Summary: Has a DISCUSS. Needs one more YES or NO OBJECTION position to pass.
I am balloting DISCUSS because I think that there are some technical and clarity issues that makes understanding, and potentially implementing this document hard. I also want to discuss the "backwards compatibility" and the use of TLVs as sub-TLVs in PCEP as introduced in this document. (1) MSD Definition. The MSD may be learned from a variety of sources, including the SR-PCE-CAPABILITY sub-TLV defined in this document. It is important then for the MSD to be defined consistently everywhere. Please use the BMI-MSD definition from rfc8491. (2) Ability to signal the MSD per link, not just per node. Clearly the calculation of paths through specific links (using an Adjacency SID, for example) would require that information (if different/lower from what the node may support). Note that §6.1 seems to assume that the MSD will normally be advertised through different mechanisms, and it uses that to work around the fact that there's no link-specific information: "Furthermore, whenever a PCE learns the MSD for a link via different means, it MUST use that value for that link regardless of the MSD value exchanged in the SR-PCE-CAPABILITY sub-TLV." However, the text doesn't mandate the IGP/BGP-LS information to be available to the PCE. IOW, as written, the specification can't guarantee the proper calculation of paths that require the PCE to consider link MSDs. (3) Extensibility to advertise other MSD-Types. [This point is not DISCUSS-worthy, but I'm including it here since I'm already talking about the MSD.] rfc8491 (aka I-D.ietf-isis-segment-routing-msd) and I-D.ietf-ospf-segment-routing-msd encode the MSD advertisement as a pair: MSD-Type and MSD-Value, with the expectation that "new MSD-Types will be defined to signal additional capabilities, e.g., entropy labels, SIDs that can be imposed through recirculation, or SIDs associated with another data plane such as IPv6." IOW, the encoding is reusable with other dataplanes. I peeked into draft-negi-pce-segment-routing-ipv6 [*] and i don't see anything in there that couldn't be signaled using the SR-PCE-CAPABILITY sub-TLV defined here (+ the MSD_Value). I think this is important for consistency. [*] I realize that draft-negi-pce-segment-routing-ipv6 is not even a WG document, but it is the only potential reference I found to what a different dataplane might look line. (4) §6.2.2 (Interpreting the SR-ERO): o If the subobjects contain NAI only, then the PCC first converts each NAI into a SID index value by looking it up in its local database, and then proceeds as above. I believe that this step in the interpretation of the SR-ERO is not properly specified. Which "local database" are you referring to? §220.127.116.11 mentions the SR-DB (when talking about errors)...but the specification should be clear about which database and what the specific procedure is. For example, what is the specific process that the PCC needs to follow to convert a Node ID/IP address to the SID/MPLS label? What if the SR-DB doesn't contain an SID associated to the specific Node ID/IP address? How should the router react to that? This case is not covered in the Error Handling section (18.104.22.168) either. A pointer to the SR-DB (as defined in I-D.ietf-spring-segment-routing-policy) is not enough because it is composed of optional information (according to the description in §3 (Segment Routing Database)). This document should be specific about what information must be contained in the SR-DB for the conversion to be successful. The requirement of the information to be contained in the SR-DB makes I-D.ietf-spring-segment-routing-policy a Normative reference. (5) §7 (Backward Compatibility) "Some implementations, which are compliant with an earlier version of this specification..." <sigh> I understand that there may be implementations that are non-compliant with this specification out in the field. However, why is this document making accommodations for them? Not only are these implementations not compliant with this document, but are also non compliant with rfc8408, which implies the use of a new sub-TLV per PST. I didn't find a discussion on the mailing list related to this issue. Specifying alternate behavior to accommodate non-compliant implementations is not the best way to define new functionality. If the support for those old implementations was an imperative then the new functionality should have been fully specified to seamlessly interoperate with what is already deployed. The current result is two ways to do the same thing... While I would prefer for this "backwards compatibility" not to be built into the specification, I am looking for discussion in the WG and a better justification that the current one (which can be reduced to "non-compliant implementations exist, so we need to fit them in here somehow"). (6) sub-TLV Space for the PATH-SETUP-TYPE-CAPABILITY TLV rfc8408 failed to set up a sub-TLV registry for the PATH-SETUP-TYPE-CAPABILITY TLV. The bigger issue is that it also doesn't say that other PCE TLVs can be used as sub-TLVs (nor does it prohibit that). The Type for the SR-PCE-CAPABILITY sub-TLV is allocated from the PCEP TLV Type Indicators registry, making it a TLV. I also couldn't find any mention of sub-TLVs in rfc5440, or the potential intent to have a single space from which both TLVs and sub-TLVs could come. The question is: are all TLVs (defined in the PCEP TLV Type Indicators registry) able to be used as sub-TLVs? This question is general, but also specific to the PATH-SETUP-TYPE-CAPABILITY TLV. At a minimum, it should be made clear which can be used with the PATH-SETUP-TYPE-CAPABILITY TLV -- because this is the first document to define a new PST and sub-TLV, it seems appropriate to Update rfc8408 here...but rfc5440 may also need an Update.
These comments don't raise to the level of a DISCUSS, but I would like to also see them addressed. (1) [nit] "Both node segments and adjacency segments can be used for SR Traffic Engineering (SR-TE)." I find the use of SR-TE (instead of simply SR) gratuitous and potentially confusing; it introduces a new term which doesn't represent new functionality as compared to exiting segment routing documents. (2) "This document is relevant to the MPLS forwarding plane only." I believe that I-D.ietf-spring-segment-routing-mpls should be a Normative reference. (3) In §3, the first two paragraphs have redundant text: "In an SR network, the ingress node of an SR path prepends an SR header to all outgoing packets. The SR header consists of a list of SIDs (or MPLS labels in the context of this document)....In SR networks, an ingress node of an SR path prepends an SR header to all outgoing packets. The SR header consists of a list of SIDs (or MPLS labels in the context of this document)." (4) §3: "...the PCEP messages (e.g., Path Computation Request, Path Computation Reply, Path Computation Report, Path Computation Update, Path Computation Initiate, etc.,) MUST be formatted according to [RFC5440], [RFC8231], [RFC8281], and any other applicable PCEP specifications." I'm not sure what behavior is being specified here -- IOW, why do we need Normative language? This document defines the extensions referred to here, so the format should already be compliant with the RFCs mentioned. s/MUST/must (5) Following up from the last point... §4 seems to address that MUST by saying that there's no requirement for "changes in the format of the PCReq and PCRep messages specified in [RFC5440], PCInitiate message specified in [RFC8281], and PCRpt and PCUpd messages specified in [RFC8231]." I find this section unnecessary. (6) [nit] §5.3.1 defines the "L Flag"... §6.1, for example, uses "L flag" to refer to the L bit (§5.1.1). Please try to be consistent to avoid confusion...or even better, use a different letter. (7) §5.1.1 says that a "PCEP speaker SHOULD indicate its support of the function described in this document by sending a PATH-SETUP-TYPE-CAPABILITY TLV...[and]...MUST also include the SR-PCE-CAPABILITY sub-TLV"...but §6.1 then says that "if a PCE receives an SR-PCE-CAPABILITY sub-TLV with the L flag and MSD both set to zero then it MUST assume that the PCC is not capable of imposing a SID stack of any depth and hence is not SR-TE capable". Wait, the sub-TLV is included because the TLV says that it supports SR. Isn't this then a contradiction?? What good is it to signal support if the node is "not capable of imposing a SID stack of any depth"? Shouldn't this combination result in an error message? (8) §6.2.2 "According to [I-D.ietf-spring-segment-routing-policy], each SR-ERO subobject in the sequence identifies a segment that the traffic will be directed to, in the order given." The SR-ERO subobject is defined in this document, so its interpretation is of obvious importance. Because of that, I think that the text above makes the reference Normative. However, I looked in I-D.ietf-spring-segment-routing-policy and I find no mention of the SR-ERO, ERO, or sequence. The only related text (that I could find) is the generic one about SR being an "ordered list of segments"...so I think that the reference to I-D.ietf-spring-segment-routing-policy is out of place. Suggestion: replace the reference to I-D.ietf-spring-segment-routing-policy with a reference to rfc8402. (9) §6.2.2 "If the subobjects contain SID index values, then the PCC converts them into the corresponding MPLS labels by following the procedure defined in [I-D.ietf-spring-segment-routing-mpls]." I think this statement requires I-D.ietf-spring-segment-routing-mpls to be a Normative reference. (10) §6.2.2 Only the third procedure ends with "...and then directs the packet to the segment identified by the first SID", which is the obvious next step, but the text is only talking about the conversion. Either make sure that it is clear that all the processes continue with sending, or take this piece of text out. Be consistent. (11) §5.5 "...the PCE MUST minimize the SID depth of the computed path." If the B bit is not set (meaning not bound), what behavior is this phrase standardizing? Given that we're not standardizing the computation done by the PCE, how can it be enforced? (12) §8.1 (Controlling the Path Setup Type) I find this section out of place in this document. rfc8408 is the document that specifies the support for multiple path setup methods...while this document adds the SR-related type. If kept, then I think this document should be tagged to Update rfc8408.
Section 8.4 strikes me as a little odd for an archival document -- presumably draft-ietf-pce-pcep-yang either will or will not include the listed items, so the recommendations will either be out-of-date or false once draft-ietf-pce-pcep-yang is published.
I can guess what This mechanism is useful in Software Defined Networking (SDN) applications, such as on-demand engineering, or bandwidth calendaring. means, but I'm guessing. Is there a reference for "on-demand engineering" or "bandwidth calendaring"?
Abstract This document specifies extensions to the Path Computation Element Communication Protocol (PCEP) that allow a stateful PCE to compute and initiate Traffic Engineering (TE) paths, as well as a PCC to request a path subject to certain constraints and optimization criteria in SR networks. Why are we talking about TE paths now instead of SR? Section 1 Several types of segment are defined. A node segment represents an ECMP-aware shortest-path to a specific node, and is always identified uniquely within the SR/IGP domain. [...] A path to a node is only going to be unique if the starting node is also included, is it not? Section 3 The sentences: In an SR network, the ingress node of an SR path prepends an SR header to all outgoing packets. The SR header consists of a list of SIDs (or MPLS labels in the context of this document). Appear virtually unchanged in both the start of the first paragraph and the middle of the second paragraph; is this duplication really needed? A PCC MAY include an RRO containing the recorded LSP in PCReq and PCRpt messages as specified in [RFC5440] and [RFC8231], respectively. This document defines a new RRO subobject for SR networks. The methods used by a PCC to record the SR-TE LSP are outside the scope of this document. It's not entirely clear that we need to define a standard container to carry site-local data when a site-local container could also be used. Section 5.2 Please expand SRP (and RP, for that matter) on first usage. (Interestingly, https://www.rfc-editor.org/materials/abbrev.expansion.txt does not seem to have the correct expansion for this usage.) Section 5.3.1 * C: If the M bit and the C bit are both set to 1, then the TC, S, and TTL fields in the MPLS label stack entry are specified by the PCE. However, a PCC MAY choose to override these values according its local policy and MPLS forwarding rules. If the M bit is set to 1 but the C bit is set to zero, then the TC, S, and TTL fields MUST be ignored by the PCC. The PCC MUST set these fields according to its local policy and MPLS forwarding rules. [...] Must be ignored in incoming messages received from where? Isn't the 'F' bit fully redundant with NT? Section 5.3.2 Do we need to say anything about which node is the reference point for evaluating "local" and "remote" w.r.t. IP addresses? (Maybe we don't, since these are always unidirectional adjacencies, right?) Section 6.1 If a PCC sets the N flag to 1, then the PCE MAY send an SR-ERO subobject containing NAI and no SID (see Section 6.2). Otherwise, the PCE MUST NOT send an SR-ERO subobject containing NAI and no SID. Sets the N flag in what message? If a PCE receives an SR-PCE-CAPABILITY sub-TLV with the L flag set to 1 then it MUST ignore the MSD field and MUST assume that the sender can impose a SID stack of any depth. [...] nit: this second MUST seems like overkill; "and assumes" would probably work fine. (Similarly for the following case.) It's interesting that the routing protocols' MSD value supersedes the PCE-obtained one, given that all three (IS-IS, OSPF, and BGP-LS) documents have text to the effect of "PCEP provides a way to get this, but if PCEP is not used you can use our thing", which a naive reader would take to mean that PCEP is intended to be the primary distribution mechanism. Section 7 Is there some history regarding making it MUST-level mandatory to treat top-level SR-CAPABILITY-TLV in OPEN for backwards-compatibility (as opposed to SHOULD-level but leaving open the option of a strict implementation)? (The guidance for what to do when both forms appear seems good to have at MUST-level, to me.) Section 9 RFC 8281's security considerations incorporate those of RFC 8231 by reference; we could save the reader a step and also mention it at the toplevel here. I don't think it's a good idea to just refer to "the security mechanisms of [RFC 5440] and [RFC8281]", since there are qualitative differences between the TCP authentication schemes and the full-on encryption provided by TLS and IPsec. (Also, what exactly are the security mechanisms of RFC8281 supposed to be -- a quick look only sees the new guidance to apply resource limits?) The second paragraph only requires integrity protection to avoid the vulnerability mentioned there, but the third paragraph requires confidentiality protection to preent the attack. Section 10.6 RFC 8408 does not "request" the creation of the registry; IANA has already created the registry. I would just say "[RFC8408] created a sub-registry [...]" but the smaller change to "requested" would be okay, too.
I’m balloting NoObj, but support Alvaro’s DISCUSS, especially point #4, and his comments, especially #1 and #7.
Hello, thank you for this document. I have few comments/questions: Could you elaborate on what you mean by: "or to perform a specific service on the packet." s/A Segment Routed path/A Segment Routing path/ In SR networks, an ingress node of an SR path prepends an SR header to all outgoing packets. The SR header consists of a list of SIDs (or MPLS labels in the context of this document). This appears twice in two consecutive paragraphs at the beginning of section 3. I'm not a native english speaker but I find the use of "ERO subobject" confusing when used to refer to the SR-ERO subobject. Maybe say the "the (SR-ERO) subobject of the ERO". Length: Contains the total length of the subobject in octets, including the L, Type and Length fields. The Length MUST be at least 8, and MUST be a multiple of 4. An SR-ERO subobject MUST contain at least one of a SID or an NAI. The length should include the SID and NAI fields if and only if they are not absent. I am confused about the minimum length. L, Type and Length use 2 octets. What bring this to 8 considering that a SID is 4? Also the last sentence is very confusing. It seems normal not to count something which is not there. No need to say so. The current statement seems to contradict the preceding sentence in fact, so I'd just remove it. * A 4 octet MPLS label, where the 20 most significant bits encode the label value per [RFC3032]. s/MPLS label/MPLS Label Stack Entry/ I believe it is too late to change but I find L=1 meaning "no limit" is *very* confusing. For me L stands for Limit and when L=1 there is a limit, when L=0 there is none. On the metric object. You have the requirement that "the PCE MUST minimize the SID depth". This is a non actionable requirement. You need to set a bound. I very much understand that the bound is the specified sid depth (and you say it properly afterwards ("the PCE MUST NOT return a path whose SID depth exceeds the given metric-value"), but still the sentence I point to is a non actionable requirement which you may want to reformulate. If a PCEP session is established with a non-zero default MSD value, then the PCC MUST NOT send an MSD METRIC object with an MSD greater than the session's default MSD. Out of curiosity, why do you forbid that case?