Re: [secdir] SECDIR review of draft-ietf-l2vpn-vpls-inter-domain-redundancy-05
Lizhong Jin <lizho.jin@gmail.com> Thu, 17 April 2014 16:17 UTC
Return-Path: <lizho.jin@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50E971A0144 for <secdir@ietfa.amsl.com>; Thu, 17 Apr 2014 09:17:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OsF7emtM_GN4 for <secdir@ietfa.amsl.com>; Thu, 17 Apr 2014 09:17:17 -0700 (PDT)
Received: from mail-ie0-x231.google.com (mail-ie0-x231.google.com [IPv6:2607:f8b0:4001:c03::231]) by ietfa.amsl.com (Postfix) with ESMTP id A6E651A00FB for <secdir@ietf.org>; Thu, 17 Apr 2014 09:17:17 -0700 (PDT)
Received: by mail-ie0-f177.google.com with SMTP id rl12so552748iec.8 for <secdir@ietf.org>; Thu, 17 Apr 2014 09:17:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=dOoTnT3jIRZyXAutwjmBJDF8nnWvYRA+yrqmcsr4frc=; b=Qw52HYqrX9EjZhHtohJ6bb93hXhnF1ct5NCY8J8v1ZZMw1EF49ZKD4rlO2yocVViTM nIGDJXZBnnqYTIW4M9ejI1k3Y+bM0833pZ7eOJfovkr0qVEyWfGl8exvl/Es0G183SvY r5kzYoM8AYnxUEOpKT/12HiwMCaNXvDs7rGfEu10h9LLkcVuXVnnWzVENop1ajI6y+Mx 7FnYqRnHb+rllQunDpugGsEte8VZ1Zbf/Nu2+2TjQqq5rQh+L8P4aYDcn/+h2AlsEz0J ahknkDTPw/fZIo4g9s4CQxD7VSnh09IMfc8g+dGdNfSg8g+f3Uq1slk7Ov4lhzDNu8/y aZWg==
MIME-Version: 1.0
X-Received: by 10.42.226.8 with SMTP id iu8mr10452971icb.7.1397751434011; Thu, 17 Apr 2014 09:17:14 -0700 (PDT)
Received: by 10.42.95.208 with HTTP; Thu, 17 Apr 2014 09:17:13 -0700 (PDT)
In-Reply-To: <042701cf5a4c$15938f00$40baad00$@olddog.co.uk>
References: <534D9EF6.4060106@bbn.com> <534ea310.ea42420a.3358.1b44@mx.google.com> <534FDD4E.10708@bbn.com> <042701cf5a4c$15938f00$40baad00$@olddog.co.uk>
Date: Fri, 18 Apr 2014 00:17:13 +0800
Message-ID: <CAH==cJxiidpZSUr9y2U-4AyvkbFbv6ap0avKPEhymxNrVVCt-w@mail.gmail.com>
From: Lizhong Jin <lizho.jin@gmail.com>
To: "adrian@olddog.co.uk" <adrian@olddog.co.uk>
Content-Type: multipart/alternative; boundary="001a11c30f9eb5740504f73f5db8"
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/iLzOSHUihuHTVHv_ffWFaTQjeAE
Cc: "giheron@cisco.com" <giheron@cisco.com>, secdir <secdir@ietf.org>, "zhliu@gsta.com" <zhliu@gsta.com>, "chen.ran@zte.com.cn" <chen.ran@zte.com.cn>, "dcai@cisco.com" <dcai@cisco.com>, "nabil.n.bitar@verizon.com" <nabil.n.bitar@verizon.com>, "ssalam@cisco.com" <ssalam@cisco.com>
Subject: Re: [secdir] SECDIR review of draft-ietf-l2vpn-vpls-inter-domain-redundancy-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Apr 2014 16:17:22 -0000
Hi Adrian, OK with the proposal. Thanks. Regards Lizhong On Thursday, April 17, 2014, Adrian Farrel <adrian@olddog.co.uk> wrote: > Hello, > > Just pitching in on one of the points... > > >>> Section 5 ends with a curious statement: > >>> > >>> There are two PW redundancy modes defined in [RFC6870]: > >>> Independent mode and Master/Slave mode. For the inter- > >>> domain four-PW scenario, it is required for PEs to ensure > >>> that the same mode is supported on the two ICCP peers in > >>> the same RG. One method to ensure mode consistency is by > >>> manual operation. Other methods are also possible and are > >>> out of the scope of this document. > >>> > >>> This says that two ASes have to ensure that both employ the > >>> same redundancy mode choice, notes that they can verify > >>> this manually, and that says there are other options to meet > >>> this requirement, but provides no description of the other > >>> options. Not very useful. > >> > >> [Lizhong] I think the text is OK. If you insist, I could remove. > > > > the text is not OK, because its states that there are multiple > > ways to ensure consistency, but identifies only one. > > We had a bit of a go at this text during AD review, and I may be > responsible for > it getting into this state. > > Previously the document just said that it was required for PEs to ensure > the > same mode was in use. I insisted that some description of how this was > done was > added. I don't consider manual operation to be a very good solution > (because of > the likely errors that will arise), but it is undoubtedly *a* solution. > > I don't believe the current text says that there exist other ways of > meeting the > requirement. The text uses the word "other methods are also possible" > which is > inevitably true. Yet it is also the authors' contention that so long as *a* > method has been provided, other methods can be out of scope of this > document (I > am sure they would be happy for people to invent new mechanisms, it's just > that > they don't feel the need). > > So, "not very useful", but not false or misleading. > > We could probably dilute the text to read: > > There are two PW redundancy modes defined in [RFC6870]: > Independent mode and Master/Slave mode. For the inter- > domain four-PW scenario, it is required for PEs to ensure > that the same mode is supported on the two ICCP peers in > the same RG. This can be achieved using manual configuration > at the ICCP peers. Other methods for ensuring consistency are > out of the scope of this document. > > Thanks to you both for the work. > > Adrian > >
- [secdir] SECDIR review of draft-ietf-l2vpn-vpls-i… Stephen Kent
- Re: [secdir] SECDIR review of draft-ietf-l2vpn-vp… Lizhong Jin
- Re: [secdir] SECDIR review of draft-ietf-l2vpn-vp… Stephen Kent
- Re: [secdir] SECDIR review of draft-ietf-l2vpn-vp… Adrian Farrel
- Re: [secdir] SECDIR review of draft-ietf-l2vpn-vp… Lizhong Jin
- Re: [secdir] SECDIR review of draft-ietf-l2vpn-vp… Lizhong Jin
- Re: [secdir] SECDIR review of draft-ietf-l2vpn-vp… Lizhong Jin
- Re: [secdir] SECDIR review of draft-ietf-l2vpn-vp… Stephen Kent