Hi Thomas,
Thanks for your review and comments!
From the draft:
"This document does not provide any new protocol elements or
procedures"
I think we can agree that it does not specify any new protocol elements.
> [Thomas] Sections 3, 4.1.1 and 9, at least, introduce what I think
can fairly be considered new procedures.
I don't see anything in section 3 or 4.1.1 that I would call "new
procedures".
However, your point is well-taken about section 9, as RFC6514 does not
really address the use of timers to achieve "make before break"
functionality. On the other hand, RFC 6513 section 7 does specify the
use of timers when switching a flow from one P-tunnel to another, so the
use of timers is not a new addition.
When we started implementing ingress replication, we found that it
wasn't always very clear how to apply the procedures of RFC6514 when
ingress replication is being used. The purpose of this draft is to pull
together into one place all the procedures relevant to ingress
replication, and to explain clearly how ingress replication is done
using the procedures of RFC6514. The focus is on getting it clear
enough to increase the likelihood of multi-vendor interoperability. We
really tried hard to avoid creating any new IR-specific procedures,
though section 9 may be an exception.
From the draft:
"4.1. Advertised P-tunnels The procedures in this section apply
when the P-tunnel to be joined has been advertised in an S-PMSI A-D
route, an Inter-AS I-PMSI A-D route, or an Intra-AS I-PMSI A-D route."
> For sake of clarity and avoid any misinterpretation, can you please
add ", and the PMSI Tunnel Attribute is of type Ingress Replication"
Well, section 4 is called "How to Join an IR P-tunnel", and the entire
draft is exclusively about IR P-tunnels. If you think that is not
clear, perhaps the sentence above should just say "when the IR P-tunnel
to be joined has been ..."
From the draft:
"Note that if a set of IR P-tunnels is joined in this manner, the
"discard from the wrong PE" procedures of [RFC6513] section 9.1.1 cannot
be applied to that P-tunnel. Thus duplicate prevention on such IR
P-tunnels requires the use of either Single Forwarder Selection
([RFC6513] section 9.1.2) or native PIM procedures ([RFC6513] section
9.1.3).
[Thomas] I would suggest rewording with "Note that, in the general case,
..." and "...unless the tunneling technique relies on an IP transport,
which may allow the identification of the PE sourcing the traffic".
It is certainly true in theory that one could use an IP encapsulation in
this way, but in practice it creates a couple of complications:
- I think it presupposes that the IP source address field of the
tunneled packets contains the same IP address that the ingress PE puts
in the Global Administrator field of the VRF Route Import EC that it
attaches to the unicast routes that it distributes.
- All the egress PEs need to implement this IP address check in the data
plane forwarding path.
While using the IP encapsulation in this way is a possible option, it
has never seemed like a very attractive option, and as far as I know, no
one has implemented it.
To avoid the need for an option like this, I always recommend that if
one wants to use IR by default, one should advertise the IR P-tunnels in
a (C-*,C-*) S-PMSI A-D route rather than in an Intra-AS I-PMSI A-D
route. One can still use IP tunnels if one wants, but the "discard from
the wrong PE" procedures would be based on the MPLS label that is
carried by the IP payload.
Another problem with using the IP header to apply the "discard from the
wrong PE" procedure is that it will not easily generalize to the case of
extranet. (Still another problem would be that it is just one more
unnecessary option.)
I could add some text explaining this, and explaining why it is not
recommended to use the IP header to apply the "discard from the wrong
PE" procedure.
Now, regarding the use of timers when switching UMH ...
[Thomas] I understand -- even if that is a bit implicit -- that the NLRI
for the Leaf A-D route to the old UMH is the same as the NLRI for the
Leaf A-D route to the new UMH.
Correct.
[Thomas] But I don't in fact understand why this has to be the case...
Leaf A-D routes are originated in response to I/S-PMSI A-D routes, and
the rules for creating the NLRI of a Leaf A-D route, as specified in
RFC6514, are independent of the tunnel type.
[Thomas] One has to ignore the procedures to build a Leaf A-D route of
RFC6514 since this document specifies new ones for IR in section 4.1.1
I don't understand why you say that. The 4.1.1 rules for generating the
NLRI of a Leaf A-D route follow the RFC6514 procedures.
[Thomas] section 4.1.1 says that the Key field of the Leaf A-D route
contains the "tunnel identifier" defined in section 3
Yes; the tunnel identifier defined in section 3 is the NLRI of the
corresponding I/S-PMSI A-D route, which is exactly that RFC6514
specifies for the route key.
[Thomas] section 3 says that (when the "Leaf info required" bit is set,
which is the case for section 4.1.1) the tunnel identifier is
RECOMMENDED to be a routable address of the router that built the PTA
No; section 3 says that the "tunnel identifier" field of the PTA is
recommended to be a routable address of the router that built the PTA.
But section 3 also tries to make it clear that the identifier of the IR
P-tunnel does not appear in the tunnel identifier field of the PTA.
[Thomas] Anyhow, it seems to me that ensuring that the Key changes when
the UMH changes, would simplify the make before break procedure:
everything is at the hand of the downstream PE which can advertise both
routes for as long as it wishes,
That does not seem to me to be a simplification. The specified
procedure is pretty simple:
- To change parents, only a single control plane operation is needed: a
change in the RT of the Leaf A-D route.
- In both the upstream and the downstream node, the to-be-deleted data
plane state is timed out.
- There are no data-driven state changes. (Note that to avoid
data-driven state changes, the downstream node really needs to run a
timer in order to decide when to modify its data plane state.)
- The timers do not need to be very precisely tuned, and certainly do
not need to be tuned on a per-peer basis.
- We retain the RFC6514 principle of keeping the NLRI independent of the
tunnel type. Thus we minimize the chances of creating unintended
side-effects or new corner cases that need to be thought out. That is,
we minimize the chances of breaking existing MVPN implementations in
unanticipated ways.
Eric
_______________________________________________
BESS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/bess
