[MBONED] Benjamin Kaduk's No Objection on draft-ietf-mboned-deprecate-interdomain-asm-06: (with COMMENT)
Benjamin Kaduk via Datatracker <noreply@ietf.org> Thu, 09 January 2020 02:54 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: mboned@ietf.org
Delivered-To: mboned@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 83AEC12004F; Wed, 8 Jan 2020 18:54:14 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benjamin Kaduk via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-mboned-deprecate-interdomain-asm@ietf.org, Colin Doyle <cdoyle@juniper.net>, mboned-chairs@ietf.org, cdoyle@juniper.net, mboned@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.115.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Benjamin Kaduk <kaduk@mit.edu>
Message-ID: <157853845450.22456.7347219322097492103.idtracker@ietfa.amsl.com>
Date: Wed, 08 Jan 2020 18:54:14 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/mboned/mYNzlfQm1f8CtwwTrXnGMvMERTQ>
Subject: [MBONED] Benjamin Kaduk's No Objection on draft-ietf-mboned-deprecate-interdomain-asm-06: (with COMMENT)
X-BeenThere: mboned@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Mail List for the Mboned Working Group <mboned.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mboned>, <mailto:mboned-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mboned/>
List-Post: <mailto:mboned@ietf.org>
List-Help: <mailto:mboned-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mboned>, <mailto:mboned-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2020 02:54:15 -0000
Benjamin Kaduk has entered the following ballot position for draft-ietf-mboned-deprecate-interdomain-asm-06: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-mboned-deprecate-interdomain-asm/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for this well-written document! Section 2.1 to deliver traffic from the sender(s) to the receivers. If there are multiple senders for a given group, traffic from all senders will be delivered to the receiver. Since receivers specify only the group nit: "receivers" plural. Section 3.1 troubleshoot. Some of these issues include complex flooding Reverse Path Forwarding (RPF) rules, state attack protection, and filtering of undesired sources. I'm not sure how to parse "complex flooding Reverse Path Forwarding (RPF) rules" (but think I could figure out "complex Reverse Path Forwarding (RPF) flooding rules" -- do I need to try harder? within one domain. While this approach solves the MSDP issues, it does not solve the problem of unauthorised sources sending traffic to ASM multicast groups; this security issue is one of biggest problems of interdomain multicast. Perhaps it's worth expanding on the security issue as including a substantial level of traffic amplification. (Or do I misunderstand the security issue?) Section 4.1 The more inclusive interpretation of this recommendation is that it also extends to deprecating use of ASM in the case where PIM is Are we claiming or disclaiming this "more inclusive interpretation"? The current wording feels ambiguous, and I don't think we should leave it that way. Section 4.2 support SSM (i.e., explicitly sending source-specific reports). The updated IPv6 Node Requirements RFC [I-D.ietf-6man-rfc6434-bis] states nit: the I-D reference is not yet an RFC, so it's not proper to refer to it as one; since it's only an informative reference we will not necessarily wait to publish this document until that one has an RFC number assigned, so I think this should be reworded. (Also, even if there was a new RFC number, "updated [...] RFC [RFCXXXX]" would still scan kind of strangely.) Section 4.3 The recommendation to use SSM for interdomain multicast means that applications should properly trigger the sending of IGMPv3/MLDv2 source-specific report messages. It should be noted, however, there is a wide range of applications today that only support ASM. In many cases this is due to application developers being unaware of the operational concerns of networks. This document serves to provide clear direction for application developers to support SSM. Without some discussion of the relative level of difficulty for applications tosupport SSM (to compare against the well-portrayed problems with network support for ASM), it would be fairly easy to misread this as network operators getting an IETF BCP to try to force applications to do what's easy for the network. I'm given to understand that's not actually the case here, as the changes in application software are fairly minor, and no one would expect existing applications to grow a way to announce multicast source addresses spontaneously, so a little more text might go a long way. Section 4.4 While the WG discussions had consensus that best practices should be developed to explain when to use SSM in applications, e.g, when ASM without (S,G) state in the network is better, or when dedicated service-discovery mechanisms should be used, it was agreed that documenting such practices are outside the scope of this document. It might be possible to rephrase this in terms of "the conclusions of the MBONED WG" or "the consensus of the MBONED WG"; the current phrasing feels a little informal to me, though I don't place much weight on my sentiment here. Section 4.6 A lot of this section feels somewhat speculative and leaves me uncertain what the BCP recommendations in this space are. In the case of existing ASM applications that cannot readily be ported to SSM, it may be possible to use some form of protocol mapping, i.e., to have a mechanism to translate a (*,G) join or leave to a (S,G) join or leave, for a specific source, S. The general nit: I think this would read better with fewer commas, i.e., "to translate a (*,G) join or leave to a (S,G) join or leave for a specific source S". Section 4.9 it. This allows easy migration of ASM applications to SSM/PIM-SSM solely through application side development to handle source- nit: hyphenate "application-side". signaling via IGMPv3/MLDv2 and using SSM addresses. No network Do the application developers also consider this work "easy"? ;) When running PIM-SM, IGMPv3/MLDv2 (S,G) membership reports may also result in the desired PIM-SSM (S,G) operations and bypass any RP procedures, but this is not standardized but depends on implementation and may require additional configuration in available products. [...] nit: this sentence is fairly long and convoluted; could it be reworded and/or split up into smaller pieces? Note that these migration recommendations do not include the considerations when or how to evolve those intradomain applications best served by ASM/Bidir-PIM from PIM-SM to Bidir-PIM. This may also be important but is outside the scope of this document. nit: is there a missing word ("for"/"about"/"on") after "considerations"? Accordingly, this document recommends that future work for general purpose interdomain IP multicast focus on SSM items listed in Section 4. nit: hyphenate "general-purpose". Section 6 We could perhaps consider mentioning again the consequences of infrastructure assuming that SSM-range addresses are always used for SSM, such as during the transition period where applications migrating from ASM to SSM continue to use ASM-range addresses, as mentioned in Section 4.7. Changing the model for intradomain multicast to one where source discovery/state-propagation is not done by the network and is instead a responsibility of the application layer means that the applications are responsible for properly implementing such functionality. While it's true that we do want applications to not have bugs in general (and that would hopefully go without saying), we might want to discuss the scope of potential issues if applications get this wrong. Could application bugs (or bugs in host-level IGMPv3 or MLDv2 implementations) specific to SSM usage lead to any worse problems than just "application traffic doesn't flow", e.g., state exhaustion in the network? Section 10.1 I'm not seeing any references to RFC 4610 that would qualify it as normative; if normative is indeed the proper status, perhaps additional citations are in order?
- [MBONED] Benjamin Kaduk's No Objection on draft-i… Benjamin Kaduk via Datatracker
- Re: [MBONED] Benjamin Kaduk's No Objection on dra… Tim Chown