Be ye not alarmed. I have reviewed this document as part of the Operational directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the operational area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Revision reviewed: draft-ietf-mpls-proxy-lsp-ping-03 Summary: Ready with nits and notes. ID Nits: Clean (other than a nit checker error) Note: There is IPR. NOTE: There is also https://tools.ietf.org/html/draft-ietf-mpls-remote-lsp-ping-03 , which (AFAICT) was an earlier version of this document, and keeps coming up in searches, etc. It was one of the first hits when I looked for draft-ietf-mpls-remote-lsp-ping and I accidentally started revewing it by mistake :-( There was an implementation poll in July 2014 ( http://www.ietf.org/mail-archive/web/mpls/current/msg12473.html ), and writeup says: "We know of implementations of this specification. An implementation poll has been sent to the working group mailing list and the write-up will be updated as soon as we have further information.". I did not see any replies to that mail, nor the writeup updated. Knowing what implementations exist (and who uses this) would go a long way to showing that this works will in an operational environment. I initially started reviewing draft-ietf-mpls-remote-lsp-ping-03, which is not nearly as clear. This document is much clearer, but there are still a number of readability nits, many of which are below... General notes: I didn't see any mention (or I messed it) of rate limiting processing of these messages. If I get many thousands per seconds (e.g because an NSM went nuts), what do I do? In the security considerations section: "If a MPLS Proxy ping request IP destination address is a Martian Address, it MUST NOT be acted upon." I'm not sure that this is a good idea, Also, AFACIT Martians are not well defined - RFC3871, RFC1208 seem closest, but what is actually a martian changes over time - see e.g http://www.team-cymru.org/bogon-reference.html . Some provides number infrastructure out of what could be considered Martian (e.g: http://datatracker.ietf.org/doc/rfc7404/ ). I'd suggest just dropping this. How do I (as an operator) initiate this? Is it only expected to be available from the CLI? From a management tool? SNMP? Apparently the document has already been reviewed in the past, and so I didn't do quite as thorough a review as I otherwise may have. There is also, apparently, an implementation so the general theory should work. Readability / grammar nits: Standardizing on one capitalization of 'MPLS proxy ping' would make reading the document much easier. More nits in [OPR] format: One alternative would be to begin sending pings from points at or near the affected egress(es) and working backwards toward the root. [O] and working backwards toward the root. [P] and then work backwards toward the root. [R] readability/grammar The TTL could be held constant, say two, limiting the number of responses to the number of next-next-hops of the point where a ping is initiated. In the case of Resource Reservation Protocol-Traffic Engineering (RSVP-TE), all setup is initiated from the root of the tree. Thus, the root of the tree has knowledge of both all the leaf nodes and usually the topology of the entire tree. Thus the above alternative can easily be initiated by the root node. In [RFC6388] the situation is quite different. Leaf nodes initiate connectivity to the tree which is granted by the first node toward [O] to the tree which is granted [P] to the tree, which is granted [R] grammar The leaf node also requests the identity of the upstream neighbor's upstream neighbor for that FEC. With this information the procedure can iteratively be applied until the fault [O] With this information the [P] With this information, the [R] grammar is localized or the root node is reached. In all cases the TTL for [O] In all cases the TTL [P] In all cases, the TTL [R] grammar the request need only be at most 2. Thus the processing load of each request is small as only a limited number of nodes will receive the [O] small as only [P] small, since only [R] readability request. This document defines protocol extensions to MPLS ping [RFC4379] to allow a third party to remotely cause an MPLS Echo Request message to be sent down an LSP or part of an LSP. The procedure described in the paragraphs above does require that the initiator know the previous- hop node to the one which was pinged on the prior iteration. This information is readily available in [RFC4875]. This document also provides a means for obtaining this information for [RFC6388]. While the motivation for this document came from multicast scaling concerns, it's applicability may be wider. The procedures presented in this document are applicable to all LSP ping FEC types where the MPLS Echo Request/Reply are IP encapsulated and the MPLS Echo Reply can sent out of band of the LSP over ip. Remote pinging of LSPs that [O] LSP over ip [P] LSP over IP [R] grammar involve the use of in-band control channels is beyond the scope of this document. Other uses of this facility are beyond the scope of this document. In particular, the procedures defined in this document only allow testing of a FEC stack consisting of a single FEC. It also does not [O] It also does not [P] Either "This document" instead of "It" or "The procedures" instead of "It" [R] readability allow the initiator to specify the label assigned to that FEC, nor does it allow the initiator to cause any additional labels to be added to the label stack of the actual MPLS Echo Request message. 2. Proxy Ping Overview This document defines a protocol interaction between a first node and a node which is part of an LSP to allow the first node to request that second node initiate an LSP ping for the LSP on behalf of the first node. Since the second node sends the LSP Ping on behalf of the [O] This document defines a protocol interaction between a first node and a node which is part of an LSP to allow the first node to request that second node initiate an LSP ping for the LSP on behalf of the first node. [P] This document defines a protocol interaction between a first node a node which is part of an LSP, to allow the first node to request that the second node initiate an LSP ping for the LPS on the first node's behalf. [R] readability. first node, it does not maintain state to be able to handle the corresponding LSP Ping response. Instead the responder to the LSP ping sends the LSP Ping response to either the first node or another node configured to handle it. Two new LSP Ping messages are defined for remote pinging: the MPLS proxy ping request and the MPLS proxy ping reply. [ SNIP ] The initiator formats an MPLS proxy ping request message and sends it to the proxy LSR, a node it believes to be on the path of the LSP. This message instructs the proxy LSR to either Reply with Proxy information or to send a MPLS Echo Request inband of the LSP. The initiator requests Proxy information so that it can learn additional information it needs to use to form a subsequent MPLS Proxy Ping request. For example during LSP traceroute an initiator needs the [O] For example during [P] For example, during [R] readability downstream map information to form an MPLS Echo Request. An initiator may also want to learn a Proxy LSR's FEC neighbor information so that it can form proxy request to various nodes along the LSP. [O] can form proxy request to [P] can form proxy requests to [R] grammar 3.2. Procedures for the proxy LSR [SNIP] The header fields Sender's Handle and Sequence Number are not examined, but included in the MPLS proxy ping reply or MPLS Echo [O] are not examined, but included [P] are not examined, but they are included [R] grammar [SNIP] If the "Request for FEC Neighbor Address info" flag is set, a Upstream Neighbor Address TLV and/or Downstream Neighbor Address TLV(s) is/are formatted for inclusion in the MPLS proxy ping reply. If the Upstream or Downstream address is unknown they are not [O] is unknown they are not [P] is unknown, they are not [R] grammar 3.2.1. Proxy LSR Handling when it is Egress for FEC This sections describes the different behaviors for the Proxy LSR [O] This sections describes [P] This section describes [R] grammar when it's the Egress for the FEC. In the P2MP budnode and MP2MP budnode and egress cases, different behavior is required. When the Proxy LSR is the egress of a P2P FEC, a MPLS proxy ping reply SHOULD be sent to the initiator with the return code set to 3 (Reply router is Egress for FEC) with return Subcode set to 0. When the Proxy LSR is the egress of a P2MP FEC, it can be either a budnode or just an Egress. If the Proxy LSR is a budnode, a MPLS [O] a MPLS [P] an MPLS [R] readability and consistency proxy ping reply SHOULD be sent to the initiator with the return code set to 3 (Reply router is Egress for FEC) with return Subcode set to 0 and DS/DDMAPs only if the Proxy initiator requested information to be returned in a MPLS proxy ping reply. If the Proxy LSR is a budnode but not requested to return a MPLS proxy ping reply, the Proxy LSR SHOULD send MPLS Echo Request packet(s) to the downstream neighbors (no MPLS Echo Reply is sent to the Proxy Initiator to indicate that the Proxy LSR is an egress). If the Proxy LSR is just an egress, a MPLS proxy ping reply SHOULD be sent to the initiator with the return [O] a MPLS [P] an MPLS [R] readability and consistency code set to 3 (Reply router is Egress for FEC) with return Subcode set to 0. When the Proxy LSR is the egress of a MP2MP FEC, it can be either a [O] a MP2MP [P] an MP2MP [R] readability. Same corrections further down are not specifically noted. ping reply. If the Proxy LSR is not requested to return information in a MPLS proxy ping reply, the Proxy LSR SHOULD send MPLS Echo Request packets to all upstream/downstream neighbors as would be done [O] neighbors as would be done [P] neighbors, as would be done [R] grammar when sourcing an LSP ping from a MP2MP leaf (no MPLS Echo Reply is sent to the Proxy initiator indicating that the Proxy LSR is an egress). 3.2.2. Downstream Detailed/Downstream Maps in Proxy Reply When the Proxy LSR is a transit or bud node, downstream maps corresponding to how the packet is transited can not be supplied [O] can not [P] cannot [R] grammar unless an ingress interface for the MPLS Echo Request is specified. Since this information is not available and all valid output paths are of interest, the Proxy LSR SHOULD include DS/DDMAP(s) to describe the entire set of paths that the packet can be replicated. This is similar to the case where an LSP ping is initiated at the Proxy LSR. [O] case where an [P] case in which an [R] grammar For mLDP there is a DSMAP/DDMAP per upstream/downstream neighbor for MP2MP LSPs, or per downstream neighbor in the P2MP LSP case. When the Proxy LSR is a bud node or egress in a MP2MP LSP or a budnode in a P2MP LSP, an LSP ping initiated from the Proxy LSR would source packets only to the neighbors but not itself despite the fact [O] but not itself despite the fact [P] but not itself, despite the fact [R] grammar 3.2.4. Sending the MPLS Echo Requests A MPLS Echo Request is formed as described in the next section. The section below that describes how the MPLS Echo Request is sent on each interface. 3.2.4.1. Forming the base MPLS Echo Request A Next_Hop_List is created as follows. If Next Hop sub-TLVs were included in the received Proxy Parameters TLV, the Next_Hop_List created from the address in those sub-TLVs as adjusted above. [O] the Next_Hop_List created from [P] the Next_Hop_List is created from [R] readability. Otherwise, the list is set to all the next hops to which the FEC would be forwarded. The proxy LSR then formats an MPLS Echo Request message. The Global Flags and Reply Mode are copied from the Proxy Echo Parameters TLV. The Return Code and Return Subcode are set to zero. The Sender's Handle and Sequence Number are copied from the remote echo request message. The TimeStamp Sent is set to the time-of-day (in seconds and microseconds) that the MPLS Echo Request is sent. The TimeStamp Received is set to zero. If the reply-to address TLV is present, it is used to set the echo request source address, otherwise the echo request source address is [O] address, otherwise [P] address; otherwise [R] grammar set to the proxy request source address. 3.2.4.2. Per interface sending procedures The proxy LSR now iterates through the Next_Hop_List modifying the base MPLS Echo Request to form the MPLS Echo Request packet which is then sent on that particular interface. For each next hop address, the outgoing label stack is determined. [O] For each next hop address, the outgoing label stack is determined. [P] The outgoing label stack is determined for each next hop address. [R] readability The TTL for the label corresponding to the FEC specified in the FEC stack is set such that the TTL on the wire will be other TTL specified in the Proxy Echo Parameters. If any additional labels are pushed onto the stack, their TTLs are set to 255. This will ensure that the requestor will not have control over tunnels not relevant to the FEC being tested. If the MPLS proxy ping request message contained Downstream Mapping/ Downstream Detailed Mapping TLVs, they are examined. If the Downstream IP Address matches the next hop address that Downstream [O] the next hop address that Downstream [P] the next hop address, that Downstream [R] grammar Mapping TLV is included in the MPLS Echo Request. The packet is then transmitted on this interface. 5.1. Proxy Echo Parameters TLV [SNIP[ Proxy Flags The Proxy Request Initiator sets zero, one or more of these flags to request actions at the Proxy LSR. 0x01 Request for FEC Neighbor Address info When set this requests that the proxy LSR supply the [O] When set this requests [P] When set, this requests [R] readability Upstream and Downstream neighbor address information in the MPLS proxy ping reply message. This flag is only applicable for the topmost FEC in the FEC stack if the FEC types corresponds with a P2MP or MP2MP LSPs. The Proxy LSR MUST respond as applicable with a Upstream Neighbor Address TLV and Downstream Neighbor Address TLV(s) in the MPLS proxy ping reply message. Upstream Neighbor Address TLV needs be included only if there is an upstream neighbor. Similarly, one Downstream Neighbor Address TLV needs to be included for each Downstream Neighbor for which the LSR learned bindings from. [O] for which the LSR learned bindings from. [P] from which the LSR learned bindings. [R] readability; I *think* this is what is meant here. Setting this flag will cause the proxy LSR to cancel sending an Echo request. Information learned with such proxy reply may be used by the proxy initiator to generate subsequent proxy requests. 0x02 Request for Downstream Mapping When set this requests that the proxy LSR supply a [O] When set this requests [P] When set, this requests [R] readability Downstream Mapping TLV see [RFC4379] in the MPLS proxy ping reply message. It's not valid to have Request for Downstream Detailed Mapping flag set when this flag is set. [O] It's not valid to have Request for Downstream Detailed Mapping flag set when this flag is set. [P] Either this flag may be set or the Request for Downstream Detailed Mapping flag may be set, but not both. Setting this flag will cause the proxy LSR to cancel sending an Echo request. Information learned with such proxy reply may be used by the proxy initiator to generate subsequent proxy requests. 0x04 Request for Downstream Detailed Mapping When set this requests that the proxy LSR supply a [O] When set this requests [P] When set, this requests [R] readability Requested DSCP This field is valid only if the Explicit DSCP flag is set. If not set, the field MUST be zero on transmission and ignored on receipt. When the flag is set this field contains the DSCP [O] When the flag is set this field [P] When the flag is set, this field value to be used in the MPLS Echo Request packet IP header. 5.2. Reply-to Address TLV Used to specify the MPLS Echo Request IP source address. This address MUST be IP reachable via the Proxy LSR otherwise it will be rejected. [O] Proxy LSR otherwise [P] Proxy LSR; otherwise [R] grammar 6. Security Considerations The mechanisms described in this document are intended to be used within a Service Provider network and to be initiated only under the authority of that administration. If such a network also carries Internet traffic, or permits IP access from other administrations, MPLS proxy ping message SHOULD be discarded at those points. This can be accomplished by filtering on source address or by filtering all MPLS ping messages on UDP port. Any node which acts as a proxy node SHOULD validate requests against a set of valid source addresses. An implementation MUST provide such filtering capabilities. MPLS proxy ping request messages are IP addressed directly to the Proxy node. If a node which receives an MPLS proxy ping message via [O] If a node which receives an MPLS proxy ping message [P] If a node receives an MPLS... [R] -- I am not sure what "which" relates to here; either something is missing in the sentence, or remove the word "which." if a MPLS Proxy ping request IP source address is not IP reachable by the Proxy LSR, the Proxy request MUST NOT be acted upon. [ 'i' in 'if' should be capitalized ] W -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf