Hi,
As shepherd of this document, please find below some comments that I have:
Overall comments:
- Please add a section that contains all the abbreviations expansions:
that may help non expert people to follow the acronyms without looking for the
first reference in the text.
- I usually like figures. For the intro, it may be wonderful to build
a figure that reminds the existing S-PMSI/Leaf A-D procedure. So without
reading the text, we can remember how it works.
- The interAS case may also be better with a Figure and an example (or
couples of).
Introduction:
"By originating one of these BGP routes, an ingress node advertises that
it is transmitting a particular multicast flow."
[SLI] Is "is transmitting" correct ? Can't we have situations where an S-PMSI
route is/was advertised but no traffic is flowing (no yet started or switched,
or stopped).
"Now
suppose that the ingress node wants explicit tracking for each
individual flow that it transmits (following the procedures of
[RFC6625] on that P-tunnel."
[SLI] Missing ")"
"This allows the
ingress node to determine the set of egress nodes that are receiving
flows from the ingress node."
[SLI] I think the Leaf A-D tells that there is a receiver interested by the
flow, but does not tell that it actually receives it.
" Howver, this procedure requires several clarifications:"
[SLI] There is a typo s/Howver/However/
"The procedures of [RFC6625] do not clearly state how to handle an
S-PMSI A-D route if its NLRI contains wild cards, but its PTA
specifies "no tunnel info"."
[SLI] I quickly ran over RFC6625, it does not mention anything on explicit
tracking or Leaf A-D routes. So we assume that RFC6513/6514 only applies here.
" * The explicit tracking procedures do not allow an ingress node
to "see" past the boundaries of the segmentation domain.
This particular problem is not further addressed in this
revision of this document.
"
[SLI] Do you plan to address it ? Or do we now consider it as out of scope ?
Section 2:
"Prior specifications define one flag in the PTA, the "Leaf Info
Required" (LIR) flag, that is used for explicit tracking."
[SLI] Please point to the right reference
"If the LIR-pF flag is set in a given PTA, the LIR flag of that PTA
SHOULD also be set."
[SLI] Why not using a MUST ?
"one forces a
a response to be sent an egress node that does not support LIR-pF"
[SLI] Is there a missing word like 'sent by an egress node" ?
Section 3:
"The definition of "match for reception" in [RFC6625] is hereby
modified as follows:"
[SLI] Please point to the section that you are updating.
In addition, section 3.2 of RFC6625 contains multiple if then else conditions
for each cases (C-S,C-G) and (C-*,C-G). Please give some precision in where do
you want to insert your new statement in this processing sequence. I guess it
is at the beginning.
"When finding the "match for reception" for a given (C-S,C-G) or
(C-*,C-G), ignore any S-PMSI A-D route that has no PTA, or whose
PTA specifying "no tunnel information"."
[SLI] I would be in favor to introduce a normative statement here.
"We also introduce a new notion: the "match for tracking". This
differs from the "match for reception" as follows:"
[SLI] It would be better to give a definition of the "match for tracking"
before giving the rules. Here you're explaining only the rules, not the
difference in the meaning. Wouldn't it be easier to tell that the
implementation MUST consider only the S-PMSI A-D routes that have a LIR flag
and/or LR-pF flag set and then run the same rules as the RFC6625. Why do you
want to have S-PMSI routes with PTA and LIR unset in your route list for "match
for tracking" ? You need to take care here on your text proposal as one of your
previous statement updates the RFC6625 and the match reception procedure, so
the rules to be applied are the original one from RFC6625 and not the updated
one.
" Also note that if a match for tracking does not have the LIR flag or
the LIR-pF flag set, no explicit tracking information will be
generated. See Section 5."
[SLI] Again I do not see the value added of keeping such route as a match for
tracking as there is no tracking requested.
Section 4:
"Such a route could be an
I-PMSI A-D route, a (C-*,C-G1) S-PMSI A-D route, a (C-S1,C-*)
S-PMSI A-D route, or a (C-*,C-*) S-PMSI A-D route. "
[SLI] Is per flow explicit tracking also required for I-PMSI ? I do not see it
listed in the goals of the doc ? The goal was to address wildcards S-PMSI AD
routes.
"Further, if the ingress node originates a wildcard S-PMSI A-D
route carrying a PTA specifying the tunnel to be used for
carrying (C-S1,C-G1) traffic, and if that PTA has the LIR-pF bit
set, then explicit tracking for (C-S1,C-G1) is requested by that
S-PMSI A-D route. Thus the ingress node SHOULD NOT originate a
(C-S1,C-G1) S-PMSI A-D route whose PTA specifies "no tunnel
info"; such a route would not provide any additional
functionality."
[SLI] I do not fully understand this text in the context of your procedure 1.
which deals with an origination of an (C-S1,C-G1) S-PMSI A-D route (no
wildcard). As I understand the procedure for the wildcard is defined in 2.
"2. The following procedure can be used if (and only if) it is known
that the egress nodes support the optional LIR-pF flag."
I have some issue with this sentence. It does not seem to be normative as there
is no normative statement. However I understand it as a critical thing ("and
only if" !) so it may require at least a SHOULD.
Then the issue I see is that this knowledge does not come from the protocol, so
it sounds important to me to highlight the impact of a mistake.
BUT, reading the section 5. I understand that it is not as critical as it seems
as the receiver will ignore simply the LIR-pF flag and apply the standard
procedure (LIR set).
Please clarify the criticity to have or not this knowledge.
" To terminate explicit tracking that has been initiated by an
S-PMSI A-D route whose PTA specifies a tunnel, the ingress node
re-originates the route without the LIR flag set"
[SLI] Do we also need to clear the LIR-pf ? It would make sense to do so.
"If the match for tracking has LIR set and if either (a) the
egress node does not support LIR-pF, or (b) LIR-pF is not set,
then the egress node must respond to the match for tracking,
following procedures specified in other documents for the case
where LIR is set."
[SLI] Please state the relevant document references here.
Section 5.2
"Note that, per RFC4364, every RD begins with a two-octet type field
that is either 0, 1, or 2. By adding 16 to the second octet of the
RD, we force the type field to be 16, 17, or 18. "
[SLI] It works but we may need to ensure that the types > 16 cannot be used
anymore by new applications. Moreover if new RD types are created, new siblings
will have to be created.
Wouldn't it be easier to set the MSB of the RD type to 1 ? so we only lock half
of the type space.
Or what could be the impact of using the RD of the local VRF of the egress node
?
Section 5.3
"In the case where the egress
node is not a PE, but rather an ABR or ASBR, it will not know whether
it needs to receive a given flow unless it receives a Leaf A-D route
whose NLRI specifies that flow and whose IP-address-specific RT
specifies an address of the egress node."
[SLI] The sentence works but when reading it I needed multiple reread to
understand that the "IP-address-specific RT
specifies an address of the egress node." was referring to the ASBR/ABR and
not the receiver PE.
Do you mind using "this egress node" or "this ABR/ASBR" ?
Section 8.
[SLI] Do we have counter-measures against such "attack" ? Ingress PE dropping ?
Section 9.2
I think RFC7524 needs to be referenced as normative giving that its knowledge
is required to understand section 5.3. I think that section 5.3 is also
updating/complementing the procedures in RFC7524 with the "no-tunnel info" case.
Brgds,
[Orange logo]<http://www.orange.com/>
Stephane Litkowski
Network Architect
Orange/SCE/EQUANT/OINIS/NET
Orange Expert Future Networks
phone: +33 2 23 06 49 83
<https://monsi.sso.francetelecom.fr/index.asp?target=http%3A%2F%2Fclicvoice.sso.francetelecom.fr%2FClicvoiceV2%2FToolBar.do%3Faction%3Ddefault%26rootservice%3DSIGNATURE%26to%3D+33%202%2023%2028%2049%2083%20>
NEW !
mobile: +33 6 71 63 27 50
<https://monsi.sso.francetelecom.fr/index.asp?target=http%3A%2F%2Fclicvoice.sso.francetelecom.fr%2FClicvoiceV2%2FToolBar.do%3Faction%3Ddefault%26rootservice%3DSIGNATURE%26to%3D+33%206%2037%2086%2097%2052%20>
NEW !
[email protected]<mailto:[email protected]>
_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou
falsifie. Merci.
This message and its attachments may contain confidential or privileged
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been
modified, changed or falsified.
Thank you.
_______________________________________________
BESS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/bess
