IETF Logo Mail Archive

Re: [CCAMP] Alia Atlas' Discuss on draft-ietf-ccamp-wson-signal-compatibility-ospf-15: (with DISCUSS and COMMENT)

Alia Atlas <akatlas@gmail.com> Wed, 26 August 2015 18:56 UTC

Return-Path: <akatlas@gmail.com>
X-Original-To: ccamp@ietfa.amsl.com
Delivered-To: ccamp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97BA41B310A; Wed, 26 Aug 2015 11:56:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.999
X-Spam-Level:
X-Spam-Status: No, score=-101.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TgqL4sXhIfwS; Wed, 26 Aug 2015 11:56:38 -0700 (PDT)
Received: from mail-ob0-x234.google.com (mail-ob0-x234.google.com [IPv6:2607:f8b0:4003:c01::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 246D71B3109; Wed, 26 Aug 2015 11:56:38 -0700 (PDT)
Received: by obkg7 with SMTP id g7so179670991obk.3; Wed, 26 Aug 2015 11:56:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=IKMA9PfMabp+ei3ML/lHQica4LbCr60FdMPYIHR1yeg=; b=Ir89yOwG4eF3ER/V4QUcQONV19gqD15chxRNdx/j1+H9f2VTweYUxdizgroCl/GTse OUSyuP5IcpOAk0Ec4FZipXLV8wKSrZSv4L+6TV5efkRRDYjKi47IT0X1861nzRwbIee1 67gIyl7IrVtphOkq3LjWlFTXgNZ61mFwlgMPahPujiCCxvKejr8MP0LYeBrALbGY4hP+ mdRICv5yS46rr+NMG8yfzxkXRENBVqIOGxQtXgZh5lRi2DMNMH+ITJE3JIXl8PZA5zAt b7BeWIR25XvDhVvuPKu2MZ1y3uWpsbYzsbMGVKZeUQYTJfSJGlBX6ZSlmKUcEMDjlnkh G4Yw==
MIME-Version: 1.0
X-Received: by 10.182.158.72 with SMTP id ws8mr20123037obb.54.1440615397564; Wed, 26 Aug 2015 11:56:37 -0700 (PDT)
Received: by 10.60.176.138 with HTTP; Wed, 26 Aug 2015 11:56:37 -0700 (PDT)
In-Reply-To: <7AEB3D6833318045B4AE71C2C87E8E1729D0FC3A@dfweml706-chm>
References: <20150805144646.28443.8959.idtracker@ietfa.amsl.com> <7AEB3D6833318045B4AE71C2C87E8E1729CFC2DF@dfweml706-chm> <CAG4d1rfUX1F8K6m4ZpXyPw0M9RsjAMXiZPbBR8=Ra_bWRREP4A@mail.gmail.com> <04e201d0dcb1$63e79d70$2bb6d850$@olddog.co.uk> <7AEB3D6833318045B4AE71C2C87E8E1729D0FC3A@dfweml706-chm>
Date: Wed, 26 Aug 2015 14:56:37 -0400
Message-ID: <CAG4d1revDidGv8zeuj3YU=Z+mpzNO+BNp4nZLAtLakF2PJy1gw@mail.gmail.com>
From: Alia Atlas <akatlas@gmail.com>
To: Leeyoung <leeyoung@huawei.com>
Content-Type: multipart/alternative; boundary="089e0153860c07aebe051e3b6988"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ccamp/efogCAcbxYafnD1ass5T5_B3-ac>
Cc: "draft-ietf-ccamp-wson-signal-compatibility-ospf@ietf.org" <draft-ietf-ccamp-wson-signal-compatibility-ospf@ietf.org>, "ccamp@ietf.org" <ccamp@ietf.org>, "ccamp-chairs@ietf.org" <ccamp-chairs@ietf.org>, The IESG <iesg@ietf.org>
Subject: Re: [CCAMP] Alia Atlas' Discuss on draft-ietf-ccamp-wson-signal-compatibility-ospf-15: (with DISCUSS and COMMENT)
X-BeenThere: ccamp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion list for the CCAMP working group <ccamp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ccamp>, <mailto:ccamp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ccamp/>
List-Post: <mailto:ccamp@ietf.org>
List-Help: <mailto:ccamp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ccamp>, <mailto:ccamp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Aug 2015 18:56:41 -0000

Hi Young,

These all sound fine.

Alia

On Wed, Aug 26, 2015 at 11:50 AM, Leeyoung <leeyoung@huawei.com> wrote:

> Hi Adrian and Alia,
>
> Thanks for your comments. Please see inline for my comment.
>
> I will comment the rest of the issues (raised by Alia) not addressed here
> in another email thread.
>
> Best regards,
> Young
>
> -----Original Message-----
> From: Adrian Farrel [mailto:adrian@olddog.co.uk]
> Sent: Saturday, August 22, 2015 3:06 AM
> To: 'Alia Atlas'; Leeyoung
> Cc: draft-ietf-ccamp-wson-signal-compatibility-ospf@ietf.org;
> ccamp@ietf.org; ccamp-chairs@ietf.org; 'The IESG'
> Subject: RE: [CCAMP] Alia Atlas' Discuss on
> draft-ietf-ccamp-wson-signal-compatibility-ospf-15: (with DISCUSS and
> COMMENT)
>
> Hi Young, Alia,
>
> >>> I'd like to see clearer descriptions on particularly the error-handling
> >>> around multiple TLVs and sub-TLVs.
> >>> I see a few points of ambiguity - as described below.  I think these
> >>> should be straightforward to clarify but interoperability could be
> >>> affected if this isn't done.   Thanks!
> >>>
> >>> In Sec 2, it says "Only one Optical Node Property TLV shall be
> advertised
> >>> in each LSA." What is the error-handling if multiple of this TLV are
> >>> seen?
> >>
> >> YOUNG>> This is to allow for fine granularity changes in topology per
> >> [RFC3630]. It is not an error per se if there are multiple of this TLV
> are
> >> in each LSA.
> >>
> >>> Is that a SHALL or a "at most one... MUST be advertised"?  I'd expect
> >>> normative language.
> >>
> >> YOUNG>> "SHALL" seems to be right one, again per [RFC3630].
> >>
> > [Alia] Ok - SHALL is fine.  Perhaps text like
> > "To allow for fine granularity changes in topology, only one Optical Node
> > Property TLV SHALL be advertised in each LSA.  An implementation MUST
> > support receiving multiple Optical Node Property TLVs in an LSA."
>
> Sorry, but I think this reads as nonsense :-(
> "SHALL" and "MUST" are identical in meaning.
> So you have written "only one TLV MUST be advertised". That is ambiguous!
> It could mean "no more than one" or it could mean "it is only necessary to
> advertise one must, but others may be included"
> The thrust of the conversation appears to be for the latter, so don't try
> to do this in clever compact code - write it out in full!
>
> That might give (if it is what you intend to say)...
>
> When using the extensions defined in this document, at least one Optical
> Node Property TLV MUST be advertised in each LSA. To allow for fine
> granularity changes in topology, more than one Optical Node Property TLV
> MAY be advertised in a single LSA. Implementations MUST support receiving
> multiple Optical Node Property TLVs in an LSA.
>
> YOUNG>> Thanks. This works for me. I would accept Adrian's suggested text.
>
> [snip]
>
> >> May I suggest the following changes:
> >>
> >> OLD
> >>
> >>   The format of the SCSI MUST be as depicted in the following figure:
> >>
> >> NEW
> >>
> >>    The format of the SCSI SHALL be as depicted in the following figure:
> >>
> >> END
>
> These sentences are identical! MUST==SHALL
>
> So Alia's text is nicer...
>
> > [Alia] How about "A SCSI may contain multiple Available Label sub-TLVs
> and
> > multiple Shared Backup Label sub-TLVs.  The following figure shows the
> > format for a SCSI that contains these sub-TLVs.  The order of the
> sub-TLVs
> > in the SCSI is arbitrary."
>
> YOUNG>> Accepted.
>
> [snip]
>
> >>> End of Sec 4: "In case where the new sub-TLVs or their attendant
> >>> encodings are malformed, the proper action would be to log the problem
> >>> and ignore..."  First, please be explicit in what behavior MUST be
> done.
>
> I think this request got lost in the discussions that follow. Alia is
> correctly asking for...
>
> "When bad stuff happens you MUST do some things, SHOULD do other things,
> and MAY do additional things."
>
> YOUNG>> Sorry that I missed this. Yes, this is a good question to ask.
> Please see the next resolution that basically says that the malformed LSA
> "MUST" be dropped while logging of this problem SHOULD be done.
>
> >> YOUNG>> malformed sub-TLVs or their attendant encodings refer to that
> which are
> >> not parse-able due to corruption, etc. and cannot be stored in the TED.
>
> Hmmm. The most common cause of unparsable TLVs will be encoding errors,
> bugs, misinterpretation of specs, up-level implementations, etc. Corruption
> doesn't happen much.
> The upshot is the same - you can't process the TLV.
>
> >> How about adding a new sentence to describe the expected action as
> follows:
> >>
> >> OLD
> >>
> >>   In case where the new sub-TLVs or their attendant encodings are
> >>   malformed, the proper action would be to log the problem and ignore
> >>   just the sub-TLVs in GMPLS path computations rather than ignoring
> >>   the entire LSA.
> >>
> >> NEW
> >>
> >>   In case where the new sub-TLVs or their attendant encodings are
> >>   malformed, the proper action would be to log the problem and ignore
> >>   just the sub-TLVs in GMPLS path computations rather than ignoring
> >>   the entire LSA. This should not stop the LSA advertisement process.
> >
> > [Alia] Usually, one doesn't reflood LSAs with malformed TLVs or sub-TLVs.
> > I'm certainly willing to listen to reasoning on why flooding potentially
> corrupt
> > data would be a good idea, but you'll need really clear reasoning.
>
> Why is this any different to any other TLV in any other LSA? Don't we just
> call on standard OSPF behavior?
>
> YOUNG>> Adrian, what is standard OSPF behavior in this case? I would
> assume we drop the entire LSA in which to contain malformed TLVs or
> sub-TLVs. If that is the case, how about:
>
> NEW
>         In case where the new sub-TLVs or their attendant encodings are
>         malformed, the proper action SHOULD log the problem and MUST stop
>       sending the LSA in which to contain malformed TLVs or sub-TLVs.
> END
>
> >>> Is this just for malformed sub-TLVs?  Is it safe to assume that
> sub-TLVs
> >>> further on in the TLV (or following TLVs) can be properly parsed?
> >>
> >> YOUNG>> Yes we are just talking about malformed sub-TLVs. It is safe to
> assume
> >> that other sub-TLVs in the TLV or following TLVs can be properly parsed
> as they
> >> are a distinct sets of info elements with proper sub-TLV types, TLV
> types.
> >
> > [Alia]  Are you picturing that a sub-TLV is malformed if its length
> isn't accurate or just
> > if one of the fields inside the sub-TLV is using a bad value or setting
> a reserved value?
> >  In the latter cases, perhaps it might be tolerable to assume that there
> wasn't data-
> > corruption that will affect the rest of the parsing - but I'm dubious.
>  For the first, if
> > the length is wrong, then you can't accurately know where the next
> sub-TLV starts
> > so all parsing after isn't trustable, IMHO.
>
> I think you have to handle both cases. Furthermore, if the TLV is of
> variable length, anything unexpected needs to be treated with caution.
>
> YOUNG>> Rethinking this issue, I would go with the previous resolution ---
> just stop sending the LSA in which to contain malformed TLVs and sub-TLVs.
>
> >>> Second, please add in some words
> >>> about the expected load of logs.
> >>
> >> YOUNG>> How about adding one sentence followed by "In case..."
> >>
> >> NEW
> >>        The expected load of logs is not expected to be a high volume as
> malformed
> >>        TLVs do not occur frequently in GMPLS.
> >>
> >> END
> >
> > [Alia] Uh - of course error conditions aren't expected to be common!  How
> > about considering how often the advertising router might send the LSA?
> > How about considering the number of neighbors that will be flooding it?
> > How about dampening the number of logs?  Making it a MAY log also makes
> > it clear that it's up to the implementation.
>
> The normal way of handling this is...
> "Errors of this nature SHOULD be logged for the local operator.
> Implementations MUST provide a rate limit on such logs, and that rate limit
> SHOULD be configurable."
>
> YOUNG>> I would accept Adrian's proposed text.
>
>
>
> Adrian
>
>

v2.23.0 | Report a Bug | By Email