IETF Logo Mail Archive

Re: [Lsr] draft-ietf-lsr-isis-area-proxy-02

bruno.decraene@orange.com Tue, 04 August 2020 15:17 UTC

Return-Path: <bruno.decraene@orange.com>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83A5B3A07C8 for <lsr@ietfa.amsl.com>; Tue, 4 Aug 2020 08:17:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PYzdJ4PCw0HG for <lsr@ietfa.amsl.com>; Tue, 4 Aug 2020 08:17:35 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.34]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7939F3A07C5 for <lsr@ietf.org>; Tue, 4 Aug 2020 08:17:34 -0700 (PDT)
Received: from opfednr03.francetelecom.fr (unknown [xx.xx.xx.67]) by opfednr27.francetelecom.fr (ESMTP service) with ESMTP id 4BLdfM73gHz4xpZ; Tue, 4 Aug 2020 17:17:31 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1596554252; bh=AqIJJPKSTIwG8bKt9ssbrx9S0wBiyVckTmEq6HbH5hM=; h=From:To:Subject:Date:Message-ID:Content-Type:MIME-Version; b=Vfl3d49bMgo+BvG9UMeQ2quzZ4XFtCzTXfX8YsYptk9/fRBNOVNV/J+d5FI+LCtnl khyBY9WW+myVpIScV4Jz0b3W1yql0As35685VKRgXjWVhD169maP2xDj/cYZk9eI+G 8tqfJulWEMbMUwxnuAcj9UL49U4JBGIW+veALe1v4x2vuVTh3SG6ngokEMSgRiN6eB xaouA3W40liyFrpdktZI3nZCra5cWKAgIN0qbNDVA44oygj7t8GCLuONuPzweDcp5G nCYE/RC6nirHXCcG7cC0ZjxknctiSBZcDEDdvHHjVh5c7oiVvt4FV5jOEyMsWQ8UK6 IXgQCVX7RVFyw==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.101]) by opfednr03.francetelecom.fr (ESMTP service) with ESMTP id 4BLdfM68LCzDq8y; Tue, 4 Aug 2020 17:17:31 +0200 (CEST)
From: bruno.decraene@orange.com
To: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
CC: "lsr@ietf.org" <lsr@ietf.org>
Thread-Topic: draft-ietf-lsr-isis-area-proxy-02
Thread-Index: AdZqV1bpaX43pBLFSuS5ho/MIT6lUQAE/tVQAADz6SA=
Date: Tue, 04 Aug 2020 15:17:30 +0000
Message-ID: <4558_1596554251_5F297C0B_4558_298_1_53C29892C857584299CBF5D05346208A48F0C59B@OPEXCAUBM43.corporate.adroot.infra.ftgroup>
References: <32323_1596545126_5F295866_32323_118_1_53C29892C857584299CBF5D05346208A48F0BB30@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <BY5PR11MB43375CB413060250B336BE64C14A0@BY5PR11MB4337.namprd11.prod.outlook.com>
In-Reply-To: <BY5PR11MB43375CB413060250B336BE64C14A0@BY5PR11MB4337.namprd11.prod.outlook.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: multipart/alternative; boundary="_000_53C29892C857584299CBF5D05346208A48F0C59BOPEXCAUBM43corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/kvkrrpOc2cVc9CsRbnWjNqE5Iv8>
Subject: Re: [Lsr] draft-ietf-lsr-isis-area-proxy-02
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Aug 2020 15:17:38 -0000

Les,

Please see inline.

From: Les Ginsberg (ginsberg) [mailto:ginsberg@cisco.com]
Sent: Tuesday, August 4, 2020 4:50 PM
To: DECRAENE Bruno TGI/OLN <bruno.decraene@orange.com>; lsr@ietf.org
Subject: RE: draft-ietf-lsr-isis-area-proxy-02

Bruno -

Please see inline.

From: Lsr <lsr-bounces@ietf.org<mailto:lsr-bounces@ietf.org>> On Behalf Of bruno.decraene@orange.com<mailto:bruno.decraene@orange.com>
Sent: Tuesday, August 04, 2020 5:45 AM
To: lsr@ietf.org<mailto:lsr@ietf.org>
Subject: [Lsr] draft-ietf-lsr-isis-area-proxy-02

Hi,

I may be missing something but the SR Binding SID TLV extension  is not clear to me.

1)      It does not seem compliant with RFC 8667

Draft says that the advertisement has: T-flag set, M & A flags cleared, SID/Label sub-TLV present, Prefix-SID sub-TLV NOT present


The following extensions to the Binding TLV are defined in order to

   support Area SID:



      A new flag is defined:



         T-flag: The SID directs traffic to an area.  (Bit 5)



         When T-flag is set:



            M and A flag MUST be clear



            Range and Prefix are ignored



      Section 2.4.4 of RFC 8667<https://tools.ietf.org/html/rfc8667#section-2.4..4> is altered to say:



         "The Prefix-SID sub-TLV MUST be present in the SID/Label

         Binding TLV when the M-Flag and T-flag are both clear.  The

         Prefix-SID sub-TLV MUST NOT be present when either the M-Flag

         or T-flag are set."



      Regarding the SID/Label sub-TLV Section 2.4.5 of RFC 8667<https://tools.ietf.org/html/rfc8667#section-2.4.5> is

      altered to say:



         "It MUST be present in the SID/Label Binding TLV when either

         the M-Flag or T-flag is set in the Flags field of the parent

         TLV."

https://tools.ietf.org/html/draft-ietf-lsr-isis-area-proxy-02#page-14



By definition, legacy L2 external  node will support vanilla RFC 8667, which says:
"The Prefix-SID sub-TLV MUST be present in the SID/Label Binding TLV when the M-Flag is clear."
https://www.rfc-editor.org/rfc/rfc8667.html#name-sid-label-binding-tlv

So it seems that the extension violates the above MUST in RFC8667, as regarding the Prefix-SID sub-TLV
-          Area proxy says "MUST NOT be present" (as T-flag is set)
-          RFC 8667 says "MUST be present" (as M-flag is cleared)


In addition to the above, legacy node _will_ interpret the 'Range' and 'Prefix' fields. So there is probably a need to specify which values need to be advertised for those legacy nodes. A priori range would be one as a single SID is advertised. Prefix seems more problematic as you need to find an IP prefix to advertise. And please let's avoid SID conflict and Prefix conflict...
[Les:] Format of the Binding TLV when the new T-bit is set is similar to the format when the M-bit is set in that Prefix-SID sub-TLV is NOT present.
A legacy node parsing the Binding TLV would be looking for the Prefix-SID sub-TLV (M-bit NOT set) and would not find it. The contents of the Binding TLV would therefore be unusable to a legacy node.
The correct behaviour for a legacy node would be to (optionally) report an "invalid TLV" and to ignore the TLV.
[Bruno]
Clearly, there is a way to advertise the SID without violating a MUST in a RFC. e.g. version -00 of this draft
I don't see a reason to define a spec which deliberately violates another spec. In the best case, this would report errors forever to the network operator. In the worst case, this could fall into a bug.


2)      It's not clear to me whether the segment/SID is global or local.
As per my understanding of the draft-ietf-lsr-isis-area-proxy use case, the area-proxy SID would be global (in the external L2): "Area SID which will direct traffic to any of the Inside Edge Routers."

But the SID/Label Sub-TLV used by area-proxy has no flag (L-flag) indicating whether the SID is global or local. One could argue that if it carries a label it's a local SID and if it carries and index it's a global SID. But this has not been specified.
It has also no "algorithm" indicating how it needs to be routed global, so at minimum would not work with different routing algo/flex algo.
I'm not seeing in RFC 8402 or 8667 any text saying that such SID would be global hence globally routed in the L2 domain. (To me, this IS-IS SID was local, but arguably also can't find text stating this).

[Les:] There is a subtle difference between the Prefix-SID sub-TLV as defined in https://www.rfc-editor.org/rfc/rfc8667.html#section-2.1 and the SID/Label sub-TLV defined in https://www.rfc-editor.org/rfc/rfc8667.html#SIDLABELSUBTLV

The Prefix-SID sub-TLV has a flags field which includes V-bit/L-bit to indicate whether the variable length field which follows is a 3 byte label (both bits set to 1) or a 4 byte index (both bits set to 0).

The SID/Label sub-TLV has no flags field. The length of the sub-TLV indicates whether the advertised value has is a label (length = 3)  or an index (length = 4).

[Bruno] Agreed so far.
Do we agree that draft-ietf-lsr-isis-area-proxy uses the SID/Label sub-TLV? We both agree that this sub-TLV has no mention of the global flag nor the routing algo to be used.
Coming back to my first question, is this segment expected to be global or local within the (external) L2?
I see no issue here.

I would also point out that the new Area Proxy SID sub-TLV ( https://tools.ietf.org/html/draft-ietf-lsr-isis-area-proxy-02#section-4.3.2 ) does include V/L bits - similar to the Prefix-SID sub-TLV.
[Bruno] yes but that one is only advertised within the area. I'm referring to the L2 advertisement external to the area.


At minimum, area-proxy would need to specify whether the SID is global and local. And if global, with which hard coded algorithm it is routed. (I would assume "0")

[Les:]Just as the Mirror SID has no algorithm associated, neither does the Area SID.
If you feel that is an issue, please expand on how you intend to use an algorithm specific Area SID.
[Bruno]
My understanding is that the IGP Mirror SID is a local segment.
For the area SID, I think it should be global, but I see no mention of this in the draft. Let's begin with the first question: in the (external) L2, is the area SID a global or local segment?

--Bruno
Thus far you seem more inclined to use an anycast  Prefix-SID, so I am not clear on what you think is needed here and why.
I would agree that if algorithm is required it is currently not available - but it is not yet clear that algorithm is required.

   Les

Thanks,
Regards,
--Bruno


_________________________________________________________________________________________________________________________



Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.



This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email