be
> forgetting the e-mail brought to the list, if so.
>
> The meta desire here is that communication of the BFD Discriminator for
> p2mp
> sessions requires protocol help - in this case BGP.  While this could also
> be discovered via provisioning, that would limit the flexibility of the
> deployment of this feature.
>
> For this specific internet-draft's purpose, dissemination of the
> Discriminator is tightly scoped.  The fact that this happens under an
> AFI/SAFI that is not expected to hit general purpose Internet routes limits
> the blast radius of its use.  However, as you note, Alvaro, there may be
> more general purpose desire to use this attribute for.
>
> > (15) §3.1.6: "The BFD Discriminator attribute MUST be considered
> malformed if
> > its length is not a non-zero multiple of four."  Ok, except that the
> > specification of the attribute doesn't mention the length (only the
> length of
> > the TLVs).  Please specify the length and any considerations related to
> the
> > Extended Length bit.  Also, given that this is a new attribute, with an
> > unspecified potential number of TLVs, and that the length is apparently
> > unbounded, all leading to the potential need for extended messages,
> please
> > specify how to handle peers that cannot accommodate more than 4k octet
> > messages (rfc8654).
>
> Note: I wouldn't put special requirements here on the Extended Length bit.
> That's core RFC 4271 Path Attribute behavior.
>
> Similarly, overflow of Path Attributes is a general BGP consideration and
> it
> is inapropriate to require this document to solve that.
>
>
> -- Jeff
>

v2.23.0 | Report a Bug | By Email