Hi Huaimo,
Thanks for the responses. I've added additional replies below with [Andrew],
basically just captures what we discussed on the mic at the PCE WG Friday
session (which took place after the email exchange) - reapplying below for this
thread.
As discussed in PCE WG session, seems to me there should be a solution document
discussing the Node Protection for BSIDs and defining what kind of information
needs to be sent down to the neighboring node independent of protocol encoding.
Either SPRING or RTGWG seems appropriate. If one doc is already in the works
discussing this appreciate if you can steer me to it.
Thanks
Andrew
From: Huaimo Chen <huaimo.c...@futurewei.com>
Date: Thursday, November 10, 2022 at 10:41 PM
To: "Stone, Andrew (Nokia - CA/Ottawa)" <andrew.st...@nokia.com>,
"i...@ietf.org" <i...@ietf.org>
Cc: "pce@ietf.org" <pce@ietf.org>
Subject: RE: draft-chen-idr-mbinding - BSID terminating node
Hi Andrew,
Thank you very much for your comments.
My responses are inline below with [HC].
Best Regards,
Huaimo
From: Idr <idr-boun...@ietf.org> On Behalf Of Stone, Andrew (Nokia - CA/Ottawa)
Sent: Monday, November 7, 2022 6:33 PM
To: i...@ietf.org
Subject: [Idr] draft-chen-idr-mbinding - BSID terminating node
Hi IDR, Authors
Following up with my comment at the mic in the IDR meeting earlier today. The
below would also apply to the sibling draft in PCE-WG. During the meeting it
was confirmed the BSID SL is not provided to the neighbor node, however:
[HC]: A BSID is associated with a list of SIDs for a path segment. When BGP
sends the
BSID with the list of SIDs to a node named N, BGP also sends the BSID with the
list of SIDs
plus the ID of node N to the neighbors of N.
[Andrew] ACK. Thanks for clarifying the intention. Recommend the document
clarifying that a SID list is indeed pushed down to the neighbor nodes and not
just the node id + bsid value.
1. How does a node providing protection, know where the BSID tunnel
terminates on?
[HC]: If the first SID in the list is a node SID, when node N failed, the
neighbor node of N will
replace the BSID with the list of SIDs in the packet after the SID for node N
is removed/popped
and sends the packet to the first SID in the path segment bond to BSID.
[Andrew] ACK. Will discuss more below….
For example, given the following network path:
[A]--100--[B]--200--[C]--300--[D]--400--[E]--500--[F]
Where A,B,C,D,E,F are nodes and 100, 200, 300, 400, 500 are local
adjacency-sids.
BSID 1000 is deployed to node C with SL: 300, 400.
Therefore a headend tunnel is programmed on A with SL: 100, 200, 1000, 500.
As per the draft, we want node protection for node C thus protect BSID 1000.
When programming its neighbor [B] the document says to only inform node B: {C,
1000}
[HC]: If the first SID in the list is an adjacency SID (e.g., adjacency 300 for
the adjacency from C to D),
when node N (e.g., node C here) failed, the neighbor node(e.g., node B) of N
(e.g., node C) will
get the node SID of next hop node (i.e., node D) using the adjacency SID 300,
and replace the BSID
1000 with the node SID of next hop node (i.e., node D) and the rest of the SIDs
in the list,
and sends the packet to the first SID (i.e., the node SID of node D) in the
path segment bond to BSID.
[Andrew] I think this creates a few implied assumptions which may not always be
feasible. The first is an assumption that the neighbor node can and must
resolve the next-node for first SID within the BSID SL. If this a simple same
instance, same area neighbor, then yes the node can peak into IGP to resolve it
as you describe. For non-igp flooded and received SIDs then it's not feasible.
The second assumption is that the neighboring node must be able to push at
least the same number of SIDs that were embedded within the BSID itself, which
might not be feasible. Third, it assumes no micro loops may form during
reconvergence by using the node sid of the next hop node. To work around that,
we may need to push yet-another SID to reach that next node loop free, thus
requiring an MSD capability equal to the BSID SL length + 1. It's likely worth
asking: Is the goal to follow 100% the same encoding beyond the first hop, or
simply replace the BSID with an instruction list that gets the delivery of the
traffic to the BSID terminating node so that packet forwarding can continue?
Given all of the above, since PCE/Controller is programming the BSID and
notifying the neighbors of the BSID, why not have PCE/Controller a compute the
SID list for the neighboring node to replace the BSID with upon node failure?
How will B know BSID 1000 terminates on E? If B only peaks into the next-sid
in the stack (500), that value is of local significance to E only thus does not
actually know it should send to E.
[HC]: When node D receives the packet, node D can process its adjacency SID 400
(for adjacency
From D to E), and sends the packet to node E.
1. It could be possible for BSID 1000 SL to also contain BSIDs in a nested
manner, thus further masking where the BSID actually terminates. As well, the
next SID in the path (ex: 500) could also be a local BSID too.
[HC]: BSID 500 is for node E, right? If so, when node E failed, its neighbor
node D will execute the
Procedure similar to that executed by node B for node C’s failure.
1. I did not not mentioned at the mic: the BSID terminating node may be in
another domain/IGP instance not within view of the protecting node as a
valuable use case is BSIDs on borders.
[HC]: For multiple domains and BSID on the border of the domains, this case is
an egress protection
(the border node is the egress of the upstream domain) for protecting the
failure of the egress (i.e.,
the border node). A backup egress node is selected or configured to protect
the (primary) egress
node. The backup egress node can get the information about the path segment
associated with BSID,
and sends the packet along the path segment associated with the BSID.
[Andrew] As discussed in PCE WG, I think the egress protection case is quite
different than protecting a BSID which happens to be on a border node. In the
egress protection case, the packet is being de-encapsulated from the end to end
tunnel. In the BSID case on border case, the packet is still encapsulated and
in flight within the tunnel. While it's egressing the domain, it's not actually
egressing the tunnel, thus there’s not really a primary / backup node scenario.
It seems to me at minimum: the node identifier of where the BSID terminates (E
in example above) is required, but that would still not be sufficient to solve
[3].
[HC]: As my explanation above, it seems that these are resolved.
Thanks
Andrew
_______________________________________________
Pce mailing list
Pce@ietf.org
https://www.ietf.org/mailman/listinfo/pce
