Re: [mpls] draft-ietf-mpls-spring-lsp-ping: resolution of issues raised in my RTG-DIR review

"Nagendra Kumar Nainar (naikumar)" <naikumar@cisco.com> Mon, 09 October 2017 09:32 UTC

Return-Path: <naikumar@cisco.com>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFF97134E49; Mon, 9 Oct 2017 02:32:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.52
X-Spam-Level:
X-Spam-Status: No, score=-14.52 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F13d0kZnxTOw; Mon, 9 Oct 2017 02:32:31 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41782134E35; Mon, 9 Oct 2017 02:32:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=52516; q=dns/txt; s=iport; t=1507541551; x=1508751151; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=v3gBYZbXldwGfEhjIggCbf7Jh4i3JvvjV3kKE3qSBKA=; b=PqbgnaLXKk6VK1k7H3JdSbIX88znnzPS5J0IDUieRghsIV06U7QBstur 6vkJZtcYCCAUdU81+QpPQI+jTc/xHmpWPO+G0s9huaXkLLmeXTHursitD qd3tp8ZygqLjjR+0q0tF2cFQHShm1jmPYKXHInabZV97hhb63ZbyobCZ6 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CWAQDrQNtZ/5NdJa1cGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBgm9BLWRuJweDMEOaCoJvlTYOggQKJYUWAhqEE0AXAQIBAQEBAQE?= =?us-ascii?q?BayiFGQYMFwpMDgICAQYCOAEJAgICFBwlAQEEDgUbiTFkEIk0nWeCJyeLBAEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEBAQEBARgFBYMoggKDOgErgXBZNYMygR8BEgEHHwcJIYJ?= =?us-ascii?q?bL4IyBYoKAYkehRiIdAKHXIEXgkqJKIIUhW+DfoEshV6KF4sWAhEZAYE4ASECN?= =?us-ascii?q?IEDC3gVWwGFBxwZgU52hykNGAeBBYEQAQEB?=
X-IronPort-AV: E=Sophos;i="5.42,500,1500940800"; d="scan'208,217";a="305359756"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Oct 2017 09:32:28 +0000
Received: from XCH-RCD-013.cisco.com (xch-rcd-013.cisco.com [173.37.102.23]) by rcdn-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id v999WSJQ030717 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 9 Oct 2017 09:32:28 GMT
Received: from xch-rcd-015.cisco.com (173.37.102.25) by XCH-RCD-013.cisco.com (173.37.102.23) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Mon, 9 Oct 2017 04:32:27 -0500
Received: from xch-rcd-015.cisco.com ([173.37.102.25]) by XCH-RCD-015.cisco.com ([173.37.102.25]) with mapi id 15.00.1320.000; Mon, 9 Oct 2017 04:32:27 -0500
From: "Nagendra Kumar Nainar (naikumar)" <naikumar@cisco.com>
To: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>, "BRUNGARD, DEBORAH A" <db3546@att.com>
CC: "rtg-ads@ietf.org" <rtg-ads@ietf.org>, "mpls@ietf.org" <mpls@ietf.org>, "spring@ietf.org" <spring@ietf.org>, "Jonathan Hardwick (Jonathan.Hardwick@metaswitch.com)" <Jonathan.Hardwick@metaswitch.com>, "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "draft-ietf-mpls-spring-lsp-ping.authors@ietf.org" <draft-ietf-mpls-spring-lsp-ping.authors@ietf.org>
Thread-Topic: draft-ietf-mpls-spring-lsp-ping: resolution of issues raised in my RTG-DIR review
Thread-Index: AdM87VBWMwQpWk20SYuuvpBxKKubvgD/JaaA
Date: Mon, 9 Oct 2017 09:32:27 +0000
Message-ID: <34333AE3-B0F1-43C3-A9DE-2BB3AAD7E7BA@cisco.com>
References: <AM4PR03MB1713BACBB06A4157DFE2F3889D730@AM4PR03MB1713.eurprd03.prod.outlook.com>
In-Reply-To: <AM4PR03MB1713BACBB06A4157DFE2F3889D730@AM4PR03MB1713.eurprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.25.0.170815
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.69.200]
Content-Type: multipart/alternative; boundary="_000_34333AE3B0F143C3A9DE2BB3AAD7E7BAciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/mpls/rjAdiDtlC0VRWgbMSh4Zy7Wp9Pk>
Subject: Re: [mpls] draft-ietf-mpls-spring-lsp-ping: resolution of issues raised in my RTG-DIR review
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Oct 2017 09:32:35 -0000

Hi Sasha,

Please see inline..

Deborah and all,

I have read the latest (-11) version of the draft in order to check to which extent my RTG-DIR review comments (that referred to the -06 version of the draft) have been addressed.

Here are the results of this check:

Major Issue #1 in the -06 version of the draft:
Section 7.4 “Segment ID Check” of the draft claims to update “the procedure defined in Step 6 of Section 4.4  of [RFC8029]”. However, I have failed to integrate the logic defined by the pseudocode in this section with the logic defined by the referenced pseudocode.

  *   I have suspected that the newly introduced logic should be part of the Egress FEC Validation logic defined in Section 4.4.1 of RFC 8029.  This suspicion has been acknowledged by the authors, and they plan to fix the wrong reference in the next revision of the draft.
  *   From my POV the best way to avoid possible misinterpretation by the implementers would be inclusion of the updated version of the pseudocode (with explicit marking of the new logic) directly in the document. I have suggested this to the authors, but I did not get their response so far.

Status in the -11 version of the draft:
The problematic text has been replaced with pseudocode that integrates the logic that has been defined in Section 4.4.1 of RFC 8029 with the new, SR-specific pseudocode. So, in a way, the original issue has been resolved. However, I have several issues with the current text:

  *   From my POV, the pseudocode could be made much more readable if it were better structured. One possible way to do so could be defining how IGP extensions for SR can be treated as distributing if they distributed labels (including Implicit Null) for Node Segment IDs, and using the results in the original pseudocode of RFC 8029
<Nagendra> I couldn’t understand what you meant by “SR can be treated as distributing if they distributed labels”.  Can you clarify this?.


  *   The proposed pseudocode seems to lack the check of Label-L matching the Node Segment ID in the SRGB of the responder
<Nagendra>The Segment ID Sub-TLV defined in draft-ietf-mpls-spring-lsp-ping does not carry the SID value. Incorrect SRGB range or incorrect index will result in wrong segment/label to FEC mapping and this will be detected by the defined machinery. When a node is receiving LSP Ping packet with incoming label as L which is not within the SRGB, I can think of 2 possible scenarios:
                Scenario 1 – The incoming label is not in ILM. In this case, the node will reply with a return code of 11 (No label entry in ILM)
                Scenario 2 – The incoming label is not mapped to the right FEC. In this case, the FEC mapping will not be validated.

The same is applicable for label in DDMAP.


  *   It is not obvious how the proposed pseudocode treats previously defined FECs in the target FEC stack

<Nagendra> By defining the procedure in this draft as Step 4a, we execute Step 4a if FEC==SR and skip step 5. When FEC!=SR, we execute step 5. I think we discussed and clarified this already. Are you pointing to a different issue?.


  *   Interface-I (the ingress interface of the received LSP Ping request) is only mentioned in the check of Adjacency SID. It is also not clear to me why the check expects its match with the Remote Interface ID in the Adjacency SID TLV.

<Nagendra> Adj-SID requires strict incoming interface check and so is the reason we are checking Interface-I for Adj-SID. Remote Interface ID in TLV is the interface identifier assigned by the downstream node for which the Adj-SID is assigned by upstream node. In example R1-R2, assume R1 assigns Ad-SID of A1 for R2. The “Remote Interface ID” field of Adj-SID FEC Sub-TLV will carry the interface ID assigned by R2 for interface connected to R1.

I did not raise these issues in my original review exactly because it was impossible to integrate the new validation logic with the logic defined in RFC 8029. Please consider these issues as my IESG LC comments.

Minor Issue #3 in the -06 version of the draft:
I am not sure if “OSPF” and ISIS” (without any reference to Segment Routing) are the proper names for the label distribution protocols in the proposed new IANA registry in Section 10.2. From my POV “OSPF/ISIS SR Extensions” would be more appropriate. The authors disagree with this proposal claiming that OSPF and ISIS are not used for label distribution in any other way. (RFC 8029 that encodes the label distribution protocol in the Downstream  Detailed Mapping TLV did not request a dedicated registry for this purpose, and I think that the authors have been right to request such a registry).
Status in the -11 version of the draft:
The new version uses the same protocol names as the previous one. Meanwhile, I have found that OSPF and IS-IS can be used for distriburing label ranges for BIER (see OSPF Extensions for BIER<https://datatracker.ietf.org/doc/draft-ietf-bier-ospf-bier-extensions/?include_text=1> and a similar draft for ISIS). From my POV, this supports my recommendation to change the names of protocols to differentiate between multiple extensions to OSPF and IS-IS that distribute label ranges. Please consider this as my IESG LC WG comment.
<Nagendra>I will leave it to other authors and WG. To me, It still appears that OSPF/ISIS will be appropriate and re-use same protocol number instead of defining another protocol number for OSPF with “x“extension ☺. If the consensus is to change it as OSPF with SR extension, I will update the draft accordingly.

Minor Issue #4 in the -06 version of the draft:
I doubt the draft needs address any FRR issues even in future (as mentioned in the last statement in Section 5), since, to the best of my understanding, any form of FRR:

  *   Is operated locally by the node that is upstream to the failure without passing any information to the initiator of LSP-Ping Request packets
  *   In any case is just a transient state in the (presumably short) interval between the failure being detected by the upstream node and re-convergence of IGP
I also think that references to “future versions” are not quite appropriate in the document that is going to the IETF LC. I recommend removing any such references from the document.
Status in the -11 version of the draft:
All mention of FRR has been removed from the new version, as well as any references to future versions.

Minor Issue #5 in the -06 version of the draft:
Section 9 “Backward Compatibility with non-Segment Routing devices” defines the behavior for the two slightly different use cases:
-              LSP Ping Echo Request packets are initiated by an SR-capable node (and therefore their target FEC stack contains SR-related FECs), while the responder is legacy device that is not SR-capable. In this case the proposed solution (respond with the FEC-return-code “Replying router has no mapping for the FEC at stack-depth”) looks as the only possibility since the legacy device cannot parse SR FECs in any case
-              LSP Ping Echo Request packets are initiated by a legacy device while the responder is SR-capable. The draft defines the same behavior in this case – but, IMHO and FWIW, the responder could provide slightly better diagnostics since it can parse the “old” target FEC and recognize the equivalent Node ID. An additional return code would be required to implement this behavior.
This issue has not been discussed with the authors due to lack of time.
Status in the -11 version of the draft:
The authors have responded that a legacy (LDP-only) initiator of LSP Pings request messages in any case would not be able to parse a new return code. I agree with this comment, and withdraw the issue.

All the nits I’ve noticed also have been resolved. In particular, early IANA allocations that have expired on 15.09.17, have been extended to one more year.

Thanks,
Nagendra

Regards,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com


___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this
transmission in error, please inform us by e-mail, phone or fax, and then delete the original
and all copies thereof.
___________________________________________________________________________