[bess] Re: Questions about route selection in draft-ietf-bess-evpn-dpath-00

"Jorge Rabadan (Nokia)" <jorge.rabadan@nokia.com> Tue, 18 June 2024 13:35 UTC

Return-Path: <jorge.rabadan@nokia.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 502A7C14F696; Tue, 18 Jun 2024 06:35:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nokia.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M7s50yTIGXbr; Tue, 18 Jun 2024 06:35:16 -0700 (PDT)
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F9C0C14F5EC; Tue, 18 Jun 2024 06:35:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W/MmVsURAX4NbVKJDxoVqaJBrUb+1vYF/5BFZ1iF9v1W/mvvImoAXKol9EE7XxNGYB3cf0lwu4Py5QxFG9V2B0PPbGEEa9ZNugA1seqUFvcDaaGMA8yiL3HEpM72r5/F2rdOl3dF+C3fF9FOmHUMQ1tpctOcd53qG92+qXGOxQjOdGBnI1YMWkiODL7jBElcXnFHkXIQFj/xO6qktNNiZX5WFHVSkyGAn2excK6xnjo2MB2yPpPJSvP3fextVfFkosgbwjbrmU+MVYzdX8rDJ3WY0DYtt+qrTmzLIE3uDepVyZKWA2vabmrW+pZwB880tjpXNAA+1CPCBGewYEu0LQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FhNIBTUswaEERJSfaDzdWAOyjXWSJYl2y2UTpmXQxJc=; b=BMryQNlj1xp3C8vGIBEto5izpGf4o6C4AKWyCqP4hHu3ROeI8mTEdNoH1l5Esu0Mfg63FPO/1RKdvv39rt0FWgzHqfBnSXdBwbc8WMZTnCXAVMdsugjqRNHKUyQTrPnvrcGvXLP2P50TPzb61KYBpKbr2c/KUX/ALxOlC5+A7a0map3fr2yRqrleXoOEXhI1W/keBs3zocQKCchme6N2IuCjQE+5seUoM8Bw00Kwt2mfl+zalVI7ul16NZ8W3R6eN3DIXu11mDkQKXttyeSGYRSixQtboVlsprdQPPJA9Vpwd06voMHu9Qje0vw0VBl5itHNdGGjdLaPz0L5MPkH4Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FhNIBTUswaEERJSfaDzdWAOyjXWSJYl2y2UTpmXQxJc=; b=Rx72gC+fZWJWgXR8YDv1XjOD+L17QVXmm6rKMXMWnAH95X7nRP8mZ5h4Ljg8RpA+cLpIwQ2xCj5cEwavMyZ+aoV40rAjWQCcYP6esf8jezOWS/Ka2tDMFx1XeWe5TKM0dNV9uLQN281TIa/Gaa9dCp5b0j542HWyS0MdTpsVPBF+ongmITefZ/FxrbG3ox9cFKhKA0QEYGYSDnAnPHb4JDUFRWM7d3rhnheFCHSj1tQrE9OcbLB1wJOjDG3RO9WORdBV74qtm58Q0yDXnIFuFZBZn5FbyL0K6UiFIgdBRqDYlHacwRFk/7t2Yf+sJDVC5MZtUnVvrME/YOL1p94vaA==
Received: from SA1PR08MB7215.namprd08.prod.outlook.com (2603:10b6:806:1a9::17) by BL3PR08MB7530.namprd08.prod.outlook.com (2603:10b6:208:345::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7698.19; Tue, 18 Jun 2024 13:35:09 +0000
Received: from SA1PR08MB7215.namprd08.prod.outlook.com ([fe80::b10c:f208:adaa:c369]) by SA1PR08MB7215.namprd08.prod.outlook.com ([fe80::b10c:f208:adaa:c369%5]) with mapi id 15.20.7677.030; Tue, 18 Jun 2024 13:35:09 +0000
From: "Jorge Rabadan (Nokia)" <jorge.rabadan@nokia.com>
To: Jeffrey Haas <jhaas@pfrc.org>, "draft-ietf-bess-evpn-dpath@ietf.org" <draft-ietf-bess-evpn-dpath@ietf.org>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: Questions about route selection in draft-ietf-bess-evpn-dpath-00
Thread-Index: AQHalyCq9AQexxDeYEWJDJ5E8gj1nbHNqbB+
Date: Tue, 18 Jun 2024 13:35:09 +0000
Message-ID: <SA1PR08MB721526C32B8FDC49EFF57C13F7CE2@SA1PR08MB7215.namprd08.prod.outlook.com>
References: <171206184624.18356.7891001527073621519@ietfa.amsl.com> <20240425145537.GA12879@pfrc.org>
In-Reply-To: <20240425145537.GA12879@pfrc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA1PR08MB7215:EE_|BL3PR08MB7530:EE_
x-ms-office365-filtering-correlation-id: fabf1a5e-4a98-4272-52a9-08dc8f9b7944
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230037|366013|1800799021|376011|38070700015;
x-microsoft-antispam-message-info: 5xUIpmRpsiTymX/c77P9FyHWZAULWaRjYWBig7qrhgy/SLnXxvmPDT0a5YjsnUGOLudDa7CqjyiGg5L9dPGaXR7Yu8NmUiNS2tchQN0/Z45B8qMc/mFIrU/R+xKEs4keAJDMzxBl9SqyAA46yhFnIV1/SXq/4renwJq93IquiMNE9rtMVBGuEaKQ/mWHLpl7pRvUswlAvx1Idz0ttZwBR1XlFvJaaIOlGl/699U28UkhPXGPlQziGT6QqwAVlGkWreEDwGKQJLr92Ao7dTWQxNJsL6SNbeiDLIaNNm/D0CmbGUr4RPqiRmqdxtrhOXm7zv1sJVJ75vkOzN16bvT+d9PpfM8FHg8g9nbZZPz5D8kSymouUb6kglff/60QlWL75HXc428Q9c4jDaAo6u5SCskrdrUnykNmHwuE3833jidB+QbHHti/9HtTxBpPGAKzlCZBh14iJQLwF1hpukQ+V6guEnoZ+tyt/X+/JwyAOGA9+1xFGtaHYTMoU432nN1s0VqgmF5bTkJoAJ00WpHE+/g1WsTlb6KjefcY+CjfA/v6AqT9dBtbnNy24iOgjHTr+tj/OS9VVC/EgU/5JQE8bcAGP5f6/ZPrtwSpCT7u78u/BDWbUzSu5pRmgZtiQX/IX5QStAjGVTMeBrBp96Ui+6seEB4MB7TwF4fbMk5yFUc7RUbehQ3eso3NI7AfeLjydmZH9XREy5Q/nQrW2ouawCULc+V+FfNoqc4Fd+u1Md1KFudI5RlIF0f3+JTc39UmJoj/enEXXjhPkDvafbu2gNKeynFebiuWWhZtuSmh11B56KHfVavHWAe7d68yG7+lA89vXMrKM/NF7uBtYlgqypxGILGbftUoGtdQ5kHDuoMloRPJcp1LcFfIvQawy46X6alOuP31458LJ6rcpOxjNfXnzJsyyrEDOoUlgheXO/VY6unMRkCBYn6PV0ewtC1VGwxqHv14kjDk5B47RhlY7DgH2hdbROyOgKA4FZok0dxqoD5PU/UOK3SbtQWbZd7HmW8wRfuviAaLL7rkZVeZJBtVlQUn//OA8Yq7xwFnR1pqHrXn7zPUUFXZniRaeBpvT/xBH2xnjtNtHRn9g9FeeG5ZjxR3R30ghkpqKa/14Soicz4rJ1glsD/StaIsq+FSPJBq8Us1Lcqj2ZmKvV+CUxvAUqo9H/yIO5AdiOHvtevxIlWzsLPawM8UVbnVMKjJiM6RrMNZYteh+BMZ5aR7TmUU7VOZiv0dlhy6YhSCqinKmaGVsggjhLES4rdtHjFshuq5ZUysn130awa42I6nCIGHz9bFvmdZuWXprVjIJBozN0mSUvU1dqelLlJ8d8Um
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SA1PR08MB7215.namprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230037)(366013)(1800799021)(376011)(38070700015);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ab+0xEx4z87bgLwWVmIiGaExzfTI4CQGnsLsizeJgDFFyZwNu6d72JJ36bVcGjb7qwz/l8l20+Sytmix1RPIs/IKkp0cwRYo/GKIyY6dCTtMyWWSCxHkhqgm/s1RqXmzmwGZUJTJUrIt0UsHPRlU2NlfpQ4sSWVmOGHcgZiKNTYswrhKmnbTZyWjhcY4x6GjWUFViZkoUNHXnZwYCobjMnT8HvpdupMXkVNlsSdknrvzw9P3nsP45+Sjgq3uce3bOgAA2Qdpo7Tv6MAFs8O+7JiPx9Ag4tt7QCsQp1kqvB6Z0GJTPn+ytpqUBb3A34c5kjGCgqb/Y11OdqwXEMDvL2G+pGbjOGydeNXEXCIN1Lqm2L/1zTes8fk/UF48f+x2+FpsSuneGXLyeclvIcSrifvOlEm5800+DneVuz8HIvI+lJi5VJfiDV5+6hfsrzHZZUkoxuW6flkdJCG2MH5aEkPgf/rh1ePGB3cvZpxmQYn7lqnoExcHcUuHgrnlCcFyj9xJhYWdO76mc9Wf4RXgmwf9Dkx7k0qhO2PUYN52IoDmoXMLBXPTue6IMs0xVMYZlVZs1ebEonnzqoKjaWl0+BA9+NLkTlz3MP8UfEkZZEIUrnjYW28DAgVE896Pf1yySrx/TGq7wSdD8LDALCvcINnP1cbNRp/fOEUiwXcl7Pk0qQFJONovZYcOB/wTFqgjdMrBBxRV8HwpRqtYqB/UY9HSKElrIMVhmOhNhAhU7MN6l1fQRyJsMhj8aVCuhZSl3p/zBZVafPyDuoxvtqhXM7bhitJPSoBeLMhb8FnpUILREPOweX8o76qGmQ+qQhhxwAPqs2w3z7Vea6AECIgg4G2yOYXVX65Wh14UAryCv515nOSgUzgaqRU2Xoc0B+qaW21PPi40i0dMsrOlzPDpoDVyy59/iN9tGcQuivnTxDedbV8WMcIzolF1K0JkPsM5RLnHL05G97qAF0qyFhezD76+Rdp0MeWQivvFhsSB2/LSoBRabTRA3XUE/YnYT0vFvkIzkj/6JS3cpTHTA+DteUpXuYj1gcQI/iv7Jm/EMwo39KCe0ZcsIuFgDhKbCHl1utFcsvBKU35YzKbEYpfYiwV/C5LQV533fTyOlgpV2EXGLHMlGub6xISQA8tBBFVqYB2UFwcqdNmEgRO2xnYTPT5Bksrs9Z8zpjCaHpCOF3a2XpKLwP5NrrinEYzrUpGp/NtcHqSW62Zx0mKRvARrZ3ypnOScAeqmaH0D02tGFcckyt+4pjFTqorMASWRNupLDebEmpD4fujUxDSQYCBtH7ihqJ5lV0sXEdJKxJVnXJ8M1NhUMKQb5VXxotJBLkYNq6e4jsMozYbbcH7JlB5D5cj3Pb/7ZYNKtY2OBendQhbpAJcsUO7Eq7deUQWxrtmgnWCckoGC12/9M4euFHZlJxVmA986hF8ktqGzke4OB62hxiyzbLuPz+u3FnAHkhvPWTGcRehtgbtVvseWTY2pWOb8bqB/eNOahap+JbtmXQ7002FZ48EujU5Z1pEKbiY3rur1acAamkmap0QgFSZybMknNLVHxLVr+dKhdzSiGVyx2KxPjl4Pg9muW/Re5bOXqvRPt8buVA3v6Lp/HTxl1w==
Content-Type: multipart/alternative; boundary="_000_SA1PR08MB721526C32B8FDC49EFF57C13F7CE2SA1PR08MB7215namp_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR08MB7215.namprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fabf1a5e-4a98-4272-52a9-08dc8f9b7944
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jun 2024 13:35:09.6763 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: RHG5A7WucTEtzV1FDdKfu6Qe9rxdLjD5YansB4Njxor6DskJIyvWyQgseZ//9eN4XpzCx75D0A8L6F91/r9RKw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR08MB7530
Message-ID-Hash: 36L7YEGDKUU3OMRKRNRR6X3AJQC2LZNJ
X-Message-ID-Hash: 36L7YEGDKUU3OMRKRNRR6X3AJQC2LZNJ
X-MailFrom: jorge.rabadan@nokia.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-bess.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "idr-chairs@ietf.org" <idr-chairs@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [bess] Re: Questions about route selection in draft-ietf-bess-evpn-dpath-00
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/O1vfRdIMx3L2_tdQNFe5Q3-G2A4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Owner: <mailto:bess-owner@ietf.org>
List-Post: <mailto:bess@ietf.org>
List-Subscribe: <mailto:bess-join@ietf.org>
List-Unsubscribe: <mailto:bess-leave@ietf.org>

Hi Jeff,

Thanks for reviewing this as well.

Please see my comments below, inline with [jorge]. Let me know what you think, and based on this we will add some text to clarify those points.

Thanks,
Jorge

From: Jeffrey Haas <jhaas@pfrc.org>
Date: Thursday, April 25, 2024 at 7:55 AM
To: draft-ietf-bess-evpn-dpath@ietf.org <draft-ietf-bess-evpn-dpath@ietf.org>, bess@ietf.org <bess@ietf.org>
Cc: idr-chairs@ietf.org <idr-chairs@ietf.org>
Subject: Questions about route selection in draft-ietf-bess-evpn-dpath-00

CAUTION: This is an external email. Please be very careful when clicking links or opening attachments. See the URL nok.it/ext for additional information.



Authors,

As part of reviewing ipvpn interworking, I also have done a higher level
review of the new dpath document below.

In section 4.1, the cited rules for route selection change are:

:    If none of the tie-breaking rules up to (and including) rule 5
:    produces a single route, the router compares the D-PATH attribute in
:    the remaining candidate routes:
:
:    1.  The routes with the shortest D-PATH are preferred, hence routes
:        not tied for the shortest D-PATH are removed.  Routes without
:        D-PATH are considered zero-length D-PATH.
:
:    2.  Then routes with the numerically lowest left-most Domain-ID are
:        preferred, hence routes not tied for the numerically lowest left-
:        most Domain-ID are removed from consideration.

The first step is consistent with the ipvpn-interworking document.  The
second step is new. What's the motivation for this second step?
[jorge] there was some feedback to the authors that for L2 EVPN routes people usually do not apply policies to modify attributes that affect best path selection (e.g., LOCAL_PREF, MED, etc.), and, since the domain-id of the D-PATH domains is configured on the routers, it was an easy way to influence the selection, should the operator want to do so. The scope of the (L2) EVPN route types 1,2,3 is much more constrained and controlled, and after evaluating it we included it in this draft, and it is implemented.


A consequence of this second step is that the configured domain ID, when
routes are redistributed between domains, becomes a "hard yank" to influence
routes to pick a specific domain.

I.e.:
- If there are routes with no dpath and routes with at least one dpath, the
  routes with no dpath will win.  Effectively, the current behavior for each
  of the impacted document sections.
- However, if the dpath is at least one, you prefer routes from the domain
  with the "numerially lowest" domain id.

This is somewhat similar to taking BGP's BGP Identifier check at the *end*
of the route selection process and moving it near to the top.  I suspect
this is not what you want.
[jorge] Yes, that’s the intend.


Other issues:

"numerically lower" isn't clear with respect to a domain-id, especially
with regard to the ISF_SAFI_TYPE component of it.  Is that used?
[jorge] no, it is not used. The text refers to the domain-ID which is excluding the ISF_SAFI_TYPE. But if you think it is not clear, we can add some text of course.
Ignoring
that, is the result the same as running C's memcmp() on the two six byte
values?
[jorge] yes, that was the idea. We can clarify.


As discussed in the context of the ipvpn interworking draft, changing route
selection after the fact is messy and could in some cases lead to
inconsistent selection within a network.  However, for the route types that
this procedure is recommended for, have you convinced yourselves that
inconsistent selection is fine?  Or will your recommendation be, similar to
the ipvpn interworking draft, that the entire deployment must be upgraded to
support the new procedure?
[jorge] we can add similar text with regards to upgrades if the WG thinks so, but this is a more constrained environment. There is no leaking into any family that facilitate the attribute escape, and the GWs only redistribute MAC/IP routes in the case of EVPN L2 ELAN, and AD per EVI routes in the case of EVPN VPWS. So I don’t think we as authors have any concern, but I agree with your points that we need to provide text warning the implementer about the potential consequences of inconsistent best path selection.


-- Jeff

On Tue, Apr 02, 2024 at 05:44:06AM -0700, internet-drafts@ietf.org wrote:
> Internet-Draft draft-ietf-bess-evpn-dpath-00.txt is now available. It is a
> work item of the BGP Enabled ServiceS (BESS) WG of the IETF.
>
>    Title:   Domain Path (D-PATH) for Ethernet VPN (EVPN) Interconnect Networks

[...]

> The IETF datatracker status page for this Internet-Draft is:
> https://datatracker.ietf.org/doc/draft-ietf-bess-evpn-dpath/