Re: [trill] Comments on draft-ietf-trill-p2mp-bfd-04
"Zhangmingui (Martin)" <zhangmingui@huawei.com> Fri, 05 May 2017 09:55 UTC
Return-Path: <zhangmingui@huawei.com>
X-Original-To: trill@ietfa.amsl.com
Delivered-To: trill@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C8DF1294C9 for <trill@ietfa.amsl.com>; Fri, 5 May 2017 02:55:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KU3lFg7v_gNw for <trill@ietfa.amsl.com>; Fri, 5 May 2017 02:55:36 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B5E3127444 for <trill@ietf.org>; Fri, 5 May 2017 02:55:35 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml703-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DMI06546; Fri, 05 May 2017 09:55:33 +0000 (GMT)
Received: from NKGEML412-HUB.china.huawei.com (10.98.56.73) by lhreml703-cah.china.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 5 May 2017 10:55:33 +0100
Received: from NKGEML515-MBS.china.huawei.com ([169.254.5.200]) by nkgeml412-hub.china.huawei.com ([10.98.56.73]) with mapi id 14.03.0235.001; Fri, 5 May 2017 17:55:29 +0800
From: "Zhangmingui (Martin)" <zhangmingui@huawei.com>
To: Donald Eastlake <d3e3e3@gmail.com>, "trill@ietf.org" <trill@ietf.org>
Thread-Topic: [trill] Comments on draft-ietf-trill-p2mp-bfd-04
Thread-Index: AQHSxQdcT+ISDQ1K+Uy92Z00IbeDJ6HlgMTA
Date: Fri, 05 May 2017 09:55:28 +0000
Message-ID: <4552F0907735844E9204A62BBDD325E7A64B6F02@NKGEML515-MBS.china.huawei.com>
References: <CAF4+nEG_Z9K3KM9sOhJhx3C9cuVEA1=KK9=iS5BrDRceOMSaNw@mail.gmail.com>
In-Reply-To: <CAF4+nEG_Z9K3KM9sOhJhx3C9cuVEA1=KK9=iS5BrDRceOMSaNw@mail.gmail.com>
Accept-Language: en-US, zh-CN
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.111.146.93]
Content-Type: multipart/alternative; boundary="_000_4552F0907735844E9204A62BBDD325E7A64B6F02NKGEML515MBSchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020204.590C4C16.0072, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.5.200, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 795d8827cf35a0076f8a536c12a7a86b
Archived-At: <https://mailarchive.ietf.org/arch/msg/trill/EESPPYu-TUDKHIRUETOjfaZ34NE>
Subject: Re: [trill] Comments on draft-ietf-trill-p2mp-bfd-04
X-BeenThere: trill@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Developing a hybrid router/bridge." <trill.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trill>, <mailto:trill-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trill/>
List-Post: <mailto:trill@ietf.org>
List-Help: <mailto:trill-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trill>, <mailto:trill-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2017 09:55:38 -0000
Hi Donald, Appreciate your comments. We authors agree with you and an update version based on your comments will be submitted soon. Thanks, Mingui From: trill [mailto:trill-bounces@ietf.org] On Behalf Of Donald Eastlake Sent: Friday, May 05, 2017 2:50 AM To: trill@ietf.org Subject: [trill] Comments on draft-ietf-trill-p2mp-bfd-04 Hi, I've reviewed this document and have one new technical comment, two editorials, and I repeat with suggested text a technical comment I had in my recent message supporting. Technical Comments 1. The Security Considerations section has a minor problem in that it refers to RFC 7978 for security. RFC 7978 tells you how to do point-to-point authentication and encryption but for multi-destination cases like p2mp it provides only authentication. And, I believe, the multipoint BFD draft provides authentication so it is not really necessary to do it at the extended RBridge Channel message level. I suggest replacing the first two paragraphs of the Security Considerations section with the following: "Multipoint BFD provides its own authentication but does not provide encryption (see Security Considerations in [I-D.ietf-bfd-multipoint]). As specified in this document, the point-to-multipoint BFD payloads are encapsulated in RBridge Channel messages which have been extended by [RFC7978] to provide security. However, [RFC7978], while it provides both authentication and encryption for point-to-point extended RBridge Channel messages, provides only authentication for multipoint RBridge Channel messages. Thus, there is little reason to use the [RFC7978] security mechanisms at this time. However, it is expected that a future document will provide for group keying; when that occurs, the use of RBridge Channel security will also be able to provide encryption and may be desirable." 2. As mentioned in https://www.ietf.org/mail-archive/web/trill/current/msg07746.html the bootstrapping section (Section 3) could be read to imply that multi-hop multi-point BFD sessions could be bootstrapped with adjacency but I think that only works for one-hop BFD sessions. I suggest that the first sentence of Section 3 be replaced by the following two sentences: "The TRILL adjacency mechanism bootstraps the establishment of one-hop TRILL BFD sessions [RFC7177<https://tools.ietf.org/html/rfc7177>]. Multi-hop sessions are expected to be configured by the network manager." Editorial Comments Section 1 OLD [I-D.ietf-bfd-multipoint-active-tail<https://tools.ietf.org/html/draft-ietf-trill-p2mp-bfd-04#ref-I-D.ietf-bfd-multipoint-active-tail>]. If the tail loses connectivity of the new RBridge Channel message from the head, the NEW [I-D.ietf-bfd-multipoint-active-tail<https://tools.ietf.org/html/draft-ietf-trill-p2mp-bfd-04#ref-I-D.ietf-bfd-multipoint-active-tail>]. If the tail loses connectivity as detected by not receiving the new RBridge Channel message from the head, the Section 5 OLD addition to this combination, TRILL P2MP BFD that requires the tail NEW addition to this combination, TRILL P2MP BFD requires that the tail Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e3e3@gmail.com<mailto:d3e3e3@gmail.com>
- [trill] Comments on draft-ietf-trill-p2mp-bfd-04 Donald Eastlake
- Re: [trill] Comments on draft-ietf-trill-p2mp-bfd… Zhangmingui (Martin)