Re: [Isis-wg] AD review of draft-ietf-isis-mi-bis-01

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Fri, 17 March 2017 18:39 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F017B1275AB; Fri, 17 Mar 2017 11:39:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.521
X-Spam-Level:
X-Spam-Status: No, score=-14.521 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J1IrKGSYW6wg; Fri, 17 Mar 2017 11:39:18 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81F1F1273E2; Fri, 17 Mar 2017 11:39:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=42804; q=dns/txt; s=iport; t=1489775958; x=1490985558; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=JmezsU+ZIOdInn1A7h9Bfg2kC8decRPJQ3vSrNYakg4=; b=l00Rztx11PFjJSug7uRsjH4A6Z4fqZxl7cqMhOh18FFHhLqGHSV3cYfo 9mkXQMtYGw09JxAGfqdxKblFUoGvwGBqeQM5HR8bavvkRF/0UjctFn+ML wERYQLsqHAzV2j6gmmGt5ZqtKog3MBNnZc7Dp/g6Kts+VtsU16oUGNcg4 k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CxAQDxK8xY/49dJa1dGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBgm45KmGBCgeDW4oPkVqIEo0wgg6GIgIagmY/GAECAQEBAQEBAWs?= =?us-ascii?q?ohRUBAQEBAx0GCkwQAgEGAg4DBAEBIQEGAwICAh8RFAkIAgQOBQgTiU0DFZRun?= =?us-ascii?q?VuCJocxDYMJAQEBAQEBAQEBAQEBAQEBAQEBAQEBHYZOhG+CUYIaH4JQgl8Fj1u?= =?us-ascii?q?GJoYOOgGKIINwhCiCBI1ugUKIToISiHIBHziBBFgVhRgdgWN1iEqBDQEBAQ?=
X-IronPort-AV: E=Sophos;i="5.36,177,1486425600"; d="scan'208,217";a="219893416"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Mar 2017 18:39:16 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by rcdn-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id v2HIdHif015374 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 17 Mar 2017 18:39:17 GMT
Received: from xch-aln-001.cisco.com (173.36.7.11) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Fri, 17 Mar 2017 13:39:16 -0500
Received: from xch-aln-001.cisco.com ([173.36.7.11]) by XCH-ALN-001.cisco.com ([173.36.7.11]) with mapi id 15.00.1210.000; Fri, 17 Mar 2017 13:39:16 -0500
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Alia Atlas <akatlas@gmail.com>
CC: "isis-wg@ietf.org" <isis-wg@ietf.org>, "draft-ietf-isis-mi-bis@ietf.org" <draft-ietf-isis-mi-bis@ietf.org>
Thread-Topic: AD review of draft-ietf-isis-mi-bis-01
Thread-Index: AQHSnzW2SbE6C4ZbzUa6gBdVacKo6KGZTDKwgABdg4D//7GnsA==
Date: Fri, 17 Mar 2017 18:39:16 +0000
Message-ID: <ab82a1390bb84212a2c0ba7a6488b8ce@XCH-ALN-001.cisco.com>
References: <CAG4d1reSNUyDZwUN1tB4zJAJcfs40618_x5DpFofr99cQc3B0g@mail.gmail.com> <43be9b6ac3fa41708303a2a352360ab4@XCH-ALN-001.cisco.com> <CAG4d1reoNrr3hz7cw3CiXy2x9-mzERKxQ0rAXeqmQpgmQDMZ2w@mail.gmail.com>
In-Reply-To: <CAG4d1reoNrr3hz7cw3CiXy2x9-mzERKxQ0rAXeqmQpgmQDMZ2w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.83.223]
Content-Type: multipart/alternative; boundary="_000_ab82a1390bb84212a2c0ba7a6488b8ceXCHALN001ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/isis-wg/YglbtBly9t2BLTzixFSrgUjbRHI>
Subject: Re: [Isis-wg] AD review of draft-ietf-isis-mi-bis-01
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Mar 2017 18:39:21 -0000

Alia  -

From: Alia Atlas [mailto:akatlas@gmail.com]
Sent: Friday, March 17, 2017 11:13 AM
To: Les Ginsberg (ginsberg)
Cc: isis-wg@ietf.org; draft-ietf-isis-mi-bis@ietf.org
Subject: Re: AD review of draft-ietf-isis-mi-bis-01

Hi Les,

On Fri, Mar 17, 2017 at 1:57 PM, Les Ginsberg (ginsberg) <ginsberg@cisco.com<mailto:ginsberg@cisco.com>> wrote:
Alia –

Thanx for meticulous review.
Inline.

From: Alia Atlas [mailto:akatlas@gmail.com<mailto:akatlas@gmail.com>]
Sent: Friday, March 17, 2017 8:47 AM
To: isis-wg@ietf.org<mailto:isis-wg@ietf.org>; draft-ietf-isis-mi-bis@ietf.org<mailto:draft-ietf-isis-mi-bis@ietf.org>
Subject: AD review of draft-ietf-isis-mi-bis-01

As is customary, I have done my AD review of draft-ietf-isis-mi-bis-01.  First, I would like to thank the authors - Les, Stefano, and Wim - for their work on this document.

I do have a few minor issues that need to be fixed ASAP.   I will, however, go ahead and issue a 3 week IETF Last Call for it so that, if the authors act promptly, it can be on the April 13 telechat.


1) This draft pretty clearly should obsolete RFC 6822, but the header claims to merely
update it.

[Les:] OK

 2) Sec 2.6.2: " Point-to-point adjacency setup MUST be done through the use of the
         three-way handshaking procedure as defined in [RFC5303] in order to
         prevent a non-MI capable neighbor from bringing up an adjacency
         prematurely based on reception of an IIH with an IID-TLV for a non-
         zero instance."
     While obviously the 3-way handshake in RFC5303 is fine, given that different MAC addresses are used, I don't see how a non-MI capable neighbor would receive and process an IIH with an IID-TLV where IID != 0.

[Les:] Section 2.6.2 is only talking about true pt-pt media – hence MAC multicast addresses are not relevant. In Section 2.6.1 we discuss the case of operating in Pt-Pt mode on a broadcast circuit:

“When operating in point-to-point mode on a broadcast circuit
   [RFC5309]…”

Thanks - you are completely correct.


 3) In Appendix A:" Clarification that the IID-TLV is only included in Pt-Pt IIHs
   associated with non-zero instances has been added.  This addresses
   Errata ID #4519."
   In Sec 2.6.2, it says "The presence or absence of the IID-TLV in an IIH indicates that the
   neighbor does or does not support this extension, respectively.
   Therefore, all IIHs sent on a point-to-point circuit by an MI-RTR
   MUST include an IID-TLV.  This includes IIHs associated with IID #0." which is a direct
   contradiction and needed since the IID-TLV is used as a capability indication.  The
   simplest solution is to remove the claim from the Appendix.
[Les:] Again, you are confusing Pt-Pt media with Pt-Pt operation on a Broadcast media. Errata 4519 is concerned with Pt-Pt operation on a LAN – and some modest clarifications in Section 2.6.1 were made to more completely cover the latter case.
In the Pt-Pt operation on a LAN case it IS illegal to send IID-TLV in hellos for the zero instance – which Section 2.6.1 explicitly states.

Perhaps the Appendix should say:

“Clarification that when operating in point-to-point mode on a broadcast circuit the IID-TLV is only included in Pt-Pt IIHs
   associated with non-zero instances has been added. ..”

Will this address your concern?

Yes, I didn't go and look up Errata ID #4519 to catch the context of pt-to-pt on broadcast only.   That would make it more of a nit than a minor issue, of course.

This all does imply that:
   a) IIH with IID=0 is a capability advertisement for pt-to-pt links but not pt-to-pt on broadcast.
   b) It is never ok (discarded by receiver) to send an IIH with IID=0 on a pt-to-pt on broadcast.
   c) The capability indicator for being an MI-RTR on a pt-to-pt on broadcast link is whether or not the ALLL1MI-IS or ALLL2MI-IS is listened to or sent on.

I know there is real code and deployments behind this - but that's a bit confusing for trouble-shooting & it would be nice to have it more clearly articulated.
[Les:] From Section 2.6.1:

  MI-RTRs MUST discard IS-IS PDUs received if either of the following
   is true:

   o  The destination multicast address is AllL1IS, AllL2IS, or AllIS
      and the PDU contains an IID-TLV

   o  The destination multicast address is one of the two new addresses
      and the PDU contains an IID-TLV with a zero value for the IID or
      has no IID-TLV.

From Section 2.6.2:

   The presence or absence of the IID-TLV in an IIH indicates that the
   neighbor does or does not support this extension, respectively.
   Therefore, all IIHs sent on a point-to-point circuit by an MI-RTR
     MUST include an IID-TLV.  This includes IIHs associated with IID #0.

[Les:] I think this language is very precise.
It is true that operation in Point-to-point mode on a broadcast media is subtly different than operation on true P2P media – which is why we discuss the two in different sections.
??

4) In the IANA considerations, the references should be updated to point to this document, and most particularly if it obsoletes RFC 6822.

[Les:] Agreed. I did not think I had to state that – I assumed IANA would just do that – but I am happy to add a line in IANA section stating that all references to RFC 6822 should be updated to point to this document.

Yes - we need to do that.


Incidentally, on another reread (checking the above issues) is there a reason that
"The destination multicast address is one of the two new addresses
 and the PDU contains an IID-TLV with a zero value for the IID or
 has no IID-TLV."

doesn't simply name the addresses (ALLL1MI-IS or ALLL2MI-IS)?  I think that'd be clearer - but this is definitely nit.


[Les:] Happy to explicitly call out the specific addresses in the second bullet.

   Les

Let me know if the above changes will suffice and I will spin a new version.

Sounds good.

Thanks,
Alia


   Les

Regards,
Alia