Re: [spring] WG adoption call for draft-hegde-spring-node-protection-for-sr-te-paths

[bruno.decraene@orange.com]

Hi Shraddha,

Thanks for your reply.
Please see inline [Bruno]  [/Bruno]

From: spring [mailto:spring-bounces@ietf.org] On Behalf Of Shraddha Hegde
Sent: Friday, September 11, 2020 1:43 PM
To: DECRAENE Bruno TGI/OLN <bruno.decraene@orange.com>; draft-hegde-spring-node-protection-for-sr-te-paths@ietf.org
Cc: spring@ietf.org
Subject: Re: [spring] WG adoption call for draft-hegde-spring-node-protection-for-sr-te-paths

Hi Bruno,

Thanks for the review and comments.
Pls see inline for replies.



Juniper Business Use Only
From: bruno.decraene@orange.com<mailto:bruno.decraene@orange.com> <bruno.decraene@orange.com<mailto:bruno.decraene@orange.com>>
Sent: Wednesday, September 9, 2020 8:47 PM
To: draft-hegde-spring-node-protection-for-sr-te-paths@ietf.org<mailto:draft-hegde-spring-node-protection-for-sr-te-paths@ietf.org>
Cc: spring@ietf.org<mailto:spring@ietf.org>
Subject: RE: [spring] WG adoption call for draft-hegde-spring-node-protection-for-sr-te-paths

[External Email. Be cautious of content]

Hi authors, all,

As an individual contributor, I have two non-blocking comments.

1)      I feel that the terminology "node protection"  in the name of the draft could be misleading.


"Node Protection" is already used in [LFA] and [RLFA]. It refers to a property of the alternate path avoiding the next node on the path to the egress/destination. It does not change the destination/egress.
It looks to me that the function been proposed in the draft is more along [Egress Protection] which protects from the failure of the egress/destination, and hence do change the destination/egress. (full disclosure, I'm co-author of [Egress Protection] )

I think that both are different and that properties are different, hence using the same name is misleading.
In particular, in the first one, the destination/egress is unchanged and hence properties of the destination/egress is unchanged: no problem. While in the second case, a node (a 'protector' in [Egress Protection]) is claiming to provide a similar service, but possibly only a subset of the original services or without the stateful states). Cf some discussion on the mailing list along "How do I know that I can safely pretend that I'm the original destination?"


Personally I would propose to replace "Node Protection" by "Segment Protection" or "Segment Egress Protection" or "IGP Segment Egress Protection" since the proposal seem restricted to IGP knowledge.
<Shraddha> I agree that using the term node protection is confusing. I think that "segment protection" is the  right  term.
[Bruno] works for me.

  Using egress keyword may cause other confusions because term egress is used in egress protection RFCs to mean the egress nodes on which the services reside. In this draft the focus is on nodes that are not egresses.
[Bruno] Regarding the term "Egress", it looks to me that you're considering the position of the ingress (PE) which is well aware of the distinction between the service egress and the SR policy used to steer on a specific path. From a P/PLR standpoint, I'd argue that the P is forwarding based on the top label and for him, the destination for the label/FEC is the egress. This seem to match the definition from RFC 3031
  In other words, we can speak of the level m LSP for Packet P as the
   sequence of routers:
[...]
3. which ends (at an "LSP Egress") when a forwarding decision is
         made by label Switching on a level m-k label, where k>0

IOW, if there are N labels on a packet, there are N egresses.
https://tools.ietf.org/html/rfc3031#section-3.15

Regarding [Egress Protection] I agree that in general, the text could be read as only protecting a "service".
However I believe that it covers the case of hierarchical transport LSPs:
>From the abstract: "This document specifies a fast reroute framework for protecting IP/MPLS services and MPLS transport tunnels against egress node and egress link failures."
>From the introduction: "In MPLS networks, Label Switched Paths (LSPs) are widely used as transport tunnels to carry IP and MPLS services across MPLS domains. Examples of MPLS services are Layer 2 VPNs, Layer 3 VPNs, hierarchical LSPs, and others."
[/Bruno]


[LFA] https://tools.ietf.org/html/rfc5286<https://urldefense.com/v3/__https:/tools.ietf.org/html/rfc5286__;!!NEt6yMaO-gk!R3XqSiUA_cgf3gc_cZUjOGXAwIop0rKnceS8EvU9vxvgY_DVneweAP5Zs8bjDj_k$>
[RLFA node protection] https://tools.ietf.org/html/rfc8102<https://urldefense.com/v3/__https:/tools.ietf.org/html/rfc8102__;!!NEt6yMaO-gk!R3XqSiUA_cgf3gc_cZUjOGXAwIop0rKnceS8EvU9vxvgY_DVneweAP5ZszUA3CEW$>
[Egress Protection] https://tools.ietf.org/html/rfc8679<https://urldefense.com/v3/__https:/tools.ietf.org/html/rfc8679__;!!NEt6yMaO-gk!R3XqSiUA_cgf3gc_cZUjOGXAwIop0rKnceS8EvU9vxvgY_DVneweAP5ZswTcjaLe$>


2)      At best, the proposal ignores [Egress Protection]. At worst, the draft breaks [Egress Protection]

Both do not seem to co-operate.
<Shraddha> Actually, egress protection as defined in RFC 8679 works well with procedures defined in this draft. Section 3.4 briefly talks about this.
Initial versions of this draft had examples to describe how egress protection works in conjunction with procedures described in this draft.
Basically, egress protection described in RFC 8679 uses a context-id and context label. When the penultimate hop creates protection for the context-id routes
It follows the procedures described in RFC 8679 ( in conjunction with mirror-sid for SR networks). We also have a simplified version of RFC 8679 which uses anycast SIDs and static service labels
Described in draft-hegde-rtgwg-egress-protection-sr-network. This anycast based egress protection also works well with protection procedures described in this document.
I'll add a section with examples to describe this which can help clarify.
[Bruno] I did read section 3.4 but it just states that RFC 8679 "is applicable". May be adding a section with an example will help, thanks for this.
In the meantime, my concern is that:

-          §3.1 populates the contect label only with SR Prefix & Adjacency SIDs

-          A priori, during the lookup in a MPLS (context) table, if no match is found, the packet is dropped. https://tools.ietf.org/html/rfc3031#section-3.18
Hence my conclusion that the proposition would drop the service packet rather than sending it to a protector node as per RFC 8679.
[/Bruno]

The draft applies the egress protection even though it can only protections IGP segments/labels while [Egress Protection] would provide a much broader protection, including service (e.g. VPNs) protection. Hence it seems to break [Egress Protection] VPN service protection.
<Shraddha> No this draft does not break VPN service protection. I'll add detailed examples.

I would propose that the draft refers a bit more to [Egress Protection], uses its terminology if/when appropriate and then elaborate on the above issue. From a technical standpoint, I would propose to privilege the use of a (complete) Protector (as per [Egress Protection] ) if available.
<Shraddha> This draft makes use of looking up the second label in the stack for protection. It is different from protector based approach.
[Bruno] IMHO, conceptually this draft combines both the PLR (first packet lookup) and Protector (second packet lookup) on the same node.
That been said, RFC8679 is a large doc and relatively complex given the general scope that it is trying to achieve, hence making its reading mandatory would probably add complexity for little benefit. Yet, since you have a section dedicated on Egress Protection (§3.4) may be a better description of how both document interact may be useful. Up to you.
draft-hu-spring-segment-routing-proxy-forwarding Is more closer to protector based approach I think. It comes with an overhead of  configuring the
primary and proxy pairs for set of nodes.

Finally, as also raised by Zhibo, the scalability properties of the draft is not optimal, and in particular less optimal than [Egress Protection].
<Shraddha>I'll add some more text on scalability.  Section 5 of the draft proposes an optimisation to reduce scale.
[Bruno] ok, thanks.
[/Bruno]
Indeed, most of the work/states is on a Protector node (having the context mpls forwarding table). For a given failure, [Egress Protection] allows for a single Protector while this drafts requires N Protectors (one per neighbour). So more states in the network and on nodes. Also [Egress Protection] allows to distribute this load while the draft requires the PLR to handle the protection for all its neighbhors.
Since this draft restricts to IGP Segments, the scalability impact his limited but still exist.
(on the pro side, the draft avoids the additional transport cost/delay required to reach the Protector (since PLR and Protector are co-located)/
<Shraddha> Fair point. I would see the advantage of this draft is more from operational perspective since it does not require primary protector configs.
Enabling the feature with one single knob on the router will be good enough.
[Bruno] In addition, this draft is better in term of incremental deployment with incremental benefit as you have an incremental benefit with the first new node.
In some cases, it could be seen a providing a better delay/jitter as it does not add the extra path up to the protector. (but this is very deployment specific)
Thanks,
--Bruno
[/Bruno]

Regards,
Bruno


From: spring [mailto:spring-bounces@ietf.org] On Behalf Of bruno.decraene@orange.com<mailto:bruno.decraene@orange.com>
Sent: Thursday, July 30, 2020 2:25 PM
To: spring@ietf.org<mailto:spring@ietf.org>
Cc: draft-hegde-spring-node-protection-for-sr-te-paths@ietf.org<mailto:draft-hegde-spring-node-protection-for-sr-te-paths@ietf.org>
Subject: [spring] WG adoption call for draft-hegde-spring-node-protection-for-sr-te-paths

Hi SPRING WG,

Authors of draft-hegde-spring-node-protection-for-sr-te-paths  [1] have asked for WG adoption.

Please indicate your support, comments, or objection, for adopting this draft as a working group item by August 20th 2020. (*)

Could those who are willing to work on this document, please notify the list. That gives us an indication of the energy level in the working group to work on this.

Thanks,
Regards,
Bruno, Jim, Joel

[1] https://tools.ietf.org/html/draft-hegde-spring-node-protection-for-sr-te-paths-07<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-hegde-spring-node-protection-for-sr-te-paths-07__;!!NEt6yMaO-gk!R3XqSiUA_cgf3gc_cZUjOGXAwIop0rKnceS8EvU9vxvgY_DVneweAP5ZsxQ-MBcB$>
(*) 3 weeks to account for the IETF meeting week and the august/summer period.


_________________________________________________________________________________________________________________________



Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.



This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.

_________________________________________________________________________________________________________________________



Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.



This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.