Hi, The answers that Les gives, below, to Yoshifumi are completely correct.
Yours Irrespectively, John From: Les Ginsberg (ginsberg) <ginsb...@cisco.com> Sent: Friday, December 7, 2018 3:06 PM To: Yoshifumi Nishida <nish...@sfc.wide.ad.jp> Cc: nish...@wide.ad.jp; tsv-...@ietf.org; lsr@ietf.org; i...@ietf.org; draft-ietf-lsr-isis-rfc7810bis....@ietf.org Subject: RE: Tsvart last call review of draft-ietf-lsr-isis-rfc7810bis-03 Yoshi – I’ll try to provide some response to your comments. I preface this by saying: 1)I was not an author on RFC 7810. It is possible that my remarks do not accurately reflect the thinking of the original authors. If so, I hope one or more of them will find the time to correct me. 2)The intent of this bis draft was solely to correct the editorial issue which resulted in confusion and interoperability issues associated with the sub-TLV encoding for the three bandwidth TLVs. There are implementations based on RFC 7810 and no one to my knowledge has expressed confusion regarding how to take the measurements – nor has anyone expressed concern as to any omissions in the parameters advertised. Therefore we have no reason to alter the existing text in these areas. Responses inline. From: Yoshifumi Nishida <nish...@sfc.wide.ad.jp<mailto:nish...@sfc.wide.ad.jp>> Sent: Thursday, December 06, 2018 1:31 PM To: Les Ginsberg (ginsberg) <ginsb...@cisco.com<mailto:ginsb...@cisco.com>> Cc: nish...@wide.ad.jp<mailto:nish...@wide.ad.jp>; tsv-...@ietf.org<mailto:tsv-...@ietf.org>; lsr@ietf.org<mailto:lsr@ietf.org>; i...@ietf.org<mailto:i...@ietf.org>; draft-ietf-lsr-isis-rfc7810bis....@ietf.org<mailto:draft-ietf-lsr-isis-rfc7810bis....@ietf.org> Subject: Re: Tsvart last call review of draft-ietf-lsr-isis-rfc7810bis-03 Hi Les, On Wed, Dec 5, 2018 at 4:51 PM Les Ginsberg (ginsberg) <ginsb...@cisco.com<mailto:ginsb...@cisco.com>> wrote: Yoshi - Thanx for taking the time to review. I can appreciate that this may the first time you have looked at RFC7810 - let alone the bis draft. As a result you have commented on content which is common to the bis draft and the RFC it is modifying (RFC 7810). While your questions in isolation may be interesting, I believe they are out of scope for the review of the bis draft. What the bis draft is doing is addressing two modest errata - details of which can be found in https://tools.ietf.org/html/draft-ietf-lsr-isis-rfc7810bis-03#appendix-A<https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dietf-2Dlsr-2Disis-2Drfc7810bis-2D03-23appendix-2DA&d=DwMGaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=CRB2tJiQePk0cT-h5LGhEWH-s_xXXup3HzvBSMRj5VE&m=cshx0Rg6vOrONpG_nGle507LJUTtEDfYrQEJBDjhwcU&s=t_Fn06RaSxZd_HwovODc65u6de0d-HaN38BUBv5Ok-k&e=> Comments on content not related to those changes is out of scope. Just to be clear, my comments on this draft were clarification questions which won't request changes in the spec of the draft because I thought there are a certain ambiguities in the draft. But, if what you really mean is there is no ambiguities or confusions among expected readers on the points I made, it makes a sense to me and I can think I had unnecessary concerns. However, I'm not fully sure about it yet. For example, the draft mentions about delay variation and it seems to me this term is a bit ambiguous. If expected readers can understand it means (for example) mean deviation, I am fine with it. But, in this case,I might want to see supportive comments on this view from the community. Or, if you can clarify that even if there are some discrepancies between implementations it won't affect overall performance of the applications, I am also fine with it. Anyway, I just tried to do my best to read and review the draft. I hope not, but if the points I made don't make sense please let me know. I would like to leave further decisions to ADs. If you have an interest in this topic and want to comment on the substance of RFC 7810 and its companion document for OSPF RFC 7471, I encourage you to do so. Note that all of your comments (save the one on Security) are also applicable to RFC 7471 - so any agreed upon modification would need to be made to both documents. But I do not want to even start discussing such changes in the context of reviewing the bis draft changes. I hope you can understand why. As regards your Security comment, I am not sure I understand what you are suggesting. As IGP info is flooded hop-by-hop, man-in-the-middle attacks have to be able to insert themselves on an IGP enabled link. Use of cryptographic authentication prevents untrusted sources from being accepted - which is the point being made. As Spencer already made my point clear (Thanks Spencer!), I was wondering if we need a normative language here as the draft mentions these info can be sensitive. I was also wondering why the draft didn't mention encryption while it conveys sensitive info. [Les:] IS-IS runs directly over Layer 2 and does not support encryption. Thanks, -- Yoshi > -----Original Message----- > From: Yoshifumi Nishida <nish...@wide.ad.jp<mailto:nish...@wide.ad.jp>> > Sent: Wednesday, December 05, 2018 11:12 AM > To: tsv-...@ietf.org<mailto:tsv-...@ietf.org> > Cc: lsr@ietf.org<mailto:lsr@ietf.org>; i...@ietf.org<mailto:i...@ietf.org>; > draft-ietf-lsr-isis-rfc7810bis....@ietf.org<mailto:draft-ietf-lsr-isis-rfc7810bis....@ietf.org> > Subject: Tsvart last call review of draft-ietf-lsr-isis-rfc7810bis-03 > > Reviewer: Yoshifumi Nishida > Review result: Almost Ready > > This document has been reviewed as part of the transport area review > team's > ongoing effort to review key IETF documents. These comments were written > primarily for the transport area directors, but are copied to the document's > authors and WG to allow them to address any issues raised and also to the > IETF > discussion list for information. > > When done at the time of IETF Last Call, the authors should consider this > review as part of the last-call comments they receive. Please always CC > tsv-...@ietf.org<mailto:tsv-...@ietf.org> if you reply to or forward this > review. > > Summary: This document is almost ready for publication, but several points > need > to be clarified. > > 1: In Section 1: > "While this document does not specify how the performance information > should be obtained, the > measurement of delay SHOULD NOT vary significantly based upon the > offered > traffic load." > > It is not clear to me that why the measurement of delay should not vary > here. Also, queuing delay might be useful info to infer path status. Could > you elaborate the delays that the draft tries to capture? > [Les:] The measurements are for the performance of the link – not the impact queueing delay may have. This seems consistent with the directly referenced RFC6374<https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_rfc6374&d=DwMGaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=CRB2tJiQePk0cT-h5LGhEWH-s_xXXup3HzvBSMRj5VE&m=cshx0Rg6vOrONpG_nGle507LJUTtEDfYrQEJBDjhwcU&s=gHJjgG_HmzZHQHI_iIagYl7TZDAwk-iWnVrBzY6r_6A&e=> and the indirectly referenced RFC2679<https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_rfc2679&d=DwMGaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=CRB2tJiQePk0cT-h5LGhEWH-s_xXXup3HzvBSMRj5VE&m=cshx0Rg6vOrONpG_nGle507LJUTtEDfYrQEJBDjhwcU&s=7_3LTjsXrPMPlBh3n54mTbU1vRsmZURjEfG2BbSEl-I&e=> > 2: In Section 1: > "Thus, queuing delays SHOULD NOT be included in the delay > measurement. " > > Is it clear for expected readers how to exclude queuing delays in their > measurements? Don't we need to provide any guidances or references > here? > Also, what they should do if they cannot exclude it? > [Les:] This is explicitly stated as out of scope. From the abstract: “Note that this document only covers the mechanisms with which network-performance information is distributed. The mechanisms for measuring network performance or acting on that information, once distributed, are outside the scope of this document.” > 3: In Section 2: > > "All values (except residual bandwidth) MUST be calculated as rolling > averages where the > averaging period MUST be a configurable period of time." > > This requirement is a bit different from the following texts in Section 5: > Also, does this mean only simple moving average must be used or any > forms of > moving average is acceptable? > > "The values advertised in all sub-TLVs (except min/max delay and > residual bandwidth) MUST represent an average over a period or be > obtained by a filter that is reasonably representative of an average. > For example, a rolling average is one such filter." > [Les:] My interpretation is that Section 2 is summarizing a requirement which is presented with some additional detail in Section 5. > 4: In Section 4.3: > > "This sub-TLV advertises the average link delay variation between two > directly connected IS-IS neighbors. The delay variation advertised > by this sub-TLV MUST be the delay from the local neighbor to the > remote one (i.e., the forward-path latency)." > > Sorry.. I am not sure how to measure delay variation here. I think more > explanation is needed. It seems that it is not variance as the unit is sec. > [Les:] Definition of how to do this measurement can be found in the referenced https://tools.ietf.org/html/rfc6374#section-2.5<https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_rfc6374-23section-2D2.5&d=DwMGaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=CRB2tJiQePk0cT-h5LGhEWH-s_xXXup3HzvBSMRj5VE&m=cshx0Rg6vOrONpG_nGle507LJUTtEDfYrQEJBDjhwcU&s=A8pva4zdoNgvED7ANXhHgRVx8SeVI-HDybIATpANXNM&e=> HTH Les > 5: In Section 11: > > "The use of Link State PDU cryptographic authentication allows mitigation > the risk of man-in- > the-middle attack." > > When there is a risk for man-in-the-middle attack, don't we need more > strong > requirements for the use of security mechanisms? > > Thanks, > -- > Yoshi
_______________________________________________ Lsr mailing list Lsr@ietf.org https://www.ietf.org/mailman/listinfo/lsr
