IETF Logo Mail Archive

Re: [i2rs] Router Models

Shane Amante <shane@castlepoint.net> Wed, 27 February 2013 02:48 UTC

Return-Path: <shane@castlepoint.net>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7F3621F857A for <i2rs@ietfa.amsl.com>; Tue, 26 Feb 2013 18:48:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.437
X-Spam-Level:
X-Spam-Status: No, score=-0.437 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id abQGyGn043Yk for <i2rs@ietfa.amsl.com>; Tue, 26 Feb 2013 18:48:16 -0800 (PST)
Received: from mail.friendswithtools.org (unknown [64.78.239.70]) by ietfa.amsl.com (Postfix) with ESMTP id E553F21F8551 for <i2rs@ietf.org>; Tue, 26 Feb 2013 18:48:15 -0800 (PST)
Received: from dspam (unknown [127.0.0.1]) by mail.friendswithtools.org (Postfix) with SMTP id 87AF0300085 for <i2rs@ietf.org>; Wed, 27 Feb 2013 02:48:14 +0000 (UTC)
Received: from mbp.castlepoint.net (184-96-123-182.hlrn.qwest.net [184.96.123.182]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.friendswithtools.org (Postfix) with ESMTPSA id F0D71300083; Tue, 26 Feb 2013 19:48:12 -0700 (MST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Shane Amante <shane@castlepoint.net>
In-Reply-To: <512D24C3.2000306@riw.us>
Date: Tue, 26 Feb 2013 19:48:11 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <23F95046-D50F-4835-ABAF-3C8CD3F47A9F@castlepoint.net>
References: <512BECC0.3020306@riw.us> <DA52363A1FF16D46A4F6AD9836FB58660408F000@SJEXCHMB13.corp.ad.broadcom.com> <512CFF4E.6060400@riw.us> <DA52363A1FF16D46A4F6AD9836FB58660408F1AB@SJEXCHMB13.corp.ad.broadcom.com> <512D24C3.2000306@riw.us>
To: Russ White <russw@riw.us>
X-Mailer: Apple Mail (2.1499)
X-DSPAM-Result: Innocent
X-DSPAM-Processed: Tue Feb 26 19:48:14 2013
X-DSPAM-Confidence: 1.0000
X-DSPAM-Improbability: 1 in 98689409 chance of being spam
X-DSPAM-Probability: 0.0023
X-DSPAM-Signature: 512d73ee42072142071752
X-DSPAM-Factors: 27, most+#+#+#+of, 0.40000, most+#+#+#+of, 0.40000, the+#+#+WG, 0.40000, places+in, 0.40000, carefully+#+#+A, 0.40000, 2013+at, 0.40000, when+#+#+by, 0.40000, BGP+#+#+those, 0.40000, BGP+#+#+those, 0.40000, should+#+#+to, 0.40000, policy+at, 0.40000, likely+#+#+#+RFC, 0.40000, i+up, 0.40000, information+carried, 0.40000, action+#+on, 0.40000, Cc*Rob+#+#+rrice, 0.40000, policy+#+#+so, 0.40000, vastly+different, 0.40000, list+or, 0.40000, the+#+#+namely, 0.40000, all+#+intended, 0.40000, a+#+route, 0.40000, use+#+#+#+a, 0.40000, be+#+#+#+BGP, 0.40000, are+#+#+of, 0.40000, to+#+#+discussion, 0.40000, Russ+#+#+26, 0.40000
Cc: "i2rs@ietf.org" <i2rs@ietf.org>, "Rob (William) Rice" <rrice@broadcom.com>
Subject: Re: [i2rs] Router Models
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i2rs>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2013 02:48:16 -0000

Russ,

On Feb 26, 2013, at 2:10 PM, Russ White <russw@riw.us> wrote:
>> Thanks for the clarifications. I am still a little fuzzy about what you mean by "...B to represent modifications to the policy the
>> routing process uses to choose which route to present to the RIB." To use an example from BGP, maybe this could mean configuring an inbound prefix list or other type of policy filter. If so, then B is an interface to change the configuration of the routing protocol rather than the data (e.g., Adj-RIB-In contents), right? Of course, this type of configuration change affects not only what the protocol sends to the RIB, but may also affect what the protocol readvertises to its neighbors. 
> 
> Communities within BGP, for instance, or the metric on an OSPF route.
> Yes, link state protocols would have fewer of these than BGP would --but
> I think a good bit of the BGP policy model Shane wants would fit here...
> (?).

I would hope more folks in the WG want that too.  :-)

On a more general note ... first, thanks for putting this diagram together.  At least now we have a decent picture to start a discussion.

I think you've mostly (?) been focused on routes being received by and processed by a router that, ultimately, are distilled into a FIB.  That's certainly important, but I think that we also need to look in the other direction, namely: routes that get /exported/ from one, or more, routers into an IGP or BGP.  Good examples of this, (which have been discussed in the use-cases drafts), are:
a) placement of aggregate/tie-down/summarization/flow-spec routes, (at certain routers at certain places in the topology);
b) "route filters" applied to, for example, eBGP neighbor sessions inbound & outbound
   i) One example of the above is placement of RT-constraint-like filters on a per-neighbor basis in Route Reflectors, because 'downstream' PE software does not (likely, will never?) support RFC 4684.
   ii) Another example is application of "routing policy" at the border of your AS to filter what you receive and, at the same time, manipulate BGP attributes of those routes that are accepted, e.g.: set BGP communities, set LOCAL_PREF, etc.  Likewise, applying and outbound routing policy to filter what is allowed (intended!) to be announced to your neighbors.

FWIW, I believe that most, if not all, of the above use cases are discussed in: <http://tools.ietf.org/html/draft-keyupate-irs-bgp-usecases-01>[1] and, potentially, your draft as well.

Taking a look at (b) and looking at your diagram, it seems as though (b) should be within the boxes you have labelled "Routing Process".  More specifically, I think you need more "clouds" ;-) sitting directly above the "Local Database" (Loc-RIB?) that, at a minimum, represent protocol adjacencies (e.g.: BGP neighbor adjacencies) where I2RS _should_ be allowed to apply (BGP) policy to those routing protocol sessions, in order to permit filtering of _and_ manipulation of attributes in those routes inbound to or outbound from the routing protocol process, (just like we do in today's networks).  I would think that this additional cloud would represent something like the Adj-RIB-In/Adj-RIB-Out, at least wrt a BGP Routing Process.

With respect to (a) above, namely placement of aggregate/summarization/etc. routes, I believe that would most likely belong inside of and/or injected into the "policy" cloud (inside the "Routing Process" box) through "B" in your diagram.  IOW, I place a summarization route in the routing process, which then flows two directions: i) up into the routing processes database and outward through the routing protocol, using normal routing update protocol mechanisms; and, ii) down to the RIB process for consideration as to whether it should be installed in the FIB after passing through "D" and "E", of course.

In summary, although I think you chose your words carefully when describing "A" by proposing that I2RS avoid (forbid?) "direct injection of information [in]to a routing process", I think there's an important point we should not miss here.  Namely, I2RS can do that, but only _when_ I2RS informs the routing process, which then carries out associated action(s) (on I2RS'es behalf) which will manipulate the state of routing information carried by that process, e.g.: filtering incoming/outgoing routes, manipulating LOCAL_PREF, setting/stripping communities, etc.  And, of course, I2RS must do this is a completely transparent manner so that operators understand I2RS initiated this change vs. I2RS doing something "under the covers" that is non-obvious (or, worse, not visible) to operators.

Thanks,

-shane

[1] We missed the deadline to post an updated version of the draft with the updated "I2RS" WG name, but I promise we will do so when the I-D submission queue reopens.  We do not, at the moment, have plans to change the content of the draft, so please read through it now if you, or other WG members, have not already.

[2] While we're here, I'm not sure where (if it all) you intended for routing protocol redistribution to be illustrated in your diagram.  Given that different vendors have vastly different models/ideas of how this is accomplished in their code, I'm not sure such a thing is even practical or possible.  :-(


> :-)
> 
> Russ
> 
> 
> _______________________________________________
> i2rs mailing list
> i2rs@ietf.org
> https://www.ietf.org/mailman/listinfo/i2rs
>

v2.23.0 | Report a Bug | By Email