Re: [Pce] Benjamin Kaduk's Discuss on draft-ietf-pce-stateful-path-protection-10: (with DISCUSS and COMMENT)
Benjamin Kaduk <kaduk@mit.edu> Wed, 25 September 2019 21:17 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: pce@ietfa.amsl.com
Delivered-To: pce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E80112022C; Wed, 25 Sep 2019 14:17:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rknOfY7yvbYd; Wed, 25 Sep 2019 14:17:53 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 459F71200CC; Wed, 25 Sep 2019 14:17:53 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x8PLHj0g016995 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 25 Sep 2019 17:17:48 -0400
Date: Wed, 25 Sep 2019 14:17:45 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Dhruv Dhody <dhruv.ietf@gmail.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-pce-stateful-path-protection@ietf.org, Julien Meuric <julien.meuric@orange.com>, pce-chairs <pce-chairs@ietf.org>, pce@ietf.org
Message-ID: <20190925211745.GN6424@kduck.mit.edu>
References: <156876388231.17411.6094234033866939217.idtracker@ietfa.amsl.com> <CAB75xn4L2RE0vo44bt332kUL7Nh=LryKpJ3BSHRRnHggz8v3vQ@mail.gmail.com> <20190919210236.GB48975@kduck.mit.edu> <CAB75xn553Ft1i1zDnYqDgSZZf57eQF6Ej1FOpbqSWAuqgVPOxA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAB75xn553Ft1i1zDnYqDgSZZf57eQF6Ej1FOpbqSWAuqgVPOxA@mail.gmail.com>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/pce/wK-kCVsg3FgZrzUkSHOmxDTt-4E>
Subject: Re: [Pce] Benjamin Kaduk's Discuss on draft-ietf-pce-stateful-path-protection-10: (with DISCUSS and COMMENT)
X-BeenThere: pce@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Path Computation Element <pce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pce>, <mailto:pce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pce/>
List-Post: <mailto:pce@ietf.org>
List-Help: <mailto:pce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pce>, <mailto:pce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Sep 2019 21:17:56 -0000
On Tue, Sep 24, 2019 at 11:38:13AM +0530, Dhruv Dhody wrote: > Hi Ben, > > Apologies for the delay. I am replying this email where we tackle > points that needed some more discussion. > > On Fri, Sep 20, 2019 at 2:32 AM Benjamin Kaduk <kaduk@mit.edu> wrote: > > > > Hi Dhruv, > > > > On Wed, Sep 18, 2019 at 11:45:23AM +0530, Dhruv Dhody wrote: > > > Hi Ben, > > > > > > Thanks for your review, let me start the discussion and the authors > > > can interject as needed. > > > > Thanks; it's a great start. > > > > > On Wed, Sep 18, 2019 at 5:14 AM Benjamin Kaduk via Datatracker > > > <noreply@ietf.org> wrote: > > > > > > > > Benjamin Kaduk has entered the following ballot position for > > > > draft-ietf-pce-stateful-path-protection-10: Discuss > > > > > > > > When responding, please keep the subject line intact and reply to all > > > > email addresses included in the To and CC lines. (Feel free to cut this > > > > introductory paragraph, however.) > > > > > > > > > > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > > > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > > > > > > > The document, along with other ballot positions, can be found here: > > > > https://datatracker.ietf.org/doc/draft-ietf-pce-stateful-path-protection/ > > > > > > > > > > > > > > > > ---------------------------------------------------------------------- > > > > DISCUSS: > > > > ---------------------------------------------------------------------- > > > > > > > > (1) draft-ietf-pce-association-group notes that "PCEP extensions that define > > > > a new association type should clarify the relationship between the SVEC > > > > object and the association type, if any". Where do we do so for the > > > > path protection association type? > > > > > > > > > > This is discussed in > > > https://tools.ietf.org/html/draft-ietf-pce-association-diversity-10#section-5.3, > > > where it is more relevant. This draft includes the relationship with > > > diversity association in Section 5. > > > > A naive reading of the linked section would be that it applies only to the > > "Disjointness Association Type" defined in that document. I'm not in a > > position to claim that the reasoning in that document does not apply to > > this one, but I think we should make a more clear link between the Path > > Protection ASsociation Type and the discussion in that document. > > > > The direct relationship is between the 'Disjointness Association Type' > and SVEC. But it is natural to include both Protection association and > disjoint association together. If SVEC is also present the > relationship is as per the Section 5.3 of > [I-D.ietf-pce-association-diversity]. Suppose if only protection > association is present and SVEC object, there is no direct > relationship and both object would be processed. > > I suggest we add this text to make sure reader is aware of SVEC - "The > relationship between the Synchronization VECtor (SVEC) object and the > Disjointness Association is described in section 5.3 of > [I-D.ietf-pce-association-diversity]." Thanks! > > > > > (2) Section 3.2 says: > > > > > > > > Protection Type (PT): 6 bits - This field is as defined in > > > > Section 14.1 of [RFC4872] to indicate the LSP protection type in > > > > use. > > > > > > > > There doesn't seem to be a registry created by RFC 4872 to track these > > > > PT values, so I assume that the way to allocate a new value is > > > > "standards-track RFC that Updates: RFC 4872". Is that also the way to > > > > allocate new PT values for PPAG usage? How would someone updating RFC > > > > 4872 to allocate a new type know to consider/document whether it applies > > > > for PPAG usage? > > > > > > > > > > That's true. Maybe we can add this text - "Any type already defined or > > > that could be defined in the future for use in the RSVP-TE PROTECTION > > > object is acceptable in this TLV unless explicitly stated otherwise." > > > > To be honest, that's probably good enough in practice, since it seems > > somewhat unlikely that the last bit is ever going to get allocated (though, > > I guess technically the field could be converted to an integer instead of > > flags). I do still have to wonder how the reader would know *where* it > > would be stated otherwise, and how the author of a document defining a new > > type would know to consider our use case as well as the RFC 4872 use case. > > > > I guess such an update would happen in TEAS; and historically PCE and > TEAS work very closely, as well as share the same AD. I think we are > quite safe here. > > In case you were wondering why flags - we chose PT as flags as per RFC > 4872 where this is called "LSP (Protection Type) Flags". > > > > > (3) In Section 4.3: > > > > > > > > A PCE can create/update working and protection LSPs independently. > > > > As specified in [I-D.ietf-pce-association-group], Association Groups > > > > can be created by both the PCE and the PCC. Further, a PCE can > > > > > > > > The requirement that source, destination, and tunnel ID of all LSPs > > > > within a PPAG MUST be the same is new to this document, so I think we > > > > need to specify error handling for when attempts to update LSPs > > > > independently would violate that invariant (presumably in Section 4.5). > > > > > > > > > > In the existing error case in Section 4.5 we could make it "add or update". > > > > Wording it right might be a little finicky, but that's fine in general. > > > > > > (4) In Section 6.3: > > > > > > > > IANA is requested to allocate new > > > > error values within the "PCEP-ERROR Object Error Types and Values" > > > > sub-registry of the PCEP Numbers registry, as follows: > > > > > > > > The following table only lists Error-values. What Error-type(s) should > > > > they be associated with? > > > > > > > > > > It is mentioned in the text, but worth making it explicit in the table as well. > > > > > Lets update the table as well. Request authors to update. Thanks! > > > > (5) We don't say which objects the PPAG TLV can appear in. (Section 3.2 > > > > says "[t]he Path Protection Association TLV is an optional TLV for use > > > > with the Path Protection Association Type", but it's hard to interpret > > > > that as meaning "for use [only] with the ASSOCIATION object defined in > > > > draft-ietf-pce-association-group", especially since there is a "path > > > > protection association type" already (and it's a codepoint in the > > > > "ASSOCIATION Type Field" registry). > > > > > > > > > > We can update to - "The Path Protection Association TLV is an optional > > > TLV for use in the ASSOCIATION Object with the Path Protection > > > Association Type." > > > > Thanks! > > > > > > (6) I'm not sure if a change to the document is needed here, but perhaps > > > > some discussion is in order: we say that a given LSP can belong to more > > > > than one PPAG, but only allow one PPAG TLV per [some context that > > > > remains unclear; see (5)]. I don't have a good handle for whether these > > > > two requirements are potentially in conflict: that is, whether a single > > > > PPAG TLV would have to specify the flags that apply for both PPAGs that > > > > a given LSP is a member of, or if the containing objects serve to scope > > > > the PPAG TLV flags' interpretation. > > > > > > > > > > When a given LSP belong to more than one PPAG, we expect to have > > > multiple ASSOCIATION Object for each PPAG with each of them having a > > > single PPAG TLV. > > > > Sounds good, and quite natural given (5). > > > > > > (7) Do the Protection Type fields of the PPAG TLV in the various LSPs > > > > that are members of the same PPAG need to match, in the same way that > > > > the source/destination/tunnel-ID do? > > > > > > > > > > Yes. Authors should make that explicit. > > > > Sure. Request authors to add. Thanks! > > Thanks > > > > > > > > > > ---------------------------------------------------------------------- > > > > COMMENT: > > > > ---------------------------------------------------------------------- > > > > > > > > Section 1 > > > > > > > > This document specifies a stateful PCEP extension to associate two or > > > > more LSPs for the purpose of setting up path protection. The > > > > proposed extension covers the following scenarios: > > > > > > > > nit: after publication, it doesn't really seem like a *proposed* > > > > extension anymore. > > > > > > > > Section 3.1 > > > > > > > > LSPs are not associated by listing the other LSPs with which they > > > > interact, but rather by making them belong to an association group > > > > referred to as "Path Protection Association Group" (PPAG) in this > > > > document. [...] > > > > > > > > The first 2/3 of this sentence is a (true) generic statement about all > > > > association groups, which exist outside of this document in a generic > > > > fashion. I strongly suggest rewording this to make clear that the PPAG > > > > is the specific association (group) type used for this document's > > > > functionality but that other association groups are possible. The > > > > current wording implies that the PPAG is the only association possible, > > > > and it is just given a special name for this document's purposes. > > > > > > > > [I-D.ietf-pce-association-group] specifies the mechanism for the > > > > capability advertisement of the Association types supported by a PCEP > > > > speaker by defining a ASSOC-Type-List TLV to be carried within an > > > > OPEN object. This capability exchange for the Association type > > > > described in this document (i.e. Path Protection Association Type) > > > > MAY be done before using the policy association, i.e., the PCEP > > > > speaker MAY include the Path Protection Association Type (TBD1) in > > > > the ASSOC-Type-List TLV before using the PPAG in the PCEP messages. > > > > > > > > Why is this only MAY and not MUST? > > > > > > > > > > In [I-D.ietf-pce-association-group] we explicitly did not mandate the > > > capability exchange for all association types and let each type decide > > > for itself. This association type fits into where the capability > > > exchange is optional. When the capability exchange was added in > > > [I-D.ietf-pce-association-group], there was a desire from the WG to > > > keep it optional for already defined/implemented protection > > > association type. Also this is a basic feature in path computation and > > > it is expected to be supported universally. In a corner case there is > > > an error handling for unknown/unsupported association-type to take > > > care of it. > > > > Okay, thanks for giving me the backstory. > > > > > > This Association type is dynamic in nature and created by the PCC or > > > > > > > > nit: is it the type that is dynamic or the associations of that type? > > > > > > > > > > It is the type. [I-D.ietf-pce-association-group] has dynamic or > > > operator-configured association, this one is dynamic. > > > > Ah, of course, I had forgotten about that division of configuration. > > > > > > Protecting (P): 1 bit - This bit is as defined in Section 14.1 of > > > > [RFC4872] to indicate if the LSP is working or protection LSP. > > > > > > > > Secondary (S): 1 bit - This bit is as defined in Section 14.1 of > > > > [RFC4872] to indicate if the LSP is primary or secondary LSP. The > > > > S flag is ignored if the P flag is not set. > > > > > > > > Just to check my understanding (no change expected to result): if P is > > > > zero, the LSP is working, and thus we know that it's primary since it's > > > > actively carrying traffic? > > > > > > > > > > Yes, Working LSPs are always primary. > > > > > > > > > > Section 3.2 > > > > > > > > nit(?) The section heading does not match the name of the TLV requested > > > > in the IANA considerations, nor do we mention here that "PPAG TLV" is > > > > synonymous with it. > > > > > > > > If the TLV is missing, it is considered that the LSP is the working > > > > LSP (i.e. as if P bit is unset). > > > > > > > > Is this conditional on the LSP being part of a PPAG, or does it hold > > > > generically as well? > > > > > > > > > > IMHO when part of a PPAG i.e. association object but no TLV. > > > > It may be worth making the text explicit about it. > > > > > > Section 4.5 > > > > > > > > As per the processing rules specified in section 5.4 of > > > > [I-D.ietf-pce-association-group], if a PCEP speaker does not support > > > > > > > > There is no Section 5.4 in draft-ietf-pce-association-group-10; > > > > presumably this was supposed to be Section 6.4? > > > > > > > > A given LSP MAY belong to more than one PPAG. If there is a conflict > > > > > > > > While I'm not arguing to remove this option, I'm also a bit confused at > > > > how useful having a single LSP be in multiple PPAGs woud be, given the > > > > need for source/destination/tunnel-ID to match. > > > > > > > > > > One working LSP could have multiple protection LSPs with each > > > belonging to a different association. > > > > > > > When the protection type is set to 1+1 or 1:N with N=1, there MUST be > > > > only one working LSP and one protection LSP within a PPAG. If a PCEP > > > > speaker attempts to add another working/protection LSP, the PCEP peer > > > > MUST send PCErr with Error-Type 26 (Association Error) > > > > [I-D.ietf-pce-association-group] and Error-Value TBD4 (Attempt to add > > > > another working/protection LSP for Path Protection Association). > > > > > > > > This seems to prevent a scenario where there's a need to change the > > > > protection LSP and a desire to do so without removing the protected > > > > nature of the working LSP. Unless it's presumed that this could always > > > > be done by updating the protection LSP and it would never be necessary > > > > to create a new one? (Similarly for 1:N, though maybe less severe.) > > > > > > > > > > One can remove the protection LSP and keep the association intact. The > > > error will not be triggered. > > > Also, PCEP messages are per LSP, when the first LSP is reported with > > > association, it is bound to be the only LSP in the association. > > > So the error in this section are focused only when one adds "another". > > > > I don't think that the points you cover above are what I was concerned > > about -- I was thinking more along the lines of a "make-before-break" > > scheme for changing what LSP is the protection LSP for a given working LSP. > > Maybe given the timescales involved it's not an issue in practice, though. > > > > Maybe worth adding some text here to be safe - "During the > make-before-break (MBB) procedure, two paths will briefly coexist. The > error handling related to number of LSPs allowed in a PPAG MUST NOT be > applied during MBB." > > I hope this message clears all the remaining points. I think it does; thanks again. -Ben
- [Pce] Benjamin Kaduk's Discuss on draft-ietf-pce-… Benjamin Kaduk via Datatracker
- Re: [Pce] Benjamin Kaduk's Discuss on draft-ietf-… Dhruv Dhody
- Re: [Pce] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
- Re: [Pce] Benjamin Kaduk's Discuss on draft-ietf-… Mahend Negi
- Re: [Pce] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
- Re: [Pce] Benjamin Kaduk's Discuss on draft-ietf-… Dhruv Dhody
- Re: [Pce] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk