IETF Logo Mail Archive

[Bier] Comments on draft-chen-bier-egress-protect

"Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net> Fri, 13 November 2020 13:52 UTC

Return-Path: <zzhang@juniper.net>
X-Original-To: bier@ietfa.amsl.com
Delivered-To: bier@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 456523A0A34; Fri, 13 Nov 2020 05:52:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=Q3NFMgGU; dkim=pass (1024-bit key) header.d=juniper.net header.b=IDbINhI/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QBlS4kQA27pT; Fri, 13 Nov 2020 05:52:41 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CD543A0A2E; Fri, 13 Nov 2020 05:52:38 -0800 (PST)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 0ADDh9v5000775; Fri, 13 Nov 2020 05:52:37 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : content-type : mime-version; s=PPS1017; bh=7QLU/nhCzPpd7tx8soIsrcvJ1jL6GdLIXW3UhoZTw5s=; b=Q3NFMgGUzLhsLh+84TDxhY5XFXPj/Sqa/W8nVHN6PZM4Z02EvuPoIrsbpcELbhEONnzM uc019NCLPp0zRDZOEBiSRCfsbKtc79MVlQzFEZsYhQkwfLuN5OKpNLfF/IV3t0EIQS7P NqP50r7hOMRmrYXMLpDmxUZuv8+jXSRDV5hQE7Jmns/IQTBJH/MltqCXC2vuBHszexye /Gl5b4lNr4N9J+k6UtC2l3oxLWOuybPH3eg9b9cBqrvhn27qPI9eP86ACvs3AzsnhC5n YjSGJTmzPdER6HBSvKRozmWH/lOEF2tc4TKnK/pbayRH4ybXdY5KzIiswzmzAHotx063 hQ==
Received: from nam10-bn7-obe.outbound.protection.outlook.com (mail-bn7nam10lp2109.outbound.protection.outlook.com [104.47.70.109]) by mx0b-00273201.pphosted.com with ESMTP id 34s1dhjpqd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 13 Nov 2020 05:52:37 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Lgd+wkV1eEy3F9u9uU5j19bSoZB47XcXv3pNrRo1IuCfjYKpXf5FVQd5Ik0DHPk9OCJLg1gJ6LiF6HwxhkevZPIEauAYaPPqCJ64FzBJP9tBtMKXOtFvkMN0KUDhWlCKxBFv3sckzwVyhoDOg3nJcWu+o/qQ/Y/dSKMzqPZvLGZsP2jeRYmyzfFZdEaxHL0g0R5GyTm3jgIvI7Wc4yyK2/cmIZuZPg1qSxyQDq3RZRXKaVJLSUpqsXX04t19T5+4CPLBYDqVc/g5hnTzX+5nBMLBLUM7cbUk6LIzU7+krnOi6VZWQjp3jaojeP8udOnLUd6LVn2tRZpmuAWzN0nuVQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7QLU/nhCzPpd7tx8soIsrcvJ1jL6GdLIXW3UhoZTw5s=; b=UR8Wppz9q/dbdnIen1o9YUvBU/nxCRTkGhmZjVnd8Oibe7vMEZ91Pp2rK3YdIKgU6MtS2Z/ClDA/eacXWnV2qi1c8gj39YO0NS+HHz4U+8fq9w4PcHOrQGDO9AdoVT8sDGtjcY3t6avaiDw7I7aJnzroM23aiuQhFiy5qO1e1x45Vt2rl2QBqcEO29VVrcu19kOyRcajsd5YJJUNT+MEQlyCAGZLNLWD9cIsxcm8WHH+ZHiwBjTPwNAHlhYIhZSiUYnDpayZ91EahbeJ7H45ki0jyvgZClHBI+BblIIf3enOw/pSSJx/A/zkHqjjYgs+aRXdERcL2k0tgvGt18TcsA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7QLU/nhCzPpd7tx8soIsrcvJ1jL6GdLIXW3UhoZTw5s=; b=IDbINhI/2FFTkyIG6H8rS2qS8TTJUVsAzsVH8zqMazrp+U2vEZL8op+3B+XV2dwrQRxh6O/Lu0JzvKokNl5uGqVsUaFpvYcRhJYqOyiL7h/41QjD2JZLRao+QZxEp+rjCvAP1c6RHjZIP8+eJcWqYy1OTWeMVb2mZZhNknwSEwE=
Received: from BN8PR05MB5970.namprd05.prod.outlook.com (2603:10b6:408:61::32) by BN8PR05MB6211.namprd05.prod.outlook.com (2603:10b6:408:44::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3564.14; Fri, 13 Nov 2020 13:52:34 +0000
Received: from BN8PR05MB5970.namprd05.prod.outlook.com ([fe80::6cf8:9033:653b:93b3]) by BN8PR05MB5970.namprd05.prod.outlook.com ([fe80::6cf8:9033:653b:93b3%7]) with mapi id 15.20.3564.021; Fri, 13 Nov 2020 13:52:34 +0000
From: "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>
To: "bier@ietf.org" <bier@ietf.org>, "draft-chen-bier-egress-protect@ietf.org" <draft-chen-bier-egress-protect@ietf.org>
Thread-Topic: Comments on draft-chen-bier-egress-protect
Thread-Index: Ada5vvMvFeacYzjXQ6aWuJUER57Juw==
Date: Fri, 13 Nov 2020 13:52:34 +0000
Message-ID: <BN8PR05MB597033A86ABD95CB10357BDFD4E60@BN8PR05MB5970.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.5.0.60
dlp-reaction: no-action
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=0e9d712d-7ae5-4565-b32d-6ab049d0216a; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=0; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=0633b888-ae0d-4341-a75f-06e04137d755; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2020-11-13T13:14:25Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4;
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.241.13]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: aa9df0c2-ca34-41f0-82ca-08d887db5fc6
x-ms-traffictypediagnostic: BN8PR05MB6211:
x-microsoft-antispam-prvs: <BN8PR05MB62116D3D70A0206B3405255BD4E60@BN8PR05MB6211.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: akS44SDm60/mlx65/vTJogtBT204ITcaUxsfygOENi2OUrw9r/MgWyLPUthAir/aSctlS5bJem0R/ctNrgEZXRZNrDZIHwZeTksagS5kiMAJPkQVwCgvmXoCt41NdSWnHHk5x6XPy9W3DkV83h/Ai57pVxVYhYcXHZlRTzexjMAiU7+lqnp4+UJta5QfxejIq39BNrKJnXcIFprbsY3tvfLRkuqmGb3fVIvB4q+bce9YD2T/ZAdQKbRksBJ1hrUPrjAdH5IQfSRtd7aJKZ8pU7tD5lS1vURBGXQ5AJJCsbhC1FVXOLQjknOagZbmiQOPglZRyZRSvKD0vXkf3/qbFg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN8PR05MB5970.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(39860400002)(366004)(376002)(396003)(346002)(9686003)(110136005)(26005)(450100002)(316002)(71200400001)(86362001)(83380400001)(2906002)(33656002)(8936002)(8676002)(66476007)(55016002)(6506007)(64756008)(30864003)(66556008)(66446008)(76116006)(186003)(52536014)(5660300002)(478600001)(7696005)(66946007)(966005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: +KE+JyumVOtx0AJLiPmYqVvtpI9y9c8YqCr4Bqrr1/5w08/3uqtL7P96JSs+jjqHmJPt3Y9NgsylinEwVxdoHKhoRtE9ggG/CBwh9J2Vn3kXY6A0fsX+GnowstiVmahR8wfZr4tvjp2GecX5afC/LpxXZ98jkBAuDoilHwCM3Q0305Q2ly3+MoarqIIxJuiRtETkQFIpSzf1oslMonjlZ8j1qgBchTmhI2bgtBNNpk5As7Ogi2KWDXte85JQYC0k7UpRvCGQCpR7767zbXr9kePUaCkP1muG8bZxaziagcwDTb5zgzFt7ixGIkoH7QqHI1r/jDF/CXQ97EJATx0H4OL1x8O3US4mUgsuV+I3wvi/KSdPXqou+w7h3vW1OxKWwTSXYAWBfalYn7pqUUJb4Zf4gHARZaOLPyvDNJMFa8XS3qhWAEsHX/C+R8m0JCw7TCSeEvizZ1E1Fm4GJQ+Kn6MHc6ixJ2SX/L9j/yJxG7K1D3LYYF+Oq68N+KWY4t+pqs51X+olBT1conFg2KESrk4MulKye62zY4FyHardRMjG6MqfKB8zjVxcUFaM0jezz4pV20q+Ov20H59/M68iOjz1LX9zAexnIPsrvXifjtuczZcf6siPpbPQFZ2ZDtMMN5ab4EnEfSJrjbMFcDXeQA==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN8PR05MB597033A86ABD95CB10357BDFD4E60BN8PR05MB5970namp_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN8PR05MB5970.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: aa9df0c2-ca34-41f0-82ca-08d887db5fc6
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Nov 2020 13:52:34.5329 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: rhK5b54rZjAtf7ZgJ75260u8sxWBbExUYTPQIz0+c5iF99bX8VeSZ5z9YP7Qx/+EemYOBYTVhrYBSt2f+Dl4DA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR05MB6211
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-11-13_10:2020-11-13, 2020-11-13 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 lowpriorityscore=0 clxscore=1011 bulkscore=0 phishscore=0 spamscore=0 mlxscore=0 impostorscore=0 priorityscore=1501 mlxlogscore=571 suspectscore=0 adultscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2011130085
Archived-At: <https://mailarchive.ietf.org/arch/msg/bier/0AJHFePWirXnVUXKCYg3FD2LrwM>
Subject: [Bier] Comments on draft-chen-bier-egress-protect
X-BeenThere: bier@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "\"Bit Indexed Explicit Replication discussion list\"" <bier.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bier>, <mailto:bier-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bier/>
List-Post: <mailto:bier@ietf.org>
List-Help: <mailto:bier-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bier>, <mailto:bier-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Nov 2020 13:52:43 -0000

Hi,

Similar to my comments about draft-chen-bier-frr, you don't need a separate EP-BIFT. But that's not my main concern.

Consider the following situation:

     BFIR1  ----- BFR  ------ BFER1  ----- ce1
            \                             /
             ---------------------- BFER2
                                          \
                                           ce2

Both ce1 and ce2 receive traffic from BFER1 and BFER2 respectively in normal conditions, and BFIR1 sets two bits in the bitstring. Now if BFER1 fails and the BFR flips on BFER2's bit for in-flight packets targeted at BFER1, ce2 will receive duplicates.

While one can argue that the targeted scenario does not have ce2, BIER egress protection design should not be based on that. There are two problems to solve at different layers.

At the overlay, BFER2 should not deliver to ce2 the traffic that is supposed to be via BFER1. This applies to both BIER and other transport means (e.g. p2mp tunnels).

To facilitate that, the transport must make sure that BFER2 knows the FRR'ed traffic was supposed to be via BFER1. In BIER case, the bit for BFER1 must not be flipped to the BFER2 bit.

The BIER tethering solution https://datatracker.ietf.org/doc/draft-ietf-bier-tether/ can be easily extended to solve the second problem. BFER2 can signal that it is the helper for BFER1 (but only for egress protection). This can be done by adding an Egress Protection sub-sub-tlv to the "BIER Helped Node" sub-tlv defined in the tethering draft.

Then, upon failure the BFR will tunnel in-flight packets to BFER2. When BFER2 gets the packet, it sees the BFER1 bit, notices BFER1 is unreachable and it is the helper node so it will send the packet to overlay for proper forwarding.

Jeffrey




  Juniper Business Use Only

v2.23.0 | Report a Bug | By Email