Re: [Bier] Warren Kumari's Discuss on draft-ietf-bier-mpls-encapsulation-10: (with DISCUSS and COMMENT)
Antoni Przygienda <prz@juniper.net> Tue, 24 October 2017 21:29 UTC
Return-Path: <prz@juniper.net>
X-Original-To: bier@ietfa.amsl.com
Delivered-To: bier@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FAA8138467; Tue, 24 Oct 2017 14:29:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.02
X-Spam-Level:
X-Spam-Status: No, score=-2.02 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lgHznbLqTt1b; Tue, 24 Oct 2017 14:29:19 -0700 (PDT)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0092.outbound.protection.outlook.com [104.47.40.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E531813A5D2; Tue, 24 Oct 2017 14:29:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=OzfRoPLbIdNKQ/heKQImsZD8v7KbquIaU4rpQv1+IN4=; b=L1855HlEVy0e8vvp3mMAtdf1nXfxaqDTgJZmBw1PDlfY2jiCO0HZhVUo8vKitUbwWy3zY2oySN9+YHGvkqGQMDfFREgpan2hHLdtJikSKO78wTvVZJ2T1Doo/IMjKBtPjbZ61sckML/hZXxEw+Mi+yKK/bp/jeDAYSdkIcEy8Jk=
Received: from BY1PR0501MB1431.namprd05.prod.outlook.com (10.160.107.153) by BY1PR0501MB1429.namprd05.prod.outlook.com (10.160.107.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.5; Tue, 24 Oct 2017 21:29:17 +0000
Received: from BY1PR0501MB1431.namprd05.prod.outlook.com ([fe80::fd3d:e7be:e284:edc7]) by BY1PR0501MB1431.namprd05.prod.outlook.com ([fe80::fd3d:e7be:e284:edc7%16]) with mapi id 15.20.0077.021; Tue, 24 Oct 2017 21:29:17 +0000
From: Antoni Przygienda <prz@juniper.net>
To: Warren Kumari <warren@kumari.net>, The IESG <iesg@ietf.org>
CC: "draft-ietf-bier-mpls-encapsulation@ietf.org" <draft-ietf-bier-mpls-encapsulation@ietf.org>, Tony Przygienda <tonysietf@gmail.com>, "bier-chairs@ietf.org" <bier-chairs@ietf.org>, "bier@ietf.org" <bier@ietf.org>
Thread-Topic: Warren Kumari's Discuss on draft-ietf-bier-mpls-encapsulation-10: (with DISCUSS and COMMENT)
Thread-Index: AQHTTP4ATabnIPb5bkek9FT39Ve0qaLzDvWA
Date: Tue, 24 Oct 2017 21:29:17 +0000
Message-ID: <7928EB78-A059-44A5-9A93-C1F4EFD0C741@juniper.net>
References: <150887319033.25139.9928235423768492264.idtracker@ietfa.amsl.com>
In-Reply-To: <150887319033.25139.9928235423768492264.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.11]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BY1PR0501MB1429; 6:+HvWQJDNuWKpiQi0Icm+z7UPyIx4qr3aa/NYwZCogqOPazVJnpb2IAa3R5YRRA+iA4qi5Y/EE63eXi4Up65d3HAw84h0llG8d22zz+NUmKjsHNd4c5fBiFYzmZmJdnX2Hj8j/81ztGARyU/ay4JvFzIEfMVO0XlBAApoJ7zOYgFzaRu3VtmohTmvguL3fmgivr7R+FEODsLaW4MgcPNWz4CHduLr8v2d6Nrs7urN1aI/vya95DOTivQHobE6BZaMpoIxEY0ZYDd3zFfDOP15x+F7Bpa+0y79Ck4kgfTtuP8yZJE7+ZuSXnkHvUw65BbIZLc7/DRZFFBBGeuToGHN6Q==; 5:XqYkcybxLIYspgelnpmioVBD4zT/beELNzq4V8K3b0esSnfXp/rsN4hm8WYzNJCW8iBgX8ixHjcG21I9FHUs5Yj9YR3wxC/CeUu+FSWOEVRydj8l68TQ4rIbVayGstXvZ7EgMEIPgzX/ecdB+d0J/w==; 24:3XaBmrEP238PiuPO9RRKov4A79/EyulgG9Yj3mWvG45zZXNm/HaNHI0237M0ZpZQxKIQ/tBaX7DkrywEt7/6Rcl9q3U6ps17iSOct3CisQE=; 7:Csy/U1UjUi1xBqFI9DxyzUbj6+q687IGPhs6lZDNOwjdXYYwK04n0wzsi0+Toaz0EQs+CgTL/f1XSZ0th6mCNQlxeGiSQt09rsVKfuzvAgaYTw7JQKCpMxc3HT949sUMCv2y8mVlk8n/ItIupeA9386wj0VRfsR1gp4ms0qledgpnZj89LBdoBwlPV7XfXFOdMCRlx4zapfZ5EeVhiTi8Ww117GVAjjCFdX3sBKxxYk=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 064bca4d-63b5-44ba-9bd4-08d51b264814
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627075)(201703031133081)(201702281549075)(48565401081)(2017052603232); SRVR:BY1PR0501MB1429;
x-ms-traffictypediagnostic: BY1PR0501MB1429:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=prz@juniper.net;
x-exchange-antispam-report-test: UriScan:(10436049006162)(211171220733660);
x-microsoft-antispam-prvs: <BY1PR0501MB14296510A728B4DE8F9E64B9AC470@BY1PR0501MB1429.namprd05.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(3231020)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041248)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BY1PR0501MB1429; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BY1PR0501MB1429;
x-forefront-prvs: 047001DADA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(376002)(346002)(39860400002)(199003)(51444003)(189002)(53936002)(6246003)(54356999)(6512007)(83506002)(189998001)(316002)(83716003)(76176999)(305945005)(50986999)(106356001)(230783001)(39060400002)(68736007)(82746002)(5250100002)(7736002)(101416001)(86362001)(6116002)(3846002)(4326008)(2950100002)(575784001)(6436002)(8676002)(102836003)(105586002)(25786009)(81156014)(36756003)(229853002)(2900100001)(5660300001)(6506006)(99286003)(478600001)(33656002)(6486002)(6306002)(14454004)(2906002)(81166006)(66066001)(966005)(54906003)(97736004)(110136005)(58126008)(3280700002)(8936002)(3660700001)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR0501MB1429; H:BY1PR0501MB1431.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <1949D19749B87E45B5641765D6BB56D5@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Oct 2017 21:29:17.4029 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR0501MB1429
Archived-At: <https://mailarchive.ietf.org/arch/msg/bier/q1Ulw8dqKT75cgBu5eiyraMstQQ>
Subject: Re: [Bier] Warren Kumari's Discuss on draft-ietf-bier-mpls-encapsulation-10: (with DISCUSS and COMMENT)
X-BeenThere: bier@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "\"Bit Indexed Explicit Replication discussion list\"" <bier.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bier>, <mailto:bier-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bier/>
List-Post: <mailto:bier@ietf.org>
List-Help: <mailto:bier-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bier>, <mailto:bier-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Oct 2017 21:29:21 -0000
Warren, as first, maybe obvious, remark, that discussion goes to a long-standing tradition started probably (at least in my time) with RFC1812. Then my further observations A) First, I agree that if the text reads as in “don’t bother to implement anything” this is not the intention and could benefit from clarification that implementation has carefully to take into consideration what action is appropriate. B) Having said that, there is no single “correct” thing to do in such cases depending on device class. A small router/edge device may send something every time up to core case where sending anything (even rate limited and so on) may be a very bad thing indeed if you provide a DDoS attack vector or disclose topology information to probes crafting such packets. If the probes spoof source addresses, all interesting bets are off on top. C) Providing “implementation guidelines” is often missing the mark in RFCs, e.g. something along the lines of “rate-limiting” is very hard test for compliance (what if I implement something that does 1 packet per millennium ;-). Implementations have many interesting ways to deal with reality of deployments that RFCs often miss or with the best of all intentions, due to implementation recommendations, ultimately prevent. D) Last, I would venture that this problem is very similar to MPLS and other technologies that deal with TTL expiry. It would be ideal to be able to point to this in this draft (did encapsulation design team say anything about it ?) and in lack thereof, putting a section into specific draft on this specific technology may contradict future BCPs so I doubt it’s the best course of action. --- tony <warren@kumari.net> spake: Warren Kumari has entered the following ballot position for draft-ietf-bier-mpls-encapsulation-10: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_iesg_statement_discuss-2Dcriteria.html&d=DwICaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=maKXfKzgRTpiLitqHnJiww&m=mf-x4KG0t9mPX-igM3lPJltKtGywYxZUTfLk_LTBtNQ&s=Yl13BwXoIgA2gXQ-3LzBGlh51RrMyHo62YdO-5_TOP4&e= for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dietf-2Dbier-2Dmpls-2Dencapsulation_&d=DwICaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=maKXfKzgRTpiLitqHnJiww&m=mf-x4KG0t9mPX-igM3lPJltKtGywYxZUTfLk_LTBtNQ&s=7Ov3tO5ZGxAox2fREULt6vKvBwghazrqc9fNRrmttTM&e= ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I believe that there needs to be better guidance of what to do when the TTL expires (and want to thank Al (OpsDir) for noticing this): "Of course, if the incoming TTL is 1, the packet MUST be treated as a packet whose TTL has been exceeded. The packet MUST NOT be forwarded, but it MAY be passed to other layers for processing (e.g., to cause an ICMP message to be generated, and/or to invoke BIER-specific traceroute procedures, and/or to invoke other OAM procedures.)" I have read the response to the OpsDir review (https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mail-2Darchive_web_ops-2Ddir_current_msg02897.html&d=DwICaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=maKXfKzgRTpiLitqHnJiww&m=mf-x4KG0t9mPX-igM3lPJltKtGywYxZUTfLk_LTBtNQ&s=GHIWqhG0uccbkCzUgMbMGQfvm45BB_MT2bDA0aQD8Qg&e=) -- I fully agree that mandating a response to every packet would be bad, but I think that "it MAY be passed to other layers for processing" is too weak. I think SHOULD would be fine, or, even better, something about "SHOULD, with optional implementation specific rate-limiting" or something. The current text makes it sound like it's perfectly fine to just not bother implementing any sort of reporting / response handing after dropping the packet. I think that this should be an easy fix and not hold up the document (much or at all) ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I like the document (with Mirja's MTU issue resolution) - I went through trying to find nit's to improve it, but came up dry!
- [Bier] Warren Kumari's Discuss on draft-ietf-bier… Warren Kumari
- Re: [Bier] Warren Kumari's Discuss on draft-ietf-… Antoni Przygienda