Re: [Gen-art] [Idr] Genart last call review of draft-ietf-idr-flow-spec-v6-17

Christoph Loibl <c@tix.at> Mon, 09 November 2020 10:06 UTC

Return-Path: <c@tix.at>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E60D3A0DED; Mon, 9 Nov 2020 02:06:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=tix.at
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RsylKhCven-o; Mon, 9 Nov 2020 02:05:59 -0800 (PST)
Received: from mail.fbsd.host (mail.fbsd.host [IPv6:2001:858:58::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC4CE3A0D01; Mon, 9 Nov 2020 02:05:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tix.at; s=rev1; h=To:References:Message-Id:Content-Transfer-Encoding:Cc:Date: In-Reply-To:From:Subject:Mime-Version:Content-Type:Sender:Reply-To:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe :List-Post:List-Owner:List-Archive; bh=yBAmKFbUGQw/Oat4jBN0ZZYd7YvAg45M+x+0qhhZr5o=; b=m88FejklJi9/GUUtKYvI9KRsuH by7DQ+Zs/S8o9vZiS9+CZHUhbyngd20bbQm9mJOr+EeMLGCbTYhC329QA6SIkdvmoFtBJSM7kZoi/ mkl6mmeEWmoF4L0RZPZr8psMgUMbn4d5Jllt4soFw+sglQOHciRKxv5h3AFMOVdfeD4AOF8uAvwXB vDcJZbaw3enmasQQ90ny+WCRGaOwkMeY7xqfn8r/usYnDG2kg+SSvH5UHIUY+s9W7QC0oZEldMkdt +OCc8rvYM/i6t2CWF3uW/T+MGGiWY3Xs2YKCxEwPL4MogqmHk+1IN9rERgAoiBMiTg7JoS+XSQZVb Ga3Tr2Ag==;
Received: from 80-110-113-91.cgn.dynamic.surfer.at ([80.110.113.91] helo=[192.168.64.148]) by mail.fbsd.host with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from <c@tix.at>) id 1kc43f-000BLX-Az; Mon, 09 Nov 2020 11:05:56 +0100
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Christoph Loibl <c@tix.at>
In-Reply-To: <160365652729.4261.691666404258157493@ietfa.amsl.com>
Date: Mon, 9 Nov 2020 11:05:51 +0100
Cc: gen-art@ietf.org, last-call@ietf.org, draft-ietf-idr-flow-spec-v6.all@ietf.org, idr@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <60029C11-C0CE-4596-8AF6-72811EC2D125@tix.at>
References: <160365652729.4261.691666404258157493@ietfa.amsl.com>
To: Dale Worley <worley@ariadne.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-Scanned-By: primary on mail.fbsd.host (78.142.178.22); Mon, 09 Nov 2020 11:05:55 +0100
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/1uFb5L1ax7Y70qrewHQd-Lm4j1Q>
Subject: Re: [Gen-art] [Idr] Genart last call review of draft-ietf-idr-flow-spec-v6-17
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2020 10:06:02 -0000

Hi Dale,

Thank you for your review of the document. Please, see my comments inline.

The document has been edited, but since the datatracker is closed it will take some time until the changes are online.

Cheers Christoph

-- 
Christoph Loibl
c@tix.at | CL8-RIPE | PGP-Key-ID: 0x4B2C0055 | http://www.nextlayer.at


> 
> Nits/editorial comments:
> 
> 3.1. Type 1 - Destination IPv6 Prefix
> 3.2. Type 2 - Source IPv6 Prefix
> 
> Unlike IPv4, it is plausible that a set of flows could be determined
> by two contiguous sections of an address, e.g., an initial prefix and
> a subset of bits within an embedded IPv4 address. By
> draft-ietf-idr-rfc5575bis-26 section 4.2, an IPv6 flow specification
> may not contain two Destination IPv6 Prefix or two Source IPv6 Prefix
> components, so this type of selection cannot be specified.

A single Flow Specificaton NLRI "rule" can only contain a single destination (Type1) and a single source prefix (Type 2). However you can have multiple FS rules "like firewall rules" matching different src/dst pairs. 

> 
> 1. Ordering of Flow Specifications
> 
> If the offsets are not equal, the lowest offset has
> precedence, as this flow matches the most significant bit.
> 
> "as this flow" should be "as this flow specification"

Edited as suggested.

> 
> 1. Validation Procedure
>    a) A destination prefix component with offset=0 is embedded in the
>    Flow Specification
> 
> I note that this requirement has no functional effect, as a
> destination prefix with length = 0 can always be added to a flow
> specification without effect. However, this observation also applies
> to IPv4 flow specifications, so I assume it has been given due
> consideration.

A length=0 destination-prefix (IPv4 or IPv6 FS) would match every destination prefix. This will only validate if the BGP neighbor announces a default route and you are only following this single route (very unlikely though).