Re: [Idr] WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)

"Jakob Heitz (jheitz)" <jheitz@cisco.com> Tue, 21 July 2020 04:52 UTC

Return-Path: <jheitz@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A4D33A13DE for <idr@ietfa.amsl.com>; Mon, 20 Jul 2020 21:52:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.519
X-Spam-Level:
X-Spam-Status: No, score=-9.519 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Fut+QP28; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=PrIxgelv
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Al21ikrWOtCf for <idr@ietfa.amsl.com>; Mon, 20 Jul 2020 21:52:38 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D6843A0FD9 for <idr@ietf.org>; Mon, 20 Jul 2020 21:52:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=25032; q=dns/txt; s=iport; t=1595307158; x=1596516758; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=F7qHtV9SoeRD/CgiuMJGkZo54hibc1bTRW1Q5tjQtRg=; b=Fut+QP282rK7B0R0878hLoltzrTpmBz6rvgdVS59FvfmarvFiphTnkWn UVlFUtdWRZWInjv3kix/igEKVnO1jJnjnKiEX7BLRdSYfjk3TjCoSQABg Il9oqkjmV/uWQMrxCALptwLJgcqFph5CORpuqcz+RFQNgg2hh0mV64vxQ E=;
IronPort-PHdr: =?us-ascii?q?9a23=3Atp9/VRRzzDlBtXAqqyWzbhkf8Npsv++ubAcI9p?= =?us-ascii?q?oqja5Pea2//pPkeVbS/uhpkESQB9+J5e9YlvDbrK3hH2cH5MXJvHMDdclKUB?= =?us-ascii?q?kIwYUTkhc7CcGIQUv8MLbxbiM8EcgDMT0t/3yyPUVPXsqrYVrUry688CIPAB?= =?us-ascii?q?jgOAszLePwScbeis2t3LW0/JveKwxDmDu6Z+Z0KxO75QXcv8Ubm81sMKE0nx?= =?us-ascii?q?DIuXBPPe9RwDBl?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DeAQARdBZf/4MNJK1gGwEBAQEBAQE?= =?us-ascii?q?BBQEBARIBAQEDAwEBAUCBSoEjL1EHb1gvLIYQgWkDjUqBAZddglMDVQsBAQE?= =?us-ascii?q?MAQEiCwIEAQGBbYJfAoIgAiQ4EwIDAQELAQEFAQEBAgEGBG2FXAyFcQEBAQQ?= =?us-ascii?q?SGxMBATgPAgEIEQQBAR4DBwcyFAkIAQEEARIIEweCfwQCgX5NAy4BDqE7AoE?= =?us-ascii?q?5iGF0gTSDAQEBBYFHQYMOAxWCDgMGgTgBgmmGBIQEGoFBP4ERQ4IYNT6BBIF?= =?us-ascii?q?YAQECAQEVgUglBgmDE4ItjzUZiV2DFYgvj1iBBAqCXYhWkS5SgiiJPpMQkCu?= =?us-ascii?q?BVoonkXqCXgIEAgQFAg4BAQWBaiMNgUpwFYMkEz0XAg2NeyMMF4NOhRSFQnQ?= =?us-ascii?q?CAQEBMgIGCAEBAwl8jBEtghcBAQ?=
X-IronPort-AV: E=Sophos;i="5.75,377,1589241600"; d="scan'208,217";a="804159624"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 21 Jul 2020 04:52:06 +0000
Received: from XCH-ALN-002.cisco.com (xch-aln-002.cisco.com [173.36.7.12]) by alln-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id 06L4q66K024992 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 21 Jul 2020 04:52:06 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-ALN-002.cisco.com (173.36.7.12) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 20 Jul 2020 23:52:06 -0500
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 20 Jul 2020 23:52:05 -0500
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Mon, 20 Jul 2020 23:52:05 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TpDyXqYZGGi8tAwZOpFtHgTgJQkd5DTxOOKKnLRrO4mRvxQVKPyKbEusvKJ9g1zczUIdX6c9V8EGZSZMvWa7MsDtsI8dzvtsRSLjnzj1Mg5OSy+cGaiH0Cw1bcP6iJhAEiO2F74KkX63olMdyBEWClNF34ZhG96b8XNHtI90YoSP5Il6Gxm9jrLAk+TrN4q6MymyMqkxG6n0f2Yrpnt6EW5PeyQpaPLhNWY1o/gL7THIrcFbA5XSjiLm45P8MQg7jCp/EtGClnlYnC2itlGBzg1yV5PSBfbj8GF3pHvDAj7UvCfosBXCrO0k4Mrehr3UCNU71tbDbV27IoCCWT49MA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1xGoR6BAZLdUsObCzHsxyh0yHIo5uvIrYZCd4EGvWVc=; b=g7E+aQoQ5jKrOQPgRPngZkR5fo/cCKclI+ehqP1pQ81mKFxSECxh5c095BhIPUmgiyIqgllhSTNKWkOPKAreILycdAx+42AdJZU5bCvWTR3kBMMai713QFOlhWlLZ4U3xoNzLSJ43P2zC5a+BJ7gAuUsXJEuqosh0oY6eHBz0kVxJGpNbNUa26454OtI0Dpt47ou4Y5/VSjqxIiNWu2keMkDSQOWH4nZpX7Icud12rGxkyppg+4z2dahhrbvAik3Vd5cjfu6Y7wOh5p3FFLgfJdUPSixJ0oYksfMLDVim0qOB5ZSm2ww4FKYNMzCmHaIavT3JnMYnF52kmxU7WhoQA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1xGoR6BAZLdUsObCzHsxyh0yHIo5uvIrYZCd4EGvWVc=; b=PrIxgelvQTfgxoQcU80bBfnnYU/0eCUxHc34CpxdHUEMrrYgaSA6/ilTYBtjIS0vOAKMJpYgp4nN+iXJdwsLJmqi5Qo+GcWtzXZCkPSsLHwQ3v5RW/Nz8hrs7N8HTdC3IdYFXBjaEynsbas8Fb/Rhl8BMsnaAUJVubEyJg1ZA2I=
Received: from BYAPR11MB3207.namprd11.prod.outlook.com (2603:10b6:a03:7c::14) by BYAPR11MB3701.namprd11.prod.outlook.com (2603:10b6:a03:fc::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3195.17; Tue, 21 Jul 2020 04:52:04 +0000
Received: from BYAPR11MB3207.namprd11.prod.outlook.com ([fe80::c0a8:f52f:8d8d:ebff]) by BYAPR11MB3207.namprd11.prod.outlook.com ([fe80::c0a8:f52f:8d8d:ebff%5]) with mapi id 15.20.3195.025; Tue, 21 Jul 2020 04:52:04 +0000
From: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
To: Huaimo Chen <huaimo.chen@futurewei.com>, Susan Hares <shares@ndzh.com>, "idr@ietf.org" <idr@ietf.org>
Thread-Topic: [Idr] WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)
Thread-Index: AdZaqFM+IHByNV2FRBK1MLVtR2zN/ABKkEHwAM/yKLgAAVYagA==
Date: Tue, 21 Jul 2020 04:52:04 +0000
Message-ID: <BYAPR11MB3207711DF449A039CC57AA61C0780@BYAPR11MB3207.namprd11.prod.outlook.com>
References: <003701d65aa9$689a64d0$39cf2e70$@ndzh.com>, <BYAPR11MB32072C364496472F6BB8FBD4C07C0@BYAPR11MB3207.namprd11.prod.outlook.com> <MN2PR13MB3117DB85FAE31F34D6575B41F2780@MN2PR13MB3117.namprd13.prod.outlook.com>
In-Reply-To: <MN2PR13MB3117DB85FAE31F34D6575B41F2780@MN2PR13MB3117.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: futurewei.com; dkim=none (message not signed) header.d=none;futurewei.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2601:647:5701:46e0:d9b7:6ab1:de71:cac2]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 216cf835-b6a1-49a8-80ac-08d82d31d02f
x-ms-traffictypediagnostic: BYAPR11MB3701:
x-microsoft-antispam-prvs: <BYAPR11MB3701FB894275C01055059BE8C0780@BYAPR11MB3701.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jR6SaT3LY/dP/5vnJsakBJpK4rEX1j3fzCLKX3EEyrW3oSvrN+mcPJAVm+cufwT0j8jZgSlP+8i4nn31RmSf5G0SgzKO2zwNgorXwi0Jv9KxxGL5lajE6DbUpSjcG1eo836YJ6qaqNjm2QdUKfycHXrP+dzzU7rAn6dqQWq1hjSC5GIjXDAT4/RqIyfSuNX194R13w8kFJuNVYdwT27DJOeirRQcFJcs/s95rWZu2AwjFO4TqVWdYIetOC9m57TZtYDM64DSwC1Pj+X1OOZAOq3soHhyCFme1jf3eaIRfTBvYGykqZbIlMysgBrZ4zuRGsNUcwY1CnBlxOoIjZeV9ldHLe0O2qMEJy/cZzYDVi6cVejHxayVHY1KxQld+2i11s66WY/GIvGrqKwqxTzEnA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR11MB3207.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(396003)(366004)(136003)(376002)(346002)(39860400002)(7696005)(6506007)(53546011)(83380400001)(186003)(86362001)(71200400001)(316002)(110136005)(5660300002)(478600001)(8676002)(55016002)(66946007)(8936002)(33656002)(2906002)(166002)(66476007)(966005)(52536014)(76116006)(9686003)(66446008)(66556008)(64756008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: LmJzO6dkq89VEJeq7KF3dYZKOIFzezHae3pyhiEWUiQBGiflQnJMyqxtAASw5h1/AhBzwqnaXwyxSbzfQLyi2TKj2R/xQsOLLxCIFyA9VA81HFqnbnLEgxwSTeeWGy0yjWY60D08PqJK0EAHfiGyq5tRkFv8vanitMQaaVdrcfoXTfaZkfnMJ3EFV0sG7/ieWoLqdtSITUBjWIiV5+F8TwneCQGxwNPedq/HgVWrJgMJpIw1VrgEMxHO7sWoxzANqOSGyKuVigQ6AsO/dw5QhQ6RbdY14VDDFabCm+XyBon0gyjZDfkL+7oxcPLgDgzkMg1s09AVI1V9dHWJG2mBgrT3YbRxHP/hjLIBHb8MJduoFcC2ml8ZbNi2LqmSumd0OINNTNgIrJ1SnWtSfAm/ewzRfMp7bHb3bNycmwDSSsJw6W/KXQ+ZCF3MfjdtjztTFtYQxsxmcEL9A2fiIdP9o2VrT2GEZoMAY+VRwjyt4XgYIcymU0rwOMAMbitooFJSwRQmFtOxblL64w9TSmMEisaE6aJIRpLDmq9C1GohsWIXIeEOjfFlpGOXTam+AOeY
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR11MB3207711DF449A039CC57AA61C0780BYAPR11MB3207namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR11MB3207.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 216cf835-b6a1-49a8-80ac-08d82d31d02f
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jul 2020 04:52:04.1097 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QXYEtzGAKgFwwn3mXIrkEsEPTpItrWV0CoYLstwcNJwARlBcXmN+RqDWJRa8xbyK+gITPeUlbCHkt7qFWP9fmw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3701
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.12, xch-aln-002.cisco.com
X-Outbound-Node: alln-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/0BNidSpauOxed52eiao8jbi0oZA>
Subject: Re: [Idr] WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jul 2020 04:52:41 -0000

There is an important difference between RPD and Flowspec.
https://tools.ietf.org/html/rfc5575#section-6
states:
   A flow specification NLRI must be validated such that it is
   considered feasible if and only if:

   a) The originator of the flow specification matches the originator of
      the best-match unicast route for the destination prefix embedded
      in the flow specification.

   b) There are no more specific unicast routes, when compared with the
      flow destination prefix, that have been received from a different
      neighboring AS than the best-match unicast route, which has been
      determined in step a).

Effectively, the advertisement of the route takes the same vector as the
advertisement of the matching flowspec. Therefore, if the flowspec did not
reach a node, then the route likely didn't either, so it doesn't matter.

The fact that BGP is spray and pray doesn't matter, because the route and the
flowspec spray to the same places.

RPD policy distribution has no such validation rule.

SR policy distribution suffers from the same problem.


Regards,
Jakob.

From: Huaimo Chen <huaimo.chen@futurewei.com>
Sent: Monday, July 20, 2020 9:01 PM
To: Jakob Heitz (jheitz) <jheitz@cisco.com>om>; Susan Hares <shares@ndzh.com>om>; idr@ietf.org
Subject: Re: [Idr] WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)

Hi Jakob,

    Thank you very much for your valuable comments.
    Our answers/explanations are inline below with prefix [HC].

Best Regards,
Huaimo on behalf of co-authors
________________________________
From: Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>> on behalf of Jakob Heitz (jheitz) <jheitz=40cisco.com@dmarc.ietf.org<mailto:jheitz=40cisco.com@dmarc.ietf.org>>
Sent: Thursday, July 16, 2020 9:01 PM
To: Susan Hares <shares@ndzh.com<mailto:shares@ndzh.com>>; idr@ietf.org<mailto:idr@ietf.org> <idr@ietf.org<mailto:idr@ietf.org>>
Subject: Re: [Idr] WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)


BGP seems the wrong way to distribute routing policy.



[HC]: It seems that BGP flow spec has been used widely to distribute policies for redirecting the traffic. It seems work well without some mechanisms in Netconf. BGP RPD should be similar to BGP flow spec.  BGP SR Policy is on the same train.



IETF has already defined a way to distribute configuration: Netconf.

Netconf provides needed features that BGP does not have:

- Atomic Transactions:

  If one configuration item fails, they all fail.

  They all either succeed or all fail. There is no partial success.

  Multiple configurations in one transaction are applied at the same time.

   . This avoids non-deterministic transient behavior between application of the first policy and the last.

- Feedback:

  BGP is "spray and pray".

  Netconf provides an acknowledgement that the config either failed or was applied,

  which then allows the controller to take the next steps with

  reliable information about what configuration exists in the network.

- Persistence:

  If the BGP session were to go down, all the configuration it sent will be implicitly withdrawn.



If another AS would not allow a foreign AS to configure it with netconf,

it would not allow it with RPD either.



There are already ways in BGP for an AS to signal preference across AS boundaries:

Med, AS-path length, communities.



[HC]: Netconf can be used to distribute configurations from a controller to the devices in a network. BGP RPD as an alternative option, may have some advantages in some cases. For example, in the case where BGP as a controller, BGP RPD seems more suitable. Using BGP RPD to control/redirect the traffic dynamically in real time may be more effective.



Regards,

Jakob.



From: Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>> On Behalf Of Susan Hares
Sent: Wednesday, July 15, 2020 6:11 AM
To: idr@ietf.org<mailto:idr@ietf.org>
Subject: [Idr] WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)



This begins a 2 week WG LC on draft-ietf-idr-rpd

from 7/15 to 7/29/2020.  You can obtain this draft at:

https://datatracker.ietf.org/doc/draft-ietf-idr-rpd/<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-idr-rpd%2F&data=02%7C01%7Chuaimo.chen%40futurewei.com%7C12cf72daefe0446d5a7908d829ed0a36%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637305445341383523&sdata=3LvgG6xwElOv27jGetqpyk8ftRub%2B%2B4Ui31Yt8wN87A%3D&reserved=0>



This draft defines a new AFI/SAFI and new atoms

for the Wide Communities.  This WG LC has been delayed

as I waited for a resubmission of the Wide Communities draft.

I had hoped to do these 2 WG LC in parallel.



I've not received the Wide Communities draft, but we will

start this WGLC to provide feedback to the authors.

We may have to run a short follow-up to this WG LC

If there are changes to the Wide Communities draft during

Its WG LC.



There is an IPR statement on this draft.



In your responses please answer the following questions:



1) Do you feel this draft has an solution that is acceptable

   With the IPR as a WG RFC?



2) Do you feel this draft is ready to publish?



3) Do you know of implementations of this draft?



4) Do you know of deployments of this draft?

If so, is this feature useful in the deploy ments.



5) Do you feel that Wide Communities is ready for

Publication?



Cheerily, Susan Hares