Re: [mpls] Alvaro Retana's No Objection on draft-ietf-mpls-rfc6374-udp-return-path-04: (with COMMENT)

Stewart Bryant <stewart.bryant@gmail.com> Thu, 07 April 2016 15:26 UTC

Return-Path: <stewart.bryant@gmail.com>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 884CE12D5C4; Thu, 7 Apr 2016 08:26:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.72
X-Spam-Level:
X-Spam-Status: No, score=-2.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wp--8RYsdGNh; Thu, 7 Apr 2016 08:26:20 -0700 (PDT)
Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED20212D19B; Thu, 7 Apr 2016 08:16:53 -0700 (PDT)
Received: by mail-wm0-f65.google.com with SMTP id l6so5135214wml.3; Thu, 07 Apr 2016 08:16:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=tPSwjfNaAqtQTXci30sx6e4RoC37k4TBqshwmvy/ww0=; b=dXfjhAHEPuNMQdk36w9+pcLa8HA4eb3LHF6gE2cUoVO+8KUEjydKG/GLM3Brt6naWl fJqYDn2xSR31bOixv90oM7xTMsZLGBS0SmfYDPr6CYZbJZ/qiE+wZ/rfnnFfjunpu7pe OPNe7yaa8x9lxxfs+7VWQMm9/ut4dzPmxW27BD4LHHwfdH41A9v73XTfr0OCZsbdcuWt KcnuRlI4EDcr56aLqjw1C/JzD+P9ACydJAZHRhRm06QsJXvXZDeOWR781OLbK+DkHS1H LBQadymUejEc9P0hU+bCcNZRy9xwweRl6v9Bz8e+P5v74268/GEisdBjC5SFiTPtWWuE ojKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=tPSwjfNaAqtQTXci30sx6e4RoC37k4TBqshwmvy/ww0=; b=OMQhv3J3T6DJnevxDXvJzqIPO04FDBPE6UAy2O0kbOwyTUa7ps4X0PZ9X4IsCdvJNz ffj/XkOJBD8M9qK/ehk/20E7b8yPpRWDRKmw7tUkG+3Gm4fc8Ne1ohueMQyE2AzLcxZ2 IT4mB6FHFpVpym+NbCB/UbuwKG6KzClBGM/021HRS1hmynELsyqVJWr6uwCzVUcVnCUg mgHmy1R9Bsp3Qa2nBI3YAEdTh0G3GmyaowQUhiawFVSxQwn4Zkk00T1jKnalQ60p+9bU U1Pa6lHVaj4ltCguFNM5JifsTEbRDAjO/z/UAzl67Ejk69fPg6AB3n5uez42Fq4i7RWj Ufeg==
X-Gm-Message-State: AD7BkJLnPcHZ4ZERZo5eJIjRyMTqvJjcf2tFBp7+iLjVeGjF1AulrOu6gkl8Whvc2LmLNw==
X-Received: by 10.28.148.8 with SMTP id w8mr30865297wmd.29.1460042162374; Thu, 07 Apr 2016 08:16:02 -0700 (PDT)
Received: from [192.168.2.126] (host213-123-124-182.in-addr.btopenworld.com. [213.123.124.182]) by smtp.gmail.com with ESMTPSA id i11sm8950414wjn.36.2016.04.07.08.16.00 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 07 Apr 2016 08:16:01 -0700 (PDT)
To: Alvaro Retana <aretana@cisco.com>, The IESG <iesg@ietf.org>
References: <20160105031027.29211.97181.idtracker@ietfa.amsl.com>
From: Stewart Bryant <stewart.bryant@gmail.com>
Message-ID: <570679AF.2030101@gmail.com>
Date: Thu, 7 Apr 2016 16:15:59 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.0
MIME-Version: 1.0
In-Reply-To: <20160105031027.29211.97181.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/mpls/reYmoKW3QHMIBgePtRcDX9MgQE8>
Cc: mpls@ietf.org, draft-ietf-mpls-rfc6374-udp-return-path@ietf.org, mpls-chairs@ietf.org
Subject: Re: [mpls] Alvaro Retana's No Objection on draft-ietf-mpls-rfc6374-udp-return-path-04: (with COMMENT)
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Apr 2016 15:26:22 -0000


On 05/01/2016 03:10, Alvaro Retana wrote:
> Alvaro Retana has entered the following ballot position for
> draft-ietf-mpls-rfc6374-udp-return-path-04: No Objection
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-mpls-rfc6374-udp-return-path/
>
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> The text related to when the URO is used of not clear, and I think it
> could even result in technical incompatibility.  I don't think that this
> main concern raises to the level of a DISCUSS since it should be resolved
> easily (but it might be close).  In short, it is not completely clear
> when the URO should be considered in light of the rules in RFC6374; it is
> not completely clear if the rules in RFC6374 always take precedence.
This text only considers operation when the URO is used.

There are no procedures specified on how to use the address object in 
RFC6374, and
if anyone every writes them (which I honestly doubt) they will be 
responsible
for the disambiguation of the proceedures.

> Here are the specifics of my concern:
>
> Section 4.2. (Receiving an MPLS PM Query Request) says that "in addition"
> to the processing in RFC6374, "with a URO present, then the responder
> SHOULD use that IP address and UDP port to send MPLS-PLDM response back
> to querier."  RFC6374 says that the "Source Address of a query message
> SHOULD be used as the destination for an out-of-band response unless some
> other out-of-band response mechanism has been configured, and unless a
> Return Address object is present, in which case the Return Address
> specifies the target of the response."  Several questions/observations:
>
> * What does the phrase "in addition" mean in 4.2?  I'm interpreting it as
> adding rules to what RFC6374 says.  IOW, this document seems to be
> updating what RFC6374 says (or at least adding extra rules if the URO is
> present).  Is that the intent?

It is not updating it in the formal IETF sense, it is adding an extra 
mechanism, but in that
latter sense it is updating the protocol.

>
> * As far as I can tell, there is no restriction for having both a Return
> Address object and the URO in the same query, right?  If so, and if the
> intent is *not* to update RFC6374, then it seems (from the text in
> RFC6374) that the URO would never be used (if a Return Address object is
> also present).

I have added the following text which should resolve any ambiguity:

To prevent any ambiguity as to which address the Responder needs to 
reply to, an MPLS-PLDM message containing a URO MUST NOT include an 
RFC6374 Return Address TLV (TLV 1). Additionally, the method of 
constructing the return address from the Source Address TLV (TLV 130) 
described in Section 3.5.2 of RFC6374 MUST NOT be used to construct to 
an Query message that contains a URO.
>
> * Nitpicking a little at the meaning/interpretation of "configuration".
> RFC6374 mentions (from above) "some other out-of-band response mechanism
> has been configured", but as you imply in (i.e as I interpret) Section 5.
> (Manageability Considerations) the mechanism in this document is
> signaling, not configuration:  "Nothing in this document precludes the
> use of a configured UDP/IP return path in a deployment in which
> configuration is preferred to signalling."   Yes, you could configure the
> system to prefer the URO signaling..
Indeed, but I cannot see any interoperability issues.
>
> * The point with all this is that it is not clear what exactly is meant,
> and that the current text can result in more than one (defensible)
> interpretation.
Hopefully the additional text resolves the ambiguity.

>
> * Small nit from the text quoted above in section 4.2: the response may
> in fact not go back to the querier.
>
I cannot see the problem with the text, but of course the response may not
go back to the querier. That is a design intention.

>
> I have a couple of other minor comments:
>
> 1. Section 3. (Solution Overview)  says (in the first sentence) that if
> the URO "is present in a MPLS-PLDM Query, the responder MUST use the IP
> address and UDP port in the URO to reply back to the querier".   Clearly
> related to the comments above, but also an incomplete statement: as
> explained in 4 and 4.1, the Control Code should also be set to
> "Out-of-band Response Requested".  Comments/questions:
>       * [Nit] I don't think there's anything explicitly wrong with that
> first sentence, but it just doesn't sound right because of the
> conditional MUST ("unless configured otherwise").  You might want to
> consider something like this instead:  "This document specifies that if
> the  Control Code of the MPLS-PLDM query is set to "Out-of-band Response
> Requested", and a UDP Return Object (URO) is present in a MPLS-PLDM
> Query, the responder SHOULD use the IP address and UDP port in the URO to
> reply back to the querier."

It now says SHOULD
>       * What happens the URO is received in a query that doesn't have the
> correct Control Code?
It follows the error handling in RFC6374, and responds using the URO. Do 
you think
that this is ambiguous?
>
> 2. Section 3.1. (UDP Return Object)
>       * What happens if the URO contains an address not supported by the
> receiver?

This would be a normal misdelivery-discard. There is now some additional
security text about being more careful with the address you use, but if you
configure a wrong address the packet will go in the bit bucket as normal.

>       * "The URO MUST NOT appear in a response."  What should the receiver
> do if it does?  Should it ignore the URO or the whole datagram?

I think that this a matter for the implementer. There is no interoperability
issue that I can see.

>
> 3. s/MPLS-PM (and MPLS PM)/MPLS-PLDM
>
>
Done

- Stewart