Hi Robert On Sun, Feb 6, 2022 at 6:11 AM Robert Raszuk <rob...@raszuk.net> wrote:
> Gyan, > > > Overall I believe the goal of the strict mode BFD “wait for BFD” is > accomplished > > and solve all problems > > I do not agree with this statement. > > As currently defined in the posted version of the draft "wait for BFD" > means wait for BFD control packets to bring the session up. > > The session comes up - yet no BFD Echo packets have been exchanged. That > in turn triggers OSPF adj. to come up. > Gyan>. My understanding with RFC 5880 is that BFD control packets have been sent in asynchronous mode per the interval and multiplier period specified with the 3 way handshake being completed which tests the bi directional path between the client endpoints before the session BFD FSM transitions to the “UP” state. We can get confirmation from Greg on the behavior. Key Excerpts from RFC 5880 below related to this topic. BFD control packets are sent during init and 3 way handshake in async mode until BFD FSM transitions to UP state and only in UP state is Echo if configured is sent. So the 3 way handshake from reading below verifies the bi directional communication between the endpoints which according to the draft would all occur prior to client coming UP. However if Echo is configured for looping the packets for testing that would happen after OSPF FSM has started. Section 1 The goal of Bidirectional Forwarding Detection (BFD) is to provide low-overhead, short-duration detection of failures in the path between adjacent forwarding engines, including the interfaces, data link(s), and, to the extent possible, the forwarding engines themselves. An additional goal is to provide a single mechanism that can be used for liveness detection over any media, at any protocol layer, with a wide range of Detection Times and overhead, to avoid a proliferation of different methods. An additional goal is to provide a single mechanism that can be used for liveness detection over any media, at any protocol layer, with a wide range of Detection Times and overhead, to avoid a proliferation of different methods. BFD had a per link concept “BFD over bundle member” BFD can provide failure detection on any kind of path between systems, including direct physical links, virtual circuits, tunnels, MPLS Label Switched Paths (LSPs), multihop routed paths, and unidirectional links (so long as there is some return path, of course). Multiple BFD sessions can be established between the same pair of systems when multiple paths between them are present in at least one direction, even if a lesser number of paths are available in the other direction (multiple parallel unidirectional links or MPLS LSPs, for example). Section 2 The BFD state machine implements a three-way handshake, both when establishing a BFD session and when tearing it down for any reason, to ensure that both systems are aware of the state change. BFD can be abstracted as a simple service. The service primitives provided by BFD are to create, destroy, and modify a session, given the destination address and other parameters. BFD in return provides a signal to its clients indicating when the BFD session goes up or down. Section 3 A path is only declared to be operational when two-way communication has been established between systems, though this does not preclude the use of unidirectional links. A separate BFD session is created for each communications path and data protocol in use between two systems. Each system estimates how quickly it can send and receive BFD packets in order to come to an agreement with its neighbor about how rapidly detection of failure will take place. These estimates can be modified in real time in order to adapt to unusual situations. This design also allows for fast systems on a shared medium with a slow system to be able to more rapidly detect failures between the fast systems while allowing the slow system to participate to the best of its ability. Section 3.2 - we are taking about asynchronous mode primarily The primary mode is known as Asynchronous mode. In this mode, the systems periodically send BFD Control packets to one another, and if a number of those packets in a row are not received by the other system, the session is declared to be down. **note the echo can be enabled for dirty links for additional testing looping the packets** Caveat with echo mode is the interval has to be greater then 2 seconds An adjunct to both modes is the Echo function. When the Echo function is active, a stream of BFD Echo packets is transmitted in such a way as to have the other system loop them back through its forwarding path. If a number of packets of the echoed data stream are not received, the session is declared to be down. The Echo function may be used with either Asynchronous or Demand mode. Since the Echo function is handling the task of detection, the rate of periodic transmission of Control packets may be reduced (in the case of Asynchronous mode) or eliminated completely (in the case of Demand mode). Section 4.1 FSM 0 -- AdminDown 1 -- Down 2 -- Init 3 -- Up Section 6.1 - So here in order for the session to come up one or both clients must take active role to send control packets - so here it’s stated that control packets are being sent during that 3 way handshake process that tests the link prior to FSM going to the UP state. A system may take either an Active role or a Passive role in session initialization. A system taking the Active role MUST send BFD Control packets for a particular session, regardless of whether it has received any BFD packets for that session. A system taking the Passive role MUST NOT begin sending BFD packets for a particular session until it has received a BFD packet for that session, and thus has learned the remote system's discriminator value. At least one system MUST take the Active role (possibly both). The role that a system takes is specific to the application of BFD, and is outside the scope of this specification. A session begins with the periodic, slow transmission of BFD Control packets. When bidirectional communication is achieved, the BFD session becomes Up. Once the BFD session is Up, a system can choose to start the Echo function if it desires and the other system signals that it will allow it. The rate of transmission of Control packets is typically kept low when the Echo function is active. If the Echo function is not active, the transmission rate of Control packets may be increased to a level necessary to achieve the Detection Time requirements for the session. If sufficient Echo packets are lost, the session is declared Down in the same manner. See section 6.8.5 <https://datatracker.ietf.org/doc/html/rfc5880#section-6.8.5>. **so here when session goes down slow packets are still sent** If the session goes Down, the transmission of Echo packets (if any) ceases, and the transmission of Control packets goes back to the slow rate. **there is still control packet signaling in both directions before down state is declared by both ends** Once a session has been declared Down, it cannot come back up until the remote end first signals that it is down (by leaving the Up state), thus implementing a three-way handshake. Section 6.2 this is really important as it describes the 3 way handshake and transition to Up state and that connectivity between the end systems have been verified and in UP state. Up state means that the BFD session has successfully been established, and implies that connectivity between the systems is working. The session will remain in the Up state until either connectivity fails or the session is taken down administratively. If either the remote system signals Down state or the Detection Time expires, the session advances to Down state. Section 6.8 When the BFD session transitions to Up state once 3 way handshake is completed of control packets in async mode are sent up to this point at which time if configured for Echo or demand the session transitions to Echo in which case both Echo and Async control packets are sent or demand mode where async control packet cease. When a system is said to have "the Echo function active" it means that the system is sending BFD Echo packets, implying that the session is Up and the other system has signaled its willingness to loop back Echo packets. When the local system is said to have "Demand mode active," it means that bfd.DemandMode is 1 in the local system (see section 6.8.1 <https://datatracker.ietf.org/doc/html/rfc5880#section-6.8.1>), the session is Up, and the remote system is signaling that the session is in state Up. 6.8.1 state variables When the text refers to initializing a state variable, this takes place only at the time that the session (and the corresponding state variables) is created. The state variables are subsequently manipulated by the state machine and are never reinitialized, even if the session fails and is reestablished. Once session state is created, and at least one BFD Control packet is received from the remote end, it MUST be preserved for at least one Detection Time (see section 6.8.4 <https://datatracker.ietf.org/doc/html/rfc5880#section-6.8.4>) subsequent to the receipt of the last BFD Control packet, regardless of the session state. This preserves timing parameters in case the session flaps. A system MAY preserve session state longer than this. The preservation or destruction of session state when no BFD Control packets for this session have been received from the remote system is outside the scope of this specification. Section 7 It is worth noting that a single BFD session does not consume a large amount of bandwidth. An aggressive session that achieves a detection time of 50 milliseconds, by using a transmit interval of 16.7 milliseconds and a detect multiplier of 3, will generate 60 packets per second. The maximum length of each packet on the wire is on the order of 100 bytes, for a total of around 48 kilobits per second of bandwidth consumption in each direction. BFD is bootstrapped to the IGP client per RFC 5882 which states that BFD should block the client adjacency from coming Up prior to BFD coming up. Ketan has added this text to the next revision and we should add as well to the BGP draft. Section 4.1 BFD sessions are typically bootstrapped by the control protocol, using the mechanism (discovery, configuration) used by the control protocol to find neighbors. Note that it is possible in some failure scenarios for the network to be in a state such that the control protocol is capable of coming up, but the BFD session cannot be established, and, more particularly, data cannot be forwarded. To avoid this situation, it would be beneficial not to allow the control protocol to establish a neighbor adjacency. However, this would preclude the operation of the control protocol in an environment in which not all systems support BFD. Therefore, the establishment of control protocol adjacencies SHOULD be blocked if both systems are willing to establish a BFD session but a BFD session cannot be established. One method for determining that both systems are willing to establish a BFD session is if the control protocol carries explicit signaling of this fact. If there is no explicit signaling, the willingness to establish a BFD session may be determined by means outside the scope of this specification. > So we bring OSPF adj UP knowing literally nothing about BFD test results > over subject link. > Gyan> See above If the BFD timer is set to 2 seconds and the multiplier is 3 only in 6 > seconds the BFD session could go down and take OSPF adj. down with it which > means nothing what this draft aims to accomplish has been achieved. > > Sure one can argue if this is proper for BFD to signal UP state without at > least once exchanging a set of Echo packets - but this is currently not the > case in BFD FSM. > Gyan> BFD FSM control packets are sent async mode for the 3 way handshake to complete before the session transitions to the Up state. The major caveat with echo mode is it can only be used if the interval is greater than 2 seconds as the packets have to be looped and when enabled it’s on top of the async mode control packets still sent. Most operators don’t use echo mode for that reason. If you want to "fix" BFD go for it, but for now the delay associated with > any client action should be based on how BFD works per definition in > RFC5880 and therefore should be specified on the client side. > > Rgs, > Robert. > > > > On Sun, Feb 6, 2022 at 8:16 AM Gyan Mishra <hayabusa...@gmail.com> wrote: > >> >> All >> >> I have finally caught up with this thread and I agree with Les, Ketan >> and Albert that the “wait for BFD” goal is accomplished with both the OSPF >> and BGP draft. There is extra verbiage in BGP draft in case BFD does not >> come up for BGP to wait. Agreed not applicable to OSPF. >> >> I agree with the spirit of Roberts idea of a delay as it would help as >> far as stability having a “pause” button for degraded links and quality >> issues, however I do agree with the WG that this is outside of LSRs scope >> and should really be with BFD or better yet IPPM for link quality >> monitoring. >> >> Overall I believe the goal of the strict mode BFD “wait for BFD” is >> accomplished and solve all problems except issues related to poor link >> quality issues. >> >> I support both the OSPF and BGP strict mode drafts and I think think this >> will be a big gain in itself for operators. >> >> As mentioned in the OSPF draft section 5 on use of hold down timers, BFD >> dampening and on ML use of carrier delay and interface dampening can help >> operators with link quality issues until we are able to make some headway >> in BFD and IPPM WG. >> >> I would be happy to work with Greg and IPPM WGs as a follow up to this >> thread related to link quality issues. >> >> Kind Regards >> Gyan >> > -- <http://www.verizon.com/> *Gyan Mishra* *Network Solutions A**rchitect * *Email gyan.s.mis...@verizon.com <gyan.s.mis...@verizon.com>* *M 301 502-1347*
_______________________________________________ Lsr mailing list Lsr@ietf.org https://www.ietf.org/mailman/listinfo/lsr