IETF Logo Mail Archive

Re: [bess] draft-rosen-idr-rfc3107bis-00

Eric C Rosen <erosen@juniper.net> Fri, 15 January 2016 18:01 UTC

Return-Path: <erosen@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B4BD1B308A; Fri, 15 Jan 2016 10:01:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dw3UEikbY3Ek; Fri, 15 Jan 2016 10:01:13 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0129.outbound.protection.outlook.com [207.46.100.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D70281B3085; Fri, 15 Jan 2016 10:01:12 -0800 (PST)
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=erosen@juniper.net;
Received: from [172.29.35.81] (66.129.241.12) by SN1PR0501MB2158.namprd05.prod.outlook.com (10.163.229.152) with Microsoft SMTP Server (TLS) id 15.1.365.19; Fri, 15 Jan 2016 18:01:09 +0000
To: bruno.decraene@orange.com
References: <5696933E.1080802@juniper.net> <20421_1452784714_5697BC4A_20421_2179_1_53C29892C857584299CBF5D05346208A0F791AE7@OPEXCLILM21.corporate.adroot.infra.ftgroup>
From: Eric C Rosen <erosen@juniper.net>
Message-ID: <569933E1.7000104@juniper.net>
Date: Fri, 15 Jan 2016 13:01:05 -0500
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <20421_1452784714_5697BC4A_20421_2179_1_53C29892C857584299CBF5D05346208A0F791AE7@OPEXCLILM21.corporate.adroot.infra.ftgroup>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Originating-IP: [66.129.241.12]
X-ClientProxiedBy: BY2PR08CA0007.namprd08.prod.outlook.com (25.163.62.145) To SN1PR0501MB2158.namprd05.prod.outlook.com (25.163.229.152)
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB2158; 2:YLAtsVufOQ0RW20UEP4vSPrsXMZz5AWJCQxk6XJ7TQ07iihu/QMFkzN3PUzrAY/lLsDYBXyawuQUbMB6ywHqQ5hHYOMNmh0tyek3FgacaqFdo3GqBIKcasRH3jvFziPqUaswuvjY5kLiCLKKYytFbQ==; 3:ZFuAmh7G9M5sqKxP4hPk5AaHfbh7wogtdSIRyp9IvYdRMGtoNfySnWpg+4b6sHjopsVTJZp0NrD/RRFmrnevsZwfxikn22yh+V5suCYnD2oFuy+NgUetFGN/Jp50ZchV; 25:bG31oiigTmFIyz/k72L8BcKMfO/4Itq4xSr2x9OW2udWNGCMqFBApquDEpgz7g68KJ9+hZE3Sc+Pe9rqVk1XF66o7C493ElPg0+/YtXLBzwCWThTIieu5YFppC/4+PMmu0SsonThI+mI4bppQ+zwDKPyXORw/4VuhFilWvBpiptdC4qiXuD0YjSfapOhP5k419VaX0R2c2XDBSKDK742upF2p9nMVBlfR7GZExE5mAtTIWWADJ4BFTuS5nCzHAUC
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR0501MB2158;
X-MS-Office365-Filtering-Correlation-Id: 2842bd9f-8cc4-4dd7-e371-08d31dd5d9f1
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB2158; 20:gudvSEvPSP5E6hS4j4QMHzRaGfEP+ScD9pdLOcJf1Sv72uzfKa7QzA97PNVdvgFRb36EaG2H6LHDZ9mURJ7r6FDSl/PZhdf99IamFujEph5spfVOgJpu6LVpQFpQh7RA3QG46rZlDPWT3AdZQ75Y4QGZ/ISf4DSZzSleyRbYEWvobVrAuWlaiyOV5/MVy7jProZOVSgHGnLGJjvGa+wbM4a2yRrbbdVa/v1MdF5tzjWrudGW0fyj2qZxMIvQZb5p65GvDglFZbpsXZGQEAwP6KI3Qoy/0bDbWBsyBoMqdRxAlKfpJDnqxqD0LBQDarcjk42YmdI8B8b5Pa+NC8DOgpt5G8ywZ7lnMy52rxb8AcweMjZj0bfKCSAh32XD1dkOJXqyfa3UjZ+WVdJonNPdDQEl16z02kgiGtFRQrsFH0louSYY1TvArwXLIY9h4VL3os8YMD8oHnbvgEk1X9Qlh4ZCQJpv32Sl5Dhbks8uePvySS9m5tPHcAOe975iRMDZ; 4:aKPXGIxecab0PpXGCrhY/pEk0t2MPCv7GIQxHrRyZpxPeO2iTL6gv7ubzsQH6kzhVN99Ti0MAwM8rj5WmByTmXr3bMTtNeNPZNUBl3UQsMYmNQL78j8lWPEzysbvCyI7Yofuh1iZM+NnEbLnQHxs1cLglfO1vWDCGlGZTn7EIkbdnhuSsGt+5FkD+qg3q8tkfg0FACfn9E1E2P2wmKROf9Td5gGXbvYIpWDYEAmf4fRGDXdJnWdOgM0PW4VDbr23MqVUOFINvuR9ygx9grW/BqPoSGR+US2wDmJ0hEh3wur6U3ApB4BRG8cI6UDjkDyB2k7JZEaudYS9OKDtUH+RL8004KY3A3sLfBCz1qRDls+hvwUWB/0BJ/+ZSkl8r+qC
X-Microsoft-Antispam-PRVS: <SN1PR0501MB215808D50923493AFD8319E4D4CD0@SN1PR0501MB2158.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(520078)(10201501046)(3002001); SRVR:SN1PR0501MB2158; BCL:0; PCL:0; RULEID:; SRVR:SN1PR0501MB2158;
X-Forefront-PRVS: 08220FA8D6
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6049001)(6009001)(189002)(31014005)(199003)(52604005)(2950100001)(77096005)(101416001)(5008740100001)(86362001)(92566002)(2906002)(33656002)(3846002)(40100003)(122386002)(4326007)(5004730100002)(50466002)(1096002)(6116002)(586003)(42186005)(5001960100002)(189998001)(59896002)(36756003)(54356999)(110136002)(87266999)(4001350100001)(65816999)(81156007)(97736004)(47776003)(87976001)(50986999)(230783001)(83506001)(23746002)(2351001)(80316001)(64126003)(65956001)(66066001)(65806001)(106356001)(99136001)(76176999)(105586002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1PR0501MB2158; H:[172.29.35.81]; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
Received-SPF: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB2158; 23:pI7dfvafUg2rC7o0M/Y7J9C1pqnWlG1YU5jRF9pfsKP/ZItqTbU25uvj14cCfWPSP04OXSDa94CttAoAXAYHeCjXn1gjwZO+70UrQAtCshzcDFuDTu8nigll5P3oWuvr9HPAdvd9yiUmLK9XlzK9AU/SJbn0oMfCEWBEkLlrzgHxMHaLVihnqjup84hBzvbCz2hY1+AE5irnpLZxHPFu2dETfpYSgKoqtjJKJ2w+DQuEkdbpISgVpb/NkmlqpnZoXVVWC3s5S3i3V8v03KdIn4n7Fo7dm6fhktXGouOtFVUe/YP160Wdm8pVFfh3RigiLYT7nbrL44vrqx/CAKTMTO7uQ5RlFFjlcSoHcoaYTlPZv3CaalTD88hGapX8stIUCWfuYZ9T3ahVXZPMYPlDRU0zi/E9Et7o1g9SkhqVJmLaMTItFTJ9XqdlLGLZU9oqtLorfFTVEtGqBFAGCFRrmq5q64PBjyRazeQKto0JBGQRnvIDyq+3l0+RaEZmSmQ5B1WxIJ1m5xWwXt4Ckzs/t6UA10X0+R+0fCzXM2YYpW7hiv6lLRk/LXRQ096UY+QdeM/WxQrCwOSdSLd8lw/ILY8wkFQ1XGM4WEad51IBej4Yewa3V8ScCt5x/jQVxf4x2pN8U4Wj0JhKcexhVgV9FGlan95zhBPTwM+H0dfktGW8duOrDi+5BNmgWOPs+2aN8N5BtPXYVvB5fPzX1lxzSytZMiQFvo802el/pLxeikjDOv01//q/D9RQXx+jcCFdJSquXT8veA/7rwWwcSaRw7npY/Oh5IdcOEsBAhTX41m4CGyJA4G6YQ7wuz89qEqvE5kCpYiUWoP5h3SyEzPUesioBK5a7F0U8TqBVlenbeNTSzMflrAb8WeS1hHxwDTC++5viW7aQy9dvbx/4WvttZj65SQvRivj5N+9mD9v/6rJ30mAZMPq5G2PBpESvpWZWvbeWp4VVInZtOcp1cX/okKKyWsrgw1dH01fmiMMfF0ygzSSOo2YllIRSlMXYGMsfril+6Cja+5+lkipDVphl35Up/tx7uOndGo1gAcDSf5pv42iWj//kwSpC1ng9qrWAphYs3zrLOM1ZHNIhhUMYhMk4GnQWeW4xB/4YIqmiyrsT0SYFrkJGnAKOB4SVn2pvK4iu0dayKlVCVcXns5q0PW6Exjj7T4zHuxjm3zDvc7ICBaoWmTSDaII60HIas7+T5EBRaZqnMg9K/w/VvKcanEla8VzLhfSOzy8P5r1s+31Cm/kSY0UyXt8zR+lTFvB/59FdLYJ5ltUnSKGJKOU+Q==
X-Microsoft-Exchange-Diagnostics: 1; SN1PR0501MB2158; 5:MdsfsRHYS+gT5KWL7Bo9sGJ0VTZBLCKpfB0/uM1BZrgy8lLkOVJevWbZvxLTJ3t4NImpqgSTLrztPas+XjV3aYjhlXqRnUx19ikNXUl3y/pbn4x2iKHTTCsBFWak2JofgLIikw+sir7ImwoEvFmviA==; 24:bux7oR+246sTnVRkK597UAWZMuGJrs+7a0WMD/PtpOJ80Zdyo2NbYG8WkoTxBb/lbGzoy5/3KIahFw/TmeVsmvOfnjSbskTiNoFyBI9S3fM=
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Jan 2016 18:01:09.8619 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR0501MB2158
Archived-At: <http://mailarchive.ietf.org/arch/msg/bess/T-xWbg5IF4I2udT0N0IFOqXFuQ0>
Cc: "idr@ietf.org" <idr@ietf.org>, BESS <bess@ietf.org>, "mpls@ietf.org" <mpls@ietf.org>
Subject: Re: [bess] draft-rosen-idr-rfc3107bis-00
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jan 2016 18:01:15 -0000

Bruno,

Thanks for reviewing the draft!
>> - RFC 3107 provides an encoding that allows BGP to assign multiple labels
> Upfront, the current issue is that implementations, which claim compliance with RFC 3107, are just non-compliant. So the draft is proposing to change the specification to make such implementations compliant, while another option would be to fix implementation (to be compliant with the RFC they claim to support).
I think the best approach is to try to write 3107bis in such a way that 
the existing deployed implementations are compliant to it.
> The main issue I have, is that this draft is not backward compatible with RFC 3107 (as a RFC 3107 speaker will never notice that its peer has not send the new capability, and may still send multiple labels). Plus in case of error due to this incompatibility, the error handling behavior is likely to be "BGP session shutdown" (as the NLRI "cannot" be correctly parsed) which is disruptive. Plus the implementation A not supporting multiple labels, will claim that the implementation B supporting multiple labels is "not compliant" with rfc3107bis, while I would rather argue that this is implementation A which is not compliant with RFC 3107.
Luckily, the existing deployed implementations, as far as I know, do not 
support multiple labels.   If a new implementation were to send multiple 
labels to an old implementation, we would likely experience the 
disruptive behavior you describe.  3107bis tries to prevent this 
disruption.
>
> I'd propose one change:
> - Capability means: I don't support receiving multiple labels, hence you SHOULD not send that to me.
> - Even if the capability is not advertised by both peers, and hence a single label is expected, all implementations MUST check that the "S" bit (in this first label) is set to 1. If the bit is cleared, the Prefix MUST be identified as per RFC 3107/this document and treated as withdraw as defined in RFC 7606.
>
> This means more work for rfc3107bis speakers, but we can't ask existing speakers to do the job. Especially since they were compliant with RFC 3107.
If only a single label is expected, there is no real reason to check the 
S bit.  I'm not sure that all existing implementations actually set the 
S bit, so requiring new implementations to check for it would just 
introduce a possible backwards compatibility problem.
> Plus very minor comments
> - From an editorial standpoint, I'd personally favor removing §2.2 and saying in 2.3(or elsewhere) that if the capability is not exchanged, a single label may be encoded. (IMHO duplicating the text is less easy to read and more error prone. And I believe this would be enough to address your point).
I went back and forth on this issue, and I'd welcome more opinions on 
this from the WG.

You are right that it is generally a bad practice to have so much 
duplicated text in a specification, but I thought the intention would be 
clearer if the encoding for multiple labels were described separately 
from the encoding for single labels.

> - In Figure 2 (§2.3), 2 labels are indicated. Do you think there is a need to indicate which one is the first (Label 1) and which one is the k th (Label k). Indeed, the order of the labels is significant when the router will need to push them in the dataplane. Or a sentence could be added to make this explicit.
This is mentioned in the "Data Plane" section, but I think you're right, it should be mentioned in section 2.3 as well.

> - In §4, there is a possible case which is not described:
> S1 receives L11, L12,... L1k
> S1 sends      L21, L12,... L1k
> S1 programs in the data plane: L21 swap L11
> Compared to sending a single label (L21), S1 avoids having to push k labels in its dataplane, which it may be incapable of.
> - In §4
> "While this may be useful in certain scenarios, it may provide unintended results in other scenarios." I fail to see when this can be useful as N1 or downstream LSR will receive packets with labels there are not aware of (L22...L2k). Out of curiosity, I'm be curious to know the useful scenario that you have in mind.
Actually, I was thinking of the case you just described above, but I wanted to formulate it in a more general way.  For all we know, <L22,...L2k> may be domain-wide unique labels ;-), or S1 may have some other way of knowing L21 will get the packet to a node that will be able to understand  <L22,...L2k>.
> - in §5 " It is possible that a BGP speaker will receive both a SAFI-1 route
>     for prefix P and a SAFI-4 route for prefix P.  The significance of
>     this is a matter of local policy."
> For 6PE (rfc4798), may be this should not be a local policy but be specified as a priori SAFI-1 and SAFI-4 prefix should be comparable. Ideally rfc4798 could have specified this but I haven't check if it's done. Alternatively §5 could reference this case.
> (Same point for propagation between SAFI-1 and SAFI-4)
In 3107bis, I just tried to capture the fact that different implementations handle this differently.  If a particular application needs to mandate a particular behavior, that should be part of the spec for that application.

Eric

v2.23.0 | Report a Bug | By Email