Re: [Pals] Review of draft-ietf-pals-endpoint-fast-protection-04
Yimin Shen <yshen@juniper.net> Mon, 19 December 2016 15:27 UTC
Return-Path: <yshen@juniper.net>
X-Original-To: pals@ietfa.amsl.com
Delivered-To: pals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96075129B80; Mon, 19 Dec 2016 07:27:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id It4d5VucwdjU; Mon, 19 Dec 2016 07:27:44 -0800 (PST)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0106.outbound.protection.outlook.com [104.47.42.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD6FE129B7E; Mon, 19 Dec 2016 07:27:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=vlEjnzv40p2gcxPffjMk+uftMeVs4NqTibxMSh5i2Sw=; b=ASO+ipzxLzYFb+/HNfqpzJ2t/PjgxvTvfGsKqciQ3HCKqxbHv/yQ2Sx/yn3+9AMtzlhSPFmXCJt2WOOoJlFP0lTrDy+GvVWVhwcEUm2p/dSwLFqZCkE7kHwEtllR40MOI7a4CXOPM+vF2tewDKIDrLIvaDMv/g3mSu3XLl/7k94=
Received: from BN3PR0501MB1554.namprd05.prod.outlook.com (10.161.217.144) by BN3PR0501MB1555.namprd05.prod.outlook.com (10.161.217.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.803.5; Mon, 19 Dec 2016 15:27:22 +0000
Received: from BN3PR0501MB1554.namprd05.prod.outlook.com ([10.161.217.144]) by BN3PR0501MB1554.namprd05.prod.outlook.com ([10.161.217.144]) with mapi id 15.01.0789.018; Mon, 19 Dec 2016 15:27:22 +0000
From: Yimin Shen <yshen@juniper.net>
To: "Black, David" <David.Black@dell.com>
Thread-Topic: Review of draft-ietf-pals-endpoint-fast-protection-04
Thread-Index: AQHST79toJhD4QeirE63hAFHYP/IxaEPJXeA
Date: Mon, 19 Dec 2016 15:27:22 +0000
Message-ID: <2CA86DC6-3EA8-4D2A-800A-A32221E44687@juniper.net>
References: <148098421561.9560.17840743269310006258.idtracker@ietfa.amsl.com> <CAA=duU1LG76yxhdhtMmC_dzkPiAp+0BjuTfRydJ=EWnYqKAzTA@mail.gmail.com>
In-Reply-To: <CAA=duU1LG76yxhdhtMmC_dzkPiAp+0BjuTfRydJ=EWnYqKAzTA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.18.0.160709
authentication-results: spf=none (sender IP is ) smtp.mailfrom=yshen@juniper.net;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [66.129.241.14]
x-ms-office365-filtering-correlation-id: 2ffaf1ae-ee0f-499a-c579-08d42823877a
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001); SRVR:BN3PR0501MB1555;
x-microsoft-exchange-diagnostics: 1; BN3PR0501MB1555; 7:Xef39pnsXVYKodueFgYF7aOk0uSGc1RSq9yZpPrF/46TQRi+fVCclaE4zNGrXTBr7VqqAK1MXFc+RaYg/UBqf3b+AgAvuZctGz+/Ox9lcqXw0cf++eqREkyu4VW9dH4DX1YpO0JjmADs1MUf2frvMTGBPxxs+mTcTm9W0mL7lslRF9TdUh0NHFax9zMdZEdPkfGKcw7THNLWIzyloB0EiwaFz1w06XmINdCeHziOOqEjUkn3hy9LwaUJEf261NJnQn659yyDkeV0J16Zh4yZ/Ymu1F4U+cGOAoJnHKYWRgXukNCAEXROpip5IADl9jorh6DY8OjLvg8TpxI6sotCfR21msd9QUpUZyqzgk7i1fU55PU/qz3XKg4TBCgrFF7TwzFU7UqbWdEvmv61/3CsOb+//yRuVKV2cIdvKsdv5YdJKenvt7muXupM5n989chvW0UIZU03mRrEga8O1g0iIg==
x-microsoft-antispam-prvs: <BN3PR0501MB15559E2585ADF0F506142640BD910@BN3PR0501MB1555.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6041248)(20161123564025)(20161123562025)(20161123555025)(20161123560025)(20161123558021)(6072148); SRVR:BN3PR0501MB1555; BCL:0; PCL:0; RULEID:; SRVR:BN3PR0501MB1555;
x-forefront-prvs: 01613DFDC8
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(39860400002)(39450400003)(39410400002)(39850400002)(39840400002)(189002)(24454002)(37854004)(377454003)(199003)(5660300001)(99286002)(83716003)(8666005)(6512006)(82746002)(6486002)(4001350100001)(77096006)(6116002)(102836003)(2900100001)(3846002)(36756003)(6506006)(110136003)(86362001)(83506001)(6916009)(38730400001)(97736004)(2950100002)(6436002)(230783001)(9326002)(229853002)(66066001)(25786008)(8936002)(189998001)(3280700002)(76176999)(54356999)(3660700001)(101416001)(122556002)(92566002)(8676002)(68736007)(106116001)(106356001)(81156014)(105586002)(50986999)(7736002)(2906002)(33656002)(4326007)(81166006)(7059030)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0501MB1555; H:BN3PR0501MB1554.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_2CA86DC63EA84D2A800AA32221E44687junipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Dec 2016 15:27:22.6888 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0501MB1555
Archived-At: <https://mailarchive.ietf.org/arch/msg/pals/2oaOY_EEHURNmEq5RY3JBqYSaso>
Cc: "draft-ietf-pals-endpoint-fast-protection@ietf.org" <draft-ietf-pals-endpoint-fast-protection@ietf.org>, Transport Area Review Team <tsv-art@ietf.org>, "wim.henderickx@nokia.com" <wim.henderickx@nokia.com>, "BRUNGARD, DEBORAH A (ATTLABS)" <db3546@att.com>, "pals@ietf.org" <pals@ietf.org>
Subject: Re: [Pals] Review of draft-ietf-pals-endpoint-fast-protection-04
X-BeenThere: pals@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Pseudowire And LDP-enabled Services dicussion list." <pals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pals>, <mailto:pals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pals/>
List-Post: <mailto:pals@ietf.org>
List-Help: <mailto:pals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pals>, <mailto:pals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2016 15:27:46 -0000
Hi Dave, Thanks very much for your review and valuable comments. Please see my answers inline. Thanks, -- Yimin On Mon, Dec 5, 2016 at 7:30 PM, IETF Secretariat <ietf-secretariat-reply@ietf.org<mailto:ietf-secretariat-reply@ietf.org>> wrote: Reviewer: David Black Review result: Ready with Issues -- TSV-ART review comments: I found a couple of minor transport-related issues, both of which should be resolvable with modest amounts of additional explanation: * ECMP: The ECMP discussion in Section 4.1 on Applicability takes a conservative approach to avoiding packet reordering by recommending (SHOULD) that the entire ECMP set be rerouted as part of local repair. It's not clear what sort of ECMP is involved, as that acronym is used without a reference (or even expansion), so I'd suggest citing a reference. If the ECMP used is flow-aware so that reordering across ECMP branches within an ECMP set does not cause reordering within any of the flows involved, then it ought to be safe from a reordering perspective to reroute an ECMP branch or set of branches that are less than the full ECMP set, although such partial rerouting could cause potentially undesirable forwarding latency differences within the ECMP set. This ought to be discussed, as situations in which rerouting the entire ECMP bundle is overly conservative seem likely to arise in practice. [yshen] We will spell out ECMP and clarify that the ECMP in this document is at transport tunnel level where each PW packet goes through a certain hashing mechanism and then gets forwarded over a particular branch of the ECMP set. The actual reason that all ECMP branches need to be rerouted together is because the egress router is Down, and this failure is going to impact on ALL branches without an exception. The above text only highlights one benefit of doing this -- in the case where the router treats a link failure as an egress node, this can also avoid “possible” packet reordering. Yes, as you mentioned, some PW flows may use FAT or entropy labels, but the router (i.e. PLR) doesn’t have the knowledge or visibility it. We will revise the text to improve the clarity. * Traffic Engineering: Considering the intended speed of local repair, "order of tens of milliseconds" in the abstract, the bandwidth used by the repair paths has to be provisioned in advance of any failure that causes repair path usage - traffic engineering is a likely means of provisioning that bandwidth. I see "TE domain," "TE metric" and "TE path," which I assume refer to Traffic Engineering, but that TE acronym is not expanded, and I did not find text requiring traffic engineering and/or advance (bandwidth) provisioning of repair paths. I assume that this advance bandwidth provisioning of repair paths is intended as part of local repair, as not doing that invites immediate repair path failure due to lack of forwarding resources, which is definitely not desired. A sentence or two ought to be added to point this bandwidth provisioning requirement out, possibly in Section 4.1 (Applicability). Adding that text would also reinforce the conclusion in the Security Considerations section that local repair reroutes are not a security threat, as the new text would add the rationale that local repair reroutes are anticipated and planned for by the network operator's traffic engineering. [yshen] We will add text to clarify TE and bandwidth provisioning which may be necessary and feasible in some cases, e.g. RSVP. Great comment on this reinforcing the security consideration! -- Other comments: * Having found two acronyms that were not expanded, I'd suggest a general look for such acronyms. OTOH, this is an area of network technology where many acronyms are in common use, and hence expansion of every acronym on first use may be excessive - among the ways of avoiding this could be citation of a reference at the start of Section 3 where commonly used PW terms and acronyms are defined. [yshen] We will scan the document to spell out all acronyms that are missed out.
- [Pals] Review of draft-ietf-pals-endpoint-fast-pr… IETF Secretariat
- Re: [Pals] Review of draft-ietf-pals-endpoint-fas… Andrew G. Malis
- Re: [Pals] Review of draft-ietf-pals-endpoint-fas… Yimin Shen
- Re: [Pals] Review of draft-ietf-pals-endpoint-fas… Yimin Shen