Re: [Gen-art] Review: draft-ietf-pcn-sm-edge-behaviour-08

Tom Taylor <> Sun, 01 January 2012 21:06 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A4A7B1F0C3B for <>; Sun, 1 Jan 2012 13:06:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id lCAfqByZas2G for <>; Sun, 1 Jan 2012 13:06:44 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 9B1111F0C36 for <>; Sun, 1 Jan 2012 13:06:44 -0800 (PST)
Received: by yenm7 with SMTP id m7so9444803yen.31 for <>; Sun, 01 Jan 2012 13:06:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=Eri4AiNrU/7C/q8CyM2ZMlsckNuCX7AwvzB4teuqxZo=; b=W1PH1GJMobInJ/po1ysG29jQaBj58p6s+i4zVmmRlnCWfhmoOyg9aApzexWxufX4WF Xhi6Z9wG9+xK1fiBi6+S8/w8v7KBth3zWZICEpird93oTOVGvkoVSmMh9kLMisAYZ0x5 /siP9ORAmoAbM9Z1hTuPefnlewCPe5oNiBqlQ=
Received: by with SMTP id g43mr59301637yhf.68.1325452002455; Sun, 01 Jan 2012 13:06:42 -0800 (PST)
Received: from [] ( []) by with ESMTPS id 31sm2586360ant.14.2012. (version=TLSv1/SSLv3 cipher=OTHER); Sun, 01 Jan 2012 13:06:41 -0800 (PST)
Message-ID: <>
Date: Sun, 01 Jan 2012 16:06:41 -0500
From: Tom Taylor <>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: "Joel M. Halpern" <>
References: <> <> <BLU0-SMTP18EE1E01EAA97CC44A44FFD8900@phx.gbl> <>
In-Reply-To: <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Sun, 01 Jan 2012 13:12:10 -0800
Cc:, David Harrington <>,, Steven Blake <>
Subject: Re: [Gen-art] Review: draft-ietf-pcn-sm-edge-behaviour-08
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 01 Jan 2012 21:06:45 -0000

On 01/01/2012 2:58 PM, Joel M. Halpern wrote:
> Thank you for responding promptly Tom. Let me try to elaborate on the
> two issues where I was unclear.
> On the ingress-egress-aggregate issue and ECMP, the concern I have is
> relative to the third operational alternative where routing is used to
> determine where the ingress and egress of a flow is. To be blunt, as far
> as I can tell this does not work.
> 1) It does not work on the ingress side because traffic from a given
> source prefix can come in at multiple places. Some of these places may
> claim reachability to the source prefix. Some may not. While a given
> flow will use only one of these paths, there is no way to determine from
> routing information, at the egress, which ingress that flow used.
> 2) A site may use multiple exits for a given destination prefix. Again,
> while the site will only use one of these egresses for a given flow,
> there is no way for the ingress to know which egress it will be on the
> basis of routing information.
> Thus, the text seems to allow for a behavior that simply does not work.

[PTT] I think the disconnect here is that you read the text to say that 
an individual node uses routing information to determine the IEA. That 
wasn't the intention. Instead, administrators use routing information to 
derive filters that are installed at the ingress and egress nodes.
> I am still confused about the relationship of section 3.3.2 to the
> behavior you describe. 3.3.2 says that as long as any excess traffic is
> being reported, teh decision point shall direct the blocking of
> additional flows. That does not match 3.3.1, and does not match your
> description.

[PTT] I can't see the text in section 3.3.2 that says you continue to 
block as long as any excess traffic is being reported. What I think it 
says is that as long as excess traffic is reported, the decision point 
checks to see whether the traffic being admitted to the aggregate 
exceeds the supportable level. Excess traffic may be non-zero, yet no 
termination may be required (i.e., traffic is below the second threshold).
> Yours,
> Joel
> On 1/1/2012 2:48 PM, Tom Taylor wrote:
>> Thanks for the review, Joel. Comments below, marked with [PTT].
>> On 31/12/2011 4:50 PM, Joel M. Halpern wrote:
>>> I am the assigned Gen-ART reviewer for this draft. For background on
>>> Gen-ART, please see the FAQ at
>>> <>.
>>> Please resolve these comments along with any other Last Call comments
>>> you may receive.
>>> Document: draft-ietf-pcn-sm-edge-behaviour-08
>>> PCN Boundary Node Behaviour for the Single Marking (SM) Mode of
>>> Operation
>>> Reviewer: Joel M. Halpern
>>> Review Date: 31-Dec-2011
>>> IETF LC End Date: 13-Jan-2012
>>> IESG Telechat date: N/A
>>> Summary: This documents is almost ready for publication as an
>>> Informational RFC.
>>> Question: Given that the document defines a complex set of behaviors,
>>> which are mandatory for compliant systems, it seems that this ought to
>>> be Experimental rather than Informational. It describes something that
>>> could, in theory, later become standards track.
>> [PTT] OK, we've wobbled on this one, but we can follow your suggestion.
>>> Major issues:
>>> Section 2 on Assumed Core Network Behavior for SM, in the third bullet,
>>> states that the PCN-domain satisfies the conditions specified in RFC
>>> 5696. Unfortunately, look at RFC 5696 I can not tell what conditions
>>> these are. Is this supposed to be a reference to RFC 5559 instead? No
>>> matter which document it is referencing, please be more specific about
>>> which section / conditions are meant.
>> [PTT] You are right that RFC 5696 isn't relevant. It's such a long time
>> since that text was written that I can't recall what the intention was.
>> My inclination at the moment is simply to delete the bullet.
>>> It would have been helpful if the early part of the document indicated
>>> that the edge node information about how to determine
>>> ingress-egress-aggregates was described in section 5.
>>> In conjunction with that, section 5.1.2, third paragraph, seems to
>>> describe an option which does not seem to quite work. After describing
>>> how to use tunneling, and how to work with signaling, the text refers to
>>> inferring the ingress-egress-aggregate from the routing information. In
>>> the presence of multiple equal-cost domain exits (which does occur in
>>> reality), the routing table is not sufficient information to make this
>>> determination. Unless I am very confused (which does happen) this seems
>>> to be a serious hole in the specification.
>> [PTT] I'm not sure what the issue is here. As I understand it, operators
>> don't assign packets randomly to a given path in the presence of
>> alternatives -- they choose one based on values in the packet header.
>> The basic intent is that packets of a given microflow all follow the
>> same path, to prevent unnecessary reordering and minimize jitter. The
>> implication is that filters can be defined at the ingress nodes to
>> identify the packets in a given ingress-egress-aggregate (i.e. flowing
>> from a specific ingress node to a specific egress node) based on their
>> header contents. The filters to do the same job at egress nodes are a
>> different problem, but they are not affected by ECMP.
>>> Minor issues:
>>> Section 3.3.1 states that the "block" decision occurs when the CLE
>>> (excess over total) rate exceeds the configured limit. However, section
>>> 3.3.2 states that the decision node must take further stapes if the
>>> excess rate is non-zero in further reports. Is this inconsistency
>>> deliberate? If so, please explain. If not, please fix. (If it is
>>> important to drive the excess rate to 0, then why is action only
>>> initiated when the ratio is above a configured value, rather than any
>>> non-zero value? I can conceive of various reasons. But none are stated.)
>> [PTT] We aren't driving the excess rate to zero, but to a value equal to
>> something less than (U - 1)/U. (The "something less" is because of
>> packet dropping at interior nodes.) The assumption is that (U - 1)/U is
>> greater than CLE-limit. Conceptually, PCN uses two thresholds. When the
>> CLE is below the first threshold, new flows are admitted. Above that
>> threshold, they are blocked. When the CLE is above the second threshold,
>> flows are terminated to bring them down to that threshold. In the SM
>> mode of operation, the first threshold is specified directly on a
>> per-link basis by the value CLE-limit. The second threshold is specified
>> by the same value (U - 1)/U for all links. With the CL mode of operation
>> the second threshold is also specified directly for each link.
>>> Nits/editorial comments: