[bess] Comments on draft-ietf-bess-evpn-ipvpn-interworking-07
John Scudder <jgs@juniper.net> Wed, 11 January 2023 23:55 UTC
Return-Path: <jgs@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B80A6C1907AD; Wed, 11 Jan 2023 15:55:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b="OV2w8aim"; dkim=pass (1024-bit key) header.d=juniper.net header.b="U15ywPui"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9E4lo3BAr27p; Wed, 11 Jan 2023 15:55:14 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D37AC1907B3; Wed, 11 Jan 2023 15:55:11 -0800 (PST)
Received: from pps.filterd (m0108162.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 30BKfwp2016965; Wed, 11 Jan 2023 15:55:10 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=OYa7vDsRZuoWNlVrY/QHcvQb5CvMtiXg7W+/3DsS3V0=; b=OV2w8aimSpZaRAFIYR48DYzNtJig1HSfIsNtS0mAIyChKQLxi04h8Cr8XeHTtm8XDV7V ATM6iWXrQAUaMN7aoDc5IfGfjuXEUeFruEkTfV+P9ODoGmc8rK2LfVvpTI0KT9kG5Tcg t/TqiDhSDGZ+WAZAPKFxjiWPCPDneICi0zBj/jaqVvp1DM+H+aasTqPd57vAKb1RU/tF W845f1k/FLFf57zMPVPTyWc7NMpVMqzibAGllp2CNVE+H7rxWIF2yA8KDzjZjsxOkGDi gK+un836NUim2Qs8gOa3Zu2odLg/wKH1GHOlvK1Ktx+JNrKQ/yQgNGig+CjPo4H/s2rU tg==
Received: from cy4pr02cu007-vft-obe.outbound.protection.outlook.com (mail-westcentralusazlp17011014.outbound.protection.outlook.com [40.93.6.14]) by mx0b-00273201.pphosted.com (PPS) with ESMTPS id 3n24cmrdh6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 11 Jan 2023 15:55:10 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=K5vcMHNvj47gC+Yz0XbRuGIZtQFttr2P4gh457FWqsDrJll/dDgdx0uZplRd13hbF86q5+X5YVUdgGgxOM1OBM6TPzNehB+5FmUeE/6FHvaNdUM/CCAiekUSp7CVTFHHyKsSoVPln/dbyri8vm/qrdSsUWR6wnyQOwgprzBN7dL44vHqIDxkLoS4/pNZS2l9q4oDgFERCuRJDXecpDUYMWz0oxaJtYxY+wJkIr30a352lKp7BFbzVJJtTdu85wnZuoMFJQ3Bd4WSrCysyqcziDU1ylSggQ/j8EcP3w5eF//VibjkSY1zKPRDgKuELppfRHPFUhyQ5+6x0Uc2FrsCXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OYa7vDsRZuoWNlVrY/QHcvQb5CvMtiXg7W+/3DsS3V0=; b=mbLlZ7yj68n6KMvgy476+48WGGEVcwAIpVQSoP1dafeZLbf/z4Ze9mU5M5/2ebZKK/pcM0/vXqNEsmNJ6y45JO0N5RACGexAbEycGOEHgRIyrgIX9Tm/Df3L8fpnSQ87fgDo3bKkC/wri2FqrTGMCZ0RU7XU52Iq/vmE1AmUdwGfWXTHjCfjfvEGFGOKN6dtw2KE2a7+VREbniQRVZj+h2HvgY1IIf60nRv3efICOj8sdFFGOd5pvZ0k1Qy8r9HrImIvTtvvrx1dqE2ZuiUImBrHWb1i5bfhJeDf7Dd01JmvJEQZbQNDiMIin56UZcwGfvLy7+xD2g855wQgLkHJLw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OYa7vDsRZuoWNlVrY/QHcvQb5CvMtiXg7W+/3DsS3V0=; b=U15ywPuipuRDxh4FCCjrt5mjO5HHVjcDXgD6WwUOpUC7JL/WQ20zEbScyXp+KKKMB3A1FnEssOXvSTlM3z8RZKtDloXfD0e5oAMCuqjRQBC5DGsW9xSkYmGRP631PisPQrfS9sm06KSI6kbQ7sKYFrw76cawvMkaYy7pdcemiH0=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by SN6PR05MB5808.namprd05.prod.outlook.com (2603:10b6:805:fe::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.13; Wed, 11 Jan 2023 23:55:07 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::df3b:c72d:3939:d355]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::df3b:c72d:3939:d355%7]) with mapi id 15.20.5986.018; Wed, 11 Jan 2023 23:55:06 +0000
From: John Scudder <jgs@juniper.net>
To: "draft-ietf-bess-evpn-ipvpn-interworking@ietf.org" <draft-ietf-bess-evpn-ipvpn-interworking@ietf.org>
CC: "bess@ietf.org" <bess@ietf.org>
Thread-Topic: Comments on draft-ietf-bess-evpn-ipvpn-interworking-07
Thread-Index: AQHZJhghdTQv8l791Em2jQ0pAGV8IA==
Date: Wed, 11 Jan 2023 23:55:06 +0000
Message-ID: <9CCFD33F-5502-4AED-AC3C-F6A98F9532A9@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3696.120.41.1.1)
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR05MB6109:EE_|SN6PR05MB5808:EE_
x-ms-office365-filtering-correlation-id: 5fb273ab-9269-4ec2-46a5-08daf42f43f5
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Bt4bsR4+GtLPFB+drn5Y2hfQdVdjpRTscPXONZo+S2oAcktH+/rwvYdIkN56ED3x6E5VlEhy8zd2LvMVyrZYeHwvrX3OFKxjawCXlTm3wppOLstfHdLk/3W/Mbela32Aw3V2dL+JDCs1qloA03rB1DE8+gShHfKceAYQ0eFS70//U+SXttY3M29jAh0SBtQfqcddZLsfmBL7RHN1nkpWdnIt7S8Lzgd40pnSdEeRKRzKsCZni8KfT4T6d3icIQGYCI5TL7LfVI6Rlq8t4EANI44lwOURYPJRwWBbRDtNP4Ka+BNBXHTavu+7bOp1SVEgkYfVqKQnlT/OO9kyP/w/2NptXJgguExfXLwHoAGWWZdWbZhDYFYLfbtvl4TFuC0wL22pSMfJ482hawArQMw3XIt9Nys81ZDvfMacp9bcco4Pr4ProekeyDLbujFGefj/lXaJDD/z7X8ACtupkJQrQGoH37BCuO95JxT2yjHDT/HYTLvc5O7qwT1L7+Yti+XN8UD8ixNM0ncgFkklG0ucUAzZ7pK6ImA/TdInQylgUG/Xgp/MBulXgvo2n0d+0D8RHM1e2oTv+OZxXaJAQtUy0Ec6l9O3sXZIKPtHfyTRPF1/4miUTcy1iAQJYIBPfu0JrqaziJiZYb8N9w/JPqqk3OJHWrfmVHdCwtEGv3ecc8Jyue2X8I8YQ0UrKMUyzHZcLaMQvaNjTB34yHIkRivBL6xeXid2R0YxMnr+zFRxcS3kCD6EjpL/Znr+19FGskD20gvPn5bJuTLrKkgU/dQamHtLEl6xrNfNe08zPhTS3Zc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(376002)(366004)(396003)(346002)(136003)(39860400002)(451199015)(38070700005)(6486002)(478600001)(33656002)(41300700001)(38100700002)(6512007)(71200400001)(86362001)(316002)(2616005)(450100002)(91956017)(66946007)(26005)(66556008)(66476007)(186003)(76116006)(66446008)(6916009)(64756008)(4326008)(36756003)(5660300002)(6506007)(2906002)(8676002)(8936002)(83380400001)(122000001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: i7TLc8FgpfmgnLl9HXTDiod4vEnyJA6vxSjxlYkBsc5rsaP2AjdbmjbTFyzHeNukxY8A3lFi3hIhjn/KRiF0QukkfpTk6WyRndHF4knGazz1OSpN9M/Baa52aBAEjJlcJtiVJ+s55u/CWj8uQhV/Vury1XzBrCiSNmD/T2MnU6Os7osYrxK+j9Yv6YCZiXHNoyxEbiszHL8gWUbQ2rcwlhSw/cKgNx+7is7uhFbtwElAz8k+WyoyFZr7WlpR2ojEMsubbRT2xLh22nVt18pUpC6kN2DQ/HXj9ieM6MH1pzWe0eBECHYOiOpZZ9FIGwMD4+YvZ9nabc2dHVDDJoYHj3w2jlGLAL3+gj/zogHwGs5d6DaJFvGsX/E44/5pclg+qBqNFlvgsahsByOWvHfMHB5GBmT2oZK9oatnWZxjEHvAlmgqdUOItXlui9fRRw70qTDObwCsE5q07GX9YGmks6V3zw4QEA+Gs7m0Q4vEmCfp0f+7w/Yg7Sv+LI+gSIJB90dUlU7vai6ntbCydFHcldYIz9o2m/gN2eLbnddjjVHdnc/3jrw6/iQkRPSU7+/KkQ0RpKYD2H7GeiJJaZYdwMEI+nBw8SW+0xochaiS4t5bu5sE/o/0oevdX8URqD8myHK6s98mdVt8iwbZArBtbIcn2er0ny+B2tI/pQLjUx0gfkJ05sFnNNy5fMeyEM2UPzU7TPVhz7+dW3AzzWMgsOEM6qmml0NADcu7izsOFNhnhcIEkZ2BRDCaCJCOZe3K0SIkCwSL1e64HnuQ78DfsekmPksiC6LQi54J+aK4wHDGbn7I1cixJq6U2Lm61XPCOK0YjbsNzKL9o2HaKy+td3HrPwT6OejL/sSBdzUJyYouBJHg3C1AtsltbGGWL2PSSBa3l2Qx/ih7fW+E0oCNAOMT+L7LaywBzCjPkwh+KrcncHBWa81KSOrp3QzqzrERDfOfiQQ5TpWJokeCD28MLFYrShcig6kuq2nn+fDFHWQsvqfyMWyxWjtOGcuaLu1hVOyWAjPN1LiBqklsqkigkKkDJoFJ1PEQth8TPGrjhwJnVjtCB2JzhglA8lR+/5AxSk7bmJTw+Uab7S+VslI4LDsGHpf0FDnONhV2S10LSfSeIywN715GfMVYC3DkkCEIyRCazKhByxMEFw4Rr0CK+/FfNBeKg1k3kAU6rXP0cCss7HmN7X7sRWDSQh5+Y7ZXOAvC3Me/BTswfKCtuTyoXdkIUBJbhKgI+b/F/bY+fdnmAYklu+vCi3ktz708CIgeYgxSyyBYMxVrQldoXq/fJEsKbeHzHTBGIJ54GJRbYbfu7tW28Z4OfHnCumHdrzOttJoa3z3+uO4H4GQAtzdIKv/1mWS28gg3icoswGC6voyqCLySrSy1wvfI0Adj1A6+F+IDQWOyQzz+AXsVf8jsdXXFchw/m6D350wTFr9geHenp+gO8QHGp78fdW5OXEWQwJtRG9UUYsn5z5ASfAkRavUrZdSQSZjgIXfQgBeWVbv6e+1LP7zORNSMSlXoZuzT5+i5XoQEZcpXCHlHQhC3tkpX1NS9WhFhdLxFCragzpmHXSbXg5C/7KDe88lhtFYc
Content-Type: text/plain; charset="us-ascii"
Content-ID: <4D2CBA956E540B40AAE6731121B7BBA2@namprd05.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5fb273ab-9269-4ec2-46a5-08daf42f43f5
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jan 2023 23:55:06.6509 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: YbwDWfrMDNXielSxToMeibX0+sDIsWJs70rCH+EQt/d80LuRCQnKjmbXf4TFC6kZ
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR05MB5808
X-Proofpoint-GUID: xjLAknIn4QZygFKPc1JHpp47bFQ9bxGP
X-Proofpoint-ORIG-GUID: xjLAknIn4QZygFKPc1JHpp47bFQ9bxGP
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.923,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2023-01-11_10,2023-01-11_02,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 clxscore=1011 impostorscore=0 malwarescore=0 suspectscore=0 priorityscore=1501 lowpriorityscore=0 phishscore=0 adultscore=0 mlxscore=0 spamscore=0 mlxlogscore=756 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2301110176
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/L-SqmQgbByAI3Nfs6VPGA5EFNoA>
Subject: [bess] Comments on draft-ietf-bess-evpn-ipvpn-interworking-07
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jan 2023 23:55:18 -0000
Hi Authors and WG,
I recently looked at some parts of draft-ietf-bess-evpn-ipvpn-interworking-07. This isn't a full review but I noticed some things of concern that I thought I'd share.
Regards,
--John
# COMMENTS
## Section 4
```
An ISF route received by a gateway PE with a D-PATH attribute that contains one or more of its locally associated DOMAIN-IDs for the IP-VRF is considered to be a looped ISF route. The ISF route in this case MUST be flagged as "looped" and be installed in the IP-VRF only in case there is no better route after the best path selection (Section 6).
```
But... this is just a restatement of the general condition for route installation in any case. A route is never installed unless there is no better route after best path selection -- if there is a better route, the better route is installed instead.
It seems to me that either the explanatory text here is wrong/missing something, or loop detection is genuinely not being used for anything.
I did notice that Section 8 (2(b)) contains a rule related to loops ("In this case the route is considered to be a looped ISF route, as described in Section 4 and hence MUST NOT be exported in ISF SAFI-y."), maybe that is where the entire meat of loop suppression resides? But this was not clear to me.
For comparison, here is how RFC 4271 says to handle AS_PATH loops (Section 9.1.2):
```
If the AS_PATH attribute of a BGP route contains an AS loop, the BGP
route should be excluded from the Phase 2 decision function.
```
(If this were an IESG ballot, this would be a DISCUSS question, since loop suppression is presented as a major feature of this spec.)
## Section 4
Also, I don't think the method of assignment of the Local Admin part of the Domain ID is specified. I mean, presumably it's... local... but it seems like some words should be said. Indeed, I found the entire definition of the domain-id pretty mystifying -- it uses six bytes for two fields that appear to be arbitrary (the global-admin part) and even more arbitrary (the local-admin part) without getting any evident benefit from creating that structure.
## Section 5.2
5.2 (1) implies that Wide Communities (draft-ietf-idr-wide-bgp-communities-08) SHOULD NOT be propagated (since your rule is in effect, "anything not permitted is prohibited"). Is this exclusion deliberate? FWIW I see that Wide Communities has passed IDR WGLC.
## Section 5.2
While I'm talking about it, the final bullet of (1) is a little ambiguous:
```
The following set of Path Attributes SHOULD be propagated by the gateway PE to other ISF SAFIs (other BGP Path Attributes SHOULD NOT be propagated):
...
- Communities, Extended Communities and Large Communities, except for the EVPN extended communities, Route Target extended communities and BGP Encapsulation extended communities.
```
I guess you mean that everything after the "except for" is excluded? Because of the shortcomings of English grammar, this isn't clear as written. Perhaps something like, "Communities, Extended Communities and Large Communities, except in the exception cases detailed in point 4."
## General
By the way, I think the usual concern about the use of SHOULD (NOT) instead of MUST (NOT) is going to apply, and the document would benefit from a review to convert these to MUST when possible or supply further explanation about what exception cases exist otherwise.
## Section 5.3
```
AS_PATH is aggregated based on the rules in [RFC4271]. The gateway PEs SHOULD NOT receive AS_PATH attributes with path segments of type AS_SET [RFC6472].
```
That's not a good use of the RFC 2119 keyword, I think you mean something like "gateway PEs are not expected to receive...".
# NITS:
- "as though it would" --> "as it would" (drop 'though')
- [bess] Comments on draft-ietf-bess-evpn-ipvpn-int… John Scudder
- Re: [bess] Comments on draft-ietf-bess-evpn-ipvpn… Jorge Rabadan (Nokia)