Hi Bruno, Thanks for the review and comments. Pls see inline for replies.
Juniper Business Use Only From: [email protected] <[email protected]> Sent: Wednesday, September 9, 2020 8:47 PM To: [email protected] Cc: [email protected] Subject: RE: [spring] WG adoption call for draft-hegde-spring-node-protection-for-sr-te-paths [External Email. Be cautious of content] Hi authors, all, As an individual contributor, I have two non-blocking comments. 1. I feel that the terminology "node protection" in the name of the draft could be misleading. "Node Protection" is already used in [LFA] and [RLFA]. It refers to a property of the alternate path avoiding the next node on the path to the egress/destination. It does not change the destination/egress. It looks to me that the function been proposed in the draft is more along [Egress Protection] which protects from the failure of the egress/destination, and hence do change the destination/egress. (full disclosure, I'm co-author of [Egress Protection] ) I think that both are different and that properties are different, hence using the same name is misleading. In particular, in the first one, the destination/egress is unchanged and hence properties of the destination/egress is unchanged: no problem. While in the second case, a node (a 'protector' in [Egress Protection]) is claiming to provide a similar service, but possibly only a subset of the original services or without the stateful states). Cf some discussion on the mailing list along "How do I know that I can safely pretend that I'm the original destination?" Personally I would propose to replace "Node Protection" by "Segment Protection" or "Segment Egress Protection" or "IGP Segment Egress Protection" since the proposal seem restricted to IGP knowledge. <Shraddha> I agree that using the term node protection is confusing. I think that "segment protection" is the right term. Using egress keyword may cause other confusions because term egress is used in egress protection RFCs to mean the egress nodes on which the services reside. In this draft the focus is on nodes that are not egresses. [LFA] https://tools.ietf.org/html/rfc5286<https://urldefense.com/v3/__https:/tools.ietf.org/html/rfc5286__;!!NEt6yMaO-gk!R3XqSiUA_cgf3gc_cZUjOGXAwIop0rKnceS8EvU9vxvgY_DVneweAP5Zs8bjDj_k$> [RLFA node protection] https://tools.ietf.org/html/rfc8102<https://urldefense.com/v3/__https:/tools.ietf.org/html/rfc8102__;!!NEt6yMaO-gk!R3XqSiUA_cgf3gc_cZUjOGXAwIop0rKnceS8EvU9vxvgY_DVneweAP5ZszUA3CEW$> [Egress Protection] https://tools.ietf.org/html/rfc8679<https://urldefense.com/v3/__https:/tools.ietf.org/html/rfc8679__;!!NEt6yMaO-gk!R3XqSiUA_cgf3gc_cZUjOGXAwIop0rKnceS8EvU9vxvgY_DVneweAP5ZswTcjaLe$> 1. At best, the proposal ignores [Egress Protection]. At worst, the draft breaks [Egress Protection] Both do not seem to co-operate. <Shraddha> Actually, egress protection as defined in RFC 8679 works well with procedures defined in this draft. Section 3.4 briefly talks about this. Initial versions of this draft had examples to describe how egress protection works in conjunction with procedures described in this draft. Basically, egress protection described in RFC 8679 uses a context-id and context label. When the penultimate hop creates protection for the context-id routes It follows the procedures described in RFC 8679 ( in conjunction with mirror-sid for SR networks). We also have a simplified version of RFC 8679 which uses anycast SIDs and static service labels Described in draft-hegde-rtgwg-egress-protection-sr-network. This anycast based egress protection also works well with protection procedures described in this document. I'll add a section with examples to describe this which can help clarify. The draft applies the egress protection even though it can only protections IGP segments/labels while [Egress Protection] would provide a much broader protection, including service (e.g. VPNs) protection. Hence it seems to break [Egress Protection] VPN service protection. <Shraddha> No this draft does not break VPN service protection. I'll add detailed examples. I would propose that the draft refers a bit more to [Egress Protection], uses its terminology if/when appropriate and then elaborate on the above issue. From a technical standpoint, I would propose to privilege the use of a (complete) Protector (as per [Egress Protection] ) if available. <Shraddha> This draft makes use of looking up the second label in the stack for protection. It is different from protector based approach. draft-hu-spring-segment-routing-proxy-forwarding Is more closer to protector based approach I think. It comes with an overhead of configuring the primary and proxy pairs for set of nodes. Finally, as also raised by Zhibo, the scalability properties of the draft is not optimal, and in particular less optimal than [Egress Protection]. <Shraddha>I'll add some more text on scalability. Section 5 of the draft proposes an optimisation to reduce scale. Indeed, most of the work/states is on a Protector node (having the context mpls forwarding table). For a given failure, [Egress Protection] allows for a single Protector while this drafts requires N Protectors (one per neighbour). So more states in the network and on nodes. Also [Egress Protection] allows to distribute this load while the draft requires the PLR to handle the protection for all its neighbhors. Since this draft restricts to IGP Segments, the scalability impact his limited but still exist. (on the pro side, the draft avoids the additional transport cost/delay required to reach the Protector (since PLR and Protector are co-located)/ <Shraddha> Fair point. I would see the advantage of this draft is more from operational perspective since it does not require primary protector configs. Enabling the feature with one single knob on the router will be good enough. Regards, Bruno From: spring [mailto:[email protected]] On Behalf Of [email protected]<mailto:[email protected]> Sent: Thursday, July 30, 2020 2:25 PM To: [email protected]<mailto:[email protected]> Cc: [email protected]<mailto:[email protected]> Subject: [spring] WG adoption call for draft-hegde-spring-node-protection-for-sr-te-paths Hi SPRING WG, Authors of draft-hegde-spring-node-protection-for-sr-te-paths [1] have asked for WG adoption. Please indicate your support, comments, or objection, for adopting this draft as a working group item by August 20th 2020. (*) Could those who are willing to work on this document, please notify the list. That gives us an indication of the energy level in the working group to work on this. Thanks, Regards, Bruno, Jim, Joel [1] https://tools.ietf.org/html/draft-hegde-spring-node-protection-for-sr-te-paths-07<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-hegde-spring-node-protection-for-sr-te-paths-07__;!!NEt6yMaO-gk!R3XqSiUA_cgf3gc_cZUjOGXAwIop0rKnceS8EvU9vxvgY_DVneweAP5ZsxQ-MBcB$> (*) 3 weeks to account for the IETF meeting week and the august/summer period. _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
_______________________________________________ spring mailing list [email protected] https://www.ietf.org/mailman/listinfo/spring
