Re: [pim] Simple join failure notification for PIM-SM multicast routing

[Pekka Savola <pekkas at netcore.fi>]

On Thu, 15 Jun 2006, Jerome Durand wrote:
> I read your doc, nice contribution indeed. IMHO, we should move forward this 
> proposal quickly. We agreed in Dallas to have monitoring/management included 
> in MBoned charter and your doc comes at the perfect time.

I agree that usability and reliability improvements would be useful. 
The more generic issue how how to make PIM more reliable is undoubtely 
a topic for PIM WG rechartering discussion (as well as MBONED WG for 
making requirements on manageability in general).

I've read the draft in question, and have written up a number of 
mostly editorial comments, but I think there are a couple of high 
level issues first:

 - what is it what we really want?
  a) reporting to PIM routers on the path on observed failures?
  b) reporting to the receiver hosts on observed failures?
  c) receiver-side DoS attack mitigation so that (S,G) joins can be
     pruned off if S does not exist? [see
     draft-ietf-mboned-mroutesec-04.txt]

  First of all, the current mechanism is only reporting a subset of
  failures, i.e., those where it gets an indication that a failure
  occurred.  There is no way to detect e.g., packet getting silently
  dropped (for any number of reasons) as joins are not acked [*].
  I wonder whether there are many of these 'packet discarded'
  scenarios, e.g., non-existing source but which matches a discard
  default route.

  Personally, I'd be most interested in a) and c), because I fear b)
  is very difficult because the hosts would need extra intelligence
  to actually parse this stuff, and if we wanted to primarily report
  to the hosts, we'd have to assume all the routers in the path
  support this (which is not necessarily the case)

  It seems that we might actually want two things, improve
  manageability of both PIM _and_ IGMP/MLD plus security of PIM-SM.

 - it seems that ICMP error message is an odd choice for this 
protocol, given that almost all the traffic is really hop-by-hop 
between PIM routers.  Did you consider using PIM messaging for this? 
This approach is outlined in Appendix B of 
draft-ietf-mboned-mroutesec.  The only part where ICMP might make 
sense is DR-to-host reporting, but even that should probably better be 
a new MLD/IGMP message.

 - the protocol appears to send group unreachability reports 
immediately.
[*] An interesting related problem is whether a PIM join should be 
retransmitted before doing so (but AFAICS, current specs do not do 
such retransmissions, so a PIM join can be dropped for any number of 
reasons)

 - you do not spell out that every router on the path is required to 
support this in order for the unreachability report to get back. 
This lessens the value of the mechanism.  It might be possible to 
achieve similar effects (possibly with lesser amount of failure 
reporting, not sure) using existing PIM prune signalling.

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

_______________________________________________
pim mailing list
pim at ietf.org
https://www1.ietf.org/mailman/listinfo/pim