Re: [Teas] Benjamin Kaduk's No Objection on draft-ietf-teas-assoc-corouted-bidir-frr-06: (with COMMENT)
"Rakesh Gandhi (rgandhi)" <rgandhi@cisco.com> Fri, 26 October 2018 17:29 UTC
Return-Path: <rgandhi@cisco.com>
X-Original-To: teas@ietfa.amsl.com
Delivered-To: teas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93FA5127133; Fri, 26 Oct 2018 10:29:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.971
X-Spam-Level:
X-Spam-Status: No, score=-14.971 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ya9b45qEudMR; Fri, 26 Oct 2018 10:29:36 -0700 (PDT)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19EF512870E; Fri, 26 Oct 2018 10:29:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7710; q=dns/txt; s=iport; t=1540574976; x=1541784576; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=RGt/U/Imx706vTNX1xonrtcTXEevxZc09p5ZVURwDPk=; b=cgMROT6f7Gbc2RF0jIqU3jmH8uRTyCzn/2kI5zQ8V7ZnZylPwazt8/4p dCxf+df8pqXBnYtDMGM8HRCuFcKesHuEf5VYpnxzMJ+6252Wcuid1Iw/G jWwyQlvjdeH8L7TjG4CkOwvhAc6tJ0Cw5lWMqPHxYQuFVR3RG+cBFtGFa k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AEAADwTdNb/4oNJK1jDgwBAQEBAQIBAQEBBwIBAQEBgVEFAQEBAQsBgVUvZn8oCoNriBiMGJkqFIFmCgEBASWERwIXgwEhNA0NAQMBAQIBAQJtHAyFOwYjEUUQAgEIGgImAgICMBUQAgQBDQWDIQGCAQ+mGYEuhD5AhRsFgQuIFYJIF4FBP4EQAScfgkyDGwIBAgGBKgESAR8HECECgkoxgiYCiHiWBwkChmeDH4Z3EgaBUoR3iXyMbYl+AhEUgSYdOEEjWBEIcBVlAYJBgk+ISoUEOm8BiwWBH4EfAQE
X-IronPort-AV: E=Sophos;i="5.54,428,1534809600"; d="scan'208";a="191533879"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Oct 2018 17:29:35 +0000
Received: from XCH-RCD-016.cisco.com (xch-rcd-016.cisco.com [173.37.102.26]) by alln-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id w9QHTZgf002655 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 26 Oct 2018 17:29:35 GMT
Received: from xch-aln-018.cisco.com (173.36.7.28) by XCH-RCD-016.cisco.com (173.37.102.26) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Fri, 26 Oct 2018 12:29:34 -0500
Received: from xch-aln-018.cisco.com ([173.36.7.28]) by XCH-ALN-018.cisco.com ([173.36.7.28]) with mapi id 15.00.1395.000; Fri, 26 Oct 2018 12:29:34 -0500
From: "Rakesh Gandhi (rgandhi)" <rgandhi@cisco.com>
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>
CC: "draft-ietf-teas-assoc-corouted-bidir-frr@ietf.org" <draft-ietf-teas-assoc-corouted-bidir-frr@ietf.org>, Vishnu Beeram <vishnupavan@gmail.com>, "teas-chairs@ietf.org" <teas-chairs@ietf.org>, "teas@ietf.org" <teas@ietf.org>
Thread-Topic: Benjamin Kaduk's No Objection on draft-ietf-teas-assoc-corouted-bidir-frr-06: (with COMMENT)
Thread-Index: AQHUbBCOnvGXh4ldeEuQo/D//L4THqUx24cA
Date: Fri, 26 Oct 2018 17:29:34 +0000
Message-ID: <EFBB1444-EA94-4C2A-ADCE-B7C695F2B194@cisco.com>
References: <154043714468.6859.14289090911132674656.idtracker@ietfa.amsl.com>
In-Reply-To: <154043714468.6859.14289090911132674656.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1d.0.161209
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.82.249.236]
Content-Type: text/plain; charset="utf-8"
Content-ID: <95B1A80207B20848AA3E57FC9DFAEC16@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Outbound-SMTP-Client: 173.37.102.26, xch-rcd-016.cisco.com
X-Outbound-Node: alln-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/teas/C4vRw6Izdh_i78jOXdcVAilWapo>
Subject: Re: [Teas] Benjamin Kaduk's No Objection on draft-ietf-teas-assoc-corouted-bidir-frr-06: (with COMMENT)
X-BeenThere: teas@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Traffic Engineering Architecture and Signaling working group discussion list <teas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas>, <mailto:teas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas/>
List-Post: <mailto:teas@ietf.org>
List-Help: <mailto:teas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas>, <mailto:teas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2018 17:29:39 -0000
Hi Benjamin, Thank you for the detailed review. Please see inline replies with <RG>… On 2018-10-24, 11:12 PM, "Benjamin Kaduk" <kaduk@mit.edu> wrote: Benjamin Kaduk has entered the following ballot position for draft-ietf-teas-assoc-corouted-bidir-frr-06: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-teas-assoc-corouted-bidir-frr/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- How does the unidirectional link failure logic and the revertive logic interact? That is, in the unidirectional failure case a node should be detecting that there is a failure case and rerouting reverse traffic onto the protection path to match the forward path. But a node in the process of reverting back on to the primary path (before its counterpart in the other direction) would seem to observe the same packet/path behavior as in the case of a unidirectional link failure. Do we need to rely on the flooding of link status information to differentiate between these cases? <RG> The basic idea is as following: After FRR, RSVP messages are sent with modified “IPV4 tunnel sender address" in the SENDER_TEMPLATE Object of the protected LSP, this is how the receiving node knows if FRR has been triggered and it can use it to trigger co-route. After revertive back when the failure is repaired, the RSVP Path message SENDER_TEMPLATE is restored as before [RFC4090, Section 6.5.2], which can be then used by the receiving node to trigger revertive behavior. <RG> Yes, flooding link status / topology database can be used for Global revertive behavior. Are the state-keeping and resource consumption burdens large for the midpoint nodes that now must correlate whether they see traffic on original/protection paths for associated flows? (E.g., Section 4.1.3's "when it receives the un-modified RSVP path messages and traffic".) It seems like it should just be a linear scaling factor at worst, with no real path to an attack, but perhaps there are security considerations relating to router capacity. Section 2 In packet transport networks, there are requirements where the reverse LSP of a bidirectional LSP needs to follow the same path as its forward LSP [RFC6373]. [...] Does this need a qualifier (e.g., "some packet transport networks" or "there are sometimes requirements")? <RG> Updated to “some packet transport networks”. Section 3.2 tunnel S (on path B-F-G-D) to reach downstream MP node D whereas the upstream PLR node C reroute the protected reverse LSP2 traffic over the bypass tunnel N (on path C-I-H-A) to reach the upstream MP node A. [...] nit: "reroutes" <RG> Fixed. Section 4.1.1 As shown in Figure 2, when using a node protection bypass tunnel with protected co-routed LSPs, asymmetry of paths can occur in the forward and reverse directions after a link failure [RFC8271]. In order to restore co-routing, the downstream MP node D (acting as an upstream PLR) SHOULD trigger the procedure to restore co-routing and reroute the protected reverse LSP2 RSVP Path messages and traffic over the bypass tunnel S (on path D-G-F-B) to the upstream MP node B upon Why is this only a SHOULD? <RG> It is MUST to restore co-route. Updated. Section 4.2 An endpoint node MAY set the Extended Association ID to the value shown in Appendix A. The contents of Appendix A do not include a distinguished single value, but rather a data structure, so I think that a phrase other than "to the value" should be used. <RG> Updated using suggestion from Adam Roach as: "... set the Extended Association ID to a value formatted according to the structure shown in Appendix A." o For double-sided provisioned bidirectional LSPs [RFC7551], both endpoints need to ensure that the bidirectional LSP has a unique Extended ASSOCIATION Object for each forward and reverse LSP pair by selecting appropriate unique Extended Association IDs signaled by them. How does this signalling/selection process get the two endpoints to agree on the same value? <RG> Added text: A controller can be used to provision unique Extended Association ID on both endpoints. The procedure for selecting unique Extended Association ID is outside the scope of this document. Appendix A (Again, "to the value" is not appropriate to describe the general format. Perhaps, "to a value using the format".) <RG> Updated as above. Please also explicitly describe the semantics of the "Reserved" field(s) (i.e., set to zero on transmission and ignored on receipt). <RG> Added. Thanks, Rakesh
- [Teas] Benjamin Kaduk's No Objection on draft-iet… Benjamin Kaduk
- Re: [Teas] Benjamin Kaduk's No Objection on draft… Rakesh Gandhi (rgandhi)
- Re: [Teas] Benjamin Kaduk's No Objection on draft… Benjamin Kaduk