Re: [OSPF] Gen-ART and OPS-Dir review of draft-ietf-ospf-node-admin-tag-06: A-D issues

Shraddha Hegde <shraddha@juniper.net> Fri, 09 October 2015 03:49 UTC

Return-Path: <shraddha@juniper.net>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FF141B3176; Thu, 8 Oct 2015 20:49:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.302
X-Spam-Level:
X-Spam-Status: No, score=-1.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_42=0.6, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PI--5Xa3ansb; Thu, 8 Oct 2015 20:49:00 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0114.outbound.protection.outlook.com [207.46.100.114]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DAF11B302D; Thu, 8 Oct 2015 20:49:00 -0700 (PDT)
Received: from CY1PR0501MB1385.namprd05.prod.outlook.com (10.160.148.139) by CY1PR0501MB1386.namprd05.prod.outlook.com (10.160.148.140) with Microsoft SMTP Server (TLS) id 15.1.286.20; Fri, 9 Oct 2015 03:48:58 +0000
Received: from CY1PR0501MB1385.namprd05.prod.outlook.com ([10.160.148.139]) by CY1PR0501MB1385.namprd05.prod.outlook.com ([10.160.148.139]) with mapi id 15.01.0293.007; Fri, 9 Oct 2015 03:48:58 +0000
From: Shraddha Hegde <shraddha@juniper.net>
To: "Black, David" <david.black@emc.com>, Rob Shakir <rjs@rob.sh>, "as@cisco.com" <as@cisco.com>, "bruno.decraene@orange.com" <bruno.decraene@orange.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>, "General Area Review Team (gen-art@ietf.org)" <gen-art@ietf.org>, "lizhenbin@huawei.com" <lizhenbin@huawei.com>
Thread-Topic: Gen-ART and OPS-Dir review of draft-ietf-ospf-node-admin-tag-06: A-D issues
Thread-Index: AdEBDEziYmBkLZJnTki1S2UszA0okAAgLDsQABiaP/AAFPXWoA==
Date: Fri, 9 Oct 2015 03:48:58 +0000
Message-ID: <CY1PR0501MB13857F5D7CC0633AA5E995F1D5340@CY1PR0501MB1385.namprd05.prod.outlook.com>
References: <CE03DB3D7B45C245BCA0D24327794936166B26DA@MX104CL02.corp.emc.com> <BY1PR0501MB138194B0DA5750DEDE2A5FE5D5350@BY1PR0501MB1381.namprd05.prod.outlook.com> <CE03DB3D7B45C245BCA0D24327794936166B4A7E@MX104CL02.corp.emc.com>
In-Reply-To: <CE03DB3D7B45C245BCA0D24327794936166B4A7E@MX104CL02.corp.emc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=shraddha@juniper.net;
x-originating-ip: [116.197.184.11]
x-microsoft-exchange-diagnostics: 1; CY1PR0501MB1386; 5:Fme5LVsZKQ0VwjNueOembmW2PR4dh72Zazv6xrPv6Bf0JVcWcDsIsEXYlb/sV83pZfWUfnoDFSJ2aWkUGjL0dqEJNkO4oCr2f0fat11u9k0xteRlCUPEX6aoj2+LB9B5s8tc1cOpyvaAh3T83q2Wag==; 24:Gy5XAYjor8awnvtCvbDHvGngwDZWC8n1YbF+SLTgE/X/RaHlk3mx/NR7oczKlPPGruyQAw/yQO9ePX7mkrxmgggQdiNIQnSHrWWvtolOLV0=; 20:sU51NOKcUwehC99yDdscaPxC+hYNFtUjQUdUzbfxdASGHgISvAJySaxAgK/lK7ddGaUPuSAdU0KB5cG03qLpew==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0501MB1386;
x-microsoft-antispam-prvs: <CY1PR0501MB138609B178678F9D8F519A50D5340@CY1PR0501MB1386.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(95692535739014)(278771537138765)(138986009662008);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(5005006)(8121501046)(3002001); SRVR:CY1PR0501MB1386; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0501MB1386;
x-forefront-prvs: 0724FCD4CD
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(51444003)(377454003)(189002)(41584004)(51914003)(13464003)(164054003)(199003)(5003600100002)(86362001)(105586002)(2201001)(77096005)(2950100001)(40100003)(64706001)(92566002)(11100500001)(122556002)(2900100001)(102836002)(76576001)(2501003)(10400500002)(5002640100001)(189998001)(5001960100002)(230783001)(19580395003)(99286002)(54356999)(74316001)(106356001)(87936001)(66066001)(50986999)(101416001)(76176999)(5004730100002)(81156007)(19580405001)(5001770100001)(5008740100001)(97736004)(46102003)(5007970100001)(33656002)(7059030); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0501MB1386; H:CY1PR0501MB1385.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Oct 2015 03:48:58.0682 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0501MB1386
Archived-At: <http://mailarchive.ietf.org/arch/msg/ospf/flXfIdCUrM_RHE0kiWMdd1h7Dlc>
Cc: "ospf@ietf.org" <ospf@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Subject: Re: [OSPF] Gen-ART and OPS-Dir review of draft-ietf-ospf-node-admin-tag-06: A-D issues
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Oct 2015 03:49:04 -0000

David,

Pls see inline...

-----Original Message-----
From: Black, David [mailto:david.black@emc.com] 
Sent: Thursday, October 08, 2015 11:21 PM
To: Shraddha Hegde <shraddha@juniper.net>et>; Rob Shakir <rjs@rob.sh>sh>; as@cisco.com; bruno.decraene@orange.com; ops-dir@ietf.org; General Area Review Team (gen-art@ietf.org) <gen-art@ietf.org>rg>; lizhenbin@huawei.com
Cc: acee@cisco.com; ospf@ietf.org; ietf@ietf.org; Black, David <david.black@emc.com>
Subject: RE: Gen-ART and OPS-Dir review of draft-ietf-ospf-node-admin-tag-06: A-D issues

Shradda,

We're very close to done here, thanks for the updated text.

I have one more concern on information completeness vs. tag removal (I'll deal w/[1] and the new Operational Considerations text in a separate message):

The last paragraph in Section 3.2 of the proposed-for-07 text says:

   On the receiver, When there is a change in
   the node administrative tag TLV or removal/ addition of a TLV in any
   instance of the RI-LSA, implementations MUST take appropriate
   measures to update its state according to the changed set of tags.

In addition, this comment was made in email:

	<Shraddha> A node cannot determine that it has all the complete and
	current information at any point of time.  This is true for any link
	state IGP protocol which floods the data for distribution.

My Concern: How does a receiver detect tag removal or change when it has to assume that its tag information may always be incomplete?

Specifically, how does a receiver determine that a tag (or an old tag prior to a change) is not in some portion of the information that has not been received (and hence that a tag removal or change has occurred)?

<Shraddha> The receiver detects tag removal or change based on its current set of RI LSAs that it has in the database.
                          How to determine whether there is removal of a tag is implementation specific.

                          1) One way  is to  store all the node tags originated by a node and when new LSA arrives re populate the
                                node tags and compare old and    new tags. That can give the details of whether a tag was
                               removed or changes/added
                         2) Another way is to compare the RI LSA and there is any change simply pass the new set of tags to the
                              processing/computation . In this case if tag moves from one RI LSA to the other re-processing happens. 

Generally, multiple LSA changes are combined in one event before triggering the processing. So if tag moves from one RI LSA to the other
If (1) is implemented no processing related to tags would be necessary.

But, all of this is vendor implementation specific  and we need not suggest one or the other way (May be there is a third way as well)in standards.
It should be good enough to say If there is any change in tags , redo the tag processing  and that's what the current text says I believe.

Thanks,
--David

> -----Original Message-----
> From: Shraddha Hegde [mailto:shraddha@juniper.net]
> Sent: Thursday, October 08, 2015 8:03 AM
> To: Black, David; Rob Shakir; as@cisco.com; bruno.decraene@orange.com; 
> ops- dir@ietf.org; General Area Review Team (gen-art@ietf.org); 
> lizhenbin@huawei.com
> Cc: acee@cisco.com; ospf@ietf.org; ietf@ietf.org
> Subject: RE: Gen-ART and OPS-Dir review of draft-ietf-ospf-node-admin-tag-06:
> A-D issues
> 
> Thanks David for the follow-up.
> Pls find details below.
> 
> [...Snip to open comments...]
> 
> David> Please add that statement, specifically that a receiver may 
> David> have to ignore tags that do not match any local policies.
> 
> <Shraddha>Updated as below.
> 
> "If a receiving node does not
> understand the tag value or does not have a local policy corresponding 
> to the tag, it ignores the specific tag and floods the RI LSA without 
> any change as defined in <xref target="RFC4970"/>."
> 
> 
> David> For the first requirement, I was expecting the "MUST" to apply 
> David> only to "independent identifier," i.e.:
> 
>     Each tag MUST be treated as an independent identifier that MAY be
>     used in policy to perform a policy action.
> 
> <Shraddha> OK. Updating the draft as suggested.
> 
> <t>Each tag MUST be treated as an independent identifier that MAY be 
> used in policy to perform a policy action. Tags carried by the 
> administrative tag TLV SHOULD be used to indicate independent 
> characteristics of a node. The administrative tag list within the TLV 
> MUST be considered an unordered list. Whilst policies may be 
> implemented based on the presence of multiple tags (e.g., if tag A AND 
> tag B are present), they MUST NOT be reliant upon the order of the 
> tags (i.e., all policies should be considered commutative operations, 
> such that tag A preceding or following tag B does not change their 
> outcome).
> </t>
> ----------------------------------------------------------------------
> --------
> ------------------------------
> 
> David> The last sentence appears to still have a problem:  How does a 
> David> receiving node determine when it has a complete set of tags?  
> David> Suggested
> rephrase:
> 
> 	When an RI LSA is received that changes the set of tags applicable to
> 	any originating node, a receiving node MUST repeat any computation or
> 	processing that is based on those administrative tags.
> 
> David> I think that captures the underlying point that processing MUST 
> David> always be based on current tag information.
>  <Shraddha> Updated as per suggestion
> 
> <t> Multiple node administrative tag TLVs MAY appear in an RI LSA or
>    multiple node administrative tag TLVs MAY be contained in different
>    instances of the RI LSA.  The node administrative tags associated
>    with a node that originates tags for the purpose of any computation 
> or processing at a receiving node
>    SHOULD be a superset of node administrative tags from all the TLVs 
> in all the
>    received RI LSA instances originated by that node.When an RI LSA is 
> received that changes the set of
>    tags applicable to any originating node, a receiving node MUST 
> repeat any computation or
> 	processing that is based on those administrative tags.
> </t>
> ----------------------------------------------------------------------
> --------
> -------------------------------------------------------
> 
> David> I don't understand how a receiving node can be certain that a 
> David> tag has been removed based on this sentence in Section 2:
> 
>    Multiple TLVs MAY be added in same RI-LSA or in a different instance
>    of the RI LSA as defined in [I-D.acee-ospf-rfc4970bis].
> 
> David> How does a receiving node determine that it has seen all the 
> David> relevant RI LSAs and hence that absence of a previously seen 
> David> tag renders that tag no longer applicable?  The "seen all the 
> David> relevant RI LSAs" portion of this answer probably belongs in Section 2.
> 
> <Shraddha> A node cannot determine that it has all the complete and 
> current information at any point of time.
> This is true for any link state IGP protocol which floods the data for 
> distribution.
> The flooding mechanism is reliable and ensures the changes are 
> propagated Domain wide. The receivers have to process any database 
> change and apply it to the entire link state database every-time it 
> receives any change from any node.
> This is so fundamental to the link state protocols, I don't see the 
> necessity of repeating that concept in this document.
> 
> 
> ----------------------------------------------------------------------
> --------
> ---------------------------------------------------------
> 
> > [D] No management support
> >
> > From OPS-Dir Q&A: At a minimum, reporting of tag values ought to be 
> > defined via an OSPF MIB extension or analogous functionality.
> >
> > <shraddha> I think this should be taken separately as part of OSPF 
> > MIB RFC update, which will combine multiple features which require 
> > new
> definitions.
> >
> > Acee, How do we go about this?
> 
> David> At the very least, the draft that updates that MIB should be
> referenced.
> 
> <Shraddha>Currently there is no active draft working on OSPF MIB to 
> update the node admin tag related configs.
>  Yang data models are extensively being referred and recommended for 
> management.
> Have included a reference to the document and requested authors of 
> yang draft to consider adding the node-admin-tag Related interfaces to 
> the data model.
> 
> 7.  Manageability Considerations
> 
>    Node administrative tags are configured and managed using routing
>    policy enhancements.  YANG data definition language is the latest
>    model to describe and define configuration for network devices.  OSPF
>    YANG data model is described in [I-D.ietf-ospf-yang] and routing
>    policy configuration model is described in
>    [I-D.ietf-rtgwg-policy-model].  These two documents will be enhanced
>    to include the node administrative tag related configurations.
> 
> -----Original Message-----
> From: Black, David [mailto:david.black@emc.com]
> Sent: Wednesday, October 07, 2015 7:58 PM
> To: Shraddha Hegde <shraddha@juniper.net>et>; Rob Shakir <rjs@rob.sh>sh>; 
> as@cisco.com; bruno.decraene@orange.com; ops-dir@ietf.org; General 
> Area Review Team (gen-art@ietf.org) <gen-art@ietf.org>rg>; 
> lizhenbin@huawei.com
> Cc: acee@cisco.com; ospf@ietf.org; ietf@ietf.org; Black, David 
> <david.black@emc.com>
> Subject: Gen-ART and OPS-Dir review of 
> draft-ietf-ospf-node-admin-tag-06: A-D issues
> 
> David> Inline.  I'll deal with the A-D issues here and the editorial 
> David> items/nits in a separate message.
> 
> > David,
> >
> > Thanks a lot for your detailed review and comments.
> >
> 
> [... snip ...]
> 
> > --- Minor issues: ----
> >
> > -- 3.2 Elements of procedure:
> >
> > [A] I see what look like some underspecified requirements:
> >
> >    Each tag SHOULD be treated as an independent identifier that MAY be
> >    used in policy to perform a policy action.
> >
> >    The administrative tag list within the
> >    TLV SHOULD be considered an unordered list.
> >
> > Why are those two not "MUST" requirements?  What happens if either 
> > is not done?
> >
> > <Shraddha> It's perfectly valid for the receiver of the node admin 
> > tag to ignore a certain tag or set of tags if there are no local policies.
> > I think MUST will be too restrictive statement.
> 
> David> Please add that statement, specifically that a receiver may 
> David> have to ignore tags that do not match any local policies.  That 
> David> still doesn't explain why "MUST" is inappropriate in either case.
> 
> David> For the first requirement, I was expecting the "MUST" to apply 
> David> only to "independent identifier," i.e.:
> 
>     Each tag MUST be treated as an independent identifier that MAY be
>     used in policy to perform a policy action.
> 
> 
> David> The "SHOULD" in the second requirement appears to be asking for 
> David> interoperability problems if it's ignored.  I think that ought to be:
> 
>     The administrative tag list within the
>     TLV MUST be considered an unordered list.
> 
> > --------------------------------------------------------------------
> > --
> > --------
> > --------------------------------------------
> >
> > [B] Tag set completeness:
> >
> >    Multiple node administrative tag TLVs MAY appear in an RI LSA or
> >    multiple node administrative tag TLVs MAY be contained in different
> >    instances of the RI LSA.  The node administrative tags associated
> >    with a node for the purpose of any computation or processing SHOULD
> >    be a superset of node administrative tags from all the TLVs in all
> >    instances of the RI LSA originated by that node.
> >
> > This paragraph is about processing at that node.  It's easy to 
> > misread, as that implication
> >
> > is buried in the word "originated" in the last line.
> > Suggested change:
> >
> > 	"for the purpose of any computation or processing SHOULD" ->
> > 	"for the purpose of any computation or processing performed
> > 		at that node SHOULD"
> >
> > Also, it looks like it's acceptable for other nodes to perform such 
> > computation or processing based on a partial tag set for this node 
> > (e.g., when some other node has not received all the RI LSAs with 
> > all the
> tags).  That should be stated.
> >
> > <Shraddha> This is talking about processing at the receiver. Will 
> > update as
> below.
> >
> >
> >    Multiple node administrative tag TLVs MAY appear in an RI LSA or
> >    multiple node administrative tag TLVs MAY be contained in different
> >    instances of the RI LSA.  The node administrative tags associated
> >    with a node for the purpose of any computation or processing at 
> > the
> receiver SHOULD
> >    be a superset of node administrative tags from all the TLVs in all
> >    instances of the RI LSA originated by that node. Receiver MAY 
> > perform the
> processing on
> >    administrative node tags when only a partial set is receieved but 
> > the
> receiver
> >    node MUST repeat the computation or processing when the complete 
> > set of
> node
> >    administrative tags for that node is received.
> 
> David> That's much clearer.  Some minor editorial suggestions:
> 
> 	- "associated with a node" -> "associated with a node that originates 
> tags"
> 	- "processing at the receiver" -> "processing at a receiving node"
> 	- "instances of the RI LSA" -> "received RI LSA instances"
> 
> David> The last sentence appears to still have a problem:  How does a 
> David> receiving node determine when it has a complete set of tags?  
> David> Suggested
> rephrase:
> 
> 	When an RI LSA is received that changes the set of tags applicable to
> 	any originating node, a receiving node MUST repeat any computation or
> 	processing that is based on those administrative tags.
> 
> David> I think that captures the underlying point that processing MUST 
> David> always be based on current tag information.
> 
> > --------------------------------------------------------------------
> > --
> > --------
> > ---------------------------------------------------
> > [C] Tag change/removal:
> >
> >    When there is a change in the node administrative tag TLV or removal/
> >    addition of a TLV in any instance of the RI-LSA, implementations MUST
> >    take appropriate measures to update its state according to the
> >    changed set of tags.  Exact actions depend on features working with
> >    administrative tags and is outside of scope of this specification.
> >
> > Inability to interoperably remove a tag value (e.g., distribute the 
> > update that tag X no longer applies to node Q) seems like a 
> > significant omission, but I'm not a routing expert, so I'll defer to 
> > the WG's and ADs' judgment on the importance of this.  At a minimum, 
> > the rationale for not specifying an interoperable tag value removal
> mechanism ought to be added to this document.
> >
> > <Shraddha> Added the tag updations at the origination.
> >
> > When there is a change or removal of an adminstrative affiliation of 
> > a node, the node MUST
> >
> > re-originate the RI LSA with the latest set of node administrative tags.
> > On the receiver, When there is a change in the node administrative 
> > tag TLV or removal/
> >    addition of a TLV in any instance of the RI-LSA, implementations MUST
> >    take appropriate measures to update its state according to the
> >    changed set of tags.  Exact actions depend on features working with
> >    administrative tags and is outside of scope of this specification.
> 
> David> I don't understand how a receiving node can be certain that a 
> David> tag has been removed based on this sentence in Section 2:
> 
>    Multiple TLVs MAY be added in same RI-LSA or in a different instance
>    of the RI LSA as defined in [I-D.acee-ospf-rfc4970bis].
> 
> David> How does a receiving node determine that it has seen all the 
> David> relevant RI LSAs and hence that absence of a previously seen 
> David> tag renders that tag no longer applicable?  The "seen all the 
> David> relevant RI LSAs" portion of this answer probably belongs in Section 2.
> 
> > --------------------------------------------------------------------
> > --
> > --------
> > -----------------------------------------------------------
> >
> > [D] No management support
> >
> > From OPS-Dir Q&A: At a minimum, reporting of tag values ought to be 
> > defined via an OSPF MIB extension or analogous functionality.
> >
> > <shraddha> I think this should be taken separately as part of OSPF 
> > MIB RFC update, which will combine multiple features which require 
> > new
> definitions.
> >
> > Acee, How do we go about this?
> 
> David> At the very least, the draft that updates that MIB should be
> referenced.
> 
> [... Nits/editorial comments snipped - will send separate email ...]
> 
> Thanks,
> --David
> ----------------------------------------------------
> David L. Black, Distinguished Engineer EMC Corporation, 176 South St., 
> Hopkinton, MA  01748
> +1 (508) 293-7953             FAX: +1 (508) 293-7786
> david.black@emc.com        Mobile: +1 (978) 394-7754
> ----------------------------------------------------