RE: Re: FW: [PWE3] Last Call: <draft-ietf-pwe3-mpls-tp-gal-in-pw-01.txt> (Using the Generic Associated Channel Label for Pseudowire in MPLS-TP) to Proposed Standard

Yaakov Stein <yaakov_s@rad.com> Mon, 05 September 2011 11:45 UTC

Return-Path: <yaakov_s@rad.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB96D21F8B3E; Mon, 5 Sep 2011 04:45:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.498
X-Spam-Level:
X-Spam-Status: No, score=-102.498 tagged_above=-999 required=5 tests=[AWL=0.099, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id njHyrToGKzGH; Mon, 5 Sep 2011 04:45:52 -0700 (PDT)
Received: from antivir1.rad.co.il (antivir1.rad.co.il [62.0.23.193]) by ietfa.amsl.com (Postfix) with ESMTP id 5F43021F8B21; Mon, 5 Sep 2011 04:45:49 -0700 (PDT)
Received: from exrad5.ad.rad.co.il ([192.114.24.28]) by antivir1.rad.co.il with ESMTP; 05 Sep 2011 14:47:32 +0300
Received: from EXUS4-DRP.ad.rad.co.il (192.114.24.119) by EXRAD5.ad.rad.co.il (192.114.24.28) with Microsoft SMTP Server (TLS) id 14.1.323.3; Mon, 5 Sep 2011 14:47:31 +0300
Received: from EXRAD5.ad.rad.co.il ([192.114.24.28]) by exus4-drp.ad.rad.co.il ([fe80::5d6f:c2cb:2468:ee2%14]) with mapi id 14.01.0323.003; Mon, 5 Sep 2011 14:47:31 +0300
From: Yaakov Stein <yaakov_s@rad.com>
To: "stbryant@cisco.com" <stbryant@cisco.com>, IETF discussion list <ietf@ietf.org>
Subject: RE: Re: FW: [PWE3] Last Call: <draft-ietf-pwe3-mpls-tp-gal-in-pw-01.txt> (Using the Generic Associated Channel Label for Pseudowire in MPLS-TP) to Proposed Standard
Thread-Topic: Re: FW: [PWE3] Last Call: <draft-ietf-pwe3-mpls-tp-gal-in-pw-01.txt> (Using the Generic Associated Channel Label for Pseudowire in MPLS-TP) to Proposed Standard
Thread-Index: AQHMaL19/jB74FlLRUe9C+6BLHTV1ZU+af0AgAA8kKA=
Date: Mon, 05 Sep 2011 11:47:31 +0000
Message-ID: <07F7D7DED63154409F13298786A2ADC903FAD3EF@EXRAD5.ad.rad.co.il>
References: <4E5FA760.8050500@cisco.com> <4E64A4DA.8000107@g3ysx.org.uk>
In-Reply-To: <4E64A4DA.8000107@g3ysx.org.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.17.170.37]
Content-Type: multipart/alternative; boundary="_000_07F7D7DED63154409F13298786A2ADC903FAD3EFEXRAD5adradcoil_"
MIME-Version: 1.0
Cc: "pwe3@ietf.org" <pwe3@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Sep 2011 11:45:56 -0000

Stewart

I will answer your specific questions below.

I have no specific objection to the new text that you proposed on the PWE3 list :

   In MPLS-TP, the GAL MUST be used with packets on a G-ACh on

   LSPs, Concatenated Segments of LSPs, and with Sections, and

   MAY be used with PWs. The presence of a GAL indicates that

   an ACH immediately follows the MPLS label stack.
as it has become so generic (does not explain where the GAL is placed) as to be noncontroversial.
However, please be aware that this simply postpones the true discussion.

I would still like the wording

   According to the MPLS-TP requirement document [RFC5654], it is

   necessary that MPLS-TP mechanisms and capabilities be able to

   interoperate with the existing IETF MPLS [RFC3031] and IETF PWE3

   [RFC3985] architectures appropriate.
to be removed, as I believe that it does not correctly describe the purpose of this draft.
It should be replaced with the text that appears further on

   The inconsistency between the usage of the GAL with MPLS PWs and

   MPLS-TP PWs may cause unnecessary implementation differences and is

   in disagreement with the MPLS-TP requirements.

Please see a few more remarks interleaved below.

Y(J)S


-------- Original Message --------
Subject:

Re: FW: [PWE3] Last Call: (Using the Generic Associated Channel Label for Pseudowire in MPLS-TP) to Proposed Standard

Date:

Thu, 01 Sep 2011 16:40:16 +0100

From:

Stewart Bryant <stbryant@cisco.com><mailto:stbryant@cisco.com>

Reply-To:

stbryant@cisco.com<mailto:stbryant@cisco.com>

To:

Yaakov Stein <yaakov_s@rad.com><mailto:yaakov_s@rad.com>

CC:

ietf@ietf.org<mailto:ietf@ietf.org> <ietf@ietf.org><mailto:ietf@ietf.org>

...
However, you did not address my other final comment that a PW that starts in an MPLS-TP domain,
can easily leak into a non-TP domain.
What does one do then ?
That is a general issue rather than a TP issue.
When you get to the PW label and you would find that it was not BOS.
If you you are not running FAT that that is a detectable.
If you are running FAT the presence of the GAL (which is not an
allowed FAT label) is also a detectable.

[YJS] I believe the simultaneous use of FAT and GAL is ruled out by the TP framework document.
...

You say:

"Bottom of stack has been the label position of the PW label for many years,

and this position is mandated by multiple RFCs, e.g. 3985 and 4447

   Note that the PW label must always

   be at the bottom of the packet's label stack."



That is no longer true with the introduction of FAT.



[YJS]

As you know I proposed an alternative mechanism,

however, in any case the FAT case is different from the GAL.



Each load balanced flow label is actually a "partial-PW' and thus the flow label is a type of PW label,

albeit a PW carrying only a subset of the user flows that exist in the original PW.



On the other hand the GAL is a modifier, meaning that the rest of the payload has a different format.


Then you say:


"Present PW implementations receiving the PW label with stack bit cleared,

and a GAL at the bottom position will choke and, at best, discard the packet.

At worst, the GAL may coincide with a legitimate PW label, and the customer will be

flooded with garbage."



Your first case is sort of correct - the packet should be silently

discarded as it was clearly not intended for that PW - but it had

better not choke as this would be an attack vector.



[YJS] By "choke" I meant either discard or flood the impersonated PW with what it believes to be VCCV packets.



You second case cannot happen because a GAL is a reserved label and

a reserved label can never be a legitimate PW label.



[YJS]

My second case CAN happen (I expected this question).

Please remember that before MS-PWs were proposed, PW labels were never considered "real" MPLS labels,

and many implementations did not religiously apply the MPLS restrictions to them.



Stewart



[YJS]



I DO have a proposal that is completely consistent with the goals of this draft AND the PWE RFCs.

The GAL can be placed in one of 2 positions

1)      ABOVE the PW label (just as the router alert is placed above the PW label in VCCV Type 2)

2)      INSTEAD of the PW label (thus making a single "OAM PW", reducing the OAM load)

Note 1 - this is essentially the same as using the GAL for the MPLS tunnel into which the PWs are placed.

Note 2 - this is close to my original proposal for PW OAM, that was abandoned when VCCV "per-PW OAM" won out.