Re: [Pce] Review of draft-ietf-pce-segment-routing-policy-cp-15 from SR Policy Arch POV
Dhruv Dhody <dhruv.ietf@gmail.com> Mon, 08 April 2024 14:24 UTC
Return-Path: <dhruv.ietf@gmail.com>
X-Original-To: pce@ietfa.amsl.com
Delivered-To: pce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9587DC14F6A3; Mon, 8 Apr 2024 07:24:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a-lOjuXjjPTC; Mon, 8 Apr 2024 07:24:28 -0700 (PDT)
Received: from mail-vs1-xe33.google.com (mail-vs1-xe33.google.com [IPv6:2607:f8b0:4864:20::e33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 497A4C14F603; Mon, 8 Apr 2024 07:24:28 -0700 (PDT)
Received: by mail-vs1-xe33.google.com with SMTP id ada2fe7eead31-479c3616fceso968526137.3; Mon, 08 Apr 2024 07:24:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712586267; x=1713191067; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=A7hZMap8Tas8TbAqnjLB4BTpRZtgrxUx8GphbGWWwiE=; b=gBCYYMbzu+P8dIE7+n5ZCt5UXM1MHYqF5djLbvgYL9CqwQ4pgL8tymVRR+5gOV/YAe X7YsU2GJqqPlkRPXec5m+s7X5DPomi6+emPiEwtH5nSFhim2La/XzUCVEIknPLeKLNZR 9A7kiU3gKLZkKvnotPgIyPR8kPWGtUjkS6bTdB9dHhfCltxk9aDl85USVxe9ZVHAG37Z ij75TnMvEYLYahRPWg3iHKOSuqHBSuxd3ahYg0+g6T+kkII8fAV5oT4ZwidZ58irr6um /A8Lxo6xX5C6a4r2mwgFD3flSkl96gb/kLLiEqjxuwgyzewJCsKbf1ZGoCIKZ8R5L1wP xSRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712586267; x=1713191067; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=A7hZMap8Tas8TbAqnjLB4BTpRZtgrxUx8GphbGWWwiE=; b=TeLfEaWQtsbommUNDLBdfVNJnS1ZiHGbCCLZdBewx/PehFNYf7aXreRX7Vonsqc5hy Cdm7Hp2m95bUSrqFZrx/pyB9KAWwouf9bl170NcFCcRrUfDCXV//V+bi/oJx1MXmEEPU oInS2beR75GtezjYiCgD7rJy3/GMGQxCvlPXP2bPxjvaV1LHfsSE8qn+994wE88pakm2 gUnx6eKCge5cM3F1pGONp/KoKpRhQPZ1mBJvFmP1dJUuLZBXKBsidHZWkBjQGcVFkcCW gvNNoq/doPsRm+hJW43ZJrFdr37JpD4q3fxfIZcTtLhg+Au+QkJ2xtxOeh2mvm2G3xl+ TZWQ==
X-Forwarded-Encrypted: i=1; AJvYcCWGRQUbRxxYeWupWpy2Q0SmVR1lyKVZkw1Smbspqh91a4mlYuwt5mNH35UpO7W00MRmomrgQnpi9pMQwDCCvWuUtoHPIDh0yuChzw9ViFOemTaECZ82vEki1ylzNjS1nVLO
X-Gm-Message-State: AOJu0YzorfpIpx/DA69uVa8EfkMSj6hGf2hlmU37lhLyBCkjrPzv8r85 iCLTAryo8lRVdJUWdrkr11MssMnMZJXydpiHBCxUTnPDhiHZcfPIvNn+rAkJ4zjjIDuUItgutWE dIG/TgZn6dFj4fO6Glol36DjUwIRSPf3x
X-Google-Smtp-Source: AGHT+IG4KJhAjUQzfRXU72owwXCNAxfyJtaI/y34BkZhqo5HAOAkegBAggE3AoxvksacUkxnsgwDdxCROZeQOUaAjY4=
X-Received: by 2002:a05:6102:a4a:b0:47a:d6a:f7f1 with SMTP id i10-20020a0561020a4a00b0047a0d6af7f1mr1015910vss.7.1712586266936; Mon, 08 Apr 2024 07:24:26 -0700 (PDT)
MIME-Version: 1.0
References: <CAH6gdPy_uh-ZdomgDmD83=gmBq_0OvA=H8_yXgzMtrZNbsySSQ@mail.gmail.com>
In-Reply-To: <CAH6gdPy_uh-ZdomgDmD83=gmBq_0OvA=H8_yXgzMtrZNbsySSQ@mail.gmail.com>
From: Dhruv Dhody <dhruv.ietf@gmail.com>
Date: Mon, 08 Apr 2024 19:53:50 +0530
Message-ID: <CAB75xn4tzQt7+S4i+RnOvge6gG9nE_KAqSURPHB8gvxy589d4A@mail.gmail.com>
To: Ketan Talaulikar <ketant.ietf@gmail.com>
Cc: pce@ietf.org, draft-ietf-pce-segment-routing-policy-cp@ietf.org, Dhruv Dhody <dd@dhruvdhody.com>
Content-Type: multipart/alternative; boundary="000000000000168c0706159690cb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pce/85b-QUifdCd9xOFYKqh0GtgMbFw>
Subject: Re: [Pce] Review of draft-ietf-pce-segment-routing-policy-cp-15 from SR Policy Arch POV
X-BeenThere: pce@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Path Computation Element <pce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pce>, <mailto:pce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pce/>
List-Post: <mailto:pce@ietf.org>
List-Help: <mailto:pce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pce>, <mailto:pce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2024 14:24:29 -0000
Hi Ketan, Authors, I am just responding to a few comments as a Shepherd. Please work with each other and let's resolve these comments.... On Mon, Apr 8, 2024 at 5:15 PM Ketan Talaulikar <ketant.ietf@gmail.com> wrote: > Hello Authors/All, > > I've reviewed the draft from the perspective of consistency with the SR > Policy Arch RFC9256 as well as the BGP SR Policy SAFI IDR draft. As such, I > find some issues that I think need to be addressed before publication. > > Note that these may seem editorial (no change needed in PCEP signaling), > but they are semantically important for this document to convey the intent > and operations for these extensions. > > My comments are embedded in the idnits format below. > > Thanks, > Ketan > > > 13 Path Computation Element Communication Protocol (PCEP) Extensions for > 14 Segment Routing (SR) Policy Candidate Paths > > *[major] A more appropriate title would be "PCEP Extensions for SR > Policy" * > *since this is not just about CPs but support for SR Policy construct.* > > Dhruv: In PCEP the key construct that we signal is a CP and thus I consider the title to be apt. > 15 draft-ietf-pce-segment-routing-policy-cp-15 > > 17 Abstract > > 19 Segment Routing (SR) allows a node to steer a packet flow along any > 20 path. SR Policy is an ordered list of segments (i.e., instructions) > 21 that represent a source-routed policy. Packet flows are steered into > 22 an SR Policy on a node where it is instantiated called a headend > 23 node. An SR Policy is made of one or more candidate paths. > > 25 This document specifies Path Computation Element Communication > 26 Protocol (PCEP) extension to associate candidate paths of the SR > 27 Policy. Additionally, this document updates [RFC8231] to allow > 28 stateful bringup of an SR LSP, without using PCReq/PCRep messages. > 29 This document is applicable to both Segment Routing over MPLS and to > 30 Segment Routing over IPv6 (SRv6). > > > > *[major] This document has the specifications that actually align the > PCEPextensions (e.g. RFC8664) for SR defined prior to this document to the * > *SR Policy architecture RFC9256. This should be the most important thing > to call out and that this spec formally updates RFC8664 and * > *RFC-draft-ietf-pce-segment-routing-ipv6.* > > Dhruv: Happy for the authors to make it clearer but I don't think there is a need for a formal update. "Update" makes sense when there is some text in those RFCs that require changes. It is just a normal extension. From PCEP POV, SR-MPLS and SRv6 extensions for those path setup types exist on their own. If SR Policy is in use, then of course this document should be used. <snip> > > 126 Segment Routing Policy for Traffic Engineering [RFC9256] details the > 127 concepts of SR Policy and approaches to steering traffic into an SR > 128 Policy. > > 130 PCEP Extensions for Segment Routing [RFC8664] specifies extensions to > 131 the Path Computation Element Protocol (PCEP) that allow a stateful > 132 PCE to compute and initiate Traffic Engineering (TE) paths, as well > 133 as a PCC to request a path subject to certain constraint(s) and > 134 optimization criteria in SR networks. > > 136 PCEP Extensions for Establishing Relationships Between Sets of LSPs > 137 [RFC8697] introduces a generic mechanism to create a grouping of LSPs > 138 which can then be used to define associations between a set of LSPs > 139 and a set of attributes (such as configuration parameters or > 140 behaviors) and is equally applicable to stateful PCE (active and > 141 passive modes) and stateless PCE. > > > > *[major] It may be somewhat misleading to give an impression that > thepurpose for introducing the SRPA is "to create a grouping of LSPs". * > > > *For sure, the SRPA enables the grouping of CPs associated with a single > SR Policy. However, SRPA is absolutely necessary even when signaling a > single SR Policy CP as it is indicating the Color of the SR Policy and > the identifiers of the SR Policy CP **as per RFC9256.* > > Dhruv: In PCEP, association can exist with a single LSP in the association group. If authors feel they need to be explicit about it, it is fine with me. <snip> > 156 Endpoint: The IPv4 or IPv6 endpoint address of the SR Policy in > 157 question, as described in [RFC9256]. > > 159 SRPA: SR Policy Association. A new association type 'SR Policy > 160 Association' is used to group candidate paths belonging to the SR > 161 Policy. Depending on discussion context, it can refer to the PCEP > 162 ASSOCIATION object of SR Policy type or to a group of LSPs that > 163 belong to the association. > > 165 Association Parameters: As described in [RFC8697], refers to the key > 166 data, that uniquely identifies the Association. > > 168 Association Information: As described in [RFC8697], refers to the > 169 non-key information about the Association. > > 171 3. Overview > > > > > > > > > > > > > *[major] What we are missing here is some text about the motivation for > whythese extensions are a MUST have for SR Policy signaling via PCEP. I > will try tosummarize:a) To align with SR Policy construct per RFC9256b) To > ensure that the headend is able to "associated" a SR Policy CP signaledvia > PCEP with other CPs of the same SR Policy from other sources - e.g.,locally > configured or via BGP.c) To indicate the intent of the SR Policy via > "color" that can then be usedon the headend for steering BGP service routes > over the SR Policy provisionedvia PCEP (PCE initiated).None of these were > possible without this extension for certain deploymentdesigns - especially > PCE initiated.* > > Dhruv: I don't disagree but this section is an overview of the extensions and not motivation. If authors wish to add a motivation section, sure they can do that. <snip> > > 283 The Association Source MUST be set to the headend value of the SR > 284 Policy, as defined in [RFC9256] Section 2.1. > > 286 The 16-bit Association ID field in the ASSOCIATION object MUST be set > 287 to the value of "1". > > 289 The Extended Association ID TLV MUST be included and it MUST be in > 290 the following format: > > 292 0 1 2 3 > 293 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > 294 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 295 | Type = 31 | Length = 8 or 20 | > 296 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 297 | Color | > 298 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 299 ~ Endpoint ~ > 300 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > 302 Figure 1: Extended Association ID TLV format > > 304 Type: Extended Association ID TLV, type = 31 [RFC8697]. > > 306 Length: Either 8 or 20, depending on whether IPv4 or IPv6 address is > 307 encoded in the Endpoint field. > > 309 Color: SR Policy color value, non-zero as per [RFC9256] Section 2.1. > > 311 Endpoint: can be either IPv4 or IPv6. This value MAY be different > 312 from the one contained in the Destination address field in the END- > 313 POINTS object, or in the Tunnel Endpoint Address field in the LSP- > 314 IDENTIFIERS TLV. > > 316 If the PCEP speaker receives an SRPA object whose Association > 317 Parameters do not follow the above specification, then the PCEP > 318 speaker MUST send PCErr message with Error-Type = 26 "Association > 319 Error", Error-Value = 20 "SR Policy Identifier Mismatch". > > 321 The purpose of choosing the Association Parameters in this way is to > 322 guarantee that there is no possibility of a race condition when > 323 multiple PCEP speakers want to associate the same SR Policy at the > 324 same time. By adhering to this format, all PCEP speakers come up > 325 with the same Association Parameters independently of each other > 326 based on the SR Policy [RFC9256] parameters. Thus, there is no > 327 chance that different PCEP speakers will come up with different > 328 Association Parameters for the same SR Policy. > > 330 The last hop of the computed SR Policy Candidate Path MAY differ from > 331 the Endpoint contained in the <headend, color, endpoint> tuple. An > 332 example use case is to terminate the SR Policy before reaching the > 333 Endpoint and have decapsulated traffic go the rest of the way to the > 334 Endpoint node using the native IGP path(s). In this example, the > 335 destination of the SR Policy Candidate Paths will be some node before > 336 the Endpoint, but the Endpoint value is still used at the head-end to > 337 steer traffic with that Endpoint IP into the SR Policy. Destination > 338 of the SR Policy Candidate Path is signaled using the END-POINTS > 339 object and/or LSP-IDENTIFIERS TLV, as per the usual PCEP procedures. > 340 When neither END-POINTS object nor LSP-IDENTIFIERS TLV is present, > 341 the PCEP speaker MUST extract the destination from the Endpoint field > 342 in the SRPA Extended Association ID TLV. > > *[major] What about the null endpoint support?* > > Dhruv: One can still use the values 0.0.0.0 and :: > > 394 4.2.2. SR Policy Candidate Path Identifier TLV > > 396 The SRPOLICY-CPATH-ID TLV is a mandatory TLV for the SRPA object. > > 398 0 1 2 3 > 399 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > 400 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 401 | Type | Length | > 402 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 403 | Proto. Origin | MBZ | > 404 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 405 | Originator ASN | > 406 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 407 | | > 408 | Originator Address | > 409 | | > 410 | | > 411 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 412 | Discriminator | > 413 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > 415 Figure 3: The SRPOLICY-CPATH-ID TLV format > > 417 Type: 57 for "SRPOLICY-CPATH-ID" TLV. > > 419 Length: 28. > > 421 Protocol Origin: 8-bit value that encodes the protocol origin, as > 422 specified in Section 6.5. Note that in PCInitiate message [RFC8281], > 423 the Protocol Origin is always set to 10 (PCEP). > > 425 MBZ: Must be zero. > > 427 Originator ASN: Represented as 4-byte number, part of the originator > 428 identifier, as specified in [RFC9256] Section 2.4. If 2-byte ASNs > 429 are in use, the low-order 16 bits is used, and the high-order bits > 430 are set to 0. When sending PCInitiate message [RFC8281], the PCE is > 431 acting as the originator and therefore MUST set this to an ASN that > 432 it belongs to. > > > > *[major] This is an unnecessary restriction on PCEP which does not use > ASN.RFC9256 section 2.4 allows the value of 0 to be used by PCEP when ASN > is notavailable/known.* > > Dhruv: Good catch! <snip> > 622 5.4. Invalidation TLV > > 624 The INVALIDATION TLV is an optional TLV for the LSP object. It is > 625 used to control traffic steering into the LSP during the time when > 626 the LSP is operationally down/invalid. In the context of SR Policy, > 627 this TLV facilitates the Drop-upon-invalid behavior, specified in > 628 Section 8.2 of [RFC9256]. Normally, if the LSP is down/invalid then > 629 it stops attracting traffic and traffic that would have been destined > 630 to that LSP is redirected somewhere else, such as via IGP or via > 631 another LSP. The Drop-upon-invalid behavior specifies that the LSP > 632 keeps attracting traffic and the traffic has to be dropped at the > 633 head-end. Such an LSP is said to be "in drop state". While in the > 634 drop state, the LSP operational state is "UP", as indicated by the > 635 O-flag in the LSP object. However the ERO object MAY be empty, if no > 636 valid path has been computed. > > 638 The INVALIDATION TLV is used in both directions between PCEP peers: > > 640 * PCE -> PCC: PCE specifies to the PCC whether to enable or disable > 641 Drop-upon-invalid (Config). > > 643 * PCC -> PCE: PCC reports the current setting of the Drop-upon- > 644 invalid (Config) and also whether the LSP is currently in the drop > 645 state (Oper). > > 647 0 1 2 3 > 648 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > 649 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 650 | Type | Length | > 651 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 652 | Oper | Config | MBZ | > 653 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > 654 Figure 9: The INVALIDATION TLV format > > 656 Type: 70 for "INVALIDATION" TLV. > > 658 Length: 4. > > 660 Oper: encodes the current state of the LSP, i.e., whether it is > 661 actively dropping traffic right now. This field can be set to non- > 662 zero values only by the PCC, it MUST be set to 0 by the PCE and > 663 SHOULD be ignored by the PCC. > > 665 0 1 2 3 4 5 6 7 > 666 +-+-+-+-+-+-+-+-+ > 667 | |D| > 668 +-+-+-+-+-+-+-+-+ > > 670 Figure 10: Oper state of Drop-upon-invalid feature > > 672 * D: dropping - the LSP is currently attracting traffic and actively > 673 dropping it. > > 675 * The unassigned bits in the Flag octet MUST be set to zero upon > 676 transmission and MUST be ignored upon receipt. > > 678 Config: encodes the current setting of the Drop-upon-invalid feature. > > 680 0 1 2 3 4 5 6 7 > 681 +-+-+-+-+-+-+-+-+ > 682 | |D| > 683 +-+-+-+-+-+-+-+-+ > > 685 Figure 11: Config state of Drop-upon-invalid feature > > 687 * D: drop enabled - the Candidate Path has Drop-upon-invalid feature > 688 enabled. > > 690 * The unassigned bits in the Flag octet MUST be set to zero upon > 691 transmission and MUST be ignored upon receipt. > > > > *[major] Was there a specific reason to specify this as a boolean instead > ofbits/flags?* > Dhruv: There were more flags before but were removed, the aim is to allow extensibility. I suggested authors turn this into a registry! <snip> Thanks! Dhruv
- [Pce] Review of draft-ietf-pce-segment-routing-po… Ketan Talaulikar
- Re: [Pce] Review of draft-ietf-pce-segment-routin… Dhruv Dhody
- Re: [Pce] Review of draft-ietf-pce-segment-routin… Ketan Talaulikar
- Re: [Pce] Review of draft-ietf-pce-segment-routin… Dhruv Dhody