Re: [Lsr] AD Review of draft-ietf-lsr-isis-rfc5306bis-02

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Tue, 13 August 2019 15:46 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 512EF12083B; Tue, 13 Aug 2019 08:46:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=f6At9Rys; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=efoIfQqE
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mKDcR-5bgGXF; Tue, 13 Aug 2019 08:46:10 -0700 (PDT)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C4B4120845; Tue, 13 Aug 2019 08:46:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=50158; q=dns/txt; s=iport; t=1565711170; x=1566920770; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=qspMhMDVbADWpvsXzi1hyUkbwPr26mbqCisoCTzGm6A=; b=f6At9RysUBkFtZznJgKbud8CwN4EpjURSl7AawB9rVMEk8Sn4NdhfPr8 /Wp6LGdIreaXGIcA5/tR1RBAa0VsdoT8iBHiCcIhFYlI0x+Ce2QyKQ+50 sApO5ibRhivKxUaeIfP2hiQByieWP0SVB7R64qYv4b1VGvaZfZ87L3SsQ o=;
IronPort-PHdr: =?us-ascii?q?9a23=3ACyQU0x+InDoyWv9uRHGN82YQeigqvan1NQcJ65?= =?us-ascii?q?0hzqhDabmn44+8ZR7E/fs4iljPUM2b8P9Ch+fM+4HYEW0bqdfk0jgZdYBUER?= =?us-ascii?q?oMiMEYhQslVcGED1bxIeTlRyc7B89FElRi+iLzPA=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B8AADO2lJd/4oNJK1mGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQcBAQEBAQGBZ4EWLyQFJwNtVSAECyqEHoNHA4sQgluJXI4GgUKBEAN?= =?us-ascii?q?UCQEBAQwBAS0CAQGEPwIXgmQjOBMBBAEBBAEBBAEKbYUnDIVKAQEBAQMSEQo?= =?us-ascii?q?TAQEFMgEPAgEGAg4DBAEBIQEGAwICAh8RFAkIAgQBDQUIGoI1TIEdTQMdAQK?= =?us-ascii?q?RF5BhAoE4iGBzgTKCegEBBS6EUQ0LghQJgTSBWog8gVMXgUA/gRFGgkw+ghq?= =?us-ascii?q?CExk0glUygiaMKgaCYoUOgi+GEz+NQC1ACQKCHZA5hBSCMJFyhBuNVYE2iCG?= =?us-ascii?q?OLAIEAgQFAg4BAQWBZyGBWHAVgydQEBSBTgwXg0+KU3KBKY47AQE?=
X-IronPort-AV: E=Sophos;i="5.64,382,1559520000"; d="scan'208,217";a="318427411"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by alln-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 13 Aug 2019 15:46:09 +0000
Received: from XCH-ALN-012.cisco.com (xch-aln-012.cisco.com [173.36.7.22]) by alln-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id x7DFk9CL017398 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 13 Aug 2019 15:46:09 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-012.cisco.com (173.36.7.22) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 13 Aug 2019 10:46:08 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 13 Aug 2019 10:46:08 -0500
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 13 Aug 2019 11:46:08 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fELYyonR6zxMfBsVqM5iPQAuSL79xa9Oqyv3T84kcbTzc6R6NcIyWmWf45wxOmjAapy3lpEl2em58kjVupeBgc6dYFYo4MoTiERiggskfnXh383oNVwlCQ/h6lAWnJ3i1YaZ87yebQc07LxDbc4r2OKUohsDtZH/ezwq2Rt7gktKO3z5inan9IugBTv3zkZTIIe9ofAyixHXo7Q02UEGMFVDiqG0Wl5WzGYUX8Iqe4A8rDikiR67aWmoxqHQGMHohj6guMKAFCe5+uU29MvA81sSxsq0wq7FSpLw55Q17KhgNVpc6NEFPRZy1boUy/NbztNnsiSYo5qu8eBLdePKeA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qspMhMDVbADWpvsXzi1hyUkbwPr26mbqCisoCTzGm6A=; b=EbA7EniVBJus6qWkLqQr/QGdPJucZXI5yD92DmPdUxazN/Z2hSbJsU7cs63Jw0rmzI0iqIL46QOAHhryJhcuUZDyd8ZFLqjKmF59wnWxCOGeeHTV5AHC+G9orB746DhKwwmooqU9hdG2NgLLg54JKg6zegngW6qEE8ffxXraILMoDTk+U+I8Qipa5nZ8W9ZbILDCXW+FQELjTAWhWkme2SmiNhyGtELkdXqRLlRQWOEaVS/mqprLKyi/Ty7ZKodLc0p+NHnrXB+D+u5vk2TapLsl+EArZX+2JcztR4GRp1HYMr7SRzpAgMs4nnVNsni2lSaxF9i9Zw9e/SRrsVrZ/g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qspMhMDVbADWpvsXzi1hyUkbwPr26mbqCisoCTzGm6A=; b=efoIfQqE3jAvyG70+/GNVF6G+bxNIK7/8KFVzftC1izEhAEllI8PU+PQPvKgtkNPf3Lxs4lfdlR6uhzSErj6oU6Gl3xdhd/8/ustmxd9D2vblkj4xF/ZX1OwraD/q93606DM2mwFR1BmvtScbdcXCx8LN5GW8PdnkPz3rbOdQcM=
Received: from BYAPR11MB3638.namprd11.prod.outlook.com (20.178.237.19) by BYAPR11MB3814.namprd11.prod.outlook.com (20.178.239.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2157.13; Tue, 13 Aug 2019 15:46:06 +0000
Received: from BYAPR11MB3638.namprd11.prod.outlook.com ([fe80::d8d2:7e49:1687:aab2]) by BYAPR11MB3638.namprd11.prod.outlook.com ([fe80::d8d2:7e49:1687:aab2%3]) with mapi id 15.20.2157.022; Tue, 13 Aug 2019 15:46:06 +0000
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Alvaro Retana <aretana.ietf@gmail.com>, "draft-ietf-lsr-isis-rfc5306bis@ietf.org" <draft-ietf-lsr-isis-rfc5306bis@ietf.org>
CC: Uma Chunduri <umac.ietf@gmail.com>, "lsr@ietf.org" <lsr@ietf.org>, "lsr-chairs@ietf.org" <lsr-chairs@ietf.org>
Thread-Topic: [Lsr] AD Review of draft-ietf-lsr-isis-rfc5306bis-02
Thread-Index: AQHVSUrs7FyoQRZE8UmETDmfQMkME6bod8OQgAyCCeCABEIRAIAAB0Yw
Date: Tue, 13 Aug 2019 15:46:06 +0000
Message-ID: <BYAPR11MB363852870CD71C1E69A9F7EEC1D20@BYAPR11MB3638.namprd11.prod.outlook.com>
References: <CAMMESswNLuG1FxSPhtL7eR7MveAHMWvmC0zLaL2iHsVVyVe6Bw@mail.gmail.com> <BYAPR11MB3638E77F6217B4FDE4BEC0E7C1D90@BYAPR11MB3638.namprd11.prod.outlook.com> <BYAPR11MB3638DAA7DF68C7133DAE529FC1D10@BYAPR11MB3638.namprd11.prod.outlook.com> <CAMMESszKYRu3-Pcx+HZQ3CanHCWENyCtR6o=+i=JgXHFFdryNA@mail.gmail.com>
In-Reply-To: <CAMMESszKYRu3-Pcx+HZQ3CanHCWENyCtR6o=+i=JgXHFFdryNA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ginsberg@cisco.com;
x-originating-ip: [2001:420:c0c8:1004::b1]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 67dc6499-94c3-4e49-5493-08d720055ab9
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BYAPR11MB3814;
x-ms-traffictypediagnostic: BYAPR11MB3814:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BYAPR11MB381433DF880B2D13B0785DA2C1D20@BYAPR11MB3814.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01283822F8
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(346002)(396003)(39860400002)(136003)(376002)(199004)(189003)(85664002)(6246003)(256004)(8936002)(2501003)(71200400001)(4326008)(66574012)(76116006)(86362001)(7736002)(8676002)(46003)(33656002)(81166006)(81156014)(6116002)(790700001)(14444005)(71190400001)(74316002)(186003)(14454004)(102836004)(229853002)(476003)(52536014)(236005)(53546011)(6306002)(76176011)(6506007)(316002)(9686003)(99286004)(54906003)(110136005)(5660300002)(55016002)(486006)(54896002)(6436002)(66476007)(66556008)(66446008)(66946007)(7696005)(25786009)(53936002)(64756008)(11346002)(446003)(2906002)(478600001); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR11MB3814; H:BYAPR11MB3638.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: TPEVvO8k9lKH+VVgtfpOOVrspshoeRZvVLmowNwTQbviCFUSvzmK0X3n+dXnPCBDY76nG0r4znrQBTq5/Ivm6UNveJUgDLyUObiZ+9uH9hCEmEcFDNmP7hMR+XwkCMYo0BVqe/ZybVG5UZdesfjntEJ6m/TTZ4gelN0A4qPVo9ivqGRLHd9yY5ZhGa2DMOtOy+iF4amGO3CCD1lXF/8TSR+SKPqTUaKfh+gEAXy9O6q9H8WA8P4890yPV1nGzpWJqEptbLQKMitTN0OfOPEYp8ShToj7GOHucvyrgMC9tYsz8+GT9jOZTFIl0HsUDUKreU4ssNLQP+7Ssva/xTkTZh1i+7mVnmJR14TAESEPIh+wHDIBgH7Thywh4iv4u/8baRpkUDuMe+spWkwn0W2A6cgZouMD9vJUHzsJhzad5lM=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR11MB363852870CD71C1E69A9F7EEC1D20BYAPR11MB3638namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 67dc6499-94c3-4e49-5493-08d720055ab9
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Aug 2019 15:46:06.3436 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: xOJ3Rpog6ZkAzHXsPGbpQc2a6WglGBAZ5f3rPgKQMkpmmBqWr9PAp+5jlfsOTrW6Jqb7EEtapDczzvPQ6cLrFA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3814
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.22, xch-aln-012.cisco.com
X-Outbound-Node: alln-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/MYzBDlk0quGFKyXZf4CHU5lsYa8>
Subject: Re: [Lsr] AD Review of draft-ietf-lsr-isis-rfc5306bis-02
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Aug 2019 15:46:15 -0000

Alvaro -

From: Alvaro Retana <aretana.ietf@gmail.com>
Sent: Tuesday, August 13, 2019 7:56 AM
To: Les Ginsberg (ginsberg) <ginsberg@cisco.com>om>; draft-ietf-lsr-isis-rfc5306bis@ietf.org
Cc: Uma Chunduri <umac.ietf@gmail.com>om>; lsr@ietf.org; lsr-chairs@ietf.org
Subject: RE: [Lsr] AD Review of draft-ietf-lsr-isis-rfc5306bis-02

On August 10, 2019 at 6:44:49 PM, Les Ginsberg (ginsberg) (ginsberg@cisco.com<mailto:ginsberg@cisco.com>) wrote:

Les:

Hi!

I have a couple of comments below related to backwards compatibility: I think there is a way to not change the behavior of current implementations *and* not throw out old implementations.  See below.

Thanks!

Alvaro.

...
245            Note: Implementations based on earlier drafts of RFC 5306
246            may not include this field in the TLV when the RA bit is set.
247            In this case, a router that is expecting an RA on a LAN circuit
248            SHOULD assume that the acknowledgement is directed at the local
249            system.

[major] I think it is time we stop catering to old/non-compliant implementations.  The last time that a draft didn't include the System ID was draft-ietf-isis-restart-03 in March 2003: more than 15 years ago!!

[Les:] While I am in sympathy with your position, the existing RFC has allowed implementations based on early versions of the draft to exist and defined how to interoperate with them. It is therefore conceivable that an implementor simply never chose to update their implementation since they never had an interoperability problem reported. I do not see the value in removing this interoperability. The lack of this support would only be meaningful in the event multiple systems on the same LAN were restarting at the same time – which of course is possible but not probable. I will continue to listen if you REALLY feel strongly about this, but in the spirit of “being generous in what you receive” I left this unchanged.

We should have caught and eliminated the problem when rfc3874 was published. <sigh>  BTW, the text above should mention rfc3874 and not rfc5306.

[Les:] Well, I did ask where you were when RFC 3847 (not 3874 as I mistakenly mentioned)  was approved. 😊

<rant> IMO, catering to non-standard implementations in a formal specification devalues the standards process: if the purpose is to create interoperable implementations, but we’re still going to bend over backwards to allow non-compliant implementations (with the product of the WG, the consensus, etc.), then why are we going through the pain of agreeing on and standardizing anything?  We might as well just let anyone implement anything…or never change the original draft if specifications already exist…  </rant>

In this case, making the System ID optional, and explaining how/when it should be used (as you did above), would fix the issue and bring non-compliant implementations into the fold.  IOW, I think we would all be happy if the wording changed from “allow non-compliant implementations” to “this field is optional”…for example:

OLD>

   Required when the RA or PA bit is set. Otherwise

   this field SHOULD be omitted when sent and

   MUST be ignored when received.



NEW>

   This field is required when the PA bit is set, and MAY be present when the

   RA bit is set.  Specifically, it is used when multiple systems on the same

   LAN are restarting {more details}. If the RA or PA bit is not set, this

   field SHOULD be omitted when sent and MUST be ignored when received.



[Les:] There is no reason to extend this option to PA bit. Legacy issues – if they exist at all - only exist in regards to RA. How about if I rewrite the text with something like this?

“Very early draft versions of the restart functionality did not include the Restarting Neighbor System ID in the TLV. RFC 5306 allowed for the possibility of interoperating with these legacy implementations by

stating that a router that is expecting an RA on a LAN circuit  SHOULD assume that the acknowledgement is directed at the local  system if the TLV is received with RA set and Restarting Neighbor System ID is not present.

It is an implementation choice whether to continue to accept (on a LAN) a TLV with RA set and Restarting Neighbor System ID absent. Note that the omission of the Restarting Neighbor System ID only introduces ambiguity in the case where there are multiple systems on a LAN

simultaneously performing restart.”

??





...
...
428       While the adjacency is in planned restart state the following actions
429       MAY be taken:

[major] The steps below are optional (MAY)....that is ok.  (a) talks about a compromised ability to flood updates on a LAN is adjacencies are not reset, which sound very serious to me.  What are the considerations for an implementation/deployment to decide using these optional actions?  Should they be used on LANs, but not necessarily in other link types (just as an example)?

[Les:] You have agreed that the use of MAY is appropriate here. Which means all of the text describing what might cause the neighbor of the restarting router to choose to bring the adjacency down is not normative.

MAY is a Normative keyword, so the text *is* Normative…the actions are Optional.
We did describe a significant issue that would occur on a LAN if action were not taken, but as we are allowing that none of the actions are normative I do not see that the use of MUST would be appropriate in the description.

Sorry, that was not the question.  I’m not asking (here) why the actions are not mandatory.

Let me try again…. If the actions are optional (MAY), when might an implementation decide that one of them is an important action to take?  For example,  (c) makes it optional to suppress LSP/*SNPs…can you provide guidance to when/why an implementation might decide to implement this suggestion and when it might not?

In the end, I just think that if you’re offering options, then it would make the specification better if you provided guidance on when it might be more important to use those options and when it might not.  If you can’t provide additional guidance, then we can move on.

[Les:] I don’t want to provide guidance beyond what we already have stated. It is an implementation choice as to when it is “better” to take these actions and when it isn’t. The decision does not impact interoperability.

   Les





I therefore left this text unchanged.

[minor] The actions below are independent of each other, right?  It may be worth mentioning that.
[Les:] I have rephrased this as “some or all of the following actions MAY be taken”.


431       a.  If additional topology changes occur, the adjacency which is in
432           planned restart state MAY be brought down even though the hold
433           time has not yet expired.  Given that the neighbor which has
434           signaled a planned restart is not expected to update its
435           forwarding plane in response to signaling of the topology changes
436           (since it is restarting) traffic which transits that node is at
437           risk of being improperly forwarded.  On a LAN circuit, if the
438           router in planned restart state is the DIS at any supported
439           level, the adjacency(ies) SHOULD be brought down whenever any LSP
440           update is either generated or received so as to trigger a new DIS
441           election.  Failure to do so will compromise the reliability of
442           the Update Process on that circuit.  What other criteria are used
443           to determine what topology changes will trigger bringing the
444           adjacency down is a local implementation decision.

[nit] s/received so as to/received, so as to

[major] "adjacency(ies) SHOULD be brought down...Failure to do so will compromise the reliability of the Update Process on that circuit."  When is it ok to not bring these adjacencies down?  If the operator already decided to deploy these optional steps, why wouldn't the adjacencies be always brought down?  IOW, why is MUST not used?
[Les:] Answered above

If this option is chosen, why wouldn’t the adjacency be brought down?

From above, I understand the action in (a) is optional…no problem.  But if an implementation chooses to implement it, why wouldn’t the adjacency be brought down?