Re: [Gen-art] Gen-ART Last Call review of draft-ietf-opsawg-capwap-alt-tunnel-10

[Duzongpeng <duzongpeng@huawei.com>]

I received an email saying that 

Your mail to 'Gen-art' with the subject

    RE: Gen-ART Last Call review of
draft-ietf-opsawg-capwap-alt-tunnel-10

Is being held until the list moderator can review it for approval.

The reason it is being held:

    Message body is too big: 421423 bytes with a limit of 400 KB

So I send again just including the new txt version of the draft.
If any problem, please connect me.

-----Original Message-----
From: Duzongpeng 
Sent: Wednesday, December 13, 2017 4:56 PM
To: 'Paul Kyzivat'; draft-ietf-opsawg-capwap-alt-tunnel.all@ietf.org
Cc: General Area Review Team
Subject: RE: Gen-ART Last Call review of draft-ietf-opsawg-capwap-alt-tunnel-10

Hi, Paul

	Please see inline. 
	Thank you very much for your careful review. 
	We have updated the draft accordingly. 
	If any problem, please connect us.

Best Regards
Zongpeng Du

-----Original Message-----
From: Paul Kyzivat [mailto:pkyzivat@alum.mit.edu]
Sent: Tuesday, December 12, 2017 3:48 AM
To: draft-ietf-opsawg-capwap-alt-tunnel.all@ietf.org
Cc: General Area Review Team
Subject: Gen-ART Last Call review of draft-ietf-opsawg-capwap-alt-tunnel-10

I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <​http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.

Document: draft-ietf-opsawg-capwap-alt-tunnel-10
Reviewer: Paul Kyzivat
Review Date: 2017-12-11
IETF LC End Date: 2017-12-13
IESG Telechat date: TBD

Summary:

This draft is on the right track but has open issues, described in the review.

(Thanks for fixing most of the issues I raised in the previous round.)

Issues:

Major: 0
Minor: 7
Nits:  1

(1) MINOR:

In Section 1.3, if this document is intended to serve as a *historical* reference, then why isn't then intended status "Historic" rather than "Experimental"?
<zongpeng>There have been discussions about it among the authors, chairs, and the ADs. Finally, the "Experimental" type is decided.
According to https://tools.ietf.org/html/rfc2026#section-4.2, the historical type means:
   A specification that has been superseded by a more recent
   specification or is for any other reason considered to be obsolete is
   assigned to the "Historic" level.
Our document is a new one, so it is not very proper for us to declare a historical type.

	Also in RFC2026, it is said that  
   The "Experimental" designation typically denotes a specification that
   is part of some research or development effort.  Such a specification
   is published for the general information of the Internet technical
   community and as an archival record of the work, subject only to
   editorial considerations and to verification that there has been
   adequate coordination with the standards process (see below).

	So we consider that the "Experimental" type is more suitable here.

	And to avoid ambiguity, we have changed the "This experimental document is intended to serve as a historical reference for any future work as to the operational and deployment requirements." To
	"This experimental document is intended to serve as **an archival record** for any future work as to the operational and deployment requirements."
</zongpeng>
 (2) MINOR:

Section 3 contains:

    Since AC can configure a WTP with more than one AR available for the
    WTP to establish the data tunnel(s) for user traffic, it may be
    useful for the WTP to communicate the selected AR.  To enable this,
    the IEEE 802.11 WLAN Configuration Response may contain the AR list
    element containing the selected AR.

But "IEEE 802.11 WLAN Configuration Response" is not defined in this version of the document. Seems like this may be a dangling reference from a prior version.
<zongpeng>Thanks for proposing the problem. We add some explanations for the problem.
Firstly, change the sentence to " the IEEE 802.11 WLAN Configuration Response may contain the AR list
    element containing the selected AR *as shown in Figure 5*."
Secondly, change the Config. To Configuration in the Figure 5, and add the [ AR List Element ]  in the IEEE 802.11 WLAN Configuration Response message.</zongpeng> 

(3) MINOR:

In Section 3.1, Figure 6 shows Tunnel-Type1 occupying the first 16 bits of a 32 bit value, and Tunnel-Type (2..N) all occupying the 2nd 16 bits of that value. That doesn't work for N>2. I *presume* that the intent is that this be an array of 16 bit values in network order starting with Tunnel-Type1, but that is not what it says. Needs some work.

<zongpeng>Thanks for proposing the problem. We add some explanations for the problem.
Firstly, add some explanations into the Tunnel-type Field.
Tunnel-Type: This is identified by value defined in Section 3.2. *There may be one or more Tunnel-Types as shows in Figure 6.* Secondly, change the graph to:
	0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|      Tunnel-Type 1            |      Tunnel-Type 2            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|            ...                |      Tunnel-Type N            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</zongpeng>

(4) MINOR:

In Section 3.3 I find the wording of the usage unclear in the following:

    The Alternate Tunnel Failure Indication message element is sent by
    the WTP to inform the AC about the status of the Alternate Tunnel.
    It MAY be included in the CAPWAP Station Configuration Request
    message.  ...

It is the way "MAY" is used here that causes me confusion, as if there is some other way to achieve this goal. Perhaps the following would be
clearer:

    The WTP MAY include the Alternate Tunnel Failure Indication message
    in a CAPWAP Station Configuration Request message to inform the AC
    about the status of the Alternate Tunnel.

<zongpeng> Thanks for proposing the problem. We revise accordingly. </zongpeng>

(5) MINOR:

In Section 4.2 I find the usage of the term "Access Router (LMA) Information Element" confusing. I find no definition of this as a distinct thing, so I gather the intent is that this is a particular usage of "Access Router Information Element". I think this would be clearer to remove "(LMA)" from Figure 10.

<zongpeng> Thanks for proposing the problem. We revise accordingly. </zongpeng>

(6) MINOR:

Section 5.2 uses "ARs" and "ARs information" in ways that are unclear and improper grammar. IIUC "AR" in this document means "Access Router", and so "ARs" should mean "Access Routers". It is used that way once in section 3.3, and once in 5.2. But several other usages in 5.2 are different, and seem to be intended to refer to "Access Router Information Elements". I suggest the following change:

OLD

    ... If there are more than one ARs
    information provided by the AC for reliability reasons, the same
    Tunnel DTLS Policy (see Figure 14) is generally applied for all
    tunnels associated with the ARs.  Otherwise, Tunnel DTLS Policy MUST
    be bonding together with each of the ARs, then WTP will enforce the
    independent tunnel DTLS policy for each tunnel with a specific AR.

NEW

    ... If, for reliability reasons, the AC has provided more than one
    AR address in the Access Router Information Element, the same
    Tunnel DTLS Policy (see Figure 14) is generally applied for all
    tunnels associated with those ARs.  Otherwise, Tunnel DTLS Policy
    MUST be bonded together with each of the Access Router Information
    Elements, and the WTP will enforce the independent tunnel DTLS policy
    for each tunnel with a specific AR.

In addition the mechanics of this "bonding" aren't entirely clear. This seems to be covered by:

    A: If A bit is set, there is an AR information associated with the
    DTLS policy.  There may be an array of pairs binding DTLS policy
    information and AR information contained in the Tunnel DTLS Policy
    Element.  Otherwise, the same Tunnel DTLS Policy (see Figure 14) is
    generally applied for all tunnels associated with the ARs configured
    by the AC.

The above says "There may be an array of pairs". How is the array encoded and how is its length specified? I'm guessing you intend:

When A=0:

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |Tunnel DTLS Policy Element Type|        Length                 |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        Reserved                       |A|D|C|R|
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

When A=1:

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |Tunnel DTLS Policy Element Type|        Length                 |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        Reserved                       |A|D|C|R|
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      .                       AR Information                          .
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        Reserved                       |A|D|C|R|
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      .                       AR Information                          .
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        Reserved                       |A|D|C|R|
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      .                       AR Information                          .
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


where the number of repeats is equal to the number of AR addresses previously specified.

This needs to be made much clearer. ISTM it would be cleaner to forget the flag, and simply say this is always a list, where the last element has no AR Information and provides options for any address not previously mentioned. (But this isn't an option if it is documenting existing usage.)

In Figure 9, I gather that "AR Information" means "Access Router Information Element", and in this context it must be restricted to a single address, and must be the address of one of previously specified AR addresses. If so, please say this explicitly.

<zongpeng> Thanks for proposing the problem. We revise accordingly.
The change is a little complicated, and is described following the comments. 
Several people had edited the draft, so that there was some conflicts in the description.
But the main opinion among the authors is the same. Thanks again for the suggestion.</zongpeng>

(7) MINOR:

Section 5.3 has a similar construction to that in 5.2, with the same issues and should get a comparable fix.

(8) NIT:

IdNits reports that the reference to RFC2460 in section 5.6 is obsolete.
<zongpeng> Thanks for proposing the problem. We revise accordingly. </zongpeng>


About the (6) and (7), we choose to forget the flag as you have suggested. However, it is found that it is not enough to just modify section 5.2 and 5.3, so that section 5.4, 5.5, 5.6 are also modified to support information providing of more than one ARs.
Among them, section 5.5 is a little different, because every GRE key should be independent, and needs not to be the same.
Also for section 5.6, IPv6 MTU are not needed in the context of IPv4 environment, so there is no default value, neither.

For the detailed modifications, please refer to the new version of draft attached. 
Perhaps we will update the draft recently if it is ok for you.