[Teas] Benjamin Kaduk's No Objection on draft-ietf-teas-assoc-corouted-bidir-frr-06: (with COMMENT)

[Benjamin Kaduk <kaduk@mit.edu>]

Benjamin Kaduk has entered the following ballot position for
draft-ietf-teas-assoc-corouted-bidir-frr-06: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-teas-assoc-corouted-bidir-frr/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

How does the unidirectional link failure logic and the revertive logic
interact?  That is, in the unidirectional failure case a node should be
detecting that there is a failure case and rerouting reverse traffic onto
the protection path to match the forward path.  But a node in the process
of reverting back on to the primary path (before its counterpart in the
other direction) would seem to observe the same packet/path behavior as in
the case of a unidirectional link failure.  Do we need to rely on the
flooding of link status information to differentiate between these cases?

Are the state-keeping and resource consumption burdens large for the
midpoint nodes that now must correlate whether they see traffic on
original/protection paths for associated flows?  (E.g., Section 4.1.3's
"when it receives the un-modified RSVP path messages and traffic".)
It seems like it should just be a linear scaling factor at worst, with no
real path to an attack, but perhaps there are security considerations
relating to router capacity.

Section 2

   In packet transport networks, there are requirements where the
   reverse LSP of a bidirectional LSP needs to follow the same path as
   its forward LSP [RFC6373].  [...]

Does this need a qualifier (e.g., "some packet transport networks" or
"there are sometimes requirements")?


Section 3.2

   tunnel S (on path B-F-G-D) to reach downstream MP node D whereas the
   upstream PLR node C reroute the protected reverse LSP2 traffic over
   the bypass tunnel N (on path C-I-H-A) to reach the upstream MP node
   A.  [...]

nit: "reroutes"

Section 4.1.1

   As shown in Figure 2, when using a node protection bypass tunnel with
   protected co-routed LSPs, asymmetry of paths can occur in the forward
   and reverse directions after a link failure [RFC8271].  In order to
   restore co-routing, the downstream MP node D (acting as an upstream
   PLR) SHOULD trigger the procedure to restore co-routing and reroute
   the protected reverse LSP2 RSVP Path messages and traffic over the
   bypass tunnel S (on path D-G-F-B) to the upstream MP node B upon

Why is this only a SHOULD?

Section 4.2

                                                        An endpoint node
   MAY set the Extended Association ID to the value shown in Appendix A.

The contents of Appendix A do not include a distinguished single value, but
rather a data structure, so I think that a phrase other than "to the
value" should be used.

   o  For double-sided provisioned bidirectional LSPs [RFC7551], both
      endpoints need to ensure that the bidirectional LSP has a unique
      Extended ASSOCIATION Object for each forward and reverse LSP pair
      by selecting appropriate unique Extended Association IDs signaled
      by them.

How does this signalling/selection process get the two endpoints to agree
on the same value?

Appendix A

(Again, "to the value" is not appropriate to describe the general format.
Perhaps, "to a value using the format".)

Please also explicitly describe the semantics of the "Reserved" field(s)
(i.e., set to zero on transmission and ignored on receipt).