Re: [Dime] Last Call: <draft-ietf-dime-agent-overload-08.txt> (Diameter Agent Overload and the Peer Overload Report) to Proposed Standard

Misha Zaytsev <misha.zaytsev.rus@gmail.com> Wed, 18 January 2017 18:40 UTC

Return-Path: <misha.zaytsev.rus@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E5E4129556; Wed, 18 Jan 2017 10:40:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dSXW8KHmcl51; Wed, 18 Jan 2017 10:40:04 -0800 (PST)
Received: from mail-lf0-x243.google.com (mail-lf0-x243.google.com [IPv6:2a00:1450:4010:c07::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 28CDA129555; Wed, 18 Jan 2017 10:40:04 -0800 (PST)
Received: by mail-lf0-x243.google.com with SMTP id q89so2955373lfi.1; Wed, 18 Jan 2017 10:40:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=0qo9hsQ+6q3D3Huvy65ivN6XGB2jtRNrquGtrMRQLak=; b=VVZjFz7N8Fax/Ft3O3t57yjARkfUXRZ1mkeMdgE+hBh+cNfskbxv3cM8GUb9+zjOjT uOy7gjWgMNLB4cT1vd611hEmp+3RrNLsK0SsdsMdWLYxUdLZxaMJ4pHEgsiBrWAK2X9P O/XtKaNeWd55Rfa2O6qcecOI7WM/tNa3m5bwm0cCg23EcoUZYqtJvBWc/1JJAacN9zw8 qQsTWUldaOjtUzeq5mGv41OfoOGXch4qtSHSY5OrSStKFzw508XX4qBE+RpPzkx2UGvR ZNmpKME8Nq5Y7NSxNgkrnny/cWly6yrSKUzlxOmONKamoryEjsVI1VxF59HGH+YltFo+ xHMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=0qo9hsQ+6q3D3Huvy65ivN6XGB2jtRNrquGtrMRQLak=; b=nVLZlaN2542Ap3hhgweFdpgxGgFwHXnh5CVJlM29Rqw9wLJVn31XUosQTvXyyKq/M3 goXdKjfj6tALGbl6UtwOMfR00B6HIUPRpUQcLhtuMWOLK27AHdKoy1QjgbweuD+9RnuM wLhi7Qk9xanCwdB5uwqctlyLth+1dKQqxywNoVVTVU+drHHltezVmoM7yqKI2+lOU32i ZlFs8rwFRtBoeF+AwXmV725sctwHYrWEuZLzPsNXmyPVFrx7A/3OZXEH0OtaEMqsG3Dv q8RIbc9n3BEj7RuFJ9SvoGcz+UEQAi1jFsGR2UuE3OfOMchCYXg/e1C2YCqpjJJtMflZ Y3IA==
X-Gm-Message-State: AIkVDXLFDAgovcr6s8OjNQv4t8EDxAcUW/j4ZMknBmxKs2m5chEs1A9D1a2w+ECqzM1gaz5AVAOkhfbUGnmM+Q==
X-Received: by 10.46.1.153 with SMTP id f25mr2171171lji.47.1484764802103; Wed, 18 Jan 2017 10:40:02 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.228.12 with HTTP; Wed, 18 Jan 2017 10:40:01 -0800 (PST)
In-Reply-To: <CABPQr26jB94UCE+PcMh29PC+_=zxuTac4j-JMcuBKFYvWYPjDA@mail.gmail.com>
References: <148397251720.24904.6589163339967252298.idtracker@ietfa.amsl.com> <CABPQr26jB94UCE+PcMh29PC+_=zxuTac4j-JMcuBKFYvWYPjDA@mail.gmail.com>
From: Misha Zaytsev <misha.zaytsev.rus@gmail.com>
Date: Wed, 18 Jan 2017 21:40:01 +0300
Message-ID: <CABPQr26fqoUcPq030iDJaa3x6h6rngBXXV=JnnHn1vkg6SAmnw@mail.gmail.com>
Subject: Re: [Dime] Last Call: <draft-ietf-dime-agent-overload-08.txt> (Diameter Agent Overload and the Peer Overload Report) to Proposed Standard
To: ietf@ietf.org
Content-Type: multipart/alternative; boundary=001a1142be3c9abcfb054662bed1
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/NtC9cwiJFmKVy1SMHlCpfZJ-6dk>
Cc: dime-chairs@ietf.org, dime@ietf.org, draft-ietf-dime-agent-overload@ietf.org, IETF-Announce <ietf-announce@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jan 2017 18:40:10 -0000

Hi All,

As promised here is the second part of the comments (numbering is kept):

17. section 5.2.3, 5.2.4 (and further if applicable)

Why not to use "active OCS" instead of "existing OCS" or "existing overload
conditions"?
Just to be inline with the RFC7683 this draft is extending...

18. section 5.2.4

What is meant here? Especially "other overload reporting node behaviors".
For me it says about all and about nothing at the same time. Please clarify

The reporting agent must follow all other overload reporting node
   behaviors outlined in the DOIC specification.


19. section 5.2.5

Seems to be a little bit grammatically incorrect, "on" -> "to"

If the request matches an active OCS then the reacting node MUST
   apply abatement treatment *to *the request.

Maybe "error response" sounds better than just an "error" in this case:

... agent MUST send an appropriate error response as defined in [RFC7683].

Seems to be wrongly phrased:

 ... then *abatement *associated with the overload *abatement *MUST be
ended in a
   controlled fashion.


20. section 6

I do not know why but I do not like the following wording:

... used as part of the CER/CEA base Diameter capabilities exchange.


Probably this version is better:

... used as part of the Diameter Capabilities Exchange procedure
defined in [RFC6733].


21. section 6.1.1

The peer report feature defines a new feature bit *that (?)*is added
for the OC-Feature-Vector AVP.


22. section 6.2, similar to comment#16

In the section 5.1.2 it says the following:

When receiving a request a DOIC node that supports the OC_PEER_REPORT
   feature MUST update transaction state with *an indication of whether
   or not the peer from which the request was received supports the
   OC_PEER_REPORT feature.*

      Note: The transaction state is used when the DOIC node is acting
      as a peer-report reporting node and needs send OC-OLR reports of
      type PEER_REPORT in answer messages.  The peer overload reports
      are only included in answer messages being sent to peers that
      support the OC_PEER_REPORT feature.

So, my gut feeling is that it means that peer report can't be sent thru a
non-supporting agent???
If I'm wrong, please clarify that.

Also, just several updates in wording + corrected misprints.

The overload report MUST also include the Diameter identity of the
   agent that generated the report.  This is necessary to handle the
   case where there is a non*-*supporting agent between the reporting node
   and the reacting node.  Without the indication of the agent that
   generated the overload *report*, the reacting node could erroneously
   assume that the report applied to the non-supporting node.  This
   could, in turn, result in unnecessary traffic being either
   *diverged* or throttled.


23. section 6.3 "SourceID" -> "SourceID AVP" in the section header.

Seems to be all from my side, but probably I have still missed something.
Anyway, I'm ready to re-check the new version of the draft when available.

Best regards,

/Misha

2017-01-17 23:23 GMT+03:00 Misha Zaytsev <misha.zaytsev.rus@gmail.com>om>:

> Hi All,
>
> Here are my comments/questions to an agent overload draft.
> This the first part. Later on I will complete my review and send out the
> second portion of the comments.
>
> 1. section 1 (editorial) removed "is" before "feasible".
>
> In the base specification, the goal is to handle abatement of the
>    overload occurrence as close to the source of the Diameter traffic as
>    feasible.
>
>
> "scenaios" -> "scenarios"
>
> The Peer overload report type is
>    defined in a generic fashion so that it can also be used for other
>    Diameter overload *scenarios*.
>
>
> 2. section 3.1.1 (editorial) replaced "were"-> "was"
>
> In both of these cases, the occurrence of overload in the single
>    agent must by handled by the client in a similar fashion as if the
>    client *was* handling the overload of a directly connected server.
>
>
> 3. section 3.1.1 (question)
>
> An appropriate error response is sent back to the originator
>    of the request.
>
> Who sends "an appropriate" error response" in this case?
>
> 4. section 3.1.2 (editorial) changed "to"->"the"
>
> When the client has an active and a standby connection to the two
>    agents then an alternative strategy for responding to an overload
>    report from an agent is to change *the *standby connection to active and
>    route all traffic through the new active connection.
>
>
> 5. section 3.1.3 (editorial)
>
> An example of this type of deployment include*s* when there are Diameter
>    agents between administrative domains.
>
> 6. section 3.1.3
>
> There is no section 2.2. I guess section 3.1.2 was meant here, right?
>
> Handling of overload of one or both of agents a11 or a12 in this case
>    is equivalent to that discussed in section 2.2.
>
>
> 7. section 3.2.1
>
> It is not clear which usage scenario is meant here.
>
>    It is envisioned that abatement algorithms will be defined that will
>    support the option for Diameter Endpoints to send peer reports.  For
>    instance, it is envisioned that one usage scenario for the rate
>    algorithm, [I-D.ietf-dime-doic-rate-control], which is being worked
>    on by the DIME working group as this document is being written, will
>    involve abatement being done on a hop-by-hop basis.
>
>
> 8. section 4
>
> Why is throttling to be applied and not diversion (like in case of
> redundant agents)?
>
> In this scenario the reacting node should first handle the throttling of the
>    overloaded host or realm.
>
> "LOSS" Is it a new type defined in the scope of this draft?
>
> Note: The goal is to avoid traffic oscillations that might result
>       from throttling of messages for both the HOST/REALM overload
>       reports and the PEER overload reports.  This is especially a
>       concern if *both reports are of type LOSS*.
>
>
> 9. section 5.1.1
>
> Probably it is better to describe OC_PEER_REPORT feature in section 5.1?
> Otherwise, it is used as a well-known one while it is the first place
> where it is mentioned.
>
> Also I think it is better to add more specific in this draft related to
> peer report handling:
> - define Peer Report Reacting Node and Peer Report Reporting Node terms
> explicitly and use them through the draft and especially starting from
> section 5.1
> - add "Peer Report" prefix to all the described procedures
> Example: Capability Announcement -> Peer Report Capability Announcement
>
> 10. section 5.1.1/general
>
> "DiameterIdentity" and "Diameter identity"
> My proposal is to use one term through the spec.
>
> Under "DOIC node", an agent is meant here?
>
>  When an agent relays a request that includes a SourceID AVP in the
>    OC-Supported-Features AVP, a DOIC node that supports the
>    OC_PEER_REPORT feature MUST remove the received SourceID AVP and
>    replace it with a SourceID AVP containing its own Diameter identity.
>
>
> My proposal is to use peer report reacting node here re-phrasing this
> statement below in the following way:
>
>  When relaying a request that includes a SourceID AVP in the
>    OC-Supported-Features AVP, a peer report reacting node MUST remove the received SourceID AVP and
>    replace it with a SourceID AVP containing its own DiameterIdentity.
>
> 11. section 5.1.2
>
> added the missed "to"
> changed "PEER_REPORT"-> "PEER"
>
> Note: The transaction state is used when the DOIC node is acting
>       as a peer-report reporting node and needs *to *send OC-OLR reports of
>       type *PEER *in answer messages.  The peer overload reports
>       are only included in answer messages being sent to peers that
>       support the OC_PEER_REPORT feature.
>
>
> "Diameter ID" term is not clarified anywhere.
> Re-phrased the appropriate statement a little bit, changed "Diameter
> ID"->"value"
> Also there are other places in the draft where "Diameter ID" term is used.
>
> The peer supports the OC_PEER_REPORT feature if the received request
>    contains an OC-Supported-Features AVP with the OC-Feature-Vector with
>    the OC_PEER_REPORT feature bit set and with a SourceID AVP with a
>    value that matches the DiameterIdentity of the peer from which
>    the request was received.
>
>
> Agent is meant under "reporting node" here?
>
> Should not SourceID AVP not just stripped from the relayed answer, but
> replaced with the SourceID AVP containing the DiameterIdentity of the agent
> supporting OC_PEER_REPORT feature?
>
> When an agent relays an answer message, a reporting node that
>    supports the OC_PEER_REPORT feature MUST strip any SourceID AVP from
>    the OC-Supported-Features AVP.
>
>
> Hard to follow what was wanted to say here:
> Corrected the statement, but this is just my best guess.
>
> The OC-Peer-Algo AVP MUST indicate the overload abatement
>    algorithm that the reporting node wants the reacting nodes to use
>    *when *the reporting node send*s* a peer overload report as a result of
>    becoming overloaded.
>
>
> Should not we add a separate if- statement for the case when the peer does
> not support OC_PEER_REPORT feature when sending an answer message?
>
> 12. section 5.1.1 and 5.1.2
>
> Probably it is more helpful to illustrate OC_PEER_REPORT feature CA using
> sequence diagrams like in the load info conveyance draft.
>
> 13. general.
>
> What about to use the writing for the same terms through the spec?
> Example1: "DOIC node" and "DOIC Node"
> Example2: "peer-report reporting node" and "peer report reporting node"
>
> 14. section 5.2.1.2, 5.2.2, 5.2.3 and general
>
> "peer-type OCS" and "peer report OCS" define the same term?
> Why not to use only one?
>
> Another example: "peer report" and "peer report-type" and "report of type
> PEER"
>
> 15. section 5.2.3
>
> Probably it is better to re-phrase this statement a little bit + corrected
> the misprints.
>
> If a *peer report* reacting node receives an OC-OLR AVP of type peer and the
> SourceID matches the *DiameterIdentity *of the peer from which the *report*
> was received then the report was *generated *by the peer.
>
>
> Similar comment + corrected misprints for the next statement:
>
> If a peer report reacting node receives an OC-OLR AVP of type peer and the
> SourceID does not match the *DiameterIdentity *of the peer from which the*report *was received then the reacting node MUST ignore the overload
> report.
>
>
> Also I think it is useful to use one wording for the same term:
> "Peer Report OLR", "OC-OLR AVP", "OLR"
> Let's use a generic one "peer report"?
>
> Just minor comment: "the existing..." and "a new overload condition" for
> all occurrences if my English is correct.
>
> 16. section 5.2.3
>
> How may it happen that peer report reacting node receives a peer report
> not from the peer that generated it?
> Peer reports can be sent only to peer report reacting node, right? And
> peer reports are not relayed, right?
>
> Best regards,
>
> /Misha
>
>
> 2017-01-09 17:35 GMT+03:00 The IESG <iesg-secretary@ietf.org>rg>:
>
>>
>> The IESG has received a request from the Diameter Maintenance and
>> Extensions WG (dime) to consider the following document:
>> - 'Diameter Agent Overload and the Peer Overload Report'
>>   <draft-ietf-dime-agent-overload-08.txt> as Proposed Standard
>>
>> The IESG plans to make a decision in the next few weeks, and solicits
>> final comments on this action. Please send substantive comments to the
>> ietf@ietf.org mailing lists by 2017-01-23. Exceptionally, comments may be
>> sent to iesg@ietf.org instead. In either case, please retain the
>> beginning of the Subject line to allow automated sorting.
>>
>> Abstract
>>
>>
>>    This specification documents an extension to RFC 7683 (Diameter
>>    Overload Indication Conveyance (DOIC)) base solution.  The extension
>>    defines the Peer overload report type.  The initial use case for the
>>    Peer report is the handling of occurrences of overload of a Diameter
>>    agent.
>>
>> Requirements
>>
>>
>>
>> The file can be obtained via
>> https://datatracker.ietf.org/doc/draft-ietf-dime-agent-overload/
>>
>> IESG discussion can be tracked via
>> https://datatracker.ietf.org/doc/draft-ietf-dime-agent-overload/ballot/
>>
>>
>> No IPR declarations have been submitted directly on this I-D.
>>
>>
>> The document contains these normative downward references.
>> See RFC 3967 for additional information:
>>     draft-roach-dime-overload-ctrl: A Mechanism for Diameter Overload
>> Control (None - )
>> Note that some of these references may already be listed in the
>> acceptable Downref Registry.
>>
>>
>> _______________________________________________
>> DiME mailing list
>> DiME@ietf.org
>> https://www.ietf.org/mailman/listinfo/dime
>>
>
>