Re: [Teas] Benjamin Kaduk's No Objection on draft-ietf-teas-assoc-corouted-bidir-frr-06: (with COMMENT)

[Benjamin Kaduk <kaduk@mit.edu>]

On Fri, Oct 26, 2018 at 05:29:34PM +0000, Rakesh Gandhi (rgandhi) wrote:
> Hi Benjamin,
> 
> Thank you for the detailed review. Please see inline replies with <RG>…
> 
> On 2018-10-24, 11:12 PM, "Benjamin Kaduk" <kaduk@mit.edu> wrote:
> 
>     Benjamin Kaduk has entered the following ballot position for
>     draft-ietf-teas-assoc-corouted-bidir-frr-06: No Objection
>     
>     When responding, please keep the subject line intact and reply to all
>     email addresses included in the To and CC lines. (Feel free to cut this
>     introductory paragraph, however.)
>     
>     
>     Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
>     for more information about IESG DISCUSS and COMMENT positions.
>     
>     
>     The document, along with other ballot positions, can be found here:
>     https://datatracker.ietf.org/doc/draft-ietf-teas-assoc-corouted-bidir-frr/
>     
>     
>     
>     ----------------------------------------------------------------------
>     COMMENT:
>     ----------------------------------------------------------------------
>     
>     How does the unidirectional link failure logic and the revertive logic
>     interact?  That is, in the unidirectional failure case a node should be
>     detecting that there is a failure case and rerouting reverse traffic onto
>     the protection path to match the forward path.  But a node in the process
>     of reverting back on to the primary path (before its counterpart in the
>     other direction) would seem to observe the same packet/path behavior as in
>     the case of a unidirectional link failure.  Do we need to rely on the
>     flooding of link status information to differentiate between these cases?
> 
> <RG> The basic idea is as following: After FRR, RSVP messages are sent with modified “IPV4 tunnel sender address" in the SENDER_TEMPLATE Object of the protected LSP, this is how the receiving node knows if FRR has been triggered and it can use it to trigger co-route. After revertive back when the failure is repaired, the RSVP Path message SENDER_TEMPLATE is restored as before [RFC4090, Section 6.5.2], which can be then used by the receiving node to trigger revertive behavior.
> 
> <RG> Yes, flooding link status / topology database can be used for Global revertive behavior.

Okay, thanks for confirming.

> 
>     Are the state-keeping and resource consumption burdens large for the
>     midpoint nodes that now must correlate whether they see traffic on
>     original/protection paths for associated flows?  (E.g., Section 4.1.3's
>     "when it receives the un-modified RSVP path messages and traffic".)
>     It seems like it should just be a linear scaling factor at worst, with no
>     real path to an attack, but perhaps there are security considerations
>     relating to router capacity.
>    
> 
>     Section 2
>     
>        In packet transport networks, there are requirements where the
>        reverse LSP of a bidirectional LSP needs to follow the same path as
>        its forward LSP [RFC6373].  [...]
>     
>     Does this need a qualifier (e.g., "some packet transport networks" or
>     "there are sometimes requirements")?
> 
> <RG> Updated to “some packet transport networks”.
>     
>     
>     Section 3.2
>     
>        tunnel S (on path B-F-G-D) to reach downstream MP node D whereas the
>        upstream PLR node C reroute the protected reverse LSP2 traffic over
>        the bypass tunnel N (on path C-I-H-A) to reach the upstream MP node
>        A.  [...]
>     
>     nit: "reroutes"
> 
> <RG> Fixed.
>     
>     Section 4.1.1
>     
>        As shown in Figure 2, when using a node protection bypass tunnel with
>        protected co-routed LSPs, asymmetry of paths can occur in the forward
>        and reverse directions after a link failure [RFC8271].  In order to
>        restore co-routing, the downstream MP node D (acting as an upstream
>        PLR) SHOULD trigger the procedure to restore co-routing and reroute
>        the protected reverse LSP2 RSVP Path messages and traffic over the
>        bypass tunnel S (on path D-G-F-B) to the upstream MP node B upon
>     
>     Why is this only a SHOULD?
> 
> <RG> It is MUST to restore co-route. Updated.
> 
>     
>     Section 4.2
>     
>                                                             An endpoint node
>        MAY set the Extended Association ID to the value shown in Appendix A.
>     
>     The contents of Appendix A do not include a distinguished single value, but
>     rather a data structure, so I think that a phrase other than "to the
>     value" should be used.
> 
> <RG> Updated using suggestion from Adam Roach as: "... set the Extended Association ID to a value formatted according to the
> structure shown in Appendix A."

Excellent; thanks!

>        o  For double-sided provisioned bidirectional LSPs [RFC7551], both
>           endpoints need to ensure that the bidirectional LSP has a unique
>           Extended ASSOCIATION Object for each forward and reverse LSP pair
>           by selecting appropriate unique Extended Association IDs signaled
>           by them.
>     
>     How does this signalling/selection process get the two endpoints to agree
>     on the same value?
> 
> <RG> Added text: A controller can be used to provision unique Extended Association ID on both endpoints.  The procedure for selecting unique Extended Association ID is outside the scope of this document.  

Okay, thanks for adding the clarification.

-Benjamin

>     Appendix A
>     
>     (Again, "to the value" is not appropriate to describe the general format.
>     Perhaps, "to a value using the format".)
>     
> <RG> Updated as above.
> 
>     Please also explicitly describe the semantics of the "Reserved" field(s)
>     (i.e., set to zero on transmission and ignored on receipt).
>     
> <RG> Added.
> 
> Thanks,
> Rakesh
> 
>     
>     
>