Re: [Idr] [bess] draft-rosen-mpls-rfc3107bis

"Acee Lindem (acee)" <acee@cisco.com> Fri, 01 April 2016 21:29 UTC

Return-Path: <acee@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 212A412D6F9; Fri, 1 Apr 2016 14:29:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.53
X-Spam-Level:
X-Spam-Status: No, score=-14.53 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7gXc8gczci3i; Fri, 1 Apr 2016 14:29:17 -0700 (PDT)
Received: from aer-iport-3.cisco.com (aer-iport-3.cisco.com [173.38.203.53]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A67E212D6F7; Fri, 1 Apr 2016 14:29:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=21587; q=dns/txt; s=iport; t=1459546155; x=1460755755; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=W73FyA6eIwz+tfnYr9jw5O4T+4GSwasDmZLa1mNCgY8=; b=IMzvxgJ2S5NycI/q7aNZnjbw41pc4hw7WlID0pdeQ9nut/qcUtvqvEkV AlNkzBheHZZZFCdHhPp04K42vxnxHlnvtpTeLtfo/9j44pUxSqZP0rtJU iJqengmGHFHLKCpuCCyTZbmeOTyhuWO3sf3hyZLzHQv3cFJaAzyJRKmNA s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0C8BADI5v5W/xbLJq1dgnWBH30GtiCGbxcBCYVsAhyBdwEBAQEBAWYnhEEBAQEEAQEBIEsLEAIBCBEDAQIoAwICAiULFAkIAQEEAQ0FiCcOsyuRFgEBAQEBAQEBAQEBAQEBAQEBAQEBAREEiWV/hFQKDYJTglYFkxWEZAGOB4FmhE2DKIUyjxcBYoNnbIdofgEBAQ
X-IronPort-AV: E=Sophos;i="5.24,428,1454976000"; d="scan'208,217";a="634937293"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 01 Apr 2016 21:29:12 +0000
Received: from XCH-RTP-015.cisco.com (xch-rtp-015.cisco.com [64.101.220.155]) by aer-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id u31LTBq2018903 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 1 Apr 2016 21:29:12 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-015.cisco.com (64.101.220.155) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Fri, 1 Apr 2016 17:29:10 -0400
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1104.009; Fri, 1 Apr 2016 17:29:10 -0400
From: "Acee Lindem (acee)" <acee@cisco.com>
To: Robert Raszuk <robert@raszuk.net>, Eric C Rosen <erosen@juniper.net>
Thread-Topic: [Idr] [bess] draft-rosen-mpls-rfc3107bis
Thread-Index: AdGF3GeY7oYpWXlDQPavaGqQ0wDeuZ9p2nRA4KMbRwCAAD1GgP//zzqA
Date: Fri, 01 Apr 2016 21:29:10 +0000
Message-ID: <D3245FC2.56368%acee@cisco.com>
References: <3515_1458832652_56F4050B_3515_774_1_53C29892C857584299CBF5D05346208A0F819B1E@OPEXCLILM21.corporate.adroot.infra.ftgroup> <56F42E71.9020201@juniper.net> <9656_1458905159_56F52047_9656_7014_1_53C29892C857584299CBF5D05346208A0F81AAA7@OPEXCLILM21.corporate.adroot.infra.ftgroup> <56FEA566.8070605@juniper.net> <CA+b+ERn-h1nCwL9_iej5VUNcSnUwiQ07WRc7ZnkeW5U3XELx6w@mail.gmail.com>
In-Reply-To: <CA+b+ERn-h1nCwL9_iej5VUNcSnUwiQ07WRc7ZnkeW5U3XELx6w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.152.196]
Content-Type: multipart/alternative; boundary="_000_D3245FC256368aceeciscocom_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/g6Y6zEkctOYvS-ADeL9HWaXbV3c>
Cc: Bruno Decraene <bruno.decraene@orange.com>, "idr@ietf.org" <idr@ietf.org>, BESS <bess@ietf.org>, "mpls@ietf.org" <mpls@ietf.org>
Subject: Re: [Idr] [bess] draft-rosen-mpls-rfc3107bis
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Apr 2016 21:29:25 -0000

Hi Robert,

I think this would defeat the purpose of clarifying RFC 3101 multi-label behavior in a BIS draft. Let’s see if we can reach consensus first.

Thanks,
Acee

From: Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>> on behalf of Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>
Date: Friday, April 1, 2016 at 4:23 PM
To: Eric C Rosen <erosen@juniper.net<mailto:erosen@juniper.net>>
Cc: Bruno Decraene <bruno.decraene@orange.com<mailto:bruno.decraene@orange.com>>, "mpls@ietf.org<mailto:mpls@ietf.org>" <mpls@ietf.org<mailto:mpls@ietf.org>>, BESS <bess@ietf.org<mailto:bess@ietf.org>>, IDR List <idr@ietf.org<mailto:idr@ietf.org>>
Subject: Re: [Idr] [bess] draft-rosen-mpls-rfc3107bis

Hi Eric,

I have read your proposed draft as well as watched this thread with a bit of an interest.

To me the best compromise - which is to agree with Bruno's points as well as address your intentions is simply to request new SAFI for 3107bis.

From the draft you are really not updating 3107 base spec but obsoleting it which to me looks like a bad idea.

You are even requesting to remove IANA reference to original spec. How would IANA know when is it safe to do that .. meaning when all implementations will not suddenly support and all deployments will enable 3107bis ?

New SAFI requires a new capability which you are asking for anyway.

As far as implementations please keep in mind very important point that some implementations treat SAFI 1 & 4 in single table and some in separate tables. That when mixed with 3107bis may just explode if not in new set of bugs then with operational nightmare. While we are at this it would be much cleaner to mandate in the new spec to have 3107bis always to use separate tables as compared with from SAFI 1.

Thx,
Robert.

PS.

As we all know 3107(bis) tries to add NNI to MPLS. However it must be very well stated that this is only one deployment option for interdomain encapsulation. I would very much like to see a section indicating that IPv6 or/and IPv4 be used as an alternative encap for those applications which require it and when needed provide local bindings between intradomain MPLS and interdomain IP.


On Fri, Apr 1, 2016 at 6:44 PM, Eric C Rosen <erosen@juniper.net<mailto:erosen@juniper.net>> wrote:
On 3/25/2016 7:25 AM, bruno.decraene@orange.com<mailto:bruno.decraene@orange.com> wrote:
I'm quite sure you have deployed  implementations, from several
prominent vendors, that will not properly handle this case.
I'm waiting for this/these implementation(s) to make a public statement in this thread / IETF WGs. Then we can discuss whether the issue comes from RFCF3107 or from the implementation.
If none make a public statement, we should assume that all implementations are capable of receiving multiple labels, as per RFC 3107.
I strongly disagree with this.  We should not ignore the facts just because you don't like the way the facts were gathered.

A better approach would be to have operators state whether they have any deployments in which the "multiple labels" feature is used in a multi-vendor environment.  It is very useful when working on a "bis" draft to determine which features have been proven to work in a multi-vendor environment and which have not.

Any non-compliant implementation may create interoperability issues and unpredictable results.
 From an IETF standpoint, the question is whether a RFC 3107 implementation would create interoperability issues, up to shutting down the BGP session.

There are deployed 3107 implementations which always assume that the NLRI contains a single label.  If you tried to interwork these with 3107 implementations that send multiple labels , you will experience the kind of disruption.  3107bis tries to allow the use of multiple labels while preventing this sort of disruption from occurring.

If you mean that some non-compliant implementation do not work, well let's fix them.

The situation is that there is a commonly deployed "bug" in old implementations, but it is not seen because the bug is in a feature that no one has been using.  If new implementations use that feature, the bug will be seen, and network disruption will occur. One could say "fix all the old implementations", but it seems wiser to have new implementations avoid tickling the bug.   The Capability is not proposed  for the purpose of helping the vendors, it's there to help the operators.

I'm not sure why you think there would be BGP session drops due to 3107bis; if a 3107 implementation sends multiple labels to a 3107bis implementation, I think the 3107bis implementation would do "treat-as-withdraw" rather than "drop the session".

Perhaps a reasonable approach for 3107bis would be the following:

- A 3107bis implementation will not send multiple labels to a peer unless the Capability has been received from that peer.  (This prevents 3107bis implementations from tickling the 'bug' in 3107 implementations.)

- A 3107bis implementation will accept multiple labels from a peer even in the absence of the Capability.

Another approach would be to have a knob that determines whether the Capability needs to be used before multiple labels are advertised.


_______________________________________________
BESS mailing list
BESS@ietf.org<mailto:BESS@ietf.org>
https://www.ietf.org/mailman/listinfo/bess