Please see inline.

From: slitkows.i...@gmail.com [mailto:slitkows.i...@gmail.com]
Sent: Friday, January 28, 2022 4:58 PM
To: Huzhibo <huzh...@huawei.com>; bruno.decra...@orange.com; 'SPRING WG' 
<spring@ietf.org>
Subject: RE: [spring] WG adoption call - 
draft-hu-spring-segment-routing-proxy-forwarding

Hi

[HZB2]First: This document does not require that all affected traffic be 
directed to "one" neighbor node, and traffic is still balanced on all different 
neighbor nodes.

[SLI3] Again, purely theoretical, it depends on the network topology, where is 
the traffic coming from and number of neighbor nodes supporting the PF 
behavior.  Traffic will follow SPT to the closest PF node: there could be ECMP 
or not, the path to PF node could be well-sized or not.

[HZB3]Sure,    I mean the same is true with other local FRR technologies, even 
with IGP, and IGP shortest path can't guarantee that traffic will not converge 
at certain node.

From: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>>
Sent: vendredi 28 janvier 2022 02:56
To: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com>; 
bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' 
<spring@ietf.org<mailto:spring@ietf.org>>
Subject: RE: [spring] WG adoption call - 
draft-hu-spring-segment-routing-proxy-forwarding



From: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com> 
[mailto:slitkows.i...@gmail.com]
Sent: Friday, January 28, 2022 1:41 AM
To: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>>; 
bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' 
<spring@ietf.org<mailto:spring@ietf.org>>
Subject: RE: [spring] WG adoption call - 
draft-hu-spring-segment-routing-proxy-forwarding

Hi,

[SLI] Your statement is purely theoretical and life in real networks is not 
theoretical. You cannot predict which router will converge first (routers may 
have different CPUs, may have different tasks to execute...). B may converge 
first maybe, but maybe it will be C or D... no one knows and it's 
unpredictable. So at the end, if you want to guarantee the mechanism to work, 
all routers have to support the mechanism.
                  --------->[HZB]IGP convergence is much faster than SR-TE 
rerouting, Therefore, even if node B is slower than node C and node D in the 
previous example, the convergence time of the SR-TE path is far shorter than 
the convergence time of the SR-TE path. If some nodes in the network do not 
support the convergence, convergence may exceed 50 ms in some scenarios. If all 
nodes in the network support the convergence, That would result in better 
convergence performance.

[SLI2]of course SR-TE will converge slower, I never discussed about the head 
end. My point:  If C is faster than B and C does not support your mechanism, it 
will drop traffic and your FRR is not guaranteed anymore. To get FRR working, 
no choice, all the nodes must support the extension (seems you are mixing 
convergence and protection which are two different things: networks are never 
converging in 50ms).
---------->[HZB2]As the example you have mentioned,  Packet loss occurs only 
when C converges, but B does not converge.
                The packet loss time depends on the IGP convergence time and is 
much shorter than the SR-TE rerouting time.
                What I want to say is that even if some nodes you mentioned do 
not support proxy forwarding, this solution is useful for speeding up 
convergence.

[SLI] Directing traffic to few nodes that could do proxy forwarding can have 
serious traffic impact and at the end cause damages to traffic that has nothing 
to do with the failure. It's the solution, but it has major drawbacks from an 
operational point of view.

--------->[HZB] Similar to the existing FRR mechanism, this document only 
filters out the nodes that do not support PF. For the same fault point, 
different remote nodes select different PF nodes and load balance traffic to 
different PF nodes.

[SLI2] The goal of TI-LFA is to try to keep the traffic on a path that has been 
sized properly (this is one of the key point of TI-LFA). History of FRR shown 
that this is important to constraint/steer FRR path on path that can fit 
traffic. (See RFC7916).
So, letting traffic going to any neighbor of the failed node without any 
control is wrong and may create more damages. When FRR traffic creates 
congestion on some links the protected traffic was not intended to flow on, 
you'll start to impact and drop other traffic which was not initially flowing 
through the failed link/node (usually hard to explain to customers). Keeping 
control of FRR path is a very important topic.
---------->[HZB2]First: This document does not require that all affected 
traffic be directed to "one" neighbor node, and traffic is still balanced on 
all different neighbor nodes.
Second: All local FRR mechanisms take effect before convergence. In this case, 
other nodes on the network still route to the faulty node. Can you give an 
example?. FRR is performed when traffic does not need to be routed to the 
neighboring node of the faulty node.

Stephane







From: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>>
Sent: mercredi 26 janvier 2022 12:49
To: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com>; 
bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' 
<spring@ietf.org<mailto:spring@ietf.org>>
Subject: RE: [spring] WG adoption call - 
draft-hu-spring-segment-routing-proxy-forwarding

Hi,

Please find more inline.


From: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com> 
[mailto:slitkows.i...@gmail.com]
Sent: Wednesday, January 26, 2022 4:54 PM
To: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>>; 
bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' 
<spring@ietf.org<mailto:spring@ietf.org>>
Subject: RE: [spring] WG adoption call - 
draft-hu-spring-segment-routing-proxy-forwarding

Hi,

Please find more inline.

From: Huzhibo <huzh...@huawei.com<mailto:huzh...@huawei.com>>
Sent: mercredi 26 janvier 2022 09:31
To: slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com>; 
bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' 
<spring@ietf.org<mailto:spring@ietf.org>>
Subject: RE: [spring] WG adoption call - 
draft-hu-spring-segment-routing-proxy-forwarding

Hi slitkows :

Thanks for your comments, Please see inline.

Thanks

Zhibo Hu
From: spring [mailto:spring-boun...@ietf.org] On Behalf Of 
slitkows.i...@gmail.com<mailto:slitkows.i...@gmail.com>
Sent: Wednesday, January 26, 2022 1:13 AM
To: bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>; 'SPRING WG' 
<spring@ietf.org<mailto:spring@ietf.org>>
Subject: Re: [spring] WG adoption call - 
draft-hu-spring-segment-routing-proxy-forwarding

Hi

I'm NOT supporting this draft for the following reasons:

1)      The WG already have a WG document which is dealing with this problem, I 
don't think that WG should come with multiple documents/solutions for the same 
solution space as it may just confuse the industry and create deployment issues 
as different vendors may pick different solutions.
-----> [I-D.ietf-spring-segment-protection-sr-te-paths] defines local behaviors 
to implement SR-TE node protection. 
draft-hu-spring-segment-routing-proxy-forwarding enhances SR-TE node protection.

It optimized the number of entries in the Context Table. This solution solves 
the connectivity problem after IGP convergence, and protects binding segments.

[SLI] While I think your arguments are not completely valid (see discussion 
below), this has nothing to do with the one draft vs two drafts discussion. As 
there is already a WG doc, I don't see any reason for creating another one 
except creating artificial work for the IETF and confusing readers.


2)      Adding protocols extensions adds complexity in the solution without 
adding a strong value.



The document claims that "[I-D.ietf-spring-segment-protection-sr-te-paths] ... 
may not work for some cases such as some of nodes in the network not supporting 
this solution.". While this is true, the proposed solution in 
draft-hu-spring-segment-routing-proxy-forwarding has exactly the same caveat 
and requires all nodes in the network to support the solution.



Considering the following straight line network: A -B -C -D - E - F - G -H and 
an SR policy from A to H using SID_G, routers A to F have to support the 
extension to make the solution working, if one of the router doesn't support 
the extension, traffic will be dropped.



Then, there is no value compared to the timer-based solution of 
[I-D.ietf-spring-segment-protection-sr-te-paths]



Authors of draft-hu-spring-segment-routing-proxy-forwarding argued that G may 
have multiple upstream neighbors let's say F and F' and the solution allows for 
F' to support the extension while F may not support, so the solution will send 
the traffic to F'. Well yes, but this still requires all routers upstream to F' 
to support this extension and maybe F is on the path to F'. So, I don't think 
the argument is valid as it may possibly work tactically depending on the 
network topology when we look at a small portion of the network, but when we 
look at the whole network, operator will have to upgrade all their nodes to 
support the extension to ensure the benefit is there.



In addition, in term of traffic, forwarding traffic to a neighbor of the failed 
node which wasn't initially on the path, could lead to traffic congestion or 
high traffic peaks on links that were not sized to carry this traffic. We could 
easily expect some traffic tromboning, where traffic goes to this non-natural 
neighbor of the failed node and then goes back over some part of the same path 
before reaching the destination.



So these protocol extensions are bringing complexity for no value here.
---------> Protocols extensions can accurately direct traffic to a node that 
can perform proxy forwarding and solve the problem that traffic cannot be 
forwarded to a proxy forwarding node after IGP convergence. This protocol 
extension is necessary.
This solution does not require that all network nodes support this extension, 
take the example you have mentioned :
but it still requires that all routers upstream to F' support this extension 
---> This description is inaccurate, assuming that the previous segment is node 
B, when node G fails. When the node B converges, the node B finds the PF
node F' adjacent to G, and can push the node Sid of the node F',Even if C and D 
do not support this protocol extension, this is not affected.


[SLI] Your statement is purely theoretical and life in real networks is not 
theoretical. You cannot predict which router will converge first (routers may 
have different CPUs, may have different tasks to execute...). B may converge 
first maybe, but maybe it will be C or D... no one knows and it's 
unpredictable. So at the end, if you want to guarantee the mechanism to work, 
all routers have to support the mechanism.
                    --------->[HZB]IGP convergence is much faster than SR-TE 
rerouting, Therefore, even if node B is slower than node C and node D in the 
previous example, the convergence time of the SR-TE path is far shorter than 
the convergence time of the SR-TE path. If some nodes in the network do not 
support the convergence, convergence may exceed 50 ms in some scenarios. If all 
nodes in the network support the convergence, That would result in better 
convergence performance.

In addition, the Hold timers solution mentioned in 
[I-D.ietf-spring-segment-protection-sr-te-paths] does not extend protocols, but 
is also complex. In addition, slow deletion is required for node faults. In 
addition, loop prevention is implemented to prevent loops.Moreover, it cannot 
accurately direct traffic to a node that can perform proxy forwarding.
[SLI] Directing traffic to few nodes that could do proxy forwarding can have 
serious traffic impact and at the end cause damages to traffic that has nothing 
to do with the failure. It's the solution, but it has major drawbacks from an 
operational point of view.
   --------->[HZB] Similar to the existing FRR mechanism, this document only 
filters out the nodes that do not support PF. For the same fault point, 
different remote nodes select different PF nodes and load balance traffic to 
different PF nodes.

3)      Regarding BSID, I'm not fan of advertising BSIDs in IGP as there may be 
hundreds or thousands of BSID on a node which again will create a lot of burden 
in IGP. The proposed way will have to be discussed in LSR, not in SPRING (see 
next comment).


Note that [I-D.ietf-spring-segment-protection-sr-te-paths] could also work with 
BSIDs as long as BSID information of failed node is available in the 
control-plane of PLRs by whatever mechanism. I think this BSID handling is 
orthogonal to the proxy-forwarding controlplane behavior. The forwarding 
operations for BSID will have to be discussed more in details, we could not 
expect all HW to be able to do 3 or 4 lookups without any perf degradation.
-------> Binding segments need to be exchanged only between neighbors and do 
not need to be flooded to the entire IGP domain. Therefore, binding segments do 
not exert pressure on IGP performance.The control-plane processing and 
forwarding-plane processing of the BSID are not strongly coupled.

[SLI] Control plane aspects of IGPs have to be discussed in LSR, not in SPRING. 
So please take the discussion to LSR for the control plane and forwarding 
aspects could be further described in  
[I-D.ietf-spring-segment-protection-sr-te-paths] if WGs agrees that BSID is 
interesting to solve.
   --------->[HZB]Sure. We will consider whether we need to divest some of it 
into the LSR.


SR-TE protection
takes effect only from the time during a fault occurs to the TE path converges. 
Therefore, SR-TE protection does not take effect during normal 
forwarding,Compared with impaired connectivity, performance degradation is 
acceptable.

4)      The document is currently a bit borderline between SPRING and LSR as it 
talks in good details about IGP protocol extensions. If it's a SPRING doc, it 
should detail reqs for protocols but nothing beyond.
                ------->As you said, this document defines the detail requests 
for IGP protocols
[SLI] No it goes beyond requirements and already talks about encoding:

"For supporting binding SID proxy forwarding, a new IS-IS TLV, called
   Binding Segment TLV, is defined.  It contains a binding SID and a
   list of segments (SIDs).  This TLV may be advertised in IS-IS Hello
   (IIH) PDUs, LSPs, or in Circuit Scoped Link State PDUs (CS-LSP)
   [RFC7356].

This is not a requirement; this is an IS-IS solution description that has to be 
discussed in LSR not in SPRING.
--------->[HZB]Sure. We will consider whether we need to divest some of it into 
the LSR.





Brgds,

Stephane


From: spring <spring-boun...@ietf.org<mailto:spring-boun...@ietf.org>> On 
Behalf Of bruno.decra...@orange.com<mailto:bruno.decra...@orange.com>
Sent: jeudi 13 janvier 2022 11:19
To: SPRING WG <spring@ietf.org<mailto:spring@ietf.org>>
Subject: [spring] WG adoption call - 
draft-hu-spring-segment-routing-proxy-forwarding

Dear WG,

This message starts a 2 week WG adoption call, ending 27/01/2022, for 
draft-hu-spring-segment-routing-proxy-forwarding
https://datatracker.ietf.org/doc/draft-hu-spring-segment-routing-proxy-forwarding/

After review of the document please indicate support (or not) for WG adoption 
of the document to the mailing list.

Please also provide comments/reasons for your support (or lack thereof) as this 
is a stronger way to indicate your (non) support as this is not a vote.

If you are willing to work on or review the document, please state this 
explicitly. This gives the chairs an indication of the energy level of people 
in the working group willing to work on the document.

Thanks!
Bruno, Jim, Joel

_________________________________________________________________________________________________________________________



Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.



This message and its attachments may contain confidential or privileged 
information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete 
this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.

Thank you.
_______________________________________________
spring mailing list
spring@ietf.org
https://www.ietf.org/mailman/listinfo/spring

Reply via email to