Re: [bess] Benjamin Kaduk's Discuss on draft-ietf-bess-mvpn-expl-track-12: (with DISCUSS and COMMENT)
Eric Rosen <erosen@juniper.net> Wed, 28 November 2018 16:34 UTC
Return-Path: <erosen@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 938F81277BB; Wed, 28 Nov 2018 08:34:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.161
X-Spam-Level:
X-Spam-Status: No, score=-4.161 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DhKeE4UKSTcy; Wed, 28 Nov 2018 08:34:05 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97FD31277C8; Wed, 28 Nov 2018 08:34:05 -0800 (PST)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id wASGOini013141; Wed, 28 Nov 2018 08:34:04 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=dGYbekSJW1Tf8FMT6AI9N1rGoFvi7MhcCNYgzjWPbjE=; b=ROGRiRE1reZf/dE4KKgm9olwBAcadgJWp0frTm8tBTo+YcSo1fppQwb+HBt3JMwKyvdK 8baRIemh5WWv5rscs8zlaOzcUYFzQK6V+2xbw4Frlks7fGMPehFuxGEEHHmmuVngG4A1 q9PpWR3niJhCh44ey97wOdN+09ByX8m8qVBfXkZhY0OB85gkC6kwcPR/yQd49mEMIbqY uLve2I74/Ixsg7CHZye1Ql7fZ9tbgQ8EQgsOvbsEtqaR5AeIhIjYTQCeBjnmnkcY20UX augrY774inbBGfD8MHrTXJZTy4zxviarnLSvwe1kEFnDtEgqgHvOGtn0FNQUrkCs72uk yA==
Received: from nam05-co1-obe.outbound.protection.outlook.com (mail-co1nam05lp0083.outbound.protection.outlook.com [216.32.181.83]) by mx0b-00273201.pphosted.com with ESMTP id 2p1u1tge55-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 28 Nov 2018 08:34:03 -0800
Received: from DM5PR0501MB3864.namprd05.prod.outlook.com (10.167.108.27) by DM5PR0501MB3718.namprd05.prod.outlook.com (10.167.107.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1382.14; Wed, 28 Nov 2018 16:34:01 +0000
Received: from DM5PR0501MB3864.namprd05.prod.outlook.com ([fe80::240d:b16e:5c81:9acf]) by DM5PR0501MB3864.namprd05.prod.outlook.com ([fe80::240d:b16e:5c81:9acf%5]) with mapi id 15.20.1361.019; Wed, 28 Nov 2018 16:34:01 +0000
From: Eric Rosen <erosen@juniper.net>
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>
CC: "draft-ietf-bess-mvpn-expl-track@ietf.org" <draft-ietf-bess-mvpn-expl-track@ietf.org>, "bess-chairs@ietf.org" <bess-chairs@ietf.org>, "stephane.litkowski@orange.com" <stephane.litkowski@orange.com>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: Benjamin Kaduk's Discuss on draft-ietf-bess-mvpn-expl-track-12: (with DISCUSS and COMMENT)
Thread-Index: AQHUanF8u9nWhF9SpU2HM1tVd+wZTaVlm26A
Date: Wed, 28 Nov 2018 16:34:00 +0000
Message-ID: <5be086fe-706e-6515-4613-799a363dddf4@juniper.net>
References: <154025886476.13484.16270011990649784514.idtracker@ietfa.amsl.com>
In-Reply-To: <154025886476.13484.16270011990649784514.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: BN6PR14CA0019.namprd14.prod.outlook.com (2603:10b6:404:79::29) To DM5PR0501MB3864.namprd05.prod.outlook.com (2603:10b6:4:7b::27)
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [66.129.241.13]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR0501MB3718; 6:Oa1DkWMVPRkt5YugULXSKkHgU8ygajO1lzOfFfWAgmOCoaQT/9uoNYUeGtpqXsXZABnvC4OMWF51lkupVnpSeifxedjIPJJSoC/E4N82hEgh+N2hUV8IhUcT5aYCIlrt1Ibi/NyH8VIcu0QV4hDYsULS6quIV3j7S7heCNuV0kvNpGGcsz+kHklZCwCQmJLPvr1xZtzNhD0jmbWfbx/ypOR+T0BFAV3ghOckylU8MB/+1cwHp+g6GiuSknd44/3xvx1Fyld6b2zeeIFytEm+sTLehwH556JzL/czygTPscYQRhDAfJ44D0o0gb/5nh7ZWZO7hKLc/7lWwbR0MvduzX6hsm1zEHzojE9Lub1tu8kvyaHwlla/lWCmQWq8j4o5g2rmsy9+Jsou+ofPT+o5tGEyuvt79GiL3LYXkqKfD/eSrilAy/Ju8hlA729G23yXfZisf1NS1Xfzwj4FdxUExA==; 5:8jSx9//2OzQS0SHLlPdZ0AB1LrAoMLyShlM1QW+ynpVYY1/GIFCLfLoHO+RFQOm3x18kcYCotPciFEgUJOdPB5CdgVJSkCPiYnx6tQ8MzZ2mgEDlJn6e4KrSluQMzwaUlv7mGPOsHFLizuTZFqwmFmvnrKNoZbrDE89StKfxDLk=; 7:EG2AKcfKoS1OstFvDonu9lxBL8Ej4U3uX709ZL/t8/Ocdnn4Z5gVUrSp+ifFgZjZPivZolvybKx2rmZJjzaOftNHMGxFYMATocYf3WNVfWffNdPNjFTFR3dJjIoxzuYBPhKCd7zyMA5UEiyNubfdrA==
x-ms-office365-filtering-correlation-id: ad05037f-8e64-4101-990d-08d6554f4d3a
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390098)(7020095)(4652040)(8989299)(5600074)(711020)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:DM5PR0501MB3718;
x-ms-traffictypediagnostic: DM5PR0501MB3718:
x-microsoft-antispam-prvs: <DM5PR0501MB3718BA553D3AA49BAC11B009D4D10@DM5PR0501MB3718.namprd05.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(3231443)(999002)(944501410)(52105112)(10201501046)(93006095)(93001095)(6055026)(148016)(149066)(150057)(6041310)(20161123558120)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(201708071742011)(7699051)(76991095); SRVR:DM5PR0501MB3718; BCL:0; PCL:0; RULEID:; SRVR:DM5PR0501MB3718;
x-forefront-prvs: 0870212862
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(346002)(39860400002)(136003)(376002)(366004)(199004)(189003)(6486002)(99286004)(53546011)(486006)(476003)(4326008)(36756003)(2171002)(6512007)(229853002)(345774005)(256004)(71190400001)(71200400001)(86362001)(53936002)(14444005)(6306002)(2616005)(446003)(97736004)(11346002)(575784001)(102836004)(6506007)(8936002)(3846002)(8676002)(7736002)(386003)(6116002)(81166006)(5660300001)(31686004)(31696002)(186003)(81156014)(66066001)(2906002)(106356001)(316002)(6436002)(105586002)(6246003)(26005)(14454004)(68736007)(305945005)(76176011)(54906003)(110136005)(52116002)(25786009)(966005)(478600001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR0501MB3718; H:DM5PR0501MB3864.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: lxT70ZJXE/6HVrk8JqI1zSWeiSsxXipmcgXETm7QvEhnEkbKUtX4MuNiqvhOmwYvDLA3WAL+/ILquiB37vi57jkQ10HEsiYKuxcvcU9wUk1KaC7+nOoz/s3WR7ybGSFiTGx74Pcxry30HL9CHejoQO1VZJ5PGWJo4HIhZF0DqTG5VZZWsFlQq4FU6WEQ8FYfL51DTsmBbD0QsdG5BUzBwem+rw9ITcxptc6TdLGp5U21+ovSsZuRWCGrp2uiY9HaFmRSx/e9RbOKJCnIQZ1a99MhV2dNxNzfSIMCesLIF9ewLbbzrpeWKBSv+6Vodk13lSBgFDOJ74UFSiAz6n2//jMQNeUNWnNrQpEo2IzMFPw=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <07AAC303C3678A4D8E89CDA31A7FB0BD@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: ad05037f-8e64-4101-990d-08d6554f4d3a
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Nov 2018 16:34:00.9199 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR0501MB3718
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-11-28_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1811280144
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/bTv2POCEg9ec0Z3okcs2KF1u1EE>
Subject: Re: [bess] Benjamin Kaduk's Discuss on draft-ietf-bess-mvpn-expl-track-12: (with DISCUSS and COMMENT)
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2018 16:34:09 -0000
Benjamin, I believe draft-ietf-bess-mvpn-expl-track-13 addresses your issues. Please let me know whether this is the case. And thank you for doing such a careful review. Eric On 10/22/2018 9:41 PM, Benjamin Kaduk wrote: > Benjamin Kaduk has entered the following ballot position for > draft-ietf-bess-mvpn-expl-track-12: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_iesg_statement_discuss-2Dcriteria.html&d=DwICaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=-DXB84eU9m4cIlq2OOcCJCQQAwJXQQswyu3F0kG0VNo&m=_As6D3lr-KYW2BdIKLvT4bjw3HDCFWJBsOFYObf1E_0&s=UWa2_MZELEQCZBxgLuEXDrhFGiFhDaSLecKezEgQJSk&e= > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dietf-2Dbess-2Dmvpn-2Dexpl-2Dtrack_&d=DwICaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=-DXB84eU9m4cIlq2OOcCJCQQAwJXQQswyu3F0kG0VNo&m=_As6D3lr-KYW2BdIKLvT4bjw3HDCFWJBsOFYObf1E_0&s=Zs4cZ41OK1XktcOKuVjcsMkGQmpuzOc9fWuTjx1HQZY&e= > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > This document places normative requirements on new tunnel types but does > not indicate this in a way that someone specifying a new tunnel type would > be forced to see. This occurs both in Section 5.2: > > o When additional tunnel types are defined, the specification for > how MVPN is to use those tunnel types must also specify how to > construct the PTA of a Leaf A-D route that is originated in > response to the LIR-pF flag. As an example, see [BIER-MVPN]. > > and in Section 6: > > If L's PTA specifies a tunnel type not mentioned above, the > specification for how MVPN uses that tunnel type must specify the > actions that N is to take upon receiving L. As an example, see > [BIER-MVPN]. > > I think the best way to do this would be to have IANA Considerations > updating the registration procedure for > P-Multicast Service Interface (PMSI) Tunnel Type codepoints to note that > new registrations must include this information. It might also suffice to > call out the existence of these requirements in the portion of the > Introduction that discusses how this document Updates RFC 6514 (though, per > the COMMENT section, this portion of the Introduction doesn't exist in a > good form yet). > > Thank you for providing the BIER example, though -- it is helpful to see > how the requirement plays out in practice! > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Section 1 > > This document clarifies the procedures for originating and receiving > S-PMSI A-D routes and Leaf A-D routes. This document also adds new > procedures to allow more efficient explicit tracking. The procedures > being clarified and/or extended are discussed in multiple places in > the documents being updated. > > This is in effect saying to the reader, "you must read the updated > document(s) in their entirety and decide for yourself whether a procedure > being updated is described", which is perhaps not the most friendly thing > to be doing. > > Section 2 > > If the LIR-pF flag is set in the PTA of an S-PMSI A-D route, the LIR > flag of that PTA MUST also be set. > > What do I do if I receive a PTA in violation of the MUST? > > Note that support for the LIR-pF flag is OPTIONAL. This flag SHOULD > NOT be set unless it is known that all the PEs that are to receive > the route carrying the PTA support the flag. How this is known is > outside the scope of this document. > > Maybe remind us what a PE that doesn't support this flag will do if it > happens to receive a PTA with it set? (I see discussion below of the state > at the ingress node in this case, but not an explicit confirmation of what > egress nodes do.) It would also be nice to give non-normative examples of > how a sender might know that receivers support the flag. > > Section 3 > > The rules for finding a "match for reception" in [RFC6625] are hereby > modified as follows: > > Maybe give a section reference too? (Especially since 6625 does not use > the abbreviated version we define here, and instead writes "Finding the > Match for Data Reception".) > > For a given C-flow ((C-S,C-G) or (C-*,C-G)) the "match for > tracking" is chosen as follows. Ignore any S-PMSI A-D route that > has no PTA. Also ignore any S-PMSI A-D route whose PTA specifies > "no tunnel information present", but does not have either LIR or > LIR-pF set. (That is, DO NOT ignore an S-PMSI A-D route that has > > I think this would be clearer as "and has neither LIR nor LIR-pF set" -- > the "but" can easily lead the reader astray. > > a PTA specifying "no tunnel information present" unless its LIR > and LIR-pF bits are both clear). [...] > > Note that the procedure for finding the match for tracking takes > into account S-PMSI A-D routes whose PTAs specify "no tunnel > information present" and that have either LIR or LIR-pf set. The > procedure for finding the match for reception ignores such routes. > > Why are we talking about this like LIR and LIR-pF can be set independently, > when just last page we said that if LIR-pF is set, LIR MUST be set? > > Section 4 > > Please expand I-PMSI on first usage. > > When following this procedure, the PTA of the S-PMSI A-D route > may specify a tunnel, or may specify "no tunnel information > present". The choice between these two options is determined by > considerations that are outside the scope of this document. > > Could you give some examples of what sort of things might be involved in > making that choice? > > Section 5.3 > > Suppose the forwarded S-PMSI A-D route has a PTA specifying a tunnel, > and also has LIR-pF set. [...] > > nit: is this this "route being forwarded" (i.e., where the ABR/ASBR acts as > egress) or the "after forwarding route" (i.e., where the ABR/ASBR acts as > ingress)? > > As a result of propagating such an S-PMSI A-D route, the egress ABR/ > ASBR may receive one or more Leaf A-D routes that correspond to that > S-PMSI A-D route. [...] > > Just to check my understanding (no document change requested), this > correspondance is determined by the NLRI in the Leaf A-D route matching the > NLRI from the S-PMSI A-D route? > > The "global administrator" field of the modified RT will be set to > the IP address taken either from the S-PMSI A-D route's next hop > field ([RFC6514]), or from its Segmented P2MP Next Hop Extended > Community ([RFC7524]). > > How do I choose which one to use? > > Section 6 > > then the action taken by N when it receives L is a local matter. In > this case, the Leaf A-D route L provides N with explicit tracking > information for the flow identified by L's NLRI. However, that > information is for management/monitoring purposes and does not have > an effect on the flow of multicast traffic. > > I would prefer to say "does not necessarily have an effect". > > Section 9 > > I agree with the secdir reviewer that some mitigation for the new problem > indicated is appropriate. (Some justification for why the problem is > insoluble in the scope of this document might also suffice.) > > Additionally, it seems that the mechanisms here can require more state to > be maintained in the SP network than a pure 6513/6514 solution would, and > that could be worth mentioning (along the lines of 6513's mention of the > potential for overload when multicast activity exceeds expectations). > Similarly, additional implementation limitations may be advisable. > >
- [bess] Benjamin Kaduk's Discuss on draft-ietf-bes… Benjamin Kaduk
- Re: [bess] Benjamin Kaduk's Discuss on draft-ietf… Eric Rosen
- Re: [bess] Benjamin Kaduk's Discuss on draft-ietf… Eric Rosen
- Re: [bess] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk