Please see inline. From: slitkows.i...@gmail.com [mailto:slitkows.i...@gmail.com] Sent: Friday, January 28, 2022 4:58 PM To: Huzhibo <huzh...@huawei.com>; bruno.decra...@orange.com; 'SPRING WG' <spring@ietf.org> Subject: RE: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding
Hi [HZB2]First: This document does not require that all affected traffic be directed to "one" neighbor node, and traffic is still balanced on all different neighbor nodes. [SLI3] Again, purely theoretical, it depends on the network topology, where is the traffic coming from and number of neighbor nodes supporting the PF behavior. Traffic will follow SPT to the closest PF node: there could be ECMP or not, the path to PF node could be well-sized or not. [HZB3]Sure, I mean the same is true with other local FRR technologies, even with IGP, and IGP shortest path can't guarantee that traffic will not converge at certain node. From: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>> Sent: vendredi 28 janvier 2022 02:56 To: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com>; bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' <spring@ietf.org<mailto:spring@ietf.org>> Subject: RE: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding From: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com> [mailto:slitkows.i...@gmail.com] Sent: Friday, January 28, 2022 1:41 AM To: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>>; bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' <spring@ietf.org<mailto:spring@ietf.org>> Subject: RE: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding Hi, [SLI] Your statement is purely theoretical and life in real networks is not theoretical. You cannot predict which router will converge first (routers may have different CPUs, may have different tasks to execute...). B may converge first maybe, but maybe it will be C or D... no one knows and it's unpredictable. So at the end, if you want to guarantee the mechanism to work, all routers have to support the mechanism. --------->[HZB]IGP convergence is much faster than SR-TE rerouting, Therefore, even if node B is slower than node C and node D in the previous example, the convergence time of the SR-TE path is far shorter than the convergence time of the SR-TE path. If some nodes in the network do not support the convergence, convergence may exceed 50 ms in some scenarios. If all nodes in the network support the convergence, That would result in better convergence performance. [SLI2]of course SR-TE will converge slower, I never discussed about the head end. My point: If C is faster than B and C does not support your mechanism, it will drop traffic and your FRR is not guaranteed anymore. To get FRR working, no choice, all the nodes must support the extension (seems you are mixing convergence and protection which are two different things: networks are never converging in 50ms). ---------->[HZB2]As the example you have mentioned, Packet loss occurs only when C converges, but B does not converge. The packet loss time depends on the IGP convergence time and is much shorter than the SR-TE rerouting time. What I want to say is that even if some nodes you mentioned do not support proxy forwarding, this solution is useful for speeding up convergence. [SLI] Directing traffic to few nodes that could do proxy forwarding can have serious traffic impact and at the end cause damages to traffic that has nothing to do with the failure. It's the solution, but it has major drawbacks from an operational point of view. --------->[HZB] Similar to the existing FRR mechanism, this document only filters out the nodes that do not support PF. For the same fault point, different remote nodes select different PF nodes and load balance traffic to different PF nodes. [SLI2] The goal of TI-LFA is to try to keep the traffic on a path that has been sized properly (this is one of the key point of TI-LFA). History of FRR shown that this is important to constraint/steer FRR path on path that can fit traffic. (See RFC7916). So, letting traffic going to any neighbor of the failed node without any control is wrong and may create more damages. When FRR traffic creates congestion on some links the protected traffic was not intended to flow on, you'll start to impact and drop other traffic which was not initially flowing through the failed link/node (usually hard to explain to customers). Keeping control of FRR path is a very important topic. ---------->[HZB2]First: This document does not require that all affected traffic be directed to "one" neighbor node, and traffic is still balanced on all different neighbor nodes. Second: All local FRR mechanisms take effect before convergence. In this case, other nodes on the network still route to the faulty node. Can you give an example?. FRR is performed when traffic does not need to be routed to the neighboring node of the faulty node. Stephane From: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>> Sent: mercredi 26 janvier 2022 12:49 To: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com>; bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' <spring@ietf.org<mailto:spring@ietf.org>> Subject: RE: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding Hi, Please find more inline. From: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com> [mailto:slitkows.i...@gmail.com] Sent: Wednesday, January 26, 2022 4:54 PM To: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>>; bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' <spring@ietf.org<mailto:spring@ietf.org>> Subject: RE: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding Hi, Please find more inline. From: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>> Sent: mercredi 26 janvier 2022 09:31 To: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com>; bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' <spring@ietf.org<mailto:spring@ietf.org>> Subject: RE: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding Hi slitkows : Thanks for your comments, Please see inline. Thanks Zhibo Hu From: spring [mailto:spring-boun...@ietf.org] On Behalf Of slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com> Sent: Wednesday, January 26, 2022 1:13 AM To: bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' <spring@ietf.org<mailto:spring@ietf.org>> Subject: Re: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding Hi I'm NOT supporting this draft for the following reasons: 1) The WG already have a WG document which is dealing with this problem, I don't think that WG should come with multiple documents/solutions for the same solution space as it may just confuse the industry and create deployment issues as different vendors may pick different solutions. -----> [I-D.ietf-spring-segment-protection-sr-te-paths] defines local behaviors to implement SR-TE node protection. draft-hu-spring-segment-routing-proxy-forwarding enhances SR-TE node protection. It optimized the number of entries in the Context Table. This solution solves the connectivity problem after IGP convergence, and protects binding segments. [SLI] While I think your arguments are not completely valid (see discussion below), this has nothing to do with the one draft vs two drafts discussion. As there is already a WG doc, I don't see any reason for creating another one except creating artificial work for the IETF and confusing readers. 2) Adding protocols extensions adds complexity in the solution without adding a strong value. The document claims that "[I-D.ietf-spring-segment-protection-sr-te-paths] ... may not work for some cases such as some of nodes in the network not supporting this solution.". While this is true, the proposed solution in draft-hu-spring-segment-routing-proxy-forwarding has exactly the same caveat and requires all nodes in the network to support the solution. Considering the following straight line network: A -B -C -D - E - F - G -H and an SR policy from A to H using SID_G, routers A to F have to support the extension to make the solution working, if one of the router doesn't support the extension, traffic will be dropped. Then, there is no value compared to the timer-based solution of [I-D.ietf-spring-segment-protection-sr-te-paths] Authors of draft-hu-spring-segment-routing-proxy-forwarding argued that G may have multiple upstream neighbors let's say F and F' and the solution allows for F' to support the extension while F may not support, so the solution will send the traffic to F'. Well yes, but this still requires all routers upstream to F' to support this extension and maybe F is on the path to F'. So, I don't think the argument is valid as it may possibly work tactically depending on the network topology when we look at a small portion of the network, but when we look at the whole network, operator will have to upgrade all their nodes to support the extension to ensure the benefit is there. In addition, in term of traffic, forwarding traffic to a neighbor of the failed node which wasn't initially on the path, could lead to traffic congestion or high traffic peaks on links that were not sized to carry this traffic. We could easily expect some traffic tromboning, where traffic goes to this non-natural neighbor of the failed node and then goes back over some part of the same path before reaching the destination. So these protocol extensions are bringing complexity for no value here. ---------> Protocols extensions can accurately direct traffic to a node that can perform proxy forwarding and solve the problem that traffic cannot be forwarded to a proxy forwarding node after IGP convergence. This protocol extension is necessary. This solution does not require that all network nodes support this extension, take the example you have mentioned : but it still requires that all routers upstream to F' support this extension ---> This description is inaccurate, assuming that the previous segment is node B, when node G fails. When the node B converges, the node B finds the PF node F' adjacent to G, and can push the node Sid of the node F',Even if C and D do not support this protocol extension, this is not affected. [SLI] Your statement is purely theoretical and life in real networks is not theoretical. You cannot predict which router will converge first (routers may have different CPUs, may have different tasks to execute...). B may converge first maybe, but maybe it will be C or D... no one knows and it's unpredictable. So at the end, if you want to guarantee the mechanism to work, all routers have to support the mechanism. --------->[HZB]IGP convergence is much faster than SR-TE rerouting, Therefore, even if node B is slower than node C and node D in the previous example, the convergence time of the SR-TE path is far shorter than the convergence time of the SR-TE path. If some nodes in the network do not support the convergence, convergence may exceed 50 ms in some scenarios. If all nodes in the network support the convergence, That would result in better convergence performance. In addition, the Hold timers solution mentioned in [I-D.ietf-spring-segment-protection-sr-te-paths] does not extend protocols, but is also complex. In addition, slow deletion is required for node faults. In addition, loop prevention is implemented to prevent loops.Moreover, it cannot accurately direct traffic to a node that can perform proxy forwarding. [SLI] Directing traffic to few nodes that could do proxy forwarding can have serious traffic impact and at the end cause damages to traffic that has nothing to do with the failure. It's the solution, but it has major drawbacks from an operational point of view. --------->[HZB] Similar to the existing FRR mechanism, this document only filters out the nodes that do not support PF. For the same fault point, different remote nodes select different PF nodes and load balance traffic to different PF nodes. 3) Regarding BSID, I'm not fan of advertising BSIDs in IGP as there may be hundreds or thousands of BSID on a node which again will create a lot of burden in IGP. The proposed way will have to be discussed in LSR, not in SPRING (see next comment). Note that [I-D.ietf-spring-segment-protection-sr-te-paths] could also work with BSIDs as long as BSID information of failed node is available in the control-plane of PLRs by whatever mechanism. I think this BSID handling is orthogonal to the proxy-forwarding controlplane behavior. The forwarding operations for BSID will have to be discussed more in details, we could not expect all HW to be able to do 3 or 4 lookups without any perf degradation. -------> Binding segments need to be exchanged only between neighbors and do not need to be flooded to the entire IGP domain. Therefore, binding segments do not exert pressure on IGP performance.The control-plane processing and forwarding-plane processing of the BSID are not strongly coupled. [SLI] Control plane aspects of IGPs have to be discussed in LSR, not in SPRING. So please take the discussion to LSR for the control plane and forwarding aspects could be further described in [I-D.ietf-spring-segment-protection-sr-te-paths] if WGs agrees that BSID is interesting to solve. --------->[HZB]Sure. We will consider whether we need to divest some of it into the LSR. SR-TE protection takes effect only from the time during a fault occurs to the TE path converges. Therefore, SR-TE protection does not take effect during normal forwarding,Compared with impaired connectivity, performance degradation is acceptable. 4) The document is currently a bit borderline between SPRING and LSR as it talks in good details about IGP protocol extensions. If it's a SPRING doc, it should detail reqs for protocols but nothing beyond. ------->As you said, this document defines the detail requests for IGP protocols [SLI] No it goes beyond requirements and already talks about encoding: "For supporting binding SID proxy forwarding, a new IS-IS TLV, called Binding Segment TLV, is defined. It contains a binding SID and a list of segments (SIDs). This TLV may be advertised in IS-IS Hello (IIH) PDUs, LSPs, or in Circuit Scoped Link State PDUs (CS-LSP) [RFC7356]. This is not a requirement; this is an IS-IS solution description that has to be discussed in LSR not in SPRING. --------->[HZB]Sure. We will consider whether we need to divest some of it into the LSR. Brgds, Stephane From: spring <spring-boun...@ietf.org<mailto:spring-boun...@ietf.org>> On Behalf Of bruno.decra...@orange.com<mailto:bruno.decra...@orange.com> Sent: jeudi 13 janvier 2022 11:19 To: SPRING WG <spring@ietf.org<mailto:spring@ietf.org>> Subject: [spring] WG adoption call - draft-hu-spring-segment-routing-proxy-forwarding Dear WG, This message starts a 2 week WG adoption call, ending 27/01/2022, for draft-hu-spring-segment-routing-proxy-forwarding https://datatracker.ietf.org/doc/draft-hu-spring-segment-routing-proxy-forwarding/ After review of the document please indicate support (or not) for WG adoption of the document to the mailing list. Please also provide comments/reasons for your support (or lack thereof) as this is a stronger way to indicate your (non) support as this is not a vote. If you are willing to work on or review the document, please state this explicitly. This gives the chairs an indication of the energy level of people in the working group willing to work on the document. Thanks! Bruno, Jim, Joel _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
_______________________________________________ spring mailing list spring@ietf.org https://www.ietf.org/mailman/listinfo/spring