Re: Clearing up your misunderstanding of the Association ID

"Adrian Farrel" <> Tue, 18 November 2008 22:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7392928C294 for <>; Tue, 18 Nov 2008 14:38:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.676
X-Spam-Status: No, score=-0.676 tagged_above=-999 required=5 tests=[AWL=-0.182, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1, STOX_REPLY_TYPE=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id tkyPmAmSoHtp for <>; Tue, 18 Nov 2008 14:38:57 -0800 (PST)
Received: from ( [IPv6:2001:418:1::62]) by (Postfix) with ESMTP id 2FCCE28C291 for <>; Tue, 18 Nov 2008 14:38:57 -0800 (PST)
Received: from majordom by with local (Exim 4.69 (FreeBSD)) (envelope-from <>) id 1L2Z9a-000NiL-8b for; Tue, 18 Nov 2008 22:34:38 +0000
Received: from [] ( by with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <>) id 1L2Z9T-000NhG-OU for; Tue, 18 Nov 2008 22:34:34 +0000
Received: from (localhost.localdomain []) by ( with ESMTP id mAIMYRxS013765; Tue, 18 Nov 2008 22:34:28 GMT
Received: from your029b8cecfe ([]) (authenticated bits=0) by ( with ESMTP id mAIMYQN2013744; Tue, 18 Nov 2008 22:34:27 GMT
Message-ID: <CB819F54A08440CF9B90B1C3A2DEDEC8@your029b8cecfe>
Reply-To: "Adrian Farrel" <>
From: "Adrian Farrel" <>
To: "Nic Neate" <>
Cc: <>
References: <020938B8234C48209399F0FF21BD4C31@your029b8cecfe> <>
Subject: Re: Clearing up your misunderstanding of the Association ID
Date: Tue, 18 Nov 2008 22:34:14 -0000
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
Precedence: bulk
List-ID: <>


Nic and I sat down today and discussed this particluar issue: how to 
interpret the Association ID in a received Path message in order to 
associate a new LSP with some other LSP at a merge point.

There are two cases that arise. If the new LSP is part of a segment 
protection relationship, the Association ID is a unique "set identifier" in 
the context of the Association Source. If the LSP is part of an end-to-end 
protection relationship, the Association ID identifies the LSP ID of the 
protection partner.

Nic's concern (and he convinced me for a while :-) is that there is an issue 
with distinguishing this case when a segment protection LSP is, itself, 
protected along its whole path in an end-to-end manner.

Having thought about this more, I believe the following processing rules 
that can be applied to make this work. I would be interested in any use 
cases (in particular message arrival variants) that anyone believes breaks 
these rules.

For each Association Object on the received Path message...

1. Look for an existing LSP with association object that matches 
{Association Source, Association ID} from the new Path message. If found, 
this is segment protection protecting from the Association Source to this 
node. Stop.

2. Look for existing LSP with matching {dest, tunnel ID, extended tunnel ID} 
and with LSP ID equal to received Association ID. The Association Source can 
(and probably should) also be checked against the sender source address on 
the matched LSP. If found, this is end-to-end protection from Association 
Source to dest.

Note that there may be multiple Association objects on a Path message. Note 
also, that 4872 requires the use of the same Session specifically to enable 
the use of the Association ID to LSP ID mapping.

As far as I can see, this addresses all cases.


----- Original Message ----- 
From: "Nic Neate" <>
To: "Aria - Adrian Farrel Personal" <>
Cc: <>rg>; "labn - Lou Berger" <>et>; "ALU - 
Dimitri Papadimitriou" <>
Sent: Tuesday, November 18, 2008 3:07 PM
Subject: RE: Clearing up your misunderstanding of the Association ID

Thanks Adrian,

I think the key source of confusion is that RFC 4873 makes no reference to 
changing the specific procedures defined in 4872 for setting the association 
ID to the LSP ID of the protecting/protected LSP.

For example, in section 5.1:

   5.1.  Identifiers


   To allow distinguishing the working LSP (from which the signal is
   taken) from the protecting LSP, the working LSP is signaled by
   setting in the PROTECTION object the S bit to 0, the P bit to 0, and
   in the ASSOCIATION object, the Association ID to the protecting
   LSP_ID.  The protecting LSP is signaled by setting in the PROTECTION
   object the S bit to 0, the P bit to 1, and in the ASSOCIATION object,
   the Association ID to the associated protected LSP_ID.

Your email and discussion with Lou has helped expain the intention of 4873. 
However, I still have some concerns about interworking of end-to-end and 
segment recovery - see my email to Lou.


-----Original Message-----
From: Aria - Adrian Farrel Personal
Sent: 18 November 2008 14:00
To: Nic Neate
Subject: Clearing up your misunderstanding of the Association ID

Hi Nic,

I think there are a bunch of issues that you are raising, and we should try 
to itemise them to make sure we close them all off.

For the issue of the use of Association ID in segment protection, I think 
you may have misread the relevant RFCs. I don't believe any new Association 
ID type is needed to achieve the function: we can simply use the 4872 
association type.

 Section 4.3 of 4872 says...
    The ASSOCIATION object, introduced in Section 16, is used to
    associate the working and protecting LSPs.

    When used for signaling the working LSP, the Association ID of the
    ASSOCIATION object (see Section 16) identifies the protecting LSP.
    When used for signaling the protecting LSP, this field  identifies the
    LSP protected by the protecting LSP.

That gives us the basis of everything we need.

 Then, in Section 16...
    The ASSOCIATION object is used to associate LSPs with each
    other.  In the context of end-to-end LSP recovery, the association
    MUST only identify LSPs that support the same Tunnel ID as well
    as the same tunnel sender address and tunnel endpoint address.
    The Association Type, Association Source, and Association ID
    fields of the object together uniquely identify an association.

I suspect that this is the source of your misunderstanding. But note that in 
4873, the context is not end-to-end LSP  recovery so the restriction on the 
Tunnel ID does not apply.

If you follow this through now, I suspect you will discover that most of 
your issues go away.