Re: [nvo3] Éric Vyncke's Discuss on draft-ietf-nvo3-bfd-geneve-12: (with DISCUSS and COMMENT)
xiao.min2@zte.com.cn Wed, 23 August 2023 09:40 UTC
Return-Path: <xiao.min2@zte.com.cn>
X-Original-To: nvo3@ietfa.amsl.com
Delivered-To: nvo3@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63C64C14CE2C; Wed, 23 Aug 2023 02:40:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l34QMwZtk8SF; Wed, 23 Aug 2023 02:40:09 -0700 (PDT)
Received: from mxhk.zte.com.cn (mxhk.zte.com.cn [63.216.63.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 028A1C15107A; Wed, 23 Aug 2023 02:40:06 -0700 (PDT)
Received: from mxct.zte.com.cn (unknown [192.168.251.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mxhk.zte.com.cn (FangMail) with ESMTPS id 4RW1Qm1N2cz8XrRG; Wed, 23 Aug 2023 17:40:00 +0800 (CST)
Received: from mse-fl1.zte.com.cn (unknown [10.5.228.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mxct.zte.com.cn (FangMail) with ESMTPS id 4RW1QF0yxBz4xpcf; Wed, 23 Aug 2023 17:39:33 +0800 (CST)
Received: from njb2app06.zte.com.cn ([10.55.23.119]) by mse-fl1.zte.com.cn with SMTP id 37N9dP6f042482; Wed, 23 Aug 2023 17:39:25 +0800 (+08) (envelope-from xiao.min2@zte.com.cn)
Received: from mapi (njb2app07[null]) by mapi (Zmail) with MAPI id mid201; Wed, 23 Aug 2023 17:39:28 +0800 (CST)
Date: Wed, 23 Aug 2023 17:39:28 +0800
X-Zmail-TransId: 2aff64e5d3d0ffffffff847-dbae1
X-Mailer: Zmail v1.0
Message-ID: <202308231739283184246@zte.com.cn>
In-Reply-To: <169140218546.62160.5926678901776309770@ietfa.amsl.com>
References: 169140218546.62160.5926678901776309770@ietfa.amsl.com
Mime-Version: 1.0
From: xiao.min2@zte.com.cn
To: evyncke@cisco.com
Cc: iesg@ietf.org, draft-ietf-nvo3-bfd-geneve@ietf.org, nvo3-chairs@ietf.org, nvo3@ietf.org, matthew.bocci@nokia.com, d3e3e3@gmail.com
Content-Type: multipart/mixed; boundary="=====_001_next====="
X-MAIL: mse-fl1.zte.com.cn 37N9dP6f042482
X-Fangmail-Gw-Spam-Type: 0
X-Fangmail-Anti-Spam-Filtered: true
X-Fangmail-MID-QID: 64E5D3F0.000/4RW1Qm1N2cz8XrRG
Archived-At: <https://mailarchive.ietf.org/arch/msg/nvo3/odJbNT7RVevO7HWIXsArwp74ijE>
Subject: Re: [nvo3] Éric Vyncke's Discuss on draft-ietf-nvo3-bfd-geneve-12: (with DISCUSS and COMMENT)
X-BeenThere: nvo3@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Network Virtualization Overlays \(NVO3\) Working Group" <nvo3.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nvo3>, <mailto:nvo3-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nvo3/>
List-Post: <mailto:nvo3@ietf.org>
List-Help: <mailto:nvo3-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nvo3>, <mailto:nvo3-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Aug 2023 09:40:14 -0000
Hi Eric, Thank you for the review and thoughtful comments. Please see inline. Original From: ÉricVynckeviaDatatracker <noreply@ietf.org> To: The IESG <iesg@ietf.org>; Cc: draft-ietf-nvo3-bfd-geneve@ietf.org <draft-ietf-nvo3-bfd-geneve@ietf.org>;nvo3-chairs@ietf.org <nvo3-chairs@ietf.org>;nvo3@ietf.org <nvo3@ietf.org>;matthew.bocci@nokia.com <matthew.bocci@nokia.com>;matthew.bocci@nokia.com <matthew.bocci@nokia.com>;d3e3e3@gmail.com <d3e3e3@gmail.com>; Date: 2023年08月07日 17:56 Subject: [nvo3] Éric Vyncke's Discuss on draft-ietf-nvo3-bfd-geneve-12: (with DISCUSS and COMMENT) Éric Vyncke has entered the following ballot position for draft-ietf-nvo3-bfd-geneve-12: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-nvo3-bfd-geneve/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- # Éric Vyncke, INT AD, comments for raft-ietf-nvo3-bfd-geneve-12 Thank you for the work put into this document. Please find below one blocking DISCUSS points (easy to address), some non-blocking COMMENT points (but replies would be appreciated even if only for my own education), and some nits. Special thanks to Matthew Bocci for the shepherd's detailed write-up including the WG consensus *and* the justification of the intended status. Other thanks to Don Eastlake, the Internet directorate reviewer (at my request), please consider this int-dir review: https://datatracker.ietf.org/doc/review-ietf-nvo3-bfd-geneve-12-intdir-telechat-eastlake-2023-08-05/ Don's review was 'not ready', and I concur with him after doing my own review. Authors' reply to Don's review will be welcome. [XM]>>> I've replied to Don's review and the resolutions to address his comments have been confirmed. I hope that this review helps to improve the document, [XM]>>> Yes, I'm sure about this. Regards, -éric # DISCUSS As noted in https://www.ietf.org/blog/handling-iesg-ballot-positions/, a DISCUSS ballot is a request to have a discussion on the following topics: ## Sectin 6 I share Don's issue about having `Geneve provides security` and `Geneve does not have any inherent security mechanisms` in the same paragraph. There should probably some nuance or limitation in those two assertions to make them compatible. [XM]>>> The following proposed change has been accepted by Don, is that acceptable for you? OLDGeneve provides security between the peers and subject to the issue of overload described below.NEWThe IP underlay network and/or the Geneve option can provide security between the peers, which are subject to the issue of overload described below. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- # COMMENTS ## Section 1 Unsure whether the following text is useful here `The major difference between Geneve and VXLAN [RFC7348] is that Geneve supports multi-protocol payload and variable length options.` [XM]>>> Will remove the text you quoted. I trust the transport ADs for the accuracy of the last paragraph about the congestion control. [XM]>>> To avoid possible confusion, I've proposed some editorial changes that's been confirmed by Don. ## Section 4.1 `the BFD session SHOULD be identified using`, what is the procedure to be followed when it is not possible? The I-D should be clear on this. [XM]>>> OK. Propose to add some text to the end of this paragraph (both Section 4.1 and 5.1). NEW If it fails to identify the BFD session, the incoming BFD Control packets MUST be dropped, and anexception event indicating the failure should be reported to the management. ## Section 5;1 `MUST be validated to determine` how can the receiving node validate ? Of course, the reader can guess, but let's be specific. [XM]>>> OK. John raised the similar issue, and I proposed to change the text as below. OLD Then the UDP destination port and the TTL or Hop Limit of the inner IP packet MUST be validated to determine whether the received packet can be processed by BFD. NEW Then the UDP destination port and the TTL or Hop Limit of the inner IP packet MUST be validated to determine whether the received packet can be processed by BFD, i.e., the two field values of the inner IP packet MUST be in compliance with what's defined in Section 5 of this document, as well as Section 4 of [RFC5881]. What should the receiving node do if this validation fails ? [XM]>>> Propose to add some text to the end of this paragraph (both Section 4.1 and 5.1). NEW If the validation fails, the received packet MUST NOT be processed by BFD. ## Section 6 Suggest to specify what "enough" means in ` are enough for the pair of NVEs`. [XM]>>> OK. Propose to change the text as below. OLD In this case, it's recommended that N BFD sessions covering all N VAPs are enough for the pair of NVEs.NEW In this case, it's recommended that N BFD sessions covering all N VAPs are run for the pair of NVEs. Generally speaking, the number of BFD sessions is supposed to be enough as long as all VAPs of the pair of NVEs are covered. # NITS ## Section 1 s/an other device/another device/ [XM]>>> OK. Will do it. s/p2p Geneve tunnel/P2P Geneve tunnel/ or expand `p2p` [XM]>>> OK. Will do s/p2p Geneve tunnel/P2P Geneve tunnel. Best Regards, Xiao Min _______________________________________________ nvo3 mailing list nvo3@ietf.org https://www.ietf.org/mailman/listinfo/nvo3
- [nvo3] Éric Vyncke's Discuss on draft-ietf-nvo3-b… Éric Vyncke via Datatracker
- Re: [nvo3] Éric Vyncke's Discuss on draft-ietf-nv… xiao.min2
- Re: [nvo3] Éric Vyncke's Discuss on draft-ietf-nv… Eric Vyncke (evyncke)
- Re: [nvo3] Éric Vyncke's Discuss on draft-ietf-nv… xiao.min2