thanks a lot for the thorough review. I uploaded version 11 to address
your comments. See my reply inline "#Ahmed".
On 4/2/18 7:26 AM, Ahmed Bashandy (bashandy) wrote:
-------- Forwarded Message --------
Subject: AD Review of draft-ietf-spring-segment-routing-ldp-interop-09
Resent-Date: Wed, 20 Dec 2017 10:37:01 -0800
Resent-To: cfils...@cisco.com, stef...@previdi.net,
Date: Wed, 20 Dec 2017 13:36:54 -0500
From: Alvaro Retana <aretana.i...@gmail.com>
CC: spring-cha...@ietf.org, Martin Vigoureux
I just finished reading this document. I have some Major comments
below that I would like to see addressed before starting the IETF LC.
Thanks for your work on this document.
M1. From Section 2: "An MCC, operating at node N, MUST ensure that the
incoming label it installs in the MPLS data plane of Node N has been
uniquely allocated to himself.” I’m sure this sentence is not meant
as a new Normative statement for all MCCs, right? I think that the
“MUST” is out of place since the text is really stating a fact.
M2. SRMS Definition and Operation
M2.1. Section 4.2.1. (SR to LDP Behavior) uses normative language to
describe the operation of the SRMS in ways that I think are not needed
M2.1.1. "The SRMS MUST be configured by the operator in order to
advertise Node-SIDs on behalf of non-SR nodes.” Section 4.2 already
says that "The mappings advertised by one or more SRMSs result from
local policy information configured by the operator.”, so the sentence
in 4.2.1 is at best redundant. In any case, what can be enforced from
a specification point of view by that “MUST”? s/MUST/must
M2.1.2. "At least one SRMS MUST be present in the routing domain.
Multiple SRMSs SHOULD be present for redundancy.” These MUST|SHOULD
seem to indicate a statement of fact. Again, from a specification
point of view, what can be enforced? s/MUST|SHOULD/must|should. Note
also that in 7.2 the text says that "Multiple SRMSs can be provisioned
in a network for redundancy.”, which seems to be the right thing (no
I removed these two statements. Instead I modified the 3rd paragraph in
Section 4.2 to indicate that there must be at least one SRMS server in
Ahmed: agreed. But since section 7.2 is under the manageability
consideration, IMO it should really not contain much specification.
Instead, I modified section 4.2.2 specify how to prefer SRMS
advertisements and removed section 7.2 completely. Section 7.2 in
version 11 is section 7.3 in version 10
M2.2. Section 7.2. says that "a preference mechanism may also be used
among SRMSs so to deploy a primary/secondary SRMS scheme”…but no other
details are included. This document is where the SRMS is first
defined, so I would expect this detail to also be included here. I
note that Section 3.1. (SID Preference)
of draft-ietf-spring-conflict-resolution contains the preference
specification. Please move that section to this document.
M2.3. Section 7.2 also says that: "When the SRMS advertise mappings,
an implementation SHOULD provide a mechanism through which the
operator determines which of the IP2MPLS mappings are preferred among
the one advertised by the SRMS and the ones advertised by LDP.” First
off, I think that the SHOULD is out of place because it is not
specifying any specific action (the mechanism is not explicit).
Second, this statement (with the Normative SHOULD) is in conflict with
(from 2.2. (IP2MPLS co-existence)): "if both LDP and SR propose an IP
to MPLS entry (IP2MPLS) for the same IP prefix, then the LDP route
SHOULD be selected.” Solution: s/SHOULD/should
Agreed. I replaced SHOULD with should
#Ahmed: I removed section 2.2 as it is very similar to section 7.1 as
you correctly pointed out. for IP2MPLS, I referred to Section 7.1. I
also added justification for preferring LDP over SR as you suggested and
changed the MUST to SHOULD
M3. Manageability Considerations
M3.1. The text in Section 7.1. (SR and LDP co-existence) is almost the
same as in Section 2.2. (IP2MPLS co-existence); the difference is that
7.1’s first bullet says that "by default the LDP route MUST be
selected”, while 2.2 uses SHOULD instead. Which one is it?
Obviously, having the same text is two places adds nothing to the
document — please consolidate.
M3.2. [minor] The last bullet in 7.1/2.2 says that the "policy MAY be
locally defined. There is no requirement that all routers use the
same policy.” Given that in this case “all routers” really refers to
the edge nodes (at the IP2MPLS boundary), it seems like it makes sense
that either choice could be ok. Maybe I’m wrong, but I’m guessing
that giving preference to LDP (MUST/SHOULD above) has to do with the
assumption that it is supported everywhere, while SR might not yet
be…so it supports the migration case in Section 3. Is that a
reasonable guess? It would be nice, to provide some justification for
the default LDP preference so that operators have a better idea of
when it might be ok to use SR instead.
M4. Security Considerations. I tend to agree that this document
doesn’t introduce anything new…but it does specify something
different. The base SR-related advertisement by an IGP is done for
the segments belonging to the local node, but the SRMS lets a node
(any node, multiple nodes) adverse any mapping (for nodes that may be
anywhere in the network) which may result in conflicting
advertisements (in the best case), or even false ones. Cryptographic
authentication (any any other current security mechanisms in IGPs)
only verify that the information was not changed, but it doesn’t
validate the information itself, which can then lead to conflicting
and or false advertisements, which could “compromise traffic
forwarding”. You should at least recognize that the risk exists, even
if no specific mitigation (except maybe strict
configuration/programmability control by the operator) can be mentioned.
#Ahmed: Agreed. Added text to indicate what you mentioned
M5. References: These references don’t need to be Normative and can be
I-D.ietf-isis-segment-routing-extensions, I-D.ietf-ospf-ospfv3-segment-routing-extensions, I-D.ietf-ospf-segment-routing-extensions.
OTOH, this one should be Normative: RFC5036
Ahmed: Agreed and done
P1. As with all the other SR-related documents, please take out
“service chain” from the text.
#Ahmed: Agreed and done
P2. Please add References for "RSVP-TE, BGP 3107, VPNv4”. BTW, note
that rfc3107 has been obsoleted by rfc8277 — you make references to
#Ahmed Removed VPNv4 and added references to the others
P3. Please define (or reference) the MPLS2MPLS, MPLS2IP and IP2MPLS
terminology (only IP2MPLS is expanded).
P4. From Section 3: “...the SR infrastructure is usable, e.g. for Fast
Reroute (FRR) or IGP Loop Free Convergence to protect existing IP and
LDP traffic. FRR mechanisms are described in
draft-ietf-spring-resiliency-use-cases may be a better reference.
#Ahmed: Agreed and modified as suggested
P5. Section 3: "However, any traffic switched through LDP entries will
still suffer from LDP-IGP synchronization.” While that statement is
true, it seems out of place since there is no other discussion about
LDP-IGP synchronization anywhere — if you want to keep it, please add
#Ahmed: Agree with your assessment and removed the statement
#Ahmed: Agree with your assessment and consolidated the text in section
4 and 4.1.1 into section 4.1.1
P6. Sections 4 and 4.1.1 have very similar, redundant text. To avoid
confusion, please consolidate it in one place. This is what I’m
“ If the SR/LDP node operates in LDP ordered label distribution control
mode (as defined in [RFC5036]), then the SR/LDP node MUST consider SR
learned labels as if they were learned through an LDP neighbor and
create LDP bindings for each Prefix-SID and Node-SID learned in the
" A SR node having LDP neighbors MUST create LDP bindings for each
Prefix-SID and Node-SID learned in the SR domain and, for each FEC,
stitch the incoming LDP label to the outgoing SR label. This has to
be done in both LDP independent and ordered label distribution
control modes as defined in [RFC5036]."
#Ahmed: Agree with your assessment and removed the statement in Section
Note that this same text (as in 4.1.1 above) is repeated exactly in
4.2.1 — where the SRMS is discussed. To me, it seems out of place
there (4.2.1) as the behavior is true whether an SRMS is in use or
not. In line with the above, it may be better to consolidate
redundant text in one place — Section 4 seems good to me.
N1. s/This draft(s)/This document
N3. Please don’t use “we”, use the 3rd person instead. Just a
personal preference (= nit).
N5. Please put the reference for Option C when it is first mentioned.
#ahmed: Made the changes as suggested
spring mailing list