Re: [Idr] update proposal to draft-ietf-idr-rfc5575bis-14
Robert Raszuk <robert@raszuk.net> Thu, 09 May 2019 16:38 UTC
Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C3F412006B for <idr@ietfa.amsl.com>; Thu, 9 May 2019 09:38:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.99
X-Spam-Level:
X-Spam-Status: No, score=-1.99 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 69yix7hn1pma for <idr@ietfa.amsl.com>; Thu, 9 May 2019 09:38:11 -0700 (PDT)
Received: from mail-qt1-x82e.google.com (mail-qt1-x82e.google.com [IPv6:2607:f8b0:4864:20::82e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 098BF12016A for <idr@ietf.org>; Thu, 9 May 2019 09:38:08 -0700 (PDT)
Received: by mail-qt1-x82e.google.com with SMTP id j53so3212634qta.9 for <idr@ietf.org>; Thu, 09 May 2019 09:38:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2Drk/e6kDkMmSHeAPY2NmxknNtRfSUUfwT2XDQqXoys=; b=AGtLIKrxORbO7uHTbsoPqrXDpreBbxE3udCLNanFbiGWaAgWC0thXC7tqEccNL2H8c HePe0n+7zuFO1GQWolgtriJoX0pNDz+KLqJG8Ze0lzi9fDvE/qYWPI9KRsX4FAL4KUk8 bZdwuRMkgXsW95exUqAKDWqWzZH8r7wNZ3dGIDkY6xzwJK3xeMG7lN3Z422XSyYc3DO3 CiCzIrsyoeLJA1sYG9YBJf1jEhIjE64ZIzcbWy7K3AlI2+nukTRiRxb0emhdZLIDhmCX qMlNv0S9/k8JC/JuLdTIKsB2DK6Jlh/jKGeFj3KJEs0ld2cUDkcuwtnGPZx7kgIlrLB4 OoWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2Drk/e6kDkMmSHeAPY2NmxknNtRfSUUfwT2XDQqXoys=; b=jMNc/OrJYZB9EokZfQ/H5n6pX/UaaH3XfvcZPwMCxPsTw8L0wi/WJLQKBwpoBhP9Rl 8nHANExp8s2m9XRRZ1bIAa4B899cQ4Ca3PXK2q3kVSED1BfXG+oPP5Dy+xsXI8Lh7/cB L8FBdlpn0eo7vaDcc2UoGqtG/tJJUFd3n/GO4jz/hQgXaSlmGW2fE/tEV+EgrklxgMsw haa1cqE/Ee9jOXv9+pcrSSnu87mv5sE8LvB0hx9OfnzgWpkT55v6zsNpd94TKNH1eWhc gv2uoCi8wbxtUpRMpbBriowCeUUwSW4OEE82C6nEApo3nKAoAmS/u3Nx2teb/Z3GqJsU EQVQ==
X-Gm-Message-State: APjAAAUM2SYAqWdpGogsyQxFu4MC8A2kD/w70ILcaDCo4M5slvbielFC Bt+UtvAWyiQUJ/08DX2GWJlEF/4WksTyvD0ruujWNg==
X-Google-Smtp-Source: APXvYqwydmNlUp0Hv0876gKThT97yqqBLEd+CXwfZ73uypv949gvv7m9MsSCbxK2S/IJxganasbJKh4cxzv+7wh+qrY=
X-Received: by 2002:ac8:2899:: with SMTP id i25mr4683580qti.361.1557419886960; Thu, 09 May 2019 09:38:06 -0700 (PDT)
MIME-Version: 1.0
References: <d0255cf9976644d7a29b11f2fc68fa98@turkcell.com.tr>
In-Reply-To: <d0255cf9976644d7a29b11f2fc68fa98@turkcell.com.tr>
From: Robert Raszuk <robert@raszuk.net>
Date: Thu, 09 May 2019 18:37:55 +0200
Message-ID: <CAOj+MMEeAW+cp3+nbo1UvZvg=zhmoYuRAooLpoCwUtM=c3qYew@mail.gmail.com>
To: ERCIN TORUN <ercin.torun@turkcell.com.tr>
Cc: "idr@ietf.org" <idr@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000020f77d05887713c9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/1iRE5VJNswBHWnCvnCHP-sjJUUQ>
Subject: Re: [Idr] update proposal to draft-ietf-idr-rfc5575bis-14
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2019 16:38:18 -0000
Hi Ercin, What you are asking/proposing has been standardized in the original RFC5575 already many years ago. Please see section 8 specifically this paragraph: Propagation of this NLRI is controlled by matching Route Target extended communities associated with the BGP path advertisement with the VRF import policy, using the same mechanism as described in "BGP/ MPLS IP VPNs" [RFC4364 <https://tools.ietf.org/html/rfc4364>] . Thx, Robert. On Thu, May 9, 2019 at 2:04 PM ERCIN TORUN <ercin.torun@turkcell.com.tr> wrote: > Hello All, > > > > My name is Ercin TORUN <https://tr.linkedin.com/in/ercintorun> and I’m > working in Turkcell Turkey (35M-mobile/2M-fixed customer, +digital > services) as an IP/MPLS Network Planning Engineer. I would like to propose > an update to draft-ietf-idr-rfc5575bis-14 > <https://tools.ietf.org/html/draft-ietf-idr-rfc5575bis-14>. > > > > By default all flowspec entries (filters..) are applied to all routers, > and unnecessary application of many filters can easily owerwhelm the > capacity of routers resources (e.g. TCAM). We are pushing layer3 to the > edges with solutions like seamless-mpls or leaf-spine next-generation DC > topologies which widens the layer3 domain easily over thousands of devices. > It is best to filter “dirty” traffic where it first enters a network. There > are ways to accept BGP announcements only on the targeted router, like > defining a community for each router and configuring policies, but an > automated way would be much more easier and less error-prone. Our idea is > using a route-taget to match with BGP Identifier so that only the targeted > router might accept the announcement. > > > > All in all, I propose to add below text to draft-ietf-idr-rfc5575bis-14 > <https://tools.ietf.org/html/draft-ietf-idr-rfc5575bis-14> > > > > “ In a common use case, it is necessary to apply a filter to one or a > few > > routers and to apply many different filters to many different routers. > > By default, all filters are applied to all routers. In this use case, > > the unnecessary application of the many filters can easily overwhelm > > the capacity of the routers. To simplify this use case, > > route-targets may be used to apply the filters to only the needed > routers: > > > > If one or more IPv4-Address-Specific route-targets are present, then > > the IPv4 address of at least one route- > > target MUST match one of the BGP Identifiers of the receiver in order > > for the update to be accepted. > > “ > > > > Regards > > Erçin TORUN > > > <http://turkcell.li/iyaani> > > Bu elektronik posta ve onunla iletilen butun dosyalar sadece gondericisi > tarafindan almasi amaclanan yetkili gercek ya da tuzel kisinin kullanimi > icindir. Eger soz konusu yetkili alici degilseniz bu elektronik postanin > icerigini aciklamaniz, kopyalamaniz, yonlendirmeniz ve kullanmaniz > kesinlikle yasaktir ve bu elektronik postayi derhal silmeniz gerekmektedir. > > TURKCELL bu mesajin icerdigi bilgilerin doğruluğu veya eksiksiz oldugu > konusunda herhangi bir garanti vermemektedir. Bu nedenle bu bilgilerin ne > sekilde olursa olsun iceriginden, iletilmesinden, alinmasindan ve > saklanmasindan sorumlu degildir. Bu mesajdaki gorusler yalnizca gonderen > kisiye aittir ve TURKCELLin goruslerini yansitmayabilir > > Bu e-posta bilinen butun bilgisayar viruslerine karsi taranmistir. > ------------------------------ > > This e-mail and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they are > addressed. If you are not the intended recipient you are hereby notified > that any dissemination, forwarding, copying or use of any of the > information is strictly prohibited, and the e-mail should immediately be > deleted. > > TURKCELL makes no warranty as to the accuracy or completeness of any > information contained in this message and hereby excludes any liability of > any kind for the information contained therein or for the information > transmission, reception, storage or use of such in any way whatsoever. The > opinions expressed in this message belong to sender alone and may not > necessarily reflect the opinions of TURKCELL. > > This e-mail has been scanned for all known computer viruses. > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr >
- [Idr] update proposal to draft-ietf-idr-rfc5575bi… ERCIN TORUN
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… Robert Raszuk
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… Jakob Heitz (jheitz)
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… Robert Raszuk
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… Christoph Loibl
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… ERCIN TORUN
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… Robert Raszuk
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… Zhuangshunwan
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… ERCIN TORUN
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… Jeffrey Haas
- Re: [Idr] update proposal to draft-ietf-idr-rfc55… ERCIN TORUN