Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bfd-geneve-12
Donald Eastlake <d3e3e3@gmail.com> Wed, 16 August 2023 20:44 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: int-dir@ietfa.amsl.com
Delivered-To: int-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB399C151524; Wed, 16 Aug 2023 13:44:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.855
X-Spam-Level:
X-Spam-Status: No, score=-1.855 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r_oQewrNf2Tu; Wed, 16 Aug 2023 13:44:37 -0700 (PDT)
Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF6B4C14CE5F; Wed, 16 Aug 2023 13:44:37 -0700 (PDT)
Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-52256241c50so9444656a12.3; Wed, 16 Aug 2023 13:44:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692218676; x=1692823476; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=aofo4TAarCpLio2ZLrll9/UNUh1x7oIidka6Ld6HQKY=; b=XD0EPgji7V7fwaOnyEiL4i3vNbZMgRAqxabBbFxn1Qr1MBYh/oxRYshPweqTII6vcq 9BXqgpz/6P6u2ydlfMOfXo2YpGiQrACW5nYL30zEItCXierBaPAvAJO/uVii0DPAYtuL NpjTzdyY10EYXkU1FD8HuvbDNTUcPVqUGSQXhXKKKd1h0bNOrX2zSza6/CsJ+o/Hrdf8 xQvxP0DO9oLStvgMo3qyAVefizseQVbt0W0fMp6jQ04pj/YZhCpfCzQ90h42MVpl+JxI jMXkwOeeCHgwoz1QNb0os3y/NQ31fDDftcNj79JWlb9Y1eKY4PhNcThpPdvddpuAXCD8 mprg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692218676; x=1692823476; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aofo4TAarCpLio2ZLrll9/UNUh1x7oIidka6Ld6HQKY=; b=fDSY6lISsHV4PDdbj/slvNsd9yUIxS0i4jCpeujl7CBRaPJRsOo6EuGCbUZsgZfBN+ 2Y40YvX3veGZatiW3np5BYP+Ojt00fEHZOLKKuvZIjU3Bu4DAGwOqffbgLOVNmBhrVB0 jbgbd6uK41zCjD2lVggAV1k0MSfqyoxnNaAI1EzCjodtvhlXbMDcBE2zlLPeMpPQhrsu qjXH3yVajjF8dhuTkrsFFdVFJRH6FMFxJD5scq5md4bJaEW9ZVS42JtAWYKZUHmjBjPZ ob5DSLuSo7xBMl1wWv//NhFMAEP9OFZWTvfPEPRF9nPc0/NjND/+sqsgUQaq2bQoN8z+ 3FsA==
X-Gm-Message-State: AOJu0YzLFZn/YHLS9EZk/l53weXEQA81N821bumMeuEHrPU1VmM3QGPO vJJzBxjaOtakSnj7WJKEfdoxoqZ3iO9Yk20/55o=
X-Google-Smtp-Source: AGHT+IHhsNXMf6SH/Eh+U7eYJjhgEEhk3R/MYz8S4Vjywx7rPDrQQ7C3S1Iqp15XVqSZi4AJiBZy5KVXEbiwGaCpILA=
X-Received: by 2002:a05:6402:895:b0:523:19f0:8199 with SMTP id e21-20020a056402089500b0052319f08199mr2856422edy.11.1692218675974; Wed, 16 Aug 2023 13:44:35 -0700 (PDT)
MIME-Version: 1.0
References: <CAF4+nEG39egEFAaRQtkO6rqoyPqk2bVnfxAZHB_jWHMX7VzKgA@mail.gmail.com> <202308151629487438275@zte.com.cn>
In-Reply-To: <202308151629487438275@zte.com.cn>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Wed, 16 Aug 2023 16:44:24 -0400
Message-ID: <CAF4+nEHU5xOAMoydJkRX1w=D+oar2pLVVBxC=en-UZ5mW-H_iQ@mail.gmail.com>
To: xiao.min2@zte.com.cn
Cc: int-ads@ietf.org, draft-ietf-nvo3-bfd-geneve.all@ietf.org, int-dir@ietf.org, nvo3-chairs@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-dir/Gd_qskKEnVcQd0ZOvLMdiXHCarg>
Subject: Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bfd-geneve-12
X-BeenThere: int-dir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This list is for discussion between the members of the Internet Area directorate." <int-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-dir>, <mailto:int-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-dir/>
List-Post: <mailto:int-dir@ietf.org>
List-Help: <mailto:int-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-dir>, <mailto:int-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Aug 2023 20:44:41 -0000
Xiao Min, On Tue, Aug 15, 2023 at 4:30 AM <xiao.min2@zte.com.cn> wrote: > > Hi Donald, > > Thanks for your review and thoughtful comments. > Please see inline. > > Original > From: DonaldEastlake <d3e3e3@gmail.com> > To: int-ads@ietf.org <int-ads@ietf.org>;draft-ietf-nvo3-bfd-geneve.all@ietf.org <draft-ietf-nvo3-bfd-geneve.all@ietf.org>; > Cc: int-dir@ietf.org <int-dir@ietf.org>;nvo3-chairs@ietf.org <nvo3-chairs@ietf.org>; > Date: 2023年08月05日 19:23 > Subject: INTDIR Review of draft-ietf-nvo3-bfd-geneve-12 > I am an assigned INT directorate reviewer for > <draft-ietf-nvo3-geneve-12.txt>. These comments were written primarily > for the benefit of the Internet Area Directors. Document editors and > shepherd(s) should treat these comments just like they would treat > comments from any other IETF contributors and resolve them along with > any other Last Call comments that have been received. For more details > on the INT Directorate, see > https://datatracker.ietf.org/group/intdir/about/ > <https://datatracker.ietf.org/group/intdir/about/>. > > Based on my review, if I was on the IESG I would ballot this document > as DISCUSS. I have the following DISCUSS/ABSTAIN level issues: > > - I do not understand the second half of the last paragraph of Section > 1. It says: "BFD for Geneve MUST be used within a TMCE unless BFD is > congestion controlled." But then seems to specify that it be > congestion controlled inside a TMCE. Would it be simpler to say that > BFD for Geneve must always be congestion controlled, if that is what > is intended? > [XM]>>> The last paragraph of Section 1 was introduced to address comments from Magnus Westerlund in his Tsvart last call review [1]. > > In Magnus's comments, it says > > "So I think there are two paths forward. Either restrict the applicability of > this usage to paths where it is known to have provisioned capacity for the BFD, > as noted as required in RFC 5881 applicability statement. The alternative is to > extend BFD to actually have a real congestion control." > > I agree with Magnus that "have provisioned capacity for the BFD" (as required in RFC 5881) and "a real congestion control" are two different things. > To avoid confusion, I propose to change the text as below. > > OLD > > BFD for Geneve MUST > be used within a TMCE unless BFD is congestion controlled. An > operator of a TMCE deploying BFD for Geneve is required to provision > the rates at which BFD is transmitted to avoid congestion and false > failure detection. > > NEW > > BFD for Geneve MUST > be used within a TMCE unless BFD is really congestion controlled. As an alternative to a real congestion control, an > operator of a TMCE deploying BFD for Geneve is required to provision > the rates at which BFD is transmitted to avoid congestion and false > failure detection. > > [1] https://mailarchive.ietf.org/arch/msg/nvo3/Gps8423YoowFB0lN2UudpLeGxHk/ OK. > - The wording in Section 4.1 first paragraph seems confusing and > > incomplete. (I believe this has been covered in other reviews.) > [XM]>>> Yes, this has been covered in John's review. > > > - In the first paragraph of Section 6: How can it be that both "Geneve > provides security" and "Geneve does not have any inherent security > mechanisms" ? > [XM]>>> Propose to change the text as below. > > OLD > > Geneve provides security between the peers and subject to the issue of overload described below. > > NEW > > Geneve (through IPsec, DTLS, or other means) provides security between the peers and subject to the issue of overload described below. I think you are talking about wrapping Geneve in IPSEC / DTLS / etc. I don't see how this is Geneve providing security. It's IPSEC / DTLS / etc. providing security for whatever their payload is including where that payload is something wrapped in Geneve. > The following are other issues I found with this document that SHOULD > be corrected before publication: > > - In section 4, the Inner Ethernet Header MAC addresses are in the > wrong order. The Destination MAC comes first, followed by the Source > MAC in an Ethernet header, the opposite of IP. > [XM]>>> OK. Propose to change the text as below. > > OLD > > Inner Ethernet Header:¶ > Source MAC: MAC address of a VAP of the originating NVE.¶ > Destination MAC: MAC address of a VAP of the terminating NVE. > > NEW > > Inner Ethernet Header:¶ > Destination MAC: MAC address of a VAP of the terminating NVE. > Source MAC: MAC address of a VAP of the originating NVE.¶ OK. > The following are minor issues (typos, misspelling, minor text > improvements) with the document: > > - Given the prominence of "tunnels" in the one sentence abstract, I > think it would be good to use that word in the first paragraph of the > Introduction. Possibly: "... an overlay network of tunnels by > decoupling ..." > [XM]>>> OK. Will make the change as you proposed. > > > - Section 1, last line of first paragraph on page 3: payload -> payloads > [XM]>>> I suspect you mean page 2, right? I'm pretty sure it's page 3: OLD Geneve and VXLAN [RFC7348] is that Geneve supports multi-protocol payload and variable length options. NEW Geneve and VXLAN [RFC7348] is that Geneve supports multi-protocol payloads and variable length options. > - Section 4.1, first paragraph: "Protocol Type" -> "Ethertype" > [XM]>>> As defined in Geneve Header, this field is called "Protocol Type", do I miss something? Probably better to maintain consistency. > - Section 5, last line: that -> when > [XM]>>> Considering "Management VNI" is outside the scope of this document, I propose to remove the last sentence, and change SHOULD to MUST. > > OLD > Virtual Network Identifier (VNI) field SHOULD be set to the VNI > number that the originating VAP is mapped to. One exception is > that the Management VNI is used. > > NEW > Virtual Network Identifier (VNI) field MUST be set to the VNI > number that the originating VAP is mapped to. > > Note that the same change applies to the last paragraph of Section 4. OK. > - Section 6, "not low" -> "high" > [XM]>>> OK. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e3e3@gmail.com > Best Regards, > Xiao Min
- [Int-dir] INTDIR Review of draft-ietf-nvo3-bfd-ge… Donald Eastlake
- Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bf… Eric Vyncke (evyncke)
- Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bf… xiao.min2
- Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bf… xiao.min2
- Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bf… Donald Eastlake
- Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bf… xiao.min2
- Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bf… Donald Eastlake
- Re: [Int-dir] [nvo3] INTDIR Review of draft-ietf-… xiao.min2
- Re: [Int-dir] INTDIR Review of draft-ietf-nvo3-bf… Eric Vyncke (evyncke)