IETF Logo Mail Archive

Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)

"Borchert, Oliver (Fed)" <oliver.borchert@nist.gov> Wed, 22 November 2017 19:58 UTC

Return-Path: <oliver.borchert@nist.gov>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3E86129A97; Wed, 22 Nov 2017 11:58:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.09
X-Spam-Level:
X-Spam-Status: No, score=0.09 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G7Bhcu-JqdAh; Wed, 22 Nov 2017 11:58:20 -0800 (PST)
Received: from gcc01-CY1-obe.outbound.protection.outlook.com (mail-cy1gcc01on0133.outbound.protection.outlook.com [23.103.200.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E984E1296D2; Wed, 22 Nov 2017 11:58:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=bYrLWJ4yomgLvautCdC/7/lEeGlLm69AMBr9QV1PQUQ=; b=hpep24C7TwjRKjGuzkVtOqIfY0y8qpVLqoyhyjhAdrJQvKN8Gj+amLT4AkPuVzDqOU4I+k7B3I/d0KhoO04ENvimz/sC8bZgUZYwD1RDwE9vI5mKCv/GefUEaLngiv7u2VxQYiCOFHLC35Avd8cyZbb2/3hIEDpCtYB+ZXHMFMA=
Received: from BN6PR09MB2131.namprd09.prod.outlook.com (10.173.160.147) by BN6PR09MB2129.namprd09.prod.outlook.com (10.173.160.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.239.5; Wed, 22 Nov 2017 19:58:17 +0000
Received: from BN6PR09MB2131.namprd09.prod.outlook.com ([10.173.160.147]) by BN6PR09MB2131.namprd09.prod.outlook.com ([10.173.160.147]) with mapi id 15.20.0239.009; Wed, 22 Nov 2017 19:58:17 +0000
From: "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>
To: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
CC: Robert Raszuk <robert@raszuk.net>, idr wg <idr@ietf.org>, "idr-ads@ietf.org" <idr-ads@ietf.org>, Idr <idr-bounces@ietf.org>, Thomas Mangin <thomas.mangin@exa.net.uk>, Randy Bush <randy@psg.com>
Thread-Topic: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)
Thread-Index: AdNcB5lUqir6ZylBRUe7xuFnWiyeYQGq5uSAAAg/8QAAAS+JgAAAPKYAAAK34gAAABCLgAAChkMAAAJHFYAACFGHAAAAj3+AAAAbuIAAAITrgAAhcQSAAARgtwAABaxqgA==
Date: Wed, 22 Nov 2017 19:58:16 +0000
Message-ID: <1D2FD437-0EEF-4FF6-9853-C09E7EEA2A15@nist.gov>
References: <000901d35c08$3f12d950$bd388bf0$@ndzh.com> <B61C3B8F-1168-4EB1-8D8E-88C4BF28B3AA@exa.net.uk> <CA+b+ER=1sHhAqhOc2VipzZMB+Zsxk8n+8cNUshkjPw_A9k9E-A@mail.gmail.com> <39049A8C-6D47-4251-AF87-342F68DDE8AE@exa.net.uk> <CA+b+ER=ANs15BEmRKeqneVHNcTSCsGDMVDQgFV4OucwPSWcLgw@mail.gmail.com> <CACWOCC9Yde99EbhLrveCtoUVSZWiP=sL=k69zrGBeNj5AjCGFQ@mail.gmail.com> <CA+b+ERk_2XZ_Y3EqSjNAbSi1ZqKhD2oThrRR2EOJzckQ41GijA@mail.gmail.com> <CACWOCC-EfzOYdUrHAWQN10LBzofySrKRADc6Zq-dyca1o0DPvw@mail.gmail.com> <CA+b+ER=ppm1N2wnMrPxxS_Nug2EaETBkW5gASTVZ2UKKq0aZJA@mail.gmail.com> <976743ea96934039a85fa74415b45862@XCH-ALN-014.cisco.com> <CA+b+ERmpEghcndHKM+WKKxg1V8ufTwg=xqb0J5jNowZHj2OwAQ@mail.gmail.com> <88d5df779a344b588745108c771d3145@XCH-ALN-014.cisco.com> <deae6e85c3ff47a6bbcac176eb91bd3e@XCH-ALN-014.cisco.com> <F0EAF2D4-656D-48BD-830B-DC2E8B862813@nist.gov> <A0106E1A-272D-4E1D-A0F3-E3531D583AA3@cisco.com>
In-Reply-To: <A0106E1A-272D-4E1D-A0F3-E3531D583AA3@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.27.0.171010
authentication-results: spf=none (sender IP is ) smtp.mailfrom=oliver.borchert@nist.gov;
x-originating-ip: [129.6.219.120]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR09MB2129; 6:69uL8dOFc1M9Bggg6KfM6/uY4Y6d43DDSEHAshjsq2kd/Dbfy/QH108w+wFJIQ5a/rCm6jBKIc2wGq9HY1B3UDtyEI6VwCvwA0kuOPr8FfUJWvZOTg5S6EfQPuQzcNHJw+QGPYQEBxo+GilV3TtOvyi3wmsKAcEceqr2arYkJrswnZFMz0nyKUmcT+pOdyxoc80Y0dyotMRdTwFgRQG4aL5IjhlfrmX09Hiwqp47PbfPgvo9oB3KN3uM3/wX2r9m10u9phIofoUgoX4idni9GIrZZOSFbqcKV6h61EqTuxJgxZ5MGuNw31MULzuCBg5YDPwZfCo9pM1HpIAzheq92PRSAeWMC3u1pYwUFIvDQBw=; 5:vsIRTINMss/OBxTt/TkpgogTkYN3aXIBNOPU8uSEfQHJH0EeToQHQgeHWmrWnWUvfx6P0ztT/wFt5afIwx+hEG1T/ZTdndfGW3bL0kNQI366DbAyPK0j+ARZ9HgLkrvn4vT+LNho38O316ApdmxQlYqfoxINFa508uJd2Ge/vhY=; 24:JvSegtcbA15s1vRGXVJXe1xUgubiVgu9dTSDNOA2W4aPJWfcrLURMI89DhLOp3ZoAByhtO0UHazhcpvynPVAhXvd4olzwul2FPMcpgf2wsk=; 7:yZKM5sKF7A2NQLORVZZrnV0os9mbVosXuJ5ls0MRwlwogrQ9gIdSl6LOptvCW+W0OaFiHTc8H2YLxTjY3PBZ2mzosa84mSxfPkxqJLKWJmrqcpkC2buoz4lM1EU7t8mgPI25i6S5lLda5nPFSXjXSyYIcC0IMoGz0/wVFdBpRMq3u1nNJMwv/3tbvZbbyPfSmYa0huZX9+ldTp2+8DgRCAG9Qf3FVTSeZWnYtP9Ugy1+WfCUhQSSayF+cAPbIvtt
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: f5302bdd-86ec-45f7-a075-08d531e35f7f
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603199); SRVR:BN6PR09MB2129;
x-ms-traffictypediagnostic: BN6PR09MB2129:
x-microsoft-antispam-prvs: <BN6PR09MB212976EC023932F403D5B6F998200@BN6PR09MB2129.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(65766998875637)(189930954265078)(95692535739014)(227612066756510)(219752817060721)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231022)(3002001)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123560025)(20161123564025)(20161123555025)(20161123562025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BN6PR09MB2129; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BN6PR09MB2129;
x-forefront-prvs: 0499DAF22A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(199003)(189002)(24454002)(82746002)(76176999)(54356999)(50986999)(3846002)(6246003)(53546010)(6916009)(15650500001)(606006)(3660700001)(2420400007)(229853002)(53936002)(68736007)(4326008)(2950100002)(7736002)(7110500001)(101416001)(2900100001)(106356001)(105586002)(6116002)(102836003)(66066001)(83506002)(33656002)(14454004)(81156014)(2906002)(6436002)(81166006)(93886005)(230783001)(478600001)(6506006)(36756003)(54896002)(10710500007)(6512007)(6306002)(8676002)(25786009)(54906003)(966005)(316002)(189998001)(58126008)(83716003)(99286004)(3280700002)(97736004)(6486002)(8936002)(77096006)(86362001)(5660300001)(236005); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR09MB2129; H:BN6PR09MB2131.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_1D2FD4370EEF4FF69853C09E7EEA2A15nistgov_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: f5302bdd-86ec-45f7-a075-08d531e35f7f
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Nov 2017 19:58:16.9517 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR09MB2129
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/0jJtp4XViyQtOV58sNVEClvDjmw>
Subject: Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Nov 2017 19:58:24 -0000

To my understanding the wiki should state compliance with the draft in question and not particular BGP attributes.

The draft is about the capability of sending and receiving updates larger than 4K and how to handle if the capability is not propagated, as well as the “5 mile view” on what to do if an update would exceed the newly proposed max length of 64K, it is not about performance issues etc.

To me the added questions in the wiki are more about the capability to process individual attributes that might become large. This is outside the scope of the draft in question.

It seems to me that what you try to solve is not compliance with the draft, it is more about the capability of particular implementations on how to deal with larger updates and this might change with memory, CPU, quality of implementation, etc. but has nothing to do with the draft in question.

In case there are issues with attributes getting too large and therefore causing issues to BGP itself, then I believe the RFC’s dealing with these attributes should be updated.

Again, I believe this is out of scope of this draft and I do not see any need to have these questions in the wiki.

Oliver

From: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
Date: Wednesday, November 22, 2017 at 12:16 PM
To: Oliver Borchert <oliver.borchert@nist.gov>
Cc: Robert Raszuk <robert@raszuk.net>, idr wg <idr@ietf.org>, "idr-ads@ietf.org" <idr-ads@ietf.org>, Idr <idr-bounces@ietf.org>, Thomas Mangin <thomas.mangin@exa.net.uk>, Randy Bush <randy@psg.com>
Subject: Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)

Larger message implies larger path attributes. You may answer “no” for the parts with which you do not comply.

If the implied path attribute sizes are too large, then we need to be explicit about the maximum sizes for each attribute in the draft. Please suggest reasonable maximum sizes.
Thanks,
Jakob.

On Nov 22, 2017, at 7:10 AM, Borchert, Oliver (Fed) <oliver.borchert@nist.gov<mailto:oliver.borchert@nist.gov>> wrote:
Jakob,

I looked into the added questions for the compliance report you added on the wiki.
I am not quite sure that these added questions do apply for a compliance of the requested draft. These do more apply to features used within BGP that might result in larger BGP messages.
And here the draft has a clear message in the last paragraph of section 3:

“It is RECOMMENDED that BGP protocol developers and implementers are
  conservative in their application and use of Extended Messages.”

Therefore, they would more apply to proper functioning of implemented BGP features rather than the extended message itself. I do not believe that these new questions do apply here.

Said that, BGPSEC-IO is a traffic generator that mainly focusses on BGPSEC updates. We did not add communities to the generated traffic and I do not intent to do so in the near future (though community contributions are welcome) – in this sense, for sending my answer is NA.
On the receiving side, as long as the BGP update in itself is well formed and within its length boundaries (4K or < 64K) there is no issue. We just dump the update either on the “floor” or screen.

With QuaggaSRx, as long as Quagga can process communities of that length, QuaggaSRx can as well. QuaggaSRx same as BGPSEC-IO do comply with the draft itself when it comes to accepting and generating > 4K updates as specified in the draft and we tested the processing and memory usage using BGPsec traffic of little less than 64 K.

Oliver

From: Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>> on behalf of "Jakob Heitz (jheitz)" <jheitz@cisco.com<mailto:jheitz@cisco.com>>
Date: Tuesday, November 21, 2017 at 6:13 PM
To: Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>
Cc: idr wg <idr@ietf.org<mailto:idr@ietf.org>>, "idr-ads@ietf.org<mailto:idr-ads@ietf.org>" <idr-ads@ietf.org<mailto:idr-ads@ietf.org>>, Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>>, Thomas Mangin <thomas.mangin@exa.net.uk<mailto:thomas.mangin@exa.net.uk>>
Subject: Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)

1 hour ??
When I tested my large community code, I tested at the limit and over it.
There was no perceptible time for the operations.
16 times imperceptible would be a blip at the most.
The only operations that take a worrisome amount of time are regexp matches with nested wildcards.
Hmm, I should add regexp matches explicitly, because that requires to expand the communities into ascii representation in the matching engine.

Thanks,
Jakob

From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Jakob Heitz (jheitz)
Sent: Tuesday, November 21, 2017 2:58 PM
To: Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>
Cc: idr wg <idr@ietf.org<mailto:idr@ietf.org>>; idr-ads@ietf.org<mailto:idr-ads@ietf.org>; Thomas Mangin <thomas.mangin@exa.net.uk<mailto:thomas.mangin@exa.net.uk>>; Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>>
Subject: Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)

Just that it does it without error.
If the numbers are too large, we should discuss reasonable limits.

Thanks,
Jakob

From: rraszuk@gmail.com<mailto:rraszuk@gmail.com> [mailto:rraszuk@gmail.com] On Behalf Of Robert Raszuk
Sent: Tuesday, November 21, 2017 2:55 PM
To: Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>>
Cc: Job Snijders <job@ntt.net<mailto:job@ntt.net>>; idr wg <idr@ietf.org<mailto:idr@ietf.org>>; idr-ads@ietf.org<mailto:idr-ads@ietf.org>; Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>>; Thomas Mangin <thomas.mangin@exa.net.uk<mailto:thomas.mangin@exa.net.uk>>
Subject: Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)

Hi Jakob,

I think what you added is fine, but requires a time limit.

Statement that implementation can receive, parse/validate, display in CLI or match in the policy 16K of communities all actions taking 1h each is rather not that interesting isn't it ?

Or is the indicator of spec compliance a statement that it just does not crash regardless of time it takes for execution of each stated action :) ?

Thx,
//R.





On Tue, Nov 21, 2017 at 11:38 PM, Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>> wrote:
The new update message size requires support for:
16375 communities
8187 extended communities
5458 large communities
I have not changed the as-path length, because it is already ridiculously high.
If anyone wants to talk about a maximum as-path length, please speak up.

I have added tests to the implementation report
https://trac.ietf.org/trac/idr/wiki/draft-ietf-idr-bgp-extended-implementations<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftrac.ietf.org%2Ftrac%2Fidr%2Fwiki%2Fdraft-ietf-idr-bgp-extended-implementations&data=02%7C01%7Coliver.borchert%40nist.gov%7Cc29658d9c708468b0ccd08d5313576ee%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636469028063383089&sdata=zRFsa6v%2BqWcQo44fTcKtmbmqmFZicA495i%2BZfcA4ZSg%3D&reserved=0>
to ensure full compliance with the consequences of the draft.

Implementers, please update your compliance.

Thanks,
Jakob

From: Idr [mailto:idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>] On Behalf Of Robert Raszuk
Sent: Tuesday, November 21, 2017 10:41 AM
To: Job Snijders <job@ntt.net<mailto:job@ntt.net>>
Cc: idr wg <idr@ietf.org<mailto:idr@ietf.org>>; idr-ads@ietf.org<mailto:idr-ads@ietf.org>; Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>>; Thomas Mangin <thomas.mangin@exa.net.uk<mailto:thomas.mangin@exa.net.uk>>
Subject: Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)

Great !

On Tue, Nov 21, 2017 at 6:35 PM, Job Snijders <job@ntt.net<mailto:job@ntt.net>> wrote:
Robert/Randy,

About this being a default:

Old (Section 4):

A BGP speaker that is willing to send and receive BGP Extended Messages with a peer SHOULD advertise the BGP Extended Message Capability to the peer using BGP Capabilities Advertisement RFC5492].

New (Section 4)

A BGP speaker that is capable to send and receive BGP Extended Messages with a peer SHOULD advertise the BGP Extended Message Capability to the peer using BGP Capabilities Advertisement [RFC5492].


_______________________________________________
Idr mailing list
Idr@ietf.org<mailto:Idr@ietf.org>
https://www.ietf.org/mailman/listinfo/idr<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fidr&data=02%7C01%7Coliver.borchert%40nist.gov%7Cc29658d9c708468b0ccd08d5313576ee%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636469028063383089&sdata=Bt6F5N6zA5v7GCXm7peFu06uK1TCD3sRHIVPffp%2F0O0%3D&reserved=0>

v2.23.0 | Report a Bug | By Email