IETF Logo Mail Archive

Re: Protecting SR policy midpoints (draft-bashandy-rtgwg-segment-routing-ti-lfa)

"Ahmed Bashandy (bashandy)" <bashandy@cisco.com> Tue, 28 November 2017 17:26 UTC

Return-Path: <bashandy@cisco.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA4D7126B6D for <rtgwg@ietfa.amsl.com>; Tue, 28 Nov 2017 09:26:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.519
X-Spam-Level:
X-Spam-Status: No, score=-14.519 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jjjX9XwiX3qd for <rtgwg@ietfa.amsl.com>; Tue, 28 Nov 2017 09:26:01 -0800 (PST)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47073124D85 for <rtgwg@ietf.org>; Tue, 28 Nov 2017 09:26:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=27712; q=dns/txt; s=iport; t=1511889961; x=1513099561; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=LnMG7IEfGCo7wNqnr5O8Vt3i1rC4VFkRC7rzBqvQZTM=; b=ZM3Pr/x5GCBJmpu0YIEcs21tglh8KhcIrdIfTos+SKPDDHJofDJ/JtEs tQHipVnCO6e2fI6TJtvyAiGSTlveMldFBVhD/bvu+Xjrdip9p0iXhwhOk hMF0agL3cE2iOUrSKsXGgYk4mWJnLo8R16lyDlmexXDVmj73hv7kg4D76 U=;
X-IronPort-AV: E=Sophos;i="5.44,468,1505779200"; d="scan'208,217";a="315587182"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 28 Nov 2017 17:26:00 +0000
Received: from [10.24.73.105] ([10.24.73.105]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id vASHPwUK031381; Tue, 28 Nov 2017 17:25:59 GMT
Message-ID: <5A1D9C25.1040808@cisco.com>
Date: Tue, 28 Nov 2017 09:25:57 -0800
From: "Ahmed Bashandy (bashandy)" <bashandy@cisco.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Muthu Arul Mozhi Perumal <muthu.arul@gmail.com>
CC: "sasha@axerra.com" <sasha@axerra.com>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: Protecting SR policy midpoints (draft-bashandy-rtgwg-segment-routing-ti-lfa)
References: <CAKz0y8wLYjkSO486w5WpSuDYV3Cjvgkv6887o9-Ky9o_ViWMrQ@mail.gmail.com> <210606893.1211556.1511362363266@mail.yahoo.com> <CAKz0y8xeYnqOjLxADVwndtOp8QQaPeQBiAO2TtnCi6pYfebONA@mail.gmail.com> <5A1D50E5.7030302@cisco.com> <CAKz0y8xsM975vAUj4PFf0Lpx=5R4_yyAkpyOsHMvWfhM-sgKJg@mail.gmail.com>
In-Reply-To: <CAKz0y8xsM975vAUj4PFf0Lpx=5R4_yyAkpyOsHMvWfhM-sgKJg@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------060405080008030403070808"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/JPuaAjyoxtQthfhbzBrnezPDS1g>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Nov 2017 17:26:05 -0000

Thanks for the feedback

See inline

Ahmed

On 11/28/2017 8:54 AM, Muthu Arul Mozhi Perumal wrote:
> On Tue, Nov 28, 2017 at 5:34 PM, Ahmed Bashandy (bashandy) 
> <bashandy@cisco.com <mailto:bashandy@cisco.com>>wrote:
>
>     Hi,
>
>     The behavior described in section 5.3 is clear:
>     - The top label of incoming packet to node "S" is either a prefix
>     SID owned by node "F" or an adjacency SID for (S,F)
>     - If the link from node "S" to node "F" is up, then the normal
>     behavior for node "S" is to apply penultimate hop popping (PHP).
>     HEnce node "S"  *pops* the top label and sends the packet to node "F"
>     - But if the link (S,F) is down and "S" is configured to do node
>     protection, then node "S" will still pop the top label. This will
>     promote the label right underneath the incoming label to become
>     the *top* label. Hence there is no need to peek into the label stack
>
>
> ​ What if the new top label is a BSID assigned from the SRLB of node F 
> or a BGP-LU or a VPN label assigned by node F?​
#Ahmed: I just replied to Robert. Let me put it here
The node "S" knows the SRGB and the adj-SIDs of the  neighboring node 
"F". Hence if the new top label is not within these two sets, then the 
node "S" will always be able to know that the node that failed is NOT a 
midpoint.
I will add a statement in the document to explain how a node can 
determine that a failure is a midpoint failure. I will also add a 
statement to indicate that if the node determines that the failure is 
not a midpoint failure then it may apply other protection techniques 
that are beyond the scope of this document or simply drop the packet and 
wait for normal protocol conversion.

>     - In a link-state envirnoment, node "S" knows the SRGB of node "F"
>     as well as all adjacency SIDs of node "F". Hence it can now
>     compare the new top label against the SRGB or the list of adj-SIDs
>     of the node "F"
>
>
> ​ What does "it" stand for in "it can now compare"?
"Ahmed: "It" refers to the node "S"
>
> ​ For the control plane to be able to compare it also needs to be 
> imposing the SR policy as I said earlier.
#Ahmed: There is no control plane comparison.
>
> Or is the MPLS data plane expected to do such a comparison on the fly?
#Ahmed: data plane is expected to do such comparison. It is not that 
difficult. Just make sure you have a good forwarding ASIC :)
>
>     - If the new top label is within the SRGB of node "F" or an
>     adj-SID of node "F", then node "S" applies the behavior described
>     in section 5.3.1 or section 5.3.2, respectively
>
>     The bottom line is that there is no need for any peeking into the
>     label stack. Just inspect the new top label
>
>
> ​ How is the MPLS data plane in a transit node expected to be 
> programmed to make this work?
#Ahmed: Implementation details that should become big problems for good 
forwarding ASICs :)
>
> Regards,
> Muthu ​
>
>     Thanks
>
>     Ahmed
>
>
>     On 11/23/2017 5:04 AM, Muthu Arul Mozhi Perumal wrote:
>>     My understanding is that draft wants to provide a solution for
>>     the problem where the active segment is a prefix/adjacency
>>     segment of the neighbor and the neighbor fails. A solution to
>>     this is possible only at a node that is enforcing the SR policy
>>     (consisting of the segment list). For a transit node, its data
>>     plane would have to peek into the label stack and determine the
>>     type of the segment/label following the active segment and act
>>     accordingly, which is not inline with the SR architecture which
>>     requires SR to work 'as is' on traditional MPLS data plane
>>
>>     ​ Muthu​
>>
>>     On Wed, Nov 22, 2017 at 8:22 PM, Alexander Vainshtein
>>     <vinesasha@yahoo.com <mailto:vinesasha@yahoo.com>> wrote:
>>
>>         Muthu and all,
>>         I do not see how the draft in quesrion us related to "SR Policy".
>>
>>         From my POV its scope is a SR LSP comprised of multiple Node
>>         SIDs within a single IGP domain, and it provides local fast
>>         protection against failure of a node that terminates one of
>>         the segments comprising this LSP. Pritection action is
>>         performed by the penultimate node.
>>
>>         My 2c.
>>
>>         Sent from Yahoo Mail on Android
>>         <https://overview.mail.yahoo.com/mobile/?.src=Android>
>>
>>             On Wed, Nov 22, 2017 at 3:27, Muthu Arul Mozhi Perumal
>>             <muthu.arul@gmail.com <mailto:muthu.arul@gmail.com>> wrote:
>>             Section 5.3
>>             of draft-bashandy-rtgwg-segment-routing-ti-lfa describes
>>             protecting SR policy midpoints against node failure for
>>             the case where the active segment is the prefix or
>>             adjacency segment of a neighbor.
>>
>>             I believe the steps described in the procedure is
>>             applicable only for a node steering packets into the SR
>>             policy. This could be an ingress PE steering IP packets
>>             into a SR-TE tunnel or an intermediate node steering
>>             labeled packets received with a BSID into a SR-TE tunnel
>>             identified by that BSID.
>>
>>             A transit node that has no idea about the SR policy
>>             itself is not expected to perform the procedure described
>>             in that section.
>>
>>             Is my understanding correct?
>>
>>             Regards,
>>             Muthu
>>             _______________________________________________
>>             rtgwg mailing list
>>             rtgwg@ietf.org <mailto:rtgwg@ietf.org>
>>             https://www.ietf.org/mailman/listinfo/rtgwg
>>             <https://www.ietf.org/mailman/listinfo/rtgwg>
>>
>>
>>
>>
>>     _______________________________________________
>>     rtgwg mailing list
>>     rtgwg@ietf.org  <mailto:rtgwg@ietf.org>
>>     https://www.ietf.org/mailman/listinfo/rtgwg  <https://www.ietf.org/mailman/listinfo/rtgwg>
>
>

v2.23.0 | Report a Bug | By Email