[pim] AD Review of draft-ietf-pim-source-discovery-bsr-06
Alvaro Retana <aretana.ietf@gmail.com> Wed, 06 December 2017 15:12 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: pim@ietfa.amsl.com
Delivered-To: pim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D184A126DD9; Wed, 6 Dec 2017 07:12:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kgmhikcKxFhs; Wed, 6 Dec 2017 07:12:35 -0800 (PST)
Received: from mail-oi0-x244.google.com (mail-oi0-x244.google.com [IPv6:2607:f8b0:4003:c06::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9788A128BBB; Wed, 6 Dec 2017 07:12:31 -0800 (PST)
Received: by mail-oi0-x244.google.com with SMTP id x20so2730671oix.12; Wed, 06 Dec 2017 07:12:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:date:message-id:subject:to:cc; bh=Mbin3gDV7m2w1HAeakPtozMQ1AjOddYgDSqGWKq2R38=; b=E9EvehEIe3WqCjoVsFSOZVmBuwWHyAA80MJgSeZ5saLSPEWEL080VDcZm61kjd2ts1 f0t4QSDq0m6obLiPpiw3eOC720Phzok6mxW5XIO7ev6Iaj1pkaNfiaQTZ9QL8Rye7v6D zRE8Mf8A4KcWYqAv14vFUCBma6NRX+yw8SHQjPctD+juCU6ti97rYA+snw2PkJoHa6dK iV2bxf3VSZjxJjU5PMmdOeu725lH9XVAapeeub62lBy0APY1S3PbStRLVCrIL0PC6btw xHWcQx+B97CzMRrFgya7feJ362r46LVOrq1oAAzXNOURYJAXdxQs/44M7O3gpEk4/bOi 3yVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:date:message-id:subject:to:cc; bh=Mbin3gDV7m2w1HAeakPtozMQ1AjOddYgDSqGWKq2R38=; b=m9spPbG8tkCySSunpaX96p081GuW0SH89h/dMcmuyTY8uUxOgZfSlpnajsjdrsxJhx MF0cLz9AG8kiv78XcfhR4iy7kqN8Va3dD8NLyv4vvq4xzf8wzw8KrrexG5tL3uML3nvn X5i9nrqtWdnn4f1p1A4iNes+R+67IAEdo9IoqxfWSN6U/qDapVzgh3vIl4LPwhbVD+02 J+EAs4wR6qS53ly3VBUmkv4L7CtUt9E1R38YYAJK/eY0uBHHSx5JcuFAxBMv3n4QXWqg dw0clH5qj1Ny8lP5rraO8Leg37icKEwb+LnaqxoG43bHcxo+JewmM5L4/NzriGOZNC3G 1NUA==
X-Gm-Message-State: AJaThX5NEVinExSvjM5SMx6e1fWWFW+0MpApqPlJRqLQ/9YP5ozDx92C 8+DzqdvDzuUa0FSHK9BPTzV3HaVYfzjlXaQBmnc=
X-Google-Smtp-Source: AGs4zMZnrMIanbfxawIn79FKV9DyxiP1ex8gCHsj1L7AjqjsYz1Pvwdn2Qdr9vkzQ+Rud2MFkE7RqmOWKNge1SLJiEU=
X-Received: by 10.202.114.88 with SMTP id p85mr19011731oic.214.1512573150679; Wed, 06 Dec 2017 07:12:30 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Wed, 6 Dec 2017 07:12:30 -0800
From: Alvaro Retana <aretana.ietf@gmail.com>
X-Mailer: Airmail (461)
MIME-Version: 1.0
Date: Wed, 06 Dec 2017 07:12:30 -0800
Message-ID: <CAMMESsyJjTQ-RXdQUyHeAQZVujTezWfvraX_vZjPETjcaoJokw@mail.gmail.com>
To: draft-ietf-pim-source-discovery-bsr@ietf.org, pim-chairs@ietf.org, pim@ietf.org
Cc: Mike McBride <mmcbride7@gmail.com>
Content-Type: multipart/alternative; boundary="001a11c1742057d8ef055fad613a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pim/X-pObTBr9PARq6NEQMoJjHyiz6Y>
Subject: [pim] AD Review of draft-ietf-pim-source-discovery-bsr-06
X-BeenThere: pim@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Protocol Independent Multicast <pim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pim>, <mailto:pim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pim/>
List-Post: <mailto:pim@ietf.org>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Dec 2017 15:12:38 -0000
Dear authors/Chairs/WG: I just finished reading this document. In general, this is a straight forward mechanism, but it needs some more details around the specification (even if its Status is Experimental). What is the experiment? I am happy that the mechanism has been tested in the field (from Section 2) — the question here is: why is this document Experimental? What do you hope to learn from experimenting with this proposal? The answer could be as simple as “to gain experience in other types of deployments” (which ones?) to something like “experimentation with different holdtimes and origination intervals” (just making that up — obviously!). Maybe it is to get experience and/or more information to answer some of the questions below. ;-) I am also asking the question about the Status because this document defines two related, but different things: PFM ("generic mechanism that can flood any kind of information”) and the GSH TLV (which is one of the potential applications for PFM). Do you (the WG) want to tie the source discovery experiment to the generic flooding mechanism? I didn’t find other drafts referencing this one, indicating that there are no other published extensions — so maybe the answer to the question is “Yes”. Note that I’m generally ok with the Experimental Status, I just want to better understand the experiment and confirm that you considered the 2 technical specifications independently. There is one more reason I’m asking about the Status: the No-Forward bit (in 3.1) is assigned out of a field that rfc7761 marks as Reserved ("Set to zero on transmission. Ignored upon receipt.”). An Experimental document can’t update a Standards Track one (and rfc7761 is now an Internet Standard) — not to mention that this Reserved field in the header common to all PIM messages. As far as I can tell, no other PIM message has used the Reserved field for anything, and the application here seems very specific to PFM (or even PFM-SA) — so there are a few different ways forward to allow this document to use bits in the Reserved field. In general the options (that pop into my head right now) are: (1) Define a registry that specifies how the Reserved bits are to be allocated (common to all PIM messages). Some of those bits could be message-specific. (2) Declare the Reserved bits message-specific…so that every message can make use of them as it sees fit. Then each message (PFM, for example) can assign the bits (and define how others could be assigned). (3) The No-Forward bit could be defined elsewhere (not in the common header) — this is the easy solution. (4) …there might be other options… In the meantime, I have other comments below. Thanks! Alvaro. Major: M1. In 3.1. (PFM message format): "PIM Version: Reserved, Checksum Described in [RFC7761].” I guess you mean that all 3 fields are described in rfc7761, right? M2. From 3.2.1. (Initial checks): M2.1. What does it mean to have an “active Hello state”? I can guess, but no one should have to. M2.2. “...the interface MUST NOT be an administrative boundary for PFM” — what is an administrative boundary interface? How is the boundary different for PFM (when compared to PIM)? Section 3. (A generic PIM flooding mechanism) says that PFM "can flood...throughout a PIM domain. It is not necessarily a domain though, it depends on the administrative boundaries being configured”, but no details of what that means are provided anywhere. M2.3. For my own education, why is this check neede: “If No-Forward is set, we MUST have restarted within 60 seconds.”? BTW, “MUST have” doesn’t make sense Normatively. M3. In 3.2.2. (Processing and forwarding of PFM messages): “...TLVs in the received message...if the most significant bit in the type field is set (the type value is larger than 32767) and we do not support the type, then that particular type should be omitted from the forwarded messages”. I’m not sure if you mean that Types > 32767 should be used if you want every node to be aware (which is why TLVs are not forwarded if not supported), OR, that the Types are really 15 bits long and that the most significant bit is reserved to indicate the forwarding behavior. In either case, the text here, in the Type description in 3.1 and in the IANA Considerations section should be updated to clarify. M4. From 4.1. (Group Source Holdtime TLV): "Length: The length of the value.”…in octets, bytes, bits?? M5. Section 4.2. (Originating PFM messages): M5.1. "Note that this address SHOULD be routeable due to RPF checking.” What are the conditions when it is ok for the address not to be routable? Why is the SHOULD not a MUST? M5.2. I think you need an “Originating PFM Messages” Section as 3.* to talk about origination in the general case. For example, should origination always be periodic, does it depend on the type of TLVs carried, what if different TLVs have different periods, can the receiver infer anything from not receiving a TLV (and what should the sender do about it), etc. ?? [Suggestion: rename 4.2 as “Originating GSH TLVs”.] M6. Section 4.3. (Processing GSH TLVs) M6.1. "A router that receives a PFM message containing GSH TLVs SHOULD parse the message and store each of the GSH TLVs as SG mappings with a holdtimer started with the advertised holdtime.” What are the conditions where a router wouldn’t parse and store? IOW, why is this SHOULD not a MUST? M6.2. "For each group that has directly connected receivers, this router SHOULD send PIM (S,G) joins for all the SG mappings advertised in the message for the group.” Again, why is this SHOULD not a MUST? When would the router not send a join? M6.3. [minor] "For instance, if there is a large number of sources for a group, there may be multiple PFM messages, each message containing a different list of sources for the group.” s/PFM messages/GSH TLVs. As I mentioned above, I think you need a section talking about PFM-specific behavior and this one about GSH-specific behavior. M7. Section 5. (Security Considerations) M7.1. "The security considerations are mainly similar to what is documented in [RFC5059].” “Mainly similar”??? What is different? Just one item that jumped at me: rfc5059 talks about the risk of DoS using IPsec, but rfc7761 took IPsec authentication out of PIM-SM. I wonder what would be easier/clearer: to mention the exceptions wrt rfc5059 or to roll your own considerations based on rfc7761. Either way would work for me, but (to avoid rehashing the rfc7761 discussions) making rfc7761 a significant part of the security considerations would be good. M7.2. "PFM packets must only be accepted from a PIM neighbor.” Should that “must” be a MUST? M7.3. Because PFM "can flood any kind of information throughout a PIM domain”, are there additional considerations around that? I’m thinking privacy, for example: if I can really flood anything, then I could put in location information of the sources/receivers, which could reveal things about them (not to mention whatever “any kind of information” could include). You might want to rethink the description of the expected use scope for PFM. M8. References: rfc5226 has been obsoleted by rfc8126 — this reference should be Normative. Minor: P1. In 4.5. (Resiliency to network partitioning): "As soon as the network heals, the SG Mappings are re-flooded into the other partition(s) and other receivers can join to the newly learned sources.” It is not clear in the text in Section 3.2.2. (Processing and forwarding of PFM messages) that this result would be achieved as it says that "After processing, we forward the message.”, and not that the messages are forwarded when a new neighbor is found (which would be the equivalent of the network healing). Nits: N1. Please don’t use “we” throughout the specification. For example: instead of "After processing, we forward the message.”, perhaps “After processing, the message is forwarded.” N2. The numbers on top of the packet formats are misaligned. N3. s/[N]o-Forward bit/N bit (No-Forward) Note that No-Forward is used later in the text.
- [pim] AD Review of draft-ietf-pim-source-discover… Alvaro Retana