Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09
Dino Farinacci <dino@lispers.net> Wed, 27 April 2022 19:04 UTC
Return-Path: <dino@lispers.net>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 552FAC14F723 for <lisp@ietfa.amsl.com>; Wed, 27 Apr 2022 12:04:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lispers-net.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MrJLcVh8EbCG for <lisp@ietfa.amsl.com>; Wed, 27 Apr 2022 12:04:37 -0700 (PDT)
Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38664C159A39 for <lisp@ietf.org>; Wed, 27 Apr 2022 12:03:37 -0700 (PDT)
Received: by mail-pl1-x634.google.com with SMTP id n18so2386794plg.5 for <lisp@ietf.org>; Wed, 27 Apr 2022 12:03:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lispers-net.20210112.gappssmtp.com; s=20210112; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=D7dMfAnQEhTWwRhBUdtyT2XdSPSNffD9+i5g8DSJp1o=; b=cSsoAQ15FF9nQFchi70xSuipV01/nvR01qmAFGoXWJQHejYcUpfiEGO9CWNchzdvb6 pqVkfW/1bDJPzaDjMq3U3bbdtor64WNiqL5wj2XD7dgYivgmScdOjyfkECUJFVjzlVEB J3WreKxtBV22NIwEf9eQVTSMyoE8/BqfFPhq06KmH3wzcyvtnf4K7s5KxsyohKQCEeLY F5a5d4CC6igSxLftxUE0mnZYDeSmlzrG+XPDeHLRr1UfyrwJ8CyjQsiKbMu+83zC26Dp 1bkFRIn+Jm8ieRvBPxY7y7rbKtv6mY69jbgATrnVRBrooOuEjgAkWVNN+hOKx32B6Mmk B1Rw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=D7dMfAnQEhTWwRhBUdtyT2XdSPSNffD9+i5g8DSJp1o=; b=dg6AkVWJ9qLnYNxXUMfjyPFRY5aJbxE0HhGPlVOE+UTNzSQyU7bxBNcm4EGQ05jMRB 6hohnNgk9pkY15O7d4L714Jvj5Lpp+AmYIWTSa4D6bpLKfaNeO3nubvrQJN5IX8xlYdW Fr/1ry8u3HIXfjrcAMcDUtpO0KqLD1bVwSqASNfcrfVVdeJIdpLi4Zc5s1qpBdlOrPCV Ris6zUH+dCTwHHnzENsaXRsY7nONhnwKtmXLx3irAxOYdb9eYSHMHaiGlORgYHa9VhWe h/qp8SMXN1FITi6iWnz4/Z50VOb/qcXkJoC2NFyl0lJnKtwsMSSCMPvEhjSwfyJkwCi+ b1DQ==
X-Gm-Message-State: AOAM531VkvX7vvAbdfPiBUnYzf9gk5lp0HfD3GRdsrzOwgQeWPCyzBKd 0l9IfcaiH+/gOetcHzx6dy3QOg==
X-Google-Smtp-Source: ABdhPJwtm3SgYuG1f7o9hb1M1iWwRVTMHbuHr2Rnu+Ei4zA3Trj5yzTHWZn8n0l7HQWEqkYiKLJj0A==
X-Received: by 2002:a17:90b:4f82:b0:1d1:b8fd:7e36 with SMTP id qe2-20020a17090b4f8200b001d1b8fd7e36mr45467456pjb.194.1651086216058; Wed, 27 Apr 2022 12:03:36 -0700 (PDT)
Received: from smtpclient.apple (c-98-234-33-188.hsd1.ca.comcast.net. [98.234.33.188]) by smtp.gmail.com with ESMTPSA id w14-20020a63c10e000000b003c14af505f8sm41913pgf.16.2022.04.27.12.03.34 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 27 Apr 2022 12:03:35 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
From: Dino Farinacci <dino@lispers.net>
In-Reply-To: <CAMMESsxsm=3MR-Rybo8m+LkUJpCnzg74GVHDfEPxLDhgxhvzYg@mail.gmail.com>
Date: Wed, 27 Apr 2022 12:03:33 -0700
Cc: "lisp@ietf.org list" <lisp@ietf.org>, draft-ietf-lisp-pubsub@ietf.org, lisp-chairs@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <FB3CB22F-7DC2-4490-88A0-B0229C7AC647@lispers.net>
References: <CAMMESsyB6WXxZP-CxQ6xzYQ6rRC86TQPT+PDqc3+qvR364qdCw@mail.gmail.com> <C4E45F61-0F74-456F-860D-65500220B53E@lispers.net> <CAMMESsxsm=3MR-Rybo8m+LkUJpCnzg74GVHDfEPxLDhgxhvzYg@mail.gmail.com>
To: Alvaro Retana <aretana.ietf@gmail.com>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/hN4tpuZl2nm86UVTqqmH24q0Tx8>
Subject: Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Apr 2022 19:04:40 -0000
I agree with all your suggestions and hope Alberto will use as input to the changes he makes for the next rev. >> [major] This is the only place, including rfc6830bis/rfc6833bis, where >>> "proxy-reply mode" is used. Is this operation specified anywhere, >>> maybe using a different name? This seems to be related to the >>> Map-Server being able to offer non-authoritative Map-Replies -- please >>> be specific. >> >> In 6833bis, we refer to the P-bit in the Map-Register as "proxy Map-Reply >> bit". And occurs 11 times in 6833bis. > > Ah, ok. Please just be consistent with the terminology. Not everyone > is as familiar with lisp -- including me, of course! :-) We will make the pubsub be consistent with the text from 6833bis. >> [major] What happens if one of these assumptions is not met? If the >>> rest of the specification is followed (setting the I and N bits, etc.) >>> what are the "failure scenarios" if the conditions are not met? >> >> When the N bit is not set, the message is processed like a regular >> Map-Request (and state is not put in the subscription cache on the map- >> server). That wasn't clear? Alberto? > > The assumptions I was referring to are these: > > 129 3. Deployment Assumptions > > 131 The specification described in this document makes the following > 132 deployment assumptions: > > 134 (1) A unique 128-bit xTR-ID (plus a 64-bit Site-ID) identifier is > 135 assigned to each xTR. > > 137 (2) Map-Servers are configured in proxy-reply mode, i.e., they are > 138 solicited to generate and send Map-Reply messages for the > 139 mappings they are serving. > > I think all I'm looking for is a short explanation that the pubsub > will not work. Maybe something like this: > > If either assumption is not met, a subscription cannot be > established and the network will continue operating without > this enhancement. Agree. >> 144 4. Map-Request PubSub Additions >>> ... >>> 190 xTR-ID bit (I-bit): This bit is set to 1 to indicate that a 128 >>> 191 bit xTR-ID and a 64 bit Site-ID fields are present at the end of >>> 192 the Map-Request message. For PubSub operation, an xTR MUST be >>> 193 configured with an xTR-ID and Site-ID, and it MUST set the I bit >>> 194 to 1 and include its xTR-ID and Site-ID in the Map-Request >>> 195 messages it generates. > ... >>> [major] "MUST set the I bit to 1 and include its xTR-ID and Site-ID" >>> >>> What should the receiver do if the I bit is set but the ID fields are >>> not included? > ... >> >> We will fix this. If the I bit not set, the Map-Request is not processed as a >> subscribe-request. > > The question was the other way around: what if the I-bit is set but > the IDs are not included? The lengths are handled by the IP/UDP Then there will be a parsing error and the last 128-bits/64-bits of the packet will be mistakenly processed as an xTR-ID/Site-ID. It means the sender did not conform to the spec. It is an implementation bug. > header lengths, so the Map-Request (and the rest of the packet) may > have the correct length while still having the I-bit set. > > I assume the answer is that the subscription cannot be processed and > "normal" processing is done...but it should be stated in the document. No, that is not what happens. And I believe we DON'T need to change 6833bis for this. Or the pubsub draft. If the sender sets the I-bit, it is saying the the xTR-ID/Site-ID are at the end of the message. A receiver can detect the error because after processing that last EID-record, if there are no bytes left from processing the message, it can conclude that the I-bit was set errorneously. > >>> 253 (3) The Map-Server MUST send the Map-Notify to one of the ITR-RLOCs >>> 254 received in the Map-Request (which one is implementation >>> 255 specific). >>> >>> [major] Does this need to be specified here? Where are Map-Notify >>> messages sent to? I couldn't find a specific answer, but it seems to >>> me that choosing a destination address should be pretty "basic"; i.e. >>> something that should have been specified in the base spec. >> >> It is basic but there are many choices, *especially* in the presents of NATs. >> You can send to one of the "Local" RLOCs or to the source IP address of the >> Map-Request. If you want to get the message back to the xTR you need to use >> the source IP address. > > Yes. The point was that choosing an address is not an issue that > comes up only when sending Map-Notify messages when using pubsub -- it > is a general issue. Any considerations should be mentioned in the > "general" document (rfc6833bis) so that all extensions can benefit and > don't have to include additional text about it. Well not totally true. It is only used because an ITR-RLOC is included in a Map-Request, so a responding Map-Reply message should use it. Since a Map-Notify is a Map-Request ack for a subscribption requesst, its only these two types of messages that have this issue. All other "replies" to "query type messages" uses the source IP address from the query. > > >>> 331 When the xTR receives a Map-Notify with an EID not local to the xTR, >>> 332 the xTR knows that the Map-Notify has been received to update an >>> 333 entry on its map-cache. Processing of unsolicited Map-Notify >>> 334 messages MUST be explicitly enabled via configuration at the xTR. >>> 335 The xTR MUST keep track of the last nonce seen in a Map-Notify >>> 336 received as a publication from the Map-Server for the EID-Record. If >>> 337 a Map-Notify received as a publication has a nonce value that is not >>> 338 greater than the saved nonce, the xTR drops the Map-Notify message >>> 339 and logs the fact a replay attack could have occurred. To compare >>> 340 two nonces, the xTR uses the serial number arithmetic defined in >>> 341 [RFC1982] with SERIAL_BITS = 64. The nonce field space (64 bits) is >>> 342 considered large enough to not be depleted during normal operation of >>> 343 the protocol (e.g., assuming a fast publication rate of one Map- >>> 344 Notify per EID-Record per Map-Server per second, the nonce field >>> 345 space will not be depleted in 0.5 trillion years). The same >>> 346 considerations discussed in Section 5.6 of [I-D.ietf-lisp-rfc6833bis] >>> 347 regarding storing Map-Register nonces apply here for Map-Notify >>> 348 nonces. >>> >>> [major] "Processing of unsolicited Map-Notify messages MUST be >>> explicitly enabled via configuration at the xTR." >>> >>> rfc6833bis added the Map-Notify-Ack, but it doesn't require >>> configuration anywhere to process unsolicited Map-Notify messages. >>> IOW, this requirement is not in line with rfc6833bis. >> >> Its because in 6833bis all Map-Notify messages are always solicited. > > Yes, I missed that. > > Can it be assumed that if the xTR sends a "subscription request" it > will accept unsolicited Map-Notify messages? This may be an Yes, but I'd argue about terminology. The Map-Notify is solicited because of the subscripton request. But the actual message is soliciting an acknowedge Map-Notify message. We call it unsolicited, because some time later, if there is an RLOC-change to an EID subscribed, the message will come without any message requesting it (i.e. it is event triggered). > implementation detail, but it seems to me that adding the extra > configuration step is unnecessary if the xTR is requesting the > information. Right. Dino > > > Alvaro. > > _______________________________________________ > lisp mailing list > lisp@ietf.org > https://www.ietf.org/mailman/listinfo/lisp
- [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alvaro Retana
- [lisp] draft-ietf-lisp-pubsub-09 Robert Raszuk
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] draft-ietf-lisp-pubsub-09 Robert Raszuk
- Re: [lisp] draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] draft-ietf-lisp-pubsub-09 Robert Raszuk
- Re: [lisp] draft-ietf-lisp-pubsub-09 mohamed.boucadair
- Re: [lisp] draft-ietf-lisp-pubsub-09 Robert Raszuk
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alvaro Retana
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Luigi Iannone
- Re: [lisp] draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alvaro Retana
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] draft-ietf-lisp-pubsub-09 Alvaro Retana
- Re: [lisp] draft-ietf-lisp-pubsub-09 Alvaro Retana
- Re: [lisp] draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alvaro Retana
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Dino Farinacci
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alvaro Retana
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 mohamed.boucadair
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alvaro Retana
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Luigi Iannone
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alvaro Retana
- Re: [lisp] AD Review of draft-ietf-lisp-pubsub-09 Alberto Rodriguez-Natal (natal)