Re: [Idr] Mail regarding draft-ietf-idr-segment-routing-te-policy

"Ketan Talaulikar (ketant)" <ketant@cisco.com> Mon, 08 July 2019 05:16 UTC

Return-Path: <ketant@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9794312019C for <idr@ietfa.amsl.com>; Sun, 7 Jul 2019 22:16:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=lpqQnSWw; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ux9J2+wv
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u21KG8hBxV3l for <idr@ietfa.amsl.com>; Sun, 7 Jul 2019 22:15:57 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B3A6120142 for <idr@ietf.org>; Sun, 7 Jul 2019 22:15:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=43574; q=dns/txt; s=iport; t=1562562957; x=1563772557; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=ucCj47s7EurU04exRrn9tNwOcGgmtk2CHAMnKqsUzEk=; b=lpqQnSWwsz1oZpCY3IsaXKn5wFXnOtLTwOgaDdivQSPQUzU310kyOGKv PeokSvZqZVgIFCBCqFQu6Qyhdb0kxHTS/Ce3A8DTfvN/cMe2rFk0DQskC JDQqZRe9pzkLzp/Vv3UUFEHn1yFHZ5/lSFaePYSNwXte2vL0fUylEatOQ 0=;
IronPort-PHdr: =?us-ascii?q?9a23=3AgUulORUGqD/wyV4aXGdftjv35B3V8LGuZFwc94?= =?us-ascii?q?YnhrRSc6+q45XlOgnF6O5wiEPSANSJ8OpK3uzRta2oGXcN55qMqjgjSNRNTF?= =?us-ascii?q?dE7KdehAk8GIiAAEz/IuTtank5EdhLUkNN9HCgOk8TE8H7NBXf?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AIAADp0CJd/5NdJa1lGgEBAQEBAgE?= =?us-ascii?q?BAQEHAgEBAQGBUwUBAQEBCwGBFC8pJwNqVSAECygKhBKDRwOEUol2glt+lki?= =?us-ascii?q?BLoEkA1QJAQEBDAEBIwoCAQGEQAIXghcjNAkOAQMBAQQBAQIBBW2KNwyFSgE?= =?us-ascii?q?BAQQSEQoTAQE3AQ8CAQgRBAEBIQEGAwICAjAUCQgCBA4FCAwOgwGBHU0DHQE?= =?us-ascii?q?OmzYCgTiIYHGBMoJ5AQEFgTYCg0IYghIDBoE0AYteF4FAP4ERRoIXNT6CYQE?= =?us-ascii?q?BA4E+AQEgKwmCVDKCJot6gnaEfYhnjgIJAoIXhlaEbIhdgiyHIYQMiFWBUI5?= =?us-ascii?q?ghhCPfQIEAgQFAg4BAQWBUDgqgS5wFTuCbIJBDBeBAwEIgkKFFIU/coEpiw6?= =?us-ascii?q?BIgGBIAEB?=
X-IronPort-AV: E=Sophos;i="5.63,465,1557187200"; d="scan'208,217";a="590880468"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 08 Jul 2019 05:15:55 +0000
Received: from XCH-ALN-019.cisco.com (xch-aln-019.cisco.com [173.36.7.29]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id x685FtGN028916 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 8 Jul 2019 05:15:55 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-019.cisco.com (173.36.7.29) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 8 Jul 2019 00:15:55 -0500
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 8 Jul 2019 00:15:54 -0500
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 8 Jul 2019 00:15:54 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ucCj47s7EurU04exRrn9tNwOcGgmtk2CHAMnKqsUzEk=; b=ux9J2+wvlmIPSycRYXq3ODBt/vQDhDOjVULRLzEXwcF657yj+ul87eunNOlp/ym+5krZTGMZ38sDtlJBV3KF7a1k4tRWl77pn4X+m++t9Ygl+vHdouQOzWK7YdfbfMbJHHq7IpgnDoRfaOnsBEA9v4+R/Iqww9NQw/Ebh/AdmO0=
Received: from DM5PR11MB2027.namprd11.prod.outlook.com (10.168.103.22) by DM5PR11MB1274.namprd11.prod.outlook.com (10.168.107.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2052.19; Mon, 8 Jul 2019 05:00:04 +0000
Received: from DM5PR11MB2027.namprd11.prod.outlook.com ([fe80::e83a:ff79:ed23:a9c]) by DM5PR11MB2027.namprd11.prod.outlook.com ([fe80::e83a:ff79:ed23:a9c%2]) with mapi id 15.20.2052.019; Mon, 8 Jul 2019 05:00:04 +0000
From: "Ketan Talaulikar (ketant)" <ketant@cisco.com>
To: Gurusiddesh Nidasesi <gurusiddesh.nidasesi@ipinfusion.com>
CC: Chaitanya Varma <chaitanya.varma@ipinfusion.com>, "idr@ietf.org" <idr@ietf.org>, Ramanathan Selvamani <ramanathan.selvamani@ipinfusion.com>
Thread-Topic: [Idr] Mail regarding draft-ietf-idr-segment-routing-te-policy
Thread-Index: AdT/KtjPP6BADXj+R+K+v5ydxRQvuQA+pdWgASkO/wAAL5Y2QAmaF82AAW1oLBAA6EWMgAAAlx7w
Date: Mon, 8 Jul 2019 05:00:04 +0000
Message-ID: <DM5PR11MB2027BFDCB48266BF271063FFC1F60@DM5PR11MB2027.namprd11.prod.outlook.com>
References: <993db9e45983acc9769af61bf786a6d6@mail.gmail.com> <SN6PR11MB284516BC1430BFFA5E494C0EC13B0@SN6PR11MB2845.namprd11.prod.outlook.com> <CAHhGMfGRgdDTam97sb5dYZQHBLLHpTj85yJ7oL5w7wrB3+q3jA@mail.gmail.com> <SN6PR11MB28451163BCFFD7E2A2DFBFA9C1320@SN6PR11MB2845.namprd11.prod.outlook.com> <CAHhGMfF3XvN4UhedzGSMSA_Qg9JHRp55Vw9enAzsmAh0BBmZ-Q@mail.gmail.com> <DM5PR11MB2027233E97E8949D36D48222C1FB0@DM5PR11MB2027.namprd11.prod.outlook.com> <CAHhGMfGF0kC27GZT4KXMJ835NEyT0kJ8FNCm663h5hW8Mga6Dw@mail.gmail.com>
In-Reply-To: <CAHhGMfGF0kC27GZT4KXMJ835NEyT0kJ8FNCm663h5hW8Mga6Dw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ketant@cisco.com;
x-originating-ip: [72.163.220.14]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b4df7bed-f3bb-4292-0ecb-08d7036123c5
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:DM5PR11MB1274;
x-ms-traffictypediagnostic: DM5PR11MB1274:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <DM5PR11MB1274BEB9109F858243ABDA2DC1F60@DM5PR11MB1274.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00922518D8
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(346002)(39860400002)(366004)(396003)(376002)(189003)(199004)(51914003)(6506007)(11346002)(26005)(25786009)(55016002)(966005)(76176011)(66066001)(7736002)(68736007)(14454004)(9686003)(5660300002)(476003)(53546011)(54896002)(186003)(6306002)(33656002)(66574012)(229853002)(236005)(102836004)(9326002)(446003)(4326008)(486006)(53936002)(3846002)(6116002)(790700001)(99286004)(8676002)(86362001)(81166006)(81156014)(6916009)(8936002)(66946007)(2906002)(66476007)(73956011)(66556008)(64756008)(66446008)(74316002)(256004)(5024004)(76116006)(606006)(71190400001)(71200400001)(14444005)(6246003)(52536014)(478600001)(54906003)(316002)(6436002)(7696005); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR11MB1274; H:DM5PR11MB2027.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: H7Q/GZi//hewgGVKNH1YURE+lzR+3FmkKJ5YdHYUexNZtc/SRz5YZCkSuebwFemfkZzC5c7qO6IuSud+loRoTyPGlTEJNQinbtSN3mjismewwWKrgbCcr/A2+zA86WR2NXkhebG0SZWhpFaUNFL0zd+wVHgOJlnEPLnQtAV+MffnpiL5CK614cFwRO1VMmbKxRllotdDC+J/JpJ/CJvYiJcn39YFSK0hifz76JGQB0YYINzsZzBbrobWEtqEIZ/+tVmCebqMZqikjDz5wZQKT8k0wRHtI7QmILdRTsztrGTSSEFOX97G/1bOhHINBno2KjCsoPkmPoImlAP+LNQczOkEsdBbHf/rVjQpWbt/pggXCZ+6nqV7CWpLuGYKzkZx2lv0PDaYCxaZmdSvxlhlCKNLS034cf6d/+XhN12Bw4k=
Content-Type: multipart/alternative; boundary="_000_DM5PR11MB2027BFDCB48266BF271063FFC1F60DM5PR11MB2027namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: b4df7bed-f3bb-4292-0ecb-08d7036123c5
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Jul 2019 05:00:04.1361 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ketant@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1274
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.29, xch-aln-019.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/061KpegCRM908VuGdY9XxbIY3zM>
Subject: Re: [Idr] Mail regarding draft-ietf-idr-segment-routing-te-policy
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2019 05:16:04 -0000

Hi Gurusiddesh,

The reason for allowing multiple RTs is if the same SR Policy needs to be delivered to multiple headend routers. It need not be read as a BGP router having more than one BGP identifier.

Thanks,
Ketan

From: Gurusiddesh Nidasesi <gurusiddesh.nidasesi@ipinfusion.com>
Sent: 08 July 2019 10:09
To: Ketan Talaulikar (ketant) <ketant@cisco.com>
Cc: Chaitanya Varma <chaitanya.varma@ipinfusion.com>om>; idr@ietf.org; Ramanathan Selvamani <ramanathan.selvamani@ipinfusion.com>
Subject: Re: [Idr] Mail regarding draft-ietf-idr-segment-routing-te-policy

Hi Ketan,

Thanks for the response.
Additionally, we have more queries as follows:


The draft says that
"One or more IPv4 address format route-target extended community

      ([RFC4360<https://tools.ietf.org/html/rfc4360>]) attached to the SR Policy advertisement and that
      indicates the intended head-end of such SR Policy advertisement."

Here one or more RTs are attached to match specific headend?

" If one or more route-targets are present, then at least one route  target MUST match one of the BGP Identifiers of the receiver in order  for the update to be considered usable."
Can a BGP peer have more than one BGP identifier?


On Wed, Jul 3, 2019 at 7:29 PM Ketan Talaulikar (ketant) <ketant@cisco.com<mailto:ketant@cisco.com>> wrote:
Hi Gurusiddesh,

The purpose of the RT is to indicate the specific headend for which the SR Policy is for. So I am not sure of the scenario where multiple RTs will be associated with a single update.

Even if it were, I am not sure we normally strip out RTs automatically without some specific route policy being applied.

Thanks,
Ketan

From: Gurusiddesh Nidasesi <gurusiddesh.nidasesi@ipinfusion.com<mailto:gurusiddesh.nidasesi@ipinfusion.com>>
Sent: 26 June 2019 12:56
To: Ketan Talaulikar (ketant) <ketant@cisco.com<mailto:ketant@cisco.com>>
Cc: Chaitanya Varma <chaitanya.varma@ipinfusion.com<mailto:chaitanya.varma@ipinfusion.com>>; idr@ietf.org<mailto:idr@ietf.org>; Ramanathan Selvamani <ramanathan.selvamani@ipinfusion.com<mailto:ramanathan.selvamani@ipinfusion.com>>
Subject: Re: [Idr] Mail regarding draft-ietf-idr-segment-routing-te-policy

Hi Ketan,

We have some more doubts as follows:


"Typically, a controller defines the set of policies and advertise

   them to policy head-end routers (typically ingress routers).  The

   policy advertisement uses BGP extensions defined in this document.

   The policy advertisement is, in most but not all of the cases,

   tailored for a specific policy head-end.  In this case the

   advertisement may sent on a BGP session to that head-end and not

   propagated any further."


If controller sends multiple unique RTs in the same Update message,
1. Once the SR policy reaches the Headend, should we strip down that particular RT to avoid advertising it further?



Thanks

Gurusiddesh V N







On Wed, May 8, 2019 at 3:58 PM Ketan Talaulikar (ketant) <ketant@cisco.com<mailto:ketant@cisco.com>> wrote:
Hi Gurusiddesh,

Please check inline below

From: Gurusiddesh Nidasesi <gurusiddesh.nidasesi@ipinfusion.com<mailto:gurusiddesh.nidasesi@ipinfusion.com>>
Sent: 07 May 2019 17:11
To: Ketan Talaulikar (ketant) <ketant@cisco.com<mailto:ketant@cisco.com>>
Cc: Chaitanya Varma <chaitanya.varma@ipinfusion.com<mailto:chaitanya.varma@ipinfusion.com>>; idr@ietf.org<mailto:idr@ietf.org>
Subject: Re: [Idr] Mail regarding draft-ietf-idr-segment-routing-te-policy

Hi Ketan,

Thanks for the quick response.
Additionally, we have more queries as follows

"Alternatively, a router (i.e., a BGP egress router) advertises SR
   Policies representing paths to itself.  In this case, it is possible
   to send the policy to each head-end over a BGP session to that head-
  end, without requiring any further propagation of the policy."

How does an egress router advertise SR policies representing paths to itself?
[KT] By setting endpoint to it’s own router-id in the NLRI and setting the ingress router’s router-id in the router-target extended community.
Is it done through BGP configuration or any other trigger?
[KT] This would be implementation specific based on the use-case/workflow.

In the above case how ERO (SID-List) is calculated?
[KT] This is again implementation specific. It could be done by some TE module on the egress BGP router that has topology visibility from the ingress router to itself. It would be kind of reverse of how a headend computes a path from itself to an endpoint – this is the endpoint computing path to itself from some headend.
Thanks,
Ketan

Regards
Gurusiddesh V N

On Wed, May 1, 2019 at 7:34 PM Ketan Talaulikar (ketant) <ketant@cisco.com<mailto:ketant@cisco.com>> wrote:
Hi Chaitanya,

Please check inline below.

From: Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>> On Behalf Of Chaitanya Varma
Sent: 30 April 2019 13:34
To: idr@ietf.org<mailto:idr@ietf.org>
Cc: Gurusiddesh Nidasesi <gurusiddesh.nidasesi@ipinfusion.com<mailto:gurusiddesh.nidasesi@ipinfusion.com>>
Subject: [Idr] Mail regarding draft-ietf-idr-segment-routing-te-policy

Hi,

I have couple of queries from the below draft.

https://tools.ietf.org/html/draft-ietf-idr-segment-routing-te-policy-05

  “ Typically, a controller defines the set of policies and advertise
   them to policy head-end routers (typically ingress routers).”

How do we communicate SR policies from controller? Is it through BGP-SR session or PCEP session.
[KT] This draft is all about using BGP for signalling SR Policies from a controller to the head-end routers. So yes (b) below.

a. If it is through PCEP session what happens if the PCC is non-headend?
b. If it is through BGP-SR what is the role for PCEP between PCE and PCC?
[KT] PCEP is another flavour for instantiation of SR Policies. Yet another option is using netconf/yang or another method for provisioning. This draft is about using BGP and PCEP is not required.


  “ Moreover, one or more route-target SHOULD be attached to the
   advertisement”

How Route-target should be attached to a SR-NLRI update?
[KT] As Route Target Extended Communities attribute – ref sec 1 of the draft.

Is it done through local configuration or picked up based on some dynamic parameter?
[KT] It is done by the controller and may be done via local config – either along with the SR Policy or route policy or even dynamically based on the head-end address. This would be implementation specific.

Thanks,
Ketan

Appreciate if you can help here.


Regards,
Chaitanya


..


--
Thanks,
Gurusiddesh V N

.


--
Thanks,
Gurusiddesh V N

.


--
Thanks,
Gurusiddesh V N

.