Re: [Idr] AD Review of draft-ietf-idr-tunnel-encaps-15

John Scudder <jgs@juniper.net> Mon, 04 May 2020 20:24 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BADAA3A0FEE; Mon, 4 May 2020 13:24:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=uLJbyKH+; dkim=pass (1024-bit key) header.d=juniper.net header.b=hr6HcPDx
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zyL2tyiBPq5B; Mon, 4 May 2020 13:24:45 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 625DB3A1013; Mon, 4 May 2020 13:24:45 -0700 (PDT)
Received: from pps.filterd (m0108157.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 044KIeHd020209; Mon, 4 May 2020 13:24:44 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=C5VMxqxFli8sEqlcSXEZkNTSQ8LYUfb9/GcVcueKBl8=; b=uLJbyKH+dw4dPnWt45SOyJHG++lnsK7G1q+TR3P7puaoJqI54nJ1WtKtqmS4UgLu+1kP XTEHDzVjpyEnE6qvXCSqX48z4r32iK/3u+fSR8EvuOHVwW06Afc5E2sdvhVPQarTXVYF 6H3x8YnzKWZ80wPH3UeVT1MBW1TAmLwngTLAlvkLqwaUaMWOsDk0S4R4wKDedE2oEVIK jFZl4HekoD5GKkJ+SYcT8CK1DQTkkBJQCnKkGM07c8xYYDSDKGOf+gon/Q176cKehNsV bMRQqlBY9JLjj0wE7yIsY7vcc8uAqfwBQF2Oluco8kzLMJ3riq403TQOfnjyk1yUcZ5Z VQ==
Received: from nam12-bn8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2173.outbound.protection.outlook.com [104.47.55.173]) by mx0a-00273201.pphosted.com with ESMTP id 30s84n3h1c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 04 May 2020 13:24:44 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hceILx2e1YX77poG2ZZ/DJEAd7S+d9Euo56El6Uttv+kyBKl9Kbc4zfrMdeoWWrATFgKrj7Z7+qH6t5dVbYQF/XyllCWf4GdHn0JUgWk/wLTrMZnsTSnrmpaUvm7LDfJD2KvD2n1QVE0UcC7F+PRL4c78xuHOxoyT3XzEmYzWvLHJtyj2X9heKUugOwPX6i88M8rU7Zi4Iw4tJ3j3mYk3XSXR/MJtBxIGETziVET83/EGV+3exDu8wC65/KFHVO8oYhTRtSkellENp8KpGNt1ddn8BOWqLqYRy1ywggxLYigafxTuHaM6xyNl5jDq1xmzLyei1dErIspIfP130I5Gw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=C5VMxqxFli8sEqlcSXEZkNTSQ8LYUfb9/GcVcueKBl8=; b=JnExi0WXXw3CWPn2puFbADQQRC4ozPFrDcpRjrNWJAtVq8dd/c9VaPpfTWTo4OXhf8WV2G6dR8k6X1G3NVhDde9leL7LTnqMO0Qmy0khAYFg4nGP3pPGMYNiXakhGkI+wsrZwJ51Sw4nVbI0ibfAUhcrjHhSZIw4dSudTtKSjSTzmC27RxxEMBE5p2zSUInQw+5vNGhUaUZOengxcvJgS4RWeDYraHI7pfZBA+VuKSOgYT3kQO7gqxXbAXEWiXQG8P58jaw4NREz9561lmO/lZ1HfCmyaEVijKHiYadn61kVDa6BEB0nx/drTV0otia5GP5C6GM/qmEoI06FlfWqXQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=C5VMxqxFli8sEqlcSXEZkNTSQ8LYUfb9/GcVcueKBl8=; b=hr6HcPDxweRPEiNXdsT/Ir12ZZkpIYKEJ8xQXdq5x1lKJHbSJtq7cFfc33Y+jJb8dbzmfnXrCiyKLYpdHYYD9OLdrSNDrdhbB+0bevA6eStZOvSy8fbdF5Ca/YGdNXcFpBdzT+NXVnleO2AVHednzR6cROPxRoUgBdtMp9AZ8zU=
Received: from BL0PR05MB5076.namprd05.prod.outlook.com (2603:10b6:208:83::12) by BL0PR05MB5540.namprd05.prod.outlook.com (2603:10b6:208:6d::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.11; Mon, 4 May 2020 20:24:42 +0000
Received: from BL0PR05MB5076.namprd05.prod.outlook.com ([fe80::d450:6f4c:4c28:b45f]) by BL0PR05MB5076.namprd05.prod.outlook.com ([fe80::d450:6f4c:4c28:b45f%7]) with mapi id 15.20.2979.024; Mon, 4 May 2020 20:24:42 +0000
From: John Scudder <jgs@juniper.net>
To: Alvaro Retana <aretana.ietf@gmail.com>
CC: idr-chairs <idr-chairs@ietf.org>, "idr@ietf. org" <idr@ietf.org>, "draft-ietf-idr-tunnel-encaps@ietf.org" <draft-ietf-idr-tunnel-encaps@ietf.org>
Thread-Topic: AD Review of draft-ietf-idr-tunnel-encaps-15
Thread-Index: AQHV6LURgETtNTA88kySyYPq0YikO6iYyvaAgAAG9ACAAADAgA==
Date: Mon, 4 May 2020 20:24:41 +0000
Message-ID: <D4A1657A-9060-4A4E-BBEF-6FB43B7E737C@juniper.net>
References: <CAMMESsw09LGWWhqyJ_0=jRimUN+_UuCjaXHCdqF9zkpaxSQgVQ@mail.gmail.com> <5CC8EAD7-FDC0-405C-B562-F8C7FB90FE3C@juniper.net> <CAMMESsxF5BcAKyva+pxXDqoTxzCvwFXL6Ryk5uP=T3vZHAwEGQ@mail.gmail.com>
In-Reply-To: <CAMMESsxF5BcAKyva+pxXDqoTxzCvwFXL6Ryk5uP=T3vZHAwEGQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.80.23.2.2)
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.241.14]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 5f098ca4-c377-464c-421d-08d7f0692d6c
x-ms-traffictypediagnostic: BL0PR05MB5540:
x-microsoft-antispam-prvs: <BL0PR05MB5540A81C2E7161EB396EB60BAAA60@BL0PR05MB5540.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 03932714EB
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: FDUtfQpP5DuCxDU3ZmG69Za33skCuWg/8Gxe7D3QWJB+53evt7eVvEs/ZrurNe+6yC2//sE+H46M2mk5M/XnlNYw/kibz3oBwjHh4ypt4IkU9bNkVtR0+YNams9hEX8oLLZ5dH1QKNTaQ3epu8FShMeW2r80VgBuagmjIbPq4j6Ao/Rn86Nbt0iMHib7bpkaepBi+9N/WtuW4rbfeLATfJZjbZ6OkT218BoZpJu97JWL1JMVIbGwionMqwbxLgcmqFpyY92vIaURNuLqabcelM5GesmLzuU1TX+x9dTFScHN/Km+mimIN7YJr107K/ljA7bqpm6mvsYz1GgrqEN/pWsMhs9yIHJeQOQ48xn0F9okkVABVhATd+8ALGzMRexGRE5iLyxUDCluth56w2vC+4P1rwH0d5HvO7y/KfxI59rUvxAjJN8uDQUgO/p2upU/
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR05MB5076.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(366004)(346002)(39860400002)(396003)(136003)(376002)(8936002)(71200400001)(33656002)(66946007)(66476007)(64756008)(6506007)(66556008)(66446008)(6916009)(76116006)(91956017)(2616005)(53546011)(26005)(186003)(316002)(6486002)(2906002)(5660300002)(6512007)(54906003)(36756003)(4326008)(86362001)(478600001)(8676002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: p830a3mCkONRaAaVPpDRzfYQvEso4F2q7X40lJSez5d+Q1zeljVjP3ngF9BJ3os/FjMYfB08suxibxS7lUkWAqzGhDBhJH2TXBXjmimLKaABhs0ZRBstGAbuJ7wJycuEjf+vywuZVp64/6p/6SXlU47f4xGVAyXitvpdSdt9j416syfeAEVTzuyaBEvpTjr/RDar6uyvN3jVL0cEmgYcm1S8n9ckBktWYFT6B5XERiSGhPverW52iZtSZmORDmJI6p2ZZnWtm03QU8ledXxE0qutAG2gPDBCbrCK3G1yZn1MFiZriLvKfS+vGy8wCaBvI6ZhkZ4IPSwmWViDgSmii6oli+bIieKFjDblZ7FvVeUwMT9QTY5e1WMKX7PqaTeWOe/OjqjupEk0nQ0etBBVC6ziybKRhhh+Wbq1l2ePTGk0oErLLWhwruxSRtEmMlXY4B7SjRmeodguacvn0OrjM7wiIexzcaTkPiIAGmicXRmmH7C6P7TZct/hcTiiaGzhSquNWLFW/0yluA0YV7HOWMer3Xme6EEPLBndnxm0Eff68fYe0WUhXBJiGYciF4t+Q49u1KfdQpH8InENcurAjXMK44QRFzB2mCmq5hwdlZobt+bJysRSjC+2w0BCZ9lhqF344It66b2vKn152d7LVCUgchEkZWWCQPFexgxFD5vIm3cunfa6T0TJr9OCpMNl3hG1LU+7Xc3wmNd0ht4DKNq6Fy1OGxXP3DzD12Wbw6tBcCV5LsCc3Zr5ZYTfKNHAsUIBZxUic2Cur7Sw3amdFj2kNsQHVfCOqbLltho1SRc=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_D4A1657A90604A4EBBEF6FB43B7E737Cjunipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 5f098ca4-c377-464c-421d-08d7f0692d6c
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 May 2020 20:24:41.9207 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: KbtIAt0uZ/dHlNqZvvPjBZyVfGssWEnZvZXVQe966z7UR2smKuten+0Mq1MmU+hF
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR05MB5540
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-05-04_11:2020-05-04, 2020-05-04 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 phishscore=0 mlxscore=0 impostorscore=0 clxscore=1015 adultscore=0 suspectscore=0 spamscore=0 bulkscore=0 priorityscore=1501 lowpriorityscore=0 mlxlogscore=626 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005040159
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/0T2Np-L0IS_wQfJPIAKhs2FsvrA>
Subject: Re: [Idr] AD Review of draft-ietf-idr-tunnel-encaps-15
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 May 2020 20:24:48 -0000

Seriously? Doesn’t this just turn into a question of “but what do you mean by ‘valid IP host address’” then? By contrast, referencing RFC 6890 (and associated registries, by the transitive property or something) means that there’s a specific definition the implementor can dig their teeth into.

Thanks,

—John

On May 4, 2020, at 4:22 PM, Alvaro Retana <aretana.ietf@gmail.com<mailto:aretana.ietf@gmail.com>> wrote:


[External Email. Be cautious of content]


John:

Hi!


I think that pointing at rfc4271 may be better; it explicitly talks about the address being a host route, and it is akin to the NEXT-HOP…

Thanks!!

Alvaro.


On May 4, 2020 at 3:57:10 PM, John Scudder (jgs@juniper.net<mailto:jgs@juniper.net>) wrote:

Hi Alvaro,

On Feb 21, 2020, at 7:47 AM, Alvaro Retana <aretana.ietf@gmail.com<mailto:aretana.ietf@gmail.com>> wrote:

428   o  The IP address in the sub-TLV's address subfield is not a valid IP
429      address (e.g., it's an IPv4 broadcast address).

[major] What is a "valid IP address"?  The text above says that
link-local are not allowed...and that a host address is expected...and
that the address must "belong"...now you added broadcast addresses.
Anything else?  Is a multicast destination "valid"?  Is there a
reference that can be added here to avoid having to define it?

This problem has been around from time immemorial; for example RFC 4271 has a couple of places where it says things like


   Syntactic correctness means that the NEXT_HOP attribute represents a
   valid IP host address.


I remember wrestling with this in years past, but I’m not sure I ever came up with a good solution. The best reference I can find is RFC 6890, "Special-Purpose IP Address Registries”, which defines what we generally refer to as “martians”. Using that, perhaps the rule could be rewritten something like this?

"o The IP address in the sub-TLV’s address subfield is listed in the relevant Special-Purpose IP Address Registry [RFC6890] as either not a valid destination, or not forwardable.”

In practice this would probably be implemented by using the implementation-specific “martian” list, but this gives us a way to cite it normatively. By the way, this nominally makes the text about link-local redundant, since both the v4 and v6 special-purpose registries include link-local.

—John