[bess] Alvaro Retana's No Objection on draft-ietf-bess-evpn-proxy-arp-nd-11: (with COMMENT)
Alvaro Retana via Datatracker <noreply@ietf.org> Mon, 18 January 2021 21:35 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: bess@ietf.org
Delivered-To: bess@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FF2F3A11A0; Mon, 18 Jan 2021 13:35:39 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Alvaro Retana via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-bess-evpn-proxy-arp-nd@ietf.org, bess-chairs@ietf.org, bess@ietf.org, Matthew Bocci <matthew.bocci@nokia.com>
X-Test-IDTracker: no
X-IETF-IDTracker: 7.24.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Alvaro Retana <aretana.ietf@gmail.com>
Message-ID: <161100573942.32023.1055981922796356833@ietfa.amsl.com>
Date: Mon, 18 Jan 2021 13:35:39 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/qIXHttPTAtInoVgNPJFOsXd19r0>
Subject: [bess] Alvaro Retana's No Objection on draft-ietf-bess-evpn-proxy-arp-nd-11: (with COMMENT)
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jan 2021 21:35:46 -0000
Alvaro Retana has entered the following ballot position for draft-ietf-bess-evpn-proxy-arp-nd-11: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-bess-evpn-proxy-arp-nd/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- As mentioned in the Introduction: This document describes the Proxy-ARP/ND function in [RFC7432] networks, augmented by the capability of the ARP/ND Extended Community [I-D.ietf-bess-evpn-na-flags]. From that perspective this document updates [RFC7432]. Even with this statement, the purpose of this document and the relationship between it, rfc7432 and I-D.ietf-bess-evpn-na-flags is not completely clear to me. I would like to understand the following: - Why isn't this description included in I-D.ietf-bess-evpn-na-flags if the functionality is introduced there? - This document formally Updates rfc7432, but I-D.ietf-bess-evpn-na-flags didn't. How can the description of the function Update rfc7432 if the functionality doesn't? What exactly is the update to rfc7432? - The WG developed this document alongside I-D.ietf-bess-evpn-na-flags, but it is not referenced from there. Why? Besides those high-level questions, I have a set of comments that are mostly related to the normative language used. I would like to see these issues addressed before publication. (1) §3.1 recommends this: The provisioned static IP->MAC entry SHOULD be advertised in EVPN with an ARP/ND Extended Community where the Immutable ARP/ND Binding Flag flag (I) is set to 1, as per [I-D.ietf-bess-evpn-na-flags]. ...but I-D.ietf-bess-evpn-na-flags requires the behavior, from §3.1: o If an IP->MAC pair is static (it has been configured) the corresponding MAC/IP Advertisement route MUST be sent along with an ARP/ND Extended Community with the I Flag set. (2) §3.1: "An entry MAY associate a configured static IP to a list of potential MACs, i.e. IP1->(MAC1,MAC2..MACN)." s/MAY/may This is not a normative statement, but just a fact. (3) The phrase "MUST/SHOULD be learned" is used several times, but the normative action doesn't seem to apply to learning, but to what is required to learn. For example, from §3.1: a. Proxy-ARP dynamic entries: They SHOULD be learned by snooping any ARP packet (Ethertype 0x0806) received from the CEs attached to the BD. A better wording would be something like: "The PE SHOULD snoop all ARP packets received from the CEs in order to learn dynamic entries." The normative action is clear: snoop! Please review/update other places where this phrase is used. (4) §3.1: "They SHOULD be learned by snooping any ARP packet..." Why is this action only recommended? When would a PE not snoop the ARP packets? IOW, why is MUST not used? Note that neither rfc7432/I-D.ietf-bess-evpn-na-flags use Normative language then talking about snooping. (5) §3.1: "They SHOULD be learned out of the Target Address and TLLA information in NA messages (Ethertype 0x86DD, ICMPv6 type 136) received from the CEs attached to the BD." Same questions... (6) §3.1: "A Proxy-ND implementation SHOULD NOT learn IP->MAC entries from NS messages, since they don't contain the R Flag required by the Proxy-ND reply function." If the R flag is required, when is it ok to learn from NS messages? IOW, why is this action not a requirement? (7) §3.1.1: "the node MUST remove that router from the Default Router List...as specified in [RFC4861] section 7.3.3." This is in fact already specified in rfc4861, there's no need to specify it here again. s/MUST/must (8) §3.1.1: "Static entries SHOULD have the R Flag information added by the management interface. The O Flag information MAY also be added by the management interface." It sounds as if the action here is to add the flag, right? Perhaps: "The R Flag information SHOULD be added...for static entries. ..." When is it ok to not configure the flags? Why is the configuration not required? The text in I-D.ietf-bess-evpn-na-flags seems to assume that it is a requirement (but no normative language is used there): "R and O Flag values...are...configured in case of static entries." (§3.1) What if the value is not configured, what is the default? (9) §3.2: a. When replying to ARP Request or NS messages, the PE SHOULD use the Proxy-ARP/ND entry MAC address as MAC SA. This is RECOMMENDED so that the resolved MAC can be learned in the MAC FIB of potential layer-2 switches sitting between the PE and the CE requesting the Address Resolution. It seems to me that the use as MAC SA should be required and not just recommended "so that the resolved MAC can be learned in...layer-2 switches". Why is that not the case? (10) §3.2: "A PE SHOULD NOT reply to ARP probes received from the CEs." When is it ok for the PE to reply? IOW, why is the behavior recommended and not required? (11) §3.2: "A PE SHOULD only reply to ARP-Request and NS messages with the format specified in [RFC0826] and [RFC4861] respectively." When is it ok to reply using a different format, and what format would that be? (12) §3.3: "The operator SHOULD be able to activate this option with one of the following parameters..." For the operator to be able to do anything, the implementation has to support the functionality. It might be better to recommend the implementation... (13) §5.1: "Existing mitigation solutions, such as the ARP-Sponge daemon [ARP-Sponge] MAY also be used in this scenario." This seems to just be an example: s/MAY/may (14) §6: "IXPs MUST still employ additional security mechanisms that protect the peering network..." Which are the required mechanisms? (15) §6: "IXPs...SHOULD follow established BCPs such as the ones described in [Euro-IX-BCP]." When is it ok to not follow "established BCPs"? Seeing that you are normatively recommending something, please add specific mechanisms, not just an example. (16) The references to ARP-Sponge and Euro-IX-BCP don't include enough information to access the documents. Is there a stable link that can be included?
- [bess] Alvaro Retana's No Objection on draft-ietf… Alvaro Retana via Datatracker
- Re: [bess] Alvaro Retana's No Objection on draft-… Rabadan, Jorge (Nokia - US/Mountain View)
- Re: [bess] Alvaro Retana's No Objection on draft-… Alvaro Retana