IETF Logo Mail Archive

Re: [mpls] [spring] Special purpose labels in draft-hegde-spring-traffic-accounting-for-sr-paths

Stewart Bryant <stewart.bryant@gmail.com> Wed, 22 November 2017 09:56 UTC

Return-Path: <stewart.bryant@gmail.com>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85DE61293EB; Wed, 22 Nov 2017 01:56:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qx9efgId80Ew; Wed, 22 Nov 2017 01:56:10 -0800 (PST)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0C58127B60; Wed, 22 Nov 2017 01:56:09 -0800 (PST)
Received: by mail-wm0-x230.google.com with SMTP id b189so8999263wmd.0; Wed, 22 Nov 2017 01:56:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=V0I1bUNuIeqrXx8wcI10DMnaF4SqAE2GCu6bNGah+xQ=; b=azjbSzlIEYMHW4FTOhGwGkeW1otfLhdIPwQY+SyjfOYUJTN1fpZoB7lt0dt3Q9PnSN 877gdb4JYW0x+jgsAiafvEYGzUXrTFpb+FdZKjd1g//Ca6ppPu0w9PpDpKWeNaIi8dzd M7uqo2CuW84FaJ67EWMTpEXUQu8H70I05ZuOFqQ+FtanSdoCuVD8rKSWrhzrPFvKMn9r pkS/2YFeLAtG1ruZ1mVMO58fbTlkqxwEh3TojhOTPUDaRWeMMtLS6SHDfuTYELV5uasK 6DfDnE27umZFHgZ0nNJL9yJ2r687aZctFGbI1a8gXTvXbp3tDqyUovlbgna3tTLfB7eJ qebw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=V0I1bUNuIeqrXx8wcI10DMnaF4SqAE2GCu6bNGah+xQ=; b=BjGghIR5DRdA5+m//zIpdGc8dpdoZEm0uXTKCd1Btsql1Hrb11qJYE2pEGoAMUXkYB 7OyT51Ig0HoM5aqOsOO0PdXdajfkmDoZ2INgJWmjyO3ldVb5BHED+oCUMP3WoAQGGFp8 t6VD+JwaWA5GkQ36OLRGYq7WpKleZaR2XuFjOEuxF6XaaT4xMNrBvq/mLXGlDTBFbVe0 pTRAXZdMNwumOvzLA86cjwTDey2hxei9VhyRAl5zjlKk+bTkc2nUEuK7ZojOjfSbpYLN 1g5Zav0IhcLtm8qmSFnIrk294XGshLQVUvH3sxDIuDkQyPGDq/XCAGoHeDD0zeWeKWt5 G7YA==
X-Gm-Message-State: AJaThX7NC/qcxQDzFo4yWIBUazHUZ1n0FQj2JDRH7x0jIPDaEh4RAOk4 +SB19FMtjhp/sagX4GfNPU7ruLZ8
X-Google-Smtp-Source: AGs4zMY2p0ZOe2oasNrGgblAvyhkHanQOrw/iZSZMptqlRsQlUhq6lxli6c6bMfI+Sz6JNG8M8+9Rg==
X-Received: by 10.80.152.6 with SMTP id g6mr27361020edb.28.1511344567594; Wed, 22 Nov 2017 01:56:07 -0800 (PST)
Received: from [192.168.2.126] (host213-123-124-182.in-addr.btopenworld.com. [213.123.124.182]) by smtp.gmail.com with ESMTPSA id c22sm2775185eda.13.2017.11.22.01.56.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Nov 2017 01:56:06 -0800 (PST)
To: "Zafar Ali (zali)" <zali@cisco.com>, "adrian@olddog.co.uk" <adrian@olddog.co.uk>
Cc: 'mpls' <mpls@ietf.org>, 'spring' <spring@ietf.org>
References: <CA+RyBmUHAkuA3o-LpHhMwCbkh0k+emt9OZ3B8Njj2h=jaasTZw@mail.gmail.com> <3B1EE673-044F-4E47-9C56-6FF360905C58@cisco.com> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE3047CEC9@NKGEML515-MBS.china.huawei.com> <CA+RyBmVC2OjEs-=1WsL13eBmycZtnYnM8ybSdmWhGPByLKNQfA@mail.gmail.com> <1FEE3F8F5CCDE64C9A8E8F4AD27C19EE3047D106@NKGEML515-MBS.china.huawei.com> <EF064624-CF4D-4B88-823E-DAB9957B9336@cisco.com> <MWHPR05MB35512AD68B9CE96E8A5E7255C72E0@MWHPR05MB3551.namprd05.prod.outlook.com> <A9BFDECC-84A4-42E6-83CD-D09A2D48BA75@cisco.com> <189901d36076$aa76b4b0$ff641e10$@olddog.co.uk> <0EAD8CC9-8C65-4A78-896B-D96F42230020@cisco.com>
From: Stewart Bryant <stewart.bryant@gmail.com>
Message-ID: <58175df6-8969-7868-eb01-f93d15ae0832@gmail.com>
Date: Wed, 22 Nov 2017 09:56:04 +0000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <0EAD8CC9-8C65-4A78-896B-D96F42230020@cisco.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/mpls/iLlEEXCxHTZvLv_kFz3jmS_FUJI>
Subject: Re: [mpls] [spring] Special purpose labels in draft-hegde-spring-traffic-accounting-for-sr-paths
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Nov 2017 09:56:12 -0000

Comments inline:


On 20/11/2017 23:36, Zafar Ali (zali) wrote:
> Hi Adrian,
>
> Some comments are provided in-line.
>
> Please note that, we all want to let this lingering tread die and follow-up on the next steps noted during this email exchange. I will be happy to have a webEx call and discuss it further, offline.

No, some of us would  like to resolve the issue since it raises 
interesting architectural issues with SR.

>
> Thanks
>
> Regards … Zafar
>
> On 11/18/17, 9:08 AM, "Adrian Farrel" <adrian@olddog.co.uk> wrote:
>
> <snip>
>      
>      >>> procedure (in draft-hegde-spring-traffic-accounting-for-sr-paths) that breaks SR
>      >>> Architecture, highly unscalable and complicated to implement.
>      >>
>      >> [JD]  Do you have any evidence to justify any of your assertions, above?
>      >
>      > Please note that in draft-hegde-spring-traffic-accounting-for-sr-paths:
>      >
>      > •    The transit node needs to be able to recognize the special label, read
>      >        the SR Path Identification label and update the counter against such
>      >        “states”.
>      
>>     Possibly worth noting that existing devices are capable of maintaining many counters and updating them at line speed.
>      
>>     Several people have noted that ipfix is a process used for accounting in networks. That approach may have to find the bottom of stack and then match the packet that follows.
>      
>>     Other approaches (e.g., to ECMP) involve finding the bottom of stack and hashing on the header of the payload.
>      
>>     Some hardware cannot perform either mechanism. This usually results from a trade between low cost, high performance, and features. Generally you can't have all three.
> The question is not about if the hardware is able to perform such operations but regarding breaking the very beauty of SR – no states at the transit/ egress nodes.

Well, it's more about minimum state. Zero state at egress only applies 
for some classes of traffic.

Whilst the intent is for zero state in the transit nodes, this cannot be 
at the expense of not being able to manage the network.

> In the context of label stack size explosion, the draft also talks about needs to break an SR Path into sub-paths – thereby creating yet additional states in the network for accounting reasons (see more detail on this in the following). Furthermore, SR-MPLS is designed for SDN – the architecture calls for simplification of the network not adding complexity in the network fabric.

No. SR is not and never has been solely for SDN. On day one there was 
the concept that the ingress could compute the path.


> Please also note that a network may have a large number of SR Path, thereby creating another dimension for scaling limitations.
>
> The proposed procedure also does not work for node protection in the network. The draft essentially calls for ALL nodes to implement procedure proposed in the document; I am quoting from the draft.
>
> “When using extensions
>     described in this document for traffic accounting and with node-
>     protection enabled in the network, it is RECOMMENDED to make sure all
>     the nodes in the network support the extension.”

If all nodes support this (as recommended), then all nodes support it so 
it works during re-route. Indeed this is more important during reroute 
since that is when you expect hot spots to form.

The dynamic counter concept is no different to dynamic counters needed 
in IPFIX, so it is a concept that a lot of routers already have.


>
> <snip>
>    
>      > •    The draft proposes to push (up to) 3 Labels for each segment in the SR
>      >        Path. That means that label stack is increased up to 3x times! This is a
>      >        serious a scaling issue.
>      

Maybe there needs to be a change in the text, but what is required is 
three labels per ingress being monitored. This is something where SR 
really introduces confusion for the OAM systems and we need to work this 
through. In "classic" MPLS each label represented a layer in the 
network. SR breaks that model, with sadly little comment on this in the 
architecture. So we do need to think this through a bit, and understand 
whether we need to have a rule stating that there can only be one source 
identifier in the stack - meaning that SI can only be BoS and that if 
you want to record the source when you introduce a new layer you need to 
terminate the old stack and start a new one.

>>     John asked for evidence and you provided a misunderstanding or misreading of our draft.
>>     The document proposes adding 2 or 3 labels per SR Path (noting as John did, that this is our own term).
>>     That is not what you say, so perhaps you could retract or provide a pointer to the text.
>      
>>     Thus, "increased up to 3x times" applies only with the single case where the imposed label stack has exactly one label *and* the three label option is applied. So, while  what you say is true, it is clearly (and wilfully?) exaggerating the severity of impact, and it is doubtful that  4-label stack is actually a problem.
>   
> There are many scenarios that will require SR-Path-Stats Labels (up to 3 labels) to be present multiple times in the label stack. These scenarios are not uncommon. The following scenarios as noted in the draft.
>     
>    “The head-end node SHOULD insert the SR-
>     Path-Stats Labels at a depth in the label stack such that the nodes
>     in the SR path can access the SR-Path-Identifier for accounting.  The
>     SR-Path-Stats Labels may be present multiple times in the label stack
>     of a packet.”
>
>   “It is possible to partially deploy this feature when not all the
>     nodes in the network support the extensions defined in this document.
>     In such scenarios, the special labels MUST NOT get exposed on the top
>     of the label stack at a node that does not support the extensions
>     defined in this document.  This may require multiple blocks of SR-
>     Path-Stats Labels to be inserted in the packet header.”
>
>> •    The controller needs to keep track of transit node capability and
>      >       push the additional per-path labels, accordingly. I.e., the controller
>      >       also needs to maintain such information for the transit nodes.
>      
>>     In most cases, the controller/ingress only needs to care about the capabilities of the egress nodes. That is, if the special purpose label reaches the top of the stack it has to be able to handle it.
>      
>>     The only time when the transit node issue arises is when there is a small RLD. That information may need to be known by the controller to enable correct ECMP behavior, and it is distributed in the IGP.
>>     If there is a desire to enable accounting at transit nodes with a small RLD then the Path ID can be inserted higher up the stack and *that* means that the controller has to be sensitive as to where in the network the special purpose label will rise to the top of the stack.
>      
>>     It seems to me that:
>>     - Controllers are not particularly resource constrained: adding a flag per node
>>        (or even per link!) would not break any scaling behavior.
>>     - Adding another flag to the IGP alongside the RLD is not significant scaling issue.
>    
> The comment here was not so much related to scaling but was for adding complexity to the controller/ ingress node.

As far as I can tell the complexity is exactly the same as the 
complexity needed to insert the EL. Indeed you probably insert the 
labels at the same time,
and I suppose we should consider having a combined EL/SI SPL.

> As you noted above and in the draft, controller/ Ingress node needs to worry about the following cases every time a path needs to be computed (quoting some of the cases from the draft).
>     
> “When the head-end node
>     inserts the SR-Path-Stats labels in the label stack, the place in the
>     stack is decided based on whether the node where the special label
>     gets exposed is capable of popping those labels.”
>
>
> “While inserting the SR-Path-Stats labels, the head-end router MUST
>     ensure that the labels are not exposed to the nodes that do not
>     support them. “
>
> “Because it is necessary that the SR-Path-Stats labels are removed
>     when they are found at the top of the label stack, the node imposing
>     the label stack (the ingress) must know which nodes are capable of
>     stripping the labels.”
>
> In RLDC limitation cases, “To support traffic
>     accounting in such cases it is necessary to insert the SR-Path-Stats
>     Labels within the Readable Label Stack Depth Capability (RLDC) of the
>     nodes in the SR path.”
>
> “The head-end node SHOULD insert the SR-
>     Path-Stats Labels at a depth in the label stack such that the nodes
>     in the SR path can access the SR-Path-Identifier for accounting.”
>
> “The special labels MUST NOT get exposed on the top
>     of the label stack at a node that does not support the extensions
>     defined in this document.”
>
> “If the egress has not indicated that it is capable of removing the
>     SR-Path-Stats Labels, then they MUST NOT be placed at the bottom of
>     the label stack.  In this case the SR-Path-Stats Labels SHOULD be
>     placed at a point in the label stack such that they will be found at
>     the top of stack by the latest node in the SR path that is capable of
>     removing them. “
>
> “SR paths may require large label stacks.  Some hardware platforms do
>     not support creating such large label stacks (i.e., imposing a large
>     number of labels at once).  To overcome this limitation sub-paths are
>     created within the network, and Binding-SIDs are allocated to these
>     sub-paths.” … which means controller/ ingress software need to also create/ install sub-paths.
>    
> <snip>

These look like exactly the same considerations needed for EL.

Now we need to consider what happens if we have a node that does not 
support
the required depth. In both cases the result is the same - the feature 
is not
supported, but the packet is correctly forwarded. In this case it will mean
that there is an unmonitored part of the network. That is not so bad in 
that
you can at least figure out the region in the network where this happened.
In the case of the same limitation and the EL system the result may well be
a traffic overload as there is little entropy in an SR label stack.

- Stewart

v2.23.0 | Report a Bug | By Email