Re: [Lsr] https://tools.ietf.org/html/draft-wang-lsr-prefix-unreachable-annoucement-05

Aijun Wang <wangaijun@tsinghua.org.cn> Fri, 12 March 2021 03:50 UTC

Return-Path: <wangaijun@tsinghua.org.cn>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD9133A0ED3; Thu, 11 Mar 2021 19:50:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ov85hYyFQb0r; Thu, 11 Mar 2021 19:50:25 -0800 (PST)
Received: from mail-m17638.qiye.163.com (mail-m17638.qiye.163.com [59.111.176.38]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81E243A0E7B; Thu, 11 Mar 2021 19:50:25 -0800 (PST)
Received: from DESKTOP2IOH5QC (unknown [219.142.69.75]) by mail-m17638.qiye.163.com (Hmail) with ESMTPA id 2C9551C00EB; Fri, 12 Mar 2021 11:50:16 +0800 (CST)
From: "Aijun Wang" <wangaijun@tsinghua.org.cn>
To: "'Shraddha Hegde'" <shraddha=40juniper.net@dmarc.ietf.org>, "'Peter Psenak'" <ppsenak=40cisco.com@dmarc.ietf.org>, "'Robert Raszuk'" <robert@raszuk.net>
Cc: "'Gyan Mishra'" <hayabusagsm@gmail.com>, "'Aijun Wang'" <wangaj3@chinatelecom.cn>, "'Tony Li'" <tony.li@tony.li>, "'lsr'" <lsr@ietf.org>, "'Acee Lindem \(acee\)'" <acee@cisco.com>, "'draft-wang-lsr-prefix-unreachable-annoucement'" <draft-wang-lsr-prefix-unreachable-annoucement@ietf.org>
References: <22FDE3EA-B5D1-4E4D-B698-1D79173E8637@tony.li> <6E0281D2-7755-499A-B084-CA8472949683@chinatelecom.cn> <D6B0D95F-68AD-4A18-B98C-69835E8B149B@tony.li> <018801d71499$9890feb0$c9b2fc10$@tsinghua.org.cn> <CABNhwV2SpcDcm-s-WkWPpnVLpYB2nZGz2Yv0SfZah+-k=bGx4A@mail.gmail.com> <BFB3CE24-446A-4ADA-96ED-9CF876EA6A00@tony.li> <CAOj+MMGeR4bodbgpPqDCtLZD6XmX6fkjyxLWZAKa4LC2R1tBzg@mail.gmail.com> <ecf2e8b4-fdae-def6-1a29-ec1ae37f5811@cisco.com> <CAOj+MMFSEqVkM62TDAc6yn19Hup+v-9w=kiq_q6dVn39LcOkqQ@mail.gmail.com> <fdf0e62a-21fa-67e9-811d-5aa8749bb077@cisco.com> <CAOj+MMGqab_MSeZuwu0jLpCiDoZrcjnjebScscULsvnJt4_Sgw@mail.gmail.com> <2b2e9a39-ee2d-ab1c-2d59-ff5847c943e8@cisco.com> <CY4PR05MB35765902297C9BB51D34EA11D5909@CY4PR05MB3576.namprd05.prod.outlook.com>
In-Reply-To: <CY4PR05MB35765902297C9BB51D34EA11D5909@CY4PR05MB3576.namprd05.prod.outlook.com>
Date: Fri, 12 Mar 2021 11:50:15 +0800
Message-ID: <00f801d716f2$d0675a90$71360fb0$@tsinghua.org.cn>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQLxZrWFi6EiIeKD/IAcznzpxeLHfwGUGnU/AflsCmABY2bo8AHhSoj1ASphzVUBoe5vDQJStcmoAdsbSsgBwfyjSALzUI/FAeSLqiICC1xLIKeXh82A
Content-Language: zh-cn
X-HM-Spam-Status: e1kfGhgUHx5ZQUtXWQgYFAkeWUFZS1VLWVdZKFlBSkxLS0o3V1ktWUFJV1 kPCRoVCBIfWUFZSx1CSB8fSkNCTR0YVkpNSk5OSUpLSk1NSk1VEwETFhoSFyQUDg9ZV1kWGg8SFR 0UWUFZT0tIVUpKS09ISFVLWQY+
X-HM-Sender-Digest: e1kMHhlZQR0aFwgeV1kSHx4VD1lBWUc6ND46CQw4MT8NPQJWD1ZNKwNI AzFPChJVSlVKTUpOTklKS0pMTUtCVTMWGhIXVQwaFRwaEhEOFTsPCBIVHBMOGlUUCRxVGBVFWVdZ EgtZQVlJSkJVSk9JVU1CVUxOWVdZCAFZQUpNQkxLNwY+
X-HM-Tid: 0a78248e6ab1d993kuws2c9551c00eb
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/peSbuLceUMRExzk7Knoc74UBkZg>
Subject: Re: [Lsr] https://tools.ietf.org/html/draft-wang-lsr-prefix-unreachable-annoucement-05
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Mar 2021 03:50:29 -0000

Hi, Shraddha:

I think Anycast protection mechanism is valid but it requires the deployment of anycast address for each multi-home pair services("The number of anycast loopbacks on a given node will be equal to the number of such {primary, protector} pairs a node belongs to."), and another thing is that they are applying only the SR-based service network.

Peter has mentioned some other scenarios(mainly tunnel services) at https://mailarchive.ietf.org/arch/msg/lsr/lz0FeTvu8OsYIYAJ83eYspmH7B8/
PUA messages can be used to trigger the tunnel switchover, besides the egress node/link protection.

Best Regards

Aijun Wang
China Telecom


-----Original Message-----
From: lsr-bounces@ietf.org <lsr-bounces@ietf.org> On Behalf Of Shraddha Hegde
Sent: Friday, March 12, 2021 2:16 AM
To: Peter Psenak <ppsenak=40cisco.com@dmarc.ietf.org>rg>; Robert Raszuk <robert@raszuk.net>
Cc: Gyan Mishra <hayabusagsm@gmail.com>om>; Aijun Wang <wangaijun@tsinghua.org.cn>cn>; Aijun Wang <wangaj3@chinatelecom.cn>cn>; Tony Li <tony.li@tony.li>li>; lsr <lsr@ietf.org>rg>; Acee Lindem (acee) <acee@cisco.com>om>; draft-wang-lsr-prefix-unreachable-annoucement <draft-wang-lsr-prefix-unreachable-annoucement@ietf.org>
Subject: Re: [Lsr] https://tools.ietf.org/html/draft-wang-lsr-prefix-unreachable-annoucement-05

I agree problem is valid for networks that use summarization and leaking for inter-domain connectivity.
However, I don't think the solution space has to be in IGP.
There are various different ways the problem could be solved. 
A network could deploy egress protection [RFC 8679] or anycast based egress protection [draft-hegde-rtgwg-egress-protection-sr-networks] which will ensure packets aren't dropped Due to remote PE node failure. This mechanism is faster compared to other possible Solutions  because if addresses failure  at the PLR and provides protection.


Rgds
Shraddha


Juniper Business Use Only

-----Original Message-----
From: Lsr <lsr-bounces@ietf.org> On Behalf Of Peter Psenak
Sent: Tuesday, March 9, 2021 5:07 PM
To: Robert Raszuk <robert@raszuk.net>
Cc: Gyan Mishra <hayabusagsm@gmail.com>om>; Aijun Wang <wangaijun@tsinghua.org.cn>cn>; Aijun Wang <wangaj3@chinatelecom.cn>cn>; Tony Li <tony.li@tony.li>li>; lsr <lsr@ietf.org>rg>; Acee Lindem (acee) <acee@cisco.com>om>; draft-wang-lsr-prefix-unreachable-annoucement <draft-wang-lsr-prefix-unreachable-annoucement@ietf.org>
Subject: Re: [Lsr] https://tools.ietf.org/html/draft-wang-lsr-prefix-unreachable-annoucement-05

[External Email. Be cautious of content]


Robert,

On 09/03/2021 12:20, Robert Raszuk wrote:
>
>  > In addition you may have a hierarchical RR, which would still 
> involve  > BGP signalling.
>
> Last time I measured time it takes to propage withdraw via good RR was 
> single milliseconds.
>
>
>  > because BGP signalling is prefix based and as a result slow.
> +
>  > that is the whole point, you need something that is prefix independent.
>
> BGP can be easily setup in prefix independent way today.
>
> Example 1:
>
> If session to PE1 goes down, withdraw all RDs received from such PE.

still dependent on RDs and BGP specific. We want app independent way of signaling the reachability loss. At the end that's what IGPs do without a presence of summarization.

Again, I'm not advocating the solution proposed in draft-wang-lsr-prefix-unreachable-annoucement. I'm just saying the problem seems valid  and IGP based solution is not an unreasonable thing to consider if a reasonable one can be found.

>
> Example 2:
>
> Use IGP recursion - Use RFC3107 to construct your interarea LSPs. If 
> PE

there is no LSP in SRv6.

Peter

> goes down withdraw it. IGP can still signal summary no issue as no
> inet.3 route.
>
> Best,
> R.
>
>
> On Tue, Mar 9, 2021 at 12:12 PM Peter Psenak <ppsenak@cisco.com 
> <mailto:ppsenak@cisco.com>> wrote:
>
>     Hi Robert,
>
>     On 09/03/2021 12:02, Robert Raszuk wrote:
>      > Hey Peter,
>      >
>      > Well ok so let's forget about LDP - cool !
>      >
>      > So IGP sends summary around and that is all what is needed.
>      >
>      > So the question why not propage information that PE went down in
>     service
>      > signalling - today mainly BGP.
>
>     because BGP signalling is prefix based and as a result slow.
>
>      >
>      >  >   And forget BFD, does not scale with 10k PEs.
>      >
>      > You missed the point. No one is proposing full mesh of BFD sessions
>      > between all PEs. I hope so at least.
>      >
>      > PE is connected to RRs so you need as many BFD sessions as RR to
>     PE BGP
>      > sessions.
>
>     that can be still too many.
>     In addition you may have a hierarchical RR, which would still involve
>     BGP signalling.
>
>     Once that session is brought down RR has all it needs to
>      > trigger a message (withdraw or implicit withdraw) to remove the
>      > broken service routes in a scalable way.
>
>     that is the whole point, you need something that is prefix independent.
>
>     thanks,
>     Peter
>
>      >
>      > Thx,
>      > R.
>      >
>      > PS. Yes we still need to start support signalling of
>     unreachability in
>      > BGP itself when BGP is used for underlay but this is a bit
>     different use
>      > case and outside of scope of LSR
>      >
>      >
>      > On Tue, Mar 9, 2021 at 11:55 AM Peter Psenak <ppsenak@cisco.com
>     <mailto:ppsenak@cisco.com>
>      > <mailto:ppsenak@cisco.com <mailto:ppsenak@cisco.com>>> wrote:
>      >
>      >     Robert,
>      >
>      >     On 09/03/2021 11:47, Robert Raszuk wrote:
>      >      >  > You’re trying to fix a problem in the overlay by
>     morphing the
>      >      > underlay.  How can that seem like a good idea?
>      >      >
>      >      > I think this really nails this discussion.
>      >      >
>      >      > We have discussed this before and while the concept of
>     signalling
>      >      > unreachability does seem useful such signalling should be done
>      >     where it
>      >      > belongs.
>      >      >
>      >      > Here clearly we are talking about faster connectivity
>     restoration
>      >     for
>      >      > overlay services so it naturally belongs in overlay.
>      >      >
>      >      > It could be a bit misleading as this is today underlay which
>      >     propagates
>      >      > reachability of PEs and overlay relies on it. And to scale,
>      >      > summarization is used hence in the underlay, failing
>     remote PEs
>      >     remain
>      >      > reachable. That however in spite of many efforts in lots of
>      >     networks are
>      >      > really not the practical problem as those networks still
>     relay on
>      >     exact
>      >      > match of IGP to LDP FEC when MPLS is used. So removal of
>     /32 can and
>      >      > does happen.
>      >
>      >     think SRv6, forget /32 or /128 removal. Think summarization.
>      >
>      >     I'm not necessary advocating the solution proposed in this
>     particular
>      >     draft, but the problem is valid. We need fast detection of
>     the PE loss.
>      >
>      >     And forget BFD, does not scale with 10k PEs.
>      >
>      >     thanks,
>      >     Peter
>      >
>      >
>      >
>      >      >
>      >      > In the same time BGP can pretty quickly (milliseconds)
>      >     remove affected
>      >      > service routes (or rather paths) hence connectivity can be
>      >     restored to
>      >      > redundantly connected endpoints in sub second. Such
>     removal can
>      >     be in a
>      >      > form of atomic withdraw (or readvertisement), removal of
>     recursive
>      >      > routes (next hop going down) or withdraw of few RD/64
>     prefixes.
>      >      >
>      >      > I am not convinced and I have not seen any evidence that if we
>      >     put this
>      >      > into IGP it will be any faster across areas or domains
>     (case of
>      >      > redistribution over ASBRs to and from IGP to BGP). One
>     thing for
>      >     sure -
>      >      > it will be much more complex to troubleshoot.
>      >      >
>      >      > Thx,
>      >      > R.
>      >      >
>      >      > On Tue, Mar 9, 2021 at 5:39 AM Tony Li <tony.li@tony.li
>     <mailto:tony.li@tony.li>
>      >     <mailto:tony.li@tony.li <mailto:tony.li@tony.li>>
>      >      > <mailto:tony.li@tony.li <mailto:tony.li@tony.li>
>     <mailto:tony.li@tony.li <mailto:tony.li@tony.li>>>> wrote:
>      >      >
>      >      >
>      >      >     Hi Gyan,
>      >      >
>      >      >      >     Gyan> In previous threads BFD multi hop has been
>      >     mentioned to
>      >      >     track IGP liveliness but that gets way overly complicated
>      >     especially
>      >      >     with large domains and not viable.
>      >      >
>      >      >
>      >      >     This is not tracking IGP liveness, this is to track
>     BGP endpoint
>      >      >     liveness.
>      >      >
>      >      >     Here in 2021, we seem to have (finally) discovered
>     that we can
>      >      >     automate our management plane. This ameliorates a
>     great deal of
>      >      >     complexity.
>      >      >
>      >      >
>      >      >      >     Gyan> As we are trying to signal the IGP to
>     trigger the
>      >      >     control plane convergence, the flooding machinery in
>     the IGP
>      >     already
>      >      >     exists well as the prefix originator sub TLV from the
>     link or
>      >     node
>      >      >     failure.  IGP seems to be the perfect mechanism for
>     the control
>      >      >     plane signaling switchover.
>      >      >
>      >      >
>      >      >     You’re trying to fix a problem in the overlay by
>     morphing the
>      >      >     underlay.  How can that seem like a good idea?
>      >      >
>      >      >
>      >      >      >       Gyan>As I mentioned advertising flooding of
>     the longer
>      >      >     prefix defeats the purpose of summarization.
>      >      >
>      >      >
>      >      >     PUA also defeats summarization.  If you really insist
>     on faster
>      >      >     convergence and not building a sufficiently redundant
>      >     topology, then
>      >      >     yes, your area will partition and you will have to pay the
>      >     price of
>      >      >     additional state for your longer prefixes.
>      >      >
>      >      >
>      >      >      > In order to do what you are stating you have to
>     remove the
>      >      >     summarization and go back to domain wide flooding
>      >      >
>      >      >
>      >      >     No, I’m suggesting you maintain the summary and ALSO
>      >     advertise the
>      >      >     longer prefix that you feel is essential to reroute
>     immediately.
>      >      >
>      >      >
>      >      >      > which completely defeats the goal of the draft
>     which is to
>      >     make
>      >      >     host route summarization viable for operators.  We
>     know the
>      >     prefix
>      >      >     that went down and that is why with the PUA negative
>      >     advertisement
>      >      >     we can easily flood a null0 to block the control plane
>     from
>      >      >     installing the route.
>      >      >
>      >      >
>      >      >     So you can also advertise the more specific from the
>      >     connected ABR…
>      >      >
>      >      >
>      >      >      > We don’t have any prior knowledge of the alternate
>     for the
>      >     egress
>      >      >     PE bgp next hop attribute for the customer VPN
>     overlay.  So
>      >     the only
>      >      >     way to accomplish what you are asking is not do any
>     summarization
>      >      >     and flood al host routes.  Of course  as I stated
>     defeats the
>      >      >     purpose of the draft.
>      >      >
>      >      >
>      >      >     Please read again.
>      >      >
>      >      >     Tony
>      >      >
>      >      >     _______________________________________________
>      >      >     Lsr mailing list
>      >      > Lsr@ietf.org <mailto:Lsr@ietf.org> <mailto:Lsr@ietf.org
>     <mailto:Lsr@ietf.org>> <mailto:Lsr@ietf.org <mailto:Lsr@ietf.org>
>      >     <mailto:Lsr@ietf.org <mailto:Lsr@ietf.org>>>
>      >      > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/lsr__;!!NEt6yMaO-gk!QNHPABFYBen6qbmt6hiQ4B3EwShSGUz40c2NFKvGTCyozXP3LpTpWT2562wntcNw$
>      >      >
>      >
>

_______________________________________________
Lsr mailing list
Lsr@ietf.org
https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/lsr__;!!NEt6yMaO-gk!QNHPABFYBen6qbmt6hiQ4B3EwShSGUz40c2NFKvGTCyozXP3LpTpWT2562wntcNw$
_______________________________________________
Lsr mailing list
Lsr@ietf.org
https://www.ietf.org/mailman/listinfo/lsr