Skip to main content

Transparent Interconnection of Lots of Links (TRILL): ARP and Neighbor Discovery (ND) Optimization



(Alia Atlas)

No Objection

(Alexey Melnikov)
(Ben Campbell)
(Deborah Brungard)
(Mirja Kühlewind)
(Terry Manderson)

Note: This ballot was opened for revision 06 and is now closed.

Jari Arkko Former IESG member
Discuss [Treat as non-blocking comment] (2016-07-07 for -06) Unknown
Section 3.2 discusses several options for obtaining an answer to a ND query. The section also mentions SEND, which prevents spoofing of results by the bridge itself. I believe it would be useful though to make a clearer recommendation on what to do with regards to the different options on obtaining an answer. Some of them are compatible with SEND, some of them are not. Also, how does one know SEND is being used?

Perhaps the document could specify a configurable mode where SEND is assumed to be in use and then you could not use the options that make this problematic. Or, perhaps better, if a node has been observed as using send, then use the correct option for that node.
Alia Atlas Former IESG member
Yes (for -06) Unknown

Alexey Melnikov Former IESG member
No Objection
No Objection (for -08) Unknown

Alissa Cooper Former IESG member
No Objection
No Objection (2016-07-06 for -06) Unknown
Looking forward to resolution of others' DISCUSS and COMMENTs.
Alvaro Retana Former IESG member
(was Discuss) No Objection
No Objection (2017-07-03 for -08) Unknown
[Thanks for addressing my DISCUSS.]
Ben Campbell Former IESG member
No Objection
No Objection (for -06) Unknown

Benoît Claise Former IESG member
No Objection
No Objection (2017-07-06 for -08) Unknown
- Can you clarify on which device type you need to enable the following option:

    TRILL already provides an option to disable data-plane learning from
    the source MAC address of end-station frames on a per port basis (see
    Section 5.3 of [RFC6325]).


     1) IP address - indicated protocol address that is normally an IPv4
     address in ARP or an IPv6 address in ND.

"normally"?  I've seen the term "Non-zero IP" later on in the draft

Below is Mahesh's OPS DIR review

I have reviewed this document as part of the Operational directorate’s ongoing
effort to review all IETF documents being processed by the IESG.
 These comments were written with the intent of improving the
operational aspects of the IETF drafts. Comments that are not addressed in last
call may be included in AD reviews during the IESG review.  Document editors
and WG chairs should treat these comments just like any other last
call comments.

Document reviewed:  draft-ietf-trill-arp-optimization-08

Summary: Ready with Nits

Document Status: Standard Track

General Comments: The abstract of the document says that the draft tries “To
reduce the burden on a TRILL campus caused by these multi-destination messages,
RBridges MAY implement an "optimized ARP/ND response", as specified herein,
when the target's location is known by the ingress RBridge or can be obtained
from a directory. This avoids ARP/ND query and answer flooding.” Implementation
of this draft will impact the operations of the network. As such careful
consideration should be placed on operational and management impact of the

The following comments look at the document both from an operational
perspective as well as a management perspective.

Operational Considerations:

Operational considerations include installation and initial setup, migration
path, requirements on other protocols, impact on network operations and
verification of correct operation.

>From an impact on network operations perspective, this draft proposes to reduce
the traffic in the network by preventing a network wide broadcast and multicast
of messages. As such it should reduce the impact on the network, when operating
correctly. In the worst case, that it is not operating or operating
incorrectly, these network broadcast and multicast messages will “leak” into
the broader network, where they will be treated just as they are in todays
network. For this reason, a migration path may not be required, or existing
protocols modified to deal with the change.

>From a verification of correct operations, it is not clear how one determines
that the RBridge is operating correctly beyond observing individual ARP/ND
messages. Does it keep track of ARP/ND messages it has intercepted and
responded to on the local network, which would have escaped to the broader
network? Keeping track of statistics will allow for tracking the operation of
what is defined in the draft.

Management Considerations:

Management considerations include interoperability, fault management,
configuration management, accounting, performance and security.

>From a configuration management perspective, it is not clear how the
configuration of the RBridge is realized. For example, per the draft, RBridge
might not verify an IP address if the network manager's policy is to have the
network behave, for each Data Label, as if it were a single link and just
believe an ARP/ND it receives. If such a configuration is desired, this or an
accompanying document needs to define the manageability aspect of RBridge,
preferably in the form of a YANG model.

>From a accounting perspective, For example, in the draft, RBridge could for
generic ARP/ND request seeking the MAC address corresponding to an IP address,
if the edge RBridge knows the IP address and corresponding MAC, behavior is as
in item (a), otherwise behavior is as in item (b). Behavior for gratuitous ARP
and ND Unsolicited Neighbor Advertisements [RFC4861] is given in item (c). And
item (d) covers handling of Address Probe ARP Query. Are there specific
statistics being maintained for each of these options? Keeping track of
individual options allows for capacity management and planning.

A run of idnits revealed a few warnings:

Miscellaneous warnings:

  == Line 99 has weird spacing: '...enience  along...'

  -- The document date (April 17, 2017) is 79 days in the past.  Is this

  Checking references for intended status: Proposed Standard

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Missing Reference: 'IA-draft' is mentioned on line 390, but not defined

  == Unused Reference: 'RFC7356' is defined on line 540, but no explicit
     reference was found in the text

  == Outdated reference: draft-ietf-trill-directory-assist-mechanisms has
     been published as RFC 8171

     Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.
Deborah Brungard Former IESG member
No Objection
No Objection (for -06) Unknown

Eric Rescorla Former IESG member
(was Discuss) No Objection
No Objection (2017-07-05) Unknown
S 2.

   plane on the edge RBridges, it should be possible to completely
   suppress flooding of ARP/ND messages in a TRILL Campus, When all end-
   station MAC addresses are similarly known, it should be possible to
   suppress unknown unicast flooding by dropping any unknown unicast
   received at an edge RBridge.

Are these "should be possibles" normative? Descriptive?

S 4.
This is a sequence of steps, so it would be nice to preface them with
a list of the steps. It's also odd to have SEND considerations right
in the middle here.

4.3 Get Sender's IP/MAC Mapping Information for Non-zero IP 
Please explain what a non-zero IP is and why it's relevant.
This graf also needs an introductory sentence or something before
the bullets.

S 4.4.
   It is not essential that all RBridges use the same strategy for which
   option to select for a particular ARP/ND query. It is up to the

This seems inconsistent with the MUST in arm (b) below, because I
can just take some other arm. It's also kind of surprising to be this

S 8.
   some other location (MAC/VM Mobility) and gets connected to egde-

Nit: edge is mispelled.
Joel Jaeggli Former IESG member
No Objection
No Objection (2016-07-07 for -06) Unknown
SEND is kinda nonsense,nobody is really going to use it.
Kathleen Moriarty Former IESG member
No Objection
No Objection (2016-07-06 for -06) Unknown
I agree with Stephen and Suresh.
Mirja Kühlewind Former IESG member
No Objection
No Objection (for -06) Unknown

Spencer Dawkins Former IESG member
No Objection
No Objection (2016-07-06 for -06) Unknown
I agree with Suresh's Discuss.
Stephen Farrell Former IESG member
No Objection
No Objection (2016-07-06 for -06) Unknown
3.2, 2nd last para: don't you need to say to never fake
SEND responses? saying "prevent local reply" seems unclear
to me, and a MUST NOT would seem called for.  I guess
Suresh's discuss covers that though, so just to note I agree
with him on that.
Suresh Krishnan Former IESG member
(was Discuss) No Objection
No Objection (2017-07-04 for -08) Unknown
Thanks for addressing my DISCUSS points.
Terry Manderson Former IESG member
No Objection
No Objection (for -06) Unknown