Last Call Review of draft-ietf-mpls-proxy-lsp-ping-03
review-ietf-mpls-proxy-lsp-ping-03-opsdir-lc-kumari-2015-03-01-00

Request Review of draft-ietf-mpls-proxy-lsp-ping
Requested rev. no specific revision (document currently at 05)
Type Last Call Review
Team Ops Directorate (opsdir)
Deadline 2015-03-03
Requested 2015-01-31
Other Reviews Genart Last Call review of -03 by Tom Taylor (diff)
Secdir Last Call review of -03 by Taylor Yu (diff)
Review State Completed
Reviewer Warren Kumari
Review review-ietf-mpls-proxy-lsp-ping-03-opsdir-lc-kumari-2015-03-01
Posted at http://www.ietf.org/mail-archive/web/ops-dir/current/msg00937.html
Reviewed rev. 03 (document currently at 05)
Review result Has Nits
Draft last updated 2015-03-01
Review completed: 2015-03-01

Review
review-ietf-mpls-proxy-lsp-ping-03-opsdir-lc-kumari-2015-03-01

Be ye not alarmed.

I have reviewed this document as part of the Operational directorate's ongoing
effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the
operational area directors.   Document editors and WG chairs should
treat these comments just like any other last call comments.


Revision reviewed: draft-ietf-mpls-proxy-lsp-ping-03
Summary: Ready with nits and notes.
ID Nits: Clean (other than a nit checker error)
Note: There is IPR.

NOTE: There is also


https://tools.ietf.org/html/draft-ietf-mpls-remote-lsp-ping-03

, which
(AFAICT) was an earlier version of this document, and keeps coming up
in searches, etc. It was one of the first hits when I looked for
draft-ietf-mpls-remote-lsp-ping and I accidentally started revewing it
by mistake :-(

There was an implementation poll in July 2014
(

http://www.ietf.org/mail-archive/web/mpls/current/msg12473.html

), and
writeup says:
"We know of implementations of this specification. An implementation
poll has been sent to the working group mailing list and the write-up
will be updated as soon as we have further information.". I did not
see any replies to that mail, nor the writeup updated. Knowing what
implementations exist (and who uses this) would go a long way to
showing that this works will in an operational environment.


I initially started reviewing draft-ietf-mpls-remote-lsp-ping-03,
which is not nearly as clear. This document is much clearer, but there
are still a number of readability nits, many of which are below...


General notes:
I didn't see any mention (or I messed it) of rate limiting processing
of these messages. If I get many thousands per seconds (e.g because an
NSM went nuts), what do I do?

In the security considerations section:
"If a MPLS Proxy ping request IP destination address is a Martian
Address, it MUST NOT be acted upon."
I'm not sure that this is a good idea, Also, AFACIT Martians are not
well defined - RFC3871, RFC1208 seem closest, but what is actually a
martian changes over time - see e.g


http://www.team-cymru.org/bogon-reference.html

 . Some provides number
infrastructure out of what could be considered Martian (e.g:


http://datatracker.ietf.org/doc/rfc7404/

). I'd suggest just dropping
this.

How do I (as an operator) initiate this? Is it only expected to be
available from the CLI? From a management tool? SNMP?


Apparently the document has already been reviewed in the past, and so
I didn't do quite as thorough a review as I otherwise may have. There
is also, apparently, an implementation so the general theory should
work.


Readability / grammar nits:

Standardizing on one capitalization of 'MPLS proxy ping' would make
reading the document much easier.


More nits in [OPR] format:


   One alternative would be to begin sending pings from points at or
   near the affected egress(es) and working backwards toward the root.

[O] and working backwards toward the root.

[P] and then work backwards toward the root.

[R] readability/grammar

   The TTL could be held constant, say two, limiting the number of
   responses to the number of next-next-hops of the point where a ping
   is initiated.

   In the case of Resource Reservation Protocol-Traffic Engineering
   (RSVP-TE), all setup is initiated from the root of the tree. Thus,
   the root of the tree has knowledge of both all the leaf nodes and
   usually the topology of the entire tree. Thus the above alternative
   can easily be initiated by the root node.

   In [RFC6388] the situation is quite different. Leaf nodes initiate
   connectivity to the tree which is granted by the first node toward

[O] to the tree which is granted

[P] to the tree, which is granted

[R] grammar

 The leaf node also requests the identity of
   the upstream neighbor's upstream neighbor for that FEC. With this
   information the procedure can iteratively be applied until the fault

[O] With this information the

[P] With this information, the

[R] grammar


   is localized or the root node is reached. In all cases the TTL for

[O] In all cases the TTL

[P] In all cases, the TTL

[R] grammar

   the request need only be at most 2. Thus the processing load of each
   request is small as only a limited number of nodes will receive the

[O] small as only

[P] small, since only

[R] readability

   request.

   This document defines protocol extensions to MPLS ping [RFC4379] to
   allow a third party to remotely cause an MPLS Echo Request message to
   be sent down an LSP or part of an LSP. The procedure described in the
   paragraphs above does require that the initiator know the previous-
   hop node to the one which was pinged on the prior iteration. This
   information is readily available in [RFC4875]. This document also
   provides a means for obtaining this information for [RFC6388].

   While the motivation for this document came from multicast scaling
   concerns, it's applicability may be wider. The procedures presented
   in this document are applicable to all LSP ping FEC types where the
   MPLS Echo Request/Reply are IP encapsulated and the MPLS Echo Reply
   can sent out of band of the LSP over ip. Remote pinging of LSPs that

[O] LSP over ip
[P] LSP over IP

[R] grammar

   involve the use of in-band control channels is beyond the scope of
   this document.

   Other uses of this facility are beyond the scope of this document. In
   particular, the procedures defined in this document only allow
   testing of a FEC stack consisting of a single FEC. It also does not

[O] It also does not

[P] Either "This document" instead of "It" or "The procedures" instead of "It"

[R] readability

   allow the initiator to specify the label assigned to that FEC, nor
   does it allow the initiator to cause any additional labels to be
   added to the label stack of the actual MPLS Echo Request message.


2.  Proxy Ping Overview

   This document defines a protocol interaction between a first node and
   a node which is part of an LSP to allow the first node to request
   that second node initiate an LSP ping for the LSP on behalf of the
   first node. Since the second node sends the LSP Ping on behalf of the

[O] This document defines a protocol interaction between a first node and

   a node which is part of an LSP to allow the first node to request
   that second node initiate an LSP ping for the LSP on behalf of the
   first node.

[P] This document defines a protocol  interaction between a first node
a node which is part of an LSP, to allow the first node to request
that the second node initiate an LSP ping for the LPS on the first
node's behalf.

[R] readability.

   first node, it does not maintain state to be able to handle the
   corresponding LSP Ping response. Instead the responder to the LSP
   ping sends the LSP Ping response to either the first node or another
   node configured to handle it. Two new LSP Ping messages are defined
   for remote pinging: the MPLS proxy ping request and the MPLS proxy
   ping reply.

 [ SNIP ]

   The initiator formats an MPLS proxy ping request message and sends it
   to the proxy LSR, a node it believes to be on the path of the LSP.
   This message instructs the proxy LSR to either Reply with Proxy
   information or to send a MPLS Echo Request inband of the LSP. The
   initiator requests Proxy information so that it can learn additional
   information it needs to use to form a subsequent MPLS Proxy Ping
   request. For example during LSP traceroute an initiator needs the

[O] For example during

[P] For example, during

[R] readability

   downstream map information to form an MPLS Echo Request. An initiator
   may also want to learn a Proxy LSR's FEC neighbor information so that
   it can form proxy request to various nodes along the LSP.

[O] can form proxy request to

[P] can form proxy requests to

[R] grammar


3.2.  Procedures for the proxy LSR

 [SNIP]

   The header fields Sender's Handle and Sequence Number are not
   examined, but included in the MPLS proxy ping reply or MPLS Echo

[O] are not examined, but included
[P] are not examined, but they are included

[R] grammar

[SNIP]

   If the "Request for FEC Neighbor Address info" flag is set, a
   Upstream Neighbor Address TLV and/or Downstream Neighbor Address
   TLV(s) is/are formatted for inclusion in the MPLS proxy ping reply.
   If the Upstream or Downstream address is unknown they are not

[O] is unknown they are not

[P] is unknown, they are not

[R] grammar



3.2.1.  Proxy LSR Handling when it is Egress for FEC

   This sections describes the different behaviors for the Proxy LSR

[O] This sections describes

[P] This section describes

[R] grammar

   when it's the Egress for the FEC. In the P2MP budnode and MP2MP
   budnode and egress cases, different behavior is required.

   When the Proxy LSR is the egress of a P2P FEC, a MPLS proxy ping
   reply SHOULD be sent to the initiator with the return code set to 3
   (Reply router is Egress for FEC) with return Subcode set to 0.

   When the Proxy LSR is the egress of a P2MP FEC, it can be either a
   budnode or just an Egress. If the Proxy LSR is a budnode, a MPLS

[O] a MPLS

[P] an MPLS

[R] readability and consistency

   proxy ping reply SHOULD be sent to the initiator with the return code
   set to 3 (Reply router is Egress for FEC) with return Subcode set to
   0 and DS/DDMAPs only if the Proxy initiator requested information to
   be returned in a MPLS proxy ping reply. If the Proxy LSR is a budnode
   but not requested to return a MPLS proxy ping reply, the Proxy LSR
   SHOULD send MPLS Echo Request packet(s) to the downstream neighbors
   (no MPLS Echo Reply is sent to the Proxy Initiator to indicate that
   the Proxy LSR is an egress). If the Proxy LSR is just an egress, a
   MPLS proxy ping reply SHOULD be sent to the initiator with the return

[O] a MPLS

[P] an MPLS

[R] readability and consistency

   code set to 3 (Reply router is Egress for FEC) with return Subcode
   set to 0.

   When the Proxy LSR is the egress of a MP2MP FEC, it can be either a

[O] a MP2MP

[P] an MP2MP

[R] readability. Same corrections further down are not specifically noted.



   ping reply. If the Proxy LSR is not requested to return information
   in a MPLS proxy ping reply, the Proxy LSR SHOULD send MPLS Echo
   Request packets to all upstream/downstream neighbors as would be done

[O] neighbors as would be done

[P] neighbors, as would be done
[R] grammar

   when sourcing an LSP ping from a MP2MP leaf (no MPLS Echo Reply is
   sent to the Proxy initiator indicating that the Proxy LSR is an
   egress).

3.2.2.  Downstream Detailed/Downstream Maps in Proxy Reply

   When the Proxy LSR is a transit or bud node, downstream maps
   corresponding to how the packet is transited can not be supplied

[O] can not

[P] cannot

[R] grammar

   unless an ingress interface for the MPLS Echo Request is specified.
   Since this information is not available and all valid output paths
   are of interest, the Proxy LSR SHOULD include DS/DDMAP(s) to describe
   the entire set of paths that the packet can be replicated. This is
   similar to the case where an LSP ping is initiated at the Proxy LSR.

[O] case where an

[P] case in which an

[R] grammar



   For mLDP there is a DSMAP/DDMAP per upstream/downstream neighbor for
   MP2MP LSPs, or per downstream neighbor in the P2MP LSP case.

   When the Proxy LSR is a bud node or egress in a MP2MP LSP or a
   budnode in a P2MP LSP, an LSP ping initiated from the Proxy LSR would
   source packets only to the neighbors but not itself despite the fact

[O] but not itself despite the fact

[P] but not itself, despite the fact

[R] grammar


3.2.4.  Sending the MPLS Echo Requests

   A MPLS Echo Request is formed as described in the next section. The
   section below that describes how the MPLS Echo Request is sent on
   each interface.

3.2.4.1.  Forming the base MPLS Echo Request

   A Next_Hop_List is created as follows. If Next Hop sub-TLVs were
   included in the received Proxy Parameters TLV, the Next_Hop_List
   created from the address in those sub-TLVs as adjusted above.

[O] the Next_Hop_List created from
[P] the Next_Hop_List is created from

[R] readability.

   Otherwise, the list is set to all the next hops to which the FEC
   would be forwarded.

   The proxy LSR then formats an MPLS Echo Request message. The Global
   Flags and Reply Mode are copied from the Proxy Echo Parameters TLV.
   The Return Code and Return Subcode are set to zero.

   The Sender's Handle and Sequence Number are copied from the remote
   echo request message.

   The TimeStamp Sent is set to the time-of-day (in seconds and
   microseconds) that the MPLS Echo Request is sent. The TimeStamp
   Received is set to zero.

   If the reply-to address TLV is present, it is used to set the echo
   request source address, otherwise the echo request source address is

[O] address, otherwise

[P] address; otherwise

[R] grammar

   set to the proxy request source address.



3.2.4.2.  Per interface sending procedures

   The proxy LSR now iterates through the Next_Hop_List modifying the
   base MPLS Echo Request to form the MPLS Echo Request packet which is
   then sent on that particular interface.

   For each next hop address, the outgoing label stack is determined.

[O] For each next hop address, the outgoing label stack is determined.

[P] The outgoing label stack is determined for each next hop address.

[R] readability

   The TTL for the label corresponding to the FEC specified in the FEC
   stack is set such that the TTL on the wire will be other TTL
   specified in the Proxy Echo Parameters. If any additional labels are
   pushed onto the stack, their TTLs are set to 255. This will ensure
   that the requestor will not have control over tunnels not relevant to
   the FEC being tested.

   If the MPLS proxy ping request message contained Downstream Mapping/
   Downstream Detailed Mapping TLVs, they are examined. If the
   Downstream IP Address matches the next hop address that Downstream

[O] the next hop address that Downstream

[P] the next hop address, that Downstream

[R] grammar

   Mapping TLV is included in the MPLS Echo Request.

   The packet is then transmitted on this interface.



5.1.  Proxy Echo Parameters TLV

 [SNIP[

   Proxy Flags

      The Proxy Request Initiator sets zero, one or more of these flags
      to request actions at the Proxy LSR.

         0x01 Request for FEC Neighbor Address info

            When set this requests that the proxy LSR supply the

[O] When set this requests

[P] When set, this requests

[R] readability

            Upstream and Downstream neighbor address information in the
            MPLS proxy ping reply message. This flag is only applicable
            for the topmost FEC in the FEC stack if the FEC types
            corresponds with a P2MP or MP2MP LSPs. The Proxy LSR MUST
            respond as applicable with a Upstream Neighbor Address TLV
            and Downstream Neighbor Address TLV(s) in the MPLS proxy
            ping reply message. Upstream Neighbor Address TLV needs be
            included only if there is an upstream neighbor. Similarly,
            one Downstream Neighbor Address TLV needs to be included for
            each Downstream Neighbor for which the LSR learned bindings
            from.

[O] for which the LSR learned bindings from.
[P] from which the LSR learned bindings.

[R] readability; I *think* this is what is meant here.

            Setting this flag will cause the proxy LSR to cancel sending
            an Echo request. Information learned with such proxy reply
            may be used by the proxy initiator to generate subsequent
            proxy requests.

         0x02 Request for Downstream Mapping

            When set this requests that the proxy LSR supply a

[O] When set this requests

[P] When set, this requests

[R] readability

            Downstream Mapping TLV see [RFC4379] in the MPLS proxy ping
            reply message. It's not valid to have Request for Downstream
            Detailed Mapping flag set when this flag is set.

[O] It's not valid to have Request for Downstream Detailed Mapping
flag set when this flag is set.

[P] Either this flag may be set or the Request for Downstream Detailed
Mapping flag may be set, but not both.

            Setting this flag will cause the proxy LSR to cancel sending
            an Echo request. Information learned with such proxy reply
            may be used by the proxy initiator to generate subsequent
            proxy requests.

         0x04 Request for Downstream Detailed Mapping

            When set this requests that the proxy LSR supply a

[O] When set this requests

[P] When set, this requests

[R] readability


      Requested DSCP

         This field is valid only if the Explicit DSCP flag is set. If
         not set, the field MUST be zero on transmission and ignored on
         receipt. When the flag is set this field contains the DSCP

[O] When the flag is set this field

[P] When the flag is set, this field

         value to be used in the MPLS Echo Request packet IP header.



5.2.  Reply-to Address TLV

   Used to specify the MPLS Echo Request IP source address. This address
   MUST be IP reachable via the Proxy LSR otherwise it will be rejected.

[O] Proxy LSR otherwise

[P] Proxy LSR; otherwise

[R] grammar



6.  Security Considerations

   The mechanisms described in this document are intended to be used
   within a Service Provider network and to be initiated only under the
   authority of that administration.

   If such a network also carries Internet traffic, or permits IP access
   from other administrations, MPLS proxy ping message SHOULD be
   discarded at those points. This can be accomplished by filtering on
   source address or by filtering all MPLS ping messages on UDP port.

   Any node which acts as a proxy node SHOULD validate requests against
   a set of valid source addresses. An implementation MUST provide such
   filtering capabilities.

   MPLS proxy ping request messages are IP addressed directly to the
   Proxy node. If a node which receives an MPLS proxy ping message via

[O] If a node which receives an MPLS proxy ping message

[P] If a node receives an MPLS...

[R] -- I am not sure what "which" relates to here; either something is
missing in the sentence, or remove the word "which."

if a MPLS Proxy ping request IP source address is not IP reachable by
   the Proxy LSR, the Proxy request MUST NOT be acted upon.

[ 'i' in 'if' should be capitalized ]


W

-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf