IETF Logo Mail Archive

Re: [Lsr] Thoughts about PUAs - are we not over-engineering?

Anup MalenaaDu <anupkumart@gmail.com> Mon, 20 June 2022 11:13 UTC

Return-Path: <anupkumart@gmail.com>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF72CC14F73E; Mon, 20 Jun 2022 04:13:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qxk1ctO5o5uN; Mon, 20 Jun 2022 04:13:39 -0700 (PDT)
Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 118C2C14F743; Mon, 20 Jun 2022 04:13:39 -0700 (PDT)
Received: by mail-ej1-x629.google.com with SMTP id fu3so20394764ejc.7; Mon, 20 Jun 2022 04:13:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+WB5ikTJ08dmAXxtBWGBQwiiCPsQJeIYGscB9HO77+Q=; b=LyAbja0oJbrDEhQAA4E0JNx1wRXdvphhMslscv2+qVxPvPhBDuXubH5yHDqx4mpGd/ 7pvaCjBrWen07f/PGbOyCcYftVgnGe3ZCWw0KvQp352DHc0j3UsHIH4kIxLux+BDteAW 8rU5V30m2G4TRfTZ5pbW+0qGyYni+HtbR03n26EdgJ9eq1ymRMQeJUOMYUBlP6MQiVlX z6L+iK0Ngn/bitQt41lSCIj6ExLiztuccguOJ81zN+vtXlxhGO1djpxiRvsBoSpeT3vO v6fzyUVI3cL3Ps2SNq6O7+ISeI3iPtba0pIKnWWdXfcFaR6IMwCozJVnhrJkeOyql8Uk 7PIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+WB5ikTJ08dmAXxtBWGBQwiiCPsQJeIYGscB9HO77+Q=; b=sdX2Nmf5C8Df10uZEyczXB0M5RQ1q3JLJTpOlOKmjubTH3Wj9s7MjAcil90cOCpJz7 O0HcZN/gaHnLYXW3+zP7O6Y2ti1a0/mJ9RYwS+rnrJgVjywt/T2nSioxFqQ1B4oMAANg ul0j8lCzfmdOlv2AhRYBWZfMkyggOp8HjYgrPTPWkuDAQHHmLGJP1eiYm9RXnz2Y3zyL Xf0W1X9ENUKe1Xac+fY4YNWKJfU0B1Y/1mhMYz/9wC7Qk3r0w4UM9aFArN8qQv8doLkF stYiWGoGGkf3OnRc+oxG1+aioYXMMBcHQU8P4TQS7x9Lkk/MkROrz82Tuqzwy9Pz3IQ7 8DBw==
X-Gm-Message-State: AJIora+B5K42Hz326ZdqaJeHW2DXpFWdJ0TBZyjEYDm5oGhR0bbwJGR2 QVvsJBIoTgZG7C/uThIe0pvWs71ddy43pd5+yXg1i5Ar
X-Google-Smtp-Source: AGRyM1sioLyDdhmJD4yRQU0BOXTg/7ttbp54pjJdBQXCk/9BJvKpqY0a9aJKC1ls2XS0ww17V5QTAX51GkrBuk2gHLo=
X-Received: by 2002:a17:906:c838:b0:711:d49f:687c with SMTP id dd24-20020a170906c83800b00711d49f687cmr20636370ejb.668.1655723617202; Mon, 20 Jun 2022 04:13:37 -0700 (PDT)
MIME-Version: 1.0
References: <CAHP=eyj1Hzfg_ktTae40_tS1hNqX+azvJx51f9hdUzxdhGavSw@mail.gmail.com> <A4356EF0-09E2-476A-841E-2BB4E75C850E@tsinghua.org.cn>
In-Reply-To: <A4356EF0-09E2-476A-841E-2BB4E75C850E@tsinghua.org.cn>
From: Anup MalenaaDu <anupkumart@gmail.com>
Date: Mon, 20 Jun 2022 16:43:25 +0530
Message-ID: <CAHP=eygZgOEdjHaFX2ckUqiGWp4gT5whtpt9vc-2Mo24Xuq9uQ@mail.gmail.com>
To: Aijun Wang <wangaijun@tsinghua.org.cn>
Cc: "Voyer, Daniel" <daniel.voyer=40bell.ca@dmarc.ietf.org>, "Van De Velde, Gunter (Nokia - BE/Antwerp)" <gunter.van_de_velde@nokia.com>, Robert Raszuk <robert@raszuk.net>, Gyan Mishra <hayabusagsm@gmail.com>, draft-ppsenak-lsr-igp-ureach-prefix-announce@ietf.org, draft-wang-lsr-prefix-unreachable-annoucement <draft-wang-lsr-prefix-unreachable-annoucement@ietf.org>, lsr@ietf.org
Content-Type: multipart/alternative; boundary="0000000000000cb5e805e1df32cd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/DYqAZER-o9RtwKc3pMEc-oovd08>
Subject: Re: [Lsr] Thoughts about PUAs - are we not over-engineering?
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jun 2022 11:13:43 -0000

Thanks Aijun.

So, in places where BFD can be reasonably deployed, would PUA really help?

- Anup

On Mon, Jun 20, 2022 at 4:06 PM Aijun Wang <wangaijun@tsinghua.org.cn>
wrote:

> Hi, Anup:
>
> The advantage of PUA over BFD is that the operator needs not deploy o(n^2)
> BFD sessions for the services that rely on the IGP reachablity.
> Such comparisons have been discussed on the list.
>
> Aijun Wang
> China Telecom
>
> On Jun 18, 2022, at 12:55, Anup MalenaaDu <anupkumart@gmail.com> wrote:
>
> 
> Hi,
>
> BGP uses BFD to track the remote PEs.
> So, how does PUA really help?
>
> To be precise,
> 1. what are the advantages of having PUAs for IGPs
> 2. what are the advantages for services like BGP, Tunnels, LSPs etc going
> over IGPs
>
> Thanks,
> Anup
>
> On Thu, Jun 16, 2022 at 7:41 PM Voyer, Daniel <daniel.voyer=
> 40bell.ca@dmarc.ietf.org> wrote:
>
>> Hi Gunter, see [DV]
>>
>>
>>
>> *From: *"Van De Velde, Gunter (Nokia - BE/Antwerp)" <
>> gunter.van_de_velde@nokia.com>
>> *Date: *Thursday, June 16, 2022 at 6:38 AM
>> *To: *Robert Raszuk <robert@raszuk.net>
>> *Cc: *Gyan Mishra <hayabusagsm@gmail.com>, Dan Voyer <
>> daniel.voyer@bell.ca>, "
>> draft-ppsenak-lsr-igp-ureach-prefix-announce@ietf.org" <
>> draft-ppsenak-lsr-igp-ureach-prefix-announce@ietf.org>,
>> draft-wang-lsr-prefix-unreachable-annoucement <
>> draft-wang-lsr-prefix-unreachable-annoucement@ietf.org>, "lsr@ietf.org" <
>> lsr@ietf.org>
>> *Subject: *[EXT]RE: [Lsr] Thoughts about PUAs - are we not
>> over-engineering?
>>
>>
>>
>> Hi Robert, Peter, Bruno
>>
>>
>>
>> You wrote:
>>
>> “Aas there is no association between node_id (perhaps loopback) and SIDs
>> (note that egress can use many SIDs) UPA really does not signal anything
>> about SIDs reachability or liveness. “
>>
>>
>>
>> Sure, but UPA signals that a locator is unreachable, would that not
>> result for the SRv6 SID to become unreachable as well?
>>
>>
>>
>> I understood that UPA have increased value add benefit when using with
>> SRv6. If suddenly a locator becomes unreachable, then it I guess the
>> associated 128 bit SIDs become unreachable too, causing an event for
>> something to happen in the transport network to fix the problem.
>>
>>
>>
>> That being said, Peter makes a good point stating that UPA is not solving
>> the problem of partitioning areas, and hence, maybe my use-case is not
>> overly relevant.
>>
>>
>>
>> So progressing, an operator using ABR based summarization then there are
>> few options:
>>
>>    1. No summarization at all at ABRs
>>    2. Summarize on ABR all prefixes that can be summarized
>>    3. Summarize all prefixes that are not associated with PEs and remain
>>    advertising individual PE addresses
>>    4. Summarize all prefixes and use UPA’s to advertise unreachability
>>    of protected prefixes
>>
>>
>>
>> [DV] if “an operator using ABR based summarization” then option 1 is
>> out, right ? Also, option 4 is the point of this draft – but furthermore,
>> if an aggregation device, inside a domain, is also being summarized – as
>> the entire domain get summarized – but this agg device doesn’t have any
>> services, because it’s an aggregation device, “then it’s up to the operator
>> designing the network to implement” a form of policy/filter. So if that agg
>> device reload, due to a maintenance, we don’t care about the unreachability
>> advertisement (adding unnecessary LSP in the LSDB).
>>
>>
>>
>> We all know that option 1 -3 work well and has been working well for long
>> time. Behavior is very well understood
>>
>>
>>
>> With the new option 4, to add value, applications need to get what is
>> being referenced as ‘vendor secret sauce’ … I can already see the fun
>> caused by inconsistent behavior and interop issues due to under
>> specification.
>>
>> [DV] not sure I am following your “secret sauce” point here. Following
>> the RFC5305/RFC5308 should be clear.
>>
>>
>>
>> The question I remain to have is if the UPA provide higher benefit as the
>> tax it introduces. I can see operators suffer due to under specification,
>> causing interop and inconsistent behaviors.
>>
>>
>>
>> I agree with Bruno’s statement “If you believe that all you need is
>> RFC5305/RFC5308 I guess this means that we don't need
>> draft-ppsenak-lsr-igp-ureach-prefix-announce”
>>
>>
>>
>> [DV] well, “draft-ppsenak-lsr-igp-ureach-prefix-announce”, is describing
>> a use case/architecture and what you can do w/ RFC5305/RFC5308 – its
>> “informational” 😊
>>
>>
>>
>> G/
>>
>>
>>
>>
>>
>> *From:* Robert Raszuk <robert@raszuk.net>
>> *Sent:* Thursday, June 16, 2022 11:54 AM
>> *To:* Van De Velde, Gunter (Nokia - BE/Antwerp) <
>> gunter.van_de_velde@nokia.com>
>> *Cc:* Gyan Mishra <hayabusagsm@gmail.com>; Voyer, Daniel <daniel.voyer=
>> 40bell.ca@dmarc.ietf.org>;
>> draft-ppsenak-lsr-igp-ureach-prefix-announce@ietf.org;
>> draft-wang-lsr-prefix-unreachable-annoucement <
>> draft-wang-lsr-prefix-unreachable-annoucement@ietf.org>; lsr@ietf.org
>> *Subject:* Re: [Lsr] Thoughts about PUAs - are we not over-engineering?
>>
>>
>>
>> Gunter,
>>
>>
>>
>> (1) Multiple-ABRs
>>
>>
>>
>> I was wondering for example if a ingress router receives a PUA signaling
>> that a given locator becomes unreachable, does that actually really signals
>> that the SID ‘really’ is unreachable for a router?
>>
>>
>>
>> Aas there is no association between node_id (perhaps loopback) and SIDs
>> (note that egress can use many SIDs) UPA really does not signal anything
>> about SIDs reachability or liveness.
>>
>>
>>
>>  For example (simple design to illustrate the corner-case):
>>
>>
>>
>> ingressPE#1---area#1---ABR#1---area---ABR#2---area#3---egressPE#2
>>
>>      |                                                      |
>>
>>      |                                                      |
>>
>>      +--------area#1---ABR#3---area---ABR#4---area#3--------+
>>
>>
>>
>> What if ABR#4 would loose connectivity to egressPE#2 and ABR#2 does not?
>>
>> In that case ABR#4 will originate a UPA/PUA and ABR#2 does not originate
>> a PUA/UPA.
>>
>> How is ingressPE#1 supposed to handle this situation? The only thing
>> ingressPE#1 see is that suddenly there is a PUA/UPA but reachability may
>> not have changed at all and remains perfectly reacheable.
>>
>>
>>
>> Valid case. But PE1 should only switch when alternative backup path
>> exists. If there is a single path it should do nothing in any case of
>> receiving UPA. We have discussed that case before and as you know the
>> formal answer was "out of scope" or "vendor's secret sauce" :).
>>
>>
>>
>> The justification here is that switching to healthy backup is better then
>> continue using perhaps semi-sick path.
>>
>>
>>
>> Best,
>>
>> R.
>>
>>
>> ------------------------------
>>
>> *External Email:** Please use caution when opening links and attachments
>> / **Courriel externe:** Soyez prudent avec les liens et documents joints
>> *
>> _______________________________________________
>> Lsr mailing list
>> Lsr@ietf.org
>> https://www.ietf.org/mailman/listinfo/lsr
>>
> _______________________________________________
> Lsr mailing list
> Lsr@ietf.org
> https://www.ietf.org/mailman/listinfo/lsr
>
>

v2.23.0 | Report a Bug | By Email