IETF Logo Mail Archive

Re: [Gen-art] Gen-art telechat review of draft-ietf-mpls-tp-psc-itu-03.txt

"Adrian Farrel" <adrian@olddog.co.uk> Sat, 22 March 2014 21:14 UTC

Return-Path: <adrian@olddog.co.uk>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76EDB1A0A06 for <gen-art@ietfa.amsl.com>; Sat, 22 Mar 2014 14:14:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.553
X-Spam-Level:
X-Spam-Status: No, score=-100.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_DNSWL_NONE=-0.0001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ad8eoQ2oiw3M for <gen-art@ietfa.amsl.com>; Sat, 22 Mar 2014 14:14:11 -0700 (PDT)
Received: from asmtp5.iomartmail.com (asmtp5.iomartmail.com [62.128.201.176]) by ietfa.amsl.com (Postfix) with ESMTP id 3327B1A0A04 for <gen-art@ietf.org>; Sat, 22 Mar 2014 14:14:11 -0700 (PDT)
Received: from asmtp5.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp5.iomartmail.com (8.13.8/8.13.8) with ESMTP id s2MLE9ZC023038; Sat, 22 Mar 2014 21:14:09 GMT
Received: from 950129200 (14.21.90.92.rev.sfr.net [92.90.21.14]) (authenticated bits=0) by asmtp5.iomartmail.com (8.13.8/8.13.8) with ESMTP id s2MLE6tV023013 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sat, 22 Mar 2014 21:14:08 GMT
From: Adrian Farrel <adrian@olddog.co.uk>
To: elwynd@folly.org.uk
References: <1395511257.15324.480.camel@mightyatom> <61819e57d85f408d880d97dacc78fb6e@BLUPR05MB151.namprd05.prod.outlook.com>
In-Reply-To: <61819e57d85f408d880d97dacc78fb6e@BLUPR05MB151.namprd05.prod.outlook.com>
Date: Sat, 22 Mar 2014 21:14:07 -0000
Message-ID: <0af301cf4613$aae41130$00ac3390$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHH7prrUr7xg33idzdFv8lxQWwujAIKz4FEmuvtl5A=
Content-Language: en-gb
X-TM-AS-MML: disable
X-TM-AS-Product-Ver: IMSS-7.1.0.1576-7.5.0.1017-20584.002
X-TM-AS-Result: No--36.616-10.0-31-10
X-imss-scan-details: No--36.616-10.0-31-10
X-TMASE-MatchedRID: IDdx3MBO6ECnykMun0J1wpmug812qIbzjwuaShT598STMTaQzhvoenFD 0I0jlEDdvfa8OkT8fOsH0E/PTyYp59GETJv1/WyO8eSmTJSmEv0yGiaSs0n67M1BXOF9hjmyK4y 9tZbFc871SzhmuM96r1QXDAJtm+kNw785bCYYyVHbH3dKejGFV8obqaMDepRMsp5O052MzLpkgy z6sK9A2scxtNCz3HNsD8sg3pJXo3BgRbV6VSX3KJYsKSXWWrsHgHzgwy8qV5rQqI16NtHf0HLu5 dsUmK54SsI34zFtXWIKRSwpyKdE6Ythqq74C5Fqf01qcJQDhV5aNaxZBRbNWlmmz7LVVfOpqODk u3lOZN/ytUtbzIEhEXE8E8tZyC4izB1CJ6qmdNq4jAucHcCqnc3R8xWi34AR5DJ1FS+XdBM1S0I Q8IPwl9TF7j6mOF3TsGrUDFhNwtW1UAN2vPuTMrdQIb8hCnY+Ub94TvZPQ0IhX1DXcpnJgGQcKy BERs/hfDqQ1aupGdAeqjAciogGxbkHAwdGeHT1iTZj5dVNywMfXzVgO0hVqr2sHAdOSu9iYqkwm iKYFxvtY5ELtx0IW4brXl5QxlSlkH0tMESKrHRgP1dNF1ow7UVfSggQjIJBAOrNpiFyN5BnYjQo sQAesiQzZXePPedHvwujubmpN6MRXrSqR8jJueGonqgs5zxBnvBHr/aFnM5xzEvhkPyg9KPFjJE Fr+olfeZdJ1XsorhCITlsmPfzAAtuKBGekqUpPjKoPgsq7cA=
Archived-At: http://mailarchive.ietf.org/arch/msg/gen-art/U1DvNzN6kdmDW1s9nAwy1UlY5RQ
Cc: 'General Area Review Team' <gen-art@ietf.org>, draft-ietf-mpls-tp-psc-itu.all@tools.ietf.org
Subject: Re: [Gen-art] Gen-art telechat review of draft-ietf-mpls-tp-psc-itu-03.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: adrian@olddog.co.uk
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Mar 2014 21:14:13 -0000

Hi Elwyn,

Thanks for your pursuit of excellence.

I understand from the document editor that there is a revision in waiting to be
posted that clears up some remaining nits from your review.

However, in line...

> Summary:
> Almost ready.  There are a couple of points which I raised at Last Call
> and discussed with the authors and others both by email and f2f in
> London that are not resolved.  These point revolve around being rigorous
> about wire encoding, clarifying error behaviour and being definite that
> implementations support modes as specfic combinations of capabilities so
> that arbitrary capability combinations are not allowed and result in
> invalid protocol messages.
> 
> Major Issues:
> 
> Minor Issues:
> s1: From my discussions with the authors and others associated with this
> document, it is my understanding that the intention is that only
> combinations of capabilities specified by modes should be legal and
> hence that implementations would support modes rather than arbitrary
> sets of capbilities. I think it would be worth being more explicit about
> this.  This would answer my comments at Last Call that it was unclear
> whether other combinations were allowed and would make it clear that a
> message that arrived with a corrupted bit in the flags field was
> definitely malformed.  I suggest adding the following text to para 16 of
> s1 (starts "This document introduces capabilities and modes.") before
> the last sentence:
>    Only combinations of capabilities specified by modes will be
>    supported by implementations.

While this is true, it is also not helpful!
Any combination of capabilities (these five and any of the future
nearly-infinite number of capabilities that can be represented in the bit field)
could be specified as supported (i.e. as a mode) in the future.
There are two points of note:
1. Only two modes are currently defined
2. Any future mode must be specified in combination with the state machines for
the mode.

A message that is received containing a set of capabilities (i.e. a mode) not
supported by the receiver would be rejected. See Section 9.1.1. That is, this is
not a negotiation. This is a verification that both speakers are operating in
the same mode.

For future compatibility, there is no distinction between a corrupted set of
capability bits and an unknown mode.

> Nits/Editorial Comments:
> 
> s4.4, para 1:
> OLD:
> When the modified priorities specified in this document is in use,..
> NEW:
> When the modified priorities specified in this document are in use,..
> (or maybe better:)
> When the modified priority order specified in this document is in use,..
> 
> s7.3 et seq: The term "selector bridge" is introduced without
> definition.  I suspect it is a piece of jargon I am supposed to know but
> I think a reference would help.

Yes, it is a piece of standard terminology in protection switching. I'm sure the
authors can find a reference.

> s9.1: RFC 6378 doesn't define the encoding of the TLV type and TLV
> length fields, so it needs to be done here (Unsigned integers). It also
> doesn't define encoding of the overall TLV length field in
> the PSC header.  This may be thought to be 'obvious' but there is no
> default specified in IETF documents.

This is being fixed in draft-ietf-mpls-psc-updates that updates 4368. New
revision about to be posted before IETF last call.

> s9.1: Both RFC6378 and this document are incomplete as regards
> specifying what constitutes an invalid protocol message.  In particular
> there is no discussion of behaviour if correctly formed but unrecognized
> TLVs are received.  Do these make the message invalid or should they be
> ignored?

This should be included in draft-ietf-mpls-psc-updates as well.

> s9.1.1 and s12:
> In s12 it is stated (similar wording in s9.1.1):
> >    o  If the Capabilities TLV mismatches, the node MUST alert the
> >       operator and MUST NOT perform any protection switching until the
> >       operator resolves the mismatch in the Capabilities TLV.
> Having discussed the situation with the authors and others, I understand
> that there are circumstances, depending on the underlying transport,
> that bit errors might not be detected and hence that there is a small
> probability that corrupt PSC messages may be propagated up to the
> protocol machine.  At present there is no explicit statement that a
> corrupted flag word would be trapped as an invalid protocol message
> (this seems to be the intention) rather than triggering this operator
> alert.  I think that the best that can be done is specify that a PSC
> protocol message MUST have the flags for a recognized mode set exactly
> and otherwise it will be treated as an invalid message.  The wording in
> s9.1.1 and s12 would then catch an inadvertent reconfiguration.  I
> suggest adding the following to s9.1.1:
>    Any PSC message that has a combination of capability bits set that
>    does not correspond to a defined mode will be treated as an invalid
>    message and ignored.

This is plain wrong!
The receiving device is set to operate in a single mode.
If the received message is not identical to that mode, it cannot operate. 
Section 9.1.1 already explains how this is handled.
To restate: this is not a negotiation.
It is an announcement.

The possibility of a corrupt message does exist. Neutrinos are remarkably
unpredictable beasts. And it is remotely possible that the error will arise
without the underlying transport detecting it. And it is further possible that
the error will take out a single bit in the capabilities. The result is
indistinguishable from the sender deciding to tweak its capabilities. That would
cause a mode mismatch and the process in 9.1.1 would be invoked. Given that it
is indistinguishable, why would this be a cause for any different behaviour?

BTW, Stewart was asking some time back whether there was any record anywhere of
an MPLS packet that had been misdelivered because the label had had a corruption
event on the wire. We didn't come up with anything and the general feeling was
that hardware memory was far more vulnerable.

v2.23.0 | Report a Bug | By Email