IETF Logo Mail Archive

[Bgp-autoconf] Issues not mentioned in yesterday's revision

Susan Hares <shares@ndzh.com> Tue, 26 January 2021 13:52 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: bgp-autoconf@ietfa.amsl.com
Delivered-To: bgp-autoconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 966353A09B7 for <bgp-autoconf@ietfa.amsl.com>; Tue, 26 Jan 2021 05:52:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.851
X-Spam-Level: *
X-Spam-Status: No, score=1.851 tagged_above=-999 required=5 tests=[DOS_OUTLOOK_TO_MX=1.449, HTML_MESSAGE=0.001, KHOP_HELO_FCRDNS=0.399, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aK9iz1QaxMSK for <bgp-autoconf@ietfa.amsl.com>; Tue, 26 Jan 2021 05:52:36 -0800 (PST)
Received: from hickoryhill-consulting.com (50-245-122-97-static.hfc.comcastbusiness.net [50.245.122.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 285A23A0964 for <bgp-autoconf@ietf.org>; Tue, 26 Jan 2021 05:52:35 -0800 (PST)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=50.107.69.45;
From: Susan Hares <shares@ndzh.com>
To: bgp-autoconf@ietf.org, 'Linda Dunbar' <linda.dunbar@futurewei.com>, "'Majumdar, Kausik'" <Kausik.Majumdar@commscope.com>
Date: Tue, 26 Jan 2021 08:52:16 -0500
Message-ID: <00ab01d6f3ea$7ba92db0$72fb8910$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00AC_01D6F3C0.92D41010"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: Adbz6GiZVa+qMnF5Tk2wcYyYeQG14A==
Content-Language: en-us
X-Antivirus: AVG (VPS 210125-8, 01/25/2021), Outbound message
X-Antivirus-Status: Not-Tested
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/bgp-autoconf/61HLINyWGTjL3y_HtsGAGjJDr7k>
Subject: [Bgp-autoconf] Issues not mentioned in yesterday's revision
X-BeenThere: bgp-autoconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP autoconfiguration design team discussion list <bgp-autoconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bgp-autoconf>, <mailto:bgp-autoconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bgp-autoconf/>
List-Post: <mailto:bgp-autoconf@ietf.org>
List-Help: <mailto:bgp-autoconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bgp-autoconf>, <mailto:bgp-autoconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jan 2021 13:52:38 -0000

Jeff and Warren: 

 

Thank you for the first draft.  

 

Here's a list of requirements that I do not see mentioned: 

 

1.  security requirements -  

 

Is it a requirement to secure data sent in a L3 multicast BGP
auto-configuration packet?

Is there a requirement that people could send a secure portion of the packet
if they desired? 

 

It all gets down to trust vs. complexity

 

2.  validation of Data sent 

 

Will the bgp-autoconf  check syntax of data sent? 

Will it validate the content of the data set? 

 

3.  Will it carry link level information? 

If so, what security issues will that cause. 

If you trust everyone, what about errors in the fabric. 

 

4.  Will it have a link to BFD? 

 

5.  What requirements are there on top of the IP Multicast - 

 Is the IP multicast a "spray and pray" multicast without   or is it "blast
and echo check"?

 

Mechanisms that I personally hoped would work: 

a) layer 3 multicast with "blast and echo" with ability to go through 2+
switches on way to remote end

b) optional securing of the data sent on BGP auto-configuration  

c) Fast failure - via BFD or some "x" mechanism 

d) optional bootstrap from IGPs or LLDP

Mechanism that I personally hoped a BGP-5 might revise its FSM. 

 

Sue

v2.23.0 | Report a Bug | By Email