IETF Logo Mail Archive

Re: [mpls] MPLS-RT review of draft-chen-mpls-source-label

Eric Rosen <erosen@cisco.com> Thu, 29 May 2014 16:22 UTC

Return-Path: <erosen@cisco.com>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12CBE1A0459 for <mpls@ietfa.amsl.com>; Thu, 29 May 2014 09:22:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.152
X-Spam-Level:
X-Spam-Status: No, score=-15.152 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1br9kcqrN6l6 for <mpls@ietfa.amsl.com>; Thu, 29 May 2014 09:22:47 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F6D81A0177 for <mpls@ietf.org>; Thu, 29 May 2014 09:22:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10796; q=dns/txt; s=iport; t=1401380564; x=1402590164; h=from:to:cc:subject:in-reply-to:reply-to:date:message-id; bh=boI28SobxCNL7H6N3tZNjDqAsUTv6/SbshKwlfqyFlc=; b=Wb0sGdLvphCaJWITFW0/jaiRTHLmS8rc0hJ57Y3zDeUBlYHwzXUpq0k5 xmMULiXGXRCdvg4o055O1/Iof4mneBEGAMhXKCw1CJ1y+O4WoHaEbLhTK +qbSan0Mt//GqRZO4hMUAjS0+M2og9wU+wnN4rl1x5aRLn7s65x0qCfkO U=;
X-IronPort-AV: E=Sophos;i="4.98,934,1392163200"; d="scan'208";a="328921416"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by rcdn-iport-3.cisco.com with ESMTP; 29 May 2014 16:22:43 +0000
Received: from erosen-lnx.cisco.com (erosen-lnx.cisco.com [161.44.71.19]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id s4TGMhfG024962; Thu, 29 May 2014 16:22:43 GMT
Received: from erosen-lnx (localhost [127.0.0.1]) by erosen-lnx.cisco.com (Postfix) with ESMTP id EC46B4E; Thu, 29 May 2014 12:22:42 -0400 (EDT)
From: Eric Rosen <erosen@cisco.com>
To: Mach Chen <mach.chen@huawei.com>
In-reply-to: Your message of Fri, 16 May 2014 06:46:52 -0000. <F73A3CB31E8BE34FA1BBE3C8F0CB2AE25D9C5107@SZXEMA510-MBX.china.huawei.com>
Date: Thu, 29 May 2014 12:22:42 -0400
Message-ID: <30111.1401380562@erosen-lnx>
Archived-At: http://mailarchive.ietf.org/arch/msg/mpls/U_R7Nd3SbpEGkFDPPjl-3h62V9w
Cc: "mpls@ietf.org" <mpls@ietf.org>
Subject: Re: [mpls] MPLS-RT review of draft-chen-mpls-source-label
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: erosen@cisco.com
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 May 2014 16:22:50 -0000

Mach> My point is that the distribution mechanisms should be defined in
Mach> separate documents

I don't think anyone is really concerned right now with the number of
documents used to define the "source label" mechanisms.  The issue at hand
is whether the "source label" proposal is architecturally sound.  Any
proposal that uses scoped identifiers has to provide mechanisms that
prevent the identifiers from leaking out of their intended scope, either via
the control plane or the data plane.  Right now there is no draft or set of
drafts that we can look at to see how the scoping is enforced.  The
source-label draft is just one piece of the architecture, and I don't think
it can be accepted until we can determine whether the architecture can be
completed.  

If one looks at the two proposed distribution mechanisms for which there are
internet drafts (draft-chen-isis-source-label and
draft-chen-ospf-source-label), we see that these two proposals only
distribute the labels within a single IGP domain.  Since the scope of a
source label is not restricted to a single IGP domain, we can conclude that
these two proposals are not, by themselves, adequate.

The drafts also don't seem to have any procedures for dealing with the case
where two nodes advertise the same source label.

Mach> There may need other solutions (e.g., BGP extensions) for the
Mach> distribution in that case. This should be discussed when we start to
Mach> define the distribution mechanisms.

I think we need to see the proposal for the BGP extensions before the
source-label draft can be considered.  That is, I don't think the WG should
accept the SL draft until some progress has been made in defining the
distribution mechanisms.

Xiaohu> the SL advertisement could be done by a centralized mapping server

Sure, one could imagine a provisioning system that knows exactly which
egress LSRs need to know the source labels for which ingress LSRs, and would
provision the LSR accordingly.  However, unless the draft is going to say
that source labels MUST NOT be used unless there is such provisioning
system, this doesn't really help.  Also, this doesn't address the issue of
source labels in the data plane leaking outside the domain.

Eric> The ingress would have know, not only that the egress is capable of
Eric> processing the source label, but that the egress will interpret the
Eric> source label in the proper scope.  The draft doesn't address the issue
Eric> of how to ensure that ingress and egress agree on the intended scope
Eric> of the label.

Mach> For single domain case, the SLC will be only exchanged among the LSRs
Mach> within the domain, when the ingress knows the egress can support SLC,
Mach> it implicit indicates that the egress will interpret the SL in the
Mach> same scope of itself.

Mach> Actually, even for multiple domains, it is still the case, since SL
Mach> will be used across domains, the SL space should be shared by the
Mach> domains.

The question is, how does the ingress LSR know that the egress LSR is in the
same domain, or in a domain that shares the same SL space?  I think you're
assuming that the capability advertisement from the egress will not cross
the domain boundary.  Given that assumption, if an ingress LSR sees an SL
capability advertisement from an egress LSR, the ingress could assume that
the egress is in the same domain.  However, the SLC signaling mechanisms
described in the draft do not prevent the SL Capability signal from crossing
a domain boundary.  On the contrary, the mechanisms described in the draft
will cause the SLC to be signaled from egress to ingress with no regard for
domain boundaries.

Consider, for instance, the LDP extensions.  From section 6.1.1:

   "If all the advertised Mappings for F include the SLC TLV, then X
    MUST advertise its Mapping for F with the SLC TLV."

This will cause the SLC to go from egress to ingress, with no regard for
domain boundaries.   Perhaps the above should say "MAY advertise", and
should have some discussion of policy.

Section 6.1.2 proposes a BGP path attribute to signal the SL Capability:

    "When Border Gateway Protocol (BGP) [RFC4271] is used for distributing
    Network Layer Reachability Information (NLRI) as described in, for
    example, [RFC3107], [RFC4364], the BGP UPDATE message may include the
    SLC attribute as part of the Path Attributes.  This is an optional,
    transitive BGP attribute of value TBD3.  The inclusion of this attribute
    with an NLRI indicates that the advertising BGP router can process
    Source Labels as an egress LSR for all routes in that NLRI.

    ...

    Suppose a BGP speaker T receives an UPDATE U with the SLC attribute.  T
    has two choices.  T can simply re-advertise U with the SLC attribute if
    either of the following is true:

    B1: T does not change the NEXT_HOP attribute OR

    B2: T simply swaps labels without popping the entire label stack and
    processing the payload below."

Note that if the SLC attribute is an optional transitive attribute, then if
T does not understand this attribute, T will pass it along even if
conditions B1 and B2 do not hold.  (Perhaps the attribute needs to be
non-transitive.)

B2 is a little hard to understand.  Let P be the prefix in the NLRI of
update U.  I think the intention is that the SLC attribute be left on by T
if each of T's installed routes to P has the SLC attribute.  (B2 as written
seems to be about the data plane, but the context of this section is the
control plane.)

Even if B1 does hold, it may still be incorrect for router T to pass along the
SLC.  For example, suppose the data path from R1 to R2 is as follows:

      R1---ASBR1---ASBR2---R2

but suppose that R1 and R2 exchange VPN routes through a different path:

      R1---T1---T2---R2

where T1 and T2 aren't in the data path at all.  This could occur in an
"option C" type of interconnect. (RFC4364 section 10 option c.)  Suppose
that R1 and R2 are in different domains.  T1 and T2 would leave the next hop
unchanged.  When R1 has data to send to P, it would find R2 to be the next
hop, and then would do recursive route resolution to find that ASBR1 is its
next hop to R2.  In this scenario, R1's route to P would have the SLC
attribute, but R2 would not properly interpret R1's source label.

To make this work at all, you'd have to mandate that the SLC attribute
be attached to a route that travels along the data path (i.e., goes through
the ASBRs), and there would have to be policy at the ASBRs that strips off
the SLC if the ASBRs are at a domain boundary.  The proper behavior when
recursive route resolution is done would also have to be specified.

I'm having some trouble understanding the following paragraph from the draft:

   "However, if T changes the NEXT_HOP attribute for U and in the data plane
   pops the entire label stack to process the payload, T MAY include an SLC
   attribute for UPDATE U' if both of the following are true:"

   C1: T sets the NEXT_HOP attribute of U' to itself AND

   C2: T can process source labels.  Otherwise, T MUST remove the SLC
   attribute."
    
The term UPDATE U' doesn't appear to have been defined anywhere, though I
assume this is meant to be the update you get when you take Update U and
change the next hop.  Does the phrase "and in the data plane pops the entire
label stack to process the payload" mean that T is the egress LSR for the
prefix in U's NLRI?  If so, I don't think this entire paragraph is needed,
as T will be originating an Update for that prefix, and will include the SLC
attribute if necessary.

Eric> With no structure and no "domain identifier" in the source label, it
Eric> is very easy end up with non-unique labels within a domain.

Mach> There are also many non-structure cases, for example, Router ID,
Mach> Segment ID, VE ID of BGP VPLS
Mach> (http://tools.ietf.org/html/rfc4761#section-3.4.4 ), they work fine.

I have to admit that I have always regarded the VPLS VE IDs as a very bad
idea.  However, they do have a well-defined scope, namely a single VPLS.
RT-based mechanisms are used to constrain their distribution so that they
don't leak unintentionally into other VPLSes.  And the VE IDs do not appear
in the data packets.  These characteristics make it possible to get away
with an unstructured identifier space.  SLs don't seem to have a
well-defined scope, or a well-defined distribution mechanism, and they do
get carried by data packets.  Leakage out of the intended domain is thus
much more of a problem.  So I don't think SLs can be compared to VPLS VE
IDs.

With regard to router ids, if you've ever followed any of the vituperative
discussions that arise when router ids are discussed (e.g., when discussing
whether a 32-bit id is appropriate for an IPv6-based protocol), you'll see
that there are quite a few issues in the management of that numbering space.

Mach> In addition, even for your RT example, for L3VPN inter-AS scenario,
Mach> the RT has to be considered as single space, the domain identifier
Mach> does not help here.

RTs are structured so that a SP can allocate RT values that are globally
unique, not just unique within a domain.  So a "domain identifier" is not
needed.  I believe it is true that some SPs use  RTs that are not globally
unique, but that is a choice they have made for themselves, not a choice
that is forced upon them by the architecture.

Eric> One might also ask why there is a need to use a 20-bit label to
Eric> identify a node, instead of using some other format.

Mach> We are talking about identifying the source of an LSP, and the label
Mach> stack is the MPLS header and there are only labels, then seems that a
Mach> label to identify the ingress LSR is a naturally choice.

A couple of other possibilities come readily to mind:

- Treat the SLI as the bottom of the stack, and follow it with a 32-bit
  address (or even a 128-bit address) of the ingress.  (Or maybe use
  something based on the "generic associated channel".)

- Use two label stack entries and stuff a 32-bit "router id" in them,
  using more per-packet overhead but eliminating the need to manage a 20-bit
  domain-wide numbering space.

But perhaps the use case is easier to implement if the SL fits into the same
20 bits usually used for labels.  If so, that would be worth mentioning.

With regard to the name,

Xiaohu> What about IIL (Ingress Identification Label)?

I do like that better.

However, getting all the details right is going to be a lot of work,
especially for something that has only one use case, and a controversial one
at that.

v2.23.0 | Report a Bug | By Email