IETF Logo Mail Archive

Re: Protecting SR policy midpoints (draft-bashandy-rtgwg-segment-routing-ti-lfa)

"Ahmed Bashandy (bashandy)" <bashandy@cisco.com> Tue, 28 November 2017 16:58 UTC

Return-Path: <bashandy@cisco.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B8C5126DED for <rtgwg@ietfa.amsl.com>; Tue, 28 Nov 2017 08:58:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.519
X-Spam-Level:
X-Spam-Status: No, score=-14.519 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2EX1BgWakWHS for <rtgwg@ietfa.amsl.com>; Tue, 28 Nov 2017 08:58:21 -0800 (PST)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AFA2128959 for <rtgwg@ietf.org>; Tue, 28 Nov 2017 08:58:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=26533; q=dns/txt; s=iport; t=1511888301; x=1513097901; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=NPzMMEw/dOFc8MwrCWyUZA+gmRaOnmPpFxTVZoz79Gc=; b=ElQGV6h3FFyOmbXy1kMhDSMstZZHlSUD+udjB/tJHnVkJM5ICRLtvRZ/ WbFLKYymiJQMogpZdaC2NzjbTkW7mSMVz2453rsG2tGXZRCLV3VNraNvq UgvmaZ1qA5PxgjYbkgrluXF8H/N6MQPditWCB2vQzoIItlXo+ymUDL9OP 4=;
X-IronPort-AV: E=Sophos; i="5.44,468,1505779200"; d="scan'208,217"; a="37485880"
Received: from alln-core-3.cisco.com ([173.36.13.136]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 28 Nov 2017 16:58:20 +0000
Received: from [10.24.73.105] ([10.24.73.105]) by alln-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id vASGwHjD027054; Tue, 28 Nov 2017 16:58:18 GMT
Message-ID: <5A1D95A9.9090507@cisco.com>
Date: Tue, 28 Nov 2017 08:58:17 -0800
From: "Ahmed Bashandy (bashandy)" <bashandy@cisco.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Robert Raszuk <robert@raszuk.net>
CC: Muthu Arul Mozhi Perumal <muthu.arul@gmail.com>, "sasha@axerra.com" <sasha@axerra.com>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: Protecting SR policy midpoints (draft-bashandy-rtgwg-segment-routing-ti-lfa)
References: <CAKz0y8wLYjkSO486w5WpSuDYV3Cjvgkv6887o9-Ky9o_ViWMrQ@mail.gmail.com> <210606893.1211556.1511362363266@mail.yahoo.com> <CAKz0y8xeYnqOjLxADVwndtOp8QQaPeQBiAO2TtnCi6pYfebONA@mail.gmail.com> <5A1D50E5.7030302@cisco.com> <CA+b+ER=saccjdB6+aKp+gObe97P7UWOtKTd3GT1eXb9vG8ewag@mail.gmail.com>
In-Reply-To: <CA+b+ER=saccjdB6+aKp+gObe97P7UWOtKTd3GT1eXb9vG8ewag@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------090905030708060800050704"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/_KSDP6LAF8702p0_Q8sLwsLz1PU>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Nov 2017 16:58:24 -0000

Thanks for the the feedback

The node "S" knows the SRGB and the adj-SIDs of the  neighboring node 
"F". Hence if the new top label is not within these two sets, then the 
node "S" will always be able to know that the node that failed is NOT a 
midpoint but rather an egress point failure

I will add a statement in the document to explain how a node can 
determine that a failure is a midpoint failure. I will also add a 
statement to indicate that if the node determines that the failure is 
not a midpoint failure then it may apply other protection techniques 
that are beyond the scope of this document or simply drop the packet and 
wait for normal protocol conversion.

Ahmed

On 11/28/2017 6:38 AM, Robert Raszuk wrote:
> Hi Ahmed,
>
> > - In a link-state envirnoment, node "S" knows the SRGB of node "F" as 
> well as all adjacency SIDs of node "F"
>
> What you say is all true, but the way I read the question of this 
> thread seems to be what happens in the cases where node S has no clue 
> of the new top label. Say it was controller imposed EPE label or worse 
> it is a VPN label.
>
> In the former EPE case the packet could still be "rescued" by picking 
> into IP header. After all EPE is just an optimization.
>
> However in the latter case where we are carrying L2 or L3 VPNs packet 
> header after the label stack may not help or may be even a security 
> issue if node S would start to make routing decision in global RIB 
> based on customer's space.
>
> So I think the point to document is what is the expected behavior of S 
> node in case of new top label is unknown. It is ok to say drop it, but 
> I think it needs to be clearly stated.
> Best,
> Robert
>
>
> On Tue, Nov 28, 2017 at 1:04 PM, Ahmed Bashandy (bashandy) 
> <bashandy@cisco.com <mailto:bashandy@cisco.com>> wrote:
>
>     Hi,
>
>     The behavior described in section 5.3 is clear:
>     - The top label of incoming packet to node "S" is either a prefix
>     SID owned by node "F" or an adjacency SID for (S,F)
>     - If the link from node "S" to node "F" is up, then the normal
>     behavior for node "S" is to apply penultimate hop popping (PHP).
>     HEnce node "S"  *pops* the top label and sends the packet to node "F"
>     - But if the link (S,F) is down and "S" is configured to do node
>     protection, then node "S" will still pop the top label. This will
>     promote the label right underneath the incoming label to become
>     the *top* label. Hence there is no need to peek into the label stack
>     - In a link-state envirnoment, node "S" knows the SRGB of node "F"
>     as well as all adjacency SIDs of node "F". Hence it can now
>     compare the new top label against the SRGB or the list of adj-SIDs
>     of the node "F"
>     - If the new top label is within the SRGB of node "F" or an
>     adj-SID of node "F", then node "S" applies the behavior described
>     in section 5.3.1 or section 5.3.2, respectively
>
>     The bottom line is that there is no need for any peeking into the
>     label stack. Just inspect the new top label
>
>     Thanks
>
>     Ahmed
>
>
>     On 11/23/2017 5:04 AM, Muthu Arul Mozhi Perumal wrote:
>>     My understanding is that draft wants to provide a solution for
>>     the problem where the active segment is a prefix/adjacency
>>     segment of the neighbor and the neighbor fails. A solution to
>>     this is possible only at a node that is enforcing the SR policy
>>     (consisting of the segment list). For a transit node, its data
>>     plane would have to peek into the label stack and determine the
>>     type of the segment/label following the active segment and act
>>     accordingly, which is not inline with the SR architecture which
>>     requires SR to work 'as is' on traditional MPLS data plane
>>
>>     ​ Muthu​
>>
>>     On Wed, Nov 22, 2017 at 8:22 PM, Alexander Vainshtein
>>     <vinesasha@yahoo.com <mailto:vinesasha@yahoo.com>> wrote:
>>
>>         Muthu and all,
>>         I do not see how the draft in quesrion us related to "SR Policy".
>>
>>         From my POV its scope is a SR LSP comprised of multiple Node
>>         SIDs within a single IGP domain, and it provides local fast
>>         protection against failure of a node that terminates one of
>>         the segments comprising this LSP. Pritection action is
>>         performed by the penultimate node.
>>
>>         My 2c.
>>
>>         Sent from Yahoo Mail on Android
>>         <https://overview.mail.yahoo.com/mobile/?.src=Android>
>>
>>             On Wed, Nov 22, 2017 at 3:27, Muthu Arul Mozhi Perumal
>>             <muthu.arul@gmail.com <mailto:muthu.arul@gmail.com>> wrote:
>>             Section 5.3
>>             of draft-bashandy-rtgwg-segment-routing-ti-lfa describes
>>             protecting SR policy midpoints against node failure for
>>             the case where the active segment is the prefix or
>>             adjacency segment of a neighbor.
>>
>>             I believe the steps described in the procedure is
>>             applicable only for a node steering packets into the SR
>>             policy. This could be an ingress PE steering IP packets
>>             into a SR-TE tunnel or an intermediate node steering
>>             labeled packets received with a BSID into a SR-TE tunnel
>>             identified by that BSID.
>>
>>             A transit node that has no idea about the SR policy
>>             itself is not expected to perform the procedure described
>>             in that section.
>>
>>             Is my understanding correct?
>>
>>             Regards,
>>             Muthu
>>             _______________________________________________
>>             rtgwg mailing list
>>             rtgwg@ietf.org <mailto:rtgwg@ietf.org>
>>             https://www.ietf.org/mailman/listinfo/rtgwg
>>             <https://www.ietf.org/mailman/listinfo/rtgwg>
>>
>>
>>
>>
>>     _______________________________________________
>>     rtgwg mailing list
>>     rtgwg@ietf.org  <mailto:rtgwg@ietf.org>
>>     https://www.ietf.org/mailman/listinfo/rtgwg  <https://www.ietf.org/mailman/listinfo/rtgwg>
>
>
>     _______________________________________________
>     rtgwg mailing list
>     rtgwg@ietf.org <mailto:rtgwg@ietf.org>
>     https://www.ietf.org/mailman/listinfo/rtgwg
>     <https://www.ietf.org/mailman/listinfo/rtgwg>
>
>

v2.23.0 | Report a Bug | By Email