EVPN Optimized Inter-Subnet Multicast (OISM) Forwarding
draft-ietf-bess-evpn-irb-mcast-11

# Internet AD comments for draft-ietf-bess-evpn-irb-mcast-11
CC @ekline

* comment syntax:
  - https://github.com/mnot/ietf-comments/blob/main/format.md

* "Handling Ballot Positions":
  - https://ietf.org/about/groups/iesg/statements/handling-ballot-positions/

## Comments

* Very clearly written, I thought, thank you.

## Nits

### S1.1

* "address of addresses"
  "address or addresses", I suspect

### S1.3

* Consider "he" -> "they"

### Appendix A.

* "intreface" -> "interface"

Thank you for the work on this document.

I only scanned for ART issues, did not find any.

The following ID-nit popped up:

> When the route is originated, the AC‑DF bit in the DF Election EC SHOULD not be set.

  == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD',
     or 'RECOMMENDED' is not an accepted usage according to RFC 2119.  Please
     use uppercase 'NOT' together with RFC 2119 keywords (if that is what you
     mean).

Thanks for this document. Although dense and slow going, I appreciated the thoroughness and precision and have confidence that the dedicated reader who makes it all the way through will be able to implement this specification. I have some minor comments below that I hope might be of use.

- I continue to find the profligate use of acronyms and initialisms that characterizes so many bess documents to be an unnecessary, not to say gratuitous, impediment to readability, but so it goes. (If the authors are open to what might be an extensive revision to address this, I'm willing to dig in and provide more detailed feedback. But I don't expect it, at this late stage, especially since as noted above, I do think the document is usable, my complaint notwithstanding. If I'm mistaken, let me know and we can work on it.)

- I agree with Éric Vyncke that there are several places where the text could easily be elucidated with the use of a diagram. Essentially, any of the many (very welcome!) examples seems like an easy candidate, one instance being “Suppose a given Tenant Domain contains three BDs (BD1, BD2, BD3) and two PEs (PE1, PE2). PE1 attaches to BD1 and BD2, while PE2 attaches to BD2 and BD3.”

- I'm sure the RFCEd will flag this, but consider replacing the pronoun "he" in Section 1.3 with something not gender-specific.

- In Section 1.5.2 you mention an “attachment AC”, which expands as "attachment attachment circuit". Probably drop "attachment" or (better still in my view, see my first bullet) spell out "attachment circuit". 

- In Section 2.5 you have “This does assume that source S does not send the same (S,G) datagram on two different BDs, and that the Tenant Domain does not contain two or more sources with the same IP address S. The use of multicast sources that have IP "anycast" addresses is outside the scope of this document?” I tried to puzzle out what the consequence would be if that situation arose, but failed. Can you comment?

Thank you to Tiru Reddy for his SECDIR review.  I saw not response to his feedback.  I have similar feedback.

** Section 9
   This document uses protocols and procedures defined in the normative
   references, and inherits the security considerations of those
   references.

-- Please explicitly name the relevant references.

-- Do the Security Considerations of [I-D.ietf-bier-evpn] apply?

** Section 9
   Incorrect addition, removal, or modification of those
   flags and/or ECs will cause the procedures defined herein to
   malfunction, in which case loss or diversion of data traffic is
   possible.  Implementations should provide tools to easily debug
   configuration mistakes that cause the signaling of incorrect
   information.

Is this manipulation of flags something done as by an attacker or an unintentional insider misconfiguring a system?  Are there any mitigations for this manipulation of flags?

** Section 8.  Typo.  Wrong registry name.

   IANA is requested to assign new flags in the "Multicast Flags
   Extended Community Flags" registry.

The formal name of the registry is “Multicast Flags Extended Community” (no “Flags”) per https://www.iana.org/assignments/bgp-extended-communities/bgp-extended-communities.xhtml#multicast-flags

Thanks for working on this specification. No objection from transport layer protocol perspective.

# Éric Vyncke, INT AD, comments for draft-ietf-bess-evpn-irb-mcast-10

Thank you for the work put into this document.

Please find below some non-blocking COMMENT points (but replies would be appreciated even if only for my own education), and some nits.

Special thanks to Mankamana Mishra for the shepherd's detailed write-up including the WG consensus *and* the justification of the intended status. The use of the old template was a trip to the past ;-) (but this is OK).

Other thanks to Brian Haberman, the Internet directorate reviewer (at my request), please consider this int-dir review:
https://datatracker.ietf.org/doc/review-ietf-bess-evpn-irb-mcast-09-intdir-telechat-haberman-2024-02-22/ (and I have read Jeffrey's replies, thanks)

I hope that this review helps to improve the document,

Regards,

-éric

# COMMENTS (non-blocking)

## Author count

Just a minor comment, there are 6 authors while the limit is usually 5. Not a big deal at all for me, and it is justified in the shepherd's write-up.

## Readability

In several sections, a network diagram would help the reader.

This I-D solves a hard-problem, and it is not an easy read. I sincerely hope that the existing implementations (per shepherd's write-up) are interoperable and follow this specification.

## Section 1.1

The abstract mentions MPLS and IP as backbone while this section is only about IP. Which one is correct ?

Please move the BCP 14 template outside of `background`

## Section 1.1.1

Is having TS1 and TS2 on the same BD enough to ensure that mcast traffic is received ? Should the layer-2 infrastructure also be aware of the mcast traffic (i.e., MLD snooping)? After all, the "B" in "BD" is only for broadcast.

Would the infinite loop also happen with plain broadcast frames ?

## Section 1.1.2

`The TTL field of the IP datagram` let's rather use "hop limit" in 2024.

## Section 1.1.3

The readers would probably welcome some explanations of why PIM/MLD is not enough in the case of inter-subnet mcast traffic. Or a promise that the explanations are deferred to section 1.2. Or the leading text moved to section 1.2.

## Section 1.3

Which header is it in `header checksum is not changed` ? (IPv6 header has not checksum or is it the L4 checksum ?)

The whole section appears like WG requirements for a solution, unsure whether this text belongs to the solution document as these points are no more requirements, but properties of the solution described in this I-D.

## Section 1.4

Any reason why deviate from RFC 5952 in `FF02/16` ? (applies in other places as well)

Unsure how to change the document but isn't it a little weird to have terminology so late in the document after so many acronyms have been defined? Probably a matter of taste.

Suggest to also define "EVI" on its own rather than being hidden in the definition of another term.

## Section 1.5.1

Where is IMET specified ? The text would benefit of indicated what it is (and adding a clear source of definition == RFC 7432).

Is `Selective Multicast Ethernet Tag` specified by this document. It is unclear from the text.

## Section 3.2.3

Should the "AR" acronym be expanded first (even if guessable).

## Section 3.3

Only IGMP is used in this section, should it be stated in the intro that "MLD" is used everywhere as a shorthand of "MLD or IGMP" ?

## Section 4.1

Should there be an expansion for RPF ?


# NITS (non-blocking / cosmetic)

## ethernet vs. Ethernet

Usually Ethernet is capitalised.

## Link-local

Usually, when used as an adjective, "link-local" is written with an hyphen.

Hi,

One minor comment to check:

(1) p 10, sec 1.3.  Need for EVPN-aware Multicast Procedures

   However, that technique does not provide optimal routing for
   multicast.  In conventional multicast routing, for a given multicast
   flow, there is only one multicast router on each BD that is permitted
   to send traffic of that flow to the BD.  If that BD has receivers for
   a given flow, but the source of the flow is not on that BD, then the
   flow must pass through that multicast router.  This leads to the
   "hair-pinning" problem described (for unicast) in Appendix A.
   For example, consider an (S,G) flow that is sourced by a TS S and
   needs to be received by TSes R1 and R2.  Suppose S is on a segment of
   BD1, R1 is on a segment of BD2, but both are attached to PE1.
   Suppose also that the tenant has a multicast router, attached to a
   segment of BD1 and to a segment of BD2.  However, the segments to
   which that router is attached are both attached to PE2.  Then the
   flow from S to R would have to follow the path:
   S-->PE1-->PE2-->Tenant Multicast Router-->PE2-->PE1-->R1.  Obviously,
   the path S-->PE1-->R would be preferred.

S to R => S to R1, and PE1-->R to PE1-->R1?

Regards,
Rob