Re: [pim] pim-dr-improvement wglc

[<zhang.zheng@zte.com.cn>]

Hi Jake,






Thank you very much for your quickly review!


The BDR behavior is similar with DR, the only difference is that BDR does not forwarding multicast flows. BDR will send regular join/prune message to upstream router.


But BDR will not impact on the assert state machine. The DR is still the assert winnner.


Because most of the parts is the same with DR except for flow forwarding, I am not sure if we should add the new preudocode for the BDR. Do you think it is necessary?


And thank you for the nit, I'll fix it in next version. :-)






Thanks,


Sandy







原始邮件



发件人：Holland,Jake <jholland@akamai.com>
收件人：张征00007940;gregimirsky@gmail.com <gregimirsky@gmail.com>;stig@venaas.com <stig@venaas.com>;
抄送人：pim@ietf.org <pim@ietf.org>;
日 期 ：2019年01月19日 03:52
主 题 ：Re: [pim] pim-dr-improvement wglc




Hi Sandy,


 


Thanks, I think this is much improved and easier to read.


 


Looking over this again, I noticed what might be another issue from this clause in section 4:


 


When the new router becomes the new BDR, the router will join the


   current multicast groups, and import multicast flows from upstream


   routers.  But the BDR must not forward the multicast flows to avoid


   the duplicate multicast packets in the shared-media LAN.


 


Does this mean there’s a change to the JoinDesired(S,G) and JoinDesired(*,G) macros from RFC 7761?


And if so, is it as simple as adding “OR (I am BDR and Assert Winner’s IP address == DR’s IP)”?


 


It seems like this also would update section 4.2, or possibly create another kind of list besides immediate_olist and inherited_olist—for example I think BDR would still restart the (S,G) Keepalive  timer even though the outgoing interface list for the packet might be empty now. Are there any other updates to this logic?


 


I’m not sure whether there’s any other impact on the assert state machine, but I didn’t see it covered in the draft.


 


Should this draft perhaps provide new pseudocode for all the pseudocode that’s updated in RFC 7761?


 


 


I also noticed another nit:


section 4.1: “minium” -> “minimum”.


 


Thanks and regards,


Jake


 


 



From: "zhang.zheng@zte.com.cn" <zhang.zheng@zte.com.cn>
 Date: 2019-01-17 at 01:10
 To: "gregimirsky@gmail.com" <gregimirsky@gmail.com>, "Holland, Jake" <jholland@akamai.com>, "stig@venaas.com" <stig@venaas.com>
 Cc: "pim@ietf.org" <pim@ietf.org>
 Subject: Re:[pim] pim-dr-improvement wglc



 


Hi Greg, Jake, Stig,


 


Thank you very much for your careful review and suggestion!


A new version of this draft has been submitted.


The nits you mentioned are fixed. And I add more description in Compatibility section and Security Considerations section.


Appreciate for your more view!


 


PS. It seems like the previous email has been held for some reasons, so I resend this email. Sorry for the duplicate emails.


 


Best regards,


Sandy


 


原始邮件



发件人：StigVenaas <stig@venaas.com>



收件人：Holland, Jake <jholland@akamai.com>;



抄送人：pim@ietf.org <pim@ietf.org>;



日 期 ：2019年01月16日 01:11



主 题 ：Re: [pim] pim-dr-improvement wglc




Hi
 
 I overall agree with the other reviewers' comments. One high level
 concern I think needs to be addressed in the draft is how to detect
 that other neighbors support the mechanism, and how to behave if not
 all routers support it.
 
 One way of detecting support for the mechanism would be to check if
 neighbors announce the new options. In that case, what should be the
 content of the options if not all neighbors support it. Also, is it OK
 to use the mechanism if the neighbors not supporting it have a low DR
 priority, or is it better to require that all neighbors support it?
 What should be the behavior once all neighbors support it (a
 non-capable neighbor went away), or if a non-capable neighbor comes
 up?
 
 Section 4.2 should talk about primary address, not Router ID.
 
 Regards,
 Stig
 
 On Mon, Jan 14, 2019 at 2:08 PM Holland, Jake <jholland@akamai.com> wrote:
 >
 > Hi,
 >
 >
 >
 > I think the extension is a good idea and that this doc gives a good
 >
 > explanation of how it works. However, I think there’s some issues that
 >
 > should be addressed before publication as a Standards Track RFC.
 >
 >
 >
 >
 >
 > Major issues:
 >
 > 1. The security considerations section seems too thin. (The complete
 >
 > contents of the section are “For general PIM Security Considerations.”)
 >
 >
 >
 > 1.a. I think there are some security implications because of
 >
 > the new stickiness in the DR election process. For instance, in
 >
 > https://tools.ietf.org/html/rfc5015#section-5.1.1 when describing what
 >
 > happens when a DR has been impersonated, it implies there’s a
 >
 > mitigation (“[The impersonated] node typically will be able to detect
 >
 > the anomaly and, possibly, restart a new election.”)
 >
 >
 >
 > But because the DR is more sticky with this new extension, I think the
 >
 > kind of temporary disruption would have a more permanent effect that
 >
 > the impersonated node could not mitigate. I might be wrong about that
 >
 > being actually more dangerous, but it worries me that there’s no
 >
 > mention of issues like these in the security considerations section.
 >
 >
 >
 > I think for this point, it might be enough to just say that the
 >
 > election process may be more vulnerable to temporary disruption because
 >
 > the DR election is more persistent, and that this increases the
 >
 > importance of using source authentication to avoid DoS from malicious
 >
 > activity.
 >
 >
 >
 > 1.b. I think this probably should mention that BFD security
 >
 > considerations are applicable also, or the considerations for whatever
 >
 > DR failure detection mechanism is used.
 >
 >
 >
 > 2. There should probably be a reference to BFD, and perhaps other
 >
 > fast failure detection mechanisms, if they’re recommended.
 >
 >
 >
 > More generally, it seems to me that the speed of DR failure detection
 >
 > is of critical importance in using this mechanism, so the one brief
 >
 > mention (which doesn't explain the pros and cons of faster detection or
 >
 > make any recommendations about technologies to use) seems like it
 >
 > skims past a key point without explaining it in depth.
 >
 >
 >
 >
 >
 > Minor/editorial issues:
 >
 >
 >
 > 1. In section 3.2, it probably should talk about the IP version in the
 >
 > PIM message, instead of IP version supported by the network. The way
 >
 > it’s written, it seems to make it impossible to run a dual-stacked
 >
 > network with 2 instances of PIM, but I don’t think that’s the intent.
 >
 >
 >
 > 2. Should the reference to 2328 be informative instead of normative? It
 >
 > seems like it’s only used as an example.
 >
 >
 >
 > 3. The IANA considerations section should follow the guidelines from
 >
 > RFC 8126 section 1.3 (exact name of the registry, for instance). It
 >
 > also seems useful to make 2 separate values, TBD1 and TBD2 instead of
 >
 > using TBD for both.
 >
 >
 >
 > 4. “SW” is not defined in the diagram in Figure 1. I think the 2 SW
 >
 > boxes are Layer 2 switches on the same LAN, but I’m not certain.
 >
 >
 >
 > 5. In section 4, I think "MUST not" in the last paragraph should have
 >
 > NOT capitalized?
 >
 >
 >
 > 6. I don't understand the meaning of "The treatment" as the title
 >
 > for section 4.5.
 >
 >
 >
 > 7. There are a lot of English language nits. I saw that Greg covered
 >
 > several of them, so I’ll just mention the ones I saw in sections he
 >
 > didn’t cover:
 >
 >
 >
 > section 1:
 >
 > “can be adjust to” -> “can be adjusted to”
 >
 > “Still, may multicast packets” – should this be “many” instead of “may”?
 >
 > “new comers” is one word (this appears several times in the doc)
 >
 > I’m not certain, but I think each time the word “Ethernet” is used, “LAN” was intended?
 >
 > “new comers which has a higher”: has->have
 >
 >
 >
 > ... (skipping sections Greg Mirsky covered) ...
 >
 >
 >
 > section 4.5:
 >
 > “are start to work on the same time”
 >
 > “when a new router start to work” -> starts to work
 >
 > “fails or manually adjustment” -> fails or is manually adjusted
 >
 >
 >
 > I had to stop early before finishing a catalogue of all the rest of the
 >
 > issues I could find, but because of the very high density of nits, I’ll
 >
 > suggest it might be a good idea to try using an English-language
 >
 > proofreading service that works with technical documents.
 >
 >
 >
 > This is not an endorsement, and I’ve never used their services, but as
 >
 > an example of the kind of service I mean, here’s one I found in a few
 >
 > moments with a search engine:
 >
 > https://www.proof-reading-service.com/
 >
 >
 >
 >
 >
 > Thanks for this work, it seems like a useful extension.
 >
 >
 >
 > Best,
 >
 > Jake
 >
 >
 >
 >
 >
 > From: Michael McBride <Michael.McBride@huawei.com>
 > Date: 2019-01-08 at 10:29
 > To: "pim@ietf.org" <pim@ietf.org>
 > Subject: [pim] pim-dr-improvement wglc
 >
 >
 >
 > Happy New Year!
 >
 >
 >
 > Today begins a two week wglc for draft-ietf-pim-dr-improvement-06. In Bangkok, 4 people indicated that they had read the draft and each agreed it’s ready for wglc. Let’s please read the draft one more time and confirm, on this list, that it’s ready to be sent to iesg.
 >
 >
 >
 > https://tools.ietf.org/html/draft-ietf-pim-dr-improvement-06
 >
 >
 >
 > thanks,
 >
 > mike
 >
 > _______________________________________________
 > pim mailing list
 > pim@ietf.org
 > https://www.ietf.org/mailman/listinfo/pim
 
 _______________________________________________
 pim mailing list
 pim@ietf.org
 https://www.ietf.org/mailman/listinfo/pim