IETF Logo Mail Archive

Re: [Bier] Comments on draft-chen-bier-frr-02.

"Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net> Wed, 17 March 2021 13:47 UTC

Return-Path: <zzhang@juniper.net>
X-Original-To: bier@ietfa.amsl.com
Delivered-To: bier@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB8ED3A0BF2 for <bier@ietfa.amsl.com>; Wed, 17 Mar 2021 06:47:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.246
X-Spam-Level:
X-Spam-Status: No, score=-2.246 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.248, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=IACUT/9/; dkim=pass (1024-bit key) header.d=juniper.net header.b=FAvdMQSO
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q81tGOjnzepM for <bier@ietfa.amsl.com>; Wed, 17 Mar 2021 06:47:16 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 077163A0BF0 for <bier@ietf.org>; Wed, 17 Mar 2021 06:47:15 -0700 (PDT)
Received: from pps.filterd (m0108158.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 12HDjMEw009210; Wed, 17 Mar 2021 06:47:12 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=Vumyd3rcWU5lf0sIkUESsbjzbyT8piw8Tuv1759GQQM=; b=IACUT/9/DGYkZUp7se3ntVf0xBUHqiqnVpYKqmzM/0xmWiMTK6q4tZX2FpKJdPgBjEUu thdH5X2zoKHShG0ugS0vscpgGK+fLbJRBFym+Kq7deMOFx9Jm94jGHAkt174R7nla0an PkCuVMkOYz2eMCH2H+8jjNosVTiTbZG2NPhO8V/dcFiGBEF01EqiMMlBBmeONF8w5LLQ elwDG6zEc2DdnD+k7FLthcYTtIYDPvW2KrhZq2NXM6YxTMX7vViJkm9xDiWeRNRN9dhb 5SGr8qebCJSTNrcHEr5RKW00MbP1He4zr0Wkh/SLH6/+Y8JJijqmHoI0Wkp9iZWypJyG wg==
Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2176.outbound.protection.outlook.com [104.47.56.176]) by mx0a-00273201.pphosted.com with ESMTP id 378syv05ax-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 17 Mar 2021 06:47:12 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mVI0voNCTvJ+UrWqcmirneGfnsMRw3YQKy6IUk+DhPWgPeP1cb8DpTEiYneRDbASTh2cZigrDQ0Ds/EBfeOI3nPNAhHgp6NM4sg9Wp6YvwwkzTL2k5epxeVRLXQM3oMVq/lqzhlO3nIeWdEjORlpjj7e7Mg94I3NHrydsnlJ/g5M01WNiULxPAacMWrdAAOjvpXPJgZunEBn9Aj+RgfliOtgDL0nVFqQfj70OMAhqSOe5t0G7c7Sp2UDREAvtolEhv4vYkT/CO9PZz07motirBUAd3aFdrugXVAmc4bCsJLNgIAKPFBeFu6ZBhyWzWH6FWGU2A83oxTIcdu5ijJ0BA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Vumyd3rcWU5lf0sIkUESsbjzbyT8piw8Tuv1759GQQM=; b=ZK+Md5CYoqNTKdnhWYl+WLF3kl03BIG5QQVLdR5AZ/UNVtpr8FaP8a2D9/CuoEEaiWzY7iClK7VTQUXx75hYA6wF7J3Jjr8+PDBzLCF+NFI1sfk62U1dN6afLqN2crEVyuvu311gI2W23ftmiCuE3tk6rxbFsg3fI7xs0tkq0KRcEyUy/Qqomd/x4ZeIUUj8V7DLVe1SOOTmd/PfYLvvuJzIRJV1CoyTpssTd7q75H2CZluSlwDR9O2hld9CIp+PCi6PbS5nTkYiT+aAwpR32S4mc5AyqE/xkQjUtNmDmUj8kmMlIbyoOVE0y54xyzLDTutekQjic9lnlHERF+G5Kw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Vumyd3rcWU5lf0sIkUESsbjzbyT8piw8Tuv1759GQQM=; b=FAvdMQSOOMDQC7Td0Ky/yZviY/LrvVW6fw0imqAxnB4MLH9E2XLyB+w+C4VCddKc+jE8O38pB0bcwmJuTMkhgxqK8qgmJb7oRaJPcI2Xu/MStl4gzdrHJVJBOQ0QFI4zfUSer3Tu368jDsBwZIlMhuh3+7JbELuI5sM2HNaKKno=
Received: from MN2PR05MB5981.namprd05.prod.outlook.com (2603:10b6:208:c3::15) by BLAPR05MB7249.namprd05.prod.outlook.com (2603:10b6:208:29c::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3977.9; Wed, 17 Mar 2021 13:47:10 +0000
Received: from MN2PR05MB5981.namprd05.prod.outlook.com ([fe80::203e:7f1f:be91:161c]) by MN2PR05MB5981.namprd05.prod.outlook.com ([fe80::203e:7f1f:be91:161c%6]) with mapi id 15.20.3955.012; Wed, 17 Mar 2021 13:47:09 +0000
From: "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>
To: Tony Przygienda <tonysietf@gmail.com>
CC: Huaimo Chen <huaimo.chen@futurewei.com>, "bier@ietf.org" <bier@ietf.org>
Thread-Topic: [Bier] Comments on draft-chen-bier-frr-02.
Thread-Index: AdcarQ4JLoZGL76CTimMbvlaYdVumQAdKmgAAANYRLA=
Date: Wed, 17 Mar 2021 13:47:09 +0000
Message-ID: <MN2PR05MB59815ADEEEFC46950A79D635D46A9@MN2PR05MB5981.namprd05.prod.outlook.com>
References: <MN2PR05MB5981712D40FD05376D55784FD46B9@MN2PR05MB5981.namprd05.prod.outlook.com> <CA+wi2hPVAsEcz+iKneQ0p4bKZnP23MKTAO46T1eRdbG9spEfUA@mail.gmail.com>
In-Reply-To: <CA+wi2hPVAsEcz+iKneQ0p4bKZnP23MKTAO46T1eRdbG9spEfUA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.6.0.76
dlp-reaction: no-action
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=caf42f37-ea70-4d1f-81d3-d09c6805730e; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=0; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=0633b888-ae0d-4341-a75f-06e04137d755; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2021-03-17T13:11:53Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4;
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [71.248.165.31]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 57c8d87d-33e3-4776-c0a2-08d8e94b2960
x-ms-traffictypediagnostic: BLAPR05MB7249:
x-microsoft-antispam-prvs: <BLAPR05MB724952A4DADBAB1844A3D560D46A9@BLAPR05MB7249.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ytB2aCLKM/wawYH9UiyAxLQXr03wFofaBYkPvct/BsEN5aem238X6Ami/rjqIi0Jg+pkCI09BlpPAYd/27BUAYY+GVJhxp5pCtEB3W8R/NCDdrxflWYmJeI5k6awEflT9a7B3lPuq/CVcOzQFrS7BKitjy6zUzvmYnR2ex21B+1nNH8TSK49odmVmHbX4YlGY4E/P1McJaTvJwGLPsKAgyXehFCMZSVMkd2BQFURGG3ChZFMG2kwx727lm+Ar9/+fU1VYrUYu2AfAj6OrkDvBNl1ztRZhvbeyjm6Aiq9T3BgqWLJpJj/jpNhqzuau0S81TczN2dtC4T6lOQ5t6pcjadABx7kMz8Fh2xlirR+Qx1uHZW5k4Y8CTWkXqhhz6hO0X2BKz6iuMCnupjMUurskMftm7pM4Z4tMjfeNIx8GVlZ3M6momxzG0BB/JbRi9v2TkIp+/BcFvQpWrSiCQCQYAL+CmR8UF3HfT5+93o+nb0lS/DKk6Bg5R0hwxIWO6gGw0QPF0hx0D8Vkl6xCnhxGwUxAJ1g5OdvMnDZmuTuV76JwF8OEXFqNpOONT8wZTco5+ZrQ/z3WIFJi1WPXL+G2n88fxTeX+EZTUk+2Ya+QrJuuHYqc6kTC3e1NTwqJwFnuBh6bh0YthiFKuDwesnulw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB5981.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(376002)(396003)(39860400002)(366004)(26005)(5660300002)(166002)(6506007)(53546011)(71200400001)(83380400001)(52536014)(966005)(186003)(7696005)(86362001)(30864003)(64756008)(66946007)(6916009)(76116006)(8936002)(54906003)(55016002)(66446008)(2906002)(66476007)(9686003)(66556008)(33656002)(4326008)(478600001)(316002)(8676002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: vPvWaSbbpOWYCUPvBv3DcWk8z3CIRQuTesBy6PCrKC77Tsn3btKElEXpz+0/zfpxq883AFVOHBX4uWWSRwtoyztPFnyoNBcT/9ojS8DGOBwE5j2zKLkucHmItQ82KD9Mtrl8cjWYqhJrUt8QCxhaZCxEsUDFhvXKqw3y1S1uPX/d1mVv+zqrtQqD5llpMtN1qeD0xEZEwAmOWiPcUvSW9+uDAXccu3bsetbNStfgBm2zM7vnpfEAvhAvoSuEm2+d5mqhGm9V5tPzYZnTPqXbjXYVl43GliGGrV+pkMwpb6IDL69EB/cerzI1cy6AbFSB7iNEAxAyksgbLGw5ysxK61OrXF42nLKCL16I4eRaN2naVCBMVLzzb+nutA7jb0cjmk5Lbpl05uoSCqIgnBzfcCH7Ev1bR93K46BJ9fKlenoJunFn31xVlFFbRKnIjIpzGFrbyI3zb58hhaFvFZrI91ACOq3ZLrCCCcWFqpLRuKZnBkvam0YSdVBO5YMdbAfH51rVl/TtdbmW5gHkD8tbH6p0O2FfPlpqLm+sE3LEbALESKZZpuuXLglxXjsHN7QzBwgDH7vWeVJB9qIfuzqa4yO1r86uuvdsYivHZxwczc5zvnZ9Uz1Upk9Y8vosuPIU7Vb6w4dsxztweF/DSOFwF59xDPuhYkik/9dJt513A/TdrYkwejUKNEWDiXdckcC28ceoZFxHxyrtKp4Ypg6ACAZ/Zzo8TDkypDl5rWLRgGvSdw98+jarbJldehgHNzXGggE7stec1g1MyFIZKUCzfiz9lGKrsAqZF/KRu6fMcbqNUYCiqjPU5zKJPXVHMIqiXP5IByUkdbOtW/4jmdLOP9+FpVZVi+JXT4PU6gXuvfAvh0wJc/jfbB/bMcK9LF64OSwUAOxGkSdZmB7rBPafxwxVQ7eVa2ut1AidO+SXi1gDzL9hazpI7sot+/ZLs73fPxBycjUHJFH0X8SO+xnpvCzNntmtTTQYrF+RQQobRHAfkPBGP+I+qDEWY74quNSbmAuf+Lo3OFRQ3yyxZUA4RjAn3ZDr+miVPkmGqcW4+G7aY/1KplG3iyzV3sApkeEGWbx6xH7lMnBicx5gZBPLpWSVd158Q0UUHxjlelyZhZ9GnIa+TegACEiRDok3IiHgYEJPfbnKX2Ag9rerkkbO7tggELI4GgLOYpzBBjBHXj9/XcrXunyM9fQCcCGsZaMN2CVYTWoH2YH28ArFioZREV1nxD2C2o0Yn32K7HrLOqXp7eioAjeqrnBXwGAGqqnBYOQs2kBFN/sCRL2FHXhwxeCfwp+gVnT8dypw6ve0HIC9pPVPql2og6YS/C10b80+
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR05MB59815ADEEEFC46950A79D635D46A9MN2PR05MB5981namp_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB5981.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 57c8d87d-33e3-4776-c0a2-08d8e94b2960
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2021 13:47:09.7771 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: s6XKJznvlRn3GQf8ldYrcfpfzbz6v9U0hPqK5r2nfdDyyGLfKj227gSFXJk1kKrzZI7FKKE4f8bwZJC87SWo1A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLAPR05MB7249
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-03-17_07:2021-03-17, 2021-03-17 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxlogscore=999 bulkscore=0 spamscore=0 malwarescore=0 phishscore=0 mlxscore=0 suspectscore=0 lowpriorityscore=0 clxscore=1015 priorityscore=1501 adultscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103170103
Archived-At: <https://mailarchive.ietf.org/arch/msg/bier/2P8onaKUfp2g8A3C7AP8GqlaqkU>
Subject: Re: [Bier] Comments on draft-chen-bier-frr-02.
X-BeenThere: bier@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "\"Bit Indexed Explicit Replication discussion list\"" <bier.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bier>, <mailto:bier-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bier/>
List-Post: <mailto:bier@ietf.org>
List-Help: <mailto:bier-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bier>, <mailto:bier-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Mar 2021 13:47:20 -0000

For a document that *describes* (not specifies) how BIER FRR would work, the key is how the BIFT is organized to achieve FRR. Different implementations have different ways, therefore what the document says is only informational not normative. Still, we need to choose a good reference model that best describes how BIER FRR works. For that, I believe a single BIFT with each entry having ECMP/primary/backup branches is the best reference (but again an implementation is free to adapt/change).

How those backup branches are built, and whether IGP/LFA/controller is used actually does not matter. The key is that BIFT is about how a BFER is reached and however you pre-determine the backup branch is fine – it does not matter whether it is using an alternative path to the primary branch’s BFR neighbor or to the BFER itself; it does not matter either if the alternative path is somehow determined with or without IGP LFA, or if a controller is involved.

Of course it is useful to document different ways to determine that alternative path, but it is only informational.

Jeffrey

From: Tony Przygienda <tonysietf@gmail.com>
Sent: Wednesday, March 17, 2021 7:36 AM
To: Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>
Cc: Huaimo Chen <huaimo.chen@futurewei.com>; bier@ietf.org
Subject: Re: [Bier] Comments on draft-chen-bier-frr-02.

[External Email. Be cautious of content]

as participant


On Tue, Mar 16, 2021 at 10:41 PM Jeffrey (Zhaohui) Zhang <zzhang=40juniper.net@dmarc.ietf.org<mailto:40juniper.net@dmarc.ietf.org>> wrote:
Hi Huaimo,

Please see my comments below.

Some are nits, but if I understand it correctly, the idea of using
multiple per-nbr FRR BIFTs is flawed.

   [I-D.merling-bier-frr] proposes a tunnel-based fast re-route (FRR)
   ... Before the
   primary bit mask is recomputed and updated, some of BIER packets may
   be forwarded incorrectly.

Would like to see elaborations on why some of the packets may be
forwarded incorrectly - especially if you consider the approach
at the end of this mail.

it seems to me just a bit of a wild assertion. IGPs are the fastest way to distribute topology info unless every node is somehow hooked up to a "controller" which is basically a degenerate IGP graph (super edge connected AFAIR).

so one could construct a case where every node before running IGP talks to controller and that can compute & install backups first while IGP is converging. I doubt for the moment practicality of something like this but there is little account for taste in networking ;-)

So I think a framework should explain that a unicast nexthop when running IGP has already protection (all LFA variants) with BIER for free if implemented correctly and given maturity of that technology it's an easy choice. If/when that cannot be used (IGP is not in place) etc then the framework document should explain protection schemes that could be built directly into BIFT (and I agree as informational for the moment and we see whether it goes from there). The same document IMO should also cover TE-FRR which is a bit of a more interesting case.

BTW, the Menthe paper seems bit misleading in this respect, it somehow doesn't show that the NH unicast is easily protected via IGP FRR @ no additional storage or complexity cost. The section VI on LFA based FRR is literally this AFAIS, modulo squeezing the protection into BIFT NH (which is with IGP not a _real_ nexthop but indirection to IGP neighbor if implemented smartly). yes, all the discussion on compressed backup etc is fine if there's no IGP but to try to replicate what IGPs do today already does not seem like any saving (unless one costrues again a convoluted case of underlying IGP without LFA available/enabled).

https://tools.ietf.org/html/draft-chen-bier-frr-00<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-chen-bier-frr-00__;!!NEt6yMaO-gk!QMDiuqPpXZqvp0RA8a_krtepgZAqnFF88J0KqRP3vSZnlog-_Rp029nK3W_MT_HV$> itself seems very implementation specific (and subtly flawed, I think Jeffrey picked @ it carefully in rest of this email) but describes largely same concept AFAIS so it looks to me those drafts could be esaily joined into a common bier-frr draft convering all the approaches and bier te frr as well.


   This document describes a mechanism for fast re-route (FRR)
   protection against the failure of a node or link in the core of a
   BIER domain, which resolves the above issue.  It is based on LFA,
   which is called LFA-based BIER-FRR.

Unicast FRR can be based on many mechanisms, and BIER FRR can simply
follow suit. It does not have to be limited to LFA or tunnel - simple
ECMP can also work if there are ECMP paths (if an ECMP branch is no
longer available you can simply take another one).

+1

IGPs provide very reach X-LFA support today already (well, in RFCs and solid implementaions)

-- tony


   In normal operations, the normal BIFT is used to forward BIER
   packets.  When a neighbor fails, the BFR as PLR uses the FRR BIFT for
   the neighbor to forward BIER packets.  For a BIER packet to traverse
   the BFR and the failed neighbor, the BFR reroutes the packet around
   the failed neighbor using the FRR BIFT for the neighbor.  For a BIER
   packet to traverse the BFR and any other neighbors, the BFR forwards
   the packet to its expected next hop neighbors using the forwarding
   entries with these BFR neighbors in the FRR BIFT.

I do not see why there is a need for per-neighbor FRR BIFT. It is also not
clear how the switch between normal BIFT and FRR BIFT is done - in fact
I think it is flawed - more on that later.


   From the BIRT on the BFR, a "Bit Index Forwarding Table" (BIFT) is
   derived.  In addition to having a route to a BFER in each row of the
   BIFT which is the same as the BIRT, it has a "Forwarding Bit Mask"
   (F-BM) in its each row.  For the rows in the BIRT that have the same
   SI and the same BFR-NBR, the F-BM for each of these rows in the BIFT
   is the logical OR of the BitStrings of these rows.

Need to be a bit more strict here. A row in BIFT is about a
particular BFER, which could be reached via two ECMP nbrs.
The F-BM is really for a nbr, not for a row. See Figure 6 in RFC8279.

   When a BFR receives a packet, for each BFER k (from the rightmost to
   the leftmost) represented in the SI and BitString of the packet, if
   BFER k is the BFR itself, the BFR copies the packet, sends the copy
   to the multicast flow overlay and clears bit k in the original
   packet; otherwise the BFR finds the row (i.e., forwarding entry) in
   the BIFT for the sub-domain using the SI and BitString as the key or
   say index, and then copies, updates and forwards the packet to the
   BFR-NBR (i.e., the next hop) indicated by the row (i.e., forwarding
   entry).

Strictly speaking, the BIFT is for <sub-domain, SI> (if we ignore
different bitstringLen), and the lookup key is 'k' not the entire bitstring.

   The FRR-BIRT for BFR-NBR X of the BFR considers the failure of X and
   maps the BFR-id (in the sub-domain) of a BFER to the BFR-prefix of

A nit here - strictly speaking it's not that you map the bfr-id to bier
prefix in BIRT. BIRT is built based on how a BIER prefix is reached,
and the mapping is the other way around - you map the prefix to a BFR-id
when you derive the BIFTs from BIRT.

   The BFR may build the FRR-BIRT for BFR-NBR X by copying its BIRT to
   the FRR-BIRT first, and then change the next hop with value BFR-NBR X
   in the FRR-BIRT to a backup next hop (BNH) to protect against the
   failure of X.  In other wards, for the BFR-id of a BFER in the FRR-
   BIRT for BFR-NBR X, if the next hop BFR-NBR on the path to the BFER
   is X, it is changed to a BNH when there is a BNH on a backup path to
   the BFER without going through X and the link from the BFR to X.

   If there is not any BNH to a BFER to protect against the failure of
   X, the next hop BFR-NBR X to the BFER in the FRR-BIRT for BFR-NBR X
   is changed to NULL.  For a multicast packet having the BFER as one of
   its destinations, if the next hop BFR-NBR to the BFER is NULL, the
   BFR does not send the packet to the next hop BFR-NBR NULL but drops
   it when X fails.

A nit - it's not that the packdet is dropped. Rather, the bit for that
BFER is simply cleared.

So for BFERs not affected by X's failure, they're still present in
X's FRR BIFT and are the same as in the normal BIFT. Keeping these
per-nbr FRR BIFTs with those unaffected entries
just does not make sense - you might as well have one BIFT in which
each row includes ECMP/backup branches. Of course, this is implementation
details/preferences, but:

- it's not good to specify this controversial implementation details
- switching to using FRR BIFT is actually flawed - see later comments.

   The forwarding procedure defined in [RFC8279] is updated/enhanced for
   a FRR-BIFT to consider the case where the next hop BFR-NBR to a BFER
   is NULL.  For a multicast packet with the BitString indicating a BFER
   as one of its destinations, the updated forwarding procedure checks
   whether the next hop BFR-NBR to the BFER in the FRR-BIFT is NULL.  If
   it is NULL, the procedure will not send the packet to this next hop
   BFR-NBR NULL but drop the packet.

A nit - not "drop the packet" but simply clear the bit.
Additionally, even when you do not support FRR you also have situations
whwere some BFERs are simply not reachable. In other words, clearing
the bit for those BFERs is the base requirement/assumption in RFC8279,
not a update/enhancement.

   The FRR-BIFTs will be pre-computed and installed ready for activation
   when a failure is detected.  Once the BFR detects the failure of its
   BFR-NBR X, it activates the FRR-BIFT for X to forward packets with
   BIER headers and de-activates its BIFT.  After activation of the FRR-
   BIFT, it remains in effect until it is no longer required.

Let's say this BFR has several BFR neighbors (including X and W).
X fails first and W fails instantly after that.
Which FRR BIFT do you use? X's FRR BIFT does not consider W's failure
and W's FRR BIFT does not consider X's failure, so using either one alone
has problems. Notice that this is different from the typical
"multiple failure" scenario - it's not that X and W may depend on each
other but it could be that some BFERs have a common backup neighbor Y, yet
if you use X's FRR BIFT then those BFERs normally reachable via W
are not protected now that W also fails. Similarly, if you use W's
FRR BIFT then those BFERs normally reachable via X are not protected
now that X also fails.

That's why a single BIFT should be used for both normal and FRR forwarding,
just like in unicast case.

   The number of entries in a FRR BIFT is the number of BFERs.  Each FRR
   BIFT on a BFR can be compressed through combining all the entries
   with the same BFR-BNR and F-BM into one entry.  The number of entries
   in a compressed FRR BIFT is the number of neighbors of the BFR minus
   one.

   For example, the compressed FRR-BIFT for BFR C on BFR B is shown in
   Figure 7.  The number of entries in it is three, which equals the
   number (four) of neighbors of BFR B minus one.

                 +----------------+---------+------------+
                 |     BFR-id     |  F-BM   |  BFR-NBR   |
                 | (SI:BitString) |         | (Next Hop) |
                 +================+=========+============+
                 | 1, 4 (0:01001) |  01001  |     G      |
                 +----------------+---------+------------+
                 | 2, 3 (0:00110) |  00110  |     E      |
                 +----------------+---------+------------+
                 |  5 (0:10000)   |  10000  |     A      |
                 +----------------+---------+------------+

             Figure 7: Compressed FRR BIFT for BFR C on BFR B

   For a BIER packet with a BFR-ID as a destination, the entry
   containing the BFR-ID is used to forward the packet.

Not sure of the benefit of compression here. It makes the lookup more
complicated. If the memory consumption is a concern, just get rid of
per-nbr FRR-BIT and use a single one. Additionally, the F-BM and BFR-NBR
information can be considered forwarding information that can be pointed
at by multiple BIFT entries, so the above compression does not really
give you much savings.

   Once BFR B detects the failure of its BFR-NBR X, after receiving the
   packet from BFR A, BFR B copies, updates and sends the packet using
   the FRR-BIFT for X on BFR B to avoid X and link from B to X according
   to the forwarding procedure defined in [RFC8279].

   For example, once BFR B detects the failure of its BFR-NBR C, after
   receiving the packet from BFR A, BFR B copies, updates and sends the
   packet to BFR G and BFR E using the FRR-BIFT for BFR C on BFR B to
   avoid C and link from B to C.

See earlier comments about failure of multiple neighbors (who do not
use each other for backup). Using a per-nbr FRR BIFT not only is
unnecessary, but also has problems.

A better way is to simply have a single BIFT for both normal and FRR
forwarding. Each entry has some ECMP and/or primary/backup branches,
and you simply use another ECMP branch or a backup branch when the
normally used branch fails. A backup branch can go through completely
different nbr, or go through the same neighbor but via a tunnel.

Jeffrey

Juniper Business Use Only

_______________________________________________
BIER mailing list
BIER@ietf.org<mailto:BIER@ietf.org>
https://www.ietf.org/mailman/listinfo/bier<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/bier__;!!NEt6yMaO-gk!QMDiuqPpXZqvp0RA8a_krtepgZAqnFF88J0KqRP3vSZnlog-_Rp029nK3fR7rQ2j$>


Juniper Business Use Only

v2.23.0 | Report a Bug | By Email