Re: Mirja Kühlewind's Discuss on draft-ietf-bfd-multipoint-18: (with DISCUSS)

"Mirja Kuehlewind (IETF)" <> Mon, 15 October 2018 11:59 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 121AF130E4A; Mon, 15 Oct 2018 04:59:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id PbJAlYyrMcUO; Mon, 15 Oct 2018 04:59:38 -0700 (PDT)
Received: from ( [IPv6:2a01:488:42:1000:50ed:8223::]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1EA0B130E43; Mon, 15 Oct 2018 04:59:38 -0700 (PDT)
Received: from ([2001:16b8:2cf2:5f00:d5fb:4cb1:2770:1150]); authenticated by running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) id 1gC1X1-0006JJ-IB; Mon, 15 Oct 2018 13:59:31 +0200
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Subject: Re: Mirja Kühlewind's Discuss on draft-ietf-bfd-multipoint-18: (with DISCUSS)
From: "Mirja Kuehlewind (IETF)" <>
In-Reply-To: <>
Date: Mon, 15 Oct 2018 13:59:30 +0200
Cc: The IESG <>,,,,
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <>
To: Martin Vigoureux <>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 15 Oct 2018 11:59:42 -0000

Hi Martin,

please see below.

> Am 05.10.2018 um 10:57 schrieb Martin Vigoureux <>:
> Hello Mirja,
> time has passed since the last exchanges on that. To reinitiate the discussion, I come back to your original points.
> Le 2018-07-03 à 20:31, Mirja Kühlewind a écrit :
>> Mirja Kühlewind has entered the following ballot position for
>> draft-ietf-bfd-multipoint-18: Discuss
>> When responding, please keep the subject line intact and reply to all
>> email addresses included in the To and CC lines. (Feel free to cut this
>> introductory paragraph, however.)
>> Please refer to
>> for more information about IESG DISCUSS and COMMENT positions.
>> The document, along with other ballot positions, can be found here:
>> ----------------------------------------------------------------------
>> ----------------------------------------------------------------------
>> This mechanism has the potentially to easily overload the network as there is
>> no handshake and therefore also no feedback mechanism (as already noted by the
>> TSV-ART review of Bob - Thanks!). Regarding the base spec in RFC5880, this
>> mechanism can only be used under certain constrains which should be clearly
>> stated in this doc, which are:
>> 1) See sec 6.8.1 of RFC5880:
>> "bfd.DesiredMinTxInterval
>>       [...] The actual
>>       interval is negotiated between the two systems.  This MUST be
>>       initialized to a value of at least one second (1,000,000
>>       microseconds) according to the rules described in section 6.8.3."
>> As there no negotiation in this spec, bfd.DesiredMinTxInterval MUST always be
>> at least one second. Actually RFC8085 even recommend 3 sec (see sec 3.1.3).
> There are two aspects to this.
> First, draft-ietf-bfd-multipoint is consistent with 5880 on the initialization. So I think we are on the safe side.
> Second, limiting a variable to only take certain values seems to me as being outside the scope of a protocol spec. We are touching there operational considerations.

I completely disagree. That’s what a spec is for. 

The point here is, that if you would want a smaller value, the network and system low gets higher and RFC8085 require congestion control. If no congested control is used or cannot be used, a lower value is not safe.

> If a user needs and wants to set a variable to a given value in a specific environment we can't forbid that. We can however raise his awareness on the potential consequences of a given choice.

You can enforce people implementing the spec correctly but you can specify the protocol correctly in order to make it safe to deploy it. If there are actual environment where a lower is safe to use that can be explicitly stated in the spec, however, if the talk about a part of the Internet (but not a data center or another separated, fully controlled environment) I don’t an exception is safe.

>> 2) See sec 7 of RFC 8085
>> "When BFD is used across multiple hops, a congestion control mechanism
>>    MUST be implemented, and when congestion is detected, the BFD
>>    implementation MUST reduce the amount of traffic it generates. "
>> As there is no feedback and therefore no congestion control, this spec can only
>> be used for one-hop scenarios and the TTL or Hop Count MUST be set to one.
> Rather than limiting the use cases of bfd-multipoint, I think we should set the same constraints than in base BFD spec.

One-hop is the constraint given in the base spec.

>> 3) Also given the traffic load multipoint BFD generates depends on the number
>> of active session, and there is no feedback mechanism, I recommend to also
>> limit the number of active session of MultipointHead type to a small number
>> (per link).
> x.  Operational Considerations
>   Use of BFD in multipoint networks, as specified in this document,
>   over multiple hops requires consideration of the mechanisms to react
>   to network congestion.  Requirements stated in Section 7 of the BFD
>   base specification [RFC5880] equally apply to BFD in multipoint
>   networks.
>   Furthermore, because a tail does not transmit any BFD Control packets
>   to the head of the BFD session, Min RX Interval cannot be used to
>   control the BFD packet transmission rate at the MultipointHead.  The
>   mechanism to control the load of BFD traffic MAY use BFD's
>   configuration interface to control BFD state variable
>   bfd.DesiredMinTxInterval. Details of the interface and the mechanism
>   itself are outside the scope of this document.
>   Also, enabling BFD in such environments should be done considering
>   the recommendations laid out in RFC 8085 [RFC8085].

In this case it is really not enough to say „please read RFC8085“. RFC8085 are consideration for the design of UDP based protocol and must be applied by the spec/protocol designer not the user.


> I really hope that to be ok for the document to move forward.
> Thank you
> -m