Re: Benjamin Kaduk's Discuss on draft-ietf-bfd-multipoint-18: (with DISCUSS and COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Tue, 03 July 2018 21:37 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D47BC130F5C; Tue, 3 Jul 2018 14:37:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3_g_E2jXVKZK; Tue, 3 Jul 2018 14:37:27 -0700 (PDT)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5761B130ED1; Tue, 3 Jul 2018 14:37:27 -0700 (PDT)
X-AuditID: 1209190e-ed1ff7000000633c-51-5b3bec953874
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id C7.B4.25404.59CEB3B5; Tue, 3 Jul 2018 17:37:26 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id w63LbOAR021011; Tue, 3 Jul 2018 17:37:24 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w63LbJT6013145 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 3 Jul 2018 17:37:22 -0400
Date: Tue, 03 Jul 2018 16:37:19 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Greg Mirsky <gregimirsky@gmail.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-bfd-multipoint@ietf.org, Reshad Rahman <rrahman@cisco.com>, bfd-chairs@ietf.org, rtg-bfd@ietf.org
Subject: Re: Benjamin Kaduk's Discuss on draft-ietf-bfd-multipoint-18: (with DISCUSS and COMMENT)
Message-ID: <20180703213719.GV22125@kduck.kaduk.org>
References: <153054590296.16179.16086467374642181875.idtracker@ietfa.amsl.com> <CA+RyBmXHeVMTOaYYybaYK1ckj0b0FcfQDFcdqWh2uh-tUTvKgw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CA+RyBmXHeVMTOaYYybaYK1ckj0b0FcfQDFcdqWh2uh-tUTvKgw@mail.gmail.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprOKsWRmVeSWpSXmKPExsUixCmqrDvtjXW0wbXznBaTb65mtPi+8hab xbdpT1ktZvyZyGxxbUUru8XnP9sYHdg8pvzeyOqxc9Zddo8lS34yBTBHcdmkpOZklqUW6dsl cGVc7PvEVnAhoOLN4162BsaN9l2MnBwSAiYSV34fZ+5i5OIQEljMJDFr3Xp2CGcDo8TaNTuZ QaqEBK4wSTzakwNiswioSBw6/psFxGYDshu6L4PViAioS3RuOw7WzCwwh1Fi65ajYAlhgWSJ c21fwBp4gdYd/NvBBLFhKqNEz9bFzBAJQYmTM5+AFTELaEnc+PcSqIgDyJaWWP6PAyTMKRAo sffPI1YQW1RAWWJv3yH2CYwCs5B0z0LSPQuhewEj8ypG2ZTcKt3cxMyc4tRk3eLkxLy81CJd Y73czBK91JTSTYzg0Jbk28E4qcH7EKMAB6MSDy9DhXW0EGtiWXFl7iFGSQ4mJVFe+Y1AIb6k /JTKjMTijPii0pzU4kOMEhzMSiK821StooV4UxIrq1KL8mFS0hwsSuK82YsYo4UE0hNLUrNT UwtSi2CyMhwcShK8V18DDRUsSk1PrUjLzClBSDNxcIIM5wEaLglMBUK8xQWJucWZ6RD5U4zG HPOOTp3EzPHnPZAUYsnLz0uVEuc9DTJOAKQ0ozQPbhooPUlk7695xSgO9JwwrwVIFQ8wtcHN ewW0igloVc82S5BVJYkIKakGxjl/XivUhv7PfrnoZN5Eh4UB0/ZoRtwOX+lsVRQ7Y9afC2Fy vVeNon/a2tut/lW7gYHnWSOTw0yJ82f//SqSyHZPaWN8dan0ZvM7P9PW9LM9Z33zOv5td92s uE43x5qhwq5TTm7vU80dZlPLRfkivy4oXV7G7Bwzb1fd67yty6Zc193M4hdvpcRSnJFoqMVc VJwIAIyKAXoqAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/6eJHxwC54LA6Sikuxn1Wz08u4q8>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jul 2018 21:37:32 -0000

On Mon, Jul 02, 2018 at 04:51:58PM -0700, Greg Mirsky wrote:
> Hi Benjamin,
> thank you for the thorough review and the most detailed analysis of the
> specification. Please find my answers in-line tagged GIM>>.
> 
> Regards,
> Greg
> 
> On Mon, Jul 2, 2018 at 8:38 AM, Benjamin Kaduk <kaduk@mit.edu> wrote:
> 
> > Benjamin Kaduk has entered the following ballot position for
> > draft-ietf-bfd-multipoint-18: Discuss
> >
> > When responding, please keep the subject line intact and reply to all
> > email addresses included in the To and CC lines. (Feel free to cut this
> > introductory paragraph, however.)
> >
> >
> > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> > for more information about IESG DISCUSS and COMMENT positions.
> >
> >
> > The document, along with other ballot positions, can be found here:
> > https://datatracker.ietf.org/doc/draft-ietf-bfd-multipoint/
> >
> >
> >
> > ----------------------------------------------------------------------
> > DISCUSS:
> > ----------------------------------------------------------------------
> >
> > Section 5.13('s subsections) of this document replace sections 6.8.6 and
> > 6.8.7 of RFC 5880.  I extracted the relevant text and performed a diff, and
> > think some discussion is needed of some portions present in RFC 5880 that
> > are not present in these new texts.  (The separation of the demultiplexing
> > procedure to a separate subsection is fine, though it does make the diff a
> > little nosier to read.)
> >
> > In particular, from RFC 5880 Section 6.8.6, the paragraph:
> >
> > %      If the Poll (P) bit is set, send a BFD Control packet to the
> > %      remote system with the Poll (P) bit clear, and the Final (F) bit
> > %      set (see section 6.8.7).
> >
> > Does not appear to have any corresponding text in this document.
> >
> GIM>> Thank you for catching this one! Without getting into the history,
> here's the new paragraph to be the next to the last para in section 5.13.1:
> 
>       If the Poll (P) bit is set, and bfd.SessionType is PointToPoint,
>       send a BFD Control packet to the remote system with the Poll (P)
>       bit clear, and the Final (F) bit set (see Section 5.13.3).

A natural translation to the new world order.

> 
> >
> > >From RFC 5880 Section 6.8.7, the first four paragraphs (too long for me to
> > include here) do not appear to have their substance covered in this
> > document, either (largely discussion about the pacing of BFD Control
> > packets and jitter in their scheduling).
> >
> > Section 5.13.3's text now only covers how to set Min Echo Rx Interval
> > for MultipointHead and MultiplintTail sessions, which seems to remove
> > guidance on how to set it for other session types.
> >
> > While it is permissible for a document that Updates another document to
> > perform this sort of deprecation of behavior, it is potentially confusing
> > for implementors to do so without mentioning the change in behavior.
> >
> 
> GIM>> Thank you for pointing to these absent paragraphs. Some of
> information being provided in the section but some, I agree, is not part of
> the section. That information helps to understand packet transmission
> timing and how it affects defect detection interval.
> 
> The forth paragraphs of section 6.8.7 RFC 5880:
> 
>    The transmit interval MUST be recalculated whenever
>    bfd.DesiredMinTxInterval changes, or whenever bfd.RemoteMinRxInterval
>    changes, and is equal to the greater of those two values.  See
>    sections 6.8.2 and 6.8.3 for details on transmit timers.
> 
> used in section 5.13.3 of mpBFD specification:
>    If bfd.SessionType is not MultipointHead, the transmit interval MUST
>    be recalculated whenever bfd.DesiredMinTxInterval changes, or
>    whenever bfd.RemoteMinRxInterval changes, and is equal to the greater
>    of those two values.  See [RFC5880] sections 6.8.2 and 6.8.3 for
>    details on transmit timers.
> 
> The first three paragraphs that are missing and I propose to use them as-is
> in RFC 5880 to replace the second paragraph of mpBFD spec (new version and
> diff attached).

That works for me.

> 
> >
> > Separately, I wonder if it is appropriate to Update RFC 7880 as well as
> > 5880, given (e.g.) Section 5.4.1.
> >
> GIM>> mpBFD specification adds new values to a variable defined in RFC 7880
> but does not change anything specified in RFC 7880. I'm not sure that this
> relationship between the RFC 7880 and mpBFD can be characterized as the
> latter updating the former.

I'm not sure, either.  The case for Updating would mostly just be that
someone implementing 7880 would want to know if they see new/unexpected
values on their peer (and I've forgotten if this one is even wire-visible).

> >
> > I also think that Section 6 should describe more clearly how asymmetric
> > message authentication relates to this work (i.e., whether it is entirely
> > incompatible with BFD or does it merely require additional specification).
> >
> GIM>> I believe it requires additional specification, i.e. outside the
> scope and for future work.

Okay.  Do you want to add something like ", but integrating such
authentication mechanisms with BFD is outside the scope of the present
work"?
[edit: I see you did add something; that works for me]

> >
> >
> > ----------------------------------------------------------------------
> > COMMENT:
> > ----------------------------------------------------------------------
> >
> > I am told that the normal usage of the bare term "BFD" has the connotation
> > of refering only to usages in an IP/UDP/MPLS encapsulation (exclusing
> > pseudowires and other more "exotic" encapsulations), so I am not including
> > this in my DISCUSS section.  However, it seems unusual to limit the scope
> > of a document in some "random" subsection (here, Section 5.8) with no
> > mention in the general Introduction or Abstract.  Is there an improvement
> > to make here?
> >
> GIM>> I see the scope of this specification similar to RFC 5880, in which
> there's no discussion of how BFD Control packet must be encapsulated. For
> "classic" BFD, encapsulation addressed in RFC 5881, RFC 5883, RFC 5884, and
> RFC 5885. Non-IP encapsulation for MPLS-TP defined in RFC 6428.

My question is entirely about the current connotations of a term in a
community where I am not active, so I really have to leave this question to
be answered by the authors/WG.

> >
> > Section 4
> >
> >    [...] If no
> >    BFD Control packets are received by a tail for a detection time, the
> >    tail declares the path to having failed.  For some applications this
> >    is the only mechanism necessary; the head can remain ignorant of the
> >    tails.
> >
> > It sounds like this might be better said as "the head can remain ignorant
> > of the status of connectivity to the tails"?  (That is, the head needs to
> > know at least something about the tails in order to send anything to them,
> > so it is not fully ignorant.)
> >
> GIM>> Thank you for text, accepted.
> 
> >
> >    The head of a multipoint BFD session may wish to be alerted to the
> >    tails' connectivity (or lack thereof).  Details of how the head keeps
> >    track of tails and how tails alert their connectivity to the head are
> >    outside scope of this document and are discussed in
> >    [I-D.ietf-bfd-multipoint-active-tail].
> >
> > nit: "outside the scope"
> >
> GIM>> Thanks, done.
> 
> >
> > Section 5.7
> >
> > It's a little unclear to me why tails must demultiplex on the identity of
> > the
> > multipoint path; (that is, why My Discriminator isinsufficient).
> > Presumably this is just a failing on my end, of course.
> >
> GIM>> The value of My Discriminator is locally assigned, i.e., assigned by
> the head. Unless some system manages discriminator ranges amond heads, it
> is probable that more than one use the same My Discriminator value.

I was probably assuming that the discriminators were random values; thanks
for clarifying.

> >
> >    [...] Bootstrapping BFD session to multipoint MPLS LSP in
> >    case of penultimate hop popping may use control plane, e.g., as
> >    described in [I-D.ietf-bess-mvpn-fast-failover], and is outside the
> >    scope of this document.
> >
> > nit: some articles are missing here; maybe "a BFD session", "in the case
> > of", and "the control plane".
> >
> GIM>> More thanks, all accepted.
> 
> >
> > Section 5.12.2
> >
> >    MultipointTail sessions MAY be destroyed immediately upon leaving Up
> >    state, since tail will transmit no packets.
> >
> >    Otherwise, MultipointTail sessions SHOULD be maintained as long as
> >    BFD Control packets are being received by it (which by definition
> >    will indicate that the head is not Up).
> >
> > Would it be more clear to say "indicate that the head is not Up yet" to
> > distinguish from the case in the first paragraph (where a non-Up state
> > *transition*
> >
> GIM>> I think that the two paragraphs correctly describe behavior options
> for a MultipointTail session when it receives BFD Control packet with
> Down/AdminDown state. The tail MAY close the session upon recieving packet
> with Down/AdminDown state. The second para is related to section 5.12.1
> that the MultipointHead SHOULD continue transmitting BFD control packets
> with the new state, i.e., Down/AdminDown state.

I also agree that the paragraphs are correct behavior descriptions -- the
combination just made me do a double-take when I first read it.  But this
is basically editorial, so use your judgment.

> Section 8
> >
> > It may be appropriate to make stronger statements about the weakness of MD5
> > than were valid at the time of 5880's publication.  (SHA1 is also not doing
> > so great, but I won't block this work on updating the hash function
> > options.)
> >
> > It would be good to either refer to the bit about shared keys in Section 6
> > or just move it to this section entirely.
> >
> GIM>> Merged sections 6 and 8 under Security Considerations.

That combination seems to work pretty well.  (Full draft text trimmed.)

Thanks!

-Benjamin