IETF Logo Mail Archive

[bess] Re: A question about duplicate MAC detection in Section 15.1 of draft-ietf-bess-rfc7432bis

Alexander Vainshtein <Alexander.Vainshtein@rbbn.com> Sun, 19 January 2025 09:59 UTC

Return-Path: <alexander.vainshtein@rbbn.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A80EC1CAE82 for <bess@ietfa.amsl.com>; Sun, 19 Jan 2025 01:59:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rbbn.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pu7B7DBiJdxQ for <bess@ietfa.amsl.com>; Sun, 19 Jan 2025 01:58:58 -0800 (PST)
Received: from usb-smtp-delivery-110.mimecast.com (usb-smtp-delivery-110.mimecast.com [170.10.151.110]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F231EC1CAE77 for <bess@ietf.org>; Sun, 19 Jan 2025 01:58:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rbbn.com; s=mimecast20240522; t=1737280736; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Xiy9ZlCtxj9Vkr4UDaelKY6f3pIEMUxXLDADwhA7DHQ=; b=B+Pycja8IBJxhgJB/hoiQVnLnOxuI5w0pbFyNh2LGDvZssh3B86HdvJXJNXBqHL7QlUjNQ NDSrmxeelZWK9OMUfgxNCZCNXUbhCfgRWc/54cxt309P5cPIIcZxqAmP1s5BSPdkNjZgkI q4a5m+5KqMoRim0bIa68lXnaG0E0/eCiqgTKA4C8wZ53j15srK+d0eXAIUPL2iNNv1D9tQ 0mKuKethreRPzSGZo9U4qvZrXLH6njoVPx34ss/j+ohgFuvRAnABP+cT8DfW1b7rwMaOhU VrSLMi06GoePtKi6BYDeJR2yCpRWHFqthmO7nG8omm7Ni8+F/Y0NPJQrqWI6PQ==
Received: from BL0PR05CU006.outbound.protection.outlook.com (mail-BL0PR05CU006.outbound1701.protection.outlook.com [40.93.2.8]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id usb-mta-1--q0RTRI6No2dpHQRzSCarw-1; Sun, 19 Jan 2025 01:58:41 -0800
X-MC-Unique: -q0RTRI6No2dpHQRzSCarw-1
X-Mimecast-MFC-AGG-ID: -q0RTRI6No2dpHQRzSCarw
Received: from PH0PR03MB6300.namprd03.prod.outlook.com (2603:10b6:510:e2::5) by PH7PR03MB7089.namprd03.prod.outlook.com (2603:10b6:510:2be::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.19; Sun, 19 Jan 2025 09:58:38 +0000
Received: from PH0PR03MB6300.namprd03.prod.outlook.com ([fe80::a48b:db16:775a:4a16]) by PH0PR03MB6300.namprd03.prod.outlook.com ([fe80::a48b:db16:775a:4a16%4]) with mapi id 15.20.8356.017; Sun, 19 Jan 2025 09:58:38 +0000
From: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>
To: "draft-ietf-bess-rfc7432bis@ietf.org" <draft-ietf-bess-rfc7432bis@ietf.org>
Thread-Topic: A question about duplicate MAC detection in Section 15.1 of draft-ietf-bess-rfc7432bis
Thread-Index: AdtnEcJD7S5AIiysTlS3XYKPiL95ugDRopaQ
Importance: high
X-Priority: 1
Date: Sun, 19 Jan 2025 09:58:38 +0000
Message-ID: <PH0PR03MB6300286F5FB8763F1F1D601EF6E42@PH0PR03MB6300.namprd03.prod.outlook.com>
References: <PH0PR03MB63000592782B2FDF91211A03F6192@PH0PR03MB6300.namprd03.prod.outlook.com>
In-Reply-To: <PH0PR03MB63000592782B2FDF91211A03F6192@PH0PR03MB6300.namprd03.prod.outlook.com>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH0PR03MB6300:EE_|PH7PR03MB7089:EE_
x-ms-office365-filtering-correlation-id: 9a1b95a4-d53f-42eb-32d2-08dd386fd882
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|366016|1800799024|8096899003|7053199007|38070700018
x-microsoft-antispam-message-info: j1VLqpIdyfRX//fkR+cUdPznHduot6yyO+otSQbPhzB36nJ4kUsN+ZhmDD2sTSeuFHlFtcwIqdd5uW+eZWEivulk1MgRSwcoaYCLNPfuyV4UCwvJeX4R7ewjnNbJmogkjyl+/G9+O0dysGmUPxBgwetDG4G5hOFl9rbxVMbcGSgdxLqmUkNZBy0fF2zS8qdLBKZ6G+3g2ba0w1YMbzD5ycM+kLmjfx1z8ZxnB+ZvpQ7jEaQByWx1M5ugv/AZ6dS7FZRcWNf28JxRCfg0Z8TAMJMR+apzKK49DFj+1s7B3MrMbynj4KbnMl/Eh9AmCkcWw7en7vNmMAzYY8ew03vJD+71/m95hq9cOu6rWyOL4O0Et7ellRPaGz9n7fR9cUhVSDt2vj9dgUCBt95U5Qeku8Zf2s7Ac9mw/jznazQyvIwD7waPufzw5ZbqLVjT1vU5O/i6GxBCBrClj38c6AVoDb404pH5DACwPrUQ5Sy/XLBu4IvNE8iBecdHULmxwB+J09eEhtxkG1vdLWZRBH2kCC47RaeNTmJ6bMnPp+I+aH0XsEWdDGdRTxV4nlDslIMe5YuuGMl2Nrp/jFzxHKFUUpkd2jXMYeFB0OM3vO3qHMuTMK2h/SsSWvEbtnaES1yHeTUNIW9WueDpXk7arexxoLH7+Aq7vL7jeqCFyW/mbMPlEeHlqTGz+ToJtfD27o259nYhL61kSKq0YLhjVZmH52uO9ogNTqrIUCly1/uacyU8Yu+wZg9zGz6dkwgFOYR/vuSMCQ75tCEvHts3SxQt0OFVjXLYGyKLwIuW7xPBOn6D7WQDA98hVwJYubtMfpAJKnRs5sN2xN6TK0oPW19+gLGPmpL0CL1Z1oEjuBvM5Kmzmg8tpgAXT4kT82dj4N0nGlBvAvkWn+BsQkeYUUJ5pQDJ85gltL4/EmJ/B2WkI/zwm8K6Ku/ps5laNWbgs/Gai5KL8xRBUnaDrV9xgsKH7eC3jvkzI730CoCMtVK40dJqc6vapPeMqd2RmDtqnv8EU8PM7Xr6g2DA/4+aUy8cdb00d7dXFP3QL+1otWRRuV5zttwU99laUfXg9gzU1PNxZ3NkJxoVR18TtiDnh4xXIL3szdZ+hhfsGWf82x9FQNR9mz7H3J0FBwLudWVBGTRjE2S/6cgDO8zz6GVhikpzmJonDF1e3r7nQHfAkup4AtQqHME6O72aQL1AMz2zz9xIeKy4uCHxQGvvudajOqb+q1ckyWoDnvsLYTr9YO9JcQJ3bQhmjIPYrKn9vVOmg6dSJMvQ/QDDq/O4wUiQJN5b6yMHIQDJmIw9EzNghsYD/FoMAPcDM9xiPt8Fm8iGC6Ljj5bXMWMeatQXex7dFYmFLmuHmokyHWb6w3I2PRYN003LVo+ja08AqYM4iKcqaJtUBv/4sRSIn0vIqQfFXG8CKA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR03MB6300.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(366016)(1800799024)(8096899003)(7053199007)(38070700018);DIR:OUT;SFP:1102
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: B/KPsh6/MGff/9ikOf7mv/M2Iekmp0bhZGXkdtxT0KggPha8AbyqCAE0ek22wEFTtX79xNuvtgweA6hNB6UFRbxk4bP3VQuyYI5KHSg8yocAQGcyUBYi0xReoW2Nw/Cn7vTIs80o40Xna7N7ZaY0CEWP0sMqEDH7+N3fzi36h5hERyqIItq0wY2leB2q3YHI0byHfRtsJCU2G79cmmcos9i3IotwYzkeSvCVknkFtLhvK8DbvoVFKCCPF1YfAyHQK/uRNiiClx6gVi/yLu9KCagCBR3rwPELNFN4LQHs3n8Zs41FY3BuL5g+lqEwajq8ukHi2EhQoCh93PUK7xICnRRomCw+bpMmzHJM6Nd4Ig+/O6BfcP5rCjI0SijphqJaxTBT6rkitnJJLqLHzPJTVwwzg1sltZx+6zmbQXZIj5khNdIGsrvI5ZO9yoJx4gQ4/dmSBaLqzqW4H3oRXkHE37xngI630AM3yliywKZIzTD4mjvjHEo8eBPqFKVEZzGNP8+UPnpBhu4BtzzboJbs6CvUDInO1QmeS18C0WlGi/wHLYzPCY54jGW3xh+F2b14l/gxf7hccYhgRU8mW//6+GTs2Smt4P25KEGniIg4PzW3+cWFgVFKRkGae3v+Hz4r19qpGxDr/dp5AqTg40uggJ7ABfEROSpIXW5Nd4bp2lz2FYxz271G0ger627F5QDZO4J6EQ1iundWUFEDo2iX+DDkfxuBAPNuOwRDxjAOEJeW2dEL7CFbKmonYzP6S/EpBul1bHVnS8Be9PYMeDHmDtQ8Y03N5IMZj7vDCuPcqwATI11XzajT4FWdgnreeMg53VPwEAoYI0+bZ65Zi33R0P4w9fGdTyEP91c2suwosX39UYeqB6+kGwLuUqJmZidKMyq6yMFWUfIvHgrxQcwQMa3XZpASplX2QUXX6AvbIFwC1NoLLNx4vHBviwbHGLtosTkEy4e+YDpOiCiVPf2LM9j+6rStqsm9Of9VJTjATa7juM1uK5Vi0KysHBeXPlcLwT17+9vSEIz/7hRHM2VKBalwA+0I/AJ+/IM2Ge4uU7JbY6SrAhNf1caV5HAzTRBqkaFTXlVFQJSLVThlYj7wdKc79ZF2buMfxFnwbwqPIFTrznGdBSIecRgPXe65Zjc3YbZLMhZiet7YKHrdlA4piQDmdc/WCSf+JrvuXtP+AeNf+lXT71JonMP5rIci9t4BboVY6kdRL8FybQUgtEtca0vmPSQNEzCLQC8ql2WwZpBQOmAbziGlCsI+Vmh9XB5wC3ZFR2dPuuqeCUzwJ+qVc9vzDKxEA7mjHvI8zan//O5sQwauhujadCqVBGVT+ihzyPZ6t6iKnGcowT3U+eJKJamu52Y3cOeiUKk3eH5uW7fVaiVYiFBdvkggwLNOIb81GCcL3wzyWRnbq8mgEZp4MjZIXEqLACdCRLVRyfUvidksc2AQ41qyphj4MjtPOaO3WNDsqhFfDcEYyBB1NVDYF21CdwMZujCnNuGzayDjgr7oTUswSBLOh/cZvSzA3bcF2MdGYCE5hEDybsntxTPDTiMwOcI0u2c6MdbwR24kE2maBygNyhm0A/+Ky7E4Fw8H
MIME-Version: 1.0
X-OriginatorOrg: rbbn.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR03MB6300.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9a1b95a4-d53f-42eb-32d2-08dd386fd882
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jan 2025 09:58:38.1023 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 29a671dc-ed7e-4a54-b1e5-8da1eb495dc3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dki2UGOYZbJogt1nylidJdvAI1irHVehFediisnFvhDfaQo2wdjhLHMvxtkS86uT0yNGLQLjRZ77eg3W2zbnRA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR03MB7089
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: EDwaiJH99IM2Sd6zAtTPxINy9s8KWmrJ7ZjTqQBnrs4_1737280719
X-Mimecast-Originator: rbbn.com
Content-Language: en-US
Content-Type: multipart/alternative; boundary="_000_PH0PR03MB6300286F5FB8763F1F1D601EF6E42PH0PR03MB6300namp_"
Message-ID-Hash: CYIPYBZDWKXGQHO7IHP43FJCFGWXGAB2
X-Message-ID-Hash: CYIPYBZDWKXGQHO7IHP43FJCFGWXGAB2
X-MailFrom: alexander.vainshtein@rbbn.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-bess.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "bess@ietf.org" <bess@ietf.org>, "Bocci, Matthew (Nokia - GB)" <matthew.bocci@nokia.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [bess] Re: A question about duplicate MAC detection in Section 15.1 of draft-ietf-bess-rfc7432bis
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/wfJ1b3bWmzopJdyeNOXZcE6FQ4A>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Owner: <mailto:bess-owner@ietf.org>
List-Post: <mailto:bess@ietf.org>
List-Subscribe: <mailto:bess-join@ietf.org>
List-Unsubscribe: <mailto:bess-leave@ietf.org>

Hi,
More of the same:
My colleagues and I have identified at least one implementation in which VPN PEs only count MAC Move events detected via local learning as affecting duplicate MAC address detection.

If this is indeed the intention of Section 15.1, can you please update the text accordingly?

Regards, and lots of thanks in advance,
Sasha

From: Alexander Vainshtein
Sent: Wednesday, January 15, 2025 8:25 AM
To: draft-ietf-bess-rfc7432bis@ietf.org
Cc: bess@ietf.org; Bocci, Matthew (Nokia - GB) <matthew.bocci@nokia.com>
Subject: A question about duplicate MAC detection in Section 15.1 of draft-ietf-bess-rfc7432bis
Importance: High

Hi,
I have a question about the rule for detection of duplicate MAC addresses in Section 15.1 of draft-ietf-bess-rfc7432bis<https://datatracker.ietf.org/doc/html/draft-ietf-bess-rfc7432bis-10#section-15.1>.

The problematic text is copied below (with the relevant fragments highlighted) admits two  interpretations:

a PE that detects a MAC mobility event via local learning starts an M-second timer (with a default value of M = 180), and if it detects N MAC moves before the timer expires (with a default value of N = 5), it concludes that a duplicate-MAC situation has occurred

I.e.:

*       The first MAC Move event that triggers the PE attempt to detect duplication MUST be detected via local learning (and therefore results in increment of the sequence number for the corresponding MAC address by the PE in question)

*       There is no explicit "via local learning" qualification for the consequent MAC Move events that are counted to decide whether the MAC address in question is duplicate or not.

IMHO this ambiguity may result in different decisions by the affected PEs. Please consider the following scenario:

1.      An EVPN BD is instantiated in PE-1, PE-2 and PE-3. In each of these PEs it is attached to a single-homed Ethernet segment via a single AC

2.      Initially MAC address X is locally learned by PE-1

3.      Then X is locally learned by PE-2 that starts the M-seconds timer

4.      After that X is locally learned by PE-3, PE-1, PE-3, PE- 1 and so on - but not by PE-2 - while the M-seconds timer in PE-2 is still running. All these events are identified by PE-2 as MAC Move events - but not via local learning:

a.      If PE-2 counts these MAC Move events for the purpose of duplicate MAC detection, it declares X as duplicate and alerts the operator  - even if it did not participate in in

b.      Otherwise, PE-2 does not declare X as duplicate.

I understand that the example above is a corner case, but. IMHO and FWIW, it should be resolved.
Can you please clarify, which of the above interpretations of the rule is correct and, in any case, clarify this point in the next revision of the draft?

Regards, and lots of thanks in advance,
Sasha

Disclaimer

This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.

v2.30.2 | Report a Bug | By Email | System Status