Re: [spring] WGLC for https://datatracker.ietf.org/doc/draft-ietf-spring-mpls-path-segment/

[Weiqiang Cheng <chengweiqiang@chinamobile.com>]

Hi Dhruv,

Thanks for your comments.

Looks good and we will update the text with your proposal.

 

B.R.

Weiqiang Cheng

 

发件人: spring [mailto:spring-bounces@ietf.org] 代表 Dhruv Dhody
发送时间: 2021年8月16日 13:32
收件人: Weiqiang Cheng
抄送: James Guichard; spring@ietf.org; spring-chairs@ietf.org
主题: Re: [spring] WGLC for https://datatracker.ietf.org/doc/draft-ietf-spring-mpls-path-segment/

 

Thanks Weiqiang for handling my comments! 

 

Here is the first attempt for enhancing the security consideration section (for you to consider) - 

OLD:

   This document does not introduce additional security requirements and
   mechanisms other than the ones described in [RFC8402].

NEW: 

   Path Segment in SR-MPLS does not introduce any new behavior or any 
   change in the way the MPLS data plane works. Section 8.1 of [RFC8402]
   describe the security consideration for SR-MPLS. 

   Path segment is additional metadata that is added to the packet 
   consisting of the SR path. An attacker could exploit path segment to 
   manipulate the accounting of SR traffic at the egress. Path segment 
   could also be used to monitor traffic patterns for the E2E paths. 
   The control protocols used to allocate path segments could also be 
   exploited to disseminate incorrect path segment information. Note 
   that, the path segment is imposed at the ingress and removed at the 
   egress boundary and is not leaked out of the administered domain.

END

 

Thanks! 

Dhruv

 

On Mon, Aug 16, 2021 at 8:03 AM Weiqiang Cheng <chengweiqiang@chinamobile.com> wrote:

Hi Dhruv,

Thanks a lot.

Comments are never late. 

Responses are in-line

 

B.R.

Weiqiang Cheng

 

 

发件人: spring [mailto:spring-bounces@ietf.org] 代表 Dhruv Dhody
发送时间: 2021年8月12日 01:56
收件人: James Guichard
抄送: spring@ietf.org; spring-chairs@ietf.org
主题: Re: [spring] WGLC for https://datatracker.ietf.org/doc/draft-ietf-spring-mpls-path-segment/

 

Hi,

I support the WGLC for draft-ietf-spring-mpls-path-segment. Please find my “late” comments. Hope they are still useful.


Minor


*	Section 2

*	The below text requires some more explanation

The Path Segment may be used to identify an SR-MPLS Policy, its Candidate-Path (CP), or a SID List (SL)

*	The document says Path Segment “uniquely identify an SR path”, so how does that apply to SR policy/CP (which can have multiple paths) needs to be explicit.

[Weiqiang] The term of “SR path” used in this document is a general term that can be used to describe a SR policy, a Candidate-Path, or a SID List. So how about updating the 2nd paragraph with the following text:

“The term of SR path used in this document is a general term that can be used to describe a SR Policy, a Candidate-Path (CP), or a SID List (SL) [I-D.ietf-spring-segment-routing-policy]. Therefore, the Path Segment may be used to identify an SR Policy, its CP, or a SL terminating on an egress node depending on the use-case.”

*	Section 2

*	This text

Normally, the intermediate nodes will not see the Path Segment label
and do not know how to process it. A Path Segment presenting to an
intermediate node is an error condition.

*	Path segment is just another label with no special marking, and since it is from the egress label space it is possible that the same label is used by the transit node for some other purpose. Not sure about “do not know how to process it”, is there a better way to frame this?

[Weiqiang] Maybe the simplest way to fix it is just to remove the “do not know how to process it” text, for example as below:

“Normally, the intermediate nodes will not see the Path Segment label. A Path Segment presenting to an intermediate node is an error condition.”

*	Section 8

*	This needs to be expanded. The path segment does carry a label in the packet that can be used to identify the flows that are using a particular path. The path segment in the control plane could also be exploited for incorrect correlation between paths.

[Weiqiang]

Sure, we will try to expand it a bit.

And if there is some suggestion text, that will be great.


Nits


*	Add references in the terminology section 1.2
*	Add references for SRLB/SRGB [RFC8402]
*	Section 2

*	s/SR-MPLS Policy/SR Policy/

*	Section 3

*	s/Path Computation Element Protocol (PCEP)/Path Computation Element Communication Protocol (PCEP)/

*	Section 5

*	s/[I-D.gandhi-mpls-ioam-sr]/[I-D.gandhi-mpls-ioam]
*	s/[I-D.gandhi-spring-stamp-srpm]/[I-D.ietf-spring-stamp-srpm]

[Weiqiang] Will fix the above nits in the revision.

 

 

Thanks!
Dhruv

 

On Wed, Jul 7, 2021 at 9:19 PM James Guichard <james.n.guichard@futurewei.com> wrote:

Dear WG:

 

This email starts a 2 week Working Group Last Call for draft-ietf-spring-mpls-path-segment [1].

 

Please read this document if you haven’t read the most recent version and send your comments to the SPRING WG list no later than July 21st 2021. 

 

If you are raising a point which you expect will be specifically debated on the mailing list, consider using a specific email/thread for this point.

 

Lastly, if you are an author or contributor please response to indicate whether you know of any undisclosed IPR related to this document. 

 

Thanks!

 

Jim, Joel & Bruno

 

[1] https://datatracker.ietf.org/doc/draft-ietf-spring-mpls-path-segment/

 

 

 

 

_______________________________________________
spring mailing list
spring@ietf.org
https://www.ietf.org/mailman/listinfo/spring

_______________________________________________
spring mailing list
spring@ietf.org
https://www.ietf.org/mailman/listinfo/spring