Re: [PWE3] WG Last Call for draft-ietf-pwe3-endpoint-fast-protection-01

[Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>]

Yimin hi,
Lots of thanks for a prompt response.

Unfortunately, from my point of view, the issues I've raised still remain unresolved. Please see additional questions inline below.

Regards,
       Sasha 
Email: Alexander.Vainshtein@ecitele.com
Mobile: 054-9266302

> -----Original Message-----
> From: Yimin Shen [mailto:yshen@juniper.net]
> Sent: Tuesday, July 29, 2014 7:56 PM
> To: Alexander Vainshtein; stbryant@cisco.com; Yakov Rekhter;
> pwe3@ietf.org
> Subject: RE: [PWE3] WG Last Call for draft-ietf-pwe3-endpoint-fast-
> protection-01
> 
> Hi Sasha,
> 
> Thanks very much for the review and comments. Please see my responses
> inline. Hope they are helpful.
> 
> 
> Thanks,
> 
> /Yimin
> 
> 
> 
> -----Original Message-----
> From: pwe3 [mailto:pwe3-bounces@ietf.org] On Behalf Of Alexander
> Vainshtein
> Sent: Tuesday, July 29, 2014 10:08 AM
> To: stbryant@cisco.com; Yakov Rekhter; pwe3@ietf.org
> Subject: Re: [PWE3] WG Last Call for draft-ietf-pwe3-endpoint-fast-
> protection-01
> 
> Stewart, Yakov and all,
> I have started reading the draft, and it seems that it breaks quite a few
> common architectural assumptions.
> 
> [yshen] This draft is fully based on the PWE3 architecture and the MS-PW
> architecture.
> 
> The following text from Section 3.1 "Single-Segment PW" looks highly
> problematic to me:
> <quote>
>   At any given time, each CE sends traffic via only one AC and receives
>    traffic via only one AC.  The two ACs MAY or MAY NOT be the same.
>    The AC used to send traffic is determined by the CE, and MAY rely on
>    an end-to-end OAM mechanism between the CEs.  The AC used for the CE
>    to receive traffic is determined by the state of the network and the
>    protection mechanism in use, as described later in this document.
> <end quote>.
> 
> To the best of my order for the pair of interconnected CEs to be able to
> operate in this way each of them should treat the pair of ACs shown in Figure
> 1 as a single logical entity.
> E.g., if we are speaking about Ethernet PWs, each CE could treat Ethernet
> links supporting these two ACs as a single Link Aggregation Group. However,
> the draft does not mention any such thing (or at least I did not find it).
> 
> Do I miss something important here?
> 
> [yshen] It is a logical view that the CE is dual-home to 2 PEs over 2 distinct
> ACs. AC is a concept well defined in RFC 3985. In terms of the actual PE-CE
> connection in the case of Ethernet, the CE could have 2 distinct Ethernet links
> or 2 VLANs over a single LAG.
> 
[[Sasha]] If I read your response correctly, each dual-homed CE treats each if its two ACs as an individual entity.
I see this is as highly problematic. E.g., consider the case when CE1 and CE2 are two CE routers running some link-state routing protocol between them.
-  In the normal situation, CE1 probably would see its two ACs as two parallel bi-directional links.
- With PW redundancy, one of these links (one that corresponds to the current Active PW) would be Up and the other one - Down
- With your proposal, the typical link-state routing protocol between CE1 and CE2 would not be able to form any adjacencies across any of these links, because this process requires bi-directional link connectivity; so regardless of whatever happens in the PW domain CE1 and CE2 would consider each other as unreachable across this domain.
Did I miss something? (I intentionally leave aside protocols like OLSR that can handle unidirectional links).

> I also wonder whether, in the single segment PW scenario, the same level of
> protection could not be achieved with ICCP  (RFC 7275) running between
> each pair of PEs and, possibly with 4 (instead of 2) PWs.  For the reference,
> ICCP (or RFC 7275) is not mentioned in the draft, even if a possible alternative
> solution to some of the problems it solves. (
> 
> [yshen] Thanks for pointing out ICCP. We will mention it in the next revision.
> In this draft we broadly refer to such kind of mechanism as "control plane
> repair". The purpose of this draft is to locally repair traffic at the failure point,
> in order to reduce traffic loss before ICCP or other control plane repair
> mechanism kicks in.

[[Sasha]] I am not sure ICCP in this case would mean slow protection. Its function here would be just to synchronize the state of PWs between PE1 and PE3/PE2 and PE4, and this can be reasonably fast IMO. The Protection State Coordination (PSC) protocol in RFC 6378 looks like an analog (with some stretch of course), and it is supposed to provide pretty fast protection switching.
> 
> Stewart did not specify in his email which MPLS architecture principles he
> thinks are broken by this draft.
> 
> I think, however, that some PWE3 architectural principles are definitely are
> broken, and this includes:
> - Bi-directional nature of the PW - it seems that the draft allows each a PW be
> Up in one direction and Down in the other one
> 
> [yshen] No, the draft does not allow that. It only says that we can send traffic
> of one direction over one PW, while sending traffic of the opposite direction
> over another PW (i.e. backup PW). Both PWs should be up bidirectionally.
> 
> 
[[Sasha]] Sorry but I do not understand that. The draft discusses something like  the "egress AC failure". If, say. PE1 detects that, I expect it would send a PW Status with "PW not Forwarding" and "Local AC Transmit Fault" bits set to PE2. Would this not mean that the PW between PE1 and PE2 is Down?

> - Lack of dependencies between the PSN tunnels and the PWs they carry.
> 	* Consider the network diagram shown in Figure 5 in Section 4.1
> 	* The text suggests that the tunnel between PE1 and PE2 must
> recognize PE4 as the "protector" node for the PW it carries
> 	* What is supposed to happen if the tunnel between PE1 and PE2
> carries, say, 10 PWs, each with its own backup PE PE4-1, ... PE4-10)?
> 
> [yshen] In your example, the 10 PWs are protected by 10 different
> protectors. In this case, you would need 10 different tunnels, destined to 10
> different context IDs (one context ID per <PE2, PE4-x>). If multiple PWs are
> protected by the same protector, they can be carried by the same tunnel.
> 
[[Sasha]] This looks like a non-scalable solution to me.
> 
> - Lack of dependencies between the mechanism used for the tunnel setup
> (LDP, RSVP-TE, manual configuration etc.) and the PWs this tunnel carries.
> 	* Is the protection model described in Section 4.1 compatible with
> Tunnel LSPs being set up by LDP? With, say, GRE tunnels carrying the PWs
> using MPLS-in-GRE?
> 
> [yshen] Yes, it is compatible. The draft is generic on transport layer, and it
> allows tunnels to be LDP, RSVP-TE, GRE, etc. These protocols already provide
> sufficient machineries for setting up transport tunnels and bypass tunnels.
> Therefore, the draft doesn't require new extension to these LSP signaling
> protocols.
> 
[[Sasha]] Sorry but this does not match your response to my previous question/issue where you have explained that you effectively need a tunnel per PW between PE1 and PE2. RSVP-TE can provide that; but how is LDP supposed to do that?

> Last but not least, I would like to understand better how the draft is
> protecting MS-PWs against S-PE failures.
> Specifically, I'd like to understand whether it is applicable to the case when
> each pair of T-PEs resides in its own AS, with two pairs of directly connected
> ASBRs between these two ASs acting as S-PEs.  There would be no need to
> set up any tunnel LSPs between each pair of S-PEs in this scenario.
> I would appreciate an analysis of this scenario regarding ability to protect
> about the ASBR/S-PE failure. IMO it is a relevant scenario because MS-PWs
> are one of the methods to provide inter-AS services.
> 
> [yshen] The MS-PW topology in this draft is based on the Figure-4 of RFC
> 5659, which is slightly different than the scenario you mentioned above.
>
[[Sasha]] Figure 4 in RFC 5659 does not say anything about inter-AS.
>
> However, the mechanism in this draft does apply to this scenario as well. It
> should work equally if S-PEs are one-hop or multi-hops away from each
> other. Please see the picture below. In this case, SPE1 ~ SPE4 are ASBRs.
> When SPE4 detects the failure of SPE3, it will do a local repair and redirect PW
> traffic to SPE4 which is the protector. The bypass between SPE1 and SPE4
> may be a one-hop tunnel or a multi-hop tunnel, depending on the actual
> topology between the 2 AS'.
 >
[[Sasha]] This approach can work if SPE1 is directly connected to SPE4 because in this case there would be no need for a tunnel LSP between them. 
I do not see a simple way to set up an LSP between SPE1 (in AS-1) and SPE4(in AS-2) if such connectivity is not present; could you possibly expand on how this is supposed to happen?
>
 >  In any case, SPE4 will send PW traffic over a
> tunnel to TPE4.
> 
>                   |<--------------- PW1 ----------->|
> 
>              - TPE1 -------- SPE1 - SPE3 --------- TPE2 -
>             /                PLR \                       \
>            /                      \                       \
>         CE1                  bypass\                        CE2
>            \                        \                     /
>             \                        \                   /
>              - TPE3 -------- SPE2 - SPE4 --------- TPE4 -
>                                   protector
> 
>                   |<--------------- PW2 ----------->|
> 
> My 2c,
>        Sasha
> Email: Alexander.Vainshtein@ecitele.com
> Mobile: 054-9266302
> 
> > -----Original Message-----
> > From: pwe3 [mailto:pwe3-bounces@ietf.org] On Behalf Of Stewart Bryant
> > Sent: Tuesday, July 29, 2014 3:35 PM
> > To: Yakov Rekhter; pwe3@ietf.org
> > Subject: Re: [PWE3] WG Last Call for draft-ietf-pwe3-endpoint-fast-
> > protection-01
> >
> > On 25/07/2014 16:24, Yakov Rekhter wrote:
> > > Hi,
> > >
> > >> This email begins a second two week working group last call for
> > >> http://tools.ietf.org/html/draft-ietf-pwe3-endpoint-fast-protection-01 .
> > >>
> > >> Please review the draft and post any comments to the PWE3 list.
> > >>
> > >> If you have read the draft, even if you don't have any comments,
> > >> but would like to see the draft progressed,  please can you
> > >> indicate this to the
> > list.
> > >>
> > >> This working group last call will end on Friday August 8th, 2014.
> > > I would like to see the draft progressed.
> > >
> > > Yakov.
> > >
> > > _______________________________________________
> > > pwe3 mailing list
> > > pwe3@ietf.org
> > > https://www.ietf.org/mailman/listinfo/pwe3
> > >
> > Yakov
> >
> > Doesn't this draft implicitly make a number of extensions to the MPLS
> > architecture?
> >
> > Stewart
> >
> > _______________________________________________
> > pwe3 mailing list
> > pwe3@ietf.org
> > https://www.ietf.org/mailman/listinfo/pwe3
> 
> _______________________________________________
> pwe3 mailing list
> pwe3@ietf.org
> https://www.ietf.org/mailman/listinfo/pwe3