IETF Logo Mail Archive

Re: [bess] Shepherd's review of draft-ietf-bess-mvpn-expl-track

Eric C Rosen <erosen@juniper.net> Tue, 06 February 2018 20:28 UTC

Return-Path: <erosen@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24473127735; Tue, 6 Feb 2018 12:28:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.689
X-Spam-Level:
X-Spam-Status: No, score=-2.689 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AYaQZqrFlyHU; Tue, 6 Feb 2018 12:28:50 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFCD212773A; Tue, 6 Feb 2018 12:28:50 -0800 (PST)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w16KPCb2029288; Tue, 6 Feb 2018 12:28:50 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type; s=PPS1017; bh=qFZlD9XRION3FkTg5FPITvg7QVrtFX90r4nDHxUmwKg=; b=dtszguQqJlq4dc1f7JEMMFWAcnnwqUQqI+TD652dNAoZ5JpugNSS3bLyp7yZEOe9v6KP yvQpHkAmESwfmGUGbOVvhfYitgOdsl+7AAUpmvOXZzVjGSISAqJDh96lgFBv4tzkUgyC nUJ8Q6iLJCUMD3loXaQOyLbaaIVQr419H+n7Ar3+Kcz5vWxX1bYN117mJ6H24PNASuv8 apY1vVGq5rzd8pdadpmsc4MFTQ94MOyEF97ey3BNNhDwxU2Tpn295JuuuNAZpCj8rVq6 N+ZV0Mh0o6bDbPyoneyQRI6YGMzeHrpCrsf3I5jsbfqpMMm1WDQszhbL5BWp5nH2aXBu Dg==
Received: from nam01-by2-obe.outbound.protection.outlook.com (mail-by2nam01lp0180.outbound.protection.outlook.com [216.32.181.180]) by mx0a-00273201.pphosted.com with ESMTP id 2fyjng0323-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 06 Feb 2018 12:28:49 -0800
Received: from [172.29.35.70] (66.129.241.11) by CY1PR05MB2299.namprd05.prod.outlook.com (10.166.192.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.485.3; Tue, 6 Feb 2018 20:28:46 +0000
To: stephane.litkowski@orange.com, "draft-ietf-bess-mvpn-expl-track.authors@ietf.org" <draft-ietf-bess-mvpn-expl-track.authors@ietf.org>, "Dolganow, Andrew (Nokia - SG/Singapore)" <andrew.dolganow@nokia.com>
Cc: "bess@ietf.org" <bess@ietf.org>, "bess-chairs@ietf.org" <bess-chairs@ietf.org>
References: <7712_1514984470_5A4CD416_7712_401_1_9E32478DFA9976438E7A22F69B08FF921EB01322@OPEXCLILMA4.corporate.adroot.infra.ftgroup> <ecd0de7c-c395-2105-ab94-e1a9ca5381be@juniper.net> <18410_1516778715_5A6834DB_18410_457_1_9E32478DFA9976438E7A22F69B08FF921EB2C31D@OPEXCLILMA4.corporate.adroot.infra.ftgroup>
From: Eric C Rosen <erosen@juniper.net>
Message-ID: <5b146b22-465a-4904-73dc-9bf46d4b6b40@juniper.net>
Date: Tue, 06 Feb 2018 15:28:42 -0500
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <18410_1516778715_5A6834DB_18410_457_1_9E32478DFA9976438E7A22F69B08FF921EB2C31D@OPEXCLILMA4.corporate.adroot.infra.ftgroup>
Content-Type: multipart/alternative; boundary="------------89C3FB2C44EDFC59CAE20FCC"
Content-Language: en-US
X-Originating-IP: [66.129.241.11]
X-ClientProxiedBy: MWHPR15CA0069.namprd15.prod.outlook.com (10.174.254.31) To CY1PR05MB2299.namprd05.prod.outlook.com (10.166.192.145)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 510885d0-73a2-459b-6a87-08d56da03a29
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:CY1PR05MB2299;
X-Microsoft-Exchange-Diagnostics: 1; CY1PR05MB2299; 3:rkSj477HIMxfX6u9ZjUnZIvZ8KFSYfhJTCkpyRHlY8eBIQusAuPAPt+jdCOEIDNBIaaWJj8rpE4Amu9tg32d0unLY8zOPWRQo14j4Qj5STujPLBpM0NuGJ66EkXW6xI9HwfWJ7C3yX2S02IIyyJ3dJwFb7GT0AeER5xaRtS7Rxgbg5CWd2LXhJd+jXg5I66/2Je2faV1AjdlHh8Lbl3r8hLIp6S5s7M+alrYxgQtq2XcGNQP6O4H81tTBiopaM9B; 25:BqQ5uABOVF/abOkEPd2d0gEyVaDEpRg6NcAWojHu42SjKGdwzD/bWv2sb4dxqh1XYaj7m4mw8sbhJdiI0vVz2yFLKaQNvgGm3xWXp2R6Z2z+v095Lsr66tZS7K48bI2z28Wk78ghjMZWeAH7qFHNETosg3A8dGvgwMcX4VG526wyZHnFeAQ2NghKyOl6Ir7XgrdKPzEzj0OwLLpobuFatkjPlwT/jdgNgLdkjV6bVQTAJpmKqjcD7vRZUlyj8PvHxjG0lxX4SC9iLjb0+YtBy+58AGefeqk6//7nhExoYqzQKVPyup2yoK16NshYb4j3BXIqK88bgOkAyBmFD7qNKg==; 31:236/mzZp/ElT+cwfBlzElDIGVWoetdAl33fdIYb4zY2DU8UppgYpHU0TWUymXL/ZA7cVvXmT1US27Osa+SZFoFs3B0sdm0NG45MMi2II2kTRZdjvcZEw9jRUU1G1GgYxetlv1CcJrfHt1fzCjjCCt+7Pg5OM0ApG+hzNNDGrKEcV/nHs/Ueu/3yfXA8QYlwZTRR4pwuwKRE/FvsIjXj8WaAAJX8T2OffcLmUx0Sl9yw=
X-MS-TrafficTypeDiagnostic: CY1PR05MB2299:
X-Microsoft-Exchange-Diagnostics: 1; CY1PR05MB2299; 20:KcnCN6P/PpwC8H6ZOdfZFJhskngc8C9MC2yXdNf1wlYGTz/3SjkQSA5E+ziwO/bIpK8J0SeCVYJPLQtm3cHOk7Q1p2rK564OsmDgJSg3jcGCA8hj2wkJxLQspqvDmUcWm3168OmDue2gT51PZqTFBwOXcXN5WgnPCGtePiOl0l18QmCu0XHlfahykVokdlg6O4oRT4p0BLI5FiTMvgB4q0pz88bn0lHG03l7HClUS/pH0JuDTWhfDdf23ixGdkG7yyc0rSP6fW9MHdQNynZKjFmOM1++/2WwTUBRqtm/83EMNIRo3vktO4oJk7VPqtOEUXld/dHvbnOZO/lgJ0fqrIr3CNNBfq1hZ6ezx2rbtdc7gcW1TXfJvM79inNkKSBZ4IyO/xJM6HTrnDAx6ToVwxqKEtU9drBFwDxAjc353kDBeK7ov5KeGAFbC7MOO2am6g6MDPW/HtK2RnLvZhIgD6J8UrLd/4QRTEDAx8REJiiSix39Z6whZ5wecnlrd8hnQyu3tyYdjO5uo/6LqWH+5ZX02pJIsbVD0MtaKXTJfpYSCrm5CmTmns6gYgcvuW85G2dg98j531seCjGJGXrSxls83wHBE3RgFeNeZEs2xBk=
X-Microsoft-Antispam-PRVS: <CY1PR05MB22992AA6558DE7D0F91A66CFD4FD0@CY1PR05MB2299.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(18271650672692);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(3002001)(3231101)(2400082)(944501161)(10201501046)(93006095)(93001095)(6055026)(6041288)(20161123564045)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(6072148)(201708071742011); SRVR:CY1PR05MB2299; BCL:0; PCL:0; RULEID:; SRVR:CY1PR05MB2299;
X-Microsoft-Exchange-Diagnostics: 1; CY1PR05MB2299; 4:RVLqtX17/rSJzbxflCXR5NypiYBLJMWy0Io0A5JwzLwuWzCnVtSL1ePNy3LzFXJhT1zvCbxIF3TeAmLxmeci+hBM5t/X2FbQ7UVSGApXlXiyMy9Vex4/RQnQqHVQtacj0EyS0CEPIgKeBPmz0p74883XMGWkBYukrP56AVxyqrJZd+d5IcEcdVG1nsnEodq+R245qriSefSiYUEaFoH4KZb5oemwH4tXVXYXJrDQaoIFpg0W/L9FQyHkKs2AvUnM+F9IpxY6KC0Dhit3QTohQThduGMxl2bbbhDCklbXrOXUYzL+rk0uE637Ah1hbTb7Bea+8ZEqh3Ilulbx7u74cDL5s6DFkVet2/y2lrFYp+g=
X-Forefront-PRVS: 0575F81B58
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6049001)(366004)(39380400002)(396003)(346002)(376002)(39840400004)(76104003)(43544003)(199004)(189003)(106356001)(25786009)(2501003)(386003)(229853002)(316002)(58126008)(478600001)(3260700006)(105586002)(110136005)(4326008)(790700001)(3846002)(6116002)(5660300001)(86362001)(54906003)(77096007)(26005)(7736002)(65826007)(6246003)(561944003)(53946003)(2950100002)(53936002)(31686004)(37036004)(16586007)(16576012)(236005)(64126003)(83506002)(54896002)(31696002)(6666003)(65956001)(76176011)(2906002)(16526019)(36756003)(97736004)(68736007)(6486002)(8656006)(84326002)(90366009)(8936002)(81166006)(65806001)(52116002)(81156014)(59450400001)(53546011)(66066001)(8676002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR05MB2299; H:[172.29.35.70]; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
Received-SPF: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1; CY1PR05MB2299; 23:bDVSDW0Eyv+6vqeOZNcm4o/q3aK6f0xxEgcU9KdZqUEEGKzGa7gVYay1VVArWJDWfNszp5tfRltq9SkInVX2YK0+hkQlINQ7s7btmXH8A1tmbr/lxcgUnYDG5ADMS/20eB7Na+L6BvKWuRiOFcRTKXXYm6Q+ChaF0UhMkfvTvMmRLvHs+cBKtChTpTVCWjor9NUTtvj/KYxBboeEupTwrQs40TLtsQ33I0YABTCogSipgqVGnvZ3HKnMcPTPVBYLw7vnguWJ1yXz8uBxmKrdR+fI1nyraGQ2B9i6eBtdrRUgYDA7/89Fx/p5NUP+e5L1dAJ8l5Hleuy19TNgCzDMi0hYbSwc+xq3IHDWlFr3MyrDZS2XaUJPqwSnGAkBkWaTucdCvTp2k2NFwjhlrrgc3cbXStCcnA/4uX31MivY1WeAiy51WBP4SWELSuJ8RlpzfPSowUA7Yb6oGF+rGQq39KRzMSr+dBpIfLuBEyfyYH7IUroyB/YqBJR8HBqR9/Z/kfoHqZZiPeEwag0CLAH1qcaM89DWnzvSOsjlSWjq4SDEGyDJj+Lf+r4D/SxjFNbwgAwbP0cyyJU6n9aNhECoehp+1euB6yEjnkSOqDEpSm1dUSxwfwnxlRVT9M0jv4oNUISzN2GSXwOF6BAMlppLMNKnYgEpMvloN2AqG+6qguI/tJWreR/J1G+h/Nk0Qy8d+lMXMX68QUDPLd59ZPEldd4OJuEb1HeIeNGWZwWU3nmBbaRMkiw2S76LTdmDLYWliu825W3nSaIA9TD/NzWe2reYXlSQ0S6eAK5Zp64HdjGLltIEh+V4T2Xri5im0x2xU5rNWEFDiMCYp3Q/BOd9Yz0/SFnE7ZzVRwQs7TCFNusCg3UwwxGLwFfUjNG5YFNlq8aSlMF1sdGbOAVNmWuio5HOhBvB+K1Hhq5T/xtHwgm8MJcGTH8JddzqvtDKK+tsUHnb+zRaIFa0IFqG/F6O8b77sUsv3xkyXypumtP2Z4f76f9/9KebH85Y32Wz8d8i2RhN1/vUO9yHiDbKfByw/6cA81GGNpHe7TqbkoRo8vXffFgAvofh6WQLBYir9h0dhH4pvJM8K21PyAvoqh1lCNh8wMIVY2b3c+Iib6OjuJeh//nJX7IfAc7NUdQfPtY9o+D4oafHTn2cPbhS4Lp/M+d8ECuPfJYb+Ht/MRh6A3SlmpnsisN3XPHOC2VahYqVCuhUwH0da+joXJyU1ea+ZRs1bd/qPrYoWwwZHBITEPPDT3Vwl0yPEzC4FiHx+Z3yOm5PsBXvtOvKTTkh7Il+82CyMq6UyC0AgClNzCc7SUsmu3CgQLuY7yTxCMwf39zkyz1JkDqHosN92AVp6Kye4DEBdg39WY+n1wPqbyQIBMCabw7uQl37CtRYv7h3o+zgS51GX9J/6N1HtDoGRxIHCOHaORI2BydOzNYwbg2HbSsbZcl7IXjWfQ5joziGMeRrXJ1PijehSQe3MYN3Xlhp6kuHs2DKiTdFhmCfKNyIMlAx8xgzIJHvxF9vkLI6GBX6
X-Microsoft-Exchange-Diagnostics: 1; CY1PR05MB2299; 6:5tTo9EYe00aHr6u58b5C6Noc4jFu7L7wSIINcGp89TNoVFAuSLGwHXGH851Xt7Qb97L6IwOer2FxhNDFw3CMv5hKi4Uu+CbP8KU12HENYmprXJHNJ9ZfmLX8BUbPWhGKsDBXrQAUHfhdNligepmTPMs7gOJILCsJkfqEGDoe+9oYAFIdTUMebMO9Uvk/ILYD2w+hOFt0vu+VBS5u3jb5twFNc6cRbSLGED3PWeSv9/BgypPq8v6pDzUb6xnTk+BUxOgeBVI2oSHVQsPlT/0817/GPcrSVm2UVwi7/IT8wsNhi+rb+rZtqrbw/ZG8oaG4LDmd03tzdlT5we8/t7g8fgdCKqSi6J7fA7yftJUn02s=; 5:65pVvueN/g03GmsayJ61TxNKMbwY8x73XwuS9L/QlXXD0WMj0dk2O0hqKZ/JkE6d71hphzfRovTc+iXhzx++smPHND85VaBthvKjbP0QoVnzfDwuNK8qha9+dLASffkkGyQZv812W2a+CGHoTz3UKvT7956L5HlX9oaSS7jC+VY=; 24:8SY9Lb6xWLaHNKnG7ym40SaIfnX0tbRnNykU9DkDHWgBkfw5UtIPzeuztqJgdfsAZUZZdQMYNZC0Ar6I360C/Ar3jwnACIbmiHr70DojWAM=; 7:FhJKvax7xqivWoU8Hgsah4wlQW2qs5kluyJjW9gC1kbeJKxnny0+9YnCMQ54B10RHN+dZT7tq4arUf3iQUS+ZzJSp0qZJJ7YyDfFsdp88rXrw5NFfdd7KdyLfX9XLXQt9++XjQ4FvELt0nbkh+XCdttpavBFHBXNr3ho1hDKX8Ohzj1az/0bIswAk6481TOuP0+DAsuzJ0JpB48vznP129TgfFIg89sTkYnt4t0tZ79jlVkKp+XQvTSsDzqlwthG
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Feb 2018 20:28:46.7811 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 510885d0-73a2-459b-6a87-08d56da03a29
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR05MB2299
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-02-06_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802060255
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/unsaFDp6Rtp6vMke3CEgP1EN5A4>
Subject: Re: [bess] Shepherd's review of draft-ietf-bess-mvpn-expl-track
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Feb 2018 20:28:54 -0000

On 1/24/2018 2:25 AM, stephane.litkowski@orange.com wrote:
> “The procedures of [RFC6625] do not clearly state how to handle an
>        S-PMSI A-D route if its NLRI contains wild cards, but its PTA
>        specifies "no tunnel info".”
>   
> [SLI] I quickly ran over RFC6625, it does not mention anything on explicit tracking or Leaf A-D routes.So we assume that RFC6513/6514 only applies here.
>
>
> [Eric] RFC 6625 specifies the handling of wildcard S-PMSI A-D routes, 
> but did not consider the case where the S-PMSI A-D routes do not carry 
> a PTA.  This document corrects that.
>
> [SLI2] My point was that RFC6625 does not specify anything regarding 
> explicit tracking while your sentence says  “do not clearly state”. In 
> reality, it does not state anything about how explicit tracking works 
> for wildcard routes.
>

I see your point now.  I propose to change this in the -07 rev to:

       The procedures of [RFC6625] do not address the case of an S-PMSI

       A-D route whose NLRI contains wild cards, but whose PTA specifies

       "no tunnel info".


> “If the LIR-pF flag is set in a given PTA, the LIR flag of that PTA
>     SHOULD also be set.”
> [SLI] Why not using a MUST ?
>
>
> [Eric] If all the PEs support the LIR-pF flag, the procedures will 
> work as intended even if the LIR flag is not set.  So I don't think a 
> MUST is appropriate.
>
> [SLI2] Ok so do we really care of having the LIR flag set ? If not, 
> couldn’t be a MAY ? I’m just wondering how important is to set the 
> LIR-flag here. It seems to be linked to the next sentence between 
> parenthesis.
>
> I understand that setting both allows to always have a response (per 
> flow or not per flow). Can we see this as an optional feature ?
>

My reasoning for suggesting that LIR SHOULD be set whenver LIR-pF is set 
is captured in the following sentence from the draft:

    (By setting LIR as well as LIR-pF, one forces a

    a response to be sent by an egress node that does not support LIR-pF,

    and it is possible to tell from that response that the egress node

    does not support LIR-pF.)


This is intended to be a troubleshooting aid.  Nodes that don't support 
LIR-pF will respond to the LIR flag, and the response to the LIR flag is 
different than the response to the LIR-pF flag, because the RD is 
modified.  LIR-pF really shouldn't be used unless all the PEs support 
it, and this is a way of detecting  a configuration/provisioning problem.

I would be happy to hear others' opinions on whether this is a 
worthwhile hack.

> “We also introduce a new notion: the "match for tracking".  This
>     differs from the "match for reception" as follows:”
> [SLI] It would be better to give a definition of the “match for tracking” before giving the rules. Here you’re explaining only the rules, not the difference in the meaning. Wouldn’t it be easier to tell that the implementation MUST consider only the S-PMSI A-D routes that have a LIR flag and/or LR-pF flag set and then run the same rules as the RFC6625. Why do you want to have S-PMSI routes with PTA and LIR unset in your route list for “match for tracking” ? You need to take care here on your text proposal as one of your previous statement updates the RFC6625 and the match reception procedure, so the rules to be applied are the original one from RFC6625 and not the updated one.
>
>
> [Eric] IMO, the clearest way to express this is to give the rules and 
> then illustrate with a couple of examples.
>
> [SLI2] You are right, I’m just challenging the fact that the text says 
> that it will explain how the match for tracking differs from the match 
> from reception but it does not. It’s the job of the reader to deduce 
> the difference from the rule you are giving.
>

Okay, I get your point now.

In the -07 rev, I propose to eliminate the sentence "This differs ...", 
and to add the following sentence after the rule:

       That is, the procedure for finding the match for tracking takes

       into account S-PMSI A-D routes whose PTAs specify "no tunnel

       information" and that have either LIR or LIR-pf set.  The

       procedure for finding the match for reception ignores such routes.


> “   Also note that if a match for tracking does not have the LIR flag or
>     the LIR-pF flag set, no explicit tracking information will be
>     generated.  See Section 5.”
> [SLI] Again I do not see the value added of keeping such route as a match for tracking as there is no tracking requested.
>
>
> [Eric] As the terms are defined, there is always a "match for 
> tracking" route for each flow.    If tracking is not requested, this 
> route will have LIR and LIR-pF clear.  There are no unnecessary routes.
>
> [SLI2] Agree, but based on my understanding such a route (with LIR and 
> LIR-pF clear) cannot be a match for tracking by definition : “ignore any S-PMSI A-D route whose PTA specifies
>
>   "no tunnel information", but does not have either LIR or LIR-pF
>
> Set”
>
> So the statement  “if a match for tracking does not have the LIR flag or the LIR-pF flag set” is IMO wrong.

As the terms are defined, the match for tracking could be a route whose 
PTA specifies a tunnel.    In this case, it would be the same as the 
match for reception.  The PTA of such a route could well have LIR and 
LIR-pF clear.

> “If the match for tracking has LIR set and if either (a) the
>
> egress node does not support LIR-pF, or (b) LIR-pF is not set,
>
> then the egress node must respond to the match for tracking,
>
> following procedures specified in other documents for the case
>
> where LIR is set.”
>
> [SLI] Please state the relevant document references here.
>
>
> [Eric] In the case described above, the handling of the LIR flag is 
> not modified by this document.  I don't think it is necessary to cite 
> a specific set of documents that discuss the LIR flag.
>
> ad> maybe we can say “the procedures specified in this document do not 
> apply are not applicable on the egress node” instead of “then the 
> egress node…”
>
> [SLI2] That’s a good proposal
>

I've changed this to:

        then the behavior of the egress node is not affected by the

        procedures of this document.


With regard to the modification of the RD, there are a couple of issues.

[SLI2] I’m also wondering if we really need to differentiate the reply 
to a LIR-pF and to a LIR. The key point is for the ingress to know about 
the receivers for a particular (S,G). If the reply comes from a LIR or 
LIR-pF, IMO, it does not really matter. Is it ?

The pre-existing procedures for processing a received Leaf A-D route 
require one to find the S-PMSI A-D route whose NLRI is identical to the 
"route key" field of the the Leaf A-D route's NLRI.   But if the Leaf 
A-D route was elicited by the LIR-pF flag, the NLRI of the corresponding 
S-PMSI A-D route won't be the same as the route key field of the Leaf 
A-D route's NLRI.  I thought it best to have some way of distinguishing 
these two cases.  You're right that it is not strictly necessary to the 
correct operation of the protocol, but it seems like a good hack for 
aiding debugging and troubleshooting.

However, you are also right that the proposal for modifying the RD is 
problematic, for the reasons you give.  Using the high order bit of the 
RD field as a flag is also problematic, because an RD value of all 1's 
is already in use by RFC 7524.

Perhaps a better approach would be to say that a Leaf A-D route sent in 
response to LIR-pF SHOULD (or perhaps MUST) contain a PTA with LIR-pF 
set.  That would convey the information without causing the RD registry 
problems that you've pointed out.  What do you think?

> “However, if the PTA of the installed S-PMSI A-D route specifies "no
>
> tunnel info", the egress ABR/ASBR MUST pass the PTA along unchanged
>
> when it forwards the S-PMSI A-D route.  (That is, a PTA specifying
>
> "no tunnel info" MUST NOT be changed into a PTA specifying a tunnel.)
>
> Furthermore, if the PTA specifies "no tunnel info", the LIR and LIR-
>
> pF flags in the PTA MUST be passed along unchanged.”
>
> [SLI]Could you confirm that in case of SPMSI merging to IPMSI, the 
> SPMSI route is not forwarded.
>

I have to confess that I never thought there was a use case for S-PMSI 
merging to I-PMSI, and don't really know the procedures for that.    
Hopefully, no one's ever deployed that.

> I’m not fully familiar with interAS segmented case, but I have another 
> (possibly dumb) question. Is a merge case SPMSI regular (S,G) to SPMSI 
> wildcard possible ? (in a similar way as SPMSI to IPMSI). If yes, what 
> are the procedures here ?
>

I'm pretty sure there are no such procedures.

> Section 8.
>
> [SLI] Do we have counter-measures against such “attack” ? Ingress PE 
> dropping ?
>
>
> [Eric] I consider the specification of such counter-measures to be 
> outside the scope of the document.
>
> [SLI2] Fine, could you please state this in the security section ?
>

Okay, will be in the -07 rev.

v2.23.0 | Report a Bug | By Email