[pim] Re: Ketan Talaulikar's Discuss on draft-ietf-pim-p2mp-policy-ping-18: (with DISCUSS and COMMENT)

Ketan Talaulikar <ketant.ietf@gmail.com> Thu, 21 August 2025 07:25 UTC

Return-Path: <ketant.ietf@gmail.com>
X-Original-To: pim@mail2.ietf.org
Delivered-To: pim@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7F84356E381D; Thu, 21 Aug 2025 00:25:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x6p_fyu0g6vN; Thu, 21 Aug 2025 00:25:38 -0700 (PDT)
Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 1393E56E3813; Thu, 21 Aug 2025 00:25:38 -0700 (PDT)
Received: by mail-pg1-x52b.google.com with SMTP id 41be03b00d2f7-b47174c3b3fso371541a12.2; Thu, 21 Aug 2025 00:25:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1755761137; x=1756365937; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=MbJBi0pznj03K59xi1xSB1V90Mh2lnYdc2dHAdtPKUI=; b=YWDpQcHXP8rI1JHoxCJL4jJNiucrGlrZNQwnJosGZZp0t3A7jZp+4Lh3F2ZzM0Uxdx FBuZbUyU8YD+UurW/y6Rl58VE9qJHzDPO3bzKqYjSTaClQWpURt4Xw20/SjtiT/Z+4Hr /xOKusS4agAob0HjNWKw88xg0I0NPJuYWkvV1bY7YDLbht5rOHReMWCRtAuHWHdCZDpN RsB0ee7Nwulf+O5b3gVyZLdMdKCmAwKM2Crgqtvo197+u4thlu1m4mWu1ojYDNQSi19n fr4eoTzmWPLnlvcIw2JhU5qN1kX94ZO/TKDv1nQ0o7nzLqfQY118lgHKAfWcHWd5RW67 qdBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755761137; x=1756365937; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=MbJBi0pznj03K59xi1xSB1V90Mh2lnYdc2dHAdtPKUI=; b=ViyYzKAgoGzXxU1QzanO5reJzcBcRDvVGYmcW0EQ9Y8co42oS8ha0I0dcTubVJZ8hv e+5z4Vo08gjFaD8HIB3zWPTcmSE0Xuas7zKC4nbkR/4AQtTQ3EQK0wsjCfiqyyeJuT1l p+i9Io278oFq8iKMcMUIZ8rX7PvFfvsICl2vkjIGlGnrwM8lwqyeFrPnCE2/JrZoRmRy AIiRlR/LRRd/ezz8cx/nIHHgTc4dKFYXPG+VdkmEuD0PlEuCJGxIfLsuSnIf8g+dZ831 nKcP1z0bP33j12BAN2BaaPvvfBBwSWqC90zMyjR67Rmwz+VU6jxAw1BjKOKUxR4c7SyQ nMHw==
X-Forwarded-Encrypted: i=1; AJvYcCUFuraVTwmDUgLgsaMhrE94tljjDzQxF6xbmnGBIngD5B2wqhoKpQNnUUJm4z6Y8J664j2Y9pJ/nv6Plxrp1/WNDTQk81hIpzP8rdQ7ukKZ@ietf.org, AJvYcCV81ClvMtC5qrmKYoViE0lVSYeV7gRNhz1LJrOovKXIHQnxDHMO3QTY1ITzwYl9rdO00QwV@ietf.org, AJvYcCWgjpdNAluIQDcaf0T40rfOz8T14tUMjb5nH2TDLtTcpnalE/nFs1JdYXqPzXvG+QZubYtg6qcpKJQYjw==@ietf.org
X-Gm-Message-State: AOJu0YydZ1pyHV636x9oztWS8xBQUa0xqnJwuuKdr99On3ra26hVQCYO Gh5R5j1YwqQ3smlmIuPl1Kf2b0wO4hEnfy2an5CY95nelnUUOR8wN7eSVJgCCi/Z+8hGFRgikfQ 3QgkPcLD2AQdaqA1wDoVprXh4Et34f3U=
X-Gm-Gg: ASbGnct3pxWxIKHpIR1mGiSdrQsFmWI92v/tsJXSPu1MEridZmdcPfcfhTQ/h4Vku7p +fb9Lxw/c7DzCYMHCdZKFbGBPjWFogNBqeueiEHDImpa+1HP5NJts9vKQQCXf5hICSSyGaalPeE H6NDuEotbLulwawd3s494HEIZQ4wdC1Def5mk/4p0VX/2iiGf+FoTI9vguZ0c2PbfwTSjCxIrP+ mZQtXhhQCtsOULcLIVp0QuLC1HN2q77PnIvhuLv
X-Google-Smtp-Source: AGHT+IGbjlEU+fcXRFWjWdGKXssa2esP3AnW9wNQaifk2k8sBNyF+wq0IftBv98OKxgQhRv/bxhxy0O/5HYRW51/f3Y=
X-Received: by 2002:a17:903:11ce:b0:243:8f:6db5 with SMTP id d9443c01a7336-245febed69cmr21070695ad.6.1755761136889; Thu, 21 Aug 2025 00:25:36 -0700 (PDT)
MIME-Version: 1.0
References: <175568759551.887758.12248458040903626687@dt-datatracker-d8bcd59c-frtgg> <CO1PR08MB65778330457E87114373CD2A9133A@CO1PR08MB6577.namprd08.prod.outlook.com>
In-Reply-To: <CO1PR08MB65778330457E87114373CD2A9133A@CO1PR08MB6577.namprd08.prod.outlook.com>
From: Ketan Talaulikar <ketant.ietf@gmail.com>
Date: Thu, 21 Aug 2025 12:55:25 +0530
X-Gm-Features: Ac12FXzban6jsidr_Jz0WuFXFZU9czcaZlcX_DFOx7Kp7ZmHnEJOYwLjLDdUK7E
Message-ID: <CAH6gdPyp5AZ+3473iVbr92pb+3od+8W7kFYOXd4tA7gD9B5TsA@mail.gmail.com>
To: "Hooman Bidgoli (Nokia)" <hooman.bidgoli@nokia.com>
Content-Type: multipart/alternative; boundary="000000000000dff4b7063cdafe32"
Message-ID-Hash: 37PW27CTEL7EPG7TF5BPLHSAAHZY2C6U
X-Message-ID-Hash: 37PW27CTEL7EPG7TF5BPLHSAAHZY2C6U
X-MailFrom: ketant.ietf@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-pim.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, "draft-ietf-pim-p2mp-policy-ping@ietf.org" <draft-ietf-pim-p2mp-policy-ping@ietf.org>, "pim-chairs@ietf.org" <pim-chairs@ietf.org>, "pim@ietf.org" <pim@ietf.org>, "mmcbride7@gmail.com" <mmcbride7@gmail.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [pim] Re: Ketan Talaulikar's Discuss on draft-ietf-pim-p2mp-policy-ping-18: (with DISCUSS and COMMENT)
List-Id: Protocol Independent Multicast <pim.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/pim/iVexz_ih31Ei4cBdd84AHAC4S5E>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pim>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Owner: <mailto:pim-owner@ietf.org>
List-Post: <mailto:pim@ietf.org>
List-Subscribe: <mailto:pim-join@ietf.org>
List-Unsubscribe: <mailto:pim-leave@ietf.org>

Hi Hooman,

Thanks for your quick response. Please check inline below for
clarifications.


On Wed, Aug 20, 2025 at 11:23 PM Hooman Bidgoli (Nokia) <
hooman.bidgoli@nokia.com> wrote:

> Hi Ketan
>
> Thanks for your comments
>
> Inline
>
> Thanks
> Hooman
>
>
> -----Original Message-----
> From: Ketan Talaulikar via Datatracker <noreply@ietf.org>
> Sent: Wednesday, August 20, 2025 7:00 AM
> To: The IESG <iesg@ietf.org>
> Cc: draft-ietf-pim-p2mp-policy-ping@ietf.org; pim-chairs@ietf.org;
> pim@ietf.org; mmcbride7@gmail.com; mmcbride7@gmail.com
> Subject: Ketan Talaulikar's Discuss on draft-ietf-pim-p2mp-policy-ping-18:
> (with DISCUSS and COMMENT)
>
>
> CAUTION: This is an external email. Please be very careful when clicking
> links or opening attachments. See the URL nok.it/ext for additional
> information.
>
>
>
> Ketan Talaulikar has entered the following ballot position for
> draft-ietf-pim-p2mp-policy-ping-18: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to
> https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
> for more information about how to handle DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-pim-p2mp-policy-ping/
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> Thanks to the authors and the WG for their work on this document.
>
> I have a few points that I would like to discuss with the authors and the
> WG.
>
> discuss#1 This one should be easy to fix. Since the document is about MPLS
> and not SRv6, the correct title for this document would be "Segment Routing
> MPLS Point-to-Multipoint (P2MP) Policy Ping" ?
>
> HB> sorry I am not following, as per draft this doc only addresses the
> MPLS encapsulation and not the SRv6. SRv6 will be in future documents.
>

KT> Can you change the title of the draft from "Segment Routing
Point-to-Multipoint (P2MP) Policy Ping" to "Segment Routing MPLS
Point-to-Multipoint (P2MP) Policy Ping" or better still "LSP Ping for
Segment Routing Point-to-Multipoint (P2MP) Policy" ?


>
> discuss#2 This is related to a point of discussion that I've also raised
> on the p2mp policy document. It arises from the lack of clarity on whether
> the SR P2MP Policy construct is instantiated on the root node or not. There
> is text in section 3.1.1 which seems to leave this critical aspect to
> implementations and will result in interoperability problems. The base spec
> needs to be very clear on this point and then this document updated to
> reflect it. I believe having the construct instantiated in the root will
> greatly benefit and simplify OAM operations. And things would then become
> very similar to RSVP-TE P2MP trees?
>
> Quoting some text from section 3.1.1 that is problematic:
>
> "Only the Root node, where the P2MP SR Policy is programmed, may have
> visibility  into the leaf nodes."
>
> "In the case of P2MP SR Policies, the Root of the tree may have full
> visibility into the egress nodes if the P2MP SR Policy is PCC-initiated. If
> the P2MP SR Policy is PCE-initiated, the Root may or may not have
> visibility into the egress  nodes, as this depends on the specific
> implementation and configuration of the PCE. "
>
> Further dependencies like the following seem unnecessary:
>
> "Based on this, a P2MP SR Policy SHOULD follow the recommendations in
> Section
> 4.3.1 of [RFC6425], depending on the level of visibility the Root has into
> the  egress nodes. For example, in a PCC-initiated P2MP SR Policy, the Root
> can learn egress node identities through Next-Generation MVPN procedures
> and BGP, as described in [RFC6514]. In contrast, for a PCE-initiated P2MP
> SR Policy, the PCE may not provide the egress node information to the Root,
> making this process optional and implementation-specific."
>
> The lack of clarity hurts interoperability and would affect operations in
> a multi-vendor network. I would like to discuss why all of this cannot be
> simplified by ensuring that the SR P2MP Policy construct is instantiated on
> the root node.
>
> HB> Thanks but I think this is clearly been explained in the introduction,
> as per below paragraph. I clearly says P2MP Policy finest object is a TI
> which is the actual P2MP tunnel setup from the "Root" to a set of leaves.
>

KT> And I see issues with that approach.


>
> "A P2MP Policy can have one or multiple Candidate Paths (CPs). The CP with
> highest preference is designated as the active CP, while all other CPs are
> the backup CPs. To enable seamless global optimization a CP may consist of
> multiple Tree Instances (TIs), allowing for Make-Before-Break (MBB)
> procedures between an active TI and a newly established, optimized TI. A TI
> is the actual P2MP tunnel set up from the Root to a set of Leaves via
> transit routers. A TI is identified on the Root node by the Root-ID which
> is the Root's node IP address, treeID and TI's instance ID."
>
> discuss#3 My understanding is that the P2MP MPLS trees that are setup by
> MLDP or RSVP-TE are hop by hop in nature. While in this case, the packet
> can travel multiple hops from one node to the next intermediate node using
> that next intermediate node's Prefix SID.
>
> HB> That is not correct, a P2MP MPLS tree for mLDP, P2MP RSVP-TE or
> treeSID is signalled from the root to the a let of leaves. There is no
> difference on the datapath between mLDP, P2MP RSVP-TE or treeSID. They all
> use MPLS switching to forward a multicast stream from the root to a set of
> leaves.
>

KT> MLDP and RSVP-TE P2MP are signalled hop-by-hop through the network and
as such the state for the P2MP LSP is present in all hops/routers along the
path. While the SR P2MP tree is provisioned on specific (intermediate)
nodes in the network and, therefore, there can be transit routers which do
not have any state for the SR P2MP Tree. Am I correct about this
fundamental difference?


>
> In this case, how would operation like traceroute (or even errors in the
> case of ping) work when the packet is exposed at a node that is doing
> unicast forwarding and has no replication segment context for that specific
> P2MP Tree? Now, section 3.1.3 is covering this, but talking about it as
> "unicast SR domains" is very misleading since there is only an SR domain
> and it is just that the specific P2MP tree context is not required to be
> instantiated on a transit node. Does this mean that this mechanism works
> only when the P2MP Tree is setup up hop-by-hop? If so, this should be
> clearly called out as a caveat upfront and the text in 3.1.3 updated
> appropriately.
>
> HB> the replication SID is at the bottom of the stack, so a transit node
> that is capable of treeSID can push adjacency SID or node SID of another
> treeSID router that is multi-hop away. As such 2 treeSID capable routers
> can be connected via a unicast SR domain, i.e. treeSID tunnel over Unicast
> SR tunnel (tunnel over tunnel). Only the treeSID routers will decrement the
> treeSID TLL and make appropriate decisions if the TLL has expired. This
> tunnel in tunnel concept is nothing new to treeSID and it is the concept of
> segment routing which treeSID is part of.
>

KT> The concept of "unicast SR domain" as you describe above is misleading.
Consider a single SR domain and all routers have SR P2MP capabilities.
While the root, intermediate and leaf nodes have state for a specific SR
P2MP tree, the other transit routers don't have that specific SR P2MP tree
state. There isn't a tunnel per se (it's a stack of labels) that is going
multi-hop across these transit routers, but even if one were to call it a
tunnel then it is going to break the OAM procedures - or at least they are
no longer the same as existing P2MP LSPs. I am OK if this is called out as
a caveat of this proposal and operational guidance provided to avoid
multi-hop such that all replication branches for every replication segment
are just going single hop.


>
> discuss#4 This is an easy one to fix - the following is not a normative
> reference, please move to informative.
>
> [IANA-AF]
> "IANA Assigned Port Numbers, "
> http://www.iana.org/assignments/address-family-numbers"".
>
> HB> ok thanks done in version 19.
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> Please also find below some comments provided inline in the idnits format
> of the v18 of this document. On all editorial and minor comments, I will
> leave it to the authors discretion. On the major ones, I would appreciate
> responses and clarifications.
>
> Please look for <EoRv18> at the end of this review and if it is not there,
> then likely the email has gotten truncated by your client (please refer to
> the mailing list in that case).
>
> 94      1.  Introduction
>
> 96         A P2MP Policy can have one or multiple Candidate Paths (CPs).
> The CP
>
> <minor> Please align terminologies with the SR P2MP policy draft. Term is
> SR P2MP Policy, then there is P2MP Tree (Instance), etc. Would be nice to
> avoid introducing new terms (e.g., TI) in this document related to any of
> the constructs.
>
> HB> ok thanks, changed to p2mp policy and p2mp tree instance
>
> 97         with highest preference is designated as the active CP, while
> all
> 98         other CPs are the backup CPs.  To enable seamless global
> optimization
>
> <minor> The CP preference is only the first tiebreaker in the selection of
> active CP. Perhaps "One of the CPs (e.g., with highest preference) is
> designated ..."
> HB> this might be implementation specific. In the SR p2mp policy the
> candidate path with highest preference is the active CP.
>

KT> This isn't implementation specific. The SR P2MP Policy draft says that
it is following RFC9256 (see
https://www.ietf.org/archive/id/draft-ietf-pim-sr-p2mp-policy-18.html#section-2.3)
- is there a disconnect? This is one of my comments on the SR P2MP Policy
draft - to provide more clarity.

The Root node selects the active Candidate Path based on the tie breaking
rules defined in[RFC9256
<https://www.ietf.org/archive/id/draft-ietf-pim-sr-p2mp-policy-18.html#RFC9256>
].


> 131        [draft-ietf-pim-sr-p2mp-policy] section 2, defines terms and
> concepts
> 132        specific to SR P2MP Policy including the CP and the TI.
>
> <minor> I couldn't find TI defined in that document. Please introduce in
> the base.
>
> HB> it is introduced in the introduction
> "To enable seamless global optimization a CP may consist of multiple P2MP
> Tree Instances (TIs), allowing for Make-Before-Break (MBB) procedures
> between an active TI and a newly established, optimized TI."
>

KT> Please introduce architectural constructs in the architectural spec
(i.e. the SR P2MP Policy draft) where it can be references by all protocol
specs - this LSP Ping is one document, but I would expect it to be used in
PCEP as well as perhaps in the YANG model.


>
> 142     3.  Motivation
>
> 144        A P2MP Policy and its corresponding Replication Segments are
> 145        typically provisioned via a centralized controller or configured
> 146        using NETCONF/YANG or CLI.  The root and the leaves are
> discovered in
>
> <minor> Perhaps you mean that the network topology that includes the root
> and leaves is discovered?
>
> HB> no, the controller sucks up the topology but the controller initiates
> the P2MP policy and its replication segments on the root, transit and leaf
> nodes.
>

KT> What is there to be discovered about these nodes by the controller?
Aren't they provisioned by the controller? My comment is that the choice of
the word "discovered" is odd and unclear. Please clarify.


>
> 161        This diagnostic process can be initiated from the node
> responsible
> 162        for establishing the P2MP Policy, ensuring proactive monitoring
> and
> 163        rapid fault detection.
>
> <minor> Is use of "rapid" appropriate here? Rapid as in BFD?
>
> HB> There are cases and implementations, that rapid pings are send for
> fault detection.
>

KT> Let me ask the question if the spec is going to suffer if "rapid" were
to be removed. Or can you find a reference to an existing LSP Ping spec
that talks about "rapid pings"? Implementations are free to make their own
choices but we need to get consensus from MPLS WG if this document is
introducing the concept of "rapid pings".


>
> 295     3.2.1.1.  P2MP Policy CP FEC Stack Sub-TLVs
>
> 297        The P2MP Policy MPLS Candidate Path sub-TLV value field follows
> the
>
> <major> Please consider changing the name of this TLV since it is not
> about CP but about the P2MP Tree instance under a CP. Perhaps "SR P2MP
> Policy Tree FEC Stack sub-TLV" ... or something similar. I was trying to
> not make it too long by including the CP in there, but that would also be
> ok.
>
> HB> It is actually detecting fault on a CP. A CP can have single TI or
> multiple TI. Hence why we choose the CP as part of the name.
>

KT> But as you say above, it is monitoring the TI under the CP and more
importantly the FEC specifies a unique TI and not the CP. i.e. if the CP
has multiple TI then each TI needs a separate LSP Ping session with its
unique FEC.


>
>
> 298        format specified in Section 2 of
> [draft-ietf-pim-sr-p2mp-policy].
> 299        The structure of this sub-TLV is illustrated in the figure
> below.
>
> <major> Please add text to clarify here that the CP identifiers are not
> required since the Instance-ID is unique within the SR P2MP Policy context
> (with a reference to section 2.3 of the p2mp policy draft).
>
> HB> There is no CP identifier in any text or document. Adding this would
> create more confusion and have the reader searching for what is a CP
> identifier.
>

KT> This looks like a disconnect. Refer
https://www.ietf.org/archive/id/draft-ietf-pim-sr-p2mp-policy-18.html#section-2.3
.. and this is why I've provided comments on the SR P2MP policy document to
clarify some of those things inline.

An SR P2MP Policy has one or more CPs. Identification of a CP in context of
the P2MP Policy is as specified in Section 2.9 of [RFC9256
<https://www.ietf.org/archive/id/draft-ietf-pim-sr-p2mp-policy-18.html#RFC9256>
].


>
> 315        *  Address Family: (2 octets) IPv4/IPv6 ADDRESS FAMILY NUMBERS
> as
> 316           specified in [IANA-AF] , indicating the address family of the
> 317           Root.
>
> <major> Are all AFIs allowed? I believe it has to allow only IPv4 or IPv6?
>
> HB> as per text "Address Family: (2 octets) IPv4/IPv6 ADDRESS FAMILY
> NUMBERS as specified in"
>

KT> Could you be more specific and disallow AFI values other than 1 and 2
in the text?

Thanks,
Ketan


>
> 319        *  Address Length: (1 octet) specifying the length of the Root
> 320           Address in octets (4 octets for IPv4, 16 octets for IPv6).
>
> <major> reserved is missing; also I believe it MBZ
> HB> good point thanks!
>
> 382     5.  IANA Consideration
>
> 384        IANA has assigned a TEMPORARY code point for the "P2MP Policy
> MPLS
> 385        Candidate Path" Sub-TLV Name.  This Sub-TLV is assigned from
> TLV type
> 386        1 (Target FEC Stack) from the "Multi-Protocol Label Switching
> (MPLS)
> 387        Label Switched Paths (LSPs) Ping Parameters" registry group.
> The
> 388        Sub-TLVs for TLV type 1 are listen under "Sub-TLVs for TLV
> Types 1,
>
> <minor> s/listen/listed
>
> HB> thanks! Updated.
>
> 397     6.  Security Considerations
>
> 399        Overall, the security needs for P2MP policy ping are the same as
> 400        [RFC8029].  The P2MP policy ping is susceptible to the same
> three
> 401        attack vectors as explained in RFC8029 section 5.  The same
> 402        procedures and recommendations explained in [RFC8029] section 5
> 403        should be taken and implemented to mitigate these attack
> vectors for
> 404        P2MP policy Ping as well.
>
> <major> Should this not include reference to the security considerations
> of the SR P2MP policy draft as well?
>
> HB> ok thanks added a text
>
> <EoRv18>
>
>
>
>