Chair review of draft-ietf-ccamp-lsp-stitching-04.txt
"Adrian Farrel" <adrian@olddog.co.uk> Wed, 31 January 2007 23:20 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HCOkG-0002p9-TI for ccamp-archive@ietf.org; Wed, 31 Jan 2007 18:20:04 -0500
Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HCOk9-00021B-9G for ccamp-archive@ietf.org; Wed, 31 Jan 2007 18:20:04 -0500
Received: from majordom by psg.com with local (Exim 4.63 (FreeBSD)) (envelope-from <owner-ccamp@ops.ietf.org>) id 1HCOU5-000D5z-Fx for ccamp-data@psg.com; Wed, 31 Jan 2007 23:03:21 +0000
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on psg.com
X-Spam-Level:
X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO autolearn=ham version=3.1.7
Received: from [80.68.34.49] (helo=mail2.noc.data.net.uk) by psg.com with esmtp (Exim 4.63 (FreeBSD)) (envelope-from <adrian@olddog.co.uk>) id 1HCOU1-000D5N-TX for ccamp@ops.ietf.org; Wed, 31 Jan 2007 23:03:20 +0000
Received: from 57-99.dsl.data.net.uk ([80.68.57.99] helo=cortex.aria-networks.com) by mail2.noc.data.net.uk with esmtp (Exim 3.36 #1) id 1HCOTu-0002l1-00 for ccamp@ops.ietf.org; Wed, 31 Jan 2007 23:03:10 +0000
Received: from your029b8cecfe ([217.158.132.108] RDNS failed) by cortex.aria-networks.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 31 Jan 2007 23:03:12 +0000
Message-ID: <070701c7458b$f68a06c0$76849ed9@your029b8cecfe>
Reply-To: Adrian Farrel <adrian@olddog.co.uk>
From: Adrian Farrel <adrian@olddog.co.uk>
To: ccamp@ops.ietf.org
Cc: 'Kireeti Kompella' <kireeti@juniper.net>, Arthi Ayyangar <arthi@nuovasystems.com>, 'Jean Philippe Vasseur' <jvasseur@cisco.com>
Subject: Chair review of draft-ietf-ccamp-lsp-stitching-04.txt
Date: Wed, 31 Jan 2007 23:02:44 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-OriginalArrivalTime: 31 Jan 2007 23:03:13.0476 (UTC) FILETIME=[FC0BF040:01C7458B]
Sender: owner-ccamp@ops.ietf.org
Precedence: bulk
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 9af087f15dbdd4c64ae6bbcdbc5b1d44
Hi,
As promised, I have done a review of this I-D to help the authors prepare it
for WG last call. In my opinion, the draft is in pretty good shape, but
there are a few minor issues.
If the authors can submit a new version to address these comments, we can
take the I-D forward.
Thanks,
Adrian
===
idnits generates the following comments
* There are 96 instances of too long lines in the document, the longest
one being 1 character in excess of 72.
Checking nits according to http://www.ietf.org/ietf/1id-guidelines.txt:
- It seems as if not all pages are separated by form feeds - found 0 form
feeds but 22 pages
===
The boilerplate will need to be updated for the new IETF Trust language.
===
Abstract.
First paragraph is a good introduction.
Second paragraph is fine and OK.
But the Abstract also needs to say what the document is about!
I suggest the addition of a new 2nd paragraph as follows...
This document describes extensions to the existing GMPLS signaling
protocol (RSVP-TE) to establish e2e LSPs from S-LSPs, and describes
how the LSPs can be managed using the GMPLS signaling and routing
protocols.
===
Acronyms
Acronyms need to be expanded on their first use in the body of the document
regardless of whether they appear in the document title or in the Abstract.
I found...
LSP
GMPLS
P2MP
RRO
===
Introduction
The Introduction section is pretty lumpy. It seems to spend most of its time
talking about hierarchical LSPs, and only defines stitching in the final
paragraph.
I suggest some re-ordering and a little editing as follows:
New Section 1
A stitched Generalized Multiprotocol Label Switching (GMPLS) Traffic
Engineering (TE) Label Switched Path (LSP) is built from a set of
different LSP segments (S-LSPs) that are connected together in the
data plane in such a way that a single end-to-end LSP is realized in
the data plane. In this document, we define the concept of LSP
stitching and detail the control plane mechanisms and procedures
(routing and signaling) to accomplish this. Where applicable,
similarities and differences between LSP hierarchy [2] and LSP
stitching are highlighted. Signaling extensions required for LSP
stitching are also described here.
It may be possible to configure a GMPLS node to switch the traffic
from an LSP for which it is the egress, to another LSP for which it
is the ingress, without requiring any signaling or routing extensions
whatsoever, and such that the operation is completely transparent to
other nodes. This results in LSP stitching in the data plane, but
requires management intervention at the node where the stitching is
performed. With the mechanism described in this document, the node
performing the stitching does not require configuration of the pair
of S-LSPs to be stitched together. Also, LSP stitching as defined
here results in an end-to-end LSP both in the control and data
planes.
Move the following paragraphs (unchanged) from Section 1 to the top of
Section 2.
LSP hierarchy ([2]) provides signaling and routing procedures so
that:
a. A Hierarchical LSP (H-LSP) can be created. Such an LSP created
in one layer can appear as a data link to LSPs in higher layers.
As such, one or more LSPs in a higher layer can traverse this
H-LSP as a single hop; we call this "nesting".
b. An H-LSP may be managed and advertised (although this is not a
requirement) as a Traffic Engineering (TE) link. Advertising an
H-LSP as a TE link allows other nodes in the TE domain in which
it is advertised to use this H-LSP in path computation. If the
H-LSP TE link is advertised in the same instance of control plane
(TE domain) in which the H-LSP was provisioned, it is then
defined as a forwarding adjacency LSP (FA-LSP) and GMPLS nodes
can form a forwarding adjacency (FA) over this FA-LSP. There is
usually no routing adjacency between end points of an FA. An
H-LSP may also be advertised as a TE link in a different TE
domain. In this case, the end points of the H-LSP are required
have a routing adjacency between them.
c. RSVP signaling for LSP setup can occur between nodes that do not
have a routing adjacency.
===
Section 3.2
It might be useful to include a reference to RFC4726 to give some context
for inter-domain uses of stitching.
===
Security considerations
I don't think we will get away with what is currently written :-(
The killer is:
Mechanisms described in [6] should be
re-examined and may need to be altered to define new security
associations based on receiver's IP address instead of the sending
and receiving interfaces.
I think that if you say that the re-examination is needed, you must do it.
You need to satisfy yourself as to whether any changes (beyond those
expressed in RFC4206) are needed.
My view is that you should be able to echo the text of RFC4206 without
needing anything further. This is because the relationship between the
end-points of the S-LSP is the same as that between the end points of the
H-LSP in RFC4206. The precedent for remote signaling adjacencies has already
been established, and you are not defining anything new.
===
IANA considerations
It would be helpful to name the sub-registries to help IANA get these
allocations right.
In section 7.1 the registry is "RSVP TE Parameters" (not the registry quoted
in section 7) and the sub-registry is "Attributes Flags"
In section 7.2 the registry is "Resource ReSerVation Protocol (RSVP)
Parameters" and the sub-registry is "Error Codes and Globally-Defined Error
Value Sub-Codes"
It is also helpful to supply the precise text you would like added to the
registry.
For section 7.1:
Path Resv RRO
Bit Name message message sub-object
Reference
---- ------------------------------- -------- -------- ---------- ---------
5 LSP stitching desired bit Yes No Yes [This
doc]
For section 7.2:
24 Routing Problem [RFC3209]
23 = Stitching unsupported [This doc]
===
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 31 Jan 2007 23:06:10 +0000
Message-ID: <070701c7458b$f68a06c0$76849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Cc: "'Kireeti Kompella'" <kireeti@juniper.net>, "Arthi Ayyangar" <arthi@nuovasystems.com>, "'Jean Philippe Vasseur'" <jvasseur@cisco.com>
Subject: Chair review of draft-ietf-ccamp-lsp-stitching-04.txt
Date: Wed, 31 Jan 2007 23:02:44 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi,
As promised, I have done a review of this I-D to help the authors prepare it
for WG last call. In my opinion, the draft is in pretty good shape, but
there are a few minor issues.
If the authors can submit a new version to address these comments, we can
take the I-D forward.
Thanks,
Adrian
===
idnits generates the following comments
* There are 96 instances of too long lines in the document, the longest
one being 1 character in excess of 72.
Checking nits according to http://www.ietf.org/ietf/1id-guidelines.txt:
- It seems as if not all pages are separated by form feeds - found 0 form
feeds but 22 pages
===
The boilerplate will need to be updated for the new IETF Trust language.
===
Abstract.
First paragraph is a good introduction.
Second paragraph is fine and OK.
But the Abstract also needs to say what the document is about!
I suggest the addition of a new 2nd paragraph as follows...
This document describes extensions to the existing GMPLS signaling
protocol (RSVP-TE) to establish e2e LSPs from S-LSPs, and describes
how the LSPs can be managed using the GMPLS signaling and routing
protocols.
===
Acronyms
Acronyms need to be expanded on their first use in the body of the document
regardless of whether they appear in the document title or in the Abstract.
I found...
LSP
GMPLS
P2MP
RRO
===
Introduction
The Introduction section is pretty lumpy. It seems to spend most of its time
talking about hierarchical LSPs, and only defines stitching in the final
paragraph.
I suggest some re-ordering and a little editing as follows:
New Section 1
A stitched Generalized Multiprotocol Label Switching (GMPLS) Traffic
Engineering (TE) Label Switched Path (LSP) is built from a set of
different LSP segments (S-LSPs) that are connected together in the
data plane in such a way that a single end-to-end LSP is realized in
the data plane. In this document, we define the concept of LSP
stitching and detail the control plane mechanisms and procedures
(routing and signaling) to accomplish this. Where applicable,
similarities and differences between LSP hierarchy [2] and LSP
stitching are highlighted. Signaling extensions required for LSP
stitching are also described here.
It may be possible to configure a GMPLS node to switch the traffic
from an LSP for which it is the egress, to another LSP for which it
is the ingress, without requiring any signaling or routing extensions
whatsoever, and such that the operation is completely transparent to
other nodes. This results in LSP stitching in the data plane, but
requires management intervention at the node where the stitching is
performed. With the mechanism described in this document, the node
performing the stitching does not require configuration of the pair
of S-LSPs to be stitched together. Also, LSP stitching as defined
here results in an end-to-end LSP both in the control and data
planes.
Move the following paragraphs (unchanged) from Section 1 to the top of
Section 2.
LSP hierarchy ([2]) provides signaling and routing procedures so
that:
a. A Hierarchical LSP (H-LSP) can be created. Such an LSP created
in one layer can appear as a data link to LSPs in higher layers.
As such, one or more LSPs in a higher layer can traverse this
H-LSP as a single hop; we call this "nesting".
b. An H-LSP may be managed and advertised (although this is not a
requirement) as a Traffic Engineering (TE) link. Advertising an
H-LSP as a TE link allows other nodes in the TE domain in which
it is advertised to use this H-LSP in path computation. If the
H-LSP TE link is advertised in the same instance of control plane
(TE domain) in which the H-LSP was provisioned, it is then
defined as a forwarding adjacency LSP (FA-LSP) and GMPLS nodes
can form a forwarding adjacency (FA) over this FA-LSP. There is
usually no routing adjacency between end points of an FA. An
H-LSP may also be advertised as a TE link in a different TE
domain. In this case, the end points of the H-LSP are required
have a routing adjacency between them.
c. RSVP signaling for LSP setup can occur between nodes that do not
have a routing adjacency.
===
Section 3.2
It might be useful to include a reference to RFC4726 to give some context
for inter-domain uses of stitching.
===
Security considerations
I don't think we will get away with what is currently written :-(
The killer is:
Mechanisms described in [6] should be
re-examined and may need to be altered to define new security
associations based on receiver's IP address instead of the sending
and receiving interfaces.
I think that if you say that the re-examination is needed, you must do it.
You need to satisfy yourself as to whether any changes (beyond those
expressed in RFC4206) are needed.
My view is that you should be able to echo the text of RFC4206 without
needing anything further. This is because the relationship between the
end-points of the S-LSP is the same as that between the end points of the
H-LSP in RFC4206. The precedent for remote signaling adjacencies has already
been established, and you are not defining anything new.
===
IANA considerations
It would be helpful to name the sub-registries to help IANA get these
allocations right.
In section 7.1 the registry is "RSVP TE Parameters" (not the registry quoted
in section 7) and the sub-registry is "Attributes Flags"
In section 7.2 the registry is "Resource ReSerVation Protocol (RSVP)
Parameters" and the sub-registry is "Error Codes and Globally-Defined Error
Value Sub-Codes"
It is also helpful to supply the precise text you would like added to the
registry.
For section 7.1:
Path Resv RRO
Bit Name message message sub-object
Reference
---- ------------------------------- -------- -------- ---------- ---------
5 LSP stitching desired bit Yes No Yes [This
doc]
For section 7.2:
24 Routing Problem [RFC3209]
23 = Stitching unsupported [This doc]
===
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 31 Jan 2007 03:40:11 +0000
Date: Wed, 31 Jan 2007 11:38:27 +0800
From: Zhang Renhai <zhangrenhai@huawei.com>
Subject: A New Internet-Draft on Advertising of inter-AS TE links
To: ccamp@ops.ietf.org, pce@ietf.org
Message-id: <016301c744e9$453a5cf0$790c6f0a@china.huawei.com>
MIME-version: 1.0
Content-type: text/plain; charset=gb2312
Content-transfer-encoding: 7BIT
Hi, allWe have just submitted the following draft in which we describe some problemsin inter-AS TE scenarios and the corresponding OSPF extension is introduced.PCE environment is also considerd in this I-d so I'd also like pce working groupto pay attention to it.we'd highly appreciate your comments.Thanks a lot,Zhang Renhai & Mach A New Internet-Draft is available from the on-line Internet-Drafts
directories.
Title : OSPF Extensions in Support of Inter-AS (G)MPLS TE
Author(s) : M. Chen, R. Zhang
Filename : draft-chen-ccamp-ospf-interas-te-extension-00.txt
Pages : 9
Date : 2007-1-30
This document describes extensions to the OSPF to support inter-AS
Traffic engineering (TE). It defines OSPF extensions for the flooding
of inter-AS links information which can be used to perform inter-AS
path computation.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-chen-ccamp-ospf-interas-te-extension-00.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request at ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-chen-ccamp-ospf-interas-te-extension-00.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv at ietf.org.
In the body type:
"FILE /internet-drafts/draft-chen-ccamp-ospf-interas-te-extension-00.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ftp.ietf.org/internet-drafts/draft-chen-ccamp-ospf-interas-te-extension-00.txt>
_______________________________________________
I-D-Announce mailing list
I-D-Announce at ietf.org
https://www1.ietf.org/mailman/listinfo/i-d-announce
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 31 Jan 2007 01:32:42 +0000
Message-ID: <051a01c744d7$5e9fb210$76849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Non-member submission from [hartmans-ietf@mit.edu (Sam Hartman)]
Date: Wed, 31 Jan 2007 01:29:55 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
----- Original Message -----
From: "Sam Hartman" <hartmans-ietf@mit.edu>
To: "Ross Callon" <rcallon@juniper.net>
Cc: "Sandy Murphy" <sandy@tislabs.com>; <adrian@olddog.co.uk>;
<ccamp@ops.ietf.org>; <dbrungard@att.com>; <derek@ihtfp.com>
Sent: Tuesday, January 30, 2007 10:21 PM
Subject: Re: Security considerations with
draft-ietf-ccamp-rsvp-restart-ext-07
> Ross, as I've said before I definitely think analyzing the impact of
> malicious software--especially at domain boundaries etc-- is an
> important part of what we do.
>
> let me give you some examples of things that we don't care about:
>
> * Malicious software could choose a different preferred route for some
> packet.
>
> * Malicious software could advertize a prefix permitted by
> configuration and cause other routers to send traffic for that
> prefix to the malicious router.
>
> * Malicious software could consume CPU or create a denial of service on
> other routers.
>
> And some malicious attacks I think we care about:
>
> * Malicious software could subvert configuration on other routers.
> For example I'd consider it a BGP protocol bug if I set up filters
> to constrain what prefixes a BGP speaker was allowed to announce to
> me and that speaker being malicious could get around my filters.
>
>
> * Where malicious software on one side of a customer domain could violate
> that domain boundary. For example, in a 2547-style VPN, where PE does the
> VPN encapsulation, malicious CE should not be able to violate traffic
> isolation.
>
> The reason the assertions being made about the RSVP restart mechanism
> don't seem to ring true to those of us in the security community is
> that local state is often more trusted than network state and that
> there is an inversion of trust direction. I think we're going to be
> very uncomfortable letting this spec go forward without at leat
> understanding what the new attacks are created by this spec. I'm
> particularly uncomfortable with potential interactions between the
> restart mechanism and future extensions to objects in the path
> message.
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 31 Jan 2007 01:32:37 +0000
Message-ID: <051b01c744d7$74b22d80$76849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Non-member submission from [sandy@tislabs.com (Sandy Murphy)]
Date: Wed, 31 Jan 2007 01:30:29 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
----- Original Message -----
From: "Sandy Murphy" <sandy@tislabs.com>
To: <adrian@olddog.co.uk>; <hartmans-ietf@mit.edu>; <rcallon@juniper.net>;
<sandy@tislabs.com>
Cc: <ccamp@ops.ietf.org>; <dbrungard@att.com>; <derek@ihtfp.com>
Sent: Tuesday, January 30, 2007 10:08 PM
Subject: Re: Security considerations with
draft-ietf-ccamp-rsvp-restart-ext-07
> >If the router is mis-configured, whether intentionally or not, it won't
>>be intentionally sending bad information to the peer router for the
>>simple reason that no vendor is going to implement the "please
>>send incorrect information" configuration option.
>
> There are plenty of ways to say, not about rsvp in particular but about
> configuration in general, "reset the configuration to send X rather
> than Y". That is what misconfiguration is.
>
> Surely the number of times prefixes have been mis-originated in the
> Internet is enough to demonstrate that sending bad information to a
> peer happens everywhere and often?
>
> Furthermore, can we say that root access to a router would not permit
> download of not a full new operating system but a small piece of code,
> that will counter the effect of the real routing code? I don't think so.
> Let me know if that's wrong.
>
>>I don't think that it is possible to design a protocol that *both*
>>(i) Deals with the hacker produced Byzantine software case; and
>>also (ii) Works well enough in a normal network that anyone would
>>ever use it.
>
> No one is asking for the design of a protocol robust against Byzantine
> behavior, that's hard. People are being asked to analyze their protocol
> that they are expert in to see how much damage byzantine behavior could
> do. If byzantine behavior turns out to be no big deal, you're done.
> If byzantine behavior tunrs out to wreak havoc on a global scale, well,
> then you need to worry about how to prevent misconfiguration or software
> faults or subversion through other means.
>
> Note: turns out ccamp is subscribers-only. So the ccamp people haven't
> seen any messages I've sent. I've just subscribed, so this message may
> get through. I'll resend everything the ccamp list misses.
>
> --Sandy
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 30 Jan 2007 21:19:24 +0000
Message-ID: <048d01c744b4$3ca09f30$76849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Non-member submission from [rcallon@juniper.net (Ross Callon)]
Date: Tue, 30 Jan 2007 21:18:43 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=response
Content-Transfer-Encoding: 7bit
----- Original Message -----
From: "Ross Callon" <rcallon@juniper.net>
To: "Sandy Murphy" <sandy@tislabs.com>; <adrian@olddog.co.uk>;
<hartmans-ietf@mit.edu>
Cc: <ccamp@ops.ietf.org>; <dbrungard@att.com>; <derek@ihtfp.com>;
<rcallon@juniper.net>
Sent: Tuesday, January 30, 2007 8:59 PM
Subject: Re: Security considerations with
draft-ietf-ccamp-rsvp-restart-ext-07
> There are a couple of things that are bugging me about this
> conversation (although I must admit that I am looking at the
> end of it -- the beginning being either lost in a very large
> email queue or less likely perhaps not sent to me).
>
> There are many ways that a router could be compromised. One
> is that it is accidentally mis-configured by a well intended
> operator. Another is that it is intentionally mis-configured by a
> hacker. A third way is that a hacker actually downloads his own
> software to the router, so that it is doing whatever Byzantine wrong
> thing a very clever hacker can think of to do.
>
> If the router is mis-configured, whether intentionally or not, it won't
> be intentionally sending bad information to the peer router for the
> simple reason that no vendor is going to implement the "please
> send incorrect information" configuration option.
>
> If the router contains software that is really written by the hacker,
> then the network will not work. It would be trivial to write code that
> runs the right routing protocol, and then just drops packets, or
> forwards packets randomly, or works fine with unicast, but *both*
> forwards multicast properly and in addition forwards additional
> copies of the multicast packet into a loop, so that thousands of
> copies of the same packet are delivered, or forwards the packets
> properly, and also keeps copies, or inserts a "man in the middle",
> or whatever. (if you get to write the software, and want to cause
> problems, there are lots of ways to cause very severe problems).
>
> I don't think that it is possible to design a protocol that *both*
> (i) Deals with the hacker produced Byzantine software case; and
> also (ii) Works well enough in a normal network that anyone would
> ever use it. One example of this would be Radia Perlman's PhD
> thesis on Byzantine routing, which does handle the Byzantine
> software case, but by using a protocol that no one would ever
> deploy in a normal network.
>
> They my second concern: If we have to deal with every Byzantine
> software case in order to publish an IETF spec, then I think that we
> need to start attending ITU meetings because that is where people
> who actually want to build networks are going to go. (I am already
> aware of some cases of router vendors seriously considering taking
> specs to the ITU because getting them through the IETF is too
> onerous -- I don't think that this is a good thing).
>
> Now, if someone wants a statement in this document, or in any or
> all protocol specs, that says some form of: "If a vicious and clever
> hacker gets to re-write or significantly modify the software that runs
> on the routers, then this protocol will not work, and is subject to
> mis-behavior in ways that are difficult or impossible to fully predict"
> then I am okay with this, since the trust model that we are working
> under is one where the peer routers have software which is intending
> to do the right thing.
>
> Ross
>
> At 01:44 PM 1/29/2007 -0500, Sandy Murphy wrote:
>> > Adrian, you have reply-to set to you, so this is going to you only. If
>> > that
>> > is not what you wanted and you want the other recipients to see the
>> > message,
>> > let me know and I will resend.
>>
>>Doesn't matter. Reply-all is always an acceptable option. Given that one
>>of
>>your comments seems to be addressing other's not me, it might be good to
>>send it more widely.
>>
>> >>The email thread is presented in time order, oldest email first. I
>> >>trust
>> >>that the originators of the emails will not feel that their
>> >>conversations
>> >>are being put into the public domain egregiously.
>> >
>> > I managed to avoid insulting anyone in those messages, so I'm fine.
>> > :-)
>> >
>> > My comments in line. I hope I've managed to help indicate
>> > what you should do and why.
>>
>>Thanks.
>>
>> >> Thus there is a bidirectional full trust model between neighbors.
>> >>
>> >> Given that the trust model is full and bidirectional, this I-D cannot
>> >> modify the trust model.
>> >
>> > It should be said that a trust model is not only who you trust but
>> > what they are trusted to do. So just saying that you trust the same
>> > people in either case is not sufficient; you must look at whether the
>> > actions are equivalent in each case. Which, by the way, is what you
>> > address in the following, so you are on the right track.
>>
>>Clearly I need to read the security terminology RFC to get the difference
>>between trust (security) and allowed actions (policy). Can you point me at
>>it to save me having to search.
>>
>> >> Now, as I said, the damage you could do for any one LSP is subtly
>> >> different.
>> >> That is, during LSP setup, the maliscious LSR would have been limited
>> >> to
>> >> doing damage as a recipient of a Path message and sender of a Resv.
>> >> With
>> >> this I-D it is able to tell the upstream (restarting) LSR that the
>> >> Path
>> >> message it sent previously was different from the one it actually
>> >> sent.
>> >> What new damage could this do?
>> >>
>> >> It doesn't change any of the behavior at any downstream LSR because
>> >> the
>> >> malicious LSR could already have lied in the Path message that it sent
>> >> downstream.
>> >>
>> >> It doesn't change anything at the malicious LSR because that LSR is
>> >> always
>> >> free to be malicious in its own way.
>> >>
>> >> It doesn't change anything upstream of the restarting LSR because the
>> >> restart information is not propagated further upstream.
>> >
>> > The fact that restart info does not propagate does not mean that
>> > changes in behavior do not propagate. [Hm: could soft-state refresh
>> > behavior to upstreams be affected by something in the bogus PATH
>> > info?]
>>
>>No. It assuredly could not.
>>Of course, a bogus Resv could do that, but we already have to admit that
>>the
>>Resv might be bogus.
>>Or rather, we discount the possiblity of anyone subverting the running
>>code
>>on a router.
>>
>> >> All it can do is tell the restarting LSR that the LSP parameters have
>> >> changed. So what?
>> >
>> > Your "So what?" rhetorical question deserves an answer. Surely there
>> > would be no need for a new protocol if the restarting LSR was not
>> > going to do *something* with the info it receives.
>>
>>Well, read the draft :-) It is going to:
>>- Check the information against the data plane in order to
>> discard obsolete data plane state. Issues are:
>> - Old data plane state will be falsely retained
>> This is such a small issue that it is not very important,
>> besides, how did the neighbor guess the existence of
>> the state?
>> - Old data plane state will be deleted in error. This is
>> important because it interupts traffic. But, the neighbor
>> could have done that itself.
>> There is a tiny thing here that the neighbor can possibly
>> cause the restarting node to appear to be at fault, but
>> we can assume that the restarting node would log such
>> events (and might not even tear state without management
>> intervention).
>>- Use the information to generate its next Path message that
>> it sends back to the downstream neighbor.
>> Note that the utility of this function is that when the
>> downstream neighbor restarts, it can get a refresh from its
>> upstream neighbor.
>> The consequence of a lie here is just a reminder to the lier
>> of what its lie was.
>>
>> > Bogus info about
>> > the Path is going to produce some behavior different from the
>> > legitimate info, or we'd have no need to be exchanging that info
>> > anyway. Just on that basis, an answer to "So what?" of "Nothing"
>> > should be viewed with scepticism, unless accompanied by some
>> > reasoning. [The draft specifically points out the ability to recover
>> > the Explicit Route Object, which sure doesn't sound benign to the
>> > uninitiated.]
>> >
>> > Unfortunately, it looks like determining the way the behavior could be
>> > different and how much harm that could do would be a matter of
>> > reviewing 3209 and 3473 and understanding the use of many RSVP
>> > objects, not only the ERO but also those mentioned in "Such Path state
>> > may include (but is not restricted to) the Protection object, the
>> > Admin Status object, the Session Attribute object, the Notify Request
>> > object, the Sender Tspec object" and who know what all else. In other
>> > words, would best be done by someone who knew such stuff.
>>
>>I have to say that the request "justify yourself" is hugely frustrating. I
>>know it is difficult to do this type of cross-area review because it is
>>not
>>possible to be an expert in the details of every protocol. And it is
>>really
>>useful to have issues raised like: have you considered what would happen
>>if
>>XYZ? But at some point, there has to be an acceptance that, yes, the
>>protocol experts have though about this and they are comfortable.
>>
>>If we have to document the fact that such a situation would be benign for
>>every possible setting of every field in every protocol object currently
>>defined we will clearly produce several tens of pages of I-D. If this is
>>what is required then I think that we might as well give up on the idea of
>>publishing specifications.
>>
>> >> Based on a security review by Derek Atkins and comments from Sandy
>> >> Murphy,
>> >>...
>> >> I think that you need to see the security review by Derek and comments
>> >> by Sandy.
>> >
>> > Please note that my comments were not about this draft, but about a
>> > suggestion by Adrian that byzantine behavior by legitimate
>> > participants did not need to be considered. I did not say that I
>> > thought that there WAS a problem. Indeed, I had not read the draft
>> > and so had little reason think that there was a problem.
>>
>>Let me give an example. An ftp implementation is per spec in all respects
>>except that whenever you send "get foo" it returns the contents of the
>>file
>>bar. It seems to me that there is nothing that the peer ftp implementation
>>can do within the scope of ftp to rectify or even detect this. Only the
>>application of other features (such as file encryption and file tagging)
>>can
>>help and this is outside the scope of ftp.
>>
>>So with RSVP-TE. An application can do lots of things to verify that its
>>LSP
>>is correctly connected and passing the right data unmollested, but that is
>>the job of the application not of the protocol.
>>
>> >>If anyone can contribute to this debate to make suggestions on how we
>> >>could
>> >>resolve this issue then that would be most welcome.
>> >
>> > Recommendation: Find someone to answer the "So what" question. Find
>> > someone to verify the "not propagated further upstream" assertion wrt
>> > behavior. Have them write their conclusion down, especially the "why"
>> > parts.
>>
>>Frankly, no-one will do this (although I seem to be being partially
>>dragged
>>into it through email exchanges with Sam :-). It would cost too much
>>money.
>>
>>If that means that the I-D is blocked from publication then maybe some
>>people will laugh at the IETF. But I don't suppose it will change much:
>>this
>>stuff is implemented, deployed, and through various interop tests.
>>
>>Adrian
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 30 Jan 2007 21:19:04 +0000
Message-ID: <048c01c744b4$2c602910$76849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Non-member submission from [derek@ihtfp.com (Derek Atkins)]
Date: Tue, 30 Jan 2007 21:17:52 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
----- Original Message -----
From: "Derek Atkins" <derek@ihtfp.com>
To: "Sandy Murphy" <sandy@tislabs.com>
Cc: <adrian@olddog.co.uk>; <ccamp@ops.ietf.org>; <dbrungard@att.com>;
<hartmans-ietf@MIT.EDU>; <rcallon@juniper.net>
Sent: Tuesday, January 30, 2007 3:40 PM
Subject: Re: Security considerations with
draft-ietf-ccamp-rsvp-restart-ext-07
> [snip]
>> Let me give an example. An ftp implementation is per spec in all respects
>> except that whenever you send "get foo" it returns the contents of the
>> file
>> bar. It seems to me that there is nothing that the peer ftp
>> implementation
>> can do within the scope of ftp to rectify or even detect this. Only the
>> application of other features (such as file encryption and file tagging)
>> can
>> help and this is outside the scope of ftp.
>>
>> So with RSVP-TE. An application can do lots of things to verify that its
>> LSP
>> is correctly connected and passing the right data unmollested, but that
>> is
>> the job of the application not of the protocol.
>
> Ahh, but in the RSVP restart case, it's more like an FTP
> implementation does a "put foo" and then later a "get foo" and expects
> the remote implementation to return the same "foo" that it put there
> originally. You're trusting the remote implementation to give you the
> same file that you uploaded earlier but you're not doing any kind of
> verification that that's indeed the case.
>
> All I'm suggesting is that the originator of the data have some way to
> self-verify that the foo it got is the same foo it put. This could be
> done by a simple "self-signature" or MAC, something where I have some
> long term secret key (e.g. an AES key) and then upload the MAC with
> the original data; then when I get it I can re-verify the MAC and see
> that yes, this IS the data I uploaded.
>
> -derek
>
> --
> Derek Atkins 617-623-3745
> derek@ihtfp.com www.ihtfp.com
> Computer and Internet Security Consultant
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 30 Jan 2007 21:19:00 +0000
Message-ID: <048b01c744b4$2bd37970$76849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Non-member submission from [sandy@tislabs.com (Sandy Murphy)]
Date: Tue, 30 Jan 2007 21:16:16 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
From: "Sandy Murphy" <sandy@tislabs.com>
To: <adrian@olddog.co.uk>
Cc: <ccamp@ops.ietf.org>; <dbrungard@att.com>; <derek@ihtfp.com>;
<hartmans-ietf@mit.edu>; <rcallon@juniper.net>; <sandy@tislabs.com>
Sent: Monday, January 29, 2007 6:44 PM
Subject: Re: Security considerations with
draft-ietf-ccamp-rsvp-restart-ext-07
>> Adrian, you have reply-to set to you, so this is going to you only. If
>> that is not what you wanted and you want the other recipients to see the
>> message, let me know and I will resend.
>
> Doesn't matter. Reply-all is always an acceptable option. Given that one
> of
> your comments seems to be addressing other's not me, it might be good to
> send it more widely.
>
>>>The email thread is presented in time order, oldest email first. I trust
>>>that the originators of the emails will not feel that their conversations
>>>are being put into the public domain egregiously.
>>
>> I managed to avoid insulting anyone in those messages, so I'm fine. :-)
>>
>> My comments in line. I hope I've managed to help indicate
>> what you should do and why.
>
> Thanks.
>
>>> Thus there is a bidirectional full trust model between neighbors.
>>>
>>> Given that the trust model is full and bidirectional, this I-D cannot
>>> modify the trust model.
>>
>> It should be said that a trust model is not only who you trust but
>> what they are trusted to do. So just saying that you trust the same
>> people in either case is not sufficient; you must look at whether the
>> actions are equivalent in each case. Which, by the way, is what you
>> address in the following, so you are on the right track.
>
> Clearly I need to read the security terminology RFC to get the difference
> between trust (security) and allowed actions (policy). Can you point me at
> it to save me having to search.
>
>>> Now, as I said, the damage you could do for any one LSP is subtly
>>> different.
>>> That is, during LSP setup, the maliscious LSR would have been limited to
>>> doing damage as a recipient of a Path message and sender of a Resv. With
>>> this I-D it is able to tell the upstream (restarting) LSR that the Path
>>> message it sent previously was different from the one it actually sent.
>>> What new damage could this do?
>>>
>>> It doesn't change any of the behavior at any downstream LSR because the
>>> malicious LSR could already have lied in the Path message that it sent
>>> downstream.
>>>
>>> It doesn't change anything at the malicious LSR because that LSR is
>>> always
>>> free to be malicious in its own way.
>>>
>>> It doesn't change anything upstream of the restarting LSR because the
>>> restart information is not propagated further upstream.
>>
>> The fact that restart info does not propagate does not mean that
>> changes in behavior do not propagate. [Hm: could soft-state refresh
>> behavior to upstreams be affected by something in the bogus PATH
>> info?]
>
> No. It assuredly could not.
> Of course, a bogus Resv could do that, but we already have to admit that
> the
> Resv might be bogus.
> Or rather, we discount the possiblity of anyone subverting the running
> code
> on a router.
>
>>> All it can do is tell the restarting LSR that the LSP parameters have
>>> changed. So what?
>>
>> Your "So what?" rhetorical question deserves an answer. Surely there
>> would be no need for a new protocol if the restarting LSR was not
>> going to do *something* with the info it receives.
>
> Well, read the draft :-) It is going to:
> - Check the information against the data plane in order to
> discard obsolete data plane state. Issues are:
> - Old data plane state will be falsely retained
> This is such a small issue that it is not very important,
> besides, how did the neighbor guess the existence of
> the state?
> - Old data plane state will be deleted in error. This is
> important because it interupts traffic. But, the neighbor
> could have done that itself.
> There is a tiny thing here that the neighbor can possibly
> cause the restarting node to appear to be at fault, but
> we can assume that the restarting node would log such
> events (and might not even tear state without management
> intervention).
> - Use the information to generate its next Path message that
> it sends back to the downstream neighbor.
> Note that the utility of this function is that when the
> downstream neighbor restarts, it can get a refresh from its
> upstream neighbor.
> The consequence of a lie here is just a reminder to the lier
> of what its lie was.
>
>> Bogus info about
>> the Path is going to produce some behavior different from the
>> legitimate info, or we'd have no need to be exchanging that info
>> anyway. Just on that basis, an answer to "So what?" of "Nothing"
>> should be viewed with scepticism, unless accompanied by some
>> reasoning. [The draft specifically points out the ability to recover
>> the Explicit Route Object, which sure doesn't sound benign to the
>> uninitiated.]
>>
>> Unfortunately, it looks like determining the way the behavior could be
>> different and how much harm that could do would be a matter of
>> reviewing 3209 and 3473 and understanding the use of many RSVP
>> objects, not only the ERO but also those mentioned in "Such Path state
>> may include (but is not restricted to) the Protection object, the
>> Admin Status object, the Session Attribute object, the Notify Request
>> object, the Sender Tspec object" and who know what all else. In other
>> words, would best be done by someone who knew such stuff.
>
> I have to say that the request "justify yourself" is hugely frustrating. I
> know it is difficult to do this type of cross-area review because it is
> not
> possible to be an expert in the details of every protocol. And it is
> really
> useful to have issues raised like: have you considered what would happen
> if
> XYZ? But at some point, there has to be an acceptance that, yes, the
> protocol experts have though about this and they are comfortable.
>
> If we have to document the fact that such a situation would be benign for
> every possible setting of every field in every protocol object currently
> defined we will clearly produce several tens of pages of I-D. If this is
> what is required then I think that we might as well give up on the idea of
> publishing specifications.
>
>>> Based on a security review by Derek Atkins and comments from Sandy
>>> Murphy,
>>>...
>>> I think that you need to see the security review by Derek and comments
>>> by Sandy.
>>
>> Please note that my comments were not about this draft, but about a
>> suggestion by Adrian that byzantine behavior by legitimate
>> participants did not need to be considered. I did not say that I
>> thought that there WAS a problem. Indeed, I had not read the draft
>> and so had little reason think that there was a problem.
>
> Let me give an example. An ftp implementation is per spec in all respects
> except that whenever you send "get foo" it returns the contents of the
> file
> bar. It seems to me that there is nothing that the peer ftp implementation
> can do within the scope of ftp to rectify or even detect this. Only the
> application of other features (such as file encryption and file tagging)
> can
> help and this is outside the scope of ftp.
>
> So with RSVP-TE. An application can do lots of things to verify that its
> LSP
> is correctly connected and passing the right data unmollested, but that is
> the job of the application not of the protocol.
>
>>>If anyone can contribute to this debate to make suggestions on how we
>>>could
>>>resolve this issue then that would be most welcome.
>>
>> Recommendation: Find someone to answer the "So what" question. Find
>> someone to verify the "not propagated further upstream" assertion wrt
>> behavior. Have them write their conclusion down, especially the "why"
>> parts.
>
> Frankly, no-one will do this (although I seem to be being partially
> dragged
> into it through email exchanges with Sam :-). It would cost too much
> money.
>
> If that means that the I-D is blocked from publication then maybe some
> people will laugh at the IETF. But I don't suppose it will change much:
> this
> stuff is implemented, deployed, and through various interop tests.
>
> Adrian
>
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 30 Jan 2007 21:18:12 +0000
Message-ID: <047701c744b3$c582d8f0$76849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Non-member submission from [sandy@tislabs.com (Sandy Murphy)]
Date: Tue, 30 Jan 2007 21:14:30 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
> To: adrian@olddog.co.uk
> Subject: Re: Security considerations with
> draft-ietf-ccamp-rsvp-restart-ext-07
> Cc: ccamp@ops.ietf.org, dbrungard@att.com, derek@ihtfp.com,
> hartmans-ietf@mit.edu, rcallon@juniper.net, sandy@tislabs.com
> In-Reply-To: <044201c740e3$06b30d60$f4849ed9@your029b8cecfe>
> Message-Id: <20070129182515.97C343F4EA@pecan.tislabs.com>
> Date: Mon, 29 Jan 2007 13:25:15 -0500 (EST)
> From: sandy@tislabs.com (Sandy Murphy)
>
> (I replied to Adrian directly because he had reply-to set to himself only,
> but he assures me that a reply-all is OK. So here is my reply. Then I'll
> send his response.)
>
> --Sandy
>
>>The email thread is presented in time order, oldest email first. I trust
>>that the originators of the emails will not feel that their conversations
>>are being put into the public domain egregiously.
>
> I managed to avoid insulting anyone in those messages, so I'm fine. :-)
>
> My comments in line. I hope I've managed to help indicate what you should
> do and why.
>
>> Thus there is a bidirectional full trust model between neighbors.
>>
>> Given that the trust model is full and bidirectional, this I-D cannot
>> modify
>> the trust model.
>>
>
> It should be said that a trust model is not only who you trust but
> what they are trusted to do. So just saying that you trust the same
> people in either case is not sufficient; you must look at whether the
> actions are equivalent in each case. Which, by the way, is what you
> address in the following, so you are on the right track.
>
>>
>> Now, as I said, the damage you could do for any one LSP is subtly
>> different.
>> That is, during LSP setup, the maliscious LSR would have been limited to
>> doing damage as a recipient of a Path message and sender of a Resv. With
>> this I-D it is able to tell the upstream (restarting) LSR that the Path
>> message it sent previously was different from the one it actually sent.
>> What
>> new damage could this do?
>>
>> It doesn't change any of the behavior at any downstream LSR because the
>> malicious LSR could already have lied in the Path message that it sent
>> downstream.
>>
>> It doesn't change anything at the malicious LSR because that LSR is
>> always
>> free to be malicious in its own way.
>>
>> It doesn't change anything upstream of the restarting LSR because the
>> restart information is not propagated further upstream.
>
> The fact that restart info does not propagate does not mean that
> changes in behavior do not propagate. [Hm: could soft-state refresh
> behavior to upstreams be affected by something in the bogus PATH
> info?]
>
>>
>> All it can do is tell the restarting LSR that the LSP parameters have
>> changed. So what?
>
> Your "So what?" rhetorical question deserves an answer. Surely there
> would be no need for a new protocol if the restarting LSR was not
> going to do *something* with the info it receives. Bogus info about
> the Path is going to produce some behavior different from the
> legitimate info, or we'd have no need to be exchanging that info
> anyway. Just on that basis, an answer to "So what?" of "Nothing"
> should be viewed with scepticism, unless accompanied by some
> reasoning. [The draft specifically points out the ability to recover
> the Explicit Route Object, which sure doesn't sound benign to the
> uninitiated.]
>
> Unfortunately, it looks like determining the way the behavior could be
> different and how much harm that could do would be a matter of
> reviewing 3209 and 3473 and understanding the use of many RSVP
> objects, not only the ERO but also those mentioned in "Such Path state
> may include (but is not restricted to) the Protection object, the
> Admin Status object, the Session Attribute object, the Notify Request
> object, the Sender Tspec object" and who know what all else. In other
> words, would best be done by someone who knew such stuff.
>
>> Based on a security review by Derek Atkins and comments from Sandy
>> Murphy,
>>...
>> I think that you need to see the security review by Derek and comments
>> by Sandy.
>
> Please note that my comments were not about this draft, but about a
> suggestion by Adrian that byzantine behavior by legitimate
> participants did not need to be considered. I did not say that I
> thought that there WAS a problem. Indeed, I had not read the draft
> and so had little reason think that there was a problem.
>
>>If anyone can contribute to this debate to make suggestions on how we
>>could
>>resolve this issue then that would be most welcome.
>
> Recommendation: Find someone to answer the "So what" question. Find
> someone to verify the "not propagated further upstream" assertion wrt
> behavior. Have them write their conclusion down, especially the "why"
> parts.
>
> --Sandy
Envelope-to: ccamp-data@psg.com
Delivery-date: Mon, 29 Jan 2007 20:52:21 +0000
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ccamp@ops.ietf.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-ccamp-rsvp-restart-ext-08.txt
Message-Id: <E1HBdRy-0001XJ-Ga@stiedprstage1.ietf.org>
Date: Mon, 29 Jan 2007 15:50:02 -0500
--NextPart
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Common Control and Measurement Plane Working Group of the IETF.
Title : Extensions to GMPLS RSVP Graceful Restart
Author(s) : A. Satyanarayana, R. Rahman
Filename : draft-ietf-ccamp-rsvp-restart-ext-08.txt
Pages : 24
Date : 2007-1-29
This document describes extensions to the RSVP Graceful Restart
mechanisms defined in RFC 3473. The extensions enable the recovery
of RSVP signaling state based on the Path message last sent by the
node being restarted.
Previously defined Graceful Restart mechanisms, also called recovery
from nodal faults, permit recovery of signaling state from adjacent
nodes when the data plane has retained the associated forwarding
state across a restart. Those mechanisms do not fully support
signaling state recovery on ingress nodes or recovery of all RSVP
objects.
The extensions defined in this document build on the RSVP Hello
extensions defined in RFC 3209, and extensions for state recovery on
nodal faults defined in RFC 3473. Using these extensions the
restarting node can recover all previously transmitted Path state
including the Explicit Route Object and the downstream (outgoing)
interface identifiers. The extensions can also be used to recover
signaling state after the restart of an ingress node.
The extensions optionally support the use of Summary Refresh, defined
in RFC 2961, to reduce the number of messages exchanged during the
Recovery Phase when the restarting node has recovered signaling state
locally for one or more LSPs.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-rsvp-restart-ext-08.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-ietf-ccamp-rsvp-restart-ext-08.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ccamp-rsvp-restart-ext-08.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"
--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="mailserv@ietf.org"
Content-Type: text/plain
Content-ID: <2007-1-29113316.I-D@ietf.org>
ENCODING mime
FILE /internet-drafts/draft-ietf-ccamp-rsvp-restart-ext-08.txt
--OtherAccess
Content-Type: Message/External-body;
name="draft-ietf-ccamp-rsvp-restart-ext-08.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"
Content-Type: text/plain
Content-ID: <2007-1-29113316.I-D@ietf.org>
--OtherAccess--
--NextPart--
Envelope-to: ccamp-data@psg.com
Delivery-date: Sat, 27 Jan 2007 07:04:07 +0000
Date: Sat, 27 Jan 2007 15:00:49 +0800
From: ZhangRenhai <zhangrenhai@huawei.com>
Subject: Re: Advertising of inter-AS TE links
To: 'Adrian Farrel' <adrian@olddog.co.uk>, 'JP Vasseur' <jvasseur@cisco.com>, 'Mach Chen' <mach@huawei.com>, 'Dimitri Papadimitriou' <Dimitri.Papadimitriou@alcatel-lucent.be>
Cc: ccamp@ops.ietf.org
Message-id: <000201c741e0$e2699b00$a00c6f0a@china.huawei.com>
MIME-version: 1.0
Content-type: text/plain; charset=gb2312
Content-transfer-encoding: quoted-printable
Thread-index: Acc6J2g4vXZOi5P2TfGCP/3OD10EcQHtsxIA
Hi, Adrian
I have submitted a draft last year in which the BGP extension to =
advertise
inter-as link connection information is described:
http://tools.ietf.org/wg/pce/draft-zhang-pce-locate-asbr-00.txt
I'm now drafting the problem statements and corresponding IGP(so far =
only
OSPF in the doc) extension, it's upcoming soon.
Regards,
Zhang Renhai
> Hi,
>=20
> Since this discussion is blossoming, it can have its own thread...
>=20
> I'd like to try to bring some focus.
>=20
> The motivation seems clear...
> When computing a path through one AS into another AS, the computation
point
> needs to know about TE links that connect to the next AS. This enables =
it
to
> select:
> - A TE link that connects to the next AS
> - A TE link that is suitable for the LSP.
>=20
> Other questions about reachability and TE connectivity across the next =
AS
> are out of scope and have been defined as problems that PCE is used to
> solve. This is an important point! We are not talking about =
distributing
> information to provide a graph to compute multi-AS TE paths. That is
(IMHO)
> out of scope and what PCE was invented to solve.
>=20
> I see two scenarios.
> 1. An ASBR has two links to the next AS.
> 2. An AS has two ASBRs to the next AS.
> In either case, the AS may have multiple ASBRs.
>=20
> The path computation point must determine:
> a. The set of ASBRs that connect to the next AS.
> b. Which ASBR to use.
> c. Which inter-AS link to use.
>=20
> Some cases are easy:
> - If the ERO already includes the ASBR address
> no choice to be done
> - If the ASBR has multiple inter-AS links then
> the choice can be a local matter (no
> advertising required)
>=20
> But other cases require advertisement of the inter-AS link as a TE =
link
> with:
> - the normal TE information
> - an indication that this is an inter-AS link
> - the identity of the remote ASBR
> - the identity of the remote AS
>=20
> This information is needed through-out the local AS. That is, although =
all
> of the ASBRs may be interested for LSPs that entirely cross the local =
AS,
> and although a PCE could be a BGP speaker, the information is also =
needed
> for LSPs that are originated within the AS.
>=20
> Thus we must decide how paths for LSPs that exit the AS will be =
computed:
>=20
> - If we require computation by a PCE that
> is (somewhat) centralised within the AS
> we can use BGP to distribute the information
> and require that the PCEs are BGP speakers.
> (Note that the information is only needed
> within the local AS, so we would limit its
> flooding by BGP.)
>=20
> - If we require computation by any LSR in
> the AS (i.e. PCE function is fully
> distributed) then we require IGP flooding
> of the information across the whole AS.
>=20
> In both cases the cost is not particularly high since the number of
inter-AS
> TE links will not be large.
>=20
> Thanks,
> Adrian
>=20
> ----- Original Message -----
> From: "ZhangRenhai" <zhangrenhai@huawei.com>
> To: "'JP Vasseur'" <jvasseur@cisco.com>; "'Mach Chen'" =
<mach@huawei.com>
> Cc: <ccamp@ops.ietf.org>; <owner-ccamp@ops.ietf.org>
> Sent: Wednesday, January 17, 2007 4:11 AM
> Subject: =B4=F0=B8=B4: Progressing the three inter-domain I-Ds
>=20
>=20
> >> > After reading these docs I also have the same concern with you
> >> > about inter-ASBR links flooding.
> >> > I think, in oder to perform inter-AS path computation, =
inter-ASBR
> >> > links fooding is desired.
> >>
> >> As pointed out in the document, this is not a MUST, but an
optimization.
> >>
> >> > But
> >> > such kind of inter-ASBR link info should include more information
> >> > than "normal" TE links do,
> >> > e.g: the inter-ASBR links info SHOULD still include the peer AS
> >> > number and peer ASBR router id
> >> > besides those link info which has been specified in rfc3630 and
> >> > rfc3784.
> >>
> >> I don't think that the peer AS number info should be included in =
the
> >> IGP for sure. You should rely on BGP for that purpose.
> > [ZhangRenhai>] maybe BGP is not enough for some circumstance, take =
this
> > scenario for example:
> >
> > / ASBR4
> > ASBR1--------ASBR2--
> > \ ASBR3
> > ------AS 1----------||-----AS 2----------
> >
> > ASBR2 in AS 1 would only advertise the optimal route received
respectively
> > from ASBR3 and ASBR4 (both are from AS 2) to ASBR1, ASBR1 also =
doesn't
> > have
> > the full knowledge of topology(such as which AS the ASBR2 is =
connected
to
> > and which router is in that AS)between the two AS. PCE would have =
the
> > similar problem when performing the brpc.
> > Another issue, when ASBR1 receives a path mesg from upstream domain
> > containing a loose ERO:AS number(say AS2), there should be a method =
for
it
> > to locate the asbr(say ASBR2) in the local domain connected to AS2.
> >
> > Regards,
> > Zhang Renhai
> >
> >>
> >> >
> >> > So I think there need a document to clarify and specify =
inter-ASBR
> >> > links flooding. we are considering to
> >> > write such a document. If someone interested in such work, we =
could
> >> > cooperate.
> >> >
> >>
> >> JP.
> >>
> >> >
> >
> >
> >
> >
> >
> >
>=20
>=20
Envelope-to: ccamp-data@psg.com
Delivery-date: Fri, 26 Jan 2007 03:57:44 +0000
Message-ID: <044201c740e3$06b30d60$f4849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Cc: "Ross Callon" <rcallon@juniper.net>, "Brungard, Deborah A, ALABS" <dbrungard@att.com>, "'Sam Hartman'" <hartmans-ietf@mit.edu>, "Derek Atkins" <derek@ihtfp.com>, "Sandy Murphy" <sandy@tislabs.com>
Subject: Security considerations with draft-ietf-ccamp-rsvp-restart-ext-07
Date: Fri, 26 Jan 2007 00:42:11 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi,
As requested here is a summary of the email exchanges with regard to
security issues in this I-D as raised in Security Directorate review and
picked up on in IESG review by Sam Hartman.
The email thread is presented in time order, oldest email first. I trust
that the originators of the emails will not feel that their conversations
are being put into the public domain egregiously.
If anyone can contribute to this debate to make suggestions on how we could
resolve this issue then that would be most welcome.
Thanks,
Adrian
====
From: "Derek Atkins" <derek@ihtfp.com>
To: <iesg@ietf.org>; <secdir@MIT.EDU>
Cc: <ccamp-chairs@tools.ietf.org>; <asatyana@cisco.com>;
<rrahman@cisco.com>; <lberger@labn.net>; <dimitri.papadimitriou@alcatel.be>;
<ancaz@cisco.com>; <jisrar@cisco.com>
Sent: Friday, January 12, 2007 10:59 PM
>I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG. These comments were written primarily for the benefit of the
> security area directors. Document editors and WG chairs should treat
> these comments just like any other last call comments.
>
> I don't see any issues in this document beyond those already stated
> in the Security Considerations.
>
> My only question to the authors would be how does a recovering node
> verify that the data it gets from a peer node really came from the
> recovering node? Right now it just seems to have to trust that the
> peer returns valid data.
===
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "Derek Atkins" <derek@ihtfp.com>; <ccamp@ops.ietf.org>
Cc: <ccamp-chairs@tools.ietf.org>; <asatyana@cisco.com>;
<rrahman@cisco.com>; <lberger@labn.net>; <dimitri.papadimitriou@alcatel.be>;
<ancaz@cisco.com>; <jisrar@cisco.com>; <iesg@ietf.org>; <secdir@MIT.EDU>
Sent: Saturday, January 13, 2007 11:39 AM
> Hi Derek,
>
> I think this is a good question so I am bringing it to the CCAMP list.
>
> The bottom line would appear to be:
> - The exchange between neighbors before restart was
> secured by normal RSVP-TE means
> - The exchange after restart is secured by the same means.
> - This provides a degree of protection that the restarting
> node is receiving information that it originally sent to
> its neighbor.
>
> The obvious question is, should the restarting node have some (private)
> way
> of authenticating that the information received on restart originated with
> it? This would presumably be some sort of cookie manufactured from a
> mock-up
> of the restart message that the restarting node expects to receive and
> handed to the neighbor for use in the event of a restart.
>
> Seems like overkill to me, but I'd appreciate views from the WG.
===
From: "Derek Atkins" <derek@ihtfp.com>
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: <ccamp@ops.ietf.org>; <ccamp-chairs@tools.ietf.org>;
<asatyana@cisco.com>; <rrahman@cisco.com>; <lberger@labn.net>;
<dimitri.papadimitriou@alcatel.be>; <ancaz@cisco.com>; <jisrar@cisco.com>;
<iesg@ietf.org>; <secdir@MIT.EDU>
Sent: Tuesday, January 16, 2007 6:49 PM
> True, an attacker that sits between the peers shouldn't be able to
> inject messages because the endpoints are authenticated (and I
> presume that the transaction itself has integrity protection).
> You're correct that it is a question of the threat model, and that
> if you DO have a fully trusted set of peers then you don't have to
> worry about this attack. But if that's the case I'd like to see
> a sentence or three in the Security Considerations section that
> explicitly states this threat model. Then at least this attack
> would be clearly out of scope. :)
===
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "Derek Atkins" <derek@ihtfp.com>
Cc: <ccamp@ops.ietf.org>; <ccamp-chairs@tools.ietf.org>;
<asatyana@cisco.com>; <rrahman@cisco.com>; <lberger@labn.net>;
<dimitri.papadimitriou@alcatel.be>; <ancaz@cisco.com>; <jisrar@cisco.com>;
<iesg@ietf.org>; <secdir@MIT.EDU>
Sent: Tuesday, January 16, 2007 7:36 PM
> OK
>
> We can write that sentence or three and close the issue.
>
> Thanks for engaging.
===
From: "Sandy Murphy" <sandy@tislabs.com>
To: <adrian@olddog.co.uk>
Cc: <ancaz@cisco.com>; <asatyana@cisco.com>; <ccamp@ops.ietf.org>;
<dimitri.papadimitriou@alcatel.be>; <iesg@ietf.org>; <lberger@labn.net>;
<secdir@mit.edu>
Sent: Tuesday, January 16, 2007 4:35 PM
>>This leaves us with only the mistake, and generally we don't make
>>extensive
>>protocol changes to handle the potential for broken implementations.
>
> Yes, we will always have errors, in implementation, in configuration,
> in operation, we can't hope to protect against all of those, etc.
>
> However, it is prudent to spend some time analyzing how much damage to
> the protocol operation could result from a misconfigured or faulty
> participant. This is important because there are also subverted
> and deliberately malicious participants to worry about. You might be
> willing to live with the chance of a random one-in-a-billion error
> bringing
> down your network, but subverted and malicious participants aren't random.
===
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "Sandy Murphy" <sandy@tislabs.com>
Sent: Wednesday, January 17, 2007 12:16 AM
> Hi Sandy,
>
> Going off-list simply because it takes my emails a while to get approved
> on
> the SecDir list.
>
> I agree with you completely. My question is now about how easy it is to
> subvert, for example, a router. Yes, it may be possible to hack a router
> and
> induce odd configuration, but is it possible to subvert it? The nasty
> thought of someone writing their own version of IOS and downloading it
> onto
> a router!
>
> This probably brings us to a wider concern than simply MPLS-TE. What
> happens
> if any router running any routing protocol is subverted. Seems to me that
> we
> don't have an answer to this question within the IETF.
>
> With one hat on I say: let's not hold up this I-D because of a much wider
> problem.
> With a different hat on I say: this is probably something that the SecDir
> and RtgDir might want to sit down and thrash out.
===
From: "Sandy Murphy" <sandy@tislabs.com>
To: <adrian@olddog.co.uk>
Cc: <sandy@tislabs.com>
Sent: Wednesday, January 17, 2007 5:06 PM
>>I agree with you completely. My question is now about how easy it is to
>>subvert, for example, a router. Yes, it may be possible to hack a router
>>and induce odd configuration, but is it possible to subvert it?
>
> My definition of "subverted" includes hacking into a router and changing
> the configuration. It is taken over and no longer obeying the
> instructions of its rightful owner, so I call it subverted.
>
>>This probably brings us to a wider concern than simply MPLS-TE. What
>>happens if any router running any routing protocol is subverted. Seems to
>>me that we don't have an answer to this question within the IETF.
>
> Yes, the whole Byzantine participants problem gets little attention -
> partly because it is really hard to address.
>
> A protocol robust against such failures can be much "heavier", but the
> approaches to adding Byzantine robustness are not generic - you don't
> just add a "Byzantine robustness" layer.
>
> But that is why I said that it would be prudent to analyze just how
> bad things can get if one participant (and for extra points, more than
> one participant) is faulty/misconfigured/subverted/malicious.
>
> Until we all get smarter about protocols, doing the worst cast scenario
> study at least lets you know where you have to apply administrative
> controls, monitoring and alarms, etc.
===
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "Sandy Murphy" <sandy@tislabs.com>
Sent: Wednesday, January 17, 2007 8:00 PM
> OK, Thanks.
>
> I am going to feed this to the MPLS Security design team, and finger you
> (tee, hee, that will teach you ;-) as someone they can poll for a good
> discussion.
===
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <rcallon@juniper.net>
Cc: <ccamp@ops.ietf.org>; "Brungard, Deborah A, ALABS" <dbrungard@att.com>
Sent: Wednesday, January 17, 2007 9:14 PM
Subject: Re: New Version Notification -
draft-ietf-ccamp-rsvp-restart-ext-07.txt
> Hi Ross,
>
> This new revisions handles some issues raised during SecDir review and
> copied to the CCAMP mailing list.
>
> The changes are:
> - Minor editorial clarification of the Abstract
> - Repagination
> - Insertion of a paragraph in Section 6
> Note that the procedures assume a full trust model between RSVP
> neighbors. That is, although the protocol exchanges before and after
> restart can be secured, and although it is possible to authenticate
> the identity of the neighbors, no mechanism is provided to verify
> that the restart information is correctly mapped from the protocol
> information exchanged before the restart. This is considered
> acceptable because a similar trust model is required for normal
> operation of the protocol.
> - Addition to the Acknowledgements section
===
From: "Sam Hartman" <hartmans-ietf@mit.edu>
To: "Sandy Murphy" <sandy@tislabs.com>
Cc: <adrian@olddog.co.uk>; <asatyana@cisco.com>; <secdir@mit.edu>;
<ccamp@ops.ietf.org>; <dimitri.papadimitriou@alcatel.be>; <iesg@ietf.org>;
<lberger@labn.net>; <ancaz@cisco.com>
Sent: Tuesday, January 23, 2007 2:44 AM
>>>>>> "Sandy" == Sandy Murphy <sandy@tislabs.com> writes:
>
> Sandy> asatyana@cisco.com, secdir@mit.edu, lberger@labn.net,
> Sandy> ancaz@cisco.com, iesg@ietf.org
> >> This leaves us with only the mistake, and generally we don't
> >> make extensive protocol changes to handle the potential for
> >> broken implementations.
>
> Sandy> Yes, we will always have errors, in implementation, in
> Sandy> configuration, in operation, we can't hope to protect
> Sandy> against all of those, etc.
>
> Sandy> However, it is prudent to spend some time analyzing how
> Sandy> much damage to the protocol operation could result from a
>
> I agree with Sandy here. I think that analysis of what damage can be
> done by a malicious peer so that we can understand whether the
> proposed trust model is justified.
===
From: "Sam Hartman" <hartmans-ietf@mit.edu>
To: <iesg@ietf.org>
Cc: <ccamp-chairs@tools.ietf.org>
Sent: Tuesday, January 23, 2007 2:47 AM
> Discuss:
> Based on a security review by Derek Atkins and comments from Sandy
> Murphy, please help me understand why the trust model of this spec and
> normal operation of RSVP is the same. In particular, what damage can
> be done by a malicious peer sending back altered contents of path
> messages? How could the same damage be done in the normal protocol?
>
> It may well be that writing text to cover these issues is too
> expensive. If the authors would like to discuss with me offline that
> could work too. Text is of course preferred if it is relatively easy
> to write because then the entire world can review our findings.
===
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <iesg@ietf.org>; "Sam Hartman" <hartmans-ietf@mit.edu>
Cc: <ccamp-chairs@tools.ietf.org>
Sent: Tuesday, January 23, 2007 10:49 AM
> Hi Sam,
>
> So the paragraph we included to help with Derek's comments is...
>
> Note that the procedures assume a full trust model between RSVP
> neighbors. That is, although the protocol exchanges before and after
> restart can be secured, and although it is possible to authenticate
> the identity of the neighbors, no mechanism is provided to verify
> that the restart information is correctly mapped from the protocol
> information exchanged before the restart. This is considered
> acceptable because a similar trust model is required for normal
> operation of the protocol.
>
> You can see this in the 07 revision.
>
> Simply put, the trust model between peers (once they are identified and
> authenticated) must be full for RSVP-TE. Otherwise there are many ways
> that
> a malicious neighbor can really mess with its peer. For example, a
> malicious
> upstream LSR could pretend that it had received an LSP setup request from
> somewhere further upstream and could send a Path message to its peer -
> this
> could cause network resources to be squandered on all downstream LSRs.
>
> If you think about it, this hop-by-hop trust is necessary because
> otherwise
> every network node must have a security relationship with every potential
> LSP ingress, and that cannot scale.
>
> Again, I would prefer not to use an RSVP-TE extensions draft to document
> normal RSVP-TE behavior, although I do understand that this behavior
> *does*
> need to be documented. It is our hope that an effort recently started in
> the
> MPLS working group to document MPLS security will cover all of these
> bases,
> if somewhat belatedly.
===
From: "Sam Hartman" <hartmans-ietf@mit.edu>
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: <iesg@ietf.org>; <ccamp-chairs@tools.ietf.org>
Sent: Tuesday, January 23, 2007 2:59 PM
>>>>>> "Adrian" == Adrian Farrel <adrian@olddog.co.uk> writes:
>
> Adrian> Hi Sam, So the paragraph we included to help with Derek's
> Adrian> comments is...
>
> Adrian> Note that the procedures assume a full trust model
> Adrian> between RSVP neighbors. That is, although the protocol
> Adrian> exchanges before and after restart can be secured, and
> Adrian> although it is possible to authenticate the identity of
> Adrian> the neighbors, no mechanism is provided to verify that the
> Adrian> restart information is correctly mapped from the protocol
> Adrian> information exchanged before the restart. This is
> Adrian> considered acceptable because a similar trust model is
> Adrian> required for normal operation of the protocol.
>
> This paragraph is the source of my discuss.
> It makes an assertion that the damage that could be caused by changing
> state
> in a restart is the same as the damage that could be caused under normal
> operation.
> I'm asking you to validate that assertion so I can evaluate the document.
>
> Adrian> You can see this in the 07 revision.
>
> Yes.
>
> Adrian> Simply put, the trust model between peers (once they are
> Adrian> identified and authenticated) must be full for
> Adrian> RSVP-TE. Otherwise there are many ways that a malicious
> Adrian> neighbor can really mess with its peer. For example, a
> Adrian> malicious upstream LSR could pretend that it had received
> Adrian> an LSP setup request from somewhere further upstream and
> Adrian> could send a Path message to its peer - this could cause
> Adrian> network resources to be squandered on all downstream LSRs.
>
> I agree that there needs to be some level of trust between peers in
> the current protocol.
>
> Adrian> If you think about it, this hop-by-hop trust is necessary
> Adrian> because otherwise every network node must have a security
> Adrian> relationship with every potential LSP ingress, and that
> Adrian> cannot scale.
>
> Mor like every network node must be able to have data origin
> authentication with every potential ingress, which is a much weaker
> statement. But that's not a matter of discussion for today: we're not
> redesigning RSVP so we're not redesigning the hop-by-hop trust model.
> We're simply trying to validate that we have not changed it.
>
> Adrian> Again, I would prefer not to use an RSVP-TE extensions
> Adrian> draft to document normal RSVP-TE behavior, although I do
> Adrian> understand that this behavior *does* need to be
> Adrian> documented. It is our hope that an effort recently started
> Adrian> in the MPLS working group to document MPLS security will
> Adrian> cover all of these bases, if somewhat belatedly.
>
> As I said, my discuss can be resolved without text changes; I just
> need to be convinced of the answer to my question. And again, I'm not
> asking you to document normal RSVP procedures only to show you have
> not changed them.
===
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "Sam Hartman" <hartmans-ietf@mit.edu>
Cc: <iesg@ietf.org>; <ccamp-chairs@tools.ietf.org>
Sent: Tuesday, January 23, 2007 3:35 PM
> Hi Sam,
>
>> Adrian> Note that the procedures assume a full trust model
>> Adrian> between RSVP neighbors. That is, although the protocol
>> Adrian> exchanges before and after restart can be secured, and
>> Adrian> although it is possible to authenticate the identity of
>> Adrian> the neighbors, no mechanism is provided to verify that the
>> Adrian> restart information is correctly mapped from the protocol
>> Adrian> information exchanged before the restart. This is
>> Adrian> considered acceptable because a similar trust model is
>> Adrian> required for normal operation of the protocol.
>>
>> This paragraph is the source of my discuss.
>> It makes an assertion that the damage that could
>> be caused by changing state in a restart is the same
>> as the damage that could be caused under normal
>> operation.
>
> No it doesn't.
> It says that the trust model is unchanged.
>
> In fact, the damage that could be done by a malicious router (not one with
> subverted configuration, but one with subverted software implementation)
> is
> subtly different because of the different direction of the information
> exchange.
>
>> I'm asking you to validate that assertion so I can
>> evaluate the document.
>
> I can certainly validate the assertion made in the I-D.
>
> When an upstream neighbor sends a Path message, its downstream neighbor
> acts
> on that message to establish state and cause downstream behavior that
> ultimately leads to resource allocations on the downstream negihbor and
> the
> establishment of an LSP toward a specific destination. The downstream
> negihbor trusts that the upstream neighbor has passed it a genuine Path
> message for a real LSP.
>
> When an upstream neighbor sends a Path message to its downstream neighbor
> it
> trusts that the downstream neighbor will not change the destination of the
> LSP, but will continue to forward the essential objects of the Path
> message
> unchanged.
>
> When an upstream neighbor receives a Resv message from its downstream
> neighbor it trusts that message is a true reflection of the LSP that has
> been established downstream and contains accurate and true instructions on
> what the upstream neighbor should do.
>
> When a downstream neighbor sends a Resv message to its upstream neighbor
> it
> trusts that the upstream negihbor will handle the message correctly and
> will
> neither modify it gratuitously nor absorb it silently.
>
> And so on for all other RSVP-TE messages.
>
> Thus there is a bidirectional full trust model between neighbors.
>
> Given that the trust model is full and bidirectional, this I-D cannot
> modify
> the trust model.
>
> Now, as I said, the damage you could do for any one LSP is subtly
> different.
> That is, during LSP setup, the maliscious LSR would have been limited to
> doing damage as a recipient of a Path message and sender of a Resv. With
> this I-D it is able to tell the upstream (restarting) LSR that the Path
> message it sent previously was different from the one it actually sent.
> What
> new damage could this do?
>
> It doesn't change any of the behavior at any downstream LSR because the
> malicious LSR could already have lied in the Path message that it sent
> downstream.
>
> It doesn't change anything at the malicious LSR because that LSR is always
> free to be malicious in its own way.
>
> It doesn't change anything upstream of the restarting LSR because the
> restart information is not propagated further upstream.
>
> All it can do is tell the restarting LSR that the LSP parameters have
> changed. So what?
>
> This might cause the LSP to be torn down with some kind of state mismatch
> between the existing data plane state (that survived the restart) and the
> control plane state reported from the malicious LSR. If the malicous LSR
> wanted to cause the LSP to be torn down, it could do it itself anyway (it
> is
> on the path of the LSP). The state mismatch is likely to show up as a
> problem with restart so the malicious LSR will not be able to hide.
>
> So...
>
> Now change in trust model. No substantial change in the damage that can be
> done if the trust model is subverted.
>
>> Adrian> Simply put, the trust model between peers (once they are
>> Adrian> identified and authenticated) must be full for
>> Adrian> RSVP-TE. Otherwise there are many ways that a malicious
>> Adrian> neighbor can really mess with its peer. For example, a
>> Adrian> malicious upstream LSR could pretend that it had received
>> Adrian> an LSP setup request from somewhere further upstream and
>> Adrian> could send a Path message to its peer - this could cause
>> Adrian> network resources to be squandered on all downstream LSRs.
>>
>> I agree that there needs to be some level of trust between peers in
>> the current protocol.
>>
>> Adrian> If you think about it, this hop-by-hop trust is necessary
>> Adrian> because otherwise every network node must have a security
>> Adrian> relationship with every potential LSP ingress, and that
>> Adrian> cannot scale.
>>
>> More like every network node must be able to have data origin
>> authentication with every potential ingress, which is a much weaker
>> statement.
>
> Are you supposing that the signaling data cannot be modified hop-by-hop?
> Actually much of it can be changed, and some of it must be changed.
>
>> But that's not a matter of discussion for today: we're not
>> redesigning RSVP so we're not redesigning the hop-by-hop
>> trust model.
>> We're simply trying to validate that we have not changed it.
>
> Given that the trust model was full and bidirectional, the only direction
> for change would be to assume less trust. This I-D does not assume less
> trust.
>
>> Adrian> Again, I would prefer not to use an RSVP-TE extensions
>> Adrian> draft to document normal RSVP-TE behavior, although I do
>> Adrian> understand that this behavior *does* need to be
>> Adrian> documented. It is our hope that an effort recently started
>> Adrian> in the MPLS working group to document MPLS security will
>> Adrian> cover all of these bases, if somewhat belatedly.
>>
>> As I said, my discuss can be resolved without text changes; I just
>> need to be convinced of the answer to my question. And again, I'm not
>> asking you to document normal RSVP procedures only to show you have
>> not changed them.
>
> Convinced yet?
===
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Sent: Tuesday, January 23, 2007 6:09 PM
> FYI, I am having an off-line discussion with Sam Hartman during IESG
> review
> of this document (that has now advanced to 07) as he has raised a DISCUSS
> (you can see his issues in the I-D tracker).
>
> He is concerned that the extensions in this I-D change the trust model in
> RSVP-TE, and I am trying to convince him that there is already a
> bidirectional full trust model between neighbors without which basic
> RSVP-TE
> signaling could not work. Thus (I say) this I-D does not change the
> existing
> trust model although it reverses the flow of information for a specific
> LSP.
>
> Further (I say) even a malicious LSR neighboring a restarting LSR could do
> very little more damage during restart than it could do during normal LSP
> processing.
>
> If anyone want to see the contents of this discussion, please shout.
>
> Adrian
===
From: "Ross Callon" <rcallon@juniper.net>
To: <asatyana@cisco.com>; <rrahman@cisco.com>
Cc: <adrian@olddog.co.uk>; <dbrungard@att.com>;
<dimitri.papadimitriou@alcatel.be>; <lberger@labn.net>; <ancaz@cisco.com>;
<jisrar@cisco.com>; <rcallon@juniper.net>
Sent: Thursday, January 25, 2007 8:44 PM
> The document "draft-ietf-ccamp-rsvp-restart-ext-07.txt" was discussed
> during the IESG telechat today. As you will see from the data tracker
> (let me know if you need a pointer to this), there are two DISCUSS
> votes that will need to be resolved in order for this document to
> progress.
[SNIP]
> The other DISCUSS by Sam Hartman states:
>
> Based on a security review by Derek Atkins and comments from Sandy
> Murphy, please help me understand why the trust model of this spec and
> normal operation of RSVP is the same. In particular, what damage can
> be done by a malicious peer sending back altered contents of path
> messages? How could the same damage be done in the normal protocol?
>
> It may well be that writing text to cover these issues is too
> expensive. If the authors would like to discuss with me offline that
> could work too. Text is of course preferred if it is relatively easy
> to write because then the entire world can review our findings.
>
> I think that you need to see the security review by Derek and comments
> by Sandy. Also, resolving this is likely to require an email exchange with
> Sam. Let me know if you need any help resolving this.
>
> It was not clear whether Sam's discuss will result in significant
> additional
> text for the document. If so, then you probably will want to add the other
> text as well and do a new version.
>
> Please let me know when you feel that you have these two issues
> resolved, or if you need additional help in resolving them.
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 24 Jan 2007 20:52:37 +0000
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ccamp@ops.ietf.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-ccamp-automesh-04.txt
Message-Id: <E1H9p4E-0008Us-1N@stiedprstage1.ietf.org>
Date: Wed, 24 Jan 2007 15:50:02 -0500
--NextPart
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Common Control and Measurement Plane Working Group of the IETF.
Title : Routing extensions for discovery of
Multiprotocol (MPLS) Label Switch Router
(LSR) Traffic Engineering (TE) mesh membership
Author(s) : J. Vasseur, et al.
Filename : draft-ietf-ccamp-automesh-04.txt
Pages : 16
Date : 2007-1-24
The set up of a full mesh of Multi-Protocol Label Switching (MPLS)
Traffic Engineering (TE) Label Switched Paths (LSP) among a set of
Label Switch Routers (LSR) is a common deployment scenario of MPLS
Traffic Engineering either for bandwidth optimization, bandwidth
guarantees or fast rerouting with MPLS Fast Reroute. Such deployment
may require the configuration of potentially a large number of TE
LSPs (on the order of the square of the number LSRs). This document
specifies Interior Gateway Protocol (IGP) routing extensions for
Intermediate System-to-Intermediate System (IS-IS) and Open Shortest
Path First (OSPF) so as to provide an automatic discovery of the set
of LSRs members of a mesh in order to automate the creation of such
mesh of TE LSPs.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-automesh-04.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-ietf-ccamp-automesh-04.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ccamp-automesh-04.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"
--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="mailserv@ietf.org"
Content-Type: text/plain
Content-ID: <2007-1-24123350.I-D@ietf.org>
ENCODING mime
FILE /internet-drafts/draft-ietf-ccamp-automesh-04.txt
--OtherAccess
Content-Type: Message/External-body;
name="draft-ietf-ccamp-automesh-04.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"
Content-Type: text/plain
Content-ID: <2007-1-24123350.I-D@ietf.org>
--OtherAccess--
--NextPart--
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 23 Jan 2007 20:51:29 +0000
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ccamp@ops.ietf.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-ccamp-gmpls-rsvp-te-call-04.txt
Message-Id: <E1H9Sag-00044i-EA@stiedprstage1.ietf.org>
Date: Tue, 23 Jan 2007 15:50:02 -0500
--NextPart
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Common Control and Measurement Plane Working Group of the IETF.
Title : Generalized MPLS (GMPLS) RSVP-TE Signaling Extensions in support of Calls
Author(s) : D. Papadimitriou, A. Farrel
Filename : draft-ietf-ccamp-gmpls-rsvp-te-call-04.txt
Pages : 30
Date : 2007-1-23
In certain networking topologies, it may be advantageous to maintain
associations between endpoints and key transit points to support an
instance of a service. Such associations are known as Calls.
A Call does not provide the actual connectivity for transmitting user
traffic, but only builds a relationship by which subsequent
Connections may be made. In Generalized MPLS (GMPLS) such Connections
are known as Label Switched Paths (LSPs).
This document specifies how GMPLS RSVP-TE signaling may be used and
extended to support Calls. These mechanisms provide full and logical
Call/Connection separation.
The mechanisms proposed in this document are applicable to any
environment (including multi-area), and for any type of interface:
packet, layer-2, time-division multiplexed, lambda, or fiber
switching.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-04.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-ietf-ccamp-gmpls-rsvp-te-call-04.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-04.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"
--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="mailserv@ietf.org"
Content-Type: text/plain
Content-ID: <2007-1-23131444.I-D@ietf.org>
ENCODING mime
FILE /internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-04.txt
--OtherAccess
Content-Type: Message/External-body;
name="draft-ietf-ccamp-gmpls-rsvp-te-call-04.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"
Content-Type: text/plain
Content-ID: <2007-1-23131444.I-D@ietf.org>
--OtherAccess--
--NextPart--
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 23 Jan 2007 19:28:15 +0000
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Subject: Re: [secdir] draft-ietf-ccamp-rsvp-restart-ext-06
MIME-Version: 1.0
Message-ID: <OF8224F6E5.DBA054B5-ONC125726C.006A6354-C125726C.006AD468@netfr.alcatel.fr>
From: Dimitri.Papadimitriou@alcatel-lucent.be
Date: Tue, 23 Jan 2007 20:26:50 +0100
Content-Type: text/plain; charset="US-ASCII"
adrian - if this i-d has to be revisited wrt to the trust model
it implies there are a couple of other items that would fall in
to the same category
hence, the point is the following can we share that discussion
(i mean the off-line one) such as to assess the rationale and
arguments that led sam to this conclusion
thanks,
- d.
"Adrian Farrel" <adrian@olddog.co.uk>
Sent by: owner-ccamp@ops.ietf.org
23/01/2007 19:09
Please respond to "Adrian Farrel"
To: <ccamp@ops.ietf.org>
cc:
Subject: Re: [secdir] draft-ietf-ccamp-rsvp-restart-ext-06
FYI, I am having an off-line discussion with Sam Hartman during IESG
review
of this document (that has now advanced to 07) as he has raised a DISCUSS
(you can see his issues in the I-D tracker).
He is concerned that the extensions in this I-D change the trust model in
RSVP-TE, and I am trying to convince him that there is already a
bidirectional full trust model between neighbors without which basic
RSVP-TE
signaling could not work. Thus (I say) this I-D does not change the
existing
trust model although it reverses the flow of information for a specific
LSP.
Further (I say) even a malicious LSR neighboring a restarting LSR could do
very little more damage during restart than it could do during normal LSP
processing.
If anyone want to see the contents of this discussion, please shout.
Adrian
----- Original Message -----
From: "Sam Hartman" <hartmans-ietf@mit.edu>
To: "Sandy Murphy" <sandy@tislabs.com>
Cc: <adrian@olddog.co.uk>; <asatyana@cisco.com>; <secdir@mit.edu>;
<ccamp@ops.ietf.org>; <dimitri.papadimitriou@alcatel.be>; <iesg@ietf.org>;
<lberger@labn.net>; <ancaz@cisco.com>
Sent: Tuesday, January 23, 2007 2:44 AM
Subject: Re: [secdir] draft-ietf-ccamp-rsvp-restart-ext-06
>>>>>> "Sandy" == Sandy Murphy <sandy@tislabs.com> writes:
>
> Sandy> asatyana@cisco.com, secdir@mit.edu, lberger@labn.net,
> Sandy> ancaz@cisco.com, iesg@ietf.org
> >> This leaves us with only the mistake, and generally we don't
> >> make extensive protocol changes to handle the potential for
> >> broken implementations.
>
> Sandy> Yes, we will always have errors, in implementation, in
> Sandy> configuration, in operation, we can't hope to protect
> Sandy> against all of those, etc.
>
> Sandy> However, it is prudent to spend some time analyzing how
> Sandy> much damage to the protocol operation could result from a
>
> I agree with Sandy here. I think that analysis of what damage can be
> done by a malicious peer so that we can understand whether the
> proposed trust model is justified.
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 23 Jan 2007 18:12:33 +0000
Message-ID: <017601c73f19$b1b35240$f4849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Re: [secdir] draft-ietf-ccamp-rsvp-restart-ext-06
Date: Tue, 23 Jan 2007 18:09:42 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
FYI, I am having an off-line discussion with Sam Hartman during IESG review
of this document (that has now advanced to 07) as he has raised a DISCUSS
(you can see his issues in the I-D tracker).
He is concerned that the extensions in this I-D change the trust model in
RSVP-TE, and I am trying to convince him that there is already a
bidirectional full trust model between neighbors without which basic RSVP-TE
signaling could not work. Thus (I say) this I-D does not change the existing
trust model although it reverses the flow of information for a specific LSP.
Further (I say) even a malicious LSR neighboring a restarting LSR could do
very little more damage during restart than it could do during normal LSP
processing.
If anyone want to see the contents of this discussion, please shout.
Adrian
----- Original Message -----
From: "Sam Hartman" <hartmans-ietf@mit.edu>
To: "Sandy Murphy" <sandy@tislabs.com>
Cc: <adrian@olddog.co.uk>; <asatyana@cisco.com>; <secdir@mit.edu>;
<ccamp@ops.ietf.org>; <dimitri.papadimitriou@alcatel.be>; <iesg@ietf.org>;
<lberger@labn.net>; <ancaz@cisco.com>
Sent: Tuesday, January 23, 2007 2:44 AM
Subject: Re: [secdir] draft-ietf-ccamp-rsvp-restart-ext-06
>>>>>> "Sandy" == Sandy Murphy <sandy@tislabs.com> writes:
>
> Sandy> asatyana@cisco.com, secdir@mit.edu, lberger@labn.net,
> Sandy> ancaz@cisco.com, iesg@ietf.org
> >> This leaves us with only the mistake, and generally we don't
> >> make extensive protocol changes to handle the potential for
> >> broken implementations.
>
> Sandy> Yes, we will always have errors, in implementation, in
> Sandy> configuration, in operation, we can't hope to protect
> Sandy> against all of those, etc.
>
> Sandy> However, it is prudent to spend some time analyzing how
> Sandy> much damage to the protocol operation could result from a
>
> I agree with Sandy here. I think that analysis of what damage can be
> done by a malicious peer so that we can understand whether the
> proposed trust model is justified.
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Fri, 19 Jan 2007 22:39:27 +0000
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: FW: Response liaison from ITU-T SG15 on CCAMP ASON work
Date: Fri, 19 Jan 2007 16:36:49 -0600
Message-ID: <449B2580D802A443A923DABF3EAB82AF0D7C1A4E@OCCLUST04EVS1.ugd.att.com>
Thread-Topic: Response liaison from ITU-T SG15 on CCAMP ASON work
Thread-Index: AccNiM+Wedzd4U7lRGW+Ze36ovZ+Dwuj+Rlw
From: "Brungard, Deborah A, ALABS" <dbrungard@att.com>
To: <ccamp@ops.ietf.org>
Hi all,
This Liaison from ITU was unfortunately received just prior to our one
and only 2-day American holiday resulting in it's probable lost in the
queue. But we do have until Feb 12th to respond. Please send mail either
on the exploder or off to Adrian and me as we will be drafting a timely
response.
Deborah
-----Original Message-----
From: owner-ccamp@ops.ietf.org [mailto:owner-ccamp@ops.ietf.org] On
Behalf Of Adrian Farrel
Sent: Tuesday, November 21, 2006 5:57 AM
To: ccamp@ops.ietf.org
Subject: Response liaison from ITU-T SG15 on CCAMP ASON work
Hi,
We have received a detailed response to our liaison on current
ASON-related=20
work within CCAMP.
The full liaison can be seen at http://www.olddog.co.uk/ccamp.htm
The bulk of the liaison is comments on=20
draft-ietf-ccamp-gmpls-ason-routing-ospf-02.txt and a discussion on the
use=20
of Calls and Connections in G.8080.
We are called on to respond by 12th February 2007.
Adrian=20
Envelope-to: ccamp-data@psg.com
Delivery-date: Fri, 19 Jan 2007 16:38:04 +0000
Message-ID: <45B0F351.8080503@grotto-networking.com>
Date: Fri, 19 Jan 2007 08:35:29 -0800
From: Greg Bernstein <gregb@grotto-networking.com>
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
MIME-Version: 1.0
To: Evelyne Roch <eroch@nortel.com>
CC: Adrian Farrel <adrian@olddog.co.uk>, ccamp@ops.ietf.org
Subject: Re: LCAS/VCAT
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Hi Evelyne, sorry for the delay but Richard Rabbat had been taking the
lead on this draft for most of last year.
See comments on your comments.
Regards
Greg B.
Evelyne Roch wrote:
> I read the draft and have the following comments:
>
> 1- The draft is missing support for creation and deletion of VCG with
> diversely routed signals without LCAS. This is because the procedure
> that is used to setup the components does not provide information about
> the VCAT layer, i.e. it is missing the total number of components that
> are part of the same VCG.
Yes. Both ends need to agree on which components are to be used in the
group at any given time. This requires extra signaling concerning
the structure of the VCAT group. There are a number of ways this could
be done.
> In a liaison from ITU-T SG15, Q14/15
> https://datatracker.ietf.org/documents/LIAISON/file394.doc, the 2nd
> figure of Attachment 2 shows a multi-layer setup of an Ethernet call
> over VCAT/LCAS. Although the Ethernet layer is not relevant to the
> draft, it should be noted that a portion of the diagram includes an
> Aggregate NCC (Network Call Controller) that provides the missing
> functionality in the draft to provide the number of components that form
> the VCG. This is based on G.8080, in which the VCAT layer has its own
> controller. The functions performed by the Aggregate NCC are required
> whether or not LCAS is available. They allow both ends of the VCG to
> know the overall status of the VCG and the number of components it
> contains. It should also be noted that the call and connection states
> for each constituent must be kept separately from the state of the VCAT
> call.
>
From an implementation perspective an entity such as the mentioned
Aggregate NCC that "manages the VCGs" is a given. I've got to manage the
settings of that VCAT/LCAS chip at some point (and related logical
entities). Similarly for each cross connect involved. I'm not up to
date on all the call/connection state discussions so I won't comment (yet).
> 2- The draft is missing support for the creation of the various
> components in a separate phase than the creation of the VCAT group. In
> general, it should be possible to create, for example, several VC-4
> connections and to add them to a VCG at a later point to create, for
> example, a VC-4-4v. This can only be achieved if an Aggregate NCC
> exists.
>
Here you are talking about (I think) a nifty application that we had in
an earlier version of the draft. In this case, a number of pipes are set
up between the endpoints far in advanced and could be shared between
multiple VCAT groups. For example a number of GbE customers connect to
an access box that supports VCAT on its line side and the pre-configured
(setup) component signals would be allocated between the VCAT groups
without additional signal setup and tear down across the network. Is
this of interest to folks? Is the saving of the call setup and tear down
that significant?
> 3- I would prefer to use the call ID to correlate the diversely routed
> signals instead of the Association Object. In my opinion, the call id is
> a better choice because it is better aligned with the ASON architecture
> (G.8080).
>
> Regards,
> Evelyne Roch
> Metro Ethernet Networks, Nortel
> Phone: +1 613 763 6492 (esn 393-6492)
> e-mail: eroch@nortel.com
>
> -----Original Message-----
> From: owner-ccamp@ops.ietf.org [mailto:owner-ccamp@ops.ietf.org] On
> Behalf Of Adrian Farrel
> Sent: Thursday, November 30, 2006 6:57 AM
> To: ccamp@ops.ietf.org
> Subject: LCAS/VCAT
>
> Hi,
>
> In San Diego Richard presented the current status of
> draft-ietf-ccamp-gmpls-vcat-lcas-01.txt and suggested that the work is
> nearing completion.
>
> A quick show of hands indicated that very few had read the draft. This
> may be because it is a very narrow niche that only a few are interested
> in (i.e., all of the key people have read it), or may be because more
> people need to have a look.
>
> If you are interested in this work, could you please find some time
> relatively soon to have a look at the draft and send your comments to
> the list.
>
> If you have or are planning an implementation could you drop me a
> private
> (confidential!) email.
>
> Thanks,
> Adrian
>
>
>
>
>
>
>
--
===================================================
Dr Greg Bernstein, Grotto Networking (510) 573-2237
Envelope-to: ccamp-data@psg.com
Delivery-date: Thu, 18 Jan 2007 21:57:28 +0000
Message-ID: <00e201c73b4b$72dd9a20$a2849ed9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Cc: "Ross Callon" <rcallon@juniper.net>, "Brungard, Deborah A, ALABS" <dbrungard@att.com>
Subject: Re: I-D ACTION:draft-ietf-ccamp-crankback-06.txt
Date: Thu, 18 Jan 2007 21:55:50 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi,
After a long hiatus I have got around to the IETF last call comments for
this draft.
The changes are:
- New final paragraph in Section 4.1 to address comments raised
by Ross.
- Rewrite of Section 9 (IANA) for clarity, but no change in content.
- Rewrite of Section 10 to handle comments from the SecDir review.
The changes to Section 10 are substantive, but I don't think they will cause
anyone any issues.
Thanks,
Adrian
----- Original Message -----
From: <Internet-Drafts@ietf.org>
To: <i-d-announce@ietf.org>
Cc: <ccamp@ops.ietf.org>
Sent: Thursday, January 18, 2007 8:50 PM
Subject: I-D ACTION:draft-ietf-ccamp-crankback-06.txt
>A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Common Control and Measurement Plane
> Working Group of the IETF.
>
> Title : Crankback Signaling Extensions for MPLS and GMPLS RSVP-TE
> Author(s) : A. Farrel, et al.
> Filename : draft-ietf-ccamp-crankback-06.txt
> Pages : 35
> Date : 2007-1-18
>
> In a distributed, constraint-based routing environment, the
> information used to compute a path may be out of date. This means
> that Multiprotocol Label Switching (MPLS) and Generalized MPLS
> (GMPLS) Traffic Engineered (TE) Label Switched Path (LSP) setup
> requests may be blocked by links or nodes without sufficient
> resources. Crankback is a scheme whereby setup failure information is
> returned from the point of failure to allow new setup attempts to be
> made avoiding the blocked resources. Crankback can also be applied to
> LSP recovery to indicate the location of the failed link or node.
>
> This document specifies crankback signaling extensions for use in
> MPLS signaling using RSVP-TE as defined in "RSVP-TE: Extensions to
> RSVP for LSP Tunnels", RFC3209, and GMPLS signaling as defined in
> "Generalized Multi-Protocol Label Switching (GMPLS) Signaling
> Functional Description", RFC3473. These extensions mean that the LSP
> setup request can be retried on an alternate path that detours around
> blocked links or nodes. This offers significant improvements in the
> successful setup and recovery ratios for LSPs, especially in
> situations where a large number of setup requests are triggered at
> the same time.
>
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-ietf-ccamp-crankback-06.txt
Envelope-to: ccamp-data@psg.com
Delivery-date: Thu, 18 Jan 2007 20:52:44 +0000
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ccamp@ops.ietf.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-ccamp-crankback-06.txt
Message-Id: <E1H7eCv-0004PM-Q2@stiedprstage1.ietf.org>
Date: Thu, 18 Jan 2007 15:50:01 -0500
--NextPart
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Common Control and Measurement Plane Working Group of the IETF.
Title : Crankback Signaling Extensions for MPLS and GMPLS RSVP-TE
Author(s) : A. Farrel, et al.
Filename : draft-ietf-ccamp-crankback-06.txt
Pages : 35
Date : 2007-1-18
In a distributed, constraint-based routing environment, the
information used to compute a path may be out of date. This means
that Multiprotocol Label Switching (MPLS) and Generalized MPLS
(GMPLS) Traffic Engineered (TE) Label Switched Path (LSP) setup
requests may be blocked by links or nodes without sufficient
resources. Crankback is a scheme whereby setup failure information is
returned from the point of failure to allow new setup attempts to be
made avoiding the blocked resources. Crankback can also be applied to
LSP recovery to indicate the location of the failed link or node.
This document specifies crankback signaling extensions for use in
MPLS signaling using RSVP-TE as defined in "RSVP-TE: Extensions to
RSVP for LSP Tunnels", RFC3209, and GMPLS signaling as defined in
"Generalized Multi-Protocol Label Switching (GMPLS) Signaling
Functional Description", RFC3473. These extensions mean that the LSP
setup request can be retried on an alternate path that detours around
blocked links or nodes. This offers significant improvements in the
successful setup and recovery ratios for LSPs, especially in
situations where a large number of setup requests are triggered at
the same time.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-crankback-06.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-ietf-ccamp-crankback-06.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ccamp-crankback-06.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"
--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="mailserv@ietf.org"
Content-Type: text/plain
Content-ID: <2007-1-18103117.I-D@ietf.org>
ENCODING mime
FILE /internet-drafts/draft-ietf-ccamp-crankback-06.txt
--OtherAccess
Content-Type: Message/External-body;
name="draft-ietf-ccamp-crankback-06.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"
Content-Type: text/plain
Content-ID: <2007-1-18103117.I-D@ietf.org>
--OtherAccess--
--NextPart--
Envelope-to: ccamp-data@psg.com
Delivery-date: Thu, 18 Jan 2007 04:24:30 +0000
Date: Thu, 18 Jan 2007 12:16:16 +0800
From: ZhangRenhai <zhangrenhai@huawei.com>
Subject: =?gb2312?B?UmU6ILTwuLQ6IFByb2dyZXNzaW5nIHRoZSB0aHJlZSBpbnRlci1kb21haW4=?= =?gb2312?B?IEktRHM=?=
To: JP Vasseur <jvasseur@cisco.com>
Cc: ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Message-id: <003b01c73ab7$68608290$864d460a@china.huawei.com>
MIME-version: 1.0
Content-type: multipart/alternative; boundary="Boundary_(ID_9RNxoRGa7ySeo/SiTDJd1A)"
This is a multi-part message in MIME format.
--Boundary_(ID_9RNxoRGa7ySeo/SiTDJd1A)
Content-type: text/plain; charset=gb2312
Content-transfer-encoding: 7BIT
Hi,
On Jan 16, 2007, at 11:11 PM, ZhangRenhai wrote:
After reading these docs I also have the same concern with you
about inter-ASBR links flooding.
I think, in oder to perform inter-AS path computation, inter-ASBR
links fooding is desired.
As pointed out in the document, this is not a MUST, but an optimization.
But
such kind of inter-ASBR link info should include more information
than "normal" TE links do,
e.g: the inter-ASBR links info SHOULD still include the peer AS
number and peer ASBR router id
besides those link info which has been specified in rfc3630 and
rfc3784.
I don't think that the peer AS number info should be included in the
IGP for sure. You should rely on BGP for that purpose.
[ZhangRenhai>] maybe BGP is not enough for some circumstance, take this
scenario for example:
/ ASBR4
ASBR1--------ASBR2--
\ ASBR3
------AS 1----------||-----AS 2----------
ASBR2 in AS 1
In your example, both ASBR1 and ASBR2 are in AS1 ?[ZhangRenhai>]Yes. let me try to make the graph more clear. / ASBR4
ASBR1--------ASBR2
\ ASBR3
|-----AS 1-----| |-----AS 2----------
would only advertise the optimal route
I guess that you're referring to the BGP route here.
[ZhangRenhai>]Yes, as you said above:"You should rely on BGP for that purpose". I think BGP would be suitable for PCE method if all ASBRs in a AS are connected to the PCE. however, by per-domain, see below graph for example: / ASBR4 [AS 3]
ASBR1--------ASBR2
\ ASBR3 [AS 2]
|-----AS 1-----|
if the ASBR3 and ASBR4 belong to different AS but send the same route to ASBR2, then ASBR2 would send only the optimal(through AS 2) one to ASBR1. When ASBR1 receives a path mesg with an ERO AS3, it will fail because ASBR1 has no this info.
received respectively
from ASBR3 and ASBR4 (both are from AS 2) to ASBR1, ASBR1 also doesn't have the full knowledge of topology(such as which AS the ASBR2 is connected to
and which router is in that AS)between the two AS.
.... This is IP Inter-AS routing ...
With the per-domain approach (inter-AS),
BGP can of course be used, thus all necessary information for ASBR selection is available.
[ZhangRenhai>]I'm not sure.
PCE would have the
similar problem when performing the brpc.
Another issue, when ASBR1 receives a path mesg from upstream domain
containing a loose ERO:AS number(say AS2), there should be a method for it
to locate the asbr(say ASBR2) in the local domain connected to AS2.
I don't see the scenario you're referring to ...[ZhangRenhai>]still the above graph, and the ero may be a sequence of AS number, for example, ...AS1, AS2... then the ASBR1 should know how to forword this path mesg to that domain, which ASBR in AS 1 should it forward, compute to. Zhang Renhai
JP.
Regards,
Zhang Renhai
So I think there need a document to clarify and specify inter-ASBR
links flooding. we are considering to
write such a document. If someone interested in such work, we could
cooperate.
JP.
--Boundary_(ID_9RNxoRGa7ySeo/SiTDJd1A)
Content-type: text/html; charset=gb2312
Content-transfer-encoding: 7BIT
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META content="MSHTML 6.00.2900.3020" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff><PRE style="MARGIN: 0em">Hi,
On Jan 16, 2007, at 11:11 PM, ZhangRenhai wrote:
</PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid">
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid">
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em">After reading these docs I also have the same concern with you
about inter-ASBR links flooding.
I think, in oder to perform inter-AS path computation, inter-ASBR
links fooding is desired.
</PRE></BLOCKQUOTE><PRE style="MARGIN: 0em"></PRE><TT>As pointed out in the document, this is
not a MUST, but an </TT><TT>optimization. </TT><PRE style="MARGIN: 0em"></PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em">But
such kind of inter-ASBR link info should include more information
than "normal" TE links do,
e.g: the inter-ASBR links info SHOULD still include the peer AS
number and peer ASBR router id
besides those link info which has been specified in rfc3630 and
rfc3784.
</PRE></BLOCKQUOTE><PRE style="MARGIN: 0em">I don't think that the peer AS number info should be included in the
IGP for sure. You should rely on BGP for that purpose.
</PRE></BLOCKQUOTE><TT>[ZhangRenhai>] maybe BGP is not enough for some
circumstance, take </TT><TT>this </TT><PRE style="MARGIN: 0em">scenario for example:
/ ASBR4
ASBR1--------ASBR2--
\ ASBR3
------AS 1----------||-----AS 2----------
ASBR2 in AS 1
</PRE></BLOCKQUOTE><PRE style="MARGIN: 0em">In your example, both ASBR1 and ASBR2 are in AS1 ?</PRE><PRE style="MARGIN: 0em">[ZhangRenhai>]Yes. let me try to make the graph more clear. </PRE><PRE style="MARGIN: 0em"> </PRE><PRE style="MARGIN: 0em"> / ASBR4
ASBR1--------ASBR2
\ ASBR3
|-----AS 1-----| |-----AS 2----------
</PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em">would only advertise the optimal route
</PRE></BLOCKQUOTE><PRE style="MARGIN: 0em"> </PRE><PRE style="MARGIN: 0em">I guess that you're referring to the BGP route here.
</PRE><PRE style="MARGIN: 0em">[ZhangRenhai>]Yes, as you said above:"You should rely on BGP for that purpose". I think BGP would be suitable for PCE method if all ASBRs in a AS are connected to the PCE. </PRE><PRE style="MARGIN: 0em"> </PRE><PRE style="MARGIN: 0em">however, by per-domain, see below graph for example:</PRE><PRE style="MARGIN: 0em"> </PRE><PRE style="MARGIN: 0em"> / ASBR4 [AS 3]
ASBR1--------ASBR2
\ ASBR3 [AS 2]
|-----AS 1-----|
</PRE><PRE style="MARGIN: 0em"> if the ASBR3 and ASBR4 belong to different AS but send the same route to ASBR2, then ASBR2 would send only the optimal(through AS 2) one to ASBR1. When ASBR1 receives a path mesg with an ERO AS3, it will fail because ASBR1 has no this info.
</PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em">received respectively
</PRE><TT>from ASBR3 and ASBR4 (both are from AS 2) to ASBR1, ASBR1 also
</TT><TT>doesn't have </TT><TT>the full knowledge of topology(such as which AS
the ASBR2 is </TT><TT>connected to </TT><PRE style="MARGIN: 0em">and which router is in that AS)between the two AS.
</PRE></BLOCKQUOTE><PRE style="MARGIN: 0em"></PRE>
<DIV><TT></TT> </DIV>
<DIV><TT>.... This is IP Inter-AS routing ... </TT></DIV>
<DIV><TT>With the per-domain approach </TT><TT>(inter-AS), </TT></DIV>
<DIV><TT>BGP can of course be used, </TT><TT>thus all necessary information
</TT><TT>for ASBR selection is available. </TT></DIV><FONT
size=2>[ZhangRenhai>]I'm not sure. </FONT>
<DIV><TT></TT> </DIV>
<DIV><TT></TT> </DIV><PRE style="MARGIN: 0em"></PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em">PCE would have the
similar problem when performing the brpc.
Another issue, when ASBR1 receives a path mesg from upstream domain
</PRE><TT>containing a loose ERO:AS number(say AS2), there should be a method
</TT><TT>for it </TT><PRE style="MARGIN: 0em">to locate the asbr(say ASBR2) in the local domain connected to AS2.
</PRE></BLOCKQUOTE><PRE style="MARGIN: 0em">I don't see the scenario you're referring to ...</PRE><PRE style="MARGIN: 0em"><FONT size=2>[ZhangRenhai>]still the above graph, and the ero may be a sequence of AS number, for example, ...AS1, AS2... then the ASBR1 should know how to forword this path mesg to that domain, which ASBR in AS 1 should it forward, compute to.</FONT></PRE><PRE style="MARGIN: 0em"><FONT size=2></FONT> </PRE><PRE style="MARGIN: 0em"><FONT size=2>Zhang Renhai</FONT></PRE><PRE style="MARGIN: 0em"><FONT size=2></FONT> </PRE><PRE style="MARGIN: 0em"><FONT size=2></FONT>
JP.
</PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em">Regards,
Zhang Renhai
</PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em"></PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em">So I think there need a document to clarify and specify inter-ASBR
links flooding. we are considering to
write such a document. If someone interested in such work, we could
cooperate.
</PRE></BLOCKQUOTE><PRE style="MARGIN: 0em">JP.
</PRE>
<BLOCKQUOTE
style="PADDING-LEFT: 0.85em; MARGIN: 0em; BORDER-LEFT: #5555ee 0.2em solid"><PRE style="MARGIN: 0em"></PRE></BLOCKQUOTE></BLOCKQUOTE><PRE style="MARGIN: 0em"></PRE></BLOCKQUOTE><PRE style="MARGIN: 0em"></PRE><!--X-Body-of-Message-End--><!--X-MsgBody-End--><!--X-Follow-Ups--></BODY></HTML>
--Boundary_(ID_9RNxoRGa7ySeo/SiTDJd1A)--
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 21:41:30 +0000
To: Jaudelice Cavalcante de Oliveira <jau@cbis.ece.drexel.edu>
Cc: ccamp@ops.ietf.org, JP Vasseur <jvasseur@cisco.com>, mpls@lists.ietf.org, owner-ccamp@ops.ietf.org, Ross Callon <rcallon@juniper.net>
Subject: Re: [mpls] Re: CCAMP Last call on draft-deoliveira-diff-te-preemption-06.txt
MIME-Version: 1.0
Message-ID: <OF12B6A871.E0CFC93F-ONC1257266.0076D28C-C1257266.00771F22@netfr.alcatel.fr>
From: Dimitri.Papadimitriou@alcatel-lucent.be
Date: Wed, 17 Jan 2007 22:41:07 +0100
Content-Type: text/plain; charset="US-ASCII"
Hi -
let's then discuss the policy selection further - are these
not dependent on the objectives - rather than be selected /
defined independently - ?
this question is fundamental to the understanding of the
obtained results - i mean it may simply that with another
simple "policy" both would have result in the same outcome
i see here a potential discussion item for next f2f meeting -
do you agree ?
thanks,
- d.
Jaudelice Cavalcante de Oliveira <jau@cbis.ece.drexel.edu>
15/01/2007 20:23
To: Dimitri PAPADIMITRIOU/BE/ALCATEL@ALCATEL
cc: mpls@lists.ietf.org, ccamp@ops.ietf.org, Ross Callon
<rcallon@juniper.net>, owner-ccamp@ops.ietf.org, JP Vasseur
<jvasseur@cisco.com>
Subject: Re: [mpls] Re: CCAMP Last call on
draft-deoliveira-diff-te-preemption-06.txt
Hi Dimitri,
On Jan 12, 2007, at 4:31 PM, Dimitri.Papadimitriou@alcatel-lucent.be
wrote:
> hi -
>
> thanks for the reply - not sure you ever got the following response
> back
>
> ----- Forwarded by Dimitri PAPADIMITRIOU/BE/ALCATEL on 12/01/2007
> 22:30
> -----
> Dimitri PAPADIMITRIOU
> 07/01/2007 11:43
> To: Jaudelice Cavalcante de Oliveira
> <jau@cbis.ece.drexel.edu>
>
> Hi
>
> thanks for the answer - i am still looking at the reason
> why the PN selection process is driven by a uniform policy
> which looks like an arbitrary choice
>
> HBlock aims at minimizing the blocking probability
> PN aims at minimizing the system perturbation
>
> to have a fair analysis policy should be applied uniformly
> and non-uniformly to both cases
>
Both policies were applied in the same manner. The difference is in
the selection of LSPs for preemption (largest or smallest). We chose
to keep the policies simple.
I appreciate your feedback. I'd be happy to meet with you and discuss
it further at the next IETF meeting as well.
Many thanks,
Jau.
> much thanks,
> - d.
>
> --
>
>
>
>
> Jaudelice Cavalcante de Oliveira <jau@cbis.ece.drexel.edu>
> 05/01/2007 00:11
>
> To: Dimitri.Papadimitriou@alcatel-lucent.be
> cc: mpls@lists.ietf.org, JP Vasseur <jvasseur@cisco.com>,
> ccamp@ops.ietf.org, Jaudelice Cavalcante de Oliveira
> <jau@cbis.ece.drexel.edu>, Ross Callon <rcallon@juniper.net>,
> owner-ccamp@ops.ietf.org
> Subject: [mpls] Re: CCAMP Last call on
> draft-deoliveira-diff-te-preemption-06.txt
>
>
> Hi Dimitri,
>
> Thank you for your comment.
>
> On Dec 18, 2006, at 3:47 AM, Dimitri.Papadimitriou@alcatel-lucent.be
> wrote:
>
>> adrian -
>>
>> in HBlock case the average wasted bw is a factor 10 smaller than
>> for any
>> other scheme (without significantly lowering the worst case, still an
>> order of 10)
>
> Indeed. This can be seen in table 2. In this case, selection of LSPs
> much larger than
> the required bandwidth did not occur often. The worst case value does
> not reflect the
> frequency with which a high bandwidth LSP was selected (which was
> very rarely in
> this case, therefore the low "wasted" bandwidth).
>
>> the only noticeable difference with PN is exactly that one (which is
>> induced by the possibility left to Hblock to have two selection
>> depending
>> on heavy vs normal loaded link) - hence it would be interesting to
>> know
>> the dependency on the min/max LSP bw and distribution (scenario
>> dependancy) and have a similar PN approach (non-uniform selection)
>
> Note that PN has the objective of preempting a small number of LSPs
> of the lowest
> priority (therefore ordering by decreasing bandwidth), while HBlock
> aims at minimizing
> the blocking probability, therefore selecting smaller LSPs which will
> be more likely to be
> rerouted once preempted. This is the main difference between the two
> policies: Given a set
> of LSPs with the same priority, PN picks the largest (in the interest
> of picking few) and HBlock
> picks smaller ones (even if more than one, in the interest of being
> able to reroute them easily).
>
> I hope this helps,
>
> Thanks,
>
> Jaudelice.
>
>>
>> thanks,
>> - d.
>>
>>
>>
>>
>>
>>
>> "Adrian Farrel" <adrian@olddog.co.uk>
>> Sent by: owner-ccamp@ops.ietf.org
>> 14/12/2006 18:02
>> Please respond to "Adrian Farrel"
>>
>> To: <ccamp@ops.ietf.org>
>> cc: <jau@cbis.ece.drexel.edu>, "Ross Callon"
>> <rcallon@juniper.net>, "Brungard, Deborah A, ALABS"
>> <dbrungard@att.com>,
>> <mpls@lists.ietf.org>
>> Subject: Re: CCAMP Last call on
>> draft-deoliveira-diff-te-preemption-06.txt
>>
>>
>> Hi,
>>
>> I have been explicitly asked to lengthen this last call so as to
>> allow
>> time
>> for a review.
>>
>> Unusual, but not unreasonable.
>>
>> The last call is extended to noon on Sunday 17th December.
>>
>> Thanks,
>> Adrian
>> ----- Original Message -----
>> From: "Adrian Farrel" <adrian@olddog.co.uk>
>> To: <ccamp@ops.ietf.org>
>> Cc: <jau@cbis.ece.drexel.edu>; "Ross Callon" <rcallon@juniper.net>;
>> "Brungard, Deborah A, ALABS" <dbrungard@att.com>;
>> <mpls@lists.ietf.org>
>> Sent: Wednesday, November 29, 2006 11:06 AM
>> Subject: CCAMP Last call on draft-deoliveira-diff-te-
>> preemption-06.txt
>>
>>
>>> Hi,
>>>
>>> This draft has been developed independently and has recently been
>> brought
>>> to the IESG for advancement as an individual submission to become an
>>> Informational RFC. I have done a first-level review and this latest
>>> revision includes updates to reflect my comments.
>>>
>>> Since the material here concerns preemption and the suggested
>>> ways to
>>> operate an MPLS-TE or GMPLS network, we are running a quick last
>>> call on
>>
>>> the CCAMP mailing list to ensure that no-one has any objections.
>>>
>>> Please send your comments to the CCAMP list no later than noon
>>> GMT on
>> 13th
>>> December 2006.
>>>
>>> Thanks,
>>> Adrian
>>> ----- Original Message -----
>>> From: <Internet-Drafts@ietf.org>
>>> To: <i-d-announce@ietf.org>
>>> Sent: Tuesday, November 28, 2006 8:50 PM
>>> Subject: I-D ACTION:draft-deoliveira-diff-te-preemption-06.txt
>>>
>>>
>>>> A New Internet-Draft is available from the on-line Internet-Drafts
>>>> directories.
>>>>
>>>>
>>>> Title : LSP Preemption Policies for MPLS Traffic Engineering
>>>> Author(s) : J. de Oliveira, et al.
>>>> Filename : draft-deoliveira-diff-te-preemption-06.txt
>>>> Pages : 19
>>>> Date : 2006-11-28
>>>>
>>>> When the establishment of a higher priority (Traffic Engineering
>>>> Label Switched Path) TE LSP requires the preemption of a set of
>>>> lower
>>>> priority TE LSPs, a node has to make a local decision to select
>>>> which
>>>>
>>>> TE LSPs will be preempted. The preempted LSPs are then
>>>> rerouted by
>>>> their respective Head-end Label Switch Router (LSR). This
>>>> document
>>>> presents a flexible policy that can be used to achieve different
>>>> objectives: preempt the lowest priority LSPs; preempt the minimum
>>>> number of LSPs; preempt the set of TE LSPs that provide the
>>>> closest
>>>> amount of bandwidth to the required bandwidth for the
>>>> preempting TE
>>>> LSPs (to minimize bandwidth wastage); preempt the LSPs that
>>>> will have
>>>> the maximum chance to get rerouted. Simulation results are
>>>> given and
>>>> a comparison among several different policies, with respect to
>>>> preemption cascading, number of preempted LSPs, priority, wasted
>>>> bandwidth and blocking probability is also included.
>>>>
>>>> A URL for this Internet-Draft is:
>>>>
>> http://www.ietf.org/internet-drafts/draft-deoliveira-diff-te-
>> preemption-06.txt
>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>
>
>
> _______________________________________________
> mpls mailing list
> mpls@lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/mpls
>
>
>
> _______________________________________________
> mpls mailing list
> mpls@lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/mpls
_______________________________________________
mpls mailing list
mpls@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/mpls
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 21:36:29 +0000
Message-ID: <071801c73a7f$78e8aa80$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <rcallon@juniper.net>
Cc: <ccamp@ops.ietf.org>, "Brungard, Deborah A, ALABS" <dbrungard@att.com>
Subject: Re: New Version Notification - draft-ietf-ccamp-rsvp-restart-ext-07.txt
Date: Wed, 17 Jan 2007 21:14:46 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="utf-8"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi Ross,
This new revisions handles some issues raised during SecDir review and
copied to the CCAMP mailing list.
The changes are:
- Minor editorial clarification of the Abstract
- Repagination
- Insertion of a paragraph in Section 6
Note that the procedures assume a full trust model between RSVP
neighbors. That is, although the protocol exchanges before and after
restart can be secured, and although it is possible to authenticate
the identity of the neighbors, no mechanism is provided to verify
that the restart information is correctly mapped from the protocol
information exchanged before the restart. This is considered
acceptable because a similar trust model is required for normal
operation of the protocol.
- Addition to the Acknowledgements section
Thanks,
Adrian
----- Original Message -----
From: "ID Tracker" <internet-drafts-reply@ietf.org>
To: <ccamp-chairs@tools.ietf.org>; <rcallon@juniper.net>
Sent: Wednesday, January 17, 2007 8:50 PM
Subject: New Version Notification - draft-ietf-ccamp-rsvp-restart-ext-07.txt
> New version (-07) has been submitted for
> draft-ietf-ccamp-rsvp-restart-ext-07.txt.
> http://www.ietf.org/internet-drafts/draft-ietf-ccamp-rsvp-restart-ext-07.txt
>
> IETF Secretariat.
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 21:36:12 +0000
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Subject: Re: Advertising of inter-AS TE links
MIME-Version: 1.0
Message-ID: <OF166D74DA.355F2CCC-ONC1257266.00763868-C1257266.007690BB@netfr.alcatel.fr>
From: Dimitri.Papadimitriou@alcatel-lucent.be
Date: Wed, 17 Jan 2007 22:35:02 +0100
Content-Type: text/plain; charset="GB2312"
Content-Transfer-Encoding: base64
YWRyaWFuDQoNCndoYXQgaSBhbSBzYXlpbmcgaXMgdGhhdCBmbG9vZGluZyBpbnRlci1BUyBURSBs
aW5rIHdoZW4gdGhlIHRvcG9sb2d5DQppcyBpbiBZIChBU18xIGNvbm5lY3RlZCB0byBib3RoIEFT
XzIgYW5kIEFTXzMpIGlzIGRlLWZhY3RvIGNvdmVyZWQNCg0KdGhlIHBvaW50IGlzIHRoYXQgUENF
IG9yIG5vdCBQQ0UgdGhlIHJlc3VsdGluZyBwcm9ibGVtYXRpYyBpbiB0ZXJtcw0Kb2YgYmxvY2tp
bmcgaXMgaWRlbnRpY2FsDQoNCmVpdGhlciB0aGUgcHJvYmxlbSBpcyBsaW5lYXJpemVkIGJlZm9y
ZWhhbmQgYW5kIHRoZW4gYm90aCBzb2x1dGlvbg0Kd291bGQgbGVhZCB0byBhIHJlc3VsdCBvciBp
dCBpcyBub3QgYW5kIHRoZW4gdGhlIHBhdGggZGlzY292ZXJ5IGFrYQ0KcGF0aCBleHBsb3JhdGlv
biBpc3N1ZSBpcyBsZWZ0IHVuc29sdmVkIGJ5IGJvdGggdGVjaG5pcXVlcw0KDQp0aGFua3MsDQot
IGQuDQoNCg0KDQoNCiJBZHJpYW4gRmFycmVsIiA8YWRyaWFuQG9sZGRvZy5jby51az4NClNlbnQg
Ynk6IG93bmVyLWNjYW1wQG9wcy5pZXRmLm9yZw0KMTcvMDEvMjAwNyAxMzoxNQ0KUGxlYXNlIHJl
c3BvbmQgdG8gIkFkcmlhbiBGYXJyZWwiDQogDQogICAgICAgIFRvOiAgICAgRGltaXRyaSBQQVBB
RElNSVRSSU9VL0JFL0FMQ0FURUxAQUxDQVRFTA0KICAgICAgICBjYzogICAgIDxjY2FtcEBvcHMu
aWV0Zi5vcmc+DQogICAgICAgIFN1YmplY3Q6ICAgICAgICBSZTogQWR2ZXJ0aXNpbmcgb2YgaW50
ZXItQVMgVEUgbGlua3MNCg0KDQpZZXMsIERpbWl0cmksIEkgYWdyZWUgdGhhdCB0aGUgc2l0dWF0
aW9uIHlvdSBkZXNjcmliZSBpcyBub3Qgc29sdmVkIGJ5IA0KbGltaXRlZCBmbG9vZGluZyBvZiBp
bnRlci1BUyBURSBsaW5rcyB3aXRoaW4gb25seSB0aGVpciBhZGphY2VudCBBU2VzLg0KDQpJdCBp
cyBteSB2aWV3IHRoYXQgdGhpcyB3aWRlciBwcm9ibGVtIHNwYWNlIGhhcyBiZWVuIGRlbGVnYXRl
IGZvciANCnJlc29sdXRpb24gDQpieSBQQ0UuIFRoYXQgaXMsIGluIG9yZGVyIHRvIGZ1bGx5IHJl
c29sdmUgdGhlIHByb2JsZW0gYnkgZmxvb2Rpbmcgb2YgVEUgDQpsaW5rIGluZm9ybWF0aW9uIGl0
IHdvdWxkIGJlIG5lY2Vzc2FyeSB0byBhbHNvIGFnZ3JlZ2F0ZSBURSByZWFjaGFiaWx0eSANCmFj
cm9zcyBBU18yIGFuZCBBU18zIGluIHlvdXIgZXhhbXBsZS4gU3VjaCBhZ2dyZWdhdGlvbiBpcyBu
b24tdHJpdmlhbCANCmdpdmVuIA0KdGhlIG51bWJlciBvZiBURSBwYXJhbWV0ZXJzIGFuZCB0aGUg
bnVtYmVyIG9mIHBvdGVudGlhbCByb3V0ZXMsIGFuZCBzbyB3ZSANCndvdWxkIGhhdmUgYXQgbGVh
c3Qgb25lIG9mOg0KLSBleGNlc3MgaW5mb3JtYXRpb24gZmxvb2RpbmcNCi0gZXhjZXNzIGFnZ3Jl
Z2F0aW9uIHByb2Nlc3NpbmcNCi0gdmFsdWVsZXNzIGluZm9ybWF0aW9uIGZsb29kaW5nLg0KSW4g
dGhlIGxpZ2h0IG9mIHRoZXNlIG9wdGlvbnMgd2UgKHRoZSBSb3V0aW5nIEFyZWEpIGRlY2lkZWQg
dG8gcHVyc3VlIFBDRSANCmFzIA0KYSBzb2x1dGlvbi4NCg0KQWRyaWFuDQoNCi0tLS0tIE9yaWdp
bmFsIE1lc3NhZ2UgLS0tLS0gDQpGcm9tOiA8RGltaXRyaS5QYXBhZGltaXRyaW91QGFsY2F0ZWwt
bHVjZW50LmJlPg0KVG86ICJBZHJpYW4gRmFycmVsIiA8YWRyaWFuQG9sZGRvZy5jby51az4NCkNj
OiA8Y2NhbXBAb3BzLmlldGYub3JnPjsgIidKUCBWYXNzZXVyJyIgPGp2YXNzZXVyQGNpc2NvLmNv
bT47ICInTWFjaCANCkNoZW4nIiANCjxtYWNoQGh1YXdlaS5jb20+OyA8b3duZXItY2NhbXBAb3Bz
LmlldGYub3JnPjsgIlpoYW5nUmVuaGFpIiANCjx6aGFuZ3JlbmhhaUBodWF3ZWkuY29tPg0KU2Vu
dDogV2VkbmVzZGF5LCBKYW51YXJ5IDE3LCAyMDA3IDExOjI2IEFNDQpTdWJqZWN0OiBSZTogQWR2
ZXJ0aXNpbmcgb2YgaW50ZXItQVMgVEUgbGlua3MNCg0KDQo+IGFkcmlhbg0KPg0KPiBhZ3JlZWQg
b24gdGhlIGFuYWx5c2lzIC0gdGhlcmUgaXMgb25lIGFkZGl0aW9uYWwgY2FzZSB0aGF0DQo+IG5l
ZWRzIHRvIGJlIGFkZHJlc3NlZA0KPg0KPiBBU18xIGlzIGNvbm5lY3RlZCB0byBBU18yIGFuZCBB
U18zIGJvdGggY29ubmVjdGVkIHRvIEFTXzQNCj4NCj4gdGhlIEVSTywgaW5jbHVkZXMgQVNfMSBh
bmQgQVNfNCwgcGVyZmVjdGx5IGNsZWFyIHRoZXJlIGlzDQo+IG5vIGludGVudGlvbiB0byBwYXNz
IEFTXzIgLSBBU180IGFuZCBBU18zIC0gQVNfNCBURSBsaW5rDQo+IGluZm9ybWF0aW9uIHRvIEFT
XzENCj4NCj4gYnV0IHdoYXQgYWJvdXQgQVNfMSAtIEFTXzIgYW5kIEFTXzEgLSBBU18zIHdob3Nl
IGluZm8uIGlzDQo+IGRlZmFjdG8gYXZhaWxhYmxlDQo+DQo+IHRoZSBpc3N1ZSBpcyBvbmUgc2Vu
dGVuY2UsIHRoZSBpbml0aWFsIGxpbmVhcml6YXRpb24gZG9lcw0KPiBub3QgaG9sZCBpbiB0aGUg
Z2VuZXJpYyBjYXNlIG9mIGxvb3NlIGFic3RyYWN0IEFTJ3MNCj4NCj4gY29tbWVudHMgPw0KPg0K
PiAtZC4NCj4NCj4NCj4NCj4NCj4NCj4gIkFkcmlhbiBGYXJyZWwiIDxhZHJpYW5Ab2xkZG9nLmNv
LnVrPg0KPiBTZW50IGJ5OiBvd25lci1jY2FtcEBvcHMuaWV0Zi5vcmcNCj4gMTcvMDEvMjAwNyAx
MjowMA0KPiBQbGVhc2UgcmVzcG9uZCB0byAiQWRyaWFuIEZhcnJlbCINCj4NCj4gICAgICAgIFRv
OiAgICAgIlpoYW5nUmVuaGFpIiA8emhhbmdyZW5oYWlAaHVhd2VpLmNvbT4sICInSlAgVmFzc2V1
ciciDQo+IDxqdmFzc2V1ckBjaXNjby5jb20+LCAiJ01hY2ggQ2hlbiciIDxtYWNoQGh1YXdlaS5j
b20+LCBEaW1pdHJpDQo+IFBBUEFESU1JVFJJT1UvQkUvQUxDQVRFTEBBTENBVEVMDQo+ICAgICAg
ICBjYzogICAgIDxjY2FtcEBvcHMuaWV0Zi5vcmc+DQo+ICAgICAgICBTdWJqZWN0OiAgICAgICAg
QWR2ZXJ0aXNpbmcgb2YgaW50ZXItQVMgVEUgbGlua3MNCj4NCj4NCj4gSGksDQo+DQo+IFNpbmNl
IHRoaXMgZGlzY3Vzc2lvbiBpcyBibG9zc29taW5nLCBpdCBjYW4gaGF2ZSBpdHMgb3duIHRocmVh
ZC4uLg0KPg0KPiBJJ2QgbGlrZSB0byB0cnkgdG8gYnJpbmcgc29tZSBmb2N1cy4NCj4NCj4gVGhl
IG1vdGl2YXRpb24gc2VlbXMgY2xlYXIuLi4NCj4gV2hlbiBjb21wdXRpbmcgYSBwYXRoIHRocm91
Z2ggb25lIEFTIGludG8gYW5vdGhlciBBUywgdGhlIGNvbXB1dGF0aW9uDQo+IHBvaW50DQo+IG5l
ZWRzIHRvIGtub3cgYWJvdXQgVEUgbGlua3MgdGhhdCBjb25uZWN0IHRvIHRoZSBuZXh0IEFTLiBU
aGlzIGVuYWJsZXMgDQppdA0KPiB0bw0KPiBzZWxlY3Q6DQo+IC0gQSBURSBsaW5rIHRoYXQgY29u
bmVjdHMgdG8gdGhlIG5leHQgQVMNCj4gLSBBIFRFIGxpbmsgdGhhdCBpcyBzdWl0YWJsZSBmb3Ig
dGhlIExTUC4NCj4NCj4gT3RoZXIgcXVlc3Rpb25zIGFib3V0IHJlYWNoYWJpbGl0eSBhbmQgVEUg
Y29ubmVjdGl2aXR5IGFjcm9zcyB0aGUgbmV4dCANCkFTDQo+IGFyZSBvdXQgb2Ygc2NvcGUgYW5k
IGhhdmUgYmVlbiBkZWZpbmVkIGFzIHByb2JsZW1zIHRoYXQgUENFIGlzIHVzZWQgdG8NCj4gc29s
dmUuIFRoaXMgaXMgYW4gaW1wb3J0YW50IHBvaW50ISBXZSBhcmUgbm90IHRhbGtpbmcgYWJvdXQg
ZGlzdHJpYnV0aW5nDQo+IGluZm9ybWF0aW9uIHRvIHByb3ZpZGUgYSBncmFwaCB0byBjb21wdXRl
IG11bHRpLUFTIFRFIHBhdGhzLiBUaGF0IGlzDQo+IChJTUhPKQ0KPiBvdXQgb2Ygc2NvcGUgYW5k
IHdoYXQgUENFIHdhcyBpbnZlbnRlZCB0byBzb2x2ZS4NCj4NCj4gSSBzZWUgdHdvIHNjZW5hcmlv
cy4NCj4gMS4gQW4gQVNCUiBoYXMgdHdvIGxpbmtzIHRvIHRoZSBuZXh0IEFTLg0KPiAyLiBBbiBB
UyBoYXMgdHdvIEFTQlJzIHRvIHRoZSBuZXh0IEFTLg0KPiBJbiBlaXRoZXIgY2FzZSwgdGhlIEFT
IG1heSBoYXZlIG11bHRpcGxlIEFTQlJzLg0KPg0KPiBUaGUgcGF0aCBjb21wdXRhdGlvbiBwb2lu
dCBtdXN0IGRldGVybWluZToNCj4gYS4gVGhlIHNldCBvZiBBU0JScyB0aGF0IGNvbm5lY3QgdG8g
dGhlIG5leHQgQVMuDQo+IGIuIFdoaWNoIEFTQlIgdG8gdXNlLg0KPiBjLiBXaGljaCBpbnRlci1B
UyBsaW5rIHRvIHVzZS4NCj4NCj4gU29tZSBjYXNlcyBhcmUgZWFzeToNCj4gLSBJZiB0aGUgRVJP
IGFscmVhZHkgaW5jbHVkZXMgdGhlIEFTQlIgYWRkcmVzcw0KPiAgbm8gY2hvaWNlIHRvIGJlIGRv
bmUNCj4gLSBJZiB0aGUgQVNCUiBoYXMgbXVsdGlwbGUgaW50ZXItQVMgbGlua3MgdGhlbg0KPiAg
dGhlIGNob2ljZSBjYW4gYmUgYSBsb2NhbCBtYXR0ZXIgKG5vDQo+ICBhZHZlcnRpc2luZyByZXF1
aXJlZCkNCj4NCj4gQnV0IG90aGVyIGNhc2VzIHJlcXVpcmUgYWR2ZXJ0aXNlbWVudCBvZiB0aGUg
aW50ZXItQVMgbGluayBhcyBhIFRFIGxpbmsNCj4gd2l0aDoNCj4gLSB0aGUgbm9ybWFsIFRFIGlu
Zm9ybWF0aW9uDQo+IC0gYW4gaW5kaWNhdGlvbiB0aGF0IHRoaXMgaXMgYW4gaW50ZXItQVMgbGlu
aw0KPiAtIHRoZSBpZGVudGl0eSBvZiB0aGUgcmVtb3RlIEFTQlINCj4gLSB0aGUgaWRlbnRpdHkg
b2YgdGhlIHJlbW90ZSBBUw0KPg0KPiBUaGlzIGluZm9ybWF0aW9uIGlzIG5lZWRlZCB0aHJvdWdo
LW91dCB0aGUgbG9jYWwgQVMuIFRoYXQgaXMsIGFsdGhvdWdoIA0KYWxsDQo+DQo+IG9mIHRoZSBB
U0JScyBtYXkgYmUgaW50ZXJlc3RlZCBmb3IgTFNQcyB0aGF0IGVudGlyZWx5IGNyb3NzIHRoZSBs
b2NhbCANCkFTLA0KPiBhbmQgYWx0aG91Z2ggYSBQQ0UgY291bGQgYmUgYSBCR1Agc3BlYWtlciwg
dGhlIGluZm9ybWF0aW9uIGlzIGFsc28gDQpuZWVkZWQNCj4gZm9yIExTUHMgdGhhdCBhcmUgb3Jp
Z2luYXRlZCB3aXRoaW4gdGhlIEFTLg0KPg0KPiBUaHVzIHdlIG11c3QgZGVjaWRlIGhvdyBwYXRo
cyBmb3IgTFNQcyB0aGF0IGV4aXQgdGhlIEFTIHdpbGwgYmUgDQpjb21wdXRlZDoNCj4NCj4gLSBJ
ZiB3ZSByZXF1aXJlIGNvbXB1dGF0aW9uIGJ5IGEgUENFIHRoYXQNCj4gIGlzIChzb21ld2hhdCkg
Y2VudHJhbGlzZWQgd2l0aGluIHRoZSBBUw0KPiAgd2UgY2FuIHVzZSBCR1AgdG8gZGlzdHJpYnV0
ZSB0aGUgaW5mb3JtYXRpb24NCj4gIGFuZCByZXF1aXJlIHRoYXQgdGhlIFBDRXMgYXJlIEJHUCBz
cGVha2Vycy4NCj4gIChOb3RlIHRoYXQgdGhlIGluZm9ybWF0aW9uIGlzIG9ubHkgbmVlZGVkDQo+
ICB3aXRoaW4gdGhlIGxvY2FsIEFTLCBzbyB3ZSB3b3VsZCBsaW1pdCBpdHMNCj4gIGZsb29kaW5n
IGJ5IEJHUC4pDQo+DQo+IC0gSWYgd2UgcmVxdWlyZSBjb21wdXRhdGlvbiBieSBhbnkgTFNSIGlu
DQo+ICB0aGUgQVMgKGkuZS4gUENFIGZ1bmN0aW9uIGlzIGZ1bGx5DQo+ICBkaXN0cmlidXRlZCkg
dGhlbiB3ZSByZXF1aXJlIElHUCBmbG9vZGluZw0KPiAgb2YgdGhlIGluZm9ybWF0aW9uIGFjcm9z
cyB0aGUgd2hvbGUgQVMuDQo+DQo+IEluIGJvdGggY2FzZXMgdGhlIGNvc3QgaXMgbm90IHBhcnRp
Y3VsYXJseSBoaWdoIHNpbmNlIHRoZSBudW1iZXIgb2YNCj4gaW50ZXItQVMNCj4gVEUgbGlua3Mg
d2lsbCBub3QgYmUgbGFyZ2UuDQo+DQo+IFRoYW5rcywNCj4gQWRyaWFuDQo+DQo+IC0tLS0tIE9y
aWdpbmFsIE1lc3NhZ2UgLS0tLS0gDQo+IEZyb206ICJaaGFuZ1JlbmhhaSIgPHpoYW5ncmVuaGFp
QGh1YXdlaS5jb20+DQo+IFRvOiAiJ0pQIFZhc3NldXInIiA8anZhc3NldXJAY2lzY28uY29tPjsg
IidNYWNoIENoZW4nIiA8bWFjaEBodWF3ZWkuY29tPg0KPiBDYzogPGNjYW1wQG9wcy5pZXRmLm9y
Zz47IDxvd25lci1jY2FtcEBvcHMuaWV0Zi5vcmc+DQo+IFNlbnQ6IFdlZG5lc2RheSwgSmFudWFy
eSAxNywgMjAwNyA0OjExIEFNDQo+IFN1YmplY3Q6ILTwuLQ6IFByb2dyZXNzaW5nIHRoZSB0aHJl
ZSBpbnRlci1kb21haW4gSS1Ecw0KPg0KPg0KPj4+ID4gQWZ0ZXIgcmVhZGluZyB0aGVzZSBkb2Nz
IEkgYWxzbyBoYXZlIHRoZSBzYW1lIGNvbmNlcm4gd2l0aCB5b3UNCj4+PiA+IGFib3V0IGludGVy
LUFTQlIgbGlua3MgZmxvb2RpbmcuDQo+Pj4gPiBJIHRoaW5rLCBpbiBvZGVyIHRvIHBlcmZvcm0g
IGludGVyLUFTIHBhdGggY29tcHV0YXRpb24sIGludGVyLUFTQlINCj4+PiA+IGxpbmtzIGZvb2Rp
bmcgaXMgZGVzaXJlZC4NCj4+Pg0KPj4+IEFzIHBvaW50ZWQgb3V0IGluIHRoZSBkb2N1bWVudCwg
dGhpcyBpcyBub3QgYSBNVVNULCBidXQgYW4NCj4gb3B0aW1pemF0aW9uLg0KPj4+DQo+Pj4gPiBC
dXQNCj4+PiA+IHN1Y2gga2luZCBvZiBpbnRlci1BU0JSIGxpbmsgaW5mbyBzaG91bGQgaW5jbHVk
ZSBtb3JlIGluZm9ybWF0aW9uDQo+Pj4gPiB0aGFuICJub3JtYWwiIFRFIGxpbmtzIGRvLA0KPj4+
ID4gZS5nOiB0aGUgaW50ZXItQVNCUiBsaW5rcyBpbmZvIFNIT1VMRCBzdGlsbCBpbmNsdWRlIHRo
ZSBwZWVyIEFTDQo+Pj4gPiBudW1iZXIgYW5kIHBlZXIgQVNCUiByb3V0ZXIgaWQNCj4+PiA+IGJl
c2lkZXMgdGhvc2UgbGluayBpbmZvIHdoaWNoIGhhcyBiZWVuIHNwZWNpZmllZCBpbiByZmMzNjMw
IGFuZA0KPj4+ID4gcmZjMzc4NC4NCj4+Pg0KPj4+IEkgZG9uJ3QgdGhpbmsgdGhhdCB0aGUgcGVl
ciBBUyBudW1iZXIgaW5mbyBzaG91bGQgYmUgaW5jbHVkZWQgaW4gdGhlDQo+Pj4gSUdQIGZvciBz
dXJlLiBZb3Ugc2hvdWxkIHJlbHkgb24gQkdQIGZvciB0aGF0IHB1cnBvc2UuDQo+PiBbWmhhbmdS
ZW5oYWk+XSBtYXliZSBCR1AgaXMgbm90IGVub3VnaCBmb3Igc29tZSBjaXJjdW1zdGFuY2UsIHRh
a2UgdGhpcw0KPj4gc2NlbmFyaW8gZm9yIGV4YW1wbGU6DQo+Pg0KPj4gICAgICAgICAgICAgICAg
ICAgICAvICBBU0JSNA0KPj4gQVNCUjEtLS0tLS0tLUFTQlIyLS0NCj4+ICAgICAgICAgICAgICAg
ICAgICBcICBBU0JSMw0KPj4gLS0tLS0tQVMgMS0tLS0tLS0tLS18fC0tLS0tQVMgMi0tLS0tLS0t
LS0NCj4+DQo+PiBBU0JSMiBpbiBBUyAxIHdvdWxkIG9ubHkgYWR2ZXJ0aXNlIHRoZSBvcHRpbWFs
IHJvdXRlIHJlY2VpdmVkDQo+IHJlc3BlY3RpdmVseQ0KPj4gZnJvbSBBU0JSMyBhbmQgQVNCUjQg
KGJvdGggYXJlIGZyb20gQVMgMikgdG8gQVNCUjEsIEFTQlIxIGFsc28gZG9lc24ndA0KPj4gaGF2
ZQ0KPj4gdGhlIGZ1bGwga25vd2xlZGdlIG9mIHRvcG9sb2d5KHN1Y2ggYXMgd2hpY2ggQVMgdGhl
IEFTQlIyIGlzIGNvbm5lY3RlZA0KPiB0bw0KPj4gYW5kIHdoaWNoIHJvdXRlciBpcyBpbiB0aGF0
IEFTKWJldHdlZW4gdGhlIHR3byBBUy4gUENFIHdvdWxkIGhhdmUgdGhlDQo+PiBzaW1pbGFyIHBy
b2JsZW0gd2hlbiBwZXJmb3JtaW5nIHRoZSBicnBjLg0KPj4gQW5vdGhlciBpc3N1ZSwgd2hlbiBB
U0JSMSByZWNlaXZlcyBhIHBhdGggbWVzZyBmcm9tIHVwc3RyZWFtIGRvbWFpbg0KPj4gY29udGFp
bmluZyBhIGxvb3NlIEVSTzpBUyBudW1iZXIoc2F5IEFTMiksIHRoZXJlIHNob3VsZCBiZSBhIG1l
dGhvZCBmb3INCj4gaXQNCj4+IHRvIGxvY2F0ZSB0aGUgYXNicihzYXkgQVNCUjIpIGluIHRoZSBs
b2NhbCBkb21haW4gY29ubmVjdGVkIHRvIEFTMi4NCj4+DQo+PiBSZWdhcmRzLA0KPj4gWmhhbmcg
UmVuaGFpDQo+Pg0KPj4+DQo+Pj4gPg0KPj4+ID4gU28gSSB0aGluayB0aGVyZSBuZWVkIGEgZG9j
dW1lbnQgdG8gY2xhcmlmeSBhbmQgc3BlY2lmeSBpbnRlci1BU0JSDQo+Pj4gPiBsaW5rcyBmbG9v
ZGluZy4gd2UgYXJlIGNvbnNpZGVyaW5nIHRvDQo+Pj4gPiB3cml0ZSBzdWNoIGEgZG9jdW1lbnQu
IElmIHNvbWVvbmUgaW50ZXJlc3RlZCBpbiBzdWNoIHdvcmssIHdlIGNvdWxkDQo+Pj4gPiBjb29w
ZXJhdGUuDQo+Pj4gPg0KPj4+DQo+Pj4gSlAuDQo+Pj4NCj4+PiA+DQo+Pg0KPj4NCj4+DQo+Pg0K
Pj4NCj4+DQo+DQo+DQo+DQo+DQo+DQo+IA0KDQoNCg0KDQoNCg==
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 20:50:53 +0000
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ccamp@ops.ietf.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-ccamp-rsvp-restart-ext-07.txt
Message-Id: <E1H7HjN-0004Gk-VS@stiedprstage1.ietf.org>
Date: Wed, 17 Jan 2007 15:50:01 -0500
--NextPart
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Common Control and Measurement Plane Working Group of the IETF.
Title : Extensions to GMPLS RSVP Graceful Restart
Author(s) : A. Satyanarayana, R. Rahman
Filename : draft-ietf-ccamp-rsvp-restart-ext-07.txt
Pages : 24
Date : 2007-1-17
This document describes extensions to the RSVP Graceful Restart
mechanisms defined in RFC 3473. The extensions enable the recovery
of RSVP signaling state based on the Path message last sent by the
node being restarted.
Previously defined Graceful Restart mechanisms, also called recovery
from nodal faults, permit recovery of signaling state from adjacent
nodes when the data plane has retained the associated forwarding
state across a restart. Those mechanisms do not fully support
signaling state recovery on ingress nodes or recovery of all RSVP
objects.
The extensions defined in this document build on the RSVP Hello
extensions defined in RFC 3209, and extensions for state recovery on
nodal faults defined in RFC 3473. Using these extensions the
restarting node can recover all previously transmitted Path state
including the Explicit Route Object and the downstream (outgoing)
interface identifiers. The extensions can also be used to recover
signaling state after the restart of an ingress node.
The extensions optionally support the use of Summary Refresh, defined
in RFC 2961, to reduce the number of messages exchanged during the
Recovery Phase when the restarting node has recovered signaling state
locally for one or more LSPs.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-rsvp-restart-ext-07.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-ietf-ccamp-rsvp-restart-ext-07.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ccamp-rsvp-restart-ext-07.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"
--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="mailserv@ietf.org"
Content-Type: text/plain
Content-ID: <2007-1-17135946.I-D@ietf.org>
ENCODING mime
FILE /internet-drafts/draft-ietf-ccamp-rsvp-restart-ext-07.txt
--OtherAccess
Content-Type: Message/External-body;
name="draft-ietf-ccamp-rsvp-restart-ext-07.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"
Content-Type: text/plain
Content-ID: <2007-1-17135946.I-D@ietf.org>
--OtherAccess--
--NextPart--
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 20:06:07 +0000
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: March Meeting Reminders
Date: Wed, 17 Jan 2007 14:03:17 -0600
Message-ID: <449B2580D802A443A923DABF3EAB82AF0D746F44@OCCLUST04EVS1.ugd.att.com>
Thread-Topic: March Meeting Reminders
Thread-Index: Acc4xfMYujq2cTJxTgugJtmDtl/KAwBq3ldg
From: "Brungard, Deborah A, ALABS" <dbrungard@att.com>
To: <ccamp@ops.ietf.org>
CCAMP,
The agenda is posted. As we agreed at the last meeting, we will have two
sessions, they are scheduled for Monday morning and Tuesday afternoon:
https://datatracker.ietf.org/public/meeting_agenda_html.cgi?meeting_num=3D=
68
And don't forget to use the new Boilerplate on all draft submissions
(see mail below).
Deborah and Adrian
-----Original Message-----
From: IETF Secretariat [mailto:ietf-secretariat@ietf.org]=20
Sent: Monday, January 15, 2007 11:51 AM
To: IETF Announcement list
Cc: iesg@ietf.org
Subject: Internet-Draft Boilerplate Reminder=20
This message is to remind you that as of February 1, 2007 the IETF
Secretariat will no longer accept Internet-Drafts with the old=20
(i.e. pre RFC 4748) boilerplate. For your convenience, below is=20
the text of the message that was sent to the IETF Announcement=20
List by the IETF Chair on October 26, 2006 with Subject: Update to
Internet Draft and RFC Boilerplate.
The IETF Secretariat.
--------------------------------------------------------------
A small update to BCP 78 was recently approved by the IESG as RFC 4748,=20
to update the boilerplate (i.e., standard legal text) in RFCs and=20
Internet-Drafts to recognize the IETF Trust as a rights holder,=20
instead of ISOC.
The actual boilerplate changes are given below this message.
Starting as soon as reasonably possible, all authors of Internet-Drafts=20
are requested to use the new boilerplate. The RFC Editor will in any=20
case be inserting it in all RFCs issued from 2006-11-01. (The rights=20
held by ISOC in older RFCs will be administratively transferred to=20
the IETF Trust.)
The public ID Nits checker already accepts I-Ds with old or new
boilerplate. The Secretariat has started accepting I-Ds with old or=20
new boilerplate.
XML2RFC version 1.32 will generate the new boilerplate.
Users of I-D templates are requested to update them appropriately.
http://www.ietf.org/ID-Checklist.html and
http://www.ietf.org/ietf/1id-guidelines.html are being updated.
Starting December, the public ID Nits checker will issue warnings for
old
boilerplate.
Starting February 2007, the Secretariat will refuse the old boilerplate
in Internet-Drafts.
We are sorry for the inconvenience, but this change cannot be avoided.
IETF Chair
IETF Secretariat
TOOLS Team
--------
Copyright Notice (required for all IETF Documents)
(Normally placed at the end of the IETF Document.)
NOTE: by convention, the first line of the copyright statement is
usually
placed near the beginning of each document. This must also be updated.
OLD
"Copyright (C) The Internet Society (year).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
NEW
"Copyright (C) The IETF Trust (year).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
Disclaimer (required in all IETF Documents)
(Normally placed at the end of the IETF Document after the copyright
notice.)
OLD
"This document and the information contained herein are provided
on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT
THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR
ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A
PARTICULAR PURPOSE."
NEW
"This document and the information contained herein are provided
on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE=20
IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL
WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY
WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE
ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE."
Exceptions
In MIB modules, PIB modules and similar material commonly
extracted from IETF Documents, except for material that is being
placed under IANA maintenance, the following abbreviated notice
shall be included in the body of the material that will be
extracted in lieu of the notices otherwise required by Section 5:
OLD
"Copyright (C) The Internet Society <year>. This version of
this MIB module is part of RFC XXXX; see the RFC itself for
full legal notices."
NEW
"Copyright (C) The IETF Trust <year>. This version of
this MIB module is part of RFC XXXX; see the RFC itself for
full legal notices."
When the MIB or PIB module is the initial version of a module that
is to be maintained by the IANA, the following abbreviated notice
shall be included:
OLD
"Copyright (C) The Internet Society <year>. The initial
version of this MIB module was published in RFC XXXX; for full
legal notices see the RFC itself. Supplementary information
may be available at:
http://www.ietf.org/copyrights/ianamib.html."
NEW
"Copyright (C) The IETF Trust <year>. The initial
version of this MIB module was published in RFC XXXX; for full
legal notices see the RFC itself. Supplementary information
may be available at:
http://www.ietf.org/copyrights/ianamib.html."
_______________________________________________
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 12:15:42 +0000
Message-ID: <05ae01c73a31$2a20f540$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <Dimitri.Papadimitriou@alcatel-lucent.be>
Cc: <ccamp@ops.ietf.org>
Subject: Re: Advertising of inter-AS TE links
Date: Wed, 17 Jan 2007 12:15:07 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="GB2312"; reply-type=original
Content-Transfer-Encoding: 8bit
Yes, Dimitri, I agree that the situation you describe is not solved by
limited flooding of inter-AS TE links within only their adjacent ASes.
It is my view that this wider problem space has been delegate for resolution
by PCE. That is, in order to fully resolve the problem by flooding of TE
link information it would be necessary to also aggregate TE reachabilty
across AS_2 and AS_3 in your example. Such aggregation is non-trivial given
the number of TE parameters and the number of potential routes, and so we
would have at least one of:
- excess information flooding
- excess aggregation processing
- valueless information flooding.
In the light of these options we (the Routing Area) decided to pursue PCE as
a solution.
Adrian
----- Original Message -----
From: <Dimitri.Papadimitriou@alcatel-lucent.be>
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: <ccamp@ops.ietf.org>; "'JP Vasseur'" <jvasseur@cisco.com>; "'Mach Chen'"
<mach@huawei.com>; <owner-ccamp@ops.ietf.org>; "ZhangRenhai"
<zhangrenhai@huawei.com>
Sent: Wednesday, January 17, 2007 11:26 AM
Subject: Re: Advertising of inter-AS TE links
> adrian
>
> agreed on the analysis - there is one additional case that
> needs to be addressed
>
> AS_1 is connected to AS_2 and AS_3 both connected to AS_4
>
> the ERO, includes AS_1 and AS_4, perfectly clear there is
> no intention to pass AS_2 - AS_4 and AS_3 - AS_4 TE link
> information to AS_1
>
> but what about AS_1 - AS_2 and AS_1 - AS_3 whose info. is
> defacto available
>
> the issue is one sentence, the initial linearization does
> not hold in the generic case of loose abstract AS's
>
> comments ?
>
> -d.
>
>
>
>
>
> "Adrian Farrel" <adrian@olddog.co.uk>
> Sent by: owner-ccamp@ops.ietf.org
> 17/01/2007 12:00
> Please respond to "Adrian Farrel"
>
> To: "ZhangRenhai" <zhangrenhai@huawei.com>, "'JP Vasseur'"
> <jvasseur@cisco.com>, "'Mach Chen'" <mach@huawei.com>, Dimitri
> PAPADIMITRIOU/BE/ALCATEL@ALCATEL
> cc: <ccamp@ops.ietf.org>
> Subject: Advertising of inter-AS TE links
>
>
> Hi,
>
> Since this discussion is blossoming, it can have its own thread...
>
> I'd like to try to bring some focus.
>
> The motivation seems clear...
> When computing a path through one AS into another AS, the computation
> point
> needs to know about TE links that connect to the next AS. This enables it
> to
> select:
> - A TE link that connects to the next AS
> - A TE link that is suitable for the LSP.
>
> Other questions about reachability and TE connectivity across the next AS
> are out of scope and have been defined as problems that PCE is used to
> solve. This is an important point! We are not talking about distributing
> information to provide a graph to compute multi-AS TE paths. That is
> (IMHO)
> out of scope and what PCE was invented to solve.
>
> I see two scenarios.
> 1. An ASBR has two links to the next AS.
> 2. An AS has two ASBRs to the next AS.
> In either case, the AS may have multiple ASBRs.
>
> The path computation point must determine:
> a. The set of ASBRs that connect to the next AS.
> b. Which ASBR to use.
> c. Which inter-AS link to use.
>
> Some cases are easy:
> - If the ERO already includes the ASBR address
> no choice to be done
> - If the ASBR has multiple inter-AS links then
> the choice can be a local matter (no
> advertising required)
>
> But other cases require advertisement of the inter-AS link as a TE link
> with:
> - the normal TE information
> - an indication that this is an inter-AS link
> - the identity of the remote ASBR
> - the identity of the remote AS
>
> This information is needed through-out the local AS. That is, although all
>
> of the ASBRs may be interested for LSPs that entirely cross the local AS,
> and although a PCE could be a BGP speaker, the information is also needed
> for LSPs that are originated within the AS.
>
> Thus we must decide how paths for LSPs that exit the AS will be computed:
>
> - If we require computation by a PCE that
> is (somewhat) centralised within the AS
> we can use BGP to distribute the information
> and require that the PCEs are BGP speakers.
> (Note that the information is only needed
> within the local AS, so we would limit its
> flooding by BGP.)
>
> - If we require computation by any LSR in
> the AS (i.e. PCE function is fully
> distributed) then we require IGP flooding
> of the information across the whole AS.
>
> In both cases the cost is not particularly high since the number of
> inter-AS
> TE links will not be large.
>
> Thanks,
> Adrian
>
> ----- Original Message -----
> From: "ZhangRenhai" <zhangrenhai@huawei.com>
> To: "'JP Vasseur'" <jvasseur@cisco.com>; "'Mach Chen'" <mach@huawei.com>
> Cc: <ccamp@ops.ietf.org>; <owner-ccamp@ops.ietf.org>
> Sent: Wednesday, January 17, 2007 4:11 AM
> Subject: ´ð¸´: Progressing the three inter-domain I-Ds
>
>
>>> > After reading these docs I also have the same concern with you
>>> > about inter-ASBR links flooding.
>>> > I think, in oder to perform inter-AS path computation, inter-ASBR
>>> > links fooding is desired.
>>>
>>> As pointed out in the document, this is not a MUST, but an
> optimization.
>>>
>>> > But
>>> > such kind of inter-ASBR link info should include more information
>>> > than "normal" TE links do,
>>> > e.g: the inter-ASBR links info SHOULD still include the peer AS
>>> > number and peer ASBR router id
>>> > besides those link info which has been specified in rfc3630 and
>>> > rfc3784.
>>>
>>> I don't think that the peer AS number info should be included in the
>>> IGP for sure. You should rely on BGP for that purpose.
>> [ZhangRenhai>] maybe BGP is not enough for some circumstance, take this
>> scenario for example:
>>
>> / ASBR4
>> ASBR1--------ASBR2--
>> \ ASBR3
>> ------AS 1----------||-----AS 2----------
>>
>> ASBR2 in AS 1 would only advertise the optimal route received
> respectively
>> from ASBR3 and ASBR4 (both are from AS 2) to ASBR1, ASBR1 also doesn't
>> have
>> the full knowledge of topology(such as which AS the ASBR2 is connected
> to
>> and which router is in that AS)between the two AS. PCE would have the
>> similar problem when performing the brpc.
>> Another issue, when ASBR1 receives a path mesg from upstream domain
>> containing a loose ERO:AS number(say AS2), there should be a method for
> it
>> to locate the asbr(say ASBR2) in the local domain connected to AS2.
>>
>> Regards,
>> Zhang Renhai
>>
>>>
>>> >
>>> > So I think there need a document to clarify and specify inter-ASBR
>>> > links flooding. we are considering to
>>> > write such a document. If someone interested in such work, we could
>>> > cooperate.
>>> >
>>>
>>> JP.
>>>
>>> >
>>
>>
>>
>>
>>
>>
>
>
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 12:13:13 +0000
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <2E78CFA4-3DDC-4B1A-8554-51A1B312F317@cisco.com>
Cc: "'Mach Chen'" <mach@huawei.com>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Content-Transfer-Encoding: 7bit
From: JP Vasseur <jvasseur@cisco.com>
Subject: =?UTF-8?Q?Re:_=E7=AD=94=E5=A4=8D:_Progressing_the_three_inter-do?= =?UTF-8?Q?main_I-Ds?=
Date: Wed, 17 Jan 2007 07:12:13 -0500
To: ZhangRenhai <zhangrenhai@huawei.com>
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=2267; t=1169035936; x=1169899936; c=relaxed/simple; s=rtpdkim1001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jvasseur@cisco.com; z=From:=20JP=20Vasseur=20<jvasseur@cisco.com> |Subject:=20=3D?UTF-8?Q?Re=3A_=3DE7=3DAD=3D94=3DE5=3DA4=3D8D=3A_Progressi ng_the_three_inter-do?=3D=0A=20=3D?UTF-8?Q?main_I-Ds?=3D |Sender:=20 |To:=20ZhangRenhai=20<zhangrenhai@huawei.com>; bh=AhUOcXGQwYNMnTESjzmd1S5hfypxFrJYzW84iIzQhBg=; b=Z6V6MRyd22Sfmfx/rg1gaS/CETrNJ5KCDHG9sgeIQWzQHDQfy+wyESMTZEUf5taGXfirAhDV 8XIc2bPPk30UMZemMU/ym8hkxjCQ5km02b7WEb48guTHLTBqfFf9DkA1;
Authentication-Results: rtp-dkim-1; header.From=jvasseur@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim1001 verified; );
Hi,
On Jan 16, 2007, at 11:11 PM, ZhangRenhai wrote:
>>> After reading these docs I also have the same concern with you
>>> about inter-ASBR links flooding.
>>> I think, in oder to perform inter-AS path computation, inter-ASBR
>>> links fooding is desired.
>>
>> As pointed out in the document, this is not a MUST, but an
>> optimization.
>>
>>> But
>>> such kind of inter-ASBR link info should include more information
>>> than "normal" TE links do,
>>> e.g: the inter-ASBR links info SHOULD still include the peer AS
>>> number and peer ASBR router id
>>> besides those link info which has been specified in rfc3630 and
>>> rfc3784.
>>
>> I don't think that the peer AS number info should be included in the
>> IGP for sure. You should rely on BGP for that purpose.
> [ZhangRenhai>] maybe BGP is not enough for some circumstance, take
> this
> scenario for example:
>
> / ASBR4
> ASBR1--------ASBR2--
> \ ASBR3
> ------AS 1----------||-----AS 2----------
>
> ASBR2 in AS 1
In your example, both ASBR1 and ASBR2 are in AS1 ?
> would only advertise the optimal route
I guess that you're referring to the BGP route here.
> received respectively
> from ASBR3 and ASBR4 (both are from AS 2) to ASBR1, ASBR1 also
> doesn't have
> the full knowledge of topology(such as which AS the ASBR2 is
> connected to
> and which router is in that AS)between the two AS.
.... This is IP Inter-AS routing ... With the per-domain approach
(inter-AS), BGP can of course be used, thus all necessary information
for ASBR selection is available.
> PCE would have the
> similar problem when performing the brpc.
> Another issue, when ASBR1 receives a path mesg from upstream domain
> containing a loose ERO:AS number(say AS2), there should be a method
> for it
> to locate the asbr(say ASBR2) in the local domain connected to AS2.
>
I don't see the scenario you're referring to ...
JP.
> Regards,
> Zhang Renhai
>
>>
>>>
>>> So I think there need a document to clarify and specify inter-ASBR
>>> links flooding. we are considering to
>>> write such a document. If someone interested in such work, we could
>>> cooperate.
>>>
>>
>> JP.
>>
>>>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 11:27:17 +0000
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: ccamp@ops.ietf.org, "'JP Vasseur'" <jvasseur@cisco.com>, "'Mach Chen'" <mach@huawei.com>, owner-ccamp@ops.ietf.org, "ZhangRenhai" <zhangrenhai@huawei.com>
Subject: Re: Advertising of inter-AS TE links
MIME-Version: 1.0
Message-ID: <OF0CBA7525.C1E3FC36-ONC1257266.003E8C29-C1257266.003EDE74@netfr.alcatel.fr>
From: Dimitri.Papadimitriou@alcatel-lucent.be
Date: Wed, 17 Jan 2007 12:26:41 +0100
Content-Type: text/plain; charset="GB2312"
Content-Transfer-Encoding: base64
YWRyaWFuDQoNCmFncmVlZCBvbiB0aGUgYW5hbHlzaXMgLSB0aGVyZSBpcyBvbmUgYWRkaXRpb25h
bCBjYXNlIHRoYXQgDQpuZWVkcyB0byBiZSBhZGRyZXNzZWQNCg0KQVNfMSBpcyBjb25uZWN0ZWQg
dG8gQVNfMiBhbmQgQVNfMyBib3RoIGNvbm5lY3RlZCB0byBBU180DQoNCnRoZSBFUk8sIGluY2x1
ZGVzIEFTXzEgYW5kIEFTXzQsIHBlcmZlY3RseSBjbGVhciB0aGVyZSBpcw0Kbm8gaW50ZW50aW9u
IHRvIHBhc3MgQVNfMiAtIEFTXzQgYW5kIEFTXzMgLSBBU180IFRFIGxpbmsNCmluZm9ybWF0aW9u
IHRvIEFTXzENCg0KYnV0IHdoYXQgYWJvdXQgQVNfMSAtIEFTXzIgYW5kIEFTXzEgLSBBU18zIHdo
b3NlIGluZm8uIGlzDQpkZWZhY3RvIGF2YWlsYWJsZSANCg0KdGhlIGlzc3VlIGlzIG9uZSBzZW50
ZW5jZSwgdGhlIGluaXRpYWwgbGluZWFyaXphdGlvbiBkb2VzDQpub3QgaG9sZCBpbiB0aGUgZ2Vu
ZXJpYyBjYXNlIG9mIGxvb3NlIGFic3RyYWN0IEFTJ3MNCg0KY29tbWVudHMgPw0KDQotZC4NCg0K
DQoNCg0KDQoiQWRyaWFuIEZhcnJlbCIgPGFkcmlhbkBvbGRkb2cuY28udWs+DQpTZW50IGJ5OiBv
d25lci1jY2FtcEBvcHMuaWV0Zi5vcmcNCjE3LzAxLzIwMDcgMTI6MDANClBsZWFzZSByZXNwb25k
IHRvICJBZHJpYW4gRmFycmVsIg0KIA0KICAgICAgICBUbzogICAgICJaaGFuZ1JlbmhhaSIgPHpo
YW5ncmVuaGFpQGh1YXdlaS5jb20+LCAiJ0pQIFZhc3NldXInIiANCjxqdmFzc2V1ckBjaXNjby5j
b20+LCAiJ01hY2ggQ2hlbiciIDxtYWNoQGh1YXdlaS5jb20+LCBEaW1pdHJpIA0KUEFQQURJTUlU
UklPVS9CRS9BTENBVEVMQEFMQ0FURUwNCiAgICAgICAgY2M6ICAgICA8Y2NhbXBAb3BzLmlldGYu
b3JnPg0KICAgICAgICBTdWJqZWN0OiAgICAgICAgQWR2ZXJ0aXNpbmcgb2YgaW50ZXItQVMgVEUg
bGlua3MNCg0KDQpIaSwNCg0KU2luY2UgdGhpcyBkaXNjdXNzaW9uIGlzIGJsb3Nzb21pbmcsIGl0
IGNhbiBoYXZlIGl0cyBvd24gdGhyZWFkLi4uDQoNCkknZCBsaWtlIHRvIHRyeSB0byBicmluZyBz
b21lIGZvY3VzLg0KDQpUaGUgbW90aXZhdGlvbiBzZWVtcyBjbGVhci4uLg0KV2hlbiBjb21wdXRp
bmcgYSBwYXRoIHRocm91Z2ggb25lIEFTIGludG8gYW5vdGhlciBBUywgdGhlIGNvbXB1dGF0aW9u
IA0KcG9pbnQgDQpuZWVkcyB0byBrbm93IGFib3V0IFRFIGxpbmtzIHRoYXQgY29ubmVjdCB0byB0
aGUgbmV4dCBBUy4gVGhpcyBlbmFibGVzIGl0IA0KdG8gDQpzZWxlY3Q6DQotIEEgVEUgbGluayB0
aGF0IGNvbm5lY3RzIHRvIHRoZSBuZXh0IEFTDQotIEEgVEUgbGluayB0aGF0IGlzIHN1aXRhYmxl
IGZvciB0aGUgTFNQLg0KDQpPdGhlciBxdWVzdGlvbnMgYWJvdXQgcmVhY2hhYmlsaXR5IGFuZCBU
RSBjb25uZWN0aXZpdHkgYWNyb3NzIHRoZSBuZXh0IEFTIA0KYXJlIG91dCBvZiBzY29wZSBhbmQg
aGF2ZSBiZWVuIGRlZmluZWQgYXMgcHJvYmxlbXMgdGhhdCBQQ0UgaXMgdXNlZCB0byANCnNvbHZl
LiBUaGlzIGlzIGFuIGltcG9ydGFudCBwb2ludCEgV2UgYXJlIG5vdCB0YWxraW5nIGFib3V0IGRp
c3RyaWJ1dGluZyANCmluZm9ybWF0aW9uIHRvIHByb3ZpZGUgYSBncmFwaCB0byBjb21wdXRlIG11
bHRpLUFTIFRFIHBhdGhzLiBUaGF0IGlzIA0KKElNSE8pIA0Kb3V0IG9mIHNjb3BlIGFuZCB3aGF0
IFBDRSB3YXMgaW52ZW50ZWQgdG8gc29sdmUuDQoNCkkgc2VlIHR3byBzY2VuYXJpb3MuDQoxLiBB
biBBU0JSIGhhcyB0d28gbGlua3MgdG8gdGhlIG5leHQgQVMuDQoyLiBBbiBBUyBoYXMgdHdvIEFT
QlJzIHRvIHRoZSBuZXh0IEFTLg0KSW4gZWl0aGVyIGNhc2UsIHRoZSBBUyBtYXkgaGF2ZSBtdWx0
aXBsZSBBU0JScy4NCg0KVGhlIHBhdGggY29tcHV0YXRpb24gcG9pbnQgbXVzdCBkZXRlcm1pbmU6
DQphLiBUaGUgc2V0IG9mIEFTQlJzIHRoYXQgY29ubmVjdCB0byB0aGUgbmV4dCBBUy4NCmIuIFdo
aWNoIEFTQlIgdG8gdXNlLg0KYy4gV2hpY2ggaW50ZXItQVMgbGluayB0byB1c2UuDQoNClNvbWUg
Y2FzZXMgYXJlIGVhc3k6DQotIElmIHRoZSBFUk8gYWxyZWFkeSBpbmNsdWRlcyB0aGUgQVNCUiBh
ZGRyZXNzDQogIG5vIGNob2ljZSB0byBiZSBkb25lDQotIElmIHRoZSBBU0JSIGhhcyBtdWx0aXBs
ZSBpbnRlci1BUyBsaW5rcyB0aGVuDQogIHRoZSBjaG9pY2UgY2FuIGJlIGEgbG9jYWwgbWF0dGVy
IChubw0KICBhZHZlcnRpc2luZyByZXF1aXJlZCkNCg0KQnV0IG90aGVyIGNhc2VzIHJlcXVpcmUg
YWR2ZXJ0aXNlbWVudCBvZiB0aGUgaW50ZXItQVMgbGluayBhcyBhIFRFIGxpbmsgDQp3aXRoOg0K
LSB0aGUgbm9ybWFsIFRFIGluZm9ybWF0aW9uDQotIGFuIGluZGljYXRpb24gdGhhdCB0aGlzIGlz
IGFuIGludGVyLUFTIGxpbmsNCi0gdGhlIGlkZW50aXR5IG9mIHRoZSByZW1vdGUgQVNCUg0KLSB0
aGUgaWRlbnRpdHkgb2YgdGhlIHJlbW90ZSBBUw0KDQpUaGlzIGluZm9ybWF0aW9uIGlzIG5lZWRl
ZCB0aHJvdWdoLW91dCB0aGUgbG9jYWwgQVMuIFRoYXQgaXMsIGFsdGhvdWdoIGFsbCANCg0Kb2Yg
dGhlIEFTQlJzIG1heSBiZSBpbnRlcmVzdGVkIGZvciBMU1BzIHRoYXQgZW50aXJlbHkgY3Jvc3Mg
dGhlIGxvY2FsIEFTLCANCmFuZCBhbHRob3VnaCBhIFBDRSBjb3VsZCBiZSBhIEJHUCBzcGVha2Vy
LCB0aGUgaW5mb3JtYXRpb24gaXMgYWxzbyBuZWVkZWQgDQpmb3IgTFNQcyB0aGF0IGFyZSBvcmln
aW5hdGVkIHdpdGhpbiB0aGUgQVMuDQoNClRodXMgd2UgbXVzdCBkZWNpZGUgaG93IHBhdGhzIGZv
ciBMU1BzIHRoYXQgZXhpdCB0aGUgQVMgd2lsbCBiZSBjb21wdXRlZDoNCg0KLSBJZiB3ZSByZXF1
aXJlIGNvbXB1dGF0aW9uIGJ5IGEgUENFIHRoYXQNCiAgaXMgKHNvbWV3aGF0KSBjZW50cmFsaXNl
ZCB3aXRoaW4gdGhlIEFTDQogIHdlIGNhbiB1c2UgQkdQIHRvIGRpc3RyaWJ1dGUgdGhlIGluZm9y
bWF0aW9uDQogIGFuZCByZXF1aXJlIHRoYXQgdGhlIFBDRXMgYXJlIEJHUCBzcGVha2Vycy4NCiAg
KE5vdGUgdGhhdCB0aGUgaW5mb3JtYXRpb24gaXMgb25seSBuZWVkZWQNCiAgd2l0aGluIHRoZSBs
b2NhbCBBUywgc28gd2Ugd291bGQgbGltaXQgaXRzDQogIGZsb29kaW5nIGJ5IEJHUC4pDQoNCi0g
SWYgd2UgcmVxdWlyZSBjb21wdXRhdGlvbiBieSBhbnkgTFNSIGluDQogIHRoZSBBUyAoaS5lLiBQ
Q0UgZnVuY3Rpb24gaXMgZnVsbHkNCiAgZGlzdHJpYnV0ZWQpIHRoZW4gd2UgcmVxdWlyZSBJR1Ag
Zmxvb2RpbmcNCiAgb2YgdGhlIGluZm9ybWF0aW9uIGFjcm9zcyB0aGUgd2hvbGUgQVMuDQoNCklu
IGJvdGggY2FzZXMgdGhlIGNvc3QgaXMgbm90IHBhcnRpY3VsYXJseSBoaWdoIHNpbmNlIHRoZSBu
dW1iZXIgb2YgDQppbnRlci1BUyANClRFIGxpbmtzIHdpbGwgbm90IGJlIGxhcmdlLg0KDQpUaGFu
a3MsDQpBZHJpYW4NCg0KLS0tLS0gT3JpZ2luYWwgTWVzc2FnZSAtLS0tLSANCkZyb206ICJaaGFu
Z1JlbmhhaSIgPHpoYW5ncmVuaGFpQGh1YXdlaS5jb20+DQpUbzogIidKUCBWYXNzZXVyJyIgPGp2
YXNzZXVyQGNpc2NvLmNvbT47ICInTWFjaCBDaGVuJyIgPG1hY2hAaHVhd2VpLmNvbT4NCkNjOiA8
Y2NhbXBAb3BzLmlldGYub3JnPjsgPG93bmVyLWNjYW1wQG9wcy5pZXRmLm9yZz4NClNlbnQ6IFdl
ZG5lc2RheSwgSmFudWFyeSAxNywgMjAwNyA0OjExIEFNDQpTdWJqZWN0OiC08Li0OiBQcm9ncmVz
c2luZyB0aGUgdGhyZWUgaW50ZXItZG9tYWluIEktRHMNCg0KDQo+PiA+IEFmdGVyIHJlYWRpbmcg
dGhlc2UgZG9jcyBJIGFsc28gaGF2ZSB0aGUgc2FtZSBjb25jZXJuIHdpdGggeW91DQo+PiA+IGFi
b3V0IGludGVyLUFTQlIgbGlua3MgZmxvb2RpbmcuDQo+PiA+IEkgdGhpbmssIGluIG9kZXIgdG8g
cGVyZm9ybSAgaW50ZXItQVMgcGF0aCBjb21wdXRhdGlvbiwgaW50ZXItQVNCUg0KPj4gPiBsaW5r
cyBmb29kaW5nIGlzIGRlc2lyZWQuDQo+Pg0KPj4gQXMgcG9pbnRlZCBvdXQgaW4gdGhlIGRvY3Vt
ZW50LCB0aGlzIGlzIG5vdCBhIE1VU1QsIGJ1dCBhbiANCm9wdGltaXphdGlvbi4NCj4+DQo+PiA+
IEJ1dA0KPj4gPiBzdWNoIGtpbmQgb2YgaW50ZXItQVNCUiBsaW5rIGluZm8gc2hvdWxkIGluY2x1
ZGUgbW9yZSBpbmZvcm1hdGlvbg0KPj4gPiB0aGFuICJub3JtYWwiIFRFIGxpbmtzIGRvLA0KPj4g
PiBlLmc6IHRoZSBpbnRlci1BU0JSIGxpbmtzIGluZm8gU0hPVUxEIHN0aWxsIGluY2x1ZGUgdGhl
IHBlZXIgQVMNCj4+ID4gbnVtYmVyIGFuZCBwZWVyIEFTQlIgcm91dGVyIGlkDQo+PiA+IGJlc2lk
ZXMgdGhvc2UgbGluayBpbmZvIHdoaWNoIGhhcyBiZWVuIHNwZWNpZmllZCBpbiByZmMzNjMwIGFu
ZA0KPj4gPiByZmMzNzg0Lg0KPj4NCj4+IEkgZG9uJ3QgdGhpbmsgdGhhdCB0aGUgcGVlciBBUyBu
dW1iZXIgaW5mbyBzaG91bGQgYmUgaW5jbHVkZWQgaW4gdGhlDQo+PiBJR1AgZm9yIHN1cmUuIFlv
dSBzaG91bGQgcmVseSBvbiBCR1AgZm9yIHRoYXQgcHVycG9zZS4NCj4gW1poYW5nUmVuaGFpPl0g
bWF5YmUgQkdQIGlzIG5vdCBlbm91Z2ggZm9yIHNvbWUgY2lyY3Vtc3RhbmNlLCB0YWtlIHRoaXMN
Cj4gc2NlbmFyaW8gZm9yIGV4YW1wbGU6DQo+DQo+ICAgICAgICAgICAgICAgICAgICAgLyAgQVNC
UjQNCj4gQVNCUjEtLS0tLS0tLUFTQlIyLS0NCj4gICAgICAgICAgICAgICAgICAgIFwgIEFTQlIz
DQo+IC0tLS0tLUFTIDEtLS0tLS0tLS0tfHwtLS0tLUFTIDItLS0tLS0tLS0tDQo+DQo+IEFTQlIy
IGluIEFTIDEgd291bGQgb25seSBhZHZlcnRpc2UgdGhlIG9wdGltYWwgcm91dGUgcmVjZWl2ZWQg
DQpyZXNwZWN0aXZlbHkNCj4gZnJvbSBBU0JSMyBhbmQgQVNCUjQgKGJvdGggYXJlIGZyb20gQVMg
MikgdG8gQVNCUjEsIEFTQlIxIGFsc28gZG9lc24ndCANCj4gaGF2ZQ0KPiB0aGUgZnVsbCBrbm93
bGVkZ2Ugb2YgdG9wb2xvZ3koc3VjaCBhcyB3aGljaCBBUyB0aGUgQVNCUjIgaXMgY29ubmVjdGVk
IA0KdG8NCj4gYW5kIHdoaWNoIHJvdXRlciBpcyBpbiB0aGF0IEFTKWJldHdlZW4gdGhlIHR3byBB
Uy4gUENFIHdvdWxkIGhhdmUgdGhlDQo+IHNpbWlsYXIgcHJvYmxlbSB3aGVuIHBlcmZvcm1pbmcg
dGhlIGJycGMuDQo+IEFub3RoZXIgaXNzdWUsIHdoZW4gQVNCUjEgcmVjZWl2ZXMgYSBwYXRoIG1l
c2cgZnJvbSB1cHN0cmVhbSBkb21haW4NCj4gY29udGFpbmluZyBhIGxvb3NlIEVSTzpBUyBudW1i
ZXIoc2F5IEFTMiksIHRoZXJlIHNob3VsZCBiZSBhIG1ldGhvZCBmb3IgDQppdA0KPiB0byBsb2Nh
dGUgdGhlIGFzYnIoc2F5IEFTQlIyKSBpbiB0aGUgbG9jYWwgZG9tYWluIGNvbm5lY3RlZCB0byBB
UzIuDQo+DQo+IFJlZ2FyZHMsDQo+IFpoYW5nIFJlbmhhaQ0KPg0KPj4NCj4+ID4NCj4+ID4gU28g
SSB0aGluayB0aGVyZSBuZWVkIGEgZG9jdW1lbnQgdG8gY2xhcmlmeSBhbmQgc3BlY2lmeSBpbnRl
ci1BU0JSDQo+PiA+IGxpbmtzIGZsb29kaW5nLiB3ZSBhcmUgY29uc2lkZXJpbmcgdG8NCj4+ID4g
d3JpdGUgc3VjaCBhIGRvY3VtZW50LiBJZiBzb21lb25lIGludGVyZXN0ZWQgaW4gc3VjaCB3b3Jr
LCB3ZSBjb3VsZA0KPj4gPiBjb29wZXJhdGUuDQo+PiA+DQo+Pg0KPj4gSlAuDQo+Pg0KPj4gPg0K
Pg0KPg0KPg0KPg0KPg0KPiANCg0KDQoNCg0KDQo=
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 11:03:54 +0000
Message-ID: <058301c73a26$ca1bdb60$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "ZhangRenhai" <zhangrenhai@huawei.com>, "'JP Vasseur'" <jvasseur@cisco.com>, "'Mach Chen'" <mach@huawei.com>, "Dimitri Papadimitriou" <Dimitri.Papadimitriou@alcatel-lucent.be>
Cc: <ccamp@ops.ietf.org>
Subject: Advertising of inter-AS TE links
Date: Wed, 17 Jan 2007 11:00:53 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="GB2312"; reply-type=original
Content-Transfer-Encoding: 8bit
Hi,
Since this discussion is blossoming, it can have its own thread...
I'd like to try to bring some focus.
The motivation seems clear...
When computing a path through one AS into another AS, the computation point
needs to know about TE links that connect to the next AS. This enables it to
select:
- A TE link that connects to the next AS
- A TE link that is suitable for the LSP.
Other questions about reachability and TE connectivity across the next AS
are out of scope and have been defined as problems that PCE is used to
solve. This is an important point! We are not talking about distributing
information to provide a graph to compute multi-AS TE paths. That is (IMHO)
out of scope and what PCE was invented to solve.
I see two scenarios.
1. An ASBR has two links to the next AS.
2. An AS has two ASBRs to the next AS.
In either case, the AS may have multiple ASBRs.
The path computation point must determine:
a. The set of ASBRs that connect to the next AS.
b. Which ASBR to use.
c. Which inter-AS link to use.
Some cases are easy:
- If the ERO already includes the ASBR address
no choice to be done
- If the ASBR has multiple inter-AS links then
the choice can be a local matter (no
advertising required)
But other cases require advertisement of the inter-AS link as a TE link
with:
- the normal TE information
- an indication that this is an inter-AS link
- the identity of the remote ASBR
- the identity of the remote AS
This information is needed through-out the local AS. That is, although all
of the ASBRs may be interested for LSPs that entirely cross the local AS,
and although a PCE could be a BGP speaker, the information is also needed
for LSPs that are originated within the AS.
Thus we must decide how paths for LSPs that exit the AS will be computed:
- If we require computation by a PCE that
is (somewhat) centralised within the AS
we can use BGP to distribute the information
and require that the PCEs are BGP speakers.
(Note that the information is only needed
within the local AS, so we would limit its
flooding by BGP.)
- If we require computation by any LSR in
the AS (i.e. PCE function is fully
distributed) then we require IGP flooding
of the information across the whole AS.
In both cases the cost is not particularly high since the number of inter-AS
TE links will not be large.
Thanks,
Adrian
----- Original Message -----
From: "ZhangRenhai" <zhangrenhai@huawei.com>
To: "'JP Vasseur'" <jvasseur@cisco.com>; "'Mach Chen'" <mach@huawei.com>
Cc: <ccamp@ops.ietf.org>; <owner-ccamp@ops.ietf.org>
Sent: Wednesday, January 17, 2007 4:11 AM
Subject: ´ð¸´: Progressing the three inter-domain I-Ds
>> > After reading these docs I also have the same concern with you
>> > about inter-ASBR links flooding.
>> > I think, in oder to perform inter-AS path computation, inter-ASBR
>> > links fooding is desired.
>>
>> As pointed out in the document, this is not a MUST, but an optimization.
>>
>> > But
>> > such kind of inter-ASBR link info should include more information
>> > than "normal" TE links do,
>> > e.g: the inter-ASBR links info SHOULD still include the peer AS
>> > number and peer ASBR router id
>> > besides those link info which has been specified in rfc3630 and
>> > rfc3784.
>>
>> I don't think that the peer AS number info should be included in the
>> IGP for sure. You should rely on BGP for that purpose.
> [ZhangRenhai>] maybe BGP is not enough for some circumstance, take this
> scenario for example:
>
> / ASBR4
> ASBR1--------ASBR2--
> \ ASBR3
> ------AS 1----------||-----AS 2----------
>
> ASBR2 in AS 1 would only advertise the optimal route received respectively
> from ASBR3 and ASBR4 (both are from AS 2) to ASBR1, ASBR1 also doesn't
> have
> the full knowledge of topology(such as which AS the ASBR2 is connected to
> and which router is in that AS)between the two AS. PCE would have the
> similar problem when performing the brpc.
> Another issue, when ASBR1 receives a path mesg from upstream domain
> containing a loose ERO:AS number(say AS2), there should be a method for it
> to locate the asbr(say ASBR2) in the local domain connected to AS2.
>
> Regards,
> Zhang Renhai
>
>>
>> >
>> > So I think there need a document to clarify and specify inter-ASBR
>> > links flooding. we are considering to
>> > write such a document. If someone interested in such work, we could
>> > cooperate.
>> >
>>
>> JP.
>>
>> >
>
>
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 04:16:36 +0000
Date: Wed, 17 Jan 2007 12:11:19 +0800
From: ZhangRenhai <zhangrenhai@huawei.com>
Subject: =?gb2312?B?tPC4tDogUHJvZ3Jlc3NpbmcgdGhlIHRocmVlIGludGVyLWRvbWFpbiBJLURz?=
To: 'JP Vasseur' <jvasseur@cisco.com>, 'Mach Chen' <mach@huawei.com>
Cc: ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Message-id: <000801c739ed$8d73aff0$a00c6f0a@china.huawei.com>
MIME-version: 1.0
Content-type: text/plain; charset=gb2312
Content-transfer-encoding: 7BIT
Thread-index: Acc5fdDKQGIq/sG+SKqqAnp0WtzQRAAbFW2w
> > After reading these docs I also have the same concern with you
> > about inter-ASBR links flooding.
> > I think, in oder to perform inter-AS path computation, inter-ASBR
> > links fooding is desired.
>
> As pointed out in the document, this is not a MUST, but an optimization.
>
> > But
> > such kind of inter-ASBR link info should include more information
> > than "normal" TE links do,
> > e.g: the inter-ASBR links info SHOULD still include the peer AS
> > number and peer ASBR router id
> > besides those link info which has been specified in rfc3630 and
> > rfc3784.
>
> I don't think that the peer AS number info should be included in the
> IGP for sure. You should rely on BGP for that purpose.
[ZhangRenhai>] maybe BGP is not enough for some circumstance, take this
scenario for example:
/ ASBR4
ASBR1--------ASBR2--
\ ASBR3
------AS 1----------||-----AS 2----------
ASBR2 in AS 1 would only advertise the optimal route received respectively
from ASBR3 and ASBR4 (both are from AS 2) to ASBR1, ASBR1 also doesn't have
the full knowledge of topology(such as which AS the ASBR2 is connected to
and which router is in that AS)between the two AS. PCE would have the
similar problem when performing the brpc.
Another issue, when ASBR1 receives a path mesg from upstream domain
containing a loose ERO:AS number(say AS2), there should be a method for it
to locate the asbr(say ASBR2) in the local domain connected to AS2.
Regards,
Zhang Renhai
>
> >
> > So I think there need a document to clarify and specify inter-ASBR
> > links flooding. we are considering to
> > write such a document. If someone interested in such work, we could
> > cooperate.
> >
>
> JP.
>
> >
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 00:45:48 +0000
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Subject: Re: Progressing the three inter-domain I-Ds
MIME-Version: 1.0
Message-ID: <OF5317C940.6720F7D6-ONC1257266.000284B0-C1257266.0004235E@netfr.alcatel.fr>
From: Dimitri.Papadimitriou@alcatel-lucent.be
Date: Wed, 17 Jan 2007 01:45:11 +0100
Content-Type: text/plain; charset="US-ASCII"
hi adrian - see inline for a couple of clarifications
"Adrian Farrel" <adrian@olddog.co.uk>
Sent by: owner-ccamp@ops.ietf.org
16/01/2007 15:11
Please respond to "Adrian Farrel"
To: Dimitri PAPADIMITRIOU/BE/ALCATEL@ALCATEL
cc: <ccamp@ops.ietf.org>
Subject: Re: Progressing the three inter-domain I-Ds
Hi Dimitri,
Thanks for your observations. We will fold them in with our review (unless
the authors want to spin a new version first?)
You wrote:
> o) a couple of specific comments
>
>end of section 2:
>
Missing comment?
[dp] yes the following sentence
"the appropriate technique must be driven by the set of
requirements for the paths attributes and the applicability to a
particular technique with respect to the deployment scenario"
the beginning of the sentence is not recommending an approach,
the "must" as indicated becomes authoritative, this sentence is
cyclic and reads
"the appropriate technique must be driven by the applicability
to a particular technique with respect to the deployment scenario"
is the term "path attribute" referring to any kind of LSP attr. ?
if yes please state so, if not please use the correct term ?
With regard to the discussion about advertising inter-AS TE links, you are
right that this needs clarification. I also feel that this I-D is not the
place to do it. *If* IGP advertisement of inter-AS TE links is supported,
it
will need documentation and this I-D can point to it.
[dp] i would agree that the reasoning throughout the draft is deductive
and the proposed method defined for MPLS-TE (how does this works for bi-
directional LSP for inst. when the inter-domain can be crossed by both
bi and unidirectional LSPs) is put in a path.comp context
[dp] i mean here that beyond the specific per-domain operations the only
protocol addition is an OSPF one (i leave this question to whether needs
for a separate i-d is more appropriate, but the level of detail must be
the same in both cases, not because embedded in this i-d that accurate
description of processing shall be skipped)
Adrian
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 17 Jan 2007 00:24:39 +0000
To: JP Vasseur <jvasseur@cisco.com>
Cc: "Adrian Farrel" <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Subject: Re: Progressing the three inter-domain I-Ds
MIME-Version: 1.0
Message-ID: <OF9D02C376.00612FA9-ONC1257266.0000E13F-C1257266.0001F9B5@netfr.alcatel.fr>
From: Dimitri.Papadimitriou@alcatel-lucent.be
Date: Wed, 17 Jan 2007 01:21:34 +0100
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
hi j-p - see inline:
JP Vasseur <jvasseur@cisco.com>
Sent by: owner-ccamp@ops.ietf.org
16/01/2007 15:42
=20
To: Dimitri PAPADIMITRIOU/BE/ALCATEL@ALCATEL
cc: "Adrian Farrel" <adrian@olddog.co.uk>, ccamp@ops.ietf.org, =
owner-ccamp@ops.ietf.org
Subject: Re: Progressing the three inter-domain I-Ds
Hi Dimitri,
On Jan 13, 2007, at 6:49 AM, Dimitri.Papadimitriou@alcatel-lucent.be=20
wrote:
> hi adrian
>
> o) a couple of generic comments on the third doc
>
> - the doc. states applicability to GMPLS but sometimes only ref.=20
> MPLS-TE
> signaling further on e.g. section 3.1
>
> " - The inter-domain TE LSPs are signaled using RSVP-TE ([RFC3209])."
>
> and many others in section 4.
>
ok.
> - the are many comparison with PCE technique along the doc. - well=20
> that's
> fine but outside the scope of the document except if the purpose is to
> indicate how different techniques can be combined together and which
> interop issues may result from it
>
Because there are indeed two path computation techniques, it is=20
useful to keep these references in order to provide a fair=20
comparison. We could of course come up with a separate applicability=20
ID, but there are already quite a few related IDs, thus it is=20
preferable to keep the text here. I'll double check if there's any=20
redundancy though.
[dp] i don't think i found much statements clarifying potential
interop aspects - hence the question becomes rather simple=20
either there are prescriptive statements to be provided to ensure=20
interop and henceforth these are to be addressed in this document=20
or these are not prescriptive and hence an applicability document
would also do the job
otherwise there are no statements (interop is not resulting in any
specific behaviour) and then there is no need to perform any sort
of reference to the PCE technique
> o) a couple of specific comments
>
> end of section 2:
>
> section 3.1: "* The complete list of boundary LSRs along the path"
> -> list of domain identifier e.g. AS numbers also applies here ?
>
> last =A7 of section 3.1 is the most important one, signaling protocol=20
> are
> independent of the routing topology itself, i.e. not because a node is
> an ABR or an ASBR that comp. occurs but simply because he has no path
> to reach the next (loose) hop - an intermediate node should still=20
> maintain
> capacity to perform such operation
>
> section 3.3 "The path computation
> technique described in this document applies to the case of a=20
> single
> AS made of multiple IGP areas, multiples ASs made of a single IGP
> areas or any combination of the above. For the sake of simplicity,
> each routing domain will be considered as single area in this
> document. "
>
> -> not sure to understand the reasoning, at the end these examples=20
> must
> remain illustrative and not restrict applicability - all these=20
> tutorial
> like material should better go in an appendix -
Not sure why ?
[dp] e.g. the last sentence of the paragraph pointed here above shows
the issue - why this doc considers (from the examples it provides) and
or restricts routing domain (AS) composed by a single area ?
> section 3.1 "In any case,
> no topology or resource information needs to be distributed between
> domains (as mandated per [RFC4105] and [RFC4216]), which is=20
> critical
> to preserve IGP/BGP scalability and confidentiality in the case=20
> of TE
> LSPs spanning multiple routing domains."
>
> then Section 4
> "In terms of computation of an inter-AS TE LSP path, an interesting
> optimization technique consists of allowing the ASBRs to flood=20
> the TE
> information related to the inter-ASBR link(s) although no IGP TE is
> enabled over those links (and so there is no IGP adjacency over the
> inter-ASBR links). ...
> "Thanks to such an optimization, the inter-ASBRs TE link information
> corresponding to the links originated by the ASBR is made available
> in the TED of other LSRs in the same domain that the ASBR=20
> belongs to."
>
> but after
> "Note that no topology
> information is flooded and these links are not used in IGP SPF
> computations. Only the TE information for the outgoing links
> directly connected to the ASBR is advertised."
>
> -> can one of the author clarify 1) is flooding involved or not ?
I'll be happy to clarify. The idea is to flood the TE info for the=20
Inter-AS link(s). Note that this does not contradict the requirements=20
of RFC4216:
(1) Confidentiality relates to the topology of another domain: the TE=20
information flooded in a domain is only augmented by Inter-AS links,=20
not to any link in another domain.
(2) Scalability: of course, flooding the TE info of a few Inter-AS=20
links will not compromise the scalability of the IGP.
> 2) what get's flooded and under which conditions 3) what is the
> scope of the flooding 4) how this mechanism positions against the
> requirements of 4105 and 4216
Did I clarify ? If so, I'll add a paragraph in the ID.
[dp] point 3, you flood the inter-AS information "inside the connected=20
AS" but what is the flooding scope ? - flooding of a link local info
inside the AS that is terminating that end of the link -
[dp] i think that the optimization provided here holds iff that info
is made available to the head-end area of that AS not only the tail-
end area
>
> o) a couple of edits
>
> section 1:
>
> ABR Router, ASBR Router - redundant R
>
> the most important def. is the "domain" def. which can be found in the
> frm doc but not recorded here this would clarify sentence like
>
> "The mechanisms proposed in this document are also applicable to MPLS
> TE domains other than IGP areas and ASs."
>
> ref. H-LSP and S-LSP with the appropriate docs
>
> state that inter-domain recovery is going to be addressed in a set of
> specific docs
Thanks for the edits.
JP.
>
> hope this will help,
> - d.
>
>
>
>
> "Adrian Farrel" <adrian@olddog.co.uk>
> Sent by: owner-ccamp@ops.ietf.org
> 09/01/2007 23:13
> Please respond to "Adrian Farrel"
>
> To: <ccamp@ops.ietf.org>
> cc:
> Subject: Progressing the three inter-domain I-Ds
>
>
> Hi,
>
> We now have updated versions of the three inter-domain signaling I-Ds:
>
> - draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
> - draft-ietf-ccamp-lsp-stitching-04.txt
> - draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
>
> Our plan is:
> 1. WG chairs do detailed review over the next couple of weeks
> 2. Editors apply necessary updates
> 3. We hold a WG last call for the three I-Ds together
>
> If you are interested in this work, I suggest that now might be a good
> time
> to remind yourself about the I-Ds, have a good read, and see if you=20
> can
> get
> any substantial comments in to coincide with the WG chairs' review.
>
> Thanks,
> Adrian
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 19:40:14 +0000
Message-ID: <049601c739a5$c90280c0$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "Derek Atkins" <derek@ihtfp.com>
Cc: <ccamp@ops.ietf.org>, <ccamp-chairs@tools.ietf.org>, <asatyana@cisco.com>, <rrahman@cisco.com>, <lberger@labn.net>, <dimitri.papadimitriou@alcatel.be>, <ancaz@cisco.com>, <jisrar@cisco.com>, <iesg@ietf.org>, <secdir@MIT.EDU>
Subject: Re: draft-ietf-ccamp-rsvp-restart-ext-06
Date: Tue, 16 Jan 2007 19:36:34 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
OK
We can write that sentence or three and close the issue.
Thanks for engaging.
Adrian
----- Original Message -----
From: "Derek Atkins" <derek@ihtfp.com>
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: <ccamp@ops.ietf.org>; <ccamp-chairs@tools.ietf.org>;
<asatyana@cisco.com>; <rrahman@cisco.com>; <lberger@labn.net>;
<dimitri.papadimitriou@alcatel.be>; <ancaz@cisco.com>; <jisrar@cisco.com>;
<iesg@ietf.org>; <secdir@MIT.EDU>
Sent: Tuesday, January 16, 2007 6:49 PM
Subject: Re: draft-ietf-ccamp-rsvp-restart-ext-06
> True, an attacker that sits between the peers shouldn't be able to
> inject messages because the endpoints are authenticated (and I
> presume that the transaction itself has integrity protection).
> You're correct that it is a question of the threat model, and that
> if you DO have a fully trusted set of peers then you don't have to
> worry about this attack. But if that's the case I'd like to see
> a sentence or three in the Security Considerations section that
> explicitly states this threat model. Then at least this attack
> would be clearly out of scope. :)
>
> Thanks!
>
> -derek
>
> "Adrian Farrel" <adrian@olddog.co.uk> writes:
>
>> Hi Derek,
>>
>> Yes you have captured the exposure correctly.
>>
>> The question is: what is he trust model between neighbors? If the model
>> is
>> high enough then the only way for a!=b is a mistake. If the trust model
>> is
>> not high enough then a!=b could be malicious. If there is a security hole
>> *between* neighbors, b may be modified in transit such that a!=b.
>>
>> I think that in a cooperative singaling protocol we have to assume that
>> there is trust between neighbors once identities have been established.
>> RSVP-TE provides such identity confirmation and also secures the traffic
>> between neighbors.
>>
>> This leaves us with only the mistake, and generally we don't make
>> extensive
>> protocol changes to handle the potential for broken implementations.
>>
>> Thanks,
>> Adrian
>>
>> ----- Original Message -----
>> From: "Derek Atkins" <derek@ihtfp.com>
>> To: "Adrian Farrel" <adrian@olddog.co.uk>
>> Cc: <ccamp@ops.ietf.org>; <ccamp-chairs@tools.ietf.org>;
>> <asatyana@cisco.com>; <rrahman@cisco.com>; <lberger@labn.net>;
>> <dimitri.papadimitriou@alcatel.be>; <ancaz@cisco.com>;
>> <jisrar@cisco.com>;
>> <iesg@ietf.org>; <secdir@MIT.EDU>
>> Sent: Monday, January 15, 2007 2:56 PM
>> Subject: Re: draft-ietf-ccamp-rsvp-restart-ext-06
>>
>>
>>> Adrian,
>>>
>>> The fact that the exchange is secured only means that you've
>>> verified the endpoint, not the data. For example, let's say
>>> that you and I are endpoints. I send you "a" and then I restart.
>>> I ask for for my data, we secure the exchange (so I know that
>>> it's you I'm talking to), and then you send me "b".
>>>
>>> The RSVP-TE assures me that YOU sent me "b", but it doesn't
>>> assure me that "b" == "a", what I sent originally.
>>>
>>> Now, one way to solve this problem would be for the originating node
>>> to put their own MAC on their data with a private key known only to
>>> the originating node. This way when you send me "b" it wouldn't
>>> have my own MAC on it (or the MAC would be invalid, or a timestamp
>>> would be too old).
>>>
>>> Maybe overkill, but if I'm trying to abuse resources I could use
>>> the restart method to backfill my requests.
>>>
>>> Thanks,
>>>
>>> -derek
>>>
>>> "Adrian Farrel" <adrian@olddog.co.uk> writes:
>>>
>>>> Hi Derek,
>>>>
>>>> I think this is a good question so I am bringing it to the CCAMP list.
>>>>
>>>> The bottom line would appear to be:
>>>> - The exchange between neighbors before restart was
>>>> secured by normal RSVP-TE means
>>>> - The exchange after restart is secured by the same means.
>>>> - This provides a degree of protection that the restarting
>>>> node is receiving information that it originally sent to
>>>> its neighbor.
>>>>
>>>> The obvious question is, should the restarting node have some
>>>> (private) way
>>>> of authenticating that the information received on restart
>>>> originated with
>>>> it? This would presumably be some sort of cookie manufactured from
>>>> a mock-up
>>>> of the restart message that the restarting node expects to receive and
>>>> handed to the neighbor for use in the event of a restart.
>>>>
>>>> Seems like overkill to me, but I'd appreciate views from the WG.
>>>>
>>>> Adrian
>>>>
>>>> ----- Original Message -----
>>>> From: "Derek Atkins" <derek@ihtfp.com>
>>>> To: <iesg@ietf.org>; <secdir@MIT.EDU>
>>>> Cc: <ccamp-chairs@tools.ietf.org>; <asatyana@cisco.com>;
>>>> <rrahman@cisco.com>; <lberger@labn.net>;
>>>> <dimitri.papadimitriou@alcatel.be>;
>>>> <ancaz@cisco.com>; <jisrar@cisco.com>
>>>> Sent: Friday, January 12, 2007 10:59 PM
>>>> Subject: draft-ietf-ccamp-rsvp-restart-ext-06
>>>>
>>>>
>>>>>I have reviewed this document as part of the security directorate's
>>>>> ongoing effort to review all IETF documents being processed by the
>>>>> IESG. These comments were written primarily for the benefit of the
>>>>> security area directors. Document editors and WG chairs should treat
>>>>> these comments just like any other last call comments.
>>>>>
>>>>> I don't see any issues in this document beyond those already stated
>>>>> in the Security Considerations.
>>>>>
>>>>> My only question to the authors would be how does a recovering node
>>>>> verify that the data it gets from a peer node really came from the
>>>>> recovering node? Right now it just seems to have to trust that the
>>>>> peer returns valid data.
>>>>>
>>>>> -derek
>
> --
> Derek Atkins 617-623-3745
> derek@ihtfp.com www.ihtfp.com
> Computer and Internet Security Consultant
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 14:54:14 +0000
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed
Message-Id: <8B40C04A-5711-4103-B3C5-F721A3164A34@cisco.com>
Cc: Peng He <peng.he.2000@gmail.com>, Dimitri.Papadimitriou@alcatel-lucent.be, Adrian Farrel <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Content-Transfer-Encoding: quoted-printable
From: JP Vasseur <jvasseur@cisco.com>
Subject: Re: Progressing the three inter-domain I-Ds
Date: Tue, 16 Jan 2007 09:53:37 -0500
To: Mach Chen <mach@huawei.com>
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=9538; t=1168959221; x=1169823221; c=relaxed/simple; s=sjdkim7002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jvasseur@cisco.com; z=From:=20JP=20Vasseur=20<jvasseur@cisco.com> |Subject:=20Re=3A=20Progressing=20the=20three=20inter-domain=20I-Ds |Sender:=20; bh=tXK0AtMqMsdov+o9jP97QEowdqcm85ZBZ/L9j6q0BFU=; b=abBR4KhQqfT/3KipGezQGmOBdEzuZDQoI8NZCUn47KHi45LlrAU+QorlQCauwypWO9heYwkJ Ro2wKIX0TlleM9qXu/gaecxwrFd+G5fEPyEfjCwhv1lDTfL/gVUxIaRZ;
Authentication-Results: sj-dkim-7; header.From=jvasseur@cisco.com; dkim=pass ( sig from cisco.com/sjdkim7002 verified; );
Hi Mach,
On Jan 15, 2007, at 11:16 PM, Mach Chen wrote:
> Hi Peng,
>
>> ----- Original Message -----
>> From: "Peng He" <peng.he.2000@gmail.com>
>> To: "Mach Chen" <mach@huawei.com>
>> Cc: <Dimitri.Papadimitriou@alcatel-lucent.be>; "Adrian Farrel" =20
>> <adrian@olddog.co.uk>; <ccamp@ops.ietf.org>; <owner-=20
>> ccamp@ops.ietf.org>
>> Sent: Tuesday, January 16, 2007 11:17 AM
>> Subject: Re: Progressing the three inter-domain I-Ds
>
>
>> Hello Mach,
>
>> I understood that the path compute element(Head-end, ASBR, or PCE)
>> should have the inter-ASBR links info to compute an optimal or
>> near-optimal inter-domain path.
>
>> You said "But I think the inter-ASBR link should have AS flooding
>> scope." What do you mean by "AS flooding scope"? Is it within an =20
>> AS or
>> among ASes? If within an AS, then that's the example shown in the
>> third document and mentioned in Dimitri's questions; if among ASes,
>> then how many ASes would be enough?
>
> I means it's just within an AS, and it's enough for those proposed
> path computation methods, e.g: Per-Domain, BRPC, etc.
>
So far, we're in sync, and this is what the ID points out. I'll =20
clarify this part to avoid confusion.
> If such inter-ASBR links are flooded among ASes, there would be =20
> scalabilty
> and confidentiality issues.
No (see my previous emails).
Thanks.
JP.
>
>> I just guess the contents of inter-AS link info to be flooded seems
>> easily to be decided (consider it as a special intra-AS TE link with
>> AS # attached), and might just need a simple document to define it;
>> the difficult thing is the flooding scope, which might be varied with
>> different path computing approaches or even the agreement among
>> operators. Still seems to me hard to define a standard to rule it.
>> Or, leave every options open?
>
>
>
>> Regards,
>> Peng
>
> On 1/15/07, Mach Chen <mach@huawei.com> wrote:
>> Hi Peng,
>>
>> I means that no matter what kind of path computation methods(Per-=20
>> domain, BRPC, etc.) we adopt,
>> if we want to compute a path spaning mutiple ASes, the compute =20
>> element(Head-end, ASBR, or PCE)
>> SHOULD get the inter-ASBR links info.
>>
>> With respect to the flooding scope and specification of inter-ASBR =20=
>> links info, we need more discussion.
>> But I think the inter-ASBR link should have AS flooding scope.
>>
>> ----- Original Message -----
>> From: "Peng He" <peng.he.2000@gmail.com>
>> To: "Mach Chen" <mach@huawei.com>
>> Cc: <Dimitri.Papadimitriou@alcatel-lucent.be>; "Adrian Farrel" =20
>> <adrian@olddog.co.uk>; <ccamp@ops.ietf.org>; <owner-=20
>> ccamp@ops.ietf.org>
>> Sent: Monday, January 15, 2007 11:26 AM
>> Subject: Re: Progressing the three inter-domain I-Ds
>>
>>
>> Hello Mach,
>>
>> I am interested in such work. But I am not sure what you said "in =20
>> oder
>> to perform inter-AS path computation, inter-ASBR links fooding is
>> desired", say, different computing methods might need different
>> information about the inter-AS links and various flood ranges, and if
>> not a general method is considered as default, it seems to me hard to
>> define what exact info should be flooded. Just my personal thoughts.
>>
>> Regards,
>> Peng
>>
>> On 1/14/07, Mach Chen <mach@huawei.com> wrote:
>>> Dimitri and all,
>>>
>>> After reading these docs I also have the same concern with you =20
>>> about inter-ASBR links flooding.
>>> I think, in oder to perform inter-AS path computation, inter-=20
>>> ASBR links fooding is desired. But
>>> such kind of inter-ASBR link info should include more information =20=
>>> than "normal" TE links do,
>>> e.g: the inter-ASBR links info SHOULD still include the peer AS =20
>>> number and peer ASBR router id
>>> besides those link info which has been specified in rfc3630 and =20
>>> rfc3784.
>>>
>>> So I think there need a document to clarify and specify inter-=20
>>> ASBR links flooding. we are considering to
>>> write such a document. If someone interested in such work, we =20
>>> could cooperate.
>>>
>>>
>>>
>>> Best regards,
>>>
>>> Mach
>>>
>>> ----- Original Message -----
>>> From: <Dimitri.Papadimitriou@alcatel-lucent.be>
>>> To: "Adrian Farrel" <adrian@olddog.co.uk>
>>> Cc: <ccamp@ops.ietf.org>; <owner-ccamp@ops.ietf.org>
>>> Sent: Saturday, January 13, 2007 7:49 PM
>>> Subject: Re: Progressing the three inter-domain I-Ds
>>>
>>>
>>> hi adrian
>>>
>>> o) a couple of generic comments on the third doc
>>>
>>> - the doc. states applicability to GMPLS but sometimes only ref. =20
>>> MPLS-TE
>>> signaling further on e.g. section 3.1
>>>
>>> " - The inter-domain TE LSPs are signaled using RSVP-TE =20
>>> ([RFC3209])."
>>>
>>> and many others in section 4.
>>>
>>> - the are many comparison with PCE technique along the doc. - =20
>>> well that's
>>> fine but outside the scope of the document except if the purpose =20
>>> is to
>>> indicate how different techniques can be combined together and which
>>> interop issues may result from it
>>>
>>> o) a couple of specific comments
>>>
>>> end of section 2:
>>>
>>> section 3.1: "* The complete list of boundary LSRs along the path"
>>> -> list of domain identifier e.g. AS numbers also applies here ?
>>>
>>> last =A7 of section 3.1 is the most important one, signaling =20
>>> protocol are
>>> independent of the routing topology itself, i.e. not because a =20
>>> node is
>>> an ABR or an ASBR that comp. occurs but simply because he has no =20
>>> path
>>> to reach the next (loose) hop - an intermediate node should still =20=
>>> maintain
>>> capacity to perform such operation
>>>
>>> section 3.3 "The path computation
>>> technique described in this document applies to the case of a =20
>>> single
>>> AS made of multiple IGP areas, multiples ASs made of a single IGP
>>> areas or any combination of the above. For the sake of =20
>>> simplicity,
>>> each routing domain will be considered as single area in this
>>> document. "
>>>
>>> -> not sure to understand the reasoning, at the end these =20
>>> examples must
>>> remain illustrative and not restrict applicability - all these =20
>>> tutorial
>>> like material should better go in an appendix -
>>>
>>> section 3.1 "In any case,
>>> no topology or resource information needs to be distributed =20
>>> between
>>> domains (as mandated per [RFC4105] and [RFC4216]), which is =20
>>> critical
>>> to preserve IGP/BGP scalability and confidentiality in the =20
>>> case of TE
>>> LSPs spanning multiple routing domains."
>>>
>>> then Section 4
>>> "In terms of computation of an inter-AS TE LSP path, an interesting
>>> optimization technique consists of allowing the ASBRs to flood =20=
>>> the TE
>>> information related to the inter-ASBR link(s) although no IGP =20
>>> TE is
>>> enabled over those links (and so there is no IGP adjacency =20
>>> over the
>>> inter-ASBR links). ...
>>> "Thanks to such an optimization, the inter-ASBRs TE link information
>>> corresponding to the links originated by the ASBR is made =20
>>> available
>>> in the TED of other LSRs in the same domain that the ASBR =20
>>> belongs to."
>>>
>>> but after
>>> "Note that no topology
>>> information is flooded and these links are not used in IGP SPF
>>> computations. Only the TE information for the outgoing links
>>> directly connected to the ASBR is advertised."
>>>
>>> -> can one of the author clarify 1) is flooding involved or not ?
>>> 2) what get's flooded and under which conditions 3) what is the
>>> scope of the flooding 4) how this mechanism positions against the
>>> requirements of 4105 and 4216
>>>
>>>
>>> o) a couple of edits
>>>
>>> section 1:
>>>
>>> ABR Router, ASBR Router - redundant R
>>>
>>> the most important def. is the "domain" def. which can be found =20
>>> in the
>>> frm doc but not recorded here this would clarify sentence like
>>>
>>> "The mechanisms proposed in this document are also applicable to =20
>>> MPLS
>>> TE domains other than IGP areas and ASs."
>>>
>>> ref. H-LSP and S-LSP with the appropriate docs
>>>
>>> state that inter-domain recovery is going to be addressed in a =20
>>> set of
>>> specific docs
>>>
>>> hope this will help,
>>> - d.
>>>
>>>
>>>
>>>
>>> "Adrian Farrel" <adrian@olddog.co.uk>
>>> Sent by: owner-ccamp@ops.ietf.org
>>> 09/01/2007 23:13
>>> Please respond to "Adrian Farrel"
>>>
>>> To: <ccamp@ops.ietf.org>
>>> cc:
>>> Subject: Progressing the three inter-domain I-Ds
>>>
>>>
>>> Hi,
>>>
>>> We now have updated versions of the three inter-domain signaling =20
>>> I-Ds:
>>>
>>> - draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
>>> - draft-ietf-ccamp-lsp-stitching-04.txt
>>> - draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
>>>
>>> Our plan is:
>>> 1. WG chairs do detailed review over the next couple of weeks
>>> 2. Editors apply necessary updates
>>> 3. We hold a WG last call for the three I-Ds together
>>>
>>> If you are interested in this work, I suggest that now might be a =20=
>>> good
>>> time
>>> to remind yourself about the I-Ds, have a good read, and see if =20
>>> you can
>>> get
>>> any substantial comments in to coincide with the WG chairs' review.
>>>
>>> Thanks,
>>> Adrian
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>
> Best regards,
>
> Mach
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 14:50:54 +0000
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed
Message-Id: <FB6D8B8A-A8DC-4C59-B5AE-B12C7F2147F4@cisco.com>
Cc: Dimitri.Papadimitriou@alcatel-lucent.be, Adrian Farrel <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Content-Transfer-Encoding: quoted-printable
From: JP Vasseur <jvasseur@cisco.com>
Subject: Re: Progressing the three inter-domain I-Ds
Date: Tue, 16 Jan 2007 09:50:38 -0500
To: Mach Chen <mach@huawei.com>
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=5953; t=1168959041; x=1169823041; c=relaxed/simple; s=rtpdkim1001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jvasseur@cisco.com; z=From:=20JP=20Vasseur=20<jvasseur@cisco.com> |Subject:=20Re=3A=20Progressing=20the=20three=20inter-domain=20I-Ds |Sender:=20 |To:=20Mach=20Chen=20<mach@huawei.com>; bh=m2XP/JgAdW7bnJr/Bq876s5PzsuyaFa7CIVq9IjZR7Q=; b=camkk0DuKaR8dfyFhVgOQ2uFyCp3fH0n1zn29JqxgjY0Kk2ra2oy+V45dSvXDXMUua75cz6I TtUizsbUoCpmKfpYD/v1UKS8M3Sr1mXvN8k4oc9HcUZh7ezTXPVaa86B;
Authentication-Results: rtp-dkim-1; header.From=jvasseur@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim1001 verified; );
Hi,
On Jan 14, 2007, at 9:41 PM, Mach Chen wrote:
> Dimitri and all,
>
> After reading these docs I also have the same concern with you =20
> about inter-ASBR links flooding.
> I think, in oder to perform inter-AS path computation, inter-ASBR =20
> links fooding is desired.
As pointed out in the document, this is not a MUST, but an optimization.
> But
> such kind of inter-ASBR link info should include more information =20
> than "normal" TE links do,
> e.g: the inter-ASBR links info SHOULD still include the peer AS =20
> number and peer ASBR router id
> besides those link info which has been specified in rfc3630 and =20
> rfc3784.
I don't think that the peer AS number info should be included in the =20
IGP for sure. You should rely on BGP for that purpose.
>
> So I think there need a document to clarify and specify inter-ASBR =20
> links flooding. we are considering to
> write such a document. If someone interested in such work, we could =20=
> cooperate.
>
JP.
>
>
> Best regards,
>
> Mach
>
> ----- Original Message -----
> From: <Dimitri.Papadimitriou@alcatel-lucent.be>
> To: "Adrian Farrel" <adrian@olddog.co.uk>
> Cc: <ccamp@ops.ietf.org>; <owner-ccamp@ops.ietf.org>
> Sent: Saturday, January 13, 2007 7:49 PM
> Subject: Re: Progressing the three inter-domain I-Ds
>
>
> hi adrian
>
> o) a couple of generic comments on the third doc
>
> - the doc. states applicability to GMPLS but sometimes only ref. =20
> MPLS-TE
> signaling further on e.g. section 3.1
>
> " - The inter-domain TE LSPs are signaled using RSVP-TE ([RFC3209])."
>
> and many others in section 4.
>
> - the are many comparison with PCE technique along the doc. - well =20
> that's
> fine but outside the scope of the document except if the purpose is to
> indicate how different techniques can be combined together and which
> interop issues may result from it
>
> o) a couple of specific comments
>
> end of section 2:
>
> section 3.1: "* The complete list of boundary LSRs along the path"
> -> list of domain identifier e.g. AS numbers also applies here ?
>
> last =A7 of section 3.1 is the most important one, signaling protocol =20=
> are
> independent of the routing topology itself, i.e. not because a node is
> an ABR or an ASBR that comp. occurs but simply because he has no path
> to reach the next (loose) hop - an intermediate node should still =20
> maintain
> capacity to perform such operation
>
> section 3.3 "The path computation
> technique described in this document applies to the case of a =20
> single
> AS made of multiple IGP areas, multiples ASs made of a single IGP
> areas or any combination of the above. For the sake of simplicity,
> each routing domain will be considered as single area in this
> document. "
>
> -> not sure to understand the reasoning, at the end these examples =20
> must
> remain illustrative and not restrict applicability - all these =20
> tutorial
> like material should better go in an appendix -
>
> section 3.1 "In any case,
> no topology or resource information needs to be distributed between
> domains (as mandated per [RFC4105] and [RFC4216]), which is =20
> critical
> to preserve IGP/BGP scalability and confidentiality in the case =20
> of TE
> LSPs spanning multiple routing domains."
>
> then Section 4
> "In terms of computation of an inter-AS TE LSP path, an interesting
> optimization technique consists of allowing the ASBRs to flood =20
> the TE
> information related to the inter-ASBR link(s) although no IGP TE is
> enabled over those links (and so there is no IGP adjacency over the
> inter-ASBR links). ...
> "Thanks to such an optimization, the inter-ASBRs TE link information
> corresponding to the links originated by the ASBR is made available
> in the TED of other LSRs in the same domain that the ASBR =20
> belongs to."
>
> but after
> "Note that no topology
> information is flooded and these links are not used in IGP SPF
> computations. Only the TE information for the outgoing links
> directly connected to the ASBR is advertised."
>
> -> can one of the author clarify 1) is flooding involved or not ?
> 2) what get's flooded and under which conditions 3) what is the
> scope of the flooding 4) how this mechanism positions against the
> requirements of 4105 and 4216
>
>
> o) a couple of edits
>
> section 1:
>
> ABR Router, ASBR Router - redundant R
>
> the most important def. is the "domain" def. which can be found in the
> frm doc but not recorded here this would clarify sentence like
>
> "The mechanisms proposed in this document are also applicable to MPLS
> TE domains other than IGP areas and ASs."
>
> ref. H-LSP and S-LSP with the appropriate docs
>
> state that inter-domain recovery is going to be addressed in a set of
> specific docs
>
> hope this will help,
> - d.
>
>
>
>
> "Adrian Farrel" <adrian@olddog.co.uk>
> Sent by: owner-ccamp@ops.ietf.org
> 09/01/2007 23:13
> Please respond to "Adrian Farrel"
>
> To: <ccamp@ops.ietf.org>
> cc:
> Subject: Progressing the three inter-domain I-Ds
>
>
> Hi,
>
> We now have updated versions of the three inter-domain signaling I-Ds:
>
> - draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
> - draft-ietf-ccamp-lsp-stitching-04.txt
> - draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
>
> Our plan is:
> 1. WG chairs do detailed review over the next couple of weeks
> 2. Editors apply necessary updates
> 3. We hold a WG last call for the three I-Ds together
>
> If you are interested in this work, I suggest that now might be a good
> time
> to remind yourself about the I-Ds, have a good read, and see if you =20=
> can
> get
> any substantial comments in to coincide with the WG chairs' review.
>
> Thanks,
> Adrian
>
>
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 14:48:42 +0000
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed
Message-Id: <99B142F3-FED6-4B8A-8F22-E19E28E4EE56@cisco.com>
Cc: "Dimitri.Papadimitriou@alcatel-lucent.be" <Dimitri.Papadimitriou@alcatel-lucent.be>, "Adrian Farrel" <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Content-Transfer-Encoding: quoted-printable
From: JP Vasseur <jvasseur@cisco.com>
Subject: Re: Progressing the three inter-domain I-Ds
Date: Tue, 16 Jan 2007 09:48:24 -0500
To: Peng He <peng.he.2000@gmail.com>
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=7158; t=1168958908; x=1169822908; c=relaxed/simple; s=rtpdkim1001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jvasseur@cisco.com; z=From:=20JP=20Vasseur=20<jvasseur@cisco.com> |Subject:=20Re=3A=20Progressing=20the=20three=20inter-domain=20I-Ds |Sender:=20 |To:=20Peng=20He=20<peng.he.2000@gmail.com>; bh=aUUGq/IN1Mox0c6E+7QUPuYapCDK08i6HWxw/rhq8Hw=; b=MzAaOpunDhPPbI3d5XJSdaYwNC3CQU/LeTnZ4E0wMcMoX8QErELhW8nRgP/swZlQYaU92Lb5 rZCqfDVmtBDHZL1EHADmIzcQ/voh8S8J4+Xt2BNVIrT7IFO7yCvYZjIq;
Authentication-Results: rtp-dkim-1; header.From=jvasseur@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim1001 verified; );
Hi Peng,
On Jan 13, 2007, at 9:55 AM, Peng He wrote:
> Hi,
>
> Sill about the the third doc:
>
> 1. in the "3.1. Common assumptions" part, it is assumed that
> "Boundary LSRs are assumed to be capable of performing local path
> computation ..." . So I guess that ABR or ASBR has the function (or
> part of) of PCE.
>
> 2. My understanding to Dimitri's questions:
> I believe there is flooding here but only within the domain that the
> ASBR belongs to.
Right.
> So now a domain includes non-ABSR LSRs and ABSR LSRs
> and the links among them, AND the inter-domain links originating (not
> terminating) from the ASBRS of this domain. Tthe flooding is among
> these LSRs, but not between domains. So, it is still can be considered
> as intra-domain flooding and it happens when the TE info changes I
> guess.
>
This is right.
Example:
<---- AS 1 ---> <--- AS 2 ---->
ASBR1----ASBR2
ASBR1 advertises in AS1 the links that belongs to AS1 + the ASBR1-=20
ASBR2 links.
Same thing for ASBR2.
> 3. The purpose of the above is to "improve the chance of successful
> signaling along the next AS in case of resource shortage ..." I
> understand this, I just want to mention that it seems only true in
> theory and the practical effect is not so good as expected. I
> simulated this years ago when we extended DCR into inter-domain case
> and just no encouraging results found.
It of course depends of the assumptions that you used in your =20
simulations (topology, TMs, ...) but flooding that piece of data can =20
only improve the success rate of course. To what extent ? That =20
depends of a few parameters. For example, if your Inter-ASBR are over-=20=
provisioned, that won't help since the cause of CAC rejection is not =20
likely to be because of insufficient bandwidth on your links but =20
there are certainly cases where this can happen, in which case this =20
will help.
Thanks.
JP.
>
> Regards,
> Peng
>
>
>> 2) what get's flooded and under which conditions 3) what is the
>> scope of the flooding 4) how this mechanism positions against the
>> requirements of 4105 and 4216
>
>
>
> On 1/13/07, Dimitri.Papadimitriou@alcatel-lucent.be
> <Dimitri.Papadimitriou@alcatel-lucent.be> wrote:
>> hi adrian
>>
>> o) a couple of generic comments on the third doc
>>
>> - the doc. states applicability to GMPLS but sometimes only ref. =20
>> MPLS-TE
>> signaling further on e.g. section 3.1
>>
>> " - The inter-domain TE LSPs are signaled using RSVP-TE ([RFC3209])."
>>
>> and many others in section 4.
>>
>> - the are many comparison with PCE technique along the doc. - well =20=
>> that's
>> fine but outside the scope of the document except if the purpose =20
>> is to
>> indicate how different techniques can be combined together and which
>> interop issues may result from it
>>
>> o) a couple of specific comments
>>
>> end of section 2:
>>
>> section 3.1: "* The complete list of boundary LSRs along the path"
>> -> list of domain identifier e.g. AS numbers also applies here ?
>>
>> last =A7 of section 3.1 is the most important one, signaling =20
>> protocol are
>> independent of the routing topology itself, i.e. not because a =20
>> node is
>> an ABR or an ASBR that comp. occurs but simply because he has no path
>> to reach the next (loose) hop - an intermediate node should still =20
>> maintain
>> capacity to perform such operation
>>
>> section 3.3 "The path computation
>> technique described in this document applies to the case of a =20
>> single
>> AS made of multiple IGP areas, multiples ASs made of a single IGP
>> areas or any combination of the above. For the sake of =20
>> simplicity,
>> each routing domain will be considered as single area in this
>> document. "
>>
>> -> not sure to understand the reasoning, at the end these examples =20=
>> must
>> remain illustrative and not restrict applicability - all these =20
>> tutorial
>> like material should better go in an appendix -
>>
>> section 3.1 "In any case,
>> no topology or resource information needs to be distributed =20
>> between
>> domains (as mandated per [RFC4105] and [RFC4216]), which is =20
>> critical
>> to preserve IGP/BGP scalability and confidentiality in the case =20=
>> of TE
>> LSPs spanning multiple routing domains."
>>
>> then Section 4
>> "In terms of computation of an inter-AS TE LSP path, an interesting
>> optimization technique consists of allowing the ASBRs to flood =20
>> the TE
>> information related to the inter-ASBR link(s) although no IGP =20
>> TE is
>> enabled over those links (and so there is no IGP adjacency over =20=
>> the
>> inter-ASBR links). ...
>> "Thanks to such an optimization, the inter-ASBRs TE link information
>> corresponding to the links originated by the ASBR is made =20
>> available
>> in the TED of other LSRs in the same domain that the ASBR =20
>> belongs to."
>>
>> but after
>> "Note that no topology
>> information is flooded and these links are not used in IGP SPF
>> computations. Only the TE information for the outgoing links
>> directly connected to the ASBR is advertised."
>>
>> -> can one of the author clarify 1) is flooding involved or not ?
>> 2) what get's flooded and under which conditions 3) what is the
>> scope of the flooding 4) how this mechanism positions against the
>> requirements of 4105 and 4216
>>
>>
>> o) a couple of edits
>>
>> section 1:
>>
>> ABR Router, ASBR Router - redundant R
>>
>> the most important def. is the "domain" def. which can be found in =20=
>> the
>> frm doc but not recorded here this would clarify sentence like
>>
>> "The mechanisms proposed in this document are also applicable to MPLS
>> TE domains other than IGP areas and ASs."
>>
>> ref. H-LSP and S-LSP with the appropriate docs
>>
>> state that inter-domain recovery is going to be addressed in a set of
>> specific docs
>>
>> hope this will help,
>> - d.
>>
>>
>>
>>
>> "Adrian Farrel" <adrian@olddog.co.uk>
>> Sent by: owner-ccamp@ops.ietf.org
>> 09/01/2007 23:13
>> Please respond to "Adrian Farrel"
>>
>> To: <ccamp@ops.ietf.org>
>> cc:
>> Subject: Progressing the three inter-domain I-Ds
>>
>>
>> Hi,
>>
>> We now have updated versions of the three inter-domain signaling I-=20=
>> Ds:
>>
>> - draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
>> - draft-ietf-ccamp-lsp-stitching-04.txt
>> - draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
>>
>> Our plan is:
>> 1. WG chairs do detailed review over the next couple of weeks
>> 2. Editors apply necessary updates
>> 3. We hold a WG last call for the three I-Ds together
>>
>> If you are interested in this work, I suggest that now might be a =20
>> good
>> time
>> to remind yourself about the I-Ds, have a good read, and see if =20
>> you can
>> get
>> any substantial comments in to coincide with the WG chairs' review.
>>
>> Thanks,
>> Adrian
>>
>>
>>
>>
>>
>>
>>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 14:43:36 +0000
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed
Message-Id: <9BCD5A05-3C16-481C-A4EC-59AD16451B97@cisco.com>
Cc: "Adrian Farrel" <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Content-Transfer-Encoding: quoted-printable
From: JP Vasseur <jvasseur@cisco.com>
Subject: Re: Progressing the three inter-domain I-Ds
Date: Tue, 16 Jan 2007 09:42:57 -0500
To: Dimitri.Papadimitriou@alcatel-lucent.be
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=5674; t=1168958588; x=1169822588; c=relaxed/simple; s=sjdkim6002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jvasseur@cisco.com; z=From:=20JP=20Vasseur=20<jvasseur@cisco.com> |Subject:=20Re=3A=20Progressing=20the=20three=20inter-domain=20I-Ds |Sender:=20; bh=jIKymHp1HTOKD6VHFmG0c+5fwHlmj1w4XyzqWp+UGgQ=; b=AFaOwkU6tDPaxgJA/mUK5m5L6p7Pd20vGLk7U2T8f0z6zdHfg97ZoTY6aba7NptPbqfZQ5z6 BaE43cwIEmDHirts8ljIv3hyxEQ1Jm1dVG1/Aq56WEIR9egJtwRc3Ysz;
Authentication-Results: sj-dkim-6; header.From=jvasseur@cisco.com; dkim=pass ( sig from cisco.com/sjdkim6002 verified; );
Hi Dimitri,
On Jan 13, 2007, at 6:49 AM, Dimitri.Papadimitriou@alcatel-lucent.be =20
wrote:
> hi adrian
>
> o) a couple of generic comments on the third doc
>
> - the doc. states applicability to GMPLS but sometimes only ref. =20
> MPLS-TE
> signaling further on e.g. section 3.1
>
> " - The inter-domain TE LSPs are signaled using RSVP-TE ([RFC3209])."
>
> and many others in section 4.
>
ok.
> - the are many comparison with PCE technique along the doc. - well =20
> that's
> fine but outside the scope of the document except if the purpose is to
> indicate how different techniques can be combined together and which
> interop issues may result from it
>
Because there are indeed two path computation techniques, it is =20
useful to keep these references in order to provide a fair =20
comparison. We could of course come up with a separate applicability =20
ID, but there are already quite a few related IDs, thus it is =20
preferable to keep the text here. I'll double check if there's any =20
redundancy though.
> o) a couple of specific comments
>
> end of section 2:
>
> section 3.1: "* The complete list of boundary LSRs along the path"
> -> list of domain identifier e.g. AS numbers also applies here ?
>
> last =A7 of section 3.1 is the most important one, signaling protocol =20=
> are
> independent of the routing topology itself, i.e. not because a node is
> an ABR or an ASBR that comp. occurs but simply because he has no path
> to reach the next (loose) hop - an intermediate node should still =20
> maintain
> capacity to perform such operation
>
> section 3.3 "The path computation
> technique described in this document applies to the case of a =20
> single
> AS made of multiple IGP areas, multiples ASs made of a single IGP
> areas or any combination of the above. For the sake of simplicity,
> each routing domain will be considered as single area in this
> document. "
>
> -> not sure to understand the reasoning, at the end these examples =20
> must
> remain illustrative and not restrict applicability - all these =20
> tutorial
> like material should better go in an appendix -
Not sure why ?
>
> section 3.1 "In any case,
> no topology or resource information needs to be distributed between
> domains (as mandated per [RFC4105] and [RFC4216]), which is =20
> critical
> to preserve IGP/BGP scalability and confidentiality in the case =20
> of TE
> LSPs spanning multiple routing domains."
>
> then Section 4
> "In terms of computation of an inter-AS TE LSP path, an interesting
> optimization technique consists of allowing the ASBRs to flood =20
> the TE
> information related to the inter-ASBR link(s) although no IGP TE is
> enabled over those links (and so there is no IGP adjacency over the
> inter-ASBR links). ...
> "Thanks to such an optimization, the inter-ASBRs TE link information
> corresponding to the links originated by the ASBR is made available
> in the TED of other LSRs in the same domain that the ASBR =20
> belongs to."
>
> but after
> "Note that no topology
> information is flooded and these links are not used in IGP SPF
> computations. Only the TE information for the outgoing links
> directly connected to the ASBR is advertised."
>
> -> can one of the author clarify 1) is flooding involved or not ?
I'll be happy to clarify. The idea is to flood the TE info for the =20
Inter-AS link(s). Note that this does not contradict the requirements =20=
of RFC4216:
(1) Confidentiality relates to the topology of another domain: the TE =20=
information flooded in a domain is only augmented by Inter-AS links, =20
not to any link in another domain.
(2) Scalability: of course, flooding the TE info of a few Inter-AS =20
links will not compromise the scalability of the IGP.
> 2) what get's flooded and under which conditions 3) what is the
> scope of the flooding 4) how this mechanism positions against the
> requirements of 4105 and 4216
>
Did I clarify ? If so, I'll add a paragraph in the ID.
>
> o) a couple of edits
>
> section 1:
>
> ABR Router, ASBR Router - redundant R
>
> the most important def. is the "domain" def. which can be found in the
> frm doc but not recorded here this would clarify sentence like
>
> "The mechanisms proposed in this document are also applicable to MPLS
> TE domains other than IGP areas and ASs."
>
> ref. H-LSP and S-LSP with the appropriate docs
>
> state that inter-domain recovery is going to be addressed in a set of
> specific docs
Thanks for the edits.
JP.
>
> hope this will help,
> - d.
>
>
>
>
> "Adrian Farrel" <adrian@olddog.co.uk>
> Sent by: owner-ccamp@ops.ietf.org
> 09/01/2007 23:13
> Please respond to "Adrian Farrel"
>
> To: <ccamp@ops.ietf.org>
> cc:
> Subject: Progressing the three inter-domain I-Ds
>
>
> Hi,
>
> We now have updated versions of the three inter-domain signaling I-Ds:
>
> - draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
> - draft-ietf-ccamp-lsp-stitching-04.txt
> - draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
>
> Our plan is:
> 1. WG chairs do detailed review over the next couple of weeks
> 2. Editors apply necessary updates
> 3. We hold a WG last call for the three I-Ds together
>
> If you are interested in this work, I suggest that now might be a good
> time
> to remind yourself about the I-Ds, have a good read, and see if you =20=
> can
> get
> any substantial comments in to coincide with the WG chairs' review.
>
> Thanks,
> Adrian
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 14:32:32 +0000
Message-ID: <03b901c7397a$b9fa7220$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <Dimitri.Papadimitriou@alcatel-lucent.be>
Cc: <ccamp@ops.ietf.org>
Subject: Re: Progressing the three inter-domain I-Ds
Date: Tue, 16 Jan 2007 14:11:33 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi Dimitri,
Thanks for your observations. We will fold them in with our review (unless
the authors want to spin a new version first?)
You wrote:
> o) a couple of specific comments
>
>end of section 2:
>
Missing comment?
With regard to the discussion about advertising inter-AS TE links, you are
right that this needs clarification. I also feel that this I-D is not the
place to do it. *If* IGP advertisement of inter-AS TE links is supported, it
will need documentation and this I-D can point to it.
Adrian
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 14:32:27 +0000
Message-ID: <03b801c7397a$b1ae1e00$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "Derek Atkins" <derek@ihtfp.com>
Cc: <ccamp@ops.ietf.org>, <ccamp-chairs@tools.ietf.org>, <asatyana@cisco.com>, <rrahman@cisco.com>, <lberger@labn.net>, <dimitri.papadimitriou@alcatel.be>, <ancaz@cisco.com>, <jisrar@cisco.com>, <iesg@ietf.org>, <secdir@MIT.EDU>
Subject: Re: draft-ietf-ccamp-rsvp-restart-ext-06
Date: Tue, 16 Jan 2007 14:03:23 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi Derek,
Yes you have captured the exposure correctly.
The question is: what is he trust model between neighbors? If the model is
high enough then the only way for a!=b is a mistake. If the trust model is
not high enough then a!=b could be malicious. If there is a security hole
*between* neighbors, b may be modified in transit such that a!=b.
I think that in a cooperative singaling protocol we have to assume that
there is trust between neighbors once identities have been established.
RSVP-TE provides such identity confirmation and also secures the traffic
between neighbors.
This leaves us with only the mistake, and generally we don't make extensive
protocol changes to handle the potential for broken implementations.
Thanks,
Adrian
----- Original Message -----
From: "Derek Atkins" <derek@ihtfp.com>
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: <ccamp@ops.ietf.org>; <ccamp-chairs@tools.ietf.org>;
<asatyana@cisco.com>; <rrahman@cisco.com>; <lberger@labn.net>;
<dimitri.papadimitriou@alcatel.be>; <ancaz@cisco.com>; <jisrar@cisco.com>;
<iesg@ietf.org>; <secdir@MIT.EDU>
Sent: Monday, January 15, 2007 2:56 PM
Subject: Re: draft-ietf-ccamp-rsvp-restart-ext-06
> Adrian,
>
> The fact that the exchange is secured only means that you've
> verified the endpoint, not the data. For example, let's say
> that you and I are endpoints. I send you "a" and then I restart.
> I ask for for my data, we secure the exchange (so I know that
> it's you I'm talking to), and then you send me "b".
>
> The RSVP-TE assures me that YOU sent me "b", but it doesn't
> assure me that "b" == "a", what I sent originally.
>
> Now, one way to solve this problem would be for the originating node
> to put their own MAC on their data with a private key known only to
> the originating node. This way when you send me "b" it wouldn't
> have my own MAC on it (or the MAC would be invalid, or a timestamp
> would be too old).
>
> Maybe overkill, but if I'm trying to abuse resources I could use
> the restart method to backfill my requests.
>
> Thanks,
>
> -derek
>
> "Adrian Farrel" <adrian@olddog.co.uk> writes:
>
>> Hi Derek,
>>
>> I think this is a good question so I am bringing it to the CCAMP list.
>>
>> The bottom line would appear to be:
>> - The exchange between neighbors before restart was
>> secured by normal RSVP-TE means
>> - The exchange after restart is secured by the same means.
>> - This provides a degree of protection that the restarting
>> node is receiving information that it originally sent to
>> its neighbor.
>>
>> The obvious question is, should the restarting node have some (private)
>> way
>> of authenticating that the information received on restart originated
>> with
>> it? This would presumably be some sort of cookie manufactured from a
>> mock-up
>> of the restart message that the restarting node expects to receive and
>> handed to the neighbor for use in the event of a restart.
>>
>> Seems like overkill to me, but I'd appreciate views from the WG.
>>
>> Adrian
>>
>> ----- Original Message -----
>> From: "Derek Atkins" <derek@ihtfp.com>
>> To: <iesg@ietf.org>; <secdir@MIT.EDU>
>> Cc: <ccamp-chairs@tools.ietf.org>; <asatyana@cisco.com>;
>> <rrahman@cisco.com>; <lberger@labn.net>;
>> <dimitri.papadimitriou@alcatel.be>;
>> <ancaz@cisco.com>; <jisrar@cisco.com>
>> Sent: Friday, January 12, 2007 10:59 PM
>> Subject: draft-ietf-ccamp-rsvp-restart-ext-06
>>
>>
>>>I have reviewed this document as part of the security directorate's
>>> ongoing effort to review all IETF documents being processed by the
>>> IESG. These comments were written primarily for the benefit of the
>>> security area directors. Document editors and WG chairs should treat
>>> these comments just like any other last call comments.
>>>
>>> I don't see any issues in this document beyond those already stated
>>> in the Security Considerations.
>>>
>>> My only question to the authors would be how does a recovering node
>>> verify that the data it gets from a peer node really came from the
>>> recovering node? Right now it just seems to have to trust that the
>>> peer returns valid data.
>>>
>>> -derek
>>> --
>>> Derek Atkins 617-623-3745
>>> derek@ihtfp.com www.ihtfp.com
>>> Computer and Internet Security Consultant
>>>
>>>
>>>
>>
>>
>>
>>
>
> --
> Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> Member, MIT Student Information Processing Board (SIPB)
> URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
> warlord@MIT.EDU PGP key available
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 04:17:07 +0000
Date: Tue, 16 Jan 2007 12:16:12 +0800
From: Mach Chen <mach@huawei.com>
Subject: Re: Progressing the three inter-domain I-Ds
To: Peng He <peng.he.2000@gmail.com>
Cc: Dimitri.Papadimitriou@alcatel-lucent.be, Adrian Farrel <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Message-id: <01dd01c73925$0f14c0e0$5b0c6f0a@china.huawei.com>
MIME-version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: base64
SGkgUGVuZywNCg0KPi0tLS0tIE9yaWdpbmFsIE1lc3NhZ2UgLS0tLS0gDQo+RnJvbTogIlBlbmcg
SGUiIDxwZW5nLmhlLjIwMDBAZ21haWwuY29tPg0KPlRvOiAiTWFjaCBDaGVuIiA8bWFjaEBodWF3
ZWkuY29tPg0KPkNjOiA8RGltaXRyaS5QYXBhZGltaXRyaW91QGFsY2F0ZWwtbHVjZW50LmJlPjsg
IkFkcmlhbiBGYXJyZWwiIDxhZHJpYW5Ab2xkZG9nLmNvLnVrPjsgPGNjYW1wQG9wcy5pZXRmLm9y
Zz47IDxvd25lci1jY2FtcEBvcHMuaWV0Zi5vcmc+DQo+U2VudDogVHVlc2RheSwgSmFudWFyeSAx
NiwgMjAwNyAxMToxNyBBTQ0KPlN1YmplY3Q6IFJlOiBQcm9ncmVzc2luZyB0aGUgdGhyZWUgaW50
ZXItZG9tYWluIEktRHMNCg0KDQo+SGVsbG8gTWFjaCwNCg0KPkkgdW5kZXJzdG9vZCB0aGF0IHRo
ZSBwYXRoIGNvbXB1dGUgZWxlbWVudChIZWFkLWVuZCwgQVNCUiwgb3IgUENFKQ0KPnNob3VsZCAg
aGF2ZSB0aGUgaW50ZXItQVNCUiBsaW5rcyBpbmZvIHRvIGNvbXB1dGUgYW4gb3B0aW1hbCBvcg0K
Pm5lYXItb3B0aW1hbCBpbnRlci1kb21haW4gcGF0aC4NCg0KPllvdSBzYWlkICJCdXQgSSB0aGlu
ayB0aGUgaW50ZXItQVNCUiBsaW5rIHNob3VsZCBoYXZlIEFTIGZsb29kaW5nDQo+c2NvcGUuIiBX
aGF0IGRvIHlvdSBtZWFuIGJ5ICJBUyBmbG9vZGluZyBzY29wZSI/IElzIGl0IHdpdGhpbiBhbiBB
UyBvcg0KPmFtb25nIEFTZXM/IElmIHdpdGhpbiBhbiBBUywgdGhlbiB0aGF0J3MgdGhlIGV4YW1w
bGUgc2hvd24gaW4gdGhlDQo+dGhpcmQgZG9jdW1lbnQgYW5kIG1lbnRpb25lZCBpbiBEaW1pdHJp
J3MgcXVlc3Rpb25zOyBpZiBhbW9uZyBBU2VzLA0KPnRoZW4gaG93IG1hbnkgQVNlcyB3b3VsZCBi
ZSBlbm91Z2g/DQoNCkkgbWVhbnMgaXQncyBqdXN0IHdpdGhpbiBhbiBBUywgYW5kIGl0J3MgZW5v
dWdoIGZvciB0aG9zZSBwcm9wb3NlZCANCnBhdGggY29tcHV0YXRpb24gbWV0aG9kcywgZS5nOiBQ
ZXItRG9tYWluLCBCUlBDLCBldGMuIA0KDQpJZiBzdWNoIGludGVyLUFTQlIgbGlua3MgYXJlIGZs
b29kZWQgYW1vbmcgQVNlcywgdGhlcmUgd291bGQgYmUgc2NhbGFiaWx0eQ0KYW5kIGNvbmZpZGVu
dGlhbGl0eSBpc3N1ZXMuIA0KDQo+SSBqdXN0IGd1ZXNzIHRoZSBjb250ZW50cyBvZiBpbnRlci1B
UyBsaW5rIGluZm8gdG8gYmUgZmxvb2RlZCBzZWVtcw0KPmVhc2lseSB0byBiZSBkZWNpZGVkIChj
b25zaWRlciBpdCBhcyBhIHNwZWNpYWwgaW50cmEtQVMgVEUgbGluayB3aXRoDQo+QVMgIyBhdHRh
Y2hlZCksIGFuZCBtaWdodCBqdXN0IG5lZWQgYSBzaW1wbGUgZG9jdW1lbnQgdG8gZGVmaW5lIGl0
Ow0KPnRoZSBkaWZmaWN1bHQgdGhpbmcgaXMgdGhlIGZsb29kaW5nIHNjb3BlLCB3aGljaCBtaWdo
dCBiZSB2YXJpZWQgd2l0aA0KPmRpZmZlcmVudCBwYXRoIGNvbXB1dGluZyBhcHByb2FjaGVzIG9y
IGV2ZW4gdGhlIGFncmVlbWVudCBhbW9uZw0KPm9wZXJhdG9ycy4gIFN0aWxsIHNlZW1zIHRvIG1l
IGhhcmQgdG8gZGVmaW5lIGEgc3RhbmRhcmQgdG8gcnVsZSBpdC4NCj5PciwgbGVhdmUgZXZlcnkg
b3B0aW9ucyBvcGVuPw0KDQoNCg0KPlJlZ2FyZHMsDQo+UGVuZw0KDQpPbiAxLzE1LzA3LCBNYWNo
IENoZW4gPG1hY2hAaHVhd2VpLmNvbT4gd3JvdGU6DQo+IEhpIFBlbmcsDQo+DQo+IEkgbWVhbnMg
dGhhdCBubyBtYXR0ZXIgd2hhdCBraW5kIG9mIHBhdGggY29tcHV0YXRpb24gbWV0aG9kcyhQZXIt
ZG9tYWluLCBCUlBDLCBldGMuKSB3ZSBhZG9wdCwNCj4gaWYgd2Ugd2FudCB0byBjb21wdXRlIGEg
cGF0aCBzcGFuaW5nIG11dGlwbGUgQVNlcywgdGhlIGNvbXB1dGUgZWxlbWVudChIZWFkLWVuZCwg
QVNCUiwgb3IgUENFKQ0KPiBTSE9VTEQgZ2V0IHRoZSBpbnRlci1BU0JSIGxpbmtzIGluZm8uDQo+
DQo+IFdpdGggcmVzcGVjdCB0byB0aGUgZmxvb2Rpbmcgc2NvcGUgYW5kIHNwZWNpZmljYXRpb24g
b2YgaW50ZXItQVNCUiBsaW5rcyBpbmZvLCAgd2UgbmVlZCBtb3JlIGRpc2N1c3Npb24uDQo+IEJ1
dCBJIHRoaW5rIHRoZSBpbnRlci1BU0JSIGxpbmsgc2hvdWxkIGhhdmUgQVMgZmxvb2Rpbmcgc2Nv
cGUuDQo+DQo+IC0tLS0tIE9yaWdpbmFsIE1lc3NhZ2UgLS0tLS0NCj4gRnJvbTogIlBlbmcgSGUi
IDxwZW5nLmhlLjIwMDBAZ21haWwuY29tPg0KPiBUbzogIk1hY2ggQ2hlbiIgPG1hY2hAaHVhd2Vp
LmNvbT4NCj4gQ2M6IDxEaW1pdHJpLlBhcGFkaW1pdHJpb3VAYWxjYXRlbC1sdWNlbnQuYmU+OyAi
QWRyaWFuIEZhcnJlbCIgPGFkcmlhbkBvbGRkb2cuY28udWs+OyA8Y2NhbXBAb3BzLmlldGYub3Jn
PjsgPG93bmVyLWNjYW1wQG9wcy5pZXRmLm9yZz4NCj4gU2VudDogTW9uZGF5LCBKYW51YXJ5IDE1
LCAyMDA3IDExOjI2IEFNDQo+IFN1YmplY3Q6IFJlOiBQcm9ncmVzc2luZyB0aGUgdGhyZWUgaW50
ZXItZG9tYWluIEktRHMNCj4NCj4NCj4gSGVsbG8gTWFjaCwNCj4NCj4gSSBhbSBpbnRlcmVzdGVk
IGluIHN1Y2ggd29yay4gQnV0IEkgYW0gbm90IHN1cmUgd2hhdCB5b3Ugc2FpZCAiaW4gb2Rlcg0K
PiB0byBwZXJmb3JtICBpbnRlci1BUyBwYXRoIGNvbXB1dGF0aW9uLCBpbnRlci1BU0JSIGxpbmtz
IGZvb2RpbmcgaXMNCj4gZGVzaXJlZCIsIHNheSwgZGlmZmVyZW50IGNvbXB1dGluZyBtZXRob2Rz
IG1pZ2h0IG5lZWQgZGlmZmVyZW50DQo+IGluZm9ybWF0aW9uIGFib3V0IHRoZSBpbnRlci1BUyBs
aW5rcyBhbmQgdmFyaW91cyBmbG9vZCByYW5nZXMsIGFuZCBpZg0KPiBub3QgYSBnZW5lcmFsIG1l
dGhvZCBpcyBjb25zaWRlcmVkIGFzIGRlZmF1bHQsIGl0IHNlZW1zIHRvIG1lIGhhcmQgdG8NCj4g
ZGVmaW5lIHdoYXQgZXhhY3QgaW5mbyBzaG91bGQgYmUgZmxvb2RlZC4gSnVzdCBteSBwZXJzb25h
bCB0aG91Z2h0cy4NCj4NCj4gUmVnYXJkcywNCj4gUGVuZw0KPg0KPiBPbiAxLzE0LzA3LCBNYWNo
IENoZW4gPG1hY2hAaHVhd2VpLmNvbT4gd3JvdGU6DQo+ID4gRGltaXRyaSBhbmQgYWxsLA0KPiA+
DQo+ID4gQWZ0ZXIgcmVhZGluZyB0aGVzZSBkb2NzIEkgYWxzbyBoYXZlIHRoZSBzYW1lIGNvbmNl
cm4gd2l0aCB5b3UgYWJvdXQgaW50ZXItQVNCUiBsaW5rcyBmbG9vZGluZy4NCj4gPiBJIHRoaW5r
LCBpbiBvZGVyIHRvIHBlcmZvcm0gIGludGVyLUFTIHBhdGggY29tcHV0YXRpb24sIGludGVyLUFT
QlIgbGlua3MgZm9vZGluZyBpcyBkZXNpcmVkLiBCdXQNCj4gPiBzdWNoIGtpbmQgb2YgaW50ZXIt
QVNCUiBsaW5rIGluZm8gc2hvdWxkIGluY2x1ZGUgbW9yZSBpbmZvcm1hdGlvbiB0aGFuICJub3Jt
YWwiIFRFIGxpbmtzIGRvLA0KPiA+IGUuZzogdGhlIGludGVyLUFTQlIgbGlua3MgaW5mbyBTSE9V
TEQgc3RpbGwgaW5jbHVkZSB0aGUgcGVlciBBUyBudW1iZXIgYW5kIHBlZXIgQVNCUiByb3V0ZXIg
aWQNCj4gPiBiZXNpZGVzIHRob3NlIGxpbmsgaW5mbyB3aGljaCBoYXMgYmVlbiBzcGVjaWZpZWQg
aW4gcmZjMzYzMCBhbmQgcmZjMzc4NC4NCj4gPg0KPiA+IFNvIEkgdGhpbmsgdGhlcmUgbmVlZCBh
IGRvY3VtZW50IHRvIGNsYXJpZnkgYW5kIHNwZWNpZnkgaW50ZXItQVNCUiBsaW5rcyBmbG9vZGlu
Zy4gd2UgYXJlIGNvbnNpZGVyaW5nIHRvDQo+ID4gd3JpdGUgc3VjaCBhIGRvY3VtZW50LiBJZiBz
b21lb25lIGludGVyZXN0ZWQgaW4gc3VjaCB3b3JrLCB3ZSBjb3VsZCBjb29wZXJhdGUuDQo+ID4N
Cj4gPg0KPiA+DQo+ID4gQmVzdCByZWdhcmRzLA0KPiA+DQo+ID4gTWFjaA0KPiA+DQo+ID4gLS0t
LS0gT3JpZ2luYWwgTWVzc2FnZSAtLS0tLQ0KPiA+IEZyb206IDxEaW1pdHJpLlBhcGFkaW1pdHJp
b3VAYWxjYXRlbC1sdWNlbnQuYmU+DQo+ID4gVG86ICJBZHJpYW4gRmFycmVsIiA8YWRyaWFuQG9s
ZGRvZy5jby51az4NCj4gPiBDYzogPGNjYW1wQG9wcy5pZXRmLm9yZz47IDxvd25lci1jY2FtcEBv
cHMuaWV0Zi5vcmc+DQo+ID4gU2VudDogU2F0dXJkYXksIEphbnVhcnkgMTMsIDIwMDcgNzo0OSBQ
TQ0KPiA+IFN1YmplY3Q6IFJlOiBQcm9ncmVzc2luZyB0aGUgdGhyZWUgaW50ZXItZG9tYWluIEkt
RHMNCj4gPg0KPiA+DQo+ID4gaGkgYWRyaWFuDQo+ID4NCj4gPiBvKSBhIGNvdXBsZSBvZiBnZW5l
cmljIGNvbW1lbnRzIG9uIHRoZSB0aGlyZCBkb2MNCj4gPg0KPiA+IC0gdGhlIGRvYy4gc3RhdGVz
IGFwcGxpY2FiaWxpdHkgdG8gR01QTFMgYnV0IHNvbWV0aW1lcyBvbmx5IHJlZi4gTVBMUy1URQ0K
PiA+IHNpZ25hbGluZyBmdXJ0aGVyIG9uIGUuZy4gc2VjdGlvbiAzLjENCj4gPg0KPiA+ICIgLSBU
aGUgaW50ZXItZG9tYWluIFRFIExTUHMgYXJlIHNpZ25hbGVkIHVzaW5nIFJTVlAtVEUgKFtSRkMz
MjA5XSkuIg0KPiA+DQo+ID4gYW5kIG1hbnkgb3RoZXJzIGluIHNlY3Rpb24gNC4NCj4gPg0KPiA+
IC0gdGhlIGFyZSBtYW55IGNvbXBhcmlzb24gd2l0aCBQQ0UgdGVjaG5pcXVlIGFsb25nIHRoZSBk
b2MuIC0gd2VsbCB0aGF0J3MNCj4gPiBmaW5lIGJ1dCBvdXRzaWRlIHRoZSBzY29wZSBvZiB0aGUg
ZG9jdW1lbnQgZXhjZXB0IGlmIHRoZSBwdXJwb3NlIGlzIHRvDQo+ID4gaW5kaWNhdGUgaG93IGRp
ZmZlcmVudCB0ZWNobmlxdWVzIGNhbiBiZSBjb21iaW5lZCB0b2dldGhlciBhbmQgd2hpY2gNCj4g
PiBpbnRlcm9wIGlzc3VlcyBtYXkgcmVzdWx0IGZyb20gaXQNCj4gPg0KPiA+IG8pIGEgY291cGxl
IG9mIHNwZWNpZmljIGNvbW1lbnRzDQo+ID4NCj4gPiBlbmQgb2Ygc2VjdGlvbiAyOg0KPiA+DQo+
ID4gc2VjdGlvbiAzLjE6ICIqIFRoZSBjb21wbGV0ZSBsaXN0IG9mIGJvdW5kYXJ5IExTUnMgYWxv
bmcgdGhlIHBhdGgiDQo+ID4gLT4gbGlzdCBvZiBkb21haW4gaWRlbnRpZmllciBlLmcuIEFTIG51
bWJlcnMgYWxzbyBhcHBsaWVzIGhlcmUgPw0KPiA+DQo+ID4gbGFzdCCnIG9mIHNlY3Rpb24gMy4x
IGlzIHRoZSBtb3N0IGltcG9ydGFudCBvbmUsIHNpZ25hbGluZyBwcm90b2NvbCBhcmUNCj4gPiBp
bmRlcGVuZGVudCBvZiB0aGUgcm91dGluZyB0b3BvbG9neSBpdHNlbGYsIGkuZS4gbm90IGJlY2F1
c2UgYSBub2RlIGlzDQo+ID4gYW4gQUJSIG9yIGFuIEFTQlIgdGhhdCBjb21wLiBvY2N1cnMgYnV0
IHNpbXBseSBiZWNhdXNlIGhlIGhhcyBubyBwYXRoDQo+ID4gdG8gcmVhY2ggdGhlIG5leHQgKGxv
b3NlKSBob3AgLSBhbiBpbnRlcm1lZGlhdGUgbm9kZSBzaG91bGQgc3RpbGwgbWFpbnRhaW4NCj4g
PiBjYXBhY2l0eSB0byBwZXJmb3JtIHN1Y2ggb3BlcmF0aW9uDQo+ID4NCj4gPiBzZWN0aW9uIDMu
MyAiVGhlIHBhdGggY29tcHV0YXRpb24NCj4gPiAgICB0ZWNobmlxdWUgZGVzY3JpYmVkIGluIHRo
aXMgZG9jdW1lbnQgYXBwbGllcyB0byB0aGUgY2FzZSBvZiBhIHNpbmdsZQ0KPiA+ICAgIEFTIG1h
ZGUgb2YgbXVsdGlwbGUgSUdQIGFyZWFzLCBtdWx0aXBsZXMgQVNzIG1hZGUgb2YgYSBzaW5nbGUg
SUdQDQo+ID4gICAgYXJlYXMgb3IgYW55IGNvbWJpbmF0aW9uIG9mIHRoZSBhYm92ZS4gIEZvciB0
aGUgc2FrZSBvZiBzaW1wbGljaXR5LA0KPiA+ICAgIGVhY2ggcm91dGluZyBkb21haW4gd2lsbCBi
ZSBjb25zaWRlcmVkIGFzIHNpbmdsZSBhcmVhIGluIHRoaXMNCj4gPiAgICBkb2N1bWVudC4gIg0K
PiA+DQo+ID4gLT4gbm90IHN1cmUgdG8gdW5kZXJzdGFuZCB0aGUgcmVhc29uaW5nLCBhdCB0aGUg
ZW5kIHRoZXNlIGV4YW1wbGVzIG11c3QNCj4gPiByZW1haW4gaWxsdXN0cmF0aXZlIGFuZCBub3Qg
cmVzdHJpY3QgYXBwbGljYWJpbGl0eSAtIGFsbCB0aGVzZSB0dXRvcmlhbA0KPiA+IGxpa2UgbWF0
ZXJpYWwgc2hvdWxkIGJldHRlciBnbyBpbiBhbiBhcHBlbmRpeCAtDQo+ID4NCj4gPiBzZWN0aW9u
IDMuMSAiSW4gYW55IGNhc2UsDQo+ID4gICAgbm8gdG9wb2xvZ3kgb3IgcmVzb3VyY2UgaW5mb3Jt
YXRpb24gbmVlZHMgdG8gYmUgZGlzdHJpYnV0ZWQgYmV0d2Vlbg0KPiA+ICAgIGRvbWFpbnMgKGFz
IG1hbmRhdGVkIHBlciBbUkZDNDEwNV0gYW5kIFtSRkM0MjE2XSksIHdoaWNoIGlzIGNyaXRpY2Fs
DQo+ID4gICAgdG8gcHJlc2VydmUgSUdQL0JHUCBzY2FsYWJpbGl0eSBhbmQgY29uZmlkZW50aWFs
aXR5IGluIHRoZSBjYXNlIG9mIFRFDQo+ID4gICAgTFNQcyBzcGFubmluZyBtdWx0aXBsZSByb3V0
aW5nIGRvbWFpbnMuIg0KPiA+DQo+ID4gdGhlbiBTZWN0aW9uIDQNCj4gPiAiSW4gdGVybXMgb2Yg
Y29tcHV0YXRpb24gb2YgYW4gaW50ZXItQVMgVEUgTFNQIHBhdGgsIGFuIGludGVyZXN0aW5nDQo+
ID4gICAgb3B0aW1pemF0aW9uIHRlY2huaXF1ZSBjb25zaXN0cyBvZiBhbGxvd2luZyB0aGUgQVNC
UnMgdG8gZmxvb2QgdGhlIFRFDQo+ID4gICAgaW5mb3JtYXRpb24gcmVsYXRlZCB0byB0aGUgaW50
ZXItQVNCUiBsaW5rKHMpIGFsdGhvdWdoIG5vIElHUCBURSBpcw0KPiA+ICAgIGVuYWJsZWQgb3Zl
ciB0aG9zZSBsaW5rcyAoYW5kIHNvIHRoZXJlIGlzIG5vIElHUCBhZGphY2VuY3kgb3ZlciB0aGUN
Cj4gPiAgICBpbnRlci1BU0JSIGxpbmtzKS4gIC4uLg0KPiA+ICJUaGFua3MgdG8gc3VjaCBhbiBv
cHRpbWl6YXRpb24sIHRoZSBpbnRlci1BU0JScyBURSBsaW5rIGluZm9ybWF0aW9uDQo+ID4gICAg
Y29ycmVzcG9uZGluZyB0byB0aGUgbGlua3Mgb3JpZ2luYXRlZCBieSB0aGUgQVNCUiBpcyBtYWRl
IGF2YWlsYWJsZQ0KPiA+ICAgIGluIHRoZSBURUQgb2Ygb3RoZXIgTFNScyBpbiB0aGUgc2FtZSBk
b21haW4gdGhhdCB0aGUgQVNCUiBiZWxvbmdzIHRvLiINCj4gPg0KPiA+IGJ1dCBhZnRlcg0KPiA+
ICJOb3RlIHRoYXQgbm8gdG9wb2xvZ3kNCj4gPiAgICBpbmZvcm1hdGlvbiBpcyBmbG9vZGVkIGFu
ZCB0aGVzZSBsaW5rcyBhcmUgbm90IHVzZWQgaW4gSUdQIFNQRg0KPiA+ICAgIGNvbXB1dGF0aW9u
cy4gIE9ubHkgdGhlIFRFIGluZm9ybWF0aW9uIGZvciB0aGUgb3V0Z29pbmcgbGlua3MNCj4gPiAg
ICBkaXJlY3RseSBjb25uZWN0ZWQgdG8gdGhlIEFTQlIgaXMgYWR2ZXJ0aXNlZC4iDQo+ID4NCj4g
PiAtPiBjYW4gb25lIG9mIHRoZSBhdXRob3IgY2xhcmlmeSAxKSBpcyBmbG9vZGluZyBpbnZvbHZl
ZCBvciBub3QgPw0KPiA+IDIpIHdoYXQgZ2V0J3MgZmxvb2RlZCBhbmQgdW5kZXIgd2hpY2ggY29u
ZGl0aW9ucyAzKSB3aGF0IGlzIHRoZQ0KPiA+IHNjb3BlIG9mIHRoZSBmbG9vZGluZyA0KSBob3cg
dGhpcyBtZWNoYW5pc20gcG9zaXRpb25zIGFnYWluc3QgdGhlDQo+ID4gcmVxdWlyZW1lbnRzIG9m
IDQxMDUgYW5kIDQyMTYNCj4gPg0KPiA+DQo+ID4gbykgYSBjb3VwbGUgb2YgZWRpdHMNCj4gPg0K
PiA+IHNlY3Rpb24gMToNCj4gPg0KPiA+IEFCUiBSb3V0ZXIsIEFTQlIgUm91dGVyIC0gcmVkdW5k
YW50IFINCj4gPg0KPiA+IHRoZSBtb3N0IGltcG9ydGFudCBkZWYuIGlzIHRoZSAiZG9tYWluIiBk
ZWYuIHdoaWNoIGNhbiBiZSBmb3VuZCBpbiB0aGUNCj4gPiBmcm0gZG9jIGJ1dCBub3QgcmVjb3Jk
ZWQgaGVyZSB0aGlzIHdvdWxkIGNsYXJpZnkgc2VudGVuY2UgbGlrZQ0KPiA+DQo+ID4gIlRoZSBt
ZWNoYW5pc21zIHByb3Bvc2VkIGluIHRoaXMgZG9jdW1lbnQgYXJlIGFsc28gYXBwbGljYWJsZSB0
byBNUExTDQo+ID4gIFRFIGRvbWFpbnMgb3RoZXIgdGhhbiBJR1AgYXJlYXMgYW5kIEFTcy4iDQo+
ID4NCj4gPiByZWYuIEgtTFNQIGFuZCBTLUxTUCB3aXRoIHRoZSBhcHByb3ByaWF0ZSBkb2NzDQo+
ID4NCj4gPiBzdGF0ZSB0aGF0IGludGVyLWRvbWFpbiByZWNvdmVyeSBpcyBnb2luZyB0byBiZSBh
ZGRyZXNzZWQgaW4gYSBzZXQgb2YNCj4gPiBzcGVjaWZpYyBkb2NzDQo+ID4NCj4gPiBob3BlIHRo
aXMgd2lsbCBoZWxwLA0KPiA+IC0gZC4NCj4gPg0KPiA+DQo+ID4NCj4gPg0KPiA+ICJBZHJpYW4g
RmFycmVsIiA8YWRyaWFuQG9sZGRvZy5jby51az4NCj4gPiBTZW50IGJ5OiBvd25lci1jY2FtcEBv
cHMuaWV0Zi5vcmcNCj4gPiAwOS8wMS8yMDA3IDIzOjEzDQo+ID4gUGxlYXNlIHJlc3BvbmQgdG8g
IkFkcmlhbiBGYXJyZWwiDQo+ID4NCj4gPiAgICAgICAgIFRvOiAgICAgPGNjYW1wQG9wcy5pZXRm
Lm9yZz4NCj4gPiAgICAgICAgIGNjOg0KPiA+ICAgICAgICAgU3ViamVjdDogICAgICAgIFByb2dy
ZXNzaW5nIHRoZSB0aHJlZSBpbnRlci1kb21haW4gSS1Ecw0KPiA+DQo+ID4NCj4gPiBIaSwNCj4g
Pg0KPiA+IFdlIG5vdyBoYXZlIHVwZGF0ZWQgdmVyc2lvbnMgb2YgdGhlIHRocmVlIGludGVyLWRv
bWFpbiBzaWduYWxpbmcgSS1EczoNCj4gPg0KPiA+IC0gZHJhZnQtaWV0Zi1jY2FtcC1pbnRlci1k
b21haW4tcnN2cC10ZS0wNC50eHQNCj4gPiAtIGRyYWZ0LWlldGYtY2NhbXAtbHNwLXN0aXRjaGlu
Zy0wNC50eHQNCj4gPiAtIGRyYWZ0LWlldGYtY2NhbXAtaW50ZXItZG9tYWluLXBkLXBhdGgtY29t
cC0wMy50eHQNCj4gPg0KPiA+IE91ciBwbGFuIGlzOg0KPiA+IDEuIFdHIGNoYWlycyBkbyBkZXRh
aWxlZCByZXZpZXcgb3ZlciB0aGUgbmV4dCBjb3VwbGUgb2Ygd2Vla3MNCj4gPiAyLiBFZGl0b3Jz
IGFwcGx5IG5lY2Vzc2FyeSB1cGRhdGVzDQo+ID4gMy4gV2UgaG9sZCBhIFdHIGxhc3QgY2FsbCBm
b3IgdGhlIHRocmVlIEktRHMgdG9nZXRoZXINCj4gPg0KPiA+IElmIHlvdSBhcmUgaW50ZXJlc3Rl
ZCBpbiB0aGlzIHdvcmssIEkgc3VnZ2VzdCB0aGF0IG5vdyBtaWdodCBiZSBhIGdvb2QNCj4gPiB0
aW1lDQo+ID4gdG8gcmVtaW5kIHlvdXJzZWxmIGFib3V0IHRoZSBJLURzLCBoYXZlIGEgZ29vZCBy
ZWFkLCBhbmQgc2VlIGlmIHlvdSBjYW4NCj4gPiBnZXQNCj4gPiBhbnkgc3Vic3RhbnRpYWwgY29t
bWVudHMgaW4gdG8gY29pbmNpZGUgd2l0aCB0aGUgV0cgY2hhaXJzJyByZXZpZXcuDQo+ID4NCj4g
PiBUaGFua3MsDQo+ID4gQWRyaWFuDQo+ID4NCj4gPg0KPiA+DQo+ID4NCj4gPg0KPiA+DQo+ID4N
Cj4NCj4NCg0KQmVzdCByZWdhcmRzLA0KDQpNYWNoDQoNCg==
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 16 Jan 2007 03:20:13 +0000
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=iqXuFgAwoJ8PRIGKZp8bhcAG58Bv6RIfggc7WT+eO/XD18/UNxv1v51vU6KbD1knN3QZ2M4adHBqXU2NTdcDZg9Qfg0eylYuchhOStGaGLSd0FGTx55zHCecDL2QeNWvQe/4SuoCaMe4G9u/RyqcAUOOADitxC7ejcysuask1Is=
Message-ID: <406e32c00701151917h2418c03ei1fa706118d388df6@mail.gmail.com>
Date: Mon, 15 Jan 2007 22:17:31 -0500
From: "Peng He" <peng.he.2000@gmail.com>
To: "Mach Chen" <mach@huawei.com>
Subject: Re: Progressing the three inter-domain I-Ds
Cc: Dimitri.Papadimitriou@alcatel-lucent.be, "Adrian Farrel" <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hello Mach,
I understood that the path compute element(Head-end, ASBR, or PCE)
should have the inter-ASBR links info to compute an optimal or
near-optimal inter-domain path.
You said "But I think the inter-ASBR link should have AS flooding
scope." What do you mean by "AS flooding scope"? Is it within an AS or
among ASes? If within an AS, then that's the example shown in the
third document and mentioned in Dimitri's questions; if among ASes,
then how many ASes would be enough?
I just guess the contents of inter-AS link info to be flooded seems
easily to be decided (consider it as a special intra-AS TE link with
AS # attached), and might just need a simple document to define it;
the difficult thing is the flooding scope, which might be varied with
different path computing approaches or even the agreement among
operators. Still seems to me hard to define a standard to rule it.
Or, leave every options open?
Regards,
Peng
On 1/15/07, Mach Chen <mach@huawei.com> wrote:
> Hi Peng,
>
> I means that no matter what kind of path computation methods(Per-domain, =
BRPC, etc.) we adopt,
> if we want to compute a path spaning mutiple ASes, the compute element(He=
ad-end, ASBR, or PCE)
> SHOULD get the inter-ASBR links info.
>
> With respect to the flooding scope and specification of inter-ASBR links =
info, we need more discussion.
> But I think the inter-ASBR link should have AS flooding scope.
>
> ----- Original Message -----
> From: "Peng He" <peng.he.2000@gmail.com>
> To: "Mach Chen" <mach@huawei.com>
> Cc: <Dimitri.Papadimitriou@alcatel-lucent.be>; "Adrian Farrel" <adrian@ol=
ddog.co.uk>; <ccamp@ops.ietf.org>; <owner-ccamp@ops.ietf.org>
> Sent: Monday, January 15, 2007 11:26 AM
> Subject: Re: Progressing the three inter-domain I-Ds
>
>
> Hello Mach,
>
> I am interested in such work. But I am not sure what you said "in oder
> to perform inter-AS path computation, inter-ASBR links fooding is
> desired", say, different computing methods might need different
> information about the inter-AS links and various flood ranges, and if
> not a general method is considered as default, it seems to me hard to
> define what exact info should be flooded. Just my personal thoughts.
>
> Regards,
> Peng
>
> On 1/14/07, Mach Chen <mach@huawei.com> wrote:
> > Dimitri and all,
> >
> > After reading these docs I also have the same concern with you about in=
ter-ASBR links flooding.
> > I think, in oder to perform inter-AS path computation, inter-ASBR link=
s fooding is desired. But
> > such kind of inter-ASBR link info should include more information than =
"normal" TE links do,
> > e.g: the inter-ASBR links info SHOULD still include the peer AS number =
and peer ASBR router id
> > besides those link info which has been specified in rfc3630 and rfc3784=
.
> >
> > So I think there need a document to clarify and specify inter-ASBR link=
s flooding. we are considering to
> > write such a document. If someone interested in such work, we could coo=
perate.
> >
> >
> >
> > Best regards,
> >
> > Mach
> >
> > ----- Original Message -----
> > From: <Dimitri.Papadimitriou@alcatel-lucent.be>
> > To: "Adrian Farrel" <adrian@olddog.co.uk>
> > Cc: <ccamp@ops.ietf.org>; <owner-ccamp@ops.ietf.org>
> > Sent: Saturday, January 13, 2007 7:49 PM
> > Subject: Re: Progressing the three inter-domain I-Ds
> >
> >
> > hi adrian
> >
> > o) a couple of generic comments on the third doc
> >
> > - the doc. states applicability to GMPLS but sometimes only ref. MPLS-T=
E
> > signaling further on e.g. section 3.1
> >
> > " - The inter-domain TE LSPs are signaled using RSVP-TE ([RFC3209])."
> >
> > and many others in section 4.
> >
> > - the are many comparison with PCE technique along the doc. - well that=
's
> > fine but outside the scope of the document except if the purpose is to
> > indicate how different techniques can be combined together and which
> > interop issues may result from it
> >
> > o) a couple of specific comments
> >
> > end of section 2:
> >
> > section 3.1: "* The complete list of boundary LSRs along the path"
> > -> list of domain identifier e.g. AS numbers also applies here ?
> >
> > last =A7 of section 3.1 is the most important one, signaling protocol a=
re
> > independent of the routing topology itself, i.e. not because a node is
> > an ABR or an ASBR that comp. occurs but simply because he has no path
> > to reach the next (loose) hop - an intermediate node should still maint=
ain
> > capacity to perform such operation
> >
> > section 3.3 "The path computation
> > technique described in this document applies to the case of a single
> > AS made of multiple IGP areas, multiples ASs made of a single IGP
> > areas or any combination of the above. For the sake of simplicity,
> > each routing domain will be considered as single area in this
> > document. "
> >
> > -> not sure to understand the reasoning, at the end these examples must
> > remain illustrative and not restrict applicability - all these tutorial
> > like material should better go in an appendix -
> >
> > section 3.1 "In any case,
> > no topology or resource information needs to be distributed between
> > domains (as mandated per [RFC4105] and [RFC4216]), which is critical
> > to preserve IGP/BGP scalability and confidentiality in the case of T=
E
> > LSPs spanning multiple routing domains."
> >
> > then Section 4
> > "In terms of computation of an inter-AS TE LSP path, an interesting
> > optimization technique consists of allowing the ASBRs to flood the T=
E
> > information related to the inter-ASBR link(s) although no IGP TE is
> > enabled over those links (and so there is no IGP adjacency over the
> > inter-ASBR links). ...
> > "Thanks to such an optimization, the inter-ASBRs TE link information
> > corresponding to the links originated by the ASBR is made available
> > in the TED of other LSRs in the same domain that the ASBR belongs to=
."
> >
> > but after
> > "Note that no topology
> > information is flooded and these links are not used in IGP SPF
> > computations. Only the TE information for the outgoing links
> > directly connected to the ASBR is advertised."
> >
> > -> can one of the author clarify 1) is flooding involved or not ?
> > 2) what get's flooded and under which conditions 3) what is the
> > scope of the flooding 4) how this mechanism positions against the
> > requirements of 4105 and 4216
> >
> >
> > o) a couple of edits
> >
> > section 1:
> >
> > ABR Router, ASBR Router - redundant R
> >
> > the most important def. is the "domain" def. which can be found in the
> > frm doc but not recorded here this would clarify sentence like
> >
> > "The mechanisms proposed in this document are also applicable to MPLS
> > TE domains other than IGP areas and ASs."
> >
> > ref. H-LSP and S-LSP with the appropriate docs
> >
> > state that inter-domain recovery is going to be addressed in a set of
> > specific docs
> >
> > hope this will help,
> > - d.
> >
> >
> >
> >
> > "Adrian Farrel" <adrian@olddog.co.uk>
> > Sent by: owner-ccamp@ops.ietf.org
> > 09/01/2007 23:13
> > Please respond to "Adrian Farrel"
> >
> > To: <ccamp@ops.ietf.org>
> > cc:
> > Subject: Progressing the three inter-domain I-Ds
> >
> >
> > Hi,
> >
> > We now have updated versions of the three inter-domain signaling I-Ds:
> >
> > - draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
> > - draft-ietf-ccamp-lsp-stitching-04.txt
> > - draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
> >
> > Our plan is:
> > 1. WG chairs do detailed review over the next couple of weeks
> > 2. Editors apply necessary updates
> > 3. We hold a WG last call for the three I-Ds together
> >
> > If you are interested in this work, I suggest that now might be a good
> > time
> > to remind yourself about the I-Ds, have a good read, and see if you can
> > get
> > any substantial comments in to coincide with the WG chairs' review.
> >
> > Thanks,
> > Adrian
> >
> >
> >
> >
> >
> >
> >
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Mon, 15 Jan 2007 21:35:22 +0000
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>, ccamp mailing list <ccamp@ops.ietf.org>, ccamp chair <ccamp-chairs@tools.ietf.org>
Subject: Protocol Action: 'RSVP-TE Extensions in support of End-to-End Generalized Multi-Protocol Label Switching (GMPLS) Recovery' to Proposed Standard
Message-Id: <E1H6ZRG-0004zT-Bb@stiedprstage1.ietf.org>
Date: Mon, 15 Jan 2007 16:32:22 -0500
The IESG has approved the following document:
- 'RSVP-TE Extensions in support of End-to-End Generalized Multi-Protocol
Label Switching (GMPLS) Recovery '
<draft-ietf-ccamp-gmpls-recovery-e2e-signaling-04.txt> as a Proposed Standard
This document is the product of the Common Control and Measurement Plane
Working Group.
The IESG contact persons are Ross Callon and Bill Fenner.
A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-gmpls-recovery-e2e-signaling-04.txt
Technical Summary
This document describes protocol specific procedures and extensions
for Generalized Multi-Protocol Label Switching (GMPLS) Resource
ReserVation Protocol - Traffic Engineering (RSVP-TE) signaling to
support end-to-end Label Switched Path (LSP) recovery that denotes
protection and restoration. A generic functional description of
GMPLS recovery can be found in a companion document, RFC 4426.
Working Group Summary
no dissent reported. Many vendors have implemented and many
networks have deployed some versions of this.
Protocol Quality
Ross Callon reviewed this for the IESG. There are multiple
interoperable implementations and deployment.
Note to RFC Editor
Note, this document and one other document
(draft-ietf-ccamp-gmpls-segment-recovery-03.txt) should be
progressed together. This document references the other document.
Progressing together will ensure the RFC Ed can sort out details.
Also, please see significant IANA note.
IANA Note
There are significant IANA considerations, which have been cleared
up by Adrian Farrel's email to the IANA on Thu, 14 Dec 2006 10:52:16.
His explanation of IANA considerations are (cut and pasted from the
attachment to Adrian's email):
IANA requests for
[e2e] draft-ietf-ccamp-gmpls-recovery-e2e-signaling-04.txt
[seg] draft-ietf-ccamp-gmpls-segment-recovery-03.txt
All other references are provided for information and context.
====================================================
Registry: RSVP
Class Names, Class Numbers, and Class Types
20 EXPLICIT_ROUTE [RFC3209]
Class Types or C-Types:
1 Type 1 Explicit Route [RFC3209]
Sub-object type
1 IPv4 prefix [RFC3209]
2 IPv6 prefix [RFC3209]
3 Label [RFC3473]
4 Unnumbered Interface ID [RFC3477]
32 Autonomous system number [RFC3209]
37 Reserved [seg]
21 ROUTE_RECORD [RFC3209]
(also known as RECORD_ROUTE)
Class Types or C-Types:
1 Type 1 Route Record [RFC3209]
Sub-object type
1 IPv4 address [RFC3209]
2 IPv6 address [RFC3209]
3 Label [RFC3473]
4 Unnumbered Interface ID [RFC3477]
5 RRO Attributes [RFC4420]
37 Reserved [seg]
37 PROTECTION [RFC3473]
Class Types or C-Types:
1 Type 1 Protection [RFC3473]
2 Type 2 [e2e]
38 PRIMARY PATH ROUTE [e2e]
Class Types or C-Types:
1 Type 1 Primary Path Route [e2e]
198 ALARM_SPEC [RFC4783]
Class Types or C-Types:
1 Type 1 RESERVED [RFC4783]
2 Type 2 RESERVED [RFC4783]
3 IPv4 IF_ID ALARM_SPEC [RFC4783]
4 IPv6 IF_ID ALARM_SPEC [RFC4783]
199 ASSOCIATION [e2e]
Class Types or C-Types:
1 Type 1 IPv4 Association [e2e]
2 Type 2 IPv6 Association [e2e]
200 SECONDARY_EXPLICIT_ROUTE [seg]
Same C-Type values as EXPLICIT_ROUTE object
(C-Num 20) with the following additions:
For Class 1, C-Type 1, the following additional
Sub-object type is defined:
Sub-object type
37 Protection [seg]
201 SECONDARY_RECORD_ROUTE [seg]
Same C-Type values as EXPLICIT_ROUTE object
(C-Num 20) with the following additions:
For Class 1, C-Type 1, the following additional
Sub-object type is defined:
Sub-object type
37 Protection [seg]
============================================================
Registry: GMPLS Signaling Parameters
Interface_ID Types
Type Length Format Description Reference
---- ------ ---------- -------------------------- ---------
512 8 See below REFERENCE_COUNT [RFC4783]
513 8 See below SEVERITY [RFC4783]
514 8 See below GLOBAL_TIMESTAMP [RFC4783]
515 8 See below LOCAL_TIMESTAMP [RFC4783]
516 varies See below ERROR_STRING [RFC4783]
============================================================
Registry: GMPLS Signaling Parameters
Administrative Status Information Flags
Value Name Reference
----------- -------------------------------- ---------
0x80000000 Reflect (R) [RFC3473][RFC3471]
0x00000020 Lockout (L) [e2e]
0x00000010 Inhibit Alarm Communication (I) [RFC4783]
0x00000004 Testing (T) [RFC3473][RFC3471]
0x00000002 Administratively down (A) [RFC3473][RFC3471]
0x00000001 Deletion in progress (D) [RFC3473][RFC3471]
============================================================
Registry: RSVP
Error Codes and Values
Error Code Meaning
01 Admission Control Failure [RFC2205]
The sixteen bits of the Error Value field are
ssur cccc cccc cccc
as defined in [RFC2205]
The following globally-defined sub-codes may appear in the low-
order 12 bits when ssur = 0000:
Sub-code Meaning Reference
-------- ------------------------------ ---------
1 Delay bound cannot be met [RFC2205]
2 Requested bandwidth unavailable [RFC2205]
3 MTU in flowspec larger than [RFC2205]
interface MTU
4 LSP Admission Failure [e2e]
5 Bad Association Type [e2e]
02 Policy Control Failure [RFC2205]
This Error Code has the following globally-defined Error
Value sub-codes:
0 = Information reporting [RFC2750]
1 = Warning [RFC2750]
2 = Reason unknown [RFC2750]
3 = Generic Policy Rejection [RFC2750]
4 = Quota or Accounting violation [RFC2750]
5 = Flow was preempted [RFC2750]
6 = Previously installed policy expired [RFC2750]
(not refreshed)
7 = Previous policy data was replaced & [RFC2750]
caused rejection
8 = Policies could not be merged [RFC2750]
(multicast)
9 = PDP down or non functioning [RFC2750]
10 = Third Party Server (e.g., Kerberos) [RFC2750]
unavailable
11 = POLICY_DATA object has bad syntax [RFC2750]
12 = POLICY_DATA object failed Integrity [RFC2750]
Check
13 = POLICY_ELEMENT object has bad syntax [RFC2750]
14 = Mandatory PE Missing (Empty PE is in [RFC2750]
the PD object)
15 = PEP Out of resources to handle [RFC2750]
policies.
16 = PDP encountered bad RSVP objects or [RFC2750]
syntax
17 = Service type was rejected [RFC2750]
18 = Reservation Style was rejected [RFC2750]
19 = FlowSpec was rejected (too large) [RFC2750]
20 = Hard Pre-empted [e2e]
24 Routing Problem [RFC3209]
This Error Code has the following globally-defined Error
Value sub-codes:
1 = Bad EXPLICIT_ROUTE object [RFC3209]
: (snip)
16 = Unknown Interface Index [RFC3477]
17 = Unsupported LSP Protection [e2e]
18 = PROTECTION object not applicable [e2e]
19 = Bad PRIMARY PATH_ROUTE object [e2e]
20 = PRIMARY PATH_ROUTE object not [e2e]
applicable
21 = LSP Segment Protection Failed [seg]
25 Notify Error [RFC3209]
This Error Code has the following globally-defined Error
Value sub-codes:
1 = RRO too large for MTU [RFC3209]
2 = RRO Notification [RFC3209]
3 = Tunnel locally repaired [RFC3209]
4 = Control Channel Active State [RFC3473]
5 = Control Channel Degraded State [RFC3473]
6 = Preferable path exists [RFC4736]
7 = Local link maintenance required [RFC4736]
8 = Local node maintenance required [RFC4736]
9 = LSP Failure [e2e]
10 = LSP Recovered [e2e]
11 = LSP Locally Failed [e2e]
31 Alarms [RFC4783]
The Error Value sub-codes for this Error Code
have values and meanings identical to the values
and meanings defined in the IANAItuProbableCause
Textual Convention of IANA-ITU-ALARM-TC-MIB
in the Alarm MIB [RFC3877].
============================================================
Registry: GMPLS Signaling Parameters
Association Type
(This is a new registry)
Assignment by IANA are subject to IETF expert review
process i.e. IETF Standards Track RFC Action.
Value Type Reference
----- ----------------- ---------
0 Reserved [e2e]
1 Recovery (R) [e2e]
2 Resource Sharing (R) [seg]
Envelope-to: ccamp-data@psg.com
Delivery-date: Mon, 15 Jan 2007 21:35:15 +0000
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>, ccamp mailing list <ccamp@ops.ietf.org>, ccamp chair <ccamp-chairs@tools.ietf.org>
Subject: Protocol Action: 'GMPLS Based Segment Recovery' to Proposed Standard
Message-Id: <E1H6ZSi-0005Ck-Hb@stiedprstage1.ietf.org>
Date: Mon, 15 Jan 2007 16:33:52 -0500
The IESG has approved the following document:
- 'GMPLS Based Segment Recovery '
<draft-ietf-ccamp-gmpls-segment-recovery-03.txt> as a Proposed Standard
This document is the product of the Common Control and Measurement Plane
Working Group.
The IESG contact persons are Ross Callon and Bill Fenner.
A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-gmpls-segment-recovery-03.txt
Technical Summary
This document describes protocol specific procedures for GMPLS
(Generalized Multi-Protocol Label Switching) RSVP-TE (Resource
ReserVation Protocol - Traffic Engineering) signaling extensions to
support label switched path (LSP) segment protection and restoration.
These extensions are intended to complement and be consistent with
the Extensions for End-to-End GMPLS-based Recovery. Implications and
interactions with Fast Reroute are also addressed. This document
also updates the handling of Notify_Request objects.
Working Group Summary
No dissent reported. Good WG consensus.
Protocol Quality
Ross Callon has reviewed this for the IESG. There are multiple
implementations and deployment.
Note to RFC Editor
Note, this document and one other document
(draft-ietf-ccamp-gmpls-recovery-e2e-signaling-04.txt) should be
progressed together. This document references the other document.
Progressing together will ensure the RFC Ed can sort out details,
including cross-references between the two documents.
There is an IANA nit that will need to be fixed (see IANA note below).
Also, the reference to draft-lang-ccamp-gmpls-recovery-e2e-signaling
should be corrected to draft-ietf-ccamp-gmpls-recovery-e2e-signaling
IANA Note
There is an IANA nit that will need to be fixed. In particular:
sections 9.3 and 9.4 suggest the same value (198) for the
SECONDARY_EXPLICIT_ROUTE and SECONDARY_RECORD_ROUTE objects.
Also, I am told that this value has already (recently) been
assigned to an unrelated object. Thus, the IANA will need to
straighten this out. These and related IANA considerations have
been cleared up by Adrian Farrel's email to the IANA on Thu, 14
Dec 2006 10:52:16.
His explanation of IANA considerations are (cut and pasted from the
attachment to Adrian's email):
IANA requests for
[e2e] draft-ietf-ccamp-gmpls-recovery-e2e-signaling-04.txt
[seg] draft-ietf-ccamp-gmpls-segment-recovery-03.txt
All other references are provided for information and context.
====================================================
Registry: RSVP
Class Names, Class Numbers, and Class Types
20 EXPLICIT_ROUTE [RFC3209]
Class Types or C-Types:
1 Type 1 Explicit Route [RFC3209]
Sub-object type
1 IPv4 prefix [RFC3209]
2 IPv6 prefix [RFC3209]
3 Label [RFC3473]
4 Unnumbered Interface ID [RFC3477]
32 Autonomous system number [RFC3209]
37 Reserved [seg]
21 ROUTE_RECORD [RFC3209]
(also known as RECORD_ROUTE)
Class Types or C-Types:
1 Type 1 Route Record [RFC3209]
Sub-object type
1 IPv4 address [RFC3209]
2 IPv6 address [RFC3209]
3 Label [RFC3473]
4 Unnumbered Interface ID [RFC3477]
5 RRO Attributes [RFC4420]
37 Reserved [seg]
37 PROTECTION [RFC3473]
Class Types or C-Types:
1 Type 1 Protection [RFC3473]
2 Type 2 [e2e]
38 PRIMARY PATH ROUTE [e2e]
Class Types or C-Types:
1 Type 1 Primary Path Route [e2e]
198 ALARM_SPEC [RFC4783]
Class Types or C-Types:
1 Type 1 RESERVED [RFC4783]
2 Type 2 RESERVED [RFC4783]
3 IPv4 IF_ID ALARM_SPEC [RFC4783]
4 IPv6 IF_ID ALARM_SPEC [RFC4783]
199 ASSOCIATION [e2e]
Class Types or C-Types:
1 Type 1 IPv4 Association [e2e]
2 Type 2 IPv6 Association [e2e]
200 SECONDARY_EXPLICIT_ROUTE [seg]
Same C-Type values as EXPLICIT_ROUTE object
(C-Num 20) with the following additions:
For Class 1, C-Type 1, the following additional
Sub-object type is defined:
Sub-object type
37 Protection [seg]
201 SECONDARY_RECORD_ROUTE [seg]
Same C-Type values as EXPLICIT_ROUTE object
(C-Num 20) with the following additions:
For Class 1, C-Type 1, the following additional
Sub-object type is defined:
Sub-object type
37 Protection [seg]
============================================================
Registry: GMPLS Signaling Parameters
Interface_ID Types
Type Length Format Description Reference
---- ------ ---------- -------------------------- ---------
512 8 See below REFERENCE_COUNT [RFC4783]
513 8 See below SEVERITY [RFC4783]
514 8 See below GLOBAL_TIMESTAMP [RFC4783]
515 8 See below LOCAL_TIMESTAMP [RFC4783]
516 varies See below ERROR_STRING [RFC4783]
============================================================
Registry: GMPLS Signaling Parameters
Administrative Status Information Flags
Value Name Reference
----------- -------------------------------- ---------
0x80000000 Reflect (R) [RFC3473][RFC3471]
0x00000020 Lockout (L) [e2e]
0x00000010 Inhibit Alarm Communication (I) [RFC4783]
0x00000004 Testing (T) [RFC3473][RFC3471]
0x00000002 Administratively down (A) [RFC3473][RFC3471]
0x00000001 Deletion in progress (D) [RFC3473][RFC3471]
============================================================
Registry: RSVP
Error Codes and Values
Error Code Meaning
01 Admission Control Failure [RFC2205]
The sixteen bits of the Error Value field are
ssur cccc cccc cccc
as defined in [RFC2205]
The following globally-defined sub-codes may appear in the low-
order 12 bits when ssur = 0000:
Sub-code Meaning Reference
-------- ------------------------------ ---------
1 Delay bound cannot be met [RFC2205]
2 Requested bandwidth unavailable [RFC2205]
3 MTU in flowspec larger than [RFC2205]
interface MTU
4 LSP Admission Failure [e2e]
5 Bad Association Type [e2e]
02 Policy Control Failure [RFC2205]
This Error Code has the following globally-defined Error
Value sub-codes:
0 = Information reporting [RFC2750]
1 = Warning [RFC2750]
2 = Reason unknown [RFC2750]
3 = Generic Policy Rejection [RFC2750]
4 = Quota or Accounting violation [RFC2750]
5 = Flow was preempted [RFC2750]
6 = Previously installed policy expired [RFC2750]
(not refreshed)
7 = Previous policy data was replaced & [RFC2750]
caused rejection
8 = Policies could not be merged [RFC2750]
(multicast)
9 = PDP down or non functioning [RFC2750]
10 = Third Party Server (e.g., Kerberos) [RFC2750]
unavailable
11 = POLICY_DATA object has bad syntax [RFC2750]
12 = POLICY_DATA object failed Integrity [RFC2750]
Check
13 = POLICY_ELEMENT object has bad syntax [RFC2750]
14 = Mandatory PE Missing (Empty PE is in [RFC2750]
the PD object)
15 = PEP Out of resources to handle [RFC2750]
policies.
16 = PDP encountered bad RSVP objects or [RFC2750]
syntax
17 = Service type was rejected [RFC2750]
18 = Reservation Style was rejected [RFC2750]
19 = FlowSpec was rejected (too large) [RFC2750]
20 = Hard Pre-empted [e2e]
24 Routing Problem [RFC3209]
This Error Code has the following globally-defined Error
Value sub-codes:
1 = Bad EXPLICIT_ROUTE object [RFC3209]
: (snip)
16 = Unknown Interface Index [RFC3477]
17 = Unsupported LSP Protection [e2e]
18 = PROTECTION object not applicable [e2e]
19 = Bad PRIMARY PATH_ROUTE object [e2e]
20 = PRIMARY PATH_ROUTE object not [e2e]
applicable
21 = LSP Segment Protection Failed [seg]
25 Notify Error [RFC3209]
This Error Code has the following globally-defined Error
Value sub-codes:
1 = RRO too large for MTU [RFC3209]
2 = RRO Notification [RFC3209]
3 = Tunnel locally repaired [RFC3209]
4 = Control Channel Active State [RFC3473]
5 = Control Channel Degraded State [RFC3473]
6 = Preferable path exists [RFC4736]
7 = Local link maintenance required [RFC4736]
8 = Local node maintenance required [RFC4736]
9 = LSP Failure [e2e]
10 = LSP Recovered [e2e]
11 = LSP Locally Failed [e2e]
31 Alarms [RFC4783]
The Error Value sub-codes for this Error Code
have values and meanings identical to the values
and meanings defined in the IANAItuProbableCause
Textual Convention of IANA-ITU-ALARM-TC-MIB
in the Alarm MIB [RFC3877].
============================================================
Registry: GMPLS Signaling Parameters
Association Type
(This is a new registry)
Assignment by IANA are subject to IETF expert review
process i.e. IETF Standards Track RFC Action.
Value Type Reference
----- ----------------- ---------
0 Reserved [e2e]
1 Recovery (R) [e2e]
2 Resource Sharing (R) [seg]
Envelope-to: ccamp-data@psg.com
Delivery-date: Mon, 15 Jan 2007 05:04:43 +0000
Date: Mon, 15 Jan 2007 13:02:57 +0800
From: Mach Chen <mach@huawei.com>
Subject: Re: Progressing the three inter-domain I-Ds
To: Peng He <peng.he.2000@gmail.com>
Cc: Dimitri.Papadimitriou@alcatel-lucent.be, Adrian Farrel <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Message-id: <001a01c73862$6c747370$5b0c6f0a@china.huawei.com>
MIME-version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: base64
SGkgUGVuZywNCg0KSSBtZWFucyB0aGF0IG5vIG1hdHRlciB3aGF0IGtpbmQgb2YgcGF0aCBjb21w
dXRhdGlvbiBtZXRob2RzKFBlci1kb21haW4sIEJSUEMsIGV0Yy4pIHdlIGFkb3B0LCANCmlmIHdl
IHdhbnQgdG8gY29tcHV0ZSBhIHBhdGggc3BhbmluZyBtdXRpcGxlIEFTZXMsIHRoZSBjb21wdXRl
IGVsZW1lbnQoSGVhZC1lbmQsIEFTQlIsIG9yIFBDRSkNClNIT1VMRCBnZXQgdGhlIGludGVyLUFT
QlIgbGlua3MgaW5mby4NCg0KV2l0aCByZXNwZWN0IHRvIHRoZSBmbG9vZGluZyBzY29wZSBhbmQg
c3BlY2lmaWNhdGlvbiBvZiBpbnRlci1BU0JSIGxpbmtzIGluZm8sICB3ZSBuZWVkIG1vcmUgZGlz
Y3Vzc2lvbi4NCkJ1dCBJIHRoaW5rIHRoZSBpbnRlci1BU0JSIGxpbmsgc2hvdWxkIGhhdmUgQVMg
Zmxvb2Rpbmcgc2NvcGUuDQoNCi0tLS0tIE9yaWdpbmFsIE1lc3NhZ2UgLS0tLS0gDQpGcm9tOiAi
UGVuZyBIZSIgPHBlbmcuaGUuMjAwMEBnbWFpbC5jb20+DQpUbzogIk1hY2ggQ2hlbiIgPG1hY2hA
aHVhd2VpLmNvbT4NCkNjOiA8RGltaXRyaS5QYXBhZGltaXRyaW91QGFsY2F0ZWwtbHVjZW50LmJl
PjsgIkFkcmlhbiBGYXJyZWwiIDxhZHJpYW5Ab2xkZG9nLmNvLnVrPjsgPGNjYW1wQG9wcy5pZXRm
Lm9yZz47IDxvd25lci1jY2FtcEBvcHMuaWV0Zi5vcmc+DQpTZW50OiBNb25kYXksIEphbnVhcnkg
MTUsIDIwMDcgMTE6MjYgQU0NClN1YmplY3Q6IFJlOiBQcm9ncmVzc2luZyB0aGUgdGhyZWUgaW50
ZXItZG9tYWluIEktRHMNCg0KDQpIZWxsbyBNYWNoLA0KDQpJIGFtIGludGVyZXN0ZWQgaW4gc3Vj
aCB3b3JrLiBCdXQgSSBhbSBub3Qgc3VyZSB3aGF0IHlvdSBzYWlkICJpbiBvZGVyDQp0byBwZXJm
b3JtICBpbnRlci1BUyBwYXRoIGNvbXB1dGF0aW9uLCBpbnRlci1BU0JSIGxpbmtzIGZvb2Rpbmcg
aXMNCmRlc2lyZWQiLCBzYXksIGRpZmZlcmVudCBjb21wdXRpbmcgbWV0aG9kcyBtaWdodCBuZWVk
IGRpZmZlcmVudA0KaW5mb3JtYXRpb24gYWJvdXQgdGhlIGludGVyLUFTIGxpbmtzIGFuZCB2YXJp
b3VzIGZsb29kIHJhbmdlcywgYW5kIGlmDQpub3QgYSBnZW5lcmFsIG1ldGhvZCBpcyBjb25zaWRl
cmVkIGFzIGRlZmF1bHQsIGl0IHNlZW1zIHRvIG1lIGhhcmQgdG8NCmRlZmluZSB3aGF0IGV4YWN0
IGluZm8gc2hvdWxkIGJlIGZsb29kZWQuIEp1c3QgbXkgcGVyc29uYWwgdGhvdWdodHMuDQoNClJl
Z2FyZHMsDQpQZW5nDQoNCk9uIDEvMTQvMDcsIE1hY2ggQ2hlbiA8bWFjaEBodWF3ZWkuY29tPiB3
cm90ZToNCj4gRGltaXRyaSBhbmQgYWxsLA0KPg0KPiBBZnRlciByZWFkaW5nIHRoZXNlIGRvY3Mg
SSBhbHNvIGhhdmUgdGhlIHNhbWUgY29uY2VybiB3aXRoIHlvdSBhYm91dCBpbnRlci1BU0JSIGxp
bmtzIGZsb29kaW5nLg0KPiBJIHRoaW5rLCBpbiBvZGVyIHRvIHBlcmZvcm0gIGludGVyLUFTIHBh
dGggY29tcHV0YXRpb24sIGludGVyLUFTQlIgbGlua3MgZm9vZGluZyBpcyBkZXNpcmVkLiBCdXQN
Cj4gc3VjaCBraW5kIG9mIGludGVyLUFTQlIgbGluayBpbmZvIHNob3VsZCBpbmNsdWRlIG1vcmUg
aW5mb3JtYXRpb24gdGhhbiAibm9ybWFsIiBURSBsaW5rcyBkbywNCj4gZS5nOiB0aGUgaW50ZXIt
QVNCUiBsaW5rcyBpbmZvIFNIT1VMRCBzdGlsbCBpbmNsdWRlIHRoZSBwZWVyIEFTIG51bWJlciBh
bmQgcGVlciBBU0JSIHJvdXRlciBpZA0KPiBiZXNpZGVzIHRob3NlIGxpbmsgaW5mbyB3aGljaCBo
YXMgYmVlbiBzcGVjaWZpZWQgaW4gcmZjMzYzMCBhbmQgcmZjMzc4NC4NCj4NCj4gU28gSSB0aGlu
ayB0aGVyZSBuZWVkIGEgZG9jdW1lbnQgdG8gY2xhcmlmeSBhbmQgc3BlY2lmeSBpbnRlci1BU0JS
IGxpbmtzIGZsb29kaW5nLiB3ZSBhcmUgY29uc2lkZXJpbmcgdG8NCj4gd3JpdGUgc3VjaCBhIGRv
Y3VtZW50LiBJZiBzb21lb25lIGludGVyZXN0ZWQgaW4gc3VjaCB3b3JrLCB3ZSBjb3VsZCBjb29w
ZXJhdGUuDQo+DQo+DQo+DQo+IEJlc3QgcmVnYXJkcywNCj4NCj4gTWFjaA0KPg0KPiAtLS0tLSBP
cmlnaW5hbCBNZXNzYWdlIC0tLS0tDQo+IEZyb206IDxEaW1pdHJpLlBhcGFkaW1pdHJpb3VAYWxj
YXRlbC1sdWNlbnQuYmU+DQo+IFRvOiAiQWRyaWFuIEZhcnJlbCIgPGFkcmlhbkBvbGRkb2cuY28u
dWs+DQo+IENjOiA8Y2NhbXBAb3BzLmlldGYub3JnPjsgPG93bmVyLWNjYW1wQG9wcy5pZXRmLm9y
Zz4NCj4gU2VudDogU2F0dXJkYXksIEphbnVhcnkgMTMsIDIwMDcgNzo0OSBQTQ0KPiBTdWJqZWN0
OiBSZTogUHJvZ3Jlc3NpbmcgdGhlIHRocmVlIGludGVyLWRvbWFpbiBJLURzDQo+DQo+DQo+IGhp
IGFkcmlhbg0KPg0KPiBvKSBhIGNvdXBsZSBvZiBnZW5lcmljIGNvbW1lbnRzIG9uIHRoZSB0aGly
ZCBkb2MNCj4NCj4gLSB0aGUgZG9jLiBzdGF0ZXMgYXBwbGljYWJpbGl0eSB0byBHTVBMUyBidXQg
c29tZXRpbWVzIG9ubHkgcmVmLiBNUExTLVRFDQo+IHNpZ25hbGluZyBmdXJ0aGVyIG9uIGUuZy4g
c2VjdGlvbiAzLjENCj4NCj4gIiAtIFRoZSBpbnRlci1kb21haW4gVEUgTFNQcyBhcmUgc2lnbmFs
ZWQgdXNpbmcgUlNWUC1URSAoW1JGQzMyMDldKS4iDQo+DQo+IGFuZCBtYW55IG90aGVycyBpbiBz
ZWN0aW9uIDQuDQo+DQo+IC0gdGhlIGFyZSBtYW55IGNvbXBhcmlzb24gd2l0aCBQQ0UgdGVjaG5p
cXVlIGFsb25nIHRoZSBkb2MuIC0gd2VsbCB0aGF0J3MNCj4gZmluZSBidXQgb3V0c2lkZSB0aGUg
c2NvcGUgb2YgdGhlIGRvY3VtZW50IGV4Y2VwdCBpZiB0aGUgcHVycG9zZSBpcyB0bw0KPiBpbmRp
Y2F0ZSBob3cgZGlmZmVyZW50IHRlY2huaXF1ZXMgY2FuIGJlIGNvbWJpbmVkIHRvZ2V0aGVyIGFu
ZCB3aGljaA0KPiBpbnRlcm9wIGlzc3VlcyBtYXkgcmVzdWx0IGZyb20gaXQNCj4NCj4gbykgYSBj
b3VwbGUgb2Ygc3BlY2lmaWMgY29tbWVudHMNCj4NCj4gZW5kIG9mIHNlY3Rpb24gMjoNCj4NCj4g
c2VjdGlvbiAzLjE6ICIqIFRoZSBjb21wbGV0ZSBsaXN0IG9mIGJvdW5kYXJ5IExTUnMgYWxvbmcg
dGhlIHBhdGgiDQo+IC0+IGxpc3Qgb2YgZG9tYWluIGlkZW50aWZpZXIgZS5nLiBBUyBudW1iZXJz
IGFsc28gYXBwbGllcyBoZXJlID8NCj4NCj4gbGFzdCCnIG9mIHNlY3Rpb24gMy4xIGlzIHRoZSBt
b3N0IGltcG9ydGFudCBvbmUsIHNpZ25hbGluZyBwcm90b2NvbCBhcmUNCj4gaW5kZXBlbmRlbnQg
b2YgdGhlIHJvdXRpbmcgdG9wb2xvZ3kgaXRzZWxmLCBpLmUuIG5vdCBiZWNhdXNlIGEgbm9kZSBp
cw0KPiBhbiBBQlIgb3IgYW4gQVNCUiB0aGF0IGNvbXAuIG9jY3VycyBidXQgc2ltcGx5IGJlY2F1
c2UgaGUgaGFzIG5vIHBhdGgNCj4gdG8gcmVhY2ggdGhlIG5leHQgKGxvb3NlKSBob3AgLSBhbiBp
bnRlcm1lZGlhdGUgbm9kZSBzaG91bGQgc3RpbGwgbWFpbnRhaW4NCj4gY2FwYWNpdHkgdG8gcGVy
Zm9ybSBzdWNoIG9wZXJhdGlvbg0KPg0KPiBzZWN0aW9uIDMuMyAiVGhlIHBhdGggY29tcHV0YXRp
b24NCj4gICAgdGVjaG5pcXVlIGRlc2NyaWJlZCBpbiB0aGlzIGRvY3VtZW50IGFwcGxpZXMgdG8g
dGhlIGNhc2Ugb2YgYSBzaW5nbGUNCj4gICAgQVMgbWFkZSBvZiBtdWx0aXBsZSBJR1AgYXJlYXMs
IG11bHRpcGxlcyBBU3MgbWFkZSBvZiBhIHNpbmdsZSBJR1ANCj4gICAgYXJlYXMgb3IgYW55IGNv
bWJpbmF0aW9uIG9mIHRoZSBhYm92ZS4gIEZvciB0aGUgc2FrZSBvZiBzaW1wbGljaXR5LA0KPiAg
ICBlYWNoIHJvdXRpbmcgZG9tYWluIHdpbGwgYmUgY29uc2lkZXJlZCBhcyBzaW5nbGUgYXJlYSBp
biB0aGlzDQo+ICAgIGRvY3VtZW50LiAiDQo+DQo+IC0+IG5vdCBzdXJlIHRvIHVuZGVyc3RhbmQg
dGhlIHJlYXNvbmluZywgYXQgdGhlIGVuZCB0aGVzZSBleGFtcGxlcyBtdXN0DQo+IHJlbWFpbiBp
bGx1c3RyYXRpdmUgYW5kIG5vdCByZXN0cmljdCBhcHBsaWNhYmlsaXR5IC0gYWxsIHRoZXNlIHR1
dG9yaWFsDQo+IGxpa2UgbWF0ZXJpYWwgc2hvdWxkIGJldHRlciBnbyBpbiBhbiBhcHBlbmRpeCAt
DQo+DQo+IHNlY3Rpb24gMy4xICJJbiBhbnkgY2FzZSwNCj4gICAgbm8gdG9wb2xvZ3kgb3IgcmVz
b3VyY2UgaW5mb3JtYXRpb24gbmVlZHMgdG8gYmUgZGlzdHJpYnV0ZWQgYmV0d2Vlbg0KPiAgICBk
b21haW5zIChhcyBtYW5kYXRlZCBwZXIgW1JGQzQxMDVdIGFuZCBbUkZDNDIxNl0pLCB3aGljaCBp
cyBjcml0aWNhbA0KPiAgICB0byBwcmVzZXJ2ZSBJR1AvQkdQIHNjYWxhYmlsaXR5IGFuZCBjb25m
aWRlbnRpYWxpdHkgaW4gdGhlIGNhc2Ugb2YgVEUNCj4gICAgTFNQcyBzcGFubmluZyBtdWx0aXBs
ZSByb3V0aW5nIGRvbWFpbnMuIg0KPg0KPiB0aGVuIFNlY3Rpb24gNA0KPiAiSW4gdGVybXMgb2Yg
Y29tcHV0YXRpb24gb2YgYW4gaW50ZXItQVMgVEUgTFNQIHBhdGgsIGFuIGludGVyZXN0aW5nDQo+
ICAgIG9wdGltaXphdGlvbiB0ZWNobmlxdWUgY29uc2lzdHMgb2YgYWxsb3dpbmcgdGhlIEFTQlJz
IHRvIGZsb29kIHRoZSBURQ0KPiAgICBpbmZvcm1hdGlvbiByZWxhdGVkIHRvIHRoZSBpbnRlci1B
U0JSIGxpbmsocykgYWx0aG91Z2ggbm8gSUdQIFRFIGlzDQo+ICAgIGVuYWJsZWQgb3ZlciB0aG9z
ZSBsaW5rcyAoYW5kIHNvIHRoZXJlIGlzIG5vIElHUCBhZGphY2VuY3kgb3ZlciB0aGUNCj4gICAg
aW50ZXItQVNCUiBsaW5rcykuICAuLi4NCj4gIlRoYW5rcyB0byBzdWNoIGFuIG9wdGltaXphdGlv
biwgdGhlIGludGVyLUFTQlJzIFRFIGxpbmsgaW5mb3JtYXRpb24NCj4gICAgY29ycmVzcG9uZGlu
ZyB0byB0aGUgbGlua3Mgb3JpZ2luYXRlZCBieSB0aGUgQVNCUiBpcyBtYWRlIGF2YWlsYWJsZQ0K
PiAgICBpbiB0aGUgVEVEIG9mIG90aGVyIExTUnMgaW4gdGhlIHNhbWUgZG9tYWluIHRoYXQgdGhl
IEFTQlIgYmVsb25ncyB0by4iDQo+DQo+IGJ1dCBhZnRlcg0KPiAiTm90ZSB0aGF0IG5vIHRvcG9s
b2d5DQo+ICAgIGluZm9ybWF0aW9uIGlzIGZsb29kZWQgYW5kIHRoZXNlIGxpbmtzIGFyZSBub3Qg
dXNlZCBpbiBJR1AgU1BGDQo+ICAgIGNvbXB1dGF0aW9ucy4gIE9ubHkgdGhlIFRFIGluZm9ybWF0
aW9uIGZvciB0aGUgb3V0Z29pbmcgbGlua3MNCj4gICAgZGlyZWN0bHkgY29ubmVjdGVkIHRvIHRo
ZSBBU0JSIGlzIGFkdmVydGlzZWQuIg0KPg0KPiAtPiBjYW4gb25lIG9mIHRoZSBhdXRob3IgY2xh
cmlmeSAxKSBpcyBmbG9vZGluZyBpbnZvbHZlZCBvciBub3QgPw0KPiAyKSB3aGF0IGdldCdzIGZs
b29kZWQgYW5kIHVuZGVyIHdoaWNoIGNvbmRpdGlvbnMgMykgd2hhdCBpcyB0aGUNCj4gc2NvcGUg
b2YgdGhlIGZsb29kaW5nIDQpIGhvdyB0aGlzIG1lY2hhbmlzbSBwb3NpdGlvbnMgYWdhaW5zdCB0
aGUNCj4gcmVxdWlyZW1lbnRzIG9mIDQxMDUgYW5kIDQyMTYNCj4NCj4NCj4gbykgYSBjb3VwbGUg
b2YgZWRpdHMNCj4NCj4gc2VjdGlvbiAxOg0KPg0KPiBBQlIgUm91dGVyLCBBU0JSIFJvdXRlciAt
IHJlZHVuZGFudCBSDQo+DQo+IHRoZSBtb3N0IGltcG9ydGFudCBkZWYuIGlzIHRoZSAiZG9tYWlu
IiBkZWYuIHdoaWNoIGNhbiBiZSBmb3VuZCBpbiB0aGUNCj4gZnJtIGRvYyBidXQgbm90IHJlY29y
ZGVkIGhlcmUgdGhpcyB3b3VsZCBjbGFyaWZ5IHNlbnRlbmNlIGxpa2UNCj4NCj4gIlRoZSBtZWNo
YW5pc21zIHByb3Bvc2VkIGluIHRoaXMgZG9jdW1lbnQgYXJlIGFsc28gYXBwbGljYWJsZSB0byBN
UExTDQo+ICBURSBkb21haW5zIG90aGVyIHRoYW4gSUdQIGFyZWFzIGFuZCBBU3MuIg0KPg0KPiBy
ZWYuIEgtTFNQIGFuZCBTLUxTUCB3aXRoIHRoZSBhcHByb3ByaWF0ZSBkb2NzDQo+DQo+IHN0YXRl
IHRoYXQgaW50ZXItZG9tYWluIHJlY292ZXJ5IGlzIGdvaW5nIHRvIGJlIGFkZHJlc3NlZCBpbiBh
IHNldCBvZg0KPiBzcGVjaWZpYyBkb2NzDQo+DQo+IGhvcGUgdGhpcyB3aWxsIGhlbHAsDQo+IC0g
ZC4NCj4NCj4NCj4NCj4NCj4gIkFkcmlhbiBGYXJyZWwiIDxhZHJpYW5Ab2xkZG9nLmNvLnVrPg0K
PiBTZW50IGJ5OiBvd25lci1jY2FtcEBvcHMuaWV0Zi5vcmcNCj4gMDkvMDEvMjAwNyAyMzoxMw0K
PiBQbGVhc2UgcmVzcG9uZCB0byAiQWRyaWFuIEZhcnJlbCINCj4NCj4gICAgICAgICBUbzogICAg
IDxjY2FtcEBvcHMuaWV0Zi5vcmc+DQo+ICAgICAgICAgY2M6DQo+ICAgICAgICAgU3ViamVjdDog
ICAgICAgIFByb2dyZXNzaW5nIHRoZSB0aHJlZSBpbnRlci1kb21haW4gSS1Ecw0KPg0KPg0KPiBI
aSwNCj4NCj4gV2Ugbm93IGhhdmUgdXBkYXRlZCB2ZXJzaW9ucyBvZiB0aGUgdGhyZWUgaW50ZXIt
ZG9tYWluIHNpZ25hbGluZyBJLURzOg0KPg0KPiAtIGRyYWZ0LWlldGYtY2NhbXAtaW50ZXItZG9t
YWluLXJzdnAtdGUtMDQudHh0DQo+IC0gZHJhZnQtaWV0Zi1jY2FtcC1sc3Atc3RpdGNoaW5nLTA0
LnR4dA0KPiAtIGRyYWZ0LWlldGYtY2NhbXAtaW50ZXItZG9tYWluLXBkLXBhdGgtY29tcC0wMy50
eHQNCj4NCj4gT3VyIHBsYW4gaXM6DQo+IDEuIFdHIGNoYWlycyBkbyBkZXRhaWxlZCByZXZpZXcg
b3ZlciB0aGUgbmV4dCBjb3VwbGUgb2Ygd2Vla3MNCj4gMi4gRWRpdG9ycyBhcHBseSBuZWNlc3Nh
cnkgdXBkYXRlcw0KPiAzLiBXZSBob2xkIGEgV0cgbGFzdCBjYWxsIGZvciB0aGUgdGhyZWUgSS1E
cyB0b2dldGhlcg0KPg0KPiBJZiB5b3UgYXJlIGludGVyZXN0ZWQgaW4gdGhpcyB3b3JrLCBJIHN1
Z2dlc3QgdGhhdCBub3cgbWlnaHQgYmUgYSBnb29kDQo+IHRpbWUNCj4gdG8gcmVtaW5kIHlvdXJz
ZWxmIGFib3V0IHRoZSBJLURzLCBoYXZlIGEgZ29vZCByZWFkLCBhbmQgc2VlIGlmIHlvdSBjYW4N
Cj4gZ2V0DQo+IGFueSBzdWJzdGFudGlhbCBjb21tZW50cyBpbiB0byBjb2luY2lkZSB3aXRoIHRo
ZSBXRyBjaGFpcnMnIHJldmlldy4NCj4NCj4gVGhhbmtzLA0KPiBBZHJpYW4NCj4NCj4NCj4NCj4N
Cj4NCj4NCj4NCg0K
Envelope-to: ccamp-data@psg.com
Delivery-date: Mon, 15 Jan 2007 03:27:19 +0000
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=FgS//iHSwmXiRpKO8X9iILFnLRzDP9iyNzwYxHIHhkXURROVconIXMGWIRciSqu50FKXt6+ScfPg3hIvpjPZUogWD3xPiuvsuWwFVE6plpbV3JhaVPfG81stUYJUx4xWzVUDNFYLEC5PGa+Imdtn+K6KWKjnQrbLJL9qqkLnO0w=
Message-ID: <406e32c00701141926s2015a1eftfc145ea4443251bc@mail.gmail.com>
Date: Sun, 14 Jan 2007 22:26:27 -0500
From: "Peng He" <peng.he.2000@gmail.com>
To: "Mach Chen" <mach@huawei.com>
Subject: Re: Progressing the three inter-domain I-Ds
Cc: Dimitri.Papadimitriou@alcatel-lucent.be, "Adrian Farrel" <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hello Mach,
I am interested in such work. But I am not sure what you said "in oder
to perform inter-AS path computation, inter-ASBR links fooding is
desired", say, different computing methods might need different
information about the inter-AS links and various flood ranges, and if
not a general method is considered as default, it seems to me hard to
define what exact info should be flooded. Just my personal thoughts.
Regards,
Peng
On 1/14/07, Mach Chen <mach@huawei.com> wrote:
> Dimitri and all,
>
> After reading these docs I also have the same concern with you about inte=
r-ASBR links flooding.
> I think, in oder to perform inter-AS path computation, inter-ASBR links =
fooding is desired. But
> such kind of inter-ASBR link info should include more information than "n=
ormal" TE links do,
> e.g: the inter-ASBR links info SHOULD still include the peer AS number an=
d peer ASBR router id
> besides those link info which has been specified in rfc3630 and rfc3784.
>
> So I think there need a document to clarify and specify inter-ASBR links =
flooding. we are considering to
> write such a document. If someone interested in such work, we could coope=
rate.
>
>
>
> Best regards,
>
> Mach
>
> ----- Original Message -----
> From: <Dimitri.Papadimitriou@alcatel-lucent.be>
> To: "Adrian Farrel" <adrian@olddog.co.uk>
> Cc: <ccamp@ops.ietf.org>; <owner-ccamp@ops.ietf.org>
> Sent: Saturday, January 13, 2007 7:49 PM
> Subject: Re: Progressing the three inter-domain I-Ds
>
>
> hi adrian
>
> o) a couple of generic comments on the third doc
>
> - the doc. states applicability to GMPLS but sometimes only ref. MPLS-TE
> signaling further on e.g. section 3.1
>
> " - The inter-domain TE LSPs are signaled using RSVP-TE ([RFC3209])."
>
> and many others in section 4.
>
> - the are many comparison with PCE technique along the doc. - well that's
> fine but outside the scope of the document except if the purpose is to
> indicate how different techniques can be combined together and which
> interop issues may result from it
>
> o) a couple of specific comments
>
> end of section 2:
>
> section 3.1: "* The complete list of boundary LSRs along the path"
> -> list of domain identifier e.g. AS numbers also applies here ?
>
> last =A7 of section 3.1 is the most important one, signaling protocol are
> independent of the routing topology itself, i.e. not because a node is
> an ABR or an ASBR that comp. occurs but simply because he has no path
> to reach the next (loose) hop - an intermediate node should still maintai=
n
> capacity to perform such operation
>
> section 3.3 "The path computation
> technique described in this document applies to the case of a single
> AS made of multiple IGP areas, multiples ASs made of a single IGP
> areas or any combination of the above. For the sake of simplicity,
> each routing domain will be considered as single area in this
> document. "
>
> -> not sure to understand the reasoning, at the end these examples must
> remain illustrative and not restrict applicability - all these tutorial
> like material should better go in an appendix -
>
> section 3.1 "In any case,
> no topology or resource information needs to be distributed between
> domains (as mandated per [RFC4105] and [RFC4216]), which is critical
> to preserve IGP/BGP scalability and confidentiality in the case of TE
> LSPs spanning multiple routing domains."
>
> then Section 4
> "In terms of computation of an inter-AS TE LSP path, an interesting
> optimization technique consists of allowing the ASBRs to flood the TE
> information related to the inter-ASBR link(s) although no IGP TE is
> enabled over those links (and so there is no IGP adjacency over the
> inter-ASBR links). ...
> "Thanks to such an optimization, the inter-ASBRs TE link information
> corresponding to the links originated by the ASBR is made available
> in the TED of other LSRs in the same domain that the ASBR belongs to."
>
> but after
> "Note that no topology
> information is flooded and these links are not used in IGP SPF
> computations. Only the TE information for the outgoing links
> directly connected to the ASBR is advertised."
>
> -> can one of the author clarify 1) is flooding involved or not ?
> 2) what get's flooded and under which conditions 3) what is the
> scope of the flooding 4) how this mechanism positions against the
> requirements of 4105 and 4216
>
>
> o) a couple of edits
>
> section 1:
>
> ABR Router, ASBR Router - redundant R
>
> the most important def. is the "domain" def. which can be found in the
> frm doc but not recorded here this would clarify sentence like
>
> "The mechanisms proposed in this document are also applicable to MPLS
> TE domains other than IGP areas and ASs."
>
> ref. H-LSP and S-LSP with the appropriate docs
>
> state that inter-domain recovery is going to be addressed in a set of
> specific docs
>
> hope this will help,
> - d.
>
>
>
>
> "Adrian Farrel" <adrian@olddog.co.uk>
> Sent by: owner-ccamp@ops.ietf.org
> 09/01/2007 23:13
> Please respond to "Adrian Farrel"
>
> To: <ccamp@ops.ietf.org>
> cc:
> Subject: Progressing the three inter-domain I-Ds
>
>
> Hi,
>
> We now have updated versions of the three inter-domain signaling I-Ds:
>
> - draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
> - draft-ietf-ccamp-lsp-stitching-04.txt
> - draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
>
> Our plan is:
> 1. WG chairs do detailed review over the next couple of weeks
> 2. Editors apply necessary updates
> 3. We hold a WG last call for the three I-Ds together
>
> If you are interested in this work, I suggest that now might be a good
> time
> to remind yourself about the I-Ds, have a good read, and see if you can
> get
> any substantial comments in to coincide with the WG chairs' review.
>
> Thanks,
> Adrian
>
>
>
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Mon, 15 Jan 2007 02:44:42 +0000
Date: Mon, 15 Jan 2007 10:41:20 +0800
From: Mach Chen <mach@huawei.com>
Subject: Re: Progressing the three inter-domain I-Ds
To: Dimitri.Papadimitriou@alcatel-lucent.be, Adrian Farrel <adrian@olddog.co.uk>
Cc: ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Message-id: <003201c7384e$a449e820$5b0c6f0a@china.huawei.com>
MIME-version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: base64
RGltaXRyaSBhbmQgYWxsLA0KDQpBZnRlciByZWFkaW5nIHRoZXNlIGRvY3MgSSBhbHNvIGhhdmUg
dGhlIHNhbWUgY29uY2VybiB3aXRoIHlvdSBhYm91dCBpbnRlci1BU0JSIGxpbmtzIGZsb29kaW5n
Lg0KSSB0aGluaywgaW4gb2RlciB0byBwZXJmb3JtICBpbnRlci1BUyBwYXRoIGNvbXB1dGF0aW9u
LCBpbnRlci1BU0JSIGxpbmtzIGZvb2RpbmcgaXMgZGVzaXJlZC4gQnV0IA0Kc3VjaCBraW5kIG9m
IGludGVyLUFTQlIgbGluayBpbmZvIHNob3VsZCBpbmNsdWRlIG1vcmUgaW5mb3JtYXRpb24gdGhh
biAibm9ybWFsIiBURSBsaW5rcyBkbywgDQplLmc6IHRoZSBpbnRlci1BU0JSIGxpbmtzIGluZm8g
U0hPVUxEIHN0aWxsIGluY2x1ZGUgdGhlIHBlZXIgQVMgbnVtYmVyIGFuZCBwZWVyIEFTQlIgcm91
dGVyIGlkIA0KYmVzaWRlcyB0aG9zZSBsaW5rIGluZm8gd2hpY2ggaGFzIGJlZW4gc3BlY2lmaWVk
IGluIHJmYzM2MzAgYW5kIHJmYzM3ODQuDQoNClNvIEkgdGhpbmsgdGhlcmUgbmVlZCBhIGRvY3Vt
ZW50IHRvIGNsYXJpZnkgYW5kIHNwZWNpZnkgaW50ZXItQVNCUiBsaW5rcyBmbG9vZGluZy4gd2Ug
YXJlIGNvbnNpZGVyaW5nIHRvIA0Kd3JpdGUgc3VjaCBhIGRvY3VtZW50LiBJZiBzb21lb25lIGlu
dGVyZXN0ZWQgaW4gc3VjaCB3b3JrLCB3ZSBjb3VsZCBjb29wZXJhdGUuDQoNCg0KDQpCZXN0IHJl
Z2FyZHMsDQoNCk1hY2gNCg0KLS0tLS0gT3JpZ2luYWwgTWVzc2FnZSAtLS0tLSANCkZyb206IDxE
aW1pdHJpLlBhcGFkaW1pdHJpb3VAYWxjYXRlbC1sdWNlbnQuYmU+DQpUbzogIkFkcmlhbiBGYXJy
ZWwiIDxhZHJpYW5Ab2xkZG9nLmNvLnVrPg0KQ2M6IDxjY2FtcEBvcHMuaWV0Zi5vcmc+OyA8b3du
ZXItY2NhbXBAb3BzLmlldGYub3JnPg0KU2VudDogU2F0dXJkYXksIEphbnVhcnkgMTMsIDIwMDcg
Nzo0OSBQTQ0KU3ViamVjdDogUmU6IFByb2dyZXNzaW5nIHRoZSB0aHJlZSBpbnRlci1kb21haW4g
SS1Ecw0KDQoNCmhpIGFkcmlhbg0KDQpvKSBhIGNvdXBsZSBvZiBnZW5lcmljIGNvbW1lbnRzIG9u
IHRoZSB0aGlyZCBkb2MNCg0KLSB0aGUgZG9jLiBzdGF0ZXMgYXBwbGljYWJpbGl0eSB0byBHTVBM
UyBidXQgc29tZXRpbWVzIG9ubHkgcmVmLiBNUExTLVRFDQpzaWduYWxpbmcgZnVydGhlciBvbiBl
LmcuIHNlY3Rpb24gMy4xDQoNCiIgLSBUaGUgaW50ZXItZG9tYWluIFRFIExTUHMgYXJlIHNpZ25h
bGVkIHVzaW5nIFJTVlAtVEUgKFtSRkMzMjA5XSkuIg0KDQphbmQgbWFueSBvdGhlcnMgaW4gc2Vj
dGlvbiA0Lg0KDQotIHRoZSBhcmUgbWFueSBjb21wYXJpc29uIHdpdGggUENFIHRlY2huaXF1ZSBh
bG9uZyB0aGUgZG9jLiAtIHdlbGwgdGhhdCdzIA0KZmluZSBidXQgb3V0c2lkZSB0aGUgc2NvcGUg
b2YgdGhlIGRvY3VtZW50IGV4Y2VwdCBpZiB0aGUgcHVycG9zZSBpcyB0byANCmluZGljYXRlIGhv
dyBkaWZmZXJlbnQgdGVjaG5pcXVlcyBjYW4gYmUgY29tYmluZWQgdG9nZXRoZXIgYW5kIHdoaWNo
IA0KaW50ZXJvcCBpc3N1ZXMgbWF5IHJlc3VsdCBmcm9tIGl0DQoNCm8pIGEgY291cGxlIG9mIHNw
ZWNpZmljIGNvbW1lbnRzIA0KDQplbmQgb2Ygc2VjdGlvbiAyOiANCg0Kc2VjdGlvbiAzLjE6ICIq
IFRoZSBjb21wbGV0ZSBsaXN0IG9mIGJvdW5kYXJ5IExTUnMgYWxvbmcgdGhlIHBhdGgiDQotPiBs
aXN0IG9mIGRvbWFpbiBpZGVudGlmaWVyIGUuZy4gQVMgbnVtYmVycyBhbHNvIGFwcGxpZXMgaGVy
ZSA/DQoNCmxhc3QgpyBvZiBzZWN0aW9uIDMuMSBpcyB0aGUgbW9zdCBpbXBvcnRhbnQgb25lLCBz
aWduYWxpbmcgcHJvdG9jb2wgYXJlDQppbmRlcGVuZGVudCBvZiB0aGUgcm91dGluZyB0b3BvbG9n
eSBpdHNlbGYsIGkuZS4gbm90IGJlY2F1c2UgYSBub2RlIGlzDQphbiBBQlIgb3IgYW4gQVNCUiB0
aGF0IGNvbXAuIG9jY3VycyBidXQgc2ltcGx5IGJlY2F1c2UgaGUgaGFzIG5vIHBhdGggDQp0byBy
ZWFjaCB0aGUgbmV4dCAobG9vc2UpIGhvcCAtIGFuIGludGVybWVkaWF0ZSBub2RlIHNob3VsZCBz
dGlsbCBtYWludGFpbg0KY2FwYWNpdHkgdG8gcGVyZm9ybSBzdWNoIG9wZXJhdGlvbg0KDQpzZWN0
aW9uIDMuMyAiVGhlIHBhdGggY29tcHV0YXRpb24NCiAgIHRlY2huaXF1ZSBkZXNjcmliZWQgaW4g
dGhpcyBkb2N1bWVudCBhcHBsaWVzIHRvIHRoZSBjYXNlIG9mIGEgc2luZ2xlDQogICBBUyBtYWRl
IG9mIG11bHRpcGxlIElHUCBhcmVhcywgbXVsdGlwbGVzIEFTcyBtYWRlIG9mIGEgc2luZ2xlIElH
UA0KICAgYXJlYXMgb3IgYW55IGNvbWJpbmF0aW9uIG9mIHRoZSBhYm92ZS4gIEZvciB0aGUgc2Fr
ZSBvZiBzaW1wbGljaXR5LA0KICAgZWFjaCByb3V0aW5nIGRvbWFpbiB3aWxsIGJlIGNvbnNpZGVy
ZWQgYXMgc2luZ2xlIGFyZWEgaW4gdGhpcw0KICAgZG9jdW1lbnQuICINCg0KLT4gbm90IHN1cmUg
dG8gdW5kZXJzdGFuZCB0aGUgcmVhc29uaW5nLCBhdCB0aGUgZW5kIHRoZXNlIGV4YW1wbGVzIG11
c3QNCnJlbWFpbiBpbGx1c3RyYXRpdmUgYW5kIG5vdCByZXN0cmljdCBhcHBsaWNhYmlsaXR5IC0g
YWxsIHRoZXNlIHR1dG9yaWFsDQpsaWtlIG1hdGVyaWFsIHNob3VsZCBiZXR0ZXIgZ28gaW4gYW4g
YXBwZW5kaXggLQ0KDQpzZWN0aW9uIDMuMSAiSW4gYW55IGNhc2UsDQogICBubyB0b3BvbG9neSBv
ciByZXNvdXJjZSBpbmZvcm1hdGlvbiBuZWVkcyB0byBiZSBkaXN0cmlidXRlZCBiZXR3ZWVuDQog
ICBkb21haW5zIChhcyBtYW5kYXRlZCBwZXIgW1JGQzQxMDVdIGFuZCBbUkZDNDIxNl0pLCB3aGlj
aCBpcyBjcml0aWNhbA0KICAgdG8gcHJlc2VydmUgSUdQL0JHUCBzY2FsYWJpbGl0eSBhbmQgY29u
ZmlkZW50aWFsaXR5IGluIHRoZSBjYXNlIG9mIFRFDQogICBMU1BzIHNwYW5uaW5nIG11bHRpcGxl
IHJvdXRpbmcgZG9tYWlucy4iDQoNCnRoZW4gU2VjdGlvbiA0DQoiSW4gdGVybXMgb2YgY29tcHV0
YXRpb24gb2YgYW4gaW50ZXItQVMgVEUgTFNQIHBhdGgsIGFuIGludGVyZXN0aW5nDQogICBvcHRp
bWl6YXRpb24gdGVjaG5pcXVlIGNvbnNpc3RzIG9mIGFsbG93aW5nIHRoZSBBU0JScyB0byBmbG9v
ZCB0aGUgVEUNCiAgIGluZm9ybWF0aW9uIHJlbGF0ZWQgdG8gdGhlIGludGVyLUFTQlIgbGluayhz
KSBhbHRob3VnaCBubyBJR1AgVEUgaXMNCiAgIGVuYWJsZWQgb3ZlciB0aG9zZSBsaW5rcyAoYW5k
IHNvIHRoZXJlIGlzIG5vIElHUCBhZGphY2VuY3kgb3ZlciB0aGUNCiAgIGludGVyLUFTQlIgbGlu
a3MpLiAgLi4uDQoiVGhhbmtzIHRvIHN1Y2ggYW4gb3B0aW1pemF0aW9uLCB0aGUgaW50ZXItQVNC
UnMgVEUgbGluayBpbmZvcm1hdGlvbg0KICAgY29ycmVzcG9uZGluZyB0byB0aGUgbGlua3Mgb3Jp
Z2luYXRlZCBieSB0aGUgQVNCUiBpcyBtYWRlIGF2YWlsYWJsZQ0KICAgaW4gdGhlIFRFRCBvZiBv
dGhlciBMU1JzIGluIHRoZSBzYW1lIGRvbWFpbiB0aGF0IHRoZSBBU0JSIGJlbG9uZ3MgdG8uIg0K
DQpidXQgYWZ0ZXINCiJOb3RlIHRoYXQgbm8gdG9wb2xvZ3kNCiAgIGluZm9ybWF0aW9uIGlzIGZs
b29kZWQgYW5kIHRoZXNlIGxpbmtzIGFyZSBub3QgdXNlZCBpbiBJR1AgU1BGDQogICBjb21wdXRh
dGlvbnMuICBPbmx5IHRoZSBURSBpbmZvcm1hdGlvbiBmb3IgdGhlIG91dGdvaW5nIGxpbmtzDQog
ICBkaXJlY3RseSBjb25uZWN0ZWQgdG8gdGhlIEFTQlIgaXMgYWR2ZXJ0aXNlZC4iDQoNCi0+IGNh
biBvbmUgb2YgdGhlIGF1dGhvciBjbGFyaWZ5IDEpIGlzIGZsb29kaW5nIGludm9sdmVkIG9yIG5v
dCA/DQoyKSB3aGF0IGdldCdzIGZsb29kZWQgYW5kIHVuZGVyIHdoaWNoIGNvbmRpdGlvbnMgMykg
d2hhdCBpcyB0aGUgDQpzY29wZSBvZiB0aGUgZmxvb2RpbmcgNCkgaG93IHRoaXMgbWVjaGFuaXNt
IHBvc2l0aW9ucyBhZ2FpbnN0IHRoZQ0KcmVxdWlyZW1lbnRzIG9mIDQxMDUgYW5kIDQyMTYNCg0K
DQpvKSBhIGNvdXBsZSBvZiBlZGl0cw0KIA0Kc2VjdGlvbiAxOg0KDQpBQlIgUm91dGVyLCBBU0JS
IFJvdXRlciAtIHJlZHVuZGFudCBSDQoNCnRoZSBtb3N0IGltcG9ydGFudCBkZWYuIGlzIHRoZSAi
ZG9tYWluIiBkZWYuIHdoaWNoIGNhbiBiZSBmb3VuZCBpbiB0aGUNCmZybSBkb2MgYnV0IG5vdCBy
ZWNvcmRlZCBoZXJlIHRoaXMgd291bGQgY2xhcmlmeSBzZW50ZW5jZSBsaWtlDQoNCiJUaGUgbWVj
aGFuaXNtcyBwcm9wb3NlZCBpbiB0aGlzIGRvY3VtZW50IGFyZSBhbHNvIGFwcGxpY2FibGUgdG8g
TVBMUw0KIFRFIGRvbWFpbnMgb3RoZXIgdGhhbiBJR1AgYXJlYXMgYW5kIEFTcy4iDQoNCnJlZi4g
SC1MU1AgYW5kIFMtTFNQIHdpdGggdGhlIGFwcHJvcHJpYXRlIGRvY3MNCg0Kc3RhdGUgdGhhdCBp
bnRlci1kb21haW4gcmVjb3ZlcnkgaXMgZ29pbmcgdG8gYmUgYWRkcmVzc2VkIGluIGEgc2V0IG9m
DQpzcGVjaWZpYyBkb2NzDQoNCmhvcGUgdGhpcyB3aWxsIGhlbHAsDQotIGQuDQoNCg0KDQoNCiJB
ZHJpYW4gRmFycmVsIiA8YWRyaWFuQG9sZGRvZy5jby51az4NClNlbnQgYnk6IG93bmVyLWNjYW1w
QG9wcy5pZXRmLm9yZw0KMDkvMDEvMjAwNyAyMzoxMw0KUGxlYXNlIHJlc3BvbmQgdG8gIkFkcmlh
biBGYXJyZWwiDQogDQogICAgICAgIFRvOiAgICAgPGNjYW1wQG9wcy5pZXRmLm9yZz4NCiAgICAg
ICAgY2M6IA0KICAgICAgICBTdWJqZWN0OiAgICAgICAgUHJvZ3Jlc3NpbmcgdGhlIHRocmVlIGlu
dGVyLWRvbWFpbiBJLURzDQoNCg0KSGksDQoNCldlIG5vdyBoYXZlIHVwZGF0ZWQgdmVyc2lvbnMg
b2YgdGhlIHRocmVlIGludGVyLWRvbWFpbiBzaWduYWxpbmcgSS1EczoNCg0KLSBkcmFmdC1pZXRm
LWNjYW1wLWludGVyLWRvbWFpbi1yc3ZwLXRlLTA0LnR4dA0KLSBkcmFmdC1pZXRmLWNjYW1wLWxz
cC1zdGl0Y2hpbmctMDQudHh0DQotIGRyYWZ0LWlldGYtY2NhbXAtaW50ZXItZG9tYWluLXBkLXBh
dGgtY29tcC0wMy50eHQNCg0KT3VyIHBsYW4gaXM6DQoxLiBXRyBjaGFpcnMgZG8gZGV0YWlsZWQg
cmV2aWV3IG92ZXIgdGhlIG5leHQgY291cGxlIG9mIHdlZWtzDQoyLiBFZGl0b3JzIGFwcGx5IG5l
Y2Vzc2FyeSB1cGRhdGVzDQozLiBXZSBob2xkIGEgV0cgbGFzdCBjYWxsIGZvciB0aGUgdGhyZWUg
SS1EcyB0b2dldGhlcg0KDQpJZiB5b3UgYXJlIGludGVyZXN0ZWQgaW4gdGhpcyB3b3JrLCBJIHN1
Z2dlc3QgdGhhdCBub3cgbWlnaHQgYmUgYSBnb29kIA0KdGltZSANCnRvIHJlbWluZCB5b3Vyc2Vs
ZiBhYm91dCB0aGUgSS1EcywgaGF2ZSBhIGdvb2QgcmVhZCwgYW5kIHNlZSBpZiB5b3UgY2FuIA0K
Z2V0IA0KYW55IHN1YnN0YW50aWFsIGNvbW1lbnRzIGluIHRvIGNvaW5jaWRlIHdpdGggdGhlIFdH
IGNoYWlycycgcmV2aWV3Lg0KDQpUaGFua3MsDQpBZHJpYW4gDQoNCg0KDQoNCg0KDQo=
Envelope-to: ccamp-data@psg.com
Delivery-date: Sat, 13 Jan 2007 14:58:37 +0000
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Oi2AHGnxIJGi6NxaX4W4GkoyCiQuA7tFaMkoYn7wCTBrtQrMHnOO82YMAZl278kK6MXT5/2CyS5ts9KFMCyjirOf9JCRzXD0oTqg58mK3xJoMNZN8VLEz+hevTFF0B0ixGy659oLyIcSr0dX3kHMsPDoaIM0GFMzzgnZe+ezwcw=
Message-ID: <406e32c00701130655m4df9953fj8566cb31916780c2@mail.gmail.com>
Date: Sat, 13 Jan 2007 09:55:43 -0500
From: "Peng He" <peng.he.2000@gmail.com>
To: "Dimitri.Papadimitriou@alcatel-lucent.be" <Dimitri.Papadimitriou@alcatel-lucent.be>
Subject: Re: Progressing the three inter-domain I-Ds
Cc: "Adrian Farrel" <adrian@olddog.co.uk>, ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hi,
Sill about the the third doc:
1. in the "3.1. Common assumptions" part, it is assumed that
"Boundary LSRs are assumed to be capable of performing local path
computation ..." . So I guess that ABR or ASBR has the function (or
part of) of PCE.
2. My understanding to Dimitri's questions:
I believe there is flooding here but only within the domain that the
ASBR belongs to. So now a domain includes non-ABSR LSRs and ABSR LSRs
and the links among them, AND the inter-domain links originating (not
terminating) from the ASBRS of this domain. Tthe flooding is among
these LSRs, but not between domains. So, it is still can be considered
as intra-domain flooding and it happens when the TE info changes I
guess.
3. The purpose of the above is to "improve the chance of successful
signaling along the next AS in case of resource shortage ..." I
understand this, I just want to mention that it seems only true in
theory and the practical effect is not so good as expected. I
simulated this years ago when we extended DCR into inter-domain case
and just no encouraging results found.
Regards,
Peng
> 2) what get's flooded and under which conditions 3) what is the
> scope of the flooding 4) how this mechanism positions against the
> requirements of 4105 and 4216
On 1/13/07, Dimitri.Papadimitriou@alcatel-lucent.be
<Dimitri.Papadimitriou@alcatel-lucent.be> wrote:
> hi adrian
>
> o) a couple of generic comments on the third doc
>
> - the doc. states applicability to GMPLS but sometimes only ref. MPLS-TE
> signaling further on e.g. section 3.1
>
> " - The inter-domain TE LSPs are signaled using RSVP-TE ([RFC3209])."
>
> and many others in section 4.
>
> - the are many comparison with PCE technique along the doc. - well that's
> fine but outside the scope of the document except if the purpose is to
> indicate how different techniques can be combined together and which
> interop issues may result from it
>
> o) a couple of specific comments
>
> end of section 2:
>
> section 3.1: "* The complete list of boundary LSRs along the path"
> -> list of domain identifier e.g. AS numbers also applies here ?
>
> last =A7 of section 3.1 is the most important one, signaling protocol are
> independent of the routing topology itself, i.e. not because a node is
> an ABR or an ASBR that comp. occurs but simply because he has no path
> to reach the next (loose) hop - an intermediate node should still maintai=
n
> capacity to perform such operation
>
> section 3.3 "The path computation
> technique described in this document applies to the case of a single
> AS made of multiple IGP areas, multiples ASs made of a single IGP
> areas or any combination of the above. For the sake of simplicity,
> each routing domain will be considered as single area in this
> document. "
>
> -> not sure to understand the reasoning, at the end these examples must
> remain illustrative and not restrict applicability - all these tutorial
> like material should better go in an appendix -
>
> section 3.1 "In any case,
> no topology or resource information needs to be distributed between
> domains (as mandated per [RFC4105] and [RFC4216]), which is critical
> to preserve IGP/BGP scalability and confidentiality in the case of TE
> LSPs spanning multiple routing domains."
>
> then Section 4
> "In terms of computation of an inter-AS TE LSP path, an interesting
> optimization technique consists of allowing the ASBRs to flood the TE
> information related to the inter-ASBR link(s) although no IGP TE is
> enabled over those links (and so there is no IGP adjacency over the
> inter-ASBR links). ...
> "Thanks to such an optimization, the inter-ASBRs TE link information
> corresponding to the links originated by the ASBR is made available
> in the TED of other LSRs in the same domain that the ASBR belongs to."
>
> but after
> "Note that no topology
> information is flooded and these links are not used in IGP SPF
> computations. Only the TE information for the outgoing links
> directly connected to the ASBR is advertised."
>
> -> can one of the author clarify 1) is flooding involved or not ?
> 2) what get's flooded and under which conditions 3) what is the
> scope of the flooding 4) how this mechanism positions against the
> requirements of 4105 and 4216
>
>
> o) a couple of edits
>
> section 1:
>
> ABR Router, ASBR Router - redundant R
>
> the most important def. is the "domain" def. which can be found in the
> frm doc but not recorded here this would clarify sentence like
>
> "The mechanisms proposed in this document are also applicable to MPLS
> TE domains other than IGP areas and ASs."
>
> ref. H-LSP and S-LSP with the appropriate docs
>
> state that inter-domain recovery is going to be addressed in a set of
> specific docs
>
> hope this will help,
> - d.
>
>
>
>
> "Adrian Farrel" <adrian@olddog.co.uk>
> Sent by: owner-ccamp@ops.ietf.org
> 09/01/2007 23:13
> Please respond to "Adrian Farrel"
>
> To: <ccamp@ops.ietf.org>
> cc:
> Subject: Progressing the three inter-domain I-Ds
>
>
> Hi,
>
> We now have updated versions of the three inter-domain signaling I-Ds:
>
> - draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
> - draft-ietf-ccamp-lsp-stitching-04.txt
> - draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
>
> Our plan is:
> 1. WG chairs do detailed review over the next couple of weeks
> 2. Editors apply necessary updates
> 3. We hold a WG last call for the three I-Ds together
>
> If you are interested in this work, I suggest that now might be a good
> time
> to remind yourself about the I-Ds, have a good read, and see if you can
> get
> any substantial comments in to coincide with the WG chairs' review.
>
> Thanks,
> Adrian
>
>
>
>
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Sat, 13 Jan 2007 11:50:38 +0000
To: "Adrian Farrel" <adrian@olddog.co.uk>
Cc: ccamp@ops.ietf.org, owner-ccamp@ops.ietf.org
Subject: Re: Progressing the three inter-domain I-Ds
MIME-Version: 1.0
Message-ID: <OFA7C96AD9.2A8379BB-ONC1257262.003DEA5B-C1257262.0040F4FA@netfr.alcatel.fr>
From: Dimitri.Papadimitriou@alcatel-lucent.be
Date: Sat, 13 Jan 2007 12:49:30 +0100
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
hi adrian
o) a couple of generic comments on the third doc
- the doc. states applicability to GMPLS but sometimes only ref. MPLS-TE
signaling further on e.g. section 3.1
" - The inter-domain TE LSPs are signaled using RSVP-TE ([RFC3209])."
and many others in section 4.
- the are many comparison with PCE technique along the doc. - well that's=20
fine but outside the scope of the document except if the purpose is to=20
indicate how different techniques can be combined together and which=20
interop issues may result from it
o) a couple of specific comments=20
end of section 2:=20
section 3.1: "* The complete list of boundary LSRs along the path"
-> list of domain identifier e.g. AS numbers also applies here ?
last =A7 of section 3.1 is the most important one, signaling protocol are
independent of the routing topology itself, i.e. not because a node is
an ABR or an ASBR that comp. occurs but simply because he has no path=20
to reach the next (loose) hop - an intermediate node should still maintain
capacity to perform such operation
section 3.3 "The path computation
technique described in this document applies to the case of a single
AS made of multiple IGP areas, multiples ASs made of a single IGP
areas or any combination of the above. For the sake of simplicity,
each routing domain will be considered as single area in this
document. "
-> not sure to understand the reasoning, at the end these examples must
remain illustrative and not restrict applicability - all these tutorial
like material should better go in an appendix -
section 3.1 "In any case,
no topology or resource information needs to be distributed between
domains (as mandated per [RFC4105] and [RFC4216]), which is critical
to preserve IGP/BGP scalability and confidentiality in the case of TE
LSPs spanning multiple routing domains."
then Section 4
"In terms of computation of an inter-AS TE LSP path, an interesting
optimization technique consists of allowing the ASBRs to flood the TE
information related to the inter-ASBR link(s) although no IGP TE is
enabled over those links (and so there is no IGP adjacency over the
inter-ASBR links). ...
"Thanks to such an optimization, the inter-ASBRs TE link information
corresponding to the links originated by the ASBR is made available
in the TED of other LSRs in the same domain that the ASBR belongs to."
but after
"Note that no topology
information is flooded and these links are not used in IGP SPF
computations. Only the TE information for the outgoing links
directly connected to the ASBR is advertised."
-> can one of the author clarify 1) is flooding involved or not ?
2) what get's flooded and under which conditions 3) what is the=20
scope of the flooding 4) how this mechanism positions against the
requirements of 4105 and 4216
o) a couple of edits
=20
section 1:
ABR Router, ASBR Router - redundant R
the most important def. is the "domain" def. which can be found in the
frm doc but not recorded here this would clarify sentence like
"The mechanisms proposed in this document are also applicable to MPLS
TE domains other than IGP areas and ASs."
ref. H-LSP and S-LSP with the appropriate docs
state that inter-domain recovery is going to be addressed in a set of
specific docs
hope this will help,
- d.
"Adrian Farrel" <adrian@olddog.co.uk>
Sent by: owner-ccamp@ops.ietf.org
09/01/2007 23:13
Please respond to "Adrian Farrel"
=20
To: <ccamp@ops.ietf.org>
cc:=20
Subject: Progressing the three inter-domain I-Ds
Hi,
We now have updated versions of the three inter-domain signaling I-Ds:
- draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
- draft-ietf-ccamp-lsp-stitching-04.txt
- draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
Our plan is:
1. WG chairs do detailed review over the next couple of weeks
2. Editors apply necessary updates
3. We hold a WG last call for the three I-Ds together
If you are interested in this work, I suggest that now might be a good=20
time=20
to remind yourself about the I-Ds, have a good read, and see if you can=20
get=20
any substantial comments in to coincide with the WG chairs' review.
Thanks,
Adrian=20
Envelope-to: ccamp-data@psg.com
Delivery-date: Sat, 13 Jan 2007 11:43:03 +0000
Message-ID: <005701c73707$84efdf40$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: "Derek Atkins" <derek@ihtfp.com>, <ccamp@ops.ietf.org>
Cc: <ccamp-chairs@tools.ietf.org>, <asatyana@cisco.com>, <rrahman@cisco.com>, <lberger@labn.net>, <dimitri.papadimitriou@alcatel.be>, <ancaz@cisco.com>, <jisrar@cisco.com>, <iesg@ietf.org>, <secdir@MIT.EDU>
Subject: Re: draft-ietf-ccamp-rsvp-restart-ext-06
Date: Sat, 13 Jan 2007 11:39:21 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi Derek,
I think this is a good question so I am bringing it to the CCAMP list.
The bottom line would appear to be:
- The exchange between neighbors before restart was
secured by normal RSVP-TE means
- The exchange after restart is secured by the same means.
- This provides a degree of protection that the restarting
node is receiving information that it originally sent to
its neighbor.
The obvious question is, should the restarting node have some (private) way
of authenticating that the information received on restart originated with
it? This would presumably be some sort of cookie manufactured from a mock-up
of the restart message that the restarting node expects to receive and
handed to the neighbor for use in the event of a restart.
Seems like overkill to me, but I'd appreciate views from the WG.
Adrian
----- Original Message -----
From: "Derek Atkins" <derek@ihtfp.com>
To: <iesg@ietf.org>; <secdir@MIT.EDU>
Cc: <ccamp-chairs@tools.ietf.org>; <asatyana@cisco.com>;
<rrahman@cisco.com>; <lberger@labn.net>; <dimitri.papadimitriou@alcatel.be>;
<ancaz@cisco.com>; <jisrar@cisco.com>
Sent: Friday, January 12, 2007 10:59 PM
Subject: draft-ietf-ccamp-rsvp-restart-ext-06
>I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG. These comments were written primarily for the benefit of the
> security area directors. Document editors and WG chairs should treat
> these comments just like any other last call comments.
>
> I don't see any issues in this document beyond those already stated
> in the Security Considerations.
>
> My only question to the authors would be how does a recovering node
> verify that the data it gets from a peer node really came from the
> recovering node? Right now it just seems to have to trust that the
> peer returns valid data.
>
> -derek
> --
> Derek Atkins 617-623-3745
> derek@ihtfp.com www.ihtfp.com
> Computer and Internet Security Consultant
>
>
>
Envelope-to: ccamp-data@psg.com
Delivery-date: Fri, 12 Jan 2007 21:34:43 +0000
To: Jaudelice Cavalcante de Oliveira <jau@cbis.ece.drexel.edu>
Cc: ccamp@ops.ietf.org, Jaudelice Cavalcante de Oliveira <jau@cbis.ece.drexel.edu>, JP Vasseur <jvasseur@cisco.com>, mpls@lists.ietf.org, owner-ccamp@ops.ietf.org, Ross Callon <rcallon@juniper.net>
Subject: Re: [mpls] Re: CCAMP Last call on draft-deoliveira-diff-te-preemption-06.txt
MIME-Version: 1.0
Message-ID: <OF690B62B7.F29449C8-ONC1257261.00760C32-C1257261.0076402C@netfr.alcatel.fr>
From: Dimitri.Papadimitriou@alcatel-lucent.be
Date: Fri, 12 Jan 2007 22:31:37 +0100
Content-Type: text/plain; charset="US-ASCII"
hi -
thanks for the reply - not sure you ever got the following response back
----- Forwarded by Dimitri PAPADIMITRIOU/BE/ALCATEL on 12/01/2007 22:30
-----
Dimitri PAPADIMITRIOU
07/01/2007 11:43
To: Jaudelice Cavalcante de Oliveira
<jau@cbis.ece.drexel.edu>
Hi
thanks for the answer - i am still looking at the reason
why the PN selection process is driven by a uniform policy
which looks like an arbitrary choice
HBlock aims at minimizing the blocking probability
PN aims at minimizing the system perturbation
to have a fair analysis policy should be applied uniformly
and non-uniformly to both cases
much thanks,
- d.
--
Jaudelice Cavalcante de Oliveira <jau@cbis.ece.drexel.edu>
05/01/2007 00:11
To: Dimitri.Papadimitriou@alcatel-lucent.be
cc: mpls@lists.ietf.org, JP Vasseur <jvasseur@cisco.com>,
ccamp@ops.ietf.org, Jaudelice Cavalcante de Oliveira
<jau@cbis.ece.drexel.edu>, Ross Callon <rcallon@juniper.net>,
owner-ccamp@ops.ietf.org
Subject: [mpls] Re: CCAMP Last call on
draft-deoliveira-diff-te-preemption-06.txt
Hi Dimitri,
Thank you for your comment.
On Dec 18, 2006, at 3:47 AM, Dimitri.Papadimitriou@alcatel-lucent.be
wrote:
> adrian -
>
> in HBlock case the average wasted bw is a factor 10 smaller than
> for any
> other scheme (without significantly lowering the worst case, still an
> order of 10)
Indeed. This can be seen in table 2. In this case, selection of LSPs
much larger than
the required bandwidth did not occur often. The worst case value does
not reflect the
frequency with which a high bandwidth LSP was selected (which was
very rarely in
this case, therefore the low "wasted" bandwidth).
> the only noticeable difference with PN is exactly that one (which is
> induced by the possibility left to Hblock to have two selection
> depending
> on heavy vs normal loaded link) - hence it would be interesting to
> know
> the dependency on the min/max LSP bw and distribution (scenario
> dependancy) and have a similar PN approach (non-uniform selection)
Note that PN has the objective of preempting a small number of LSPs
of the lowest
priority (therefore ordering by decreasing bandwidth), while HBlock
aims at minimizing
the blocking probability, therefore selecting smaller LSPs which will
be more likely to be
rerouted once preempted. This is the main difference between the two
policies: Given a set
of LSPs with the same priority, PN picks the largest (in the interest
of picking few) and HBlock
picks smaller ones (even if more than one, in the interest of being
able to reroute them easily).
I hope this helps,
Thanks,
Jaudelice.
>
> thanks,
> - d.
>
>
>
>
>
>
> "Adrian Farrel" <adrian@olddog.co.uk>
> Sent by: owner-ccamp@ops.ietf.org
> 14/12/2006 18:02
> Please respond to "Adrian Farrel"
>
> To: <ccamp@ops.ietf.org>
> cc: <jau@cbis.ece.drexel.edu>, "Ross Callon"
> <rcallon@juniper.net>, "Brungard, Deborah A, ALABS"
> <dbrungard@att.com>,
> <mpls@lists.ietf.org>
> Subject: Re: CCAMP Last call on
> draft-deoliveira-diff-te-preemption-06.txt
>
>
> Hi,
>
> I have been explicitly asked to lengthen this last call so as to allow
> time
> for a review.
>
> Unusual, but not unreasonable.
>
> The last call is extended to noon on Sunday 17th December.
>
> Thanks,
> Adrian
> ----- Original Message -----
> From: "Adrian Farrel" <adrian@olddog.co.uk>
> To: <ccamp@ops.ietf.org>
> Cc: <jau@cbis.ece.drexel.edu>; "Ross Callon" <rcallon@juniper.net>;
> "Brungard, Deborah A, ALABS" <dbrungard@att.com>;
> <mpls@lists.ietf.org>
> Sent: Wednesday, November 29, 2006 11:06 AM
> Subject: CCAMP Last call on draft-deoliveira-diff-te-preemption-06.txt
>
>
>> Hi,
>>
>> This draft has been developed independently and has recently been
> brought
>> to the IESG for advancement as an individual submission to become an
>> Informational RFC. I have done a first-level review and this latest
>> revision includes updates to reflect my comments.
>>
>> Since the material here concerns preemption and the suggested ways to
>> operate an MPLS-TE or GMPLS network, we are running a quick last
>> call on
>
>> the CCAMP mailing list to ensure that no-one has any objections.
>>
>> Please send your comments to the CCAMP list no later than noon GMT on
> 13th
>> December 2006.
>>
>> Thanks,
>> Adrian
>> ----- Original Message -----
>> From: <Internet-Drafts@ietf.org>
>> To: <i-d-announce@ietf.org>
>> Sent: Tuesday, November 28, 2006 8:50 PM
>> Subject: I-D ACTION:draft-deoliveira-diff-te-preemption-06.txt
>>
>>
>>> A New Internet-Draft is available from the on-line Internet-Drafts
>>> directories.
>>>
>>>
>>> Title : LSP Preemption Policies for MPLS Traffic Engineering
>>> Author(s) : J. de Oliveira, et al.
>>> Filename : draft-deoliveira-diff-te-preemption-06.txt
>>> Pages : 19
>>> Date : 2006-11-28
>>>
>>> When the establishment of a higher priority (Traffic Engineering
>>> Label Switched Path) TE LSP requires the preemption of a set of
>>> lower
>>> priority TE LSPs, a node has to make a local decision to select
>>> which
>>>
>>> TE LSPs will be preempted. The preempted LSPs are then
>>> rerouted by
>>> their respective Head-end Label Switch Router (LSR). This
>>> document
>>> presents a flexible policy that can be used to achieve different
>>> objectives: preempt the lowest priority LSPs; preempt the minimum
>>> number of LSPs; preempt the set of TE LSPs that provide the
>>> closest
>>> amount of bandwidth to the required bandwidth for the
>>> preempting TE
>>> LSPs (to minimize bandwidth wastage); preempt the LSPs that
>>> will have
>>> the maximum chance to get rerouted. Simulation results are
>>> given and
>>> a comparison among several different policies, with respect to
>>> preemption cascading, number of preempted LSPs, priority, wasted
>>> bandwidth and blocking probability is also included.
>>>
>>> A URL for this Internet-Draft is:
>>>
> http://www.ietf.org/internet-drafts/draft-deoliveira-diff-te-
> preemption-06.txt
>
>>
>>
>>
>>
>>
>>
>
>
>
>
>
_______________________________________________
mpls mailing list
mpls@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/mpls
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 09 Jan 2007 22:14:50 +0000
Message-ID: <0cee01c7343b$6870b480$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Progressing the three inter-domain I-Ds
Date: Tue, 9 Jan 2007 22:13:10 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi,
We now have updated versions of the three inter-domain signaling I-Ds:
- draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
- draft-ietf-ccamp-lsp-stitching-04.txt
- draft-ietf-ccamp-inter-domain-pd-path-comp-03.txt
Our plan is:
1. WG chairs do detailed review over the next couple of weeks
2. Editors apply necessary updates
3. We hold a WG last call for the three I-Ds together
If you are interested in this work, I suggest that now might be a good time
to remind yourself about the I-Ds, have a good read, and see if you can get
any substantial comments in to coincide with the WG chairs' review.
Thanks,
Adrian
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 09 Jan 2007 20:52:37 +0000
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ccamp@ops.ietf.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
Message-Id: <E1H4Nv0-0002Cy-G4@stiedprstage1.ietf.org>
Date: Tue, 09 Jan 2007 15:50:02 -0500
--NextPart
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Common Control and Measurement Plane Working Group of the IETF.
Title : Inter domain MPLS and GMPLS Traffic Engineering - RSVP-TE extensions
Author(s) : A. Ayyangar, J. Vasseur
Filename : draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
Pages : 18
Date : 2007-1-9
This document describes procedures and protocol extensions for the
use of Resource ReserVation Protocol Traffic Engineering (RSVP-TE)
signaling in Multiprotocol Label Switching Traffic Engineering
(MPLS-TE) packet networks and Generalized MPLS (GMPLS) packet and
non-packet networks to support the establishment and maintenance of
Label Switched Paths that cross domain boundaries.
For the purpose of this document, a domain is considered to be any
collection of network elements within a common realm of address space
or path computation responsibility. Examples of such domains include
Autonomous Systems, IGP routing areas, and GMPLS overlay networks.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-ietf-ccamp-inter-domain-rsvp-te-04.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ccamp-inter-domain-rsvp-te-04.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"
--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="mailserv@ietf.org"
Content-Type: text/plain
Content-ID: <2007-1-9141756.I-D@ietf.org>
ENCODING mime
FILE /internet-drafts/draft-ietf-ccamp-inter-domain-rsvp-te-04.txt
--OtherAccess
Content-Type: Message/External-body;
name="draft-ietf-ccamp-inter-domain-rsvp-te-04.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"
Content-Type: text/plain
Content-ID: <2007-1-9141756.I-D@ietf.org>
--OtherAccess--
--NextPart--
Envelope-to: ccamp-data@psg.com
Delivery-date: Tue, 09 Jan 2007 15:55:45 +0000
Message-ID: <0a2f01c7337b$0ec2f440$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Fw: Posting of IPR Disclosure
Date: Mon, 8 Jan 2007 23:16:33 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Please be aware of the following IPR disclosure notification that has been
posted.
Thanks,
Adrian
----- Original Message -----
From: "IETF Secretariat" <ietf-ipr@ietf.org>
Sent: Monday, January 08, 2007 3:47 PM
Subject: Posting of IPR Disclosure
> An IPR disclosure that pertains to your Internet-Draft entitled "RSVP-TE
> Extensions in support of End-to-End Generalized Multi-Protocol Label
> Switching
> (GMPLS) Recovery" (draft-ietf-ccamp-gmpls-recovery-e2e-signaling) was
> submitted
> to the IETF Secretariat on 2007-01-05 and has been posted on the "IETF
> Page of
> Intellectual Property Rights Disclosures"
> (https://datatracker.ietf.org/public/ipr_list.cgi). The title of the IPR
> disclosure is "Nippon Telegraph and Telephone Corporation's statement
> about IPR
> claimed in draft-ietf-ccamp-gmpls-recovery-e2e-signaling-04.txt."
>
> The IETF Secretariat
Envelope-to: ccamp-data@psg.com
Delivery-date: Mon, 08 Jan 2007 23:19:21 +0000
Message-ID: <0a2f01c7337b$0ec2f440$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Fw: Posting of IPR Disclosure
Date: Mon, 8 Jan 2007 23:16:33 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Please be aware of the following IPR disclosure notification that has been
posted.
Thanks,
Adrian
----- Original Message -----
From: "IETF Secretariat" <ietf-ipr@ietf.org>
Sent: Monday, January 08, 2007 3:47 PM
Subject: Posting of IPR Disclosure
> An IPR disclosure that pertains to your Internet-Draft entitled "RSVP-TE
> Extensions in support of End-to-End Generalized Multi-Protocol Label
> Switching
> (GMPLS) Recovery" (draft-ietf-ccamp-gmpls-recovery-e2e-signaling) was
> submitted
> to the IETF Secretariat on 2007-01-05 and has been posted on the "IETF
> Page of
> Intellectual Property Rights Disclosures"
> (https://datatracker.ietf.org/public/ipr_list.cgi). The title of the IPR
> disclosure is "Nippon Telegraph and Telephone Corporation's statement
> about IPR
> claimed in draft-ietf-ccamp-gmpls-recovery-e2e-signaling-04.txt."
>
> The IETF Secretariat
Envelope-to: ccamp-data@psg.com
Delivery-date: Thu, 04 Jan 2007 20:52:29 +0000
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ccamp@ops.ietf.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-ccamp-gmpls-rsvp-te-call-03.txt
Message-Id: <E1H2ZXG-0000ev-E1@stiedprstage1.ietf.org>
Date: Thu, 04 Jan 2007 15:50:02 -0500
--NextPart
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Common Control and Measurement Plane Working Group of the IETF.
Title : Generalized MPLS (GMPLS) RSVP-TE Signaling Extensions in support of Calls
Author(s) : D. Papadimitriou, A. Farrel
Filename : draft-ietf-ccamp-gmpls-rsvp-te-call-03.txt
Pages : 29
Date : 2007-1-4
In certain networking topologies, it may be advantageous to maintain
associations between endpoints and key transit points to support an
instance of a service. Such associations are known as Calls.
A Call does not provide the actual connectivity for transmitting user
traffic, but only builds a relationship by which subsequent
Connections may be made. In Generalized MPLS (GMPLS) such Connections
are known as Label Switched Paths (LSPs).
This document specifies how GMPLS RSVP-TE signaling may be used and
extended to support Calls. These mechanisms provide full and logical
Call/Connection separation.
The mechanisms proposed in this document are applicable to any
environment (including multi-area), and for any type of interface:
packet, layer-2, time-division multiplexed, lambda, or fiber
switching.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-03.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-ietf-ccamp-gmpls-rsvp-te-call-03.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-03.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"
--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="mailserv@ietf.org"
Content-Type: text/plain
Content-ID: <2007-1-4145214.I-D@ietf.org>
ENCODING mime
FILE /internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-03.txt
--OtherAccess
Content-Type: Message/External-body;
name="draft-ietf-ccamp-gmpls-rsvp-te-call-03.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"
Content-Type: text/plain
Content-ID: <2007-1-4145214.I-D@ietf.org>
--OtherAccess--
--NextPart--
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 03 Jan 2007 21:10:24 +0000
Message-ID: <034f01c72f7b$80a29510$0a23fea9@your029b8cecfe>
Reply-To: "Adrian Farrel" <adrian@olddog.co.uk>
From: "Adrian Farrel" <adrian@olddog.co.uk>
To: <ccamp@ops.ietf.org>
Subject: Re: I-D ACTION:draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt
Date: Wed, 3 Jan 2007 21:09:37 -0000
Organization: Old Dog Consulting
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
Hi,
This revision addresses comments made in GenArt review and SecDir review.
The changes are small fixes to the wording to make a couple of points
clearer.
The draft should now continue forward in the process.
Thanks,
Adrian
----- Original Message -----
From: <Internet-Drafts@ietf.org>
To: <i-d-announce@ietf.org>
Cc: <ccamp@ops.ietf.org>
Sent: Wednesday, January 03, 2007 8:50 PM
Subject: I-D ACTION:draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt
>A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Common Control and Measurement Plane
> Working Group of the IETF.
>
> Title : Generalized MPLS (GMPLS) RSVP-TE Signaling Extensions in support
> of Calls
> Author(s) : D. Papadimitriou, A. Farrel
> Filename : draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt
> Pages : 29
> Date : 2007-1-3
>
> In certain networking topologies, it may be advantageous to maintain
> associations between endpoints and key transit points to support an
> instance of a service. Such associations are known as Calls.
>
> A Call does not provide the actual connectivity for transmitting user
> traffic, but only builds a relationship by which subsequent
> Connections may be made. In Generalized MPLS (GMPLS) such Connections
> are known as Label Switched Paths (LSPs).
>
> This document specifies how GMPLS RSVP-TE signaling may be used and
> extended to support Calls. These mechanisms provide full and logical
> Call/Connection separation.
>
> The mechanisms proposed in this document are applicable to any
> environment (including multi-area), and for any type of interface:
> packet, layer-2, time-division multiplexed, lambda, or fiber
> switching.
>
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt
Envelope-to: ccamp-data@psg.com
Delivery-date: Wed, 03 Jan 2007 20:52:52 +0000
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ccamp@ops.ietf.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt
Message-Id: <E1H2D3i-0001n1-7P@stiedprstage1.ietf.org>
Date: Wed, 03 Jan 2007 15:50:02 -0500
--NextPart
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Common Control and Measurement Plane Working Group of the IETF.
Title : Generalized MPLS (GMPLS) RSVP-TE Signaling Extensions in support of Calls
Author(s) : D. Papadimitriou, A. Farrel
Filename : draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt
Pages : 29
Date : 2007-1-3
In certain networking topologies, it may be advantageous to maintain
associations between endpoints and key transit points to support an
instance of a service. Such associations are known as Calls.
A Call does not provide the actual connectivity for transmitting user
traffic, but only builds a relationship by which subsequent
Connections may be made. In Generalized MPLS (GMPLS) such Connections
are known as Label Switched Paths (LSPs).
This document specifies how GMPLS RSVP-TE signaling may be used and
extended to support Calls. These mechanisms provide full and logical
Call/Connection separation.
The mechanisms proposed in this document are applicable to any
environment (including multi-area), and for any type of interface:
packet, layer-2, time-division multiplexed, lambda, or fiber
switching.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of
the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the
username "anonymous" and a password of your e-mail address. After
logging in, type "cd internet-drafts" and then
"get draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"
--OtherAccess
Content-Type: Message/External-body;
access-type="mail-server";
server="mailserv@ietf.org"
Content-Type: text/plain
Content-ID: <2007-1-3144104.I-D@ietf.org>
ENCODING mime
FILE /internet-drafts/draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt
--OtherAccess
Content-Type: Message/External-body;
name="draft-ietf-ccamp-gmpls-rsvp-te-call-02.txt";
site="ftp.ietf.org";
access-type="anon-ftp";
directory="internet-drafts"
Content-Type: text/plain
Content-ID: <2007-1-3144104.I-D@ietf.org>
--OtherAccess--
--NextPart--
- Chair review of draft-ietf-ccamp-lsp-stitching-04… Adrian Farrel
- New revision of draft-ietf-ccamp-lsp-stitching Adrian Farrel