Re: [Roll] AD Review of draft-ietf-roll-efficient-npdao-16

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Tue, 29 October 2019 09:52 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE823120145; Tue, 29 Oct 2019 02:52:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=R8DnmK7r; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=SUCkD+F6
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7bpPnYu-E2Nc; Tue, 29 Oct 2019 02:52:14 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 492C112013C; Tue, 29 Oct 2019 02:52:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9308; q=dns/txt; s=iport; t=1572342734; x=1573552334; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=PIloIwTwkRlNGodEYZDQEnOX3/t0abEF1YBj/W62FW4=; b=R8DnmK7rEU0MtQ8kQ9pa9woDYhM2ZHw3GvKgO/F5/OvQmF+01YniU86b 3oXnk1dfT9b9LrN9RNXUufWA5JvZ/W/yHmkUKUyF8oHCPZBq6DjOEgTcf 6khB++5GtiQiIDwUvz4hRMILRBOzbDvqEs+2k1YUMtWFAMYiqvmutIT3T U=;
IronPort-PHdr: =?us-ascii?q?9a23=3AUFqo5RXVN9meOmBdCPKiIS+eS8/V8LGuZFwc94?= =?us-ascii?q?YnhrRSc6+q45XlOgnF6O5wiEPSA9yJ8OpK3uzRta2oGXcN55qMqjgjSNRNTF?= =?us-ascii?q?dE7KdehAk8GIiAAEz/IuTtankiAMRfXlJ/41mwMFNeH4D1YFiB6nA=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0ApAACsCrhd/49dJa1lGgEBAQEBAQE?= =?us-ascii?q?BAQMBAQEBEQEBAQICAQEBAYFsAgEBAQELAYFKKScFbFggBAsqhCiDRgOKb4J?= =?us-ascii?q?ef5ZsglIDVAkBAQEMAQEjCgIBAYRAAheDPiQ3Bg4CAwkBAQQBAQECAQUEbYU?= =?us-ascii?q?3DIVRAQEBAwESEQQNDAEBMgUBDwIBCA4MAiYCAgIwFRACBAENDRqDAYJGAw4?= =?us-ascii?q?gAQIMplwCgTiIYHV/M4J+AQEFhQwYghcDBoEOKAGMDhiBQD+BEUaBTkk1PoJ?= =?us-ascii?q?iAQECAYFggw4ygiyNQoI3nXMKgiSHEI45gjyMCIsYjj+BQIZqkR8CBAIEBQI?= =?us-ascii?q?OAQEFgWgjgVhwFYMnUBAUgwaBJwEJgkKFFIU/dAEBgSaOXgEB?=
X-IronPort-AV: E=Sophos;i="5.68,243,1569283200"; d="scan'208";a="567148623"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 29 Oct 2019 09:52:12 +0000
Received: from XCH-RCD-013.cisco.com (xch-rcd-013.cisco.com [173.37.102.23]) by rcdn-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id x9T9qC3F028556 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 29 Oct 2019 09:52:12 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-RCD-013.cisco.com (173.37.102.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 29 Oct 2019 04:52:12 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 29 Oct 2019 05:52:11 -0400
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 29 Oct 2019 04:52:10 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eNEJTSucVxqYiJU6z1soy8cBzad63egJpDUUc71Lh0BYKSA6BUEXIOaTwr9Yhy8DeSjTa5G6GZpaKlaUb3oa4uToSlCpun3nxO5eMXSSxl4ztoRnDgutpp64IujgUbZfpVb4a8AccQnFN+mPvLgaTglNUhENA5bfYx/8rj6+W0gt1g0OshVpV73Lr+vApp654sVUXg5E5NHxec81I54rIktaSYGrT3y33U0HyDJFuC05Nq5g8gDsleJIcNdkfOM8VUd9bKaIcRDta0WyiqRx9JeLN6VfCHAgWfigupjYux9nZ/7Y3OgVKImt+oCYBLaMnSCDty29wPMy6Inh5Yxo7g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PIloIwTwkRlNGodEYZDQEnOX3/t0abEF1YBj/W62FW4=; b=Hcf6ZsCn84SlLAUrqbpXYKSSrJodp7yzFh5gbu5eKBiSIRRiXmJ5Hytf+owcRg0LNod8YmFKzF2OepPldsoUo/zVU8s7zU+ckPDutdmyrcbv8c92K8wEyW8wIPz+yrT5zzpwlq6fC7YeUgRV150Fh2Qqgk86h1+VFLJY1hHGEazMxDpr9fOGCyt0EpQ7BNeywPW57G6kHyj6/3e9D7ERw8YiHhjvZYsM2d6yYl5xq/mna0AsEaUR9dPpU0M3tZVB0yKyvascNvyr3qhoD+bmdfeWnmu93IeZ1RDzLPzEDvElSVDBbwzX2IDylO9sFWNm9xCgS8DIGE1Fyojx2E0mfg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PIloIwTwkRlNGodEYZDQEnOX3/t0abEF1YBj/W62FW4=; b=SUCkD+F6lM8jFZcZQBYn2qC8IUI5M7q9aNlChzINSiDSESPp29FNRrkcv2fDUlcKEKx0B60q5GEfb68g3qLx2/YhC4lxFIXcCy6ie8QmvQD8mn28Q99YMjyIwDjcDXYeazZsAOS7212+mzi+bufx2URv2u+6OZzMdLCFNwAWnXc=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB3629.namprd11.prod.outlook.com (20.178.252.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2387.24; Tue, 29 Oct 2019 09:52:09 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::31c9:3a31:3c07:a920]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::31c9:3a31:3c07:a920%6]) with mapi id 15.20.2387.027; Tue, 29 Oct 2019 09:52:09 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Alvaro Retana <aretana.ietf@gmail.com>, "draft-ietf-roll-efficient-npdao@ietf.org" <draft-ietf-roll-efficient-npdao@ietf.org>
CC: "roll-chairs@ietf.org" <roll-chairs@ietf.org>, roll <roll@ietf.org>, Peter van der Stok <consultancy@vanderstok.org>
Thread-Topic: AD Review of draft-ietf-roll-efficient-npdao-16
Thread-Index: AQHVhRpHdCR3gF1qN0eG33Ksa1+m8KdlJ+hggATdowCAARmQUIAFaQ8AgADj+TA=
Date: Tue, 29 Oct 2019 09:51:50 +0000
Deferred-Delivery: Tue, 29 Oct 2019 09:50:55 +0000
Message-ID: <MN2PR11MB356591018987E7D4FA6215A6D8610@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <CAMMESswgX8YynN=tehXDMg+suOiiaCTpnoP9LxoH3orG06_Trw@mail.gmail.com> <MN2PR11MB3565181C2DDC7A3FB7DFCB2FD8690@MN2PR11MB3565.namprd11.prod.outlook.com> <CAMMESsz_MJSC+Sx5hPsTFVufqEGUYjuTJFt7pJs7mut_7nHRxA@mail.gmail.com> <MN2PR11MB3565998D4CD88FF786E892AED8650@MN2PR11MB3565.namprd11.prod.outlook.com> <CAMMESsxBriytQmDELLgOBw4zL8EWKbPKf0i6gztTbuvHDBxWZQ@mail.gmail.com>
In-Reply-To: <CAMMESsxBriytQmDELLgOBw4zL8EWKbPKf0i6gztTbuvHDBxWZQ@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:44f3:1300:fc9e:730:2c16:4060]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0ec1306d-ede4-4738-7102-08d75c55aa76
x-ms-traffictypediagnostic: MN2PR11MB3629:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <MN2PR11MB3629CAF08C96DC702E054DB1D8610@MN2PR11MB3629.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0205EDCD76
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(376002)(366004)(39860400002)(346002)(136003)(189003)(199004)(51444003)(6246003)(76176011)(4326008)(9686003)(6306002)(14454004)(55016002)(7696005)(7736002)(6436002)(6506007)(305945005)(86362001)(74316002)(966005)(25786009)(446003)(229853002)(66556008)(66446008)(6666004)(64756008)(66476007)(66946007)(11346002)(8676002)(76116006)(99286004)(81156014)(102836004)(81166006)(8936002)(71200400001)(478600001)(71190400001)(476003)(256004)(316002)(33656002)(52536014)(5660300002)(14444005)(66574012)(2501003)(110136005)(486006)(186003)(54906003)(2906002)(561944003)(6116002)(46003); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3629; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Nyfe3cdA+soSgV6a+rZ2V4xcTWZkY0ezTr/ADFmJ2uQOKiXPcfTr9tnUFPx5lgI7XuFHdr07DTzRt4EprYqepPUwq/uk70HNaKEdjd0PIYrAUV8yOoB5+0BcNpWe4b5PQOdvXtEB1KVUqFBgQiHVHdm9QgCbdiVxn8GQSJF+yquyFYMgkkNtymFai0bcZFUJKBy6a6f59j4YjAu+acAMfKHb4Qup3iQiHZArOAtSiDekq0//w8jz/VKQsbOZQugdci1939OJGwdc6hFfqKQAs9QmDPhOWnM8YjDQccd0mOxMDwFWJ44bKViu1iFKVgIAa5vK5eMVFB5OCq23MkgQVB5DDznXyMEWK5uK6gyFFeJfT5lo6XK5pBC6lKYiTGvrmebY/y/hTh6vlXTndiNH4z0Y6kBMsm3g1DJNAyqxePjVfogPz0eLD9zKBhGAx3C7FEzN/l4Rx2bjT9IPMeAOv8CacnyYOTEQvMazzAGdlCU=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 0ec1306d-ede4-4738-7102-08d75c55aa76
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Oct 2019 09:52:09.6279 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ygiw/VZyIV+QCL4ODRI5D/Kd9Svhx+xu3ocp/o2lrY7fI+sZfsr3CwiaVzdXp9avgerWJDFZRT0SvWHTuy9FlQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3629
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.23, xch-rcd-013.cisco.com
X-Outbound-Node: rcdn-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/roll/WQhb1HXTl00UC1oGyz0utW6bR9I>
Subject: Re: [Roll] AD Review of draft-ietf-roll-efficient-npdao-16
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Oct 2019 09:52:17 -0000

.
> >
> > It cannot be a convergence because RPL had rules in
> > https://tools.ietf.org/html/rfc6550#section-6.5.1 whereby the status
> > below
> > 128 are warning.
> > That provision was not really used so far to my best knowledge. So we
> > could drop it. We chose not to so far. Could be done though if that's
> > your recommendation.
> 
> I think that would be a lot clearer...but that is a decision that the WG needs to
> make.
> 
> 


Maybe we could restructure the RPL Status with the first 2 bits becoming significant as opposed to the first bit only.

Today:

Bit 0 set  => error
Bits 1->7 => status code

Proposed change:

Bit 0 set  => means error ( 0 is warning or OK)
Bit 1 set  => transporting ARO status (refers to RFC 8505 and updates for definition off the next status)
Bits 2->7 => status code | ARO status depending on bit 1

> 
> > > (2) draft-ietf-roll-unaware-leaves doesn't update the allocation
> > > guidelines from rfc6550 (§6.5.1) for the Status, which then lands
> > > "moved" in the "Rejection" range. IOW, the meaning is changed, but
> > > the original meaning of the DAO-ACK Status is not updated...
> > >
> > > [We are not reviewing draft-ietf-roll-unaware-leaves here, so some
> > > of these comments can be saved for later. ;-)]
> >
> > I see: we need to indicate that we update/extend the semantics of a
> > the DAO-ACK status.
> > Should that be indicated in npdao draft or in unaware leaves, where
> > the IANA is done for all?
> 
> If the IANA update is to be done in draft-ietf-roll-unaware-leaves, then there
> (that is part of the reason for the Normative dependence below).


I'm good with that. Considering the stage of this doc, I'd rather not change it too much and do the above in the RUL draft.
We can complete the RUL draft quite quickly now,  and ship this useofrplinfo and RUL together.
 
> 
> > > Needless to say, I don't like this approach.
> 
> To be clear, what I don't like is the fact that message that seem to be intended
> for different things (ND, DAO-ACK, DCO) share the same status
> information...and that it is not consistently corresponding (the same values
> don't mean the same things...)....so while homogenizing is a good thing, we
> seem to (currently) only go half way.
> 

This is really helpful, Alvaro.
I read the whole answer once before starting to answer and the proposal above is what I found to meet this and the below.


> > We are specifying it right now in Efficient-NPDAO. RFC 8505 was
> > forward looking to that respect. It had to indicate the ND status for
> > that case and that status is "moved".
> > - It means the guys was down there but is no more. Which is exactly
> > the topic of NPDAA, cleanup a downwards path that leads to a location
> > from which the target has moved away.
> > - But it could not discuss how RPL translates it back and forth. The
> > generic spec for that is unaware-leaves. DCO is a special case of
> > RC/status that matches "moved" in RFC 8505.
> 
> Ok...so this piece is also dependent on
> draft-ietf-roll-unaware-leaves.  I expect then clear pointers from draft-ietf-roll-
> efficient-npdao to it.
> 
> 

Certainly


> > The meaning we wanted to convey is that when propagating down the DCO,
> > the status from the parent MUST be repeated unchanged to the children.
> 
> Yes, I understand.
> 
> My question is from the Normative point of view.  The rfc2119 keywords
> "MUST only be used where it is actually required for interoperation".
> If informative, then we don't need "MUST NOT"...but if there is a behavior
> expectation (or as you wrote above: "be turned into ND again and in those cases
> the meaning must be conveyed unmodified"), then the required behavior
> should be able to be verified somehow...and, ideally, the specification should
> include an indication of what the behavior should be if the mandatory action is
> not met.  We can of course trust that nodes will follow the specification and will
> not change the contents of the status...
> 
> So..I would like to see a couple of things:
> 
> (1) A clear indication of whether specific behavior is expected (you have
> mentioned it twice in this thread, but the document doesn't reflect that) or not
> based on the status.

Will do

> 
> (2) Text (maybe in the security considerations) pointing out the effect of,
> changing the value in-flight, and how (if possible) to mitigate it.
 
Same here. Note that I do not have a mitigation in mind right now.


> 
> 
> > Suggestion to reword from the perspective of the intermediate router.
> >
> > > (2) If only values > 128 are expected, then what should a receiver
> > > do if a value < 128 is received? Should the DCO not be propagated further?
> >
> > Yes, the DCO should be propagated and as done today, it causes the
> > destruction of the path regardless of the value of the status, even a
> > warning <128.
> > Should we change that so a warning is propagated but the route is
> > conserved or something? There is no known usage of that today, does
> > that protect the future better?
> 
> Going back to the text, which reads: "Only Rejection Codes (values of
> 128 and above) are expected in a DCO."  Also, going back to your statements
> above about specific behavior resulting from the status value.  I just want to
> make sure the specification is clear related to what should be done; if any value
> is ok, then the text is, at minimum not clear...if the behavior depends on the
> value, then there's an effect if the value is not that is expected...
> 

That text goes away if you agree with the proposal of the additional bit in the RPL status. The new text would say that "the ARO status MUST be placed unchanged by the root" in the mapped DCO with the bit ARO set. Conversely that the "6LR MUST place the mapped ARO status in the NA(ARO) that is built upon the DCO". 

RPL already has text like "
                  The root of a DODAG is
   authoritative for setting that information and the information is
   unchanged as propagated down the DODAG.
"

We can emulate that form for the DCO, say that "The root or common parent that generates a DCO is authoritative for setting the status information and the information is unchanged as propagated down the DODAG. " The transported ARO status is just a case of that. We'd also say that "this spec does not specify a differentiated action based on the status."


> 
> I hope we're making progress.  If not, we might want to think about speaking
> live. :-)

We are. If you agree with the proposed line above I'll make editions and come back to you for more comments and/or approval.

This is all very much appreciated, Alvaro.

Pascal