[pim] Benjamin Kaduk's Discuss on draft-ietf-pim-drlb-13: (with DISCUSS and COMMENT)
Benjamin Kaduk via Datatracker <noreply@ietf.org> Tue, 03 December 2019 21:51 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: pim@ietf.org
Delivered-To: pim@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 64661120044; Tue, 3 Dec 2019 13:51:05 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benjamin Kaduk via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-pim-drlb@ietf.org, aretana.ietf@gmail.com, pim-chairs@ietf.org, mmcbride7@gmail.com, pim@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.111.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Benjamin Kaduk <kaduk@mit.edu>
Message-ID: <157540986540.4772.3616840765001072305.idtracker@ietfa.amsl.com>
Date: Tue, 03 Dec 2019 13:51:05 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/pim/2U8WRMBEjIWAqcs1dsVEO4YHbuk>
Subject: [pim] Benjamin Kaduk's Discuss on draft-ietf-pim-drlb-13: (with DISCUSS and COMMENT)
X-BeenThere: pim@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Protocol Independent Multicast <pim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pim>, <mailto:pim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pim/>
List-Post: <mailto:pim@ietf.org>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Dec 2019 21:51:05 -0000
Benjamin Kaduk has entered the following ballot position for draft-ietf-pim-drlb-13: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-pim-drlb/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I think we need greater clarity on whether the list of GDR candidate addresses is sorted or not (i.e., whether it is required for protocol operation), as indicated by the rtgdir reviewer. Specifically, Section 5.3 is clear in the descriptive text that the list is sorted (as if a recipient might rely on that behavior), but Section 5.3.2 and Section 5.4 only have it as RECOMMENDED. Given my understanding of the protocol, it seems that all routers need to receive the DRLB-List in order to perform the GDR selection algorithm, in which case the extra information about the addresses being sorted would not be useful for the calculation. That would actually suggest that we do not need RFC 2119 keywords here, and could just say (as we do in Section 5.4) that it's recommended for the DR to use a deterministic procedure, such as sorting. I also think the text should be more clear in Section 5.3.2 about the use of the Router Identifier as the "GDR Candidate Address". I believe (but am not certain) that the intended behavior is that the elected DR use all the PIM Hellos it has received (from candidate GDRs) to assemble the list of candidate "addresses", but instead of using the actual IP addresses it uses the Router Identifier construction described here when assembling the "GDR Candidate Address(es)" field. The current text leaves unsaid what entity is performing this operation and how the PIM Hello+Router Identifier corresponds to an entry in the list of addresses. Furtheremore, for the IPv6 case, it seems like this substitution procedure interacts very poorly with the masking procedure when the network includes a mix of routers that do/don't send a Router ID (as it may not be possible to set a 32-bit contiguous mask that captures the varying parts of IPv6 router addresses and the space reserved here for "Router ID"). I'm concerned about hash algorithm agility (in the vein of BCP 201, though since this is not a cryptographic hash that BCP does not strictly speaking apply), as the rtg-dir review noted. Specifically, each router has to commit in its Hello to a single hash algorithm, so transitioning to a new algorithm will require accepting reduced functionality during the transition period (a reduced list of potential GDR candidates), which is contrary to the goals of algorithm negotiation espoused in BCP 201. Is this not a significant concern for this use case? I see that Section 6 attempts to disclaim discussion of algorithm migration, but I am not yet convinced that it is appropriate to do so. Please also remove from Section 5.7 the stale statement referring to the previous section (see COMMENT). ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you for the Backward Compatibility section; it's great to see that covered explicitly! Per the rtg-dir review, please clarify that each router advertises at most one Hash Algorithm at any given time (or how a multi-algorithm scenario would work). Limiting the GDR candidates to those with the same (highest) priority as the PIM DR seems like it will in practice encourage having multiple routers advertise the same priority value (if that is not already the case). Are there any operational considerations or risks in having to use the IP-address tie-breaker more often for the non-GDR-capable routers? Section 1 Interesting to 1-index the routers but 0-index the links in Figure 2. Section 3 The extension specified in this document applies to PIM-SM when they act as last hop routers (there are directly connected receivers). It nit: this sentence makes more sense when I insert the word "routers" after "PIM-SM". does not alter the behavior of a PIM DR, or any other routers, on the first hop network (directly connected sources). This is because the source tree is built using the IP address of the sender, not the IP address of the PIM DR that sends the registers towards the RP. The load balancing between first hop routers can be achieved naturally if an IGP provides equal cost multiple paths (which it usually does in practice). Also distributing the load to do registering does not justify the additional complexity required to support it. In this last sentence, does "registering" refer to setting up the sender or the registration of receivers from DR to RP? Section 4 In order to share forwarding load among last hop routers, besides the normal PIM DR election, the GDR is also elected on the multi-access LAN. There is only one PIM DR on the multi-access LAN, but there might be multiple GDR Candidates. nit: this reads as if there is only a single GDR per LAN the same way that there is only one PIM DR. But my understanding is that the GDR is per-group, so perhaps a wording tweak is in order, even given the exposition in the following paragraph. A Hash Algorithm based on the announced Source, Group, or RP masks allows one GDR to be assigned to a corresponding multicast state. And that GDR is responsible for initiating the creation of the multicast forwarding tree for multicast traffic. nit: s/And that/That/ Section 5.1 Do we expect the hash masks to be a contiguous set of bits (i.e., not 0xf0f0f0f0)? The DRLB-List Hello Option contains a list of GDR Candidates. The first one listed has ordinal number 0, the second listed ordinal number 1, and the last one has ordinal number N - 1 if there are N candidates listed. The hash value computed will be the ordinal number of the GDR Candidate that is acting as GDR. nit: I suggest "acting as GDR for the flow in question". I would also consider having some lead-in text to introduce the purpose of the bulleted list that follows, perhaps something like "the input to be hashed is determined according to the following procedure:". Section 5.2 I suspect that the "keeping only the last 32 bits of the result" step could result in pathological behavior for certain IPv6 addressing schemes; this risk should be discussed in the security considerations (or the limitation removed). Presumably any hash algorithm more complicated than modulo would not need this step of trimming down to 32 bits, too? Please define (e.g., by reference to a specific version of the C language) the notation used for these calculations. (I note that the algorithm applied to IPv6 addresses would require a 128-bit unsigned integer type.) Section 5.3 All PIM routers include a new option, called "Load Balancing Capability (DRLB-Cap)" in their PIM Hello messages. nit: I suggest a minor rewording to """PIM routers include a new option, called "Load Balancing Capability (DRLB-Cap)" in their PIM Hello messages, to indicate support for this specification""". (With the current text the reader is responsible for scoping the "All PIM routers" to "ones that implement this specificiation.) Besides this DRLB-Cap Hello Option, the elected PIM DR also includes a new "DR Load Balancing List (DRLB-List) Hello Option". The DRLB- List Hello Option consists of three Hash Masks as defined above and also a sorted list of GDR Candidate addresses on the LAN. Would you mind pointing me at the part of RFC 7761 that describes the procedure/delay used by a router to determine that it is the DR (and thus, when it should start sending DRLB-List)? It's not entirely clear that we'd need to include that reference in this document, but I'd like to sate my curiousity. Section 5.3.1 Hash Algorithm: Hash Algorithm type. 0 for the Modulo algorithm defined in this document. Maybe mention the registry again here? Section 5.3.2 This DRLB-List Hello Option MUST only be advertised by the elected PIM DR. It MUST be ignored if received from a non-DR. The option MUST also be ignored if the hash masks are not the correct number of bits, or GDR Candidate addresses are in the wrong address family. I'm not sure that any of the cases listed in the last sentence are reliably detectable. Section 5.4 the order in which the DR learns of new candidates. Note that, as non-DR routers, the DR also advertises the DRLB-Cap Hello Option to indicate its ability to support the new functionality and the type of GDR election Hash Algorithm. nits: "as for non-DR routers", "the type of GDR election Hash Algorithm it uses" Section 5.6 The requirement in step 1 to run the Hash Algorithm for all groups with local receiver interest seems to imply that all GDR candidates must track and store local receiver interest for all groups, as opposed to without this extension where only the DR strictly needs to do so. I imagine that generally all/most routers will be tracking this information, though, so in practice this will not be an additional operational burden [that would need to be documented]. But this is not my area of expertise, so please correct me if I'm wrong! Section 5.7 When a router stops acting as the GDR for a group, or source and group pair if SSM, it MUST set the Assert metric preference to maximum (0x7FFFFFFF) and the Assert metric to one less than maximum (0xFFFFFFFE). This was also mentioned in the previous section. That This was not mentioned in the previous section. Section 6 An administrator needs to consider what the total bandwidth requirements are and find a set of routers that together has enough total capacity, while making sure that each of the routers can handle its part, assuming that the traffic is distributed roughly equally among the routers. Ideally, one should also have enough bandwidth to In a scenario where an attacker can create groups or control how some amount of traffic is split across groups, this assumption of roughly equal distribution will not hold. Please discuss this in the security considerations. The default masks will use the entire group addresses, and source addresses if SSM, as part of the hash. An administrator may set (side note: of course, the only hash algorithm currently defined will only use the last 32 bits of IPv6 addresses)
- [pim] Benjamin Kaduk's Discuss on draft-ietf-pim-… Benjamin Kaduk via Datatracker
- Re: [pim] Benjamin Kaduk's Discuss on draft-ietf-… Stig Venaas
- Re: [pim] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
- Re: [pim] Benjamin Kaduk's Discuss on draft-ietf-… Stig Venaas
- Re: [pim] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk
- Re: [pim] Benjamin Kaduk's Discuss on draft-ietf-… Stig Venaas
- Re: [pim] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk