IETF Logo Mail Archive

Re: [mpls] Comment on draft-chen-mpls-p2mp-ingress-protection

Alia Atlas <akatlas@gmail.com> Tue, 17 December 2013 17:20 UTC

Return-Path: <akatlas@gmail.com>
X-Original-To: mpls@ietfa.amsl.com
Delivered-To: mpls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E7831AE092 for <mpls@ietfa.amsl.com>; Tue, 17 Dec 2013 09:20:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id paccov-5uY-G for <mpls@ietfa.amsl.com>; Tue, 17 Dec 2013 09:20:20 -0800 (PST)
Received: from mail-ig0-x230.google.com (mail-ig0-x230.google.com [IPv6:2607:f8b0:4001:c05::230]) by ietfa.amsl.com (Postfix) with ESMTP id 520AF1AE1F6 for <mpls@ietf.org>; Tue, 17 Dec 2013 09:20:20 -0800 (PST)
Received: by mail-ig0-f176.google.com with SMTP id k19so6857164igc.3 for <mpls@ietf.org>; Tue, 17 Dec 2013 09:20:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=f9tnk6SJOXqKeUB+hqcdNkozsSCIEUZKpueCcFsVovw=; b=ToRwDaI6ucwqmK5YaPy2ZdFWPvp6KaHfAAJBN+rSywOByAesnXGTYLVo86TwxMNZ/t h/KFnYDcrW0+vvs+gd1h5ID0MUDODTQWLFJZBg/l2NPGHkEjSL6AD6sUg3CA7987SlJv fLK8EiGC+6NQ22IaWehWih2mccQQr+kV8r1CX/deUYAResqdUkLdaG3aPb+nLuTNeNF9 No+LeW6hhXMDfz8piGE2Vxa+jdyarA2r/AHHLuqR6alcX4fv4XXByUx47Ez3lsz1u+Tf uTiFgnqfCEv0+jGoWxE3bVPEUmFpKvKWWSwD6yeeSAV5lRCZn+LKXAo0G27teLZDO5Uy bXwg==
MIME-Version: 1.0
X-Received: by 10.50.40.102 with SMTP id w6mr4317389igk.20.1387300819101; Tue, 17 Dec 2013 09:20:19 -0800 (PST)
Received: by 10.64.78.103 with HTTP; Tue, 17 Dec 2013 09:20:19 -0800 (PST)
In-Reply-To: <CECE764681BE964CBE1DFF78F3CDD3941DF0FBA9@xmb-aln-x01.cisco.com>
References: <CECE764681BE964CBE1DFF78F3CDD3941DEDE38F@xmb-aln-x01.cisco.com> <5316A0AB3C851246A7CA5758973207D445C200A7@sjceml501-mbs.china.huawei.com> <CECE764681BE964CBE1DFF78F3CDD3941DF0FBA9@xmb-aln-x01.cisco.com>
Date: Tue, 17 Dec 2013 12:20:19 -0500
Message-ID: <CAG4d1reCr+opGmBked1SL8OSbczyeCj3oLOkxXMp1_MHYU0xBA@mail.gmail.com>
From: Alia Atlas <akatlas@gmail.com>
To: "Nobo Akiya (nobo)" <nobo@cisco.com>
Content-Type: multipart/alternative; boundary="089e0112c7fe85258e04edbe24df"
Cc: "draft-chen-mpls-p2mp-ingress-protection@tools.ietf.org" <draft-chen-mpls-p2mp-ingress-protection@tools.ietf.org>, "mpls@ietf.org" <mpls@ietf.org>
Subject: Re: [mpls] Comment on draft-chen-mpls-p2mp-ingress-protection
X-BeenThere: mpls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multi-Protocol Label Switching WG <mpls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mpls>, <mailto:mpls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mpls/>
List-Post: <mailto:mpls@ietf.org>
List-Help: <mailto:mpls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mpls>, <mailto:mpls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Dec 2013 17:20:23 -0000

Hi Nobo,

Here's a quick summary response (which is why I am top-posting).

Yes, it is hard to correctly determine precisely what failure has occurred.
 Doing so depends on the network topology, whether the CE can run BFD and
so on.  The set of how to determine the failure is large and NOT specified
in this draft.

What is specified in this draft are different "failure-detection modes"
which need to be signaled so that the Backup Ingress and Merge Points know
what it needs to do.  Each different mode is intended to address a
different scenario.  Remember that what matters is whether traffic
continues to flow and whether the repair might result in duplicate traffic.

For instance, if the CE determines that it can't send traffic to the
Ingress - then traffic won't flow - and the CE can send the traffic to the
Backup Ingress.  This is the source-detected mode.

Regards,
Alia


On Mon, Dec 16, 2013 at 6:01 PM, Nobo Akiya (nobo) <nobo@cisco.com> wrote:

> Hi Huaimo,
>
> Thanks for response!
>
> The fundamental thing is, node failure will fail relevant BFD in your
> proposal, but BFD failure may not mean node failure.
>
> Please see comments inline.
>
> > -----Original Message-----
> > From: Huaimo Chen [mailto:huaimo.chen@huawei.com]
> > Sent: Sunday, December 15, 2013 9:01 PM
> > To: Nobo Akiya (nobo); draft-chen-mpls-p2mp-ingress-
> > protection@tools.ietf.org
> > Cc: mpls@ietf.org
> > Subject: RE: Comment on draft-chen-mpls-p2mp-ingress-protection
> >
> > Hi Nobo,
> >
> >     Thanks for your comments!
> >     See my answers/explanations inline below.
> >
> > Best Regards,
> > Huaimo
> >
> > -----Original Message-----
> > From: mpls-bounces@ietf.org [mailto:mpls-bounces@ietf.org] On Behalf Of
> > Nobo Akiya (nobo)
> > Sent: Thursday, November 07, 2013 2:51 AM
> > To: draft-chen-mpls-p2mp-ingress-protection@tools.ietf.org
> > Cc: mpls@ietf.org
> > Subject: [mpls] Comment on draft-chen-mpls-p2mp-ingress-protection
> >
> > Hi Authors,
> >
> > I didn't get a chance to comment on your draft at the WG session today,
> so
> > sending to the list. My concern is similar to what Greg Mirsky stated.
> > Simply running 2 independent BFD sessions (as described in the slides)
> will
> > have issues.
> >
> > Huaimo: In normal operations, source CE sends the traffic to the primary
> > ingress, which imports the traffic into the primary LSP. It does not
> send the
> > traffic to the backup ingress.
> > When the primary ingress fails, the source CE will detect the failure of
> the
> > primary ingress through the BFD between CE and the primary ingress and
> > switches the traffic to the backup ingress. The backup ingress will also
> > detect the failure of the primary ingress through the BFD between the
> > backup ingress and the primary ingress, and put the traffic from the
> source
> > CE into the backup LSP to the next hops of the primary ingress, where the
> > traffic is merged into the primary LSP.
> > When the link between the backup ingress and the primary ingress fails,
> the
> > source CE will continue to send the traffic to the primary ingress, and
> does
> > not send the traffic to the backup ingress. The traffic will be
> delivered to the
> > destinations via the primary LSP.
> > It seems that it works as expected.
> > Can you give more details about "Simply running 2 independent BFD
> > sessions (as described in the slides) will have issues."?
>
> One example would be the case where BFD between CE and primary ingress
> fails but not BFD between primary ingress and backup ingress. Section 3.1
> says:
>
> [snip]
>    The backup ingress does not import any traffic from the source into
>    the backup LSP in normal operations.  When it detects a failure
>    involving the primary ingress, it imports the traffic from the source
>    into the backup LSP to the next hops of the primary ingress, where
>    the traffic is merged into the primary LSP.
> [snip]
>
> In this case, CE will be sending traffic to backup ingress, but backup
> ingress isn't sending the traffic into backup LSP, since BFD from backup
> ingress to primary ingress is still up. Because proposal [currently]
> requires synchronized decision made by multiple devices making independent
> decisions, this is an area which should require further attention.
>
> The detection which this proposal is really interested in is failures in
> following paths:
> CE --> primary ingress --> primary LSP --> in-band at least to nexthop
> Running multiple single-hop BFD doesn't accurately achieve this.
>
> For the backup activation, you probably want to have one failure
> detection, or one node making the decision based on multiple failure
> detections ... ideally.
>
> >
> >
> > > 3.  Ingress Failure Detection
> > >
> > >   Exactly how the failure of the ingress (e.g.  R1 in Figure 1) is
> > >   detected is out of scope for this document.
> >
> > I believe, at least, definition of the "failure" should be defined in
> the draft.
> > Without it, it can be interpreted by readers as complete node outage,
> > outage of all involved links, outage of just primary-backup link, or even
> > something else. And without defining what the "failure" is, it's
> difficult to
> > figure out the right techniques to detect the failure. And that can
> easily
> > result in deviating detection implementations for described solution to
> not
> > kick off in expected manner.
> >
> > Huaimo: The primary ingress node failure in this draft is similar to the
> node
> > failure in RFC 4090.
>
> For non-ingress-protection, failure of a downstream from upstream
> perspective is clear: there is no need to differentiate between link
> failure and node failure. What is proposed in the document is a detection
> mechanism where (link failure & node alive) scenario can create
> inconsistent backup takeover. In addition, because you have multiple
> "detector" nodes, failure of a single-hop BFD cannot be assumed as a node
> failure. It can just be a link failure, or LC failure of one node which
> doesn't impact any corresponding traffic. I think you can see from above
> that there's a bit of difference between the "failure" which you want
> backup activated vs. "failure" which proposed detection mechanism detects.
> This is why I think it'll be beneficial to define what the "failure" is.
>
> -Nobo
>
> >
> > -Nobo
> >
> > _______________________________________________
> > mpls mailing list
> > mpls@ietf.org
> > https://www.ietf.org/mailman/listinfo/mpls
> _______________________________________________
> mpls mailing list
> mpls@ietf.org
> https://www.ietf.org/mailman/listinfo/mpls
>

v2.23.0 | Report a Bug | By Email