Re: [Gen-art] Review: draft-ietf-pcn-sm-edge-behaviour-08

"Joel M. Halpern" <jmh@joelhalpern.com> Sun, 01 January 2012 19:58 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DF1D11E8080 for <gen-art@ietfa.amsl.com>; Sun, 1 Jan 2012 11:58:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.265
X-Spam-Level:
X-Spam-Status: No, score=-102.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z3fzDSXQLpCX for <gen-art@ietfa.amsl.com>; Sun, 1 Jan 2012 11:58:50 -0800 (PST)
Received: from morbo.mail.tigertech.net (morbo.mail.tigertech.net [67.131.251.54]) by ietfa.amsl.com (Postfix) with ESMTP id B54FD11E8073 for <gen-art@ietf.org>; Sun, 1 Jan 2012 11:58:50 -0800 (PST)
Received: from mailb2.tigertech.net (mailb2.tigertech.net [208.80.4.154]) by morbo.tigertech.net (Postfix) with ESMTP id 747AFCD0BB for <gen-art@ietf.org>; Sun, 1 Jan 2012 11:58:50 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailb2.tigertech.net (Postfix) with ESMTP id 4D4391C08CC; Sun, 1 Jan 2012 11:58:49 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from [10.10.10.101] (pool-71-161-50-89.clppva.btas.verizon.net [71.161.50.89]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id 0D5E51C08CA; Sun, 1 Jan 2012 11:58:47 -0800 (PST)
Message-ID: <4F00BAFD.2070201@joelhalpern.com>
Date: Sun, 01 Jan 2012 14:58:53 -0500
From: "Joel M. Halpern" <jmh@joelhalpern.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: Tom Taylor <tom111.taylor@bell.net>
References: <CAHBDyN6PN-vp9wXo6fF8G4VfODXjkfbWBaJN8EPopeWfOg9PmQ@mail.gmail.com> <4EFF838D.5020704@joelhalpern.com> <BLU0-SMTP18EE1E01EAA97CC44A44FFD8900@phx.gbl>
In-Reply-To: <BLU0-SMTP18EE1E01EAA97CC44A44FFD8900@phx.gbl>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: gen-art@ietf.org, David Harrington <ietfdbh@comcast.net>, draft-ietf-pcn-sm-edge-behaviour@tools.ietf.org, Steven Blake <slblake@petri-meat.com>
Subject: Re: [Gen-art] Review: draft-ietf-pcn-sm-edge-behaviour-08
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Jan 2012 19:58:51 -0000

Thank you for responding promptly Tom.  Let me try to elaborate on the 
two issues where I was unclear.

On the ingress-egress-aggregate issue and ECMP, the concern I have is 
relative to the third operational alternative where routing is used to 
determine where the ingress and egress of a flow is.  To be blunt, as 
far as I can tell this does not work.
1) It does not work on the ingress side because traffic from a given 
source prefix can come in at multiple places.  Some of these places may 
claim reachability to the source prefix.  Some may not.  While a given 
flow will use only one of these paths, there is no way to determine from 
routing information, at the egress, which ingress that flow used.
2) A site may use multiple exits for a given destination prefix.  Again, 
while the site will only use one of these egresses for a given flow, 
there is no way for the ingress to know which egress it will be on the 
basis of routing information.
Thus, the text seems to allow for a behavior that simply does not work.

I am still confused about the relationship of section 3.3.2 to the 
behavior you describe.  3.3.2 says that as long as any excess traffic is 
being reported, teh decision point shall direct the blocking of 
additional flows.  That does not match 3.3.1, and does not match your 
description.

Yours,
Joel

On 1/1/2012 2:48 PM, Tom Taylor wrote:
> Thanks for the review, Joel. Comments below, marked with [PTT].
>
> On 31/12/2011 4:50 PM, Joel M. Halpern wrote:
>> I am the assigned Gen-ART reviewer for this draft. For background on
>> Gen-ART, please see the FAQ at
>> <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
>>
>> Please resolve these comments along with any other Last Call comments
>> you may receive.
>>
>> Document: draft-ietf-pcn-sm-edge-behaviour-08
>> PCN Boundary Node Behaviour for the Single Marking (SM) Mode of
>> Operation
>> Reviewer: Joel M. Halpern
>> Review Date: 31-Dec-2011
>> IETF LC End Date: 13-Jan-2012
>> IESG Telechat date: N/A
>>
>> Summary: This documents is almost ready for publication as an
>> Informational RFC.
>>
>> Question: Given that the document defines a complex set of behaviors,
>> which are mandatory for compliant systems, it seems that this ought to
>> be Experimental rather than Informational. It describes something that
>> could, in theory, later become standards track.
>
> [PTT] OK, we've wobbled on this one, but we can follow your suggestion.
>>
>> Major issues:
>> Section 2 on Assumed Core Network Behavior for SM, in the third bullet,
>> states that the PCN-domain satisfies the conditions specified in RFC
>> 5696. Unfortunately, look at RFC 5696 I can not tell what conditions
>> these are. Is this supposed to be a reference to RFC 5559 instead? No
>> matter which document it is referencing, please be more specific about
>> which section / conditions are meant.
>
> [PTT] You are right that RFC 5696 isn't relevant. It's such a long time
> since that text was written that I can't recall what the intention was.
> My inclination at the moment is simply to delete the bullet.
>>
>> It would have been helpful if the early part of the document indicated
>> that the edge node information about how to determine
>> ingress-egress-aggregates was described in section 5.
>> In conjunction with that, section 5.1.2, third paragraph, seems to
>> describe an option which does not seem to quite work. After describing
>> how to use tunneling, and how to work with signaling, the text refers to
>> inferring the ingress-egress-aggregate from the routing information. In
>> the presence of multiple equal-cost domain exits (which does occur in
>> reality), the routing table is not sufficient information to make this
>> determination. Unless I am very confused (which does happen) this seems
>> to be a serious hole in the specification.
>
> [PTT] I'm not sure what the issue is here. As I understand it, operators
> don't assign packets randomly to a given path in the presence of
> alternatives -- they choose one based on values in the packet header.
> The basic intent is that packets of a given microflow all follow the
> same path, to prevent unnecessary reordering and minimize jitter. The
> implication is that filters can be defined at the ingress nodes to
> identify the packets in a given ingress-egress-aggregate (i.e. flowing
> from a specific ingress node to a specific egress node) based on their
> header contents. The filters to do the same job at egress nodes are a
> different problem, but they are not affected by ECMP.
>>
>> Minor issues:
>> Section 3.3.1 states that the "block" decision occurs when the CLE
>> (excess over total) rate exceeds the configured limit. However, section
>> 3.3.2 states that the decision node must take further stapes if the
>> excess rate is non-zero in further reports. Is this inconsistency
>> deliberate? If so, please explain. If not, please fix. (If it is
>> important to drive the excess rate to 0, then why is action only
>> initiated when the ratio is above a configured value, rather than any
>> non-zero value? I can conceive of various reasons. But none are stated.)
>
> [PTT] We aren't driving the excess rate to zero, but to a value equal to
> something less than (U - 1)/U. (The "something less" is because of
> packet dropping at interior nodes.) The assumption is that (U - 1)/U is
> greater than CLE-limit. Conceptually, PCN uses two thresholds. When the
> CLE is below the first threshold, new flows are admitted. Above that
> threshold, they are blocked. When the CLE is above the second threshold,
> flows are terminated to bring them down to that threshold. In the SM
> mode of operation, the first threshold is specified directly on a
> per-link basis by the value CLE-limit. The second threshold is specified
> by the same value (U - 1)/U for all links. With the CL mode of operation
> the second threshold is also specified directly for each link.
>>
>>
>> Nits/editorial comments:
>>
>>
>