[pim] AD Review of draft-ietf-pim-source-discovery-bsr-06
Alvaro Retana <aretana.ietf@gmail.com> Wed, 06 December 2017 15:12 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: pim@ietfa.amsl.com
Delivered-To: pim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D184A126DD9; Wed, 6 Dec 2017 07:12:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kgmhikcKxFhs; Wed, 6 Dec 2017 07:12:35 -0800 (PST)
Received: from mail-oi0-x244.google.com (mail-oi0-x244.google.com [IPv6:2607:f8b0:4003:c06::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9788A128BBB; Wed, 6 Dec 2017 07:12:31 -0800 (PST)
Received: by mail-oi0-x244.google.com with SMTP id x20so2730671oix.12; Wed, 06 Dec 2017 07:12:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:date:message-id:subject:to:cc; bh=Mbin3gDV7m2w1HAeakPtozMQ1AjOddYgDSqGWKq2R38=; b=E9EvehEIe3WqCjoVsFSOZVmBuwWHyAA80MJgSeZ5saLSPEWEL080VDcZm61kjd2ts1 f0t4QSDq0m6obLiPpiw3eOC720Phzok6mxW5XIO7ev6Iaj1pkaNfiaQTZ9QL8Rye7v6D zRE8Mf8A4KcWYqAv14vFUCBma6NRX+yw8SHQjPctD+juCU6ti97rYA+snw2PkJoHa6dK iV2bxf3VSZjxJjU5PMmdOeu725lH9XVAapeeub62lBy0APY1S3PbStRLVCrIL0PC6btw xHWcQx+B97CzMRrFgya7feJ362r46LVOrq1oAAzXNOURYJAXdxQs/44M7O3gpEk4/bOi 3yVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:date:message-id:subject:to:cc; bh=Mbin3gDV7m2w1HAeakPtozMQ1AjOddYgDSqGWKq2R38=; b=m9spPbG8tkCySSunpaX96p081GuW0SH89h/dMcmuyTY8uUxOgZfSlpnajsjdrsxJhx MF0cLz9AG8kiv78XcfhR4iy7kqN8Va3dD8NLyv4vvq4xzf8wzw8KrrexG5tL3uML3nvn X5i9nrqtWdnn4f1p1A4iNes+R+67IAEdo9IoqxfWSN6U/qDapVzgh3vIl4LPwhbVD+02 J+EAs4wR6qS53ly3VBUmkv4L7CtUt9E1R38YYAJK/eY0uBHHSx5JcuFAxBMv3n4QXWqg dw0clH5qj1Ny8lP5rraO8Leg37icKEwb+LnaqxoG43bHcxo+JewmM5L4/NzriGOZNC3G 1NUA==
X-Gm-Message-State: AJaThX5NEVinExSvjM5SMx6e1fWWFW+0MpApqPlJRqLQ/9YP5ozDx92C 8+DzqdvDzuUa0FSHK9BPTzV3HaVYfzjlXaQBmnc=
X-Google-Smtp-Source: AGs4zMZnrMIanbfxawIn79FKV9DyxiP1ex8gCHsj1L7AjqjsYz1Pvwdn2Qdr9vkzQ+Rud2MFkE7RqmOWKNge1SLJiEU=
X-Received: by 10.202.114.88 with SMTP id p85mr19011731oic.214.1512573150679; Wed, 06 Dec 2017 07:12:30 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Wed, 6 Dec 2017 07:12:30 -0800
From: Alvaro Retana <aretana.ietf@gmail.com>
X-Mailer: Airmail (461)
MIME-Version: 1.0
Date: Wed, 06 Dec 2017 07:12:30 -0800
Message-ID: <CAMMESsyJjTQ-RXdQUyHeAQZVujTezWfvraX_vZjPETjcaoJokw@mail.gmail.com>
To: draft-ietf-pim-source-discovery-bsr@ietf.org, pim-chairs@ietf.org, pim@ietf.org
Cc: Mike McBride <mmcbride7@gmail.com>
Content-Type: multipart/alternative; boundary="001a11c1742057d8ef055fad613a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pim/X-pObTBr9PARq6NEQMoJjHyiz6Y>
Subject: [pim] AD Review of draft-ietf-pim-source-discovery-bsr-06
X-BeenThere: pim@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Protocol Independent Multicast <pim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pim>, <mailto:pim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pim/>
List-Post: <mailto:pim@ietf.org>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Dec 2017 15:12:38 -0000
Dear authors/Chairs/WG:
I just finished reading this document. In general, this is a straight
forward mechanism, but it needs some more details around the specification
(even if its Status is Experimental).
What is the experiment? I am happy that the mechanism has been tested in
the field (from Section 2) — the question here is: why is this document
Experimental? What do you hope to learn from experimenting with this
proposal? The answer could be as simple as “to gain experience in other
types of deployments” (which ones?) to something like “experimentation with
different holdtimes and origination intervals” (just making that up —
obviously!). Maybe it is to get experience and/or more information to
answer some of the questions below. ;-)
I am also asking the question about the Status because this document
defines two related, but different things: PFM ("generic mechanism that can
flood any kind of information”) and the GSH TLV (which is one of the
potential applications for PFM). Do you (the WG) want to tie the source
discovery experiment to the generic flooding mechanism? I didn’t find
other drafts referencing this one, indicating that there are no other
published extensions — so maybe the answer to the question is “Yes”.
Note that I’m generally ok with the Experimental Status, I just want to
better understand the experiment and confirm that you considered the 2
technical specifications independently.
There is one more reason I’m asking about the Status: the No-Forward bit
(in 3.1) is assigned out of a field that rfc7761 marks as Reserved ("Set to
zero on transmission. Ignored upon receipt.”). An Experimental document
can’t update a Standards Track one (and rfc7761 is now an Internet
Standard) — not to mention that this Reserved field in the header common to
all PIM messages. As far as I can tell, no other PIM message has used the
Reserved field for anything, and the application here seems very specific
to PFM (or even PFM-SA) — so there are a few different ways forward to
allow this document to use bits in the Reserved field. In general the
options (that pop into my head right now) are:
(1) Define a registry that specifies how the Reserved bits are to be
allocated (common to all PIM messages). Some of those bits could be
message-specific.
(2) Declare the Reserved bits message-specific…so that every message can
make use of them as it sees fit. Then each message (PFM, for example) can
assign the bits (and define how others could be assigned).
(3) The No-Forward bit could be defined elsewhere (not in the common
header) — this is the easy solution.
(4) …there might be other options…
In the meantime, I have other comments below.
Thanks!
Alvaro.
Major:
M1. In 3.1. (PFM message format): "PIM Version: Reserved, Checksum
Described in [RFC7761].” I guess you mean that all 3 fields are described
in rfc7761, right?
M2. From 3.2.1. (Initial checks):
M2.1. What does it mean to have an “active Hello state”? I can guess, but
no one should have to.
M2.2. “...the interface MUST NOT be an administrative boundary for PFM” —
what is an administrative boundary interface? How is the boundary
different for PFM (when compared to PIM)? Section 3. (A generic PIM
flooding mechanism) says that PFM "can flood...throughout a PIM domain. It
is not necessarily a domain though, it depends on the administrative
boundaries being configured”, but no details of what that means are
provided anywhere.
M2.3. For my own education, why is this check neede: “If No-Forward is set,
we MUST have restarted within 60 seconds.”? BTW, “MUST have” doesn’t make
sense Normatively.
M3. In 3.2.2. (Processing and forwarding of PFM messages): “...TLVs in the
received message...if the most significant bit in the type field is set
(the type value is larger than 32767) and we do not support the type, then
that particular type should be omitted from the forwarded messages”. I’m
not sure if you mean that Types > 32767 should be used if you want every
node to be aware (which is why TLVs are not forwarded if not supported),
OR, that the Types are really 15 bits long and that the most significant
bit is reserved to indicate the forwarding behavior. In either case, the
text here, in the Type description in 3.1 and in the IANA Considerations
section should be updated to clarify.
M4. From 4.1. (Group Source Holdtime TLV): "Length: The length of the
value.”…in octets, bytes, bits??
M5. Section 4.2. (Originating PFM messages):
M5.1. "Note that this address SHOULD be routeable due to RPF checking.”
What are the conditions when it is ok for the address not to be routable?
Why is the SHOULD not a MUST?
M5.2. I think you need an “Originating PFM Messages” Section as 3.* to talk
about origination in the general case. For example, should origination
always be periodic, does it depend on the type of TLVs carried, what if
different TLVs have different periods, can the receiver infer anything from
not receiving a TLV (and what should the sender do about it), etc. ??
[Suggestion: rename 4.2 as “Originating GSH TLVs”.]
M6. Section 4.3. (Processing GSH TLVs)
M6.1. "A router that receives a PFM message containing GSH TLVs SHOULD
parse the message and store each of the GSH TLVs as SG mappings with a
holdtimer started with the advertised holdtime.” What are the conditions
where a router wouldn’t parse and store? IOW, why is this SHOULD not a
MUST?
M6.2. "For each group that has directly connected receivers, this router
SHOULD send PIM (S,G) joins for all the SG mappings advertised in the
message for the group.” Again, why is this SHOULD not a MUST? When would
the router not send a join?
M6.3. [minor] "For instance, if there is a large number of sources for a
group, there may be multiple PFM messages, each message containing a
different list of sources for the group.” s/PFM messages/GSH TLVs. As I
mentioned above, I think you need a section talking about PFM-specific
behavior and this one about GSH-specific behavior.
M7. Section 5. (Security Considerations)
M7.1. "The security considerations are mainly similar to what is documented
in [RFC5059].” “Mainly similar”??? What is different? Just one item that
jumped at me: rfc5059 talks about the risk of DoS using IPsec, but rfc7761
took IPsec authentication out of PIM-SM. I wonder what would be
easier/clearer: to mention the exceptions wrt rfc5059 or to roll your own
considerations based on rfc7761. Either way would work for me, but (to
avoid rehashing the rfc7761 discussions) making rfc7761 a significant part
of the security considerations would be good.
M7.2. "PFM packets must only be accepted from a PIM neighbor.” Should that
“must” be a MUST?
M7.3. Because PFM "can flood any kind of information throughout a PIM
domain”, are there additional considerations around that? I’m thinking
privacy, for example: if I can really flood anything, then I could put in
location information of the sources/receivers, which could reveal things
about them (not to mention whatever “any kind of information” could
include). You might want to rethink the description of the expected use
scope for PFM.
M8. References: rfc5226 has been obsoleted by rfc8126 — this reference
should be Normative.
Minor:
P1. In 4.5. (Resiliency to network partitioning): "As soon as the network
heals, the SG Mappings are re-flooded into the other partition(s) and other
receivers can join to the newly learned sources.” It is not clear in the
text in Section 3.2.2. (Processing and forwarding of PFM messages) that
this result would be achieved as it says that "After processing, we forward
the message.”, and not that the messages are forwarded when a new neighbor
is found (which would be the equivalent of the network healing).
Nits:
N1. Please don’t use “we” throughout the specification. For example:
instead of "After processing, we forward the message.”, perhaps “After
processing, the message is forwarded.”
N2. The numbers on top of the packet formats are misaligned.
N3. s/[N]o-Forward bit/N bit (No-Forward) Note that No-Forward is used
later in the text.
- [pim] AD Review of draft-ietf-pim-source-discover… Alvaro Retana