IETF Logo Mail Archive

Re: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding

bruno.decraene@orange.com Wed, 02 February 2022 13:26 UTC

Return-Path: <bruno.decraene@orange.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0668E3A0B25 for <spring@ietfa.amsl.com>; Wed, 2 Feb 2022 05:26:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KXTLOl2RwAAr for <spring@ietfa.amsl.com>; Wed, 2 Feb 2022 05:26:07 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77B633A0B30 for <spring@ietf.org>; Wed, 2 Feb 2022 05:26:06 -0800 (PST)
Received: from opfednr05.francetelecom.fr (unknown [xx.xx.xx.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by opfednr25.francetelecom.fr (ESMTP service) with ESMTPS id 4JpjHH0jW8zCrq3; Wed, 2 Feb 2022 14:26:03 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1643808363; bh=oBfQQq/GBUL+8PIagYiT320dNIEheVuv+Dbkz3kkFyE=; h=From:To:Subject:Date:Message-ID:Content-Type:MIME-Version; b=ZjBRdtP9gbfAJNVaI8h/SMWHmdnL/3SQDA8M2LfvbCHh0HlZ6fCUsn0bfq/ObJv3V YgHyYJlpDf+i8D4fygR3F4M/QLgFzP+wWXJTQeCfgVZ6xqKwwHvDS0bo2/6yiMkiqA bI8GQlCGExQOE7gUwOmyZ6epV83gRfsAp74UdP53QGYKNgKkWHhdfpT8LVtnvzDk0A zqym1UkDZQ9XTyQdDpfCT8sBdCRrD06QsvOGPM6GC/cv9cSMJZqdMzk/9YjXUB7463 uBsaYO/2no+T6TuorLaWM4MazQNLibtnybEE4kOEsN4brmfx/iXHqUpakmjImWBZUJ 80BlwRxfYBELQ==
From: bruno.decraene@orange.com
To: "slitkows.ietf@gmail.com" <slitkows.ietf@gmail.com>, 'SPRING WG' <spring@ietf.org>, Huzhibo <huzhibo@huawei.com>
Thread-Topic: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding
Thread-Index: AQGTpp/eCb7f3S6vK91CLjLoEGPYdaz80BrggAwX/8A=
Date: Wed, 02 Feb 2022 13:26:02 +0000
Message-ID: <17040_1643808363_61FA866A_17040_245_14_bd3bfd409e6b45e38519a01045c163c9@orange.com>
References: <16511_1642069161_61DFFCA9_16511_109_5_57d3682191ff4ba0af62841fa9517ecb@orange.com> <069201d8120e$dff706a0$9fe513e0$@gmail.com>
In-Reply-To: <069201d8120e$dff706a0$9fe513e0$@gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Enabled=true; MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_SetDate=2022-02-02T13:26:00Z; MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Method=Standard; MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Name=Orange_restricted_external.2; MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20; MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_ContentBits=2
msip_label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_enabled: true
msip_label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_setdate: 2022-02-02T13:26:00Z
msip_label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_method: Standard
msip_label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_name: Orange_restricted_external.2
msip_label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_siteid: 90c7a20a-f34b-40bf-bc48-b9253b6f5d20
msip_label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_actionid: 3666c460-48b0-4ec3-9735-195e5ba5dfab
msip_label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_contentbits: 0
x-originating-ip: [10.115.26.52]
Content-Type: multipart/alternative; boundary="_000_bd3bfd409e6b45e38519a01045c163c9orangecom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/0VhSAawQbVvTS7bVLlMCXsS75aI>
Subject: Re: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Source Packet Routing in NetworkinG \(SPRING\)" <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Feb 2022 13:26:12 -0000

Hi authors of both documents, WG,

[Speaking as individual contributor.]

It's good to see technical discussions on the restoration of failed SIDs used by SR policy.


  1.  From a functional point of view, can we summarize the benefit to signal the node proxy capability?
e.g.
- drop the traffic earlier if the PLR does not support proxy capability. (helps with congestion)
- use another proxy off the shortest path (increase congestion but reduce loss)
- possibly help identifying the proxy (nominal is not in the reachable topology anymore)
...
Or agree on the absence of significant benefits?


  1.  draft-ietf-spring-node-protection-for-sr-te-paths

"If the Node-SID or Prefix-SID becomes
   unreachable, the event and resulting forwarding changes should not
   communicated to the forwarding planes on all configured routers
   (including PLRs for the failed node) until the hold-timer expires."


  *   It's not crystal clear to me how it would work in reality, so I would welcome more prescriptive text. In particular:
     *   "node failure" is not an IGP message. IGP nodes sees multiple "adjacency loss" messages which are not atomic and could be handled in multiple SPFs. Hence different nodes will freeze their FIB based on a different topology (link1 for some, link2 for others) leading to inconsistent routing and forwarding loops.
     *   How is the FIB modified in cases of consecutives IGP events? (freezed on hold topology may lead to drops, updating entries would need to be specified.
  *   On a side node, this text requires a global behavior of all IGP nodes. That seem a bit out of scope of a non-normative sentence, in an informational document, describing a local behavior on the PLR.




  1.  draft-hu-spring-segment-routing-proxy-forwarding
Rather than defining a new "Proxy Forwarding" capability in IGP why don't you use the existing Mirroring Segment (from RFC https://datatracker.ietf.org/doc/html/rfc8402#section-5.1) whose signaling is already standardized? https://datatracker.ietf.org/doc/html/rfc8667#section-2.4.1


  1.  What about the following solution:

  *   Use mirror SID
  *   Tunnel to the "proxy-forwarding" advertising mirror SID

I would see the following benefits:

  *   No new protocol extensions (cf "3)"
  *   Consistent routing in case of multiple SPFs (cf "2)")
  *   Benefit from the signaling of the proxy (cf "1)")

Thanks,
Regards,
--Bruno



Orange Restricted
From: slitkows.ietf@gmail.com <slitkows.ietf@gmail.com>
Sent: Tuesday, January 25, 2022 6:13 PM
To: DECRAENE Bruno INNOV/NET <bruno.decraene@orange.com>; 'SPRING WG' <spring@ietf.org>
Subject: RE: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding

Hi,

I'm NOT supporting this draft for the following reasons:


  1.  The WG already have a WG document which is dealing with this problem, I don't think that WG should come with multiple documents/solutions for the same solution space as it may just confuse the industry and create deployment issues as different vendors may pick different solutions.



  1.  Adding protocols extensions adds complexity in the solution without adding a strong value.



The document claims that "[I-D.ietf-spring-segment-protection-sr-te-paths] ... may not work for some cases such as some of nodes in the network not supporting this solution.". While this is true, the proposed solution in draft-hu-spring-segment-routing-proxy-forwarding has exactly the same caveat and requires all nodes in the network to support the solution.



Considering the following straight line network: A -B -C -D - E - F - G -H and an SR policy from A to H using SID_G, routers A to F have to support the extension to make the solution working, if one of the router doesn't support the extension, traffic will be dropped.



Then, there is no value compared to the timer-based solution of [I-D.ietf-spring-segment-protection-sr-te-paths]



Authors of draft-hu-spring-segment-routing-proxy-forwarding argued that G may have multiple upstream neighbors let's say F and F' and the solution allows for F' to support the extension while F may not support, so the solution will send the traffic to F'. Well yes, but this still requires all routers upstream to F' to support this extension and maybe F is on the path to F'. So, I don't think the argument is valid as it may possibly work tactically depending on the network topology when we look at a small portion of the network, but when we look at the whole network, operator will have to upgrade all their nodes to support the extension to ensure the benefit is there.



In addition, in term of traffic, forwarding traffic to a neighbor of the failed node which wasn't initially on the path, could lead to traffic congestion or high traffic peaks on links that were not sized to carry this traffic. We could easily expect some traffic tromboning, where traffic goes to this non-natural neighbor of the failed node and then goes back over some part of the same path before reaching the destination.



So these protocol extensions are bringing complexity for no value here.




  1.  Regarding BSID, I'm not fan of advertising BSIDs in IGP as there may be hundreds or thousands of BSID on a node which again will create a lot of burden in IGP. The proposed way will have to be discussed in LSR, not in SPRING (see next comment).


Note that [I-D.ietf-spring-segment-protection-sr-te-paths] could also work with BSIDs as long as BSID information of failed node is available in the control-plane of PLRs by whatever mechanism. I think this BSID handling is orthogonal to the proxy-forwarding controlplane behavior. The forwarding operations for BSID will have to be discussed more in details, we could not expect all HW to be able to do 3 or 4 lookups without any perf degradation.



  1.  The document is currently a bit borderline between SPRING and LSR as it talks in good details about IGP protocol extensions. If it's a SPRING doc, it should detail reqs for protocols but nothing beyond.



Brgds,

Stephane


From: spring <spring-bounces@ietf.org<mailto:spring-bounces@ietf.org>> On Behalf Of bruno.decraene@orange.com<mailto:bruno.decraene@orange.com>
Sent: jeudi 13 janvier 2022 11:19
To: SPRING WG <spring@ietf.org<mailto:spring@ietf.org>>
Subject: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding

Dear WG,

This message starts a 2 week WG adoption call, ending 27/01/2022, for draft-hu-spring-segment-routing-proxy-forwarding
https://datatracker.ietf.org/doc/draft-hu-spring-segment-routing-proxy-forwarding/

After review of the document please indicate support (or not) for WG adoption of the document to the mailing list.

Please also provide comments/reasons for your support (or lack thereof) as this is a stronger way to indicate your (non) support as this is not a vote.

If you are willing to work on or review the document, please state this explicitly. This gives the chairs an indication of the energy level of people in the working group willing to work on the document.

Thanks!
Bruno, Jim, Joel

_________________________________________________________________________________________________________________________



Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.



This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email