IETF Logo Mail Archive

Re: [Roll] capability vs. configuration

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Mon, 27 May 2019 07:51 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: roll@ietfa.amsl.com
Delivered-To: roll@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34BE21201EB for <roll@ietfa.amsl.com>; Mon, 27 May 2019 00:51:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=jG+64NSw; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=hSE3TNnc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e79Ms6HX4Yrz for <roll@ietfa.amsl.com>; Mon, 27 May 2019 00:51:33 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B163120058 for <roll@ietf.org>; Mon, 27 May 2019 00:51:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=40726; q=dns/txt; s=iport; t=1558943492; x=1560153092; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=p6K7fA9OK1ktjrtBUIdAqkb7sFFDvPBDEla9rPDAy6M=; b=jG+64NSwYag8dW/9qzJt5+TotBimkYfyAO1Dhec1Za9rJUKfym8OkEud QCM3zOTtaWVK8I7CW7f52dOtP8sBy/DjkI7d5KPwyMUwQ5a+oEhMmbDU/ wkvxDQgFM1HOqNOGomgeLUJoxikv4R9vdVr6szXk7Hr+AYXJwTrvIUUS+ o=;
IronPort-PHdr: 9a23:f7iQxBXaG5RQkJxB78aOhJhNbODV8LGuZFwc94YnhrRSc6+q45XlOgnF6O5wiEPSA9yJ8OpK3uzRta2oGXcN55qMqjgjSNRNTFdE7KdehAk8GIiAAEz/IuTtankiAMRfXlJ/41mwMFNeH4D1YFiB6nA=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0B/AAAMlutc/4cNJK1aCh4BBgcGgVEJCwGBDi8kLANpVSAECyiEE4NHA455SoINlyuBLhSBEANUCQEBAQwBARgBCgoCAQGEQAIXgjUjNAkOAQMBAQQBAQIBBG0cDIVKAQEBBAEBEBEKEwEBKwEMDwIBCBEDAQEBIQcDAgICJQsUCQgCBBMIGoMBgR1NAx0BAgycEAKBOIhfcYEvgnkBAQWBNgKDQxiCDwMGgTQBhGiBIIFYg3IXgUA/gRFGgU5+PoJhAQEDgR0WBQoFCg8eDQmCVDKCJoskEkKCFIRjlH9pCQKCDYY0hEiINIIfimaJRI4WhVqOdgIEAgQFAg4BAQWBTziBV3AVO4Jsgg+DcIUUhT9ygSmKWAEkgiwBAQ
X-IronPort-AV: E=Sophos;i="5.60,518,1549929600"; d="scan'208,217";a="563417115"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 May 2019 07:51:30 +0000
Received: from XCH-RCD-014.cisco.com (xch-rcd-014.cisco.com [173.37.102.24]) by alln-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id x4R7pUtf006940 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL) for <roll@ietf.org>; Mon, 27 May 2019 07:51:30 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-RCD-014.cisco.com (173.37.102.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 27 May 2019 02:51:29 -0500
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 27 May 2019 03:51:28 -0400
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 27 May 2019 02:51:27 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p6K7fA9OK1ktjrtBUIdAqkb7sFFDvPBDEla9rPDAy6M=; b=hSE3TNncToT+kYLdnFjhjftOutwH/WmpI1+8Ny+sqT+uhS8loKwegY5cayF8jQ/0FsqPIKaX/L3fGHNPVUmQJSsbCuMyqoDAT2UIdUEokFv5Vog0rpeaTOlcNu51lmVLQBbRImfXoEfd1LWTq2meRnN0pX8qJrJfP/O01IyEtmI=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB3709.namprd11.prod.outlook.com (20.178.252.214) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1922.22; Mon, 27 May 2019 07:51:26 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::7cc2:b440:8820:f0fc]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::7cc2:b440:8820:f0fc%7]) with mapi id 15.20.1922.021; Mon, 27 May 2019 07:51:26 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Routing Over Low power and Lossy networks <roll@ietf.org>
Thread-Topic: [Roll] capability vs. configuration
Thread-Index: AQHVFDua42hZh9XuNUOlnMD+d9AwVaZ+a88WgACJJAD//4rNcIAAnh6A//96XLA=
Date: Mon, 27 May 2019 07:51:20 +0000
Deferred-Delivery: Mon, 27 May 2019 07:50:42 +0000
Message-ID: <MN2PR11MB35656EA9D424F14CA5396752D81D0@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <A587F9B0-9F1A-4307-9D3E-C261D6EF566A@cisco.com> <6E26B721-36DF-4B0D-8930-3F90179D557B@cisco.com> <87C818D7-A6D2-466D-9E74-3FBFCBD812F9@cisco.com> <MN2PR11MB356549E5AB3B8CFDC7249465D81D0@MN2PR11MB3565.namprd11.prod.outlook.com> <9AB2EEFD-ADCA-4447-B8BE-0AA2EF1EED06@cisco.com>
In-Reply-To: <9AB2EEFD-ADCA-4447-B8BE-0AA2EF1EED06@cisco.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:c0c0:1001::112]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3a741334-afb4-4449-26b1-08d6e2781f2c
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600148)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:MN2PR11MB3709;
x-ms-traffictypediagnostic: MN2PR11MB3709:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <MN2PR11MB37090009094ECAEC713BE0B0D81D0@MN2PR11MB3709.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0050CEFE70
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(376002)(396003)(346002)(136003)(39860400002)(199004)(189003)(51444003)(53546011)(6506007)(102836004)(186003)(99286004)(8936002)(52536014)(316002)(71190400001)(71200400001)(7696005)(76176011)(6436002)(74316002)(7736002)(446003)(11346002)(229853002)(33656002)(6916009)(76116006)(6246003)(73956011)(476003)(53936002)(486006)(14454004)(66946007)(606006)(966005)(478600001)(66556008)(66476007)(64756008)(66446008)(6116002)(790700001)(55016002)(6306002)(54896002)(66574012)(6666004)(236005)(86362001)(9686003)(8676002)(25786009)(81166006)(81156014)(14444005)(68736007)(2906002)(256004)(5660300002)(46003)(24704002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3709; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: IEC2/Xx5T+3nJSgz9kEfrbNj8JWMojOk8NqXx+QVsIVgNPvOHht3TE0hSj/qGgtOfS36ouMh1gpS5jNoSM4VEDP/8C23GSM5H1vcUOn3zlZkYHKWXvqDi0DL+dVjcwRALGfoMb7QYjRWCx2x9mvTqbsTWH319yhh1HELR43sRg1+lRNQ7BezhOxRrRSwCz4r1RLJIXxn9lSt9q0/BcrZS86XWR1JOFAc9BXiY9EiKGHJ1Cp1o38EYgH1XL8BInc5byMas6MZGXaM9nVBr29qpw6tK+0mV8rC/h/fW2HbU676FwQQhdKxU/hrDCiNWD2MByzmtQVveJ6X2lNllE++FTAE3cMLcckqfmR4kfAAXVoydwH8z4Q+QbMdUWuctHoRmbzIbDXnZPlBW+U6QWUWjwM63eapaXhH75YinaF9o3g=
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB35656EA9D424F14CA5396752D81D0MN2PR11MB3565namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 3a741334-afb4-4449-26b1-08d6e2781f2c
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 May 2019 07:51:26.4515 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pthubert@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3709
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.24, xch-rcd-014.cisco.com
X-Outbound-Node: alln-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/roll/aw2u_N1su8xuq4X2Wx6PVo6LmUU>
Subject: Re: [Roll] capability vs. configuration
X-BeenThere: roll@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Over Low power and Lossy networks <roll.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/roll>, <mailto:roll-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/roll/>
List-Post: <mailto:roll@ietf.org>
List-Help: <mailto:roll-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/roll>, <mailto:roll-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 May 2019 07:51:37 -0000

Hello Li:

The draft is written so that we can live with node that have seen the flags and nodes that have not seen it, as long as all nodes support RFC 8138.
The point is that a node must keep the packet in its form, compressed or not, so the format of the packet will only depend on whether the source saw the flag or not.
IOW nodes always accept to process a packet that is encoded with RFC 8138, but they can only source such a packet if they saw the flag.

We could have text to clarify that as well in the applicability.

Does that work for you?

Pascal

From: Roll <roll-bounces@ietf.org> On Behalf Of Li Zhao (liz3)
Sent: lundi 27 mai 2019 09:45
To: Routing Over Low power and Lossy networks <roll@ietf.org>
Subject: Re: [Roll] capability vs. configuration

Hello Pascal,

Flag day idea looks good for me. And we should note two points:

  1.  Some battery node need long time to sync flag day from DIO
  2.  Some node doesn’t have UTC time. Maybe we should use time drift to identify flag day?

Best regards,
Li

From: Roll <roll-bounces@ietf.org<mailto:roll-bounces@ietf.org>> on behalf of "Pascal Thubert (pthubert)" <pthubert@cisco.com<mailto:pthubert@cisco.com>>
Reply-To: Routing Over Low power and Lossy networks <roll@ietf.org<mailto:roll@ietf.org>>
Date: Monday, May 27, 2019 at 2:37 PM
To: Routing Over Low power and Lossy networks <roll@ietf.org<mailto:roll@ietf.org>>
Subject: Re: [Roll] capability vs. configuration

Hello Li

I think we agree and I think you still support the turnon_8138 draft. In more details: the flag is useful in a transition till all nodes are converted to ensure a continuity of operation during a transition.

A network with the flag off and hybrid support works. When all nodes support RFC 8138 and as the new config spreads only a few saw the flag things still work, you’ll see packets of both types but all will be forwarded.
But rolling back the flag is not guaranteed to work fully before a long time since a node here and there may still be missing the update of the DIO and keep on using RFC 8138.

I think that what is true there is true also for useofrplinfo. The flag is used to delay the use of the new feature till the flag day. Once the flag day is passed, that’s it for all.

The capability is good to reassure the admin that all nodes are upgraded and ready. If after that the admin deploys  a back level node, his mistake.

Now we can work on minimizing the damage. E.g. we can add text to say that a child cannot forward an RFC 8138 via a parent that does not set the flag. But then, we’d need the parent to express his capability and that’s again an interaction with the capability draft. Note that the parent cannot change the config option and must forward it as is, whether it understands it or not.

Also, the root must encaps with RFC 8138 only along a path that is known to support it. E.g., if the child does not then the root can encapsulate to the parent ip in ip, and leave native RFC 6775 in the inner packet.

Doe sthat look good ?

Pascal

From: Roll <roll-bounces@ietf.org<mailto:roll-bounces@ietf.org>> On Behalf Of Li Zhao (liz3)
Sent: lundi 27 mai 2019 07:19
To: Routing Over Low power and Lossy networks <roll@ietf.org<mailto:roll@ietf.org>>
Subject: Re: [Roll] capability vs. configuration

Hello Pascal,

My point is that dynamic switch the capability too frequently or too easily is not good. At least we need some rule to limit the switch capability.

For example, if a root forms a network with 1000 nodes which supports 8183. What should root do when it receives a non-8138 compatible DAO? Reject this node or switch the whole network to non-8138. It’s hard to decide by root itself.


Best regards,
Li

From: Roll <roll-bounces@ietf.org<mailto:roll-bounces@ietf.org>> on behalf of "Pascal Thubert (pthubert)" <pthubert@cisco.com<mailto:pthubert@cisco.com>>
Reply-To: Routing Over Low power and Lossy networks <roll@ietf.org<mailto:roll@ietf.org>>
Date: Monday, May 27, 2019 at 1:08 PM
To: Routing Over Low power and Lossy networks <roll@ietf.org<mailto:roll@ietf.org>>
Subject: Re: [Roll] capability vs. configuration

Hello Li

I do not understand your point that the capability to switch to 8138 is not a good idea.
I understand it is better to avoid the situation but sometimes you have no choice. And if you upgrade a first node in the middle of the network then there are no parent to form a dodag.

Bottom line is you upgrade all your nodes and then you set the flag in the capability.

What do I miss?


Regards,

Pascal

Le 27 mai 2019 à 05:24, Li Zhao (liz3) <liz3@cisco.com<mailto:liz3@cisco.com>> a écrit :
In order to decide whether  it can safely set the config flags, it would be good that the root knows about the node capabilities such as route projection, RFC 8138 compression and option x23 for RPI. So I thought that the node could expose that capability using mop-ext and we add the bits in the draft already.

[RJ] So the root is expected to set the T-flag after learning the nodes capabilities after the initial DIO-DAO round .. is this right? i.e. once the root learns that all nodes are 8138 capable then it sets the T-flag in the subsequent DIO (possibly after DTSN increment)? What happens if a node springs up later and announces that it does not support 8138 after the T-flag was turned on by the root ?

[Li] How to identify the initial DIO-DAO round is also a problem to deal with. Because the root doesn’t know the scalability/max hop/form time of each PAN.
One propose is adding scalability/form time as capability of root, root can detect initial DIO-DAO and then announces 8138 or option x23 to nodes.

[RJ]  What happens if a non-8138 compatible node springs up later (i.e., after root has announced T-flag set in DIO) and advertises that it is not 8138 capable ? Would root in turn start updating the network to reset T-flag in DIO? In this case there could be 8138 compressed traffic in-transit while the unsetting of T-flag is in progress.

[Li] The mixed 8138 and non-8138 network should not be common case when deployment. It’s usually existing during upgrading firmware. Dynamic switch 8138/non-8138 by root is not a good idea.
If it’s indeed a mixed network, two instances(one for 8138 and another for non-8183) is a workaround.

For route projection, we could include a number of routes that the node can store, using a number like 10 hops max for non-storing PDAOs.

[RJ] Yes this could be done and will help route projection.

[Li] In non-storing PDAO, the route entries number and max hops are both needed as capabilities.

Best regards,
Li


From: Rahul Arvind Jadhav <rahul.jadhav@huawei.com<mailto:rahul.jadhav@huawei.com>>
Date: Saturday, May 25, 2019 at 9:18 AM
To: Routing Over Low power and Lossy networks <roll@ietf.org<mailto:roll@ietf.org>>, Li Zhao <liz3@cisco.com<mailto:liz3@cisco.com>>
Subject: RE: capability vs. configuration

As you know, we have a configuration option in standard RPL. It is used by useofrplinfo to trigger the use of option x23 and by https://tools.ietf.org/html/draft-thubert-roll-turnon-rfc8138-00 to trigger the use of RFC 8138 compression.

This must not be confused with the capability draft in draft-rahul-roll-mop-ext which is how the nodes and the root share on what capabilities they have. A configuration is a flat order from the root, the capability is an exchange of information.

[RJ] By flat order, I assume you mean that all the nodes either support it or they don’t. There are no mixed nodes. In this case, yes, this is a candidate for existing configuration option rather than capabilities. I read the draft and I believe this to be true.

In order to decide whether  it can safely set the config flags, it would be good that the root knows about the node capabilities such as route projection, RFC 8138 compression and option x23 for RPI. So I thought that the node could expose that capability using mop-ext and we add the bits in the draft already.

[RJ] So the root is expected to set the T-flag after learning the nodes capabilities after the initial DIO-DAO round .. is this right? i.e. once the root learns that all nodes are 8138 capable then it sets the T-flag in the subsequent DIO (possibly after DTSN increment)? What happens if a node springs up later and announces that it does not support 8138 after the T-flag was turned on by the root ?

For route projection, we could include a number of routes that the node can store, using a number like 10 hops max for non-storing PDAOs.

[RJ] Yes this could be done and will help route projection.

_______________________________________________
Roll mailing list
Roll@ietf.org<mailto:Roll@ietf.org>
https://www.ietf.org/mailman/listinfo/roll

v2.23.0 | Report a Bug | By Email