Re: [Technical Errata Reported] RFC5884 (5085)

Greg Mirsky <gregimirsky@gmail.com> Mon, 14 August 2017 18:12 UTC

Return-Path: <gregimirsky@gmail.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 579871323C0; Mon, 14 Aug 2017 11:12:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6ZyVj-JqvBSA; Mon, 14 Aug 2017 11:11:58 -0700 (PDT)
Received: from mail-lf0-x236.google.com (mail-lf0-x236.google.com [IPv6:2a00:1450:4010:c07::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59B171323C8; Mon, 14 Aug 2017 11:11:58 -0700 (PDT)
Received: by mail-lf0-x236.google.com with SMTP id o85so42978056lff.3; Mon, 14 Aug 2017 11:11:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8O0EH2c5jjVKFuK4NfSsGQ1KyEr5v/VWH7NdcSSBjk0=; b=TUl9qQ/xO9401U7iKdp74C5Boq9Bm/iWGz1SZpeV3N+bFMBGnMCSHicnn9TGBluLTW 61XJ9PxjHOkHjWX2tT2knMGhK08q+mtpqIxLWXvG7mgcbUqWCtVMqoULeFYdXMecPbb7 L5qkfHxWRfxRy50oYSoyUNoDFIiyMWeK7pMH/p6QYktmmogcFtRstYoW+3WWYhaH6HAn qt34PBN56SYi90pPk1gtAlDt9nwtr5mlhisLjB6J8zt6mOyJ25TVuS25RxVDsrSkIBar 5eevrUGGBXL6QD3CMyiyUH4nGzkG4NNSfAW4ik4SvpzSBGbmHDeHyMIDKELYO48GcEbS C6/g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8O0EH2c5jjVKFuK4NfSsGQ1KyEr5v/VWH7NdcSSBjk0=; b=KfwBmanPIGxJAlphBZ9XUDJa1XjR/+i1sqpG2bqNFwHe9gVSlRTR6Aewn4k865xLJV Sb6HDpw4/uVflF40dpMwUg6Mmcu6lIVAn+Wjdpl5HFqvDJ0/7wW1MP1HQpKlZUXbiOuo KB3LT2EeCLrXANgBLAniWIf2nFPlvktG3zYYhZtI1HGTA/CV+I8cfKkl/OhyFlspASec vYqEZUlPkRYVQqFaRcS4hbC4efsSGQhWe80aiWDq6VFqsVrF5JE4EvRQ9vHSu2pfvG+U 9/qiG8oqiJShgxonhR/r55h+c1Ck+rXoUOQ6CTX2t+TNsauryqlN7zw9Yl1AvUgsXbR4 kxeA==
X-Gm-Message-State: AHYfb5jEA2z0O2HKWL3esBL3Wkayjkrn6JkuJcMfO7BkpWFRb/4rkA54 JMcMKp0FWZtQuMpAtY+vtFS1MjGMSw==
X-Received: by 10.46.76.18 with SMTP id z18mr8331497lja.111.1502734316504; Mon, 14 Aug 2017 11:11:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.46.88.81 with HTTP; Mon, 14 Aug 2017 11:11:55 -0700 (PDT)
In-Reply-To: <E2844FE2-9C88-4410-A7A2-7F8AE0567E78@cisco.com>
References: <20170811053550.27303B81263@rfc-editor.org> <20170811173930.GJ24942@pfrc.org> <E2844FE2-9C88-4410-A7A2-7F8AE0567E78@cisco.com>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Mon, 14 Aug 2017 11:11:55 -0700
Message-ID: <CA+RyBmU13-Ba2mDROiWtV4Aai_rtZDZ7PzEK0GGgE+ESa9JTNQ@mail.gmail.com>
Subject: Re: [Technical Errata Reported] RFC5884 (5085)
To: "Carlos Pignataro (cpignata)" <cpignata@cisco.com>
Cc: Jeff Haas <jhaas@pfrc.org>, "Kireeti Kompella (kireeti@juniper.net)" <kireeti@juniper.net>, Tom Nadeau <tnadeau@lucidvision.com>, "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>, "Reshad Rahman (rrahman)" <rrahman@cisco.com>, Alia Atlas <akatlas@gmail.com>, "mpls@ietf.org" <mpls@ietf.org>
Content-Type: multipart/alternative; boundary="f403045e9d24208d970556ba99e4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/LQtzpncvPuwHwVV1_kW8cnfgnEQ>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Aug 2017 18:12:01 -0000

Hi Carlos,
thank you for sharing your view on how LSP Echo request with BFD
Discriminator used to bootstrap a BFD session over MPLS LSP. I'm surprised
that you refer to RFC 8029 as normative reference when commenting on RFC
5884. But even if we look into RFC 8029, it still has the same texts I've
quoted in the previous note that suggest that echo reply is optional.
Consider one of them "The Sender's Handle is filled in by the sender and
returned unchanged by the receiver in the echo reply (if any)." Though
English is my third language, I interpret "if any" in that sentence as
clear indication that the echo reply may not be sent ever.

Regards,
Greg

On Fri, Aug 11, 2017 at 7:45 PM, Carlos Pignataro (cpignata) <
cpignata@cisco.com>; wrote:

> Jeff, WG,
>
> I believe there is one additional consideration — please see inline.
>
> On Aug 11, 2017, at 1:39 PM, Jeffrey Haas <jhaas@pfrc.org>; wrote:
>
> [Note that I have adjusted the addresses in the headers to try to catch the
> RFC authors' current accounts.]
>
>
> The 5884 interop issue keeps bubbling up.  Balaji submitted an errata,
> which
> provides us with a good place to start technical discussion.
>
> Please note I also spent some time off-list discussing this errata with
> Balaji.
>
>
> On Thu, Aug 10, 2017 at 10:35:50PM -0700, RFC Errata System wrote:
>
> Section: 6
>
> Original Text
> -------------
> The egress LSR MAY respond with an LSP Ping Echo
> reply message that carries the local discriminator assigned by it for
> the BFD session.
>
> Corrected Text
> --------------
> The egress LSR MUST respond with an LSP Ping Echo reply message that
> MAY carry the local discriminator assigned by it for the BFD session.
>
>
> Notes
> -----
> It is not clear from the original text which of the following is optional:
>  -  The egress MUST send a reply, but the discriminator in the reply is
> optional
>  -  The reply itself is optional
>
> Technically, the reply cannot be optional, because the egress needs to
> report LSP-Ping verification status to the ingress.
>
>
> This is correct — but even more so, technically, it is not up to RFC 5884
> to define when an LSP-Ping reply is optional or not.
>
> That’s’ up to https://tools.ietf.org/html/rfc8029#section-4.4
>
> Lacking a Reply Mode set to "Do not reply" (https://tools.ietf.org/html/
> rfc8029#page-12) the RFC 8029 procedures dictate a response be sent,
> independent of whether the RFC 5884 procedures use that information or not.
>
> More below.
>
>
> The proposed text recommends to include BFD discriminator in the reply.
> This was the intent of the original text.
>
>
> My opinion follows:
>
> In section 6 -
>
> :    On receipt of the LSP Ping Echo request message, the egress LSR MUST
> :    send a BFD Control packet to the ingress LSR, if the validation of
> :    the FEC in the LSP Ping Echo request message succeeds.  This BFD
> :    Control packet MUST set the Your Discriminator field to the
> :    discriminator received from the ingress LSR in the LSP Ping Echo
> :    request message.  The egress LSR MAY respond with an LSP Ping Echo
> :    reply message that carries the local discriminator assigned by it for
> :    the BFD session.  The local discriminator assigned by the egress LSR
> :    MUST be used as the My Discriminator field in the BFD session packets
> :    sent by the egress LSR.
>
> In the text above, I consider it quite clear that the receipt of the BFD
> packet contains sufficient state to bring up the BFD session.  The receipt
> of the same Discriminator in the LSP Ping Echo Reply is optional.
>
> This makes sense partially because the reply may be dropped and we want the
> BFD session to come up as fast as possible.
>
>
> Yes, especially because the first sentence says that the egress sending a
> BFD Control packet implies FEC validation passed. However,
> https://tools.ietf.org/html/rfc8029#section-4.4 does more than FEC
> validation.
>
>
> The point of contention appears to be what to do if we *never* get such
> replies.  It's worth pointing out additional text in RFC 5884, section 3.2.
>
> :    Hence, BFD is used in conjunction with LSP Ping for MPLS LSP fault
> :    detection:
> :
> :       i) LSP Ping is used for bootstrapping the BFD session as described
> :          later in this document.
> :
> :      ii) BFD is used to exchange fault detection (i.e., BFD session)
> :          packets at the required detection interval.
> :
> :     iii) LSP Ping is used to periodically verify the control plane
> :          against the data plane by ensuring that the LSP is mapped to
> :          the same FEC, at the egress, as the ingress.
>
> iii above reminds us that the LSP may be torn down because LSP Ping fails.
> Thus, it seems problematic that we do not get a reply ever.
>
> However, with the BFD session in the Up state, we have information proving
> that the LSP is up.  Thus we have contradictory intent.
>
> ---
>
> My opinion is that the MAY in the RFC 5884 procedures is intended to have
> the BFD session come up by the most expedient means.  I do not believe the
> likely intent was to say "don't send Echo Reply".  Among other things, that
> seems contrary to the intent of the general LSP Ping procedures.
>
> Having given my personal observations, we now get to the business of the
> Working Group: Debating intent and related text.
>
>
> My individual opinion is that, as written, RFC 5884 cannot mean any other
> thing that “ The egress LSR MUST respond with an LSP Ping Echo reply
> message that
> MAY carry the local discriminator assigned by it for the BFD session”.
>
> In other words, I support this errata.
>
> This is because RFC 5884 did not update RFC 4379’s procedures. And thus a
> response is needed based on 8029 irregardless of whether 5884 uses it.
>
> That said, it is debatable whether that LSP Ping response is useful or
> not. If it is not sent, it does not comply to 8029. But if the WG wants for
> it to be not send, a new spec is needed.
>
> Thanks,
>
> -- Jeff
>
>
> —
> Carlos Pignataro, carlos@cisco.com
>
> *“Sometimes I use big words that I do not fully understand, to make myself
> sound more photosynthesis."*
>
>