Re: [Idr] Additional comment period for draft-ietf-idr-tunnel-encaps-12.txt [was: Re: I-D Action: draft-ietf-idr-tunnel-encaps-12.txt]

Linda Dunbar <> Fri, 07 June 2019 16:01 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 002971200EF; Fri, 7 Jun 2019 09:01:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.01
X-Spam-Status: No, score=-0.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 3WAjbnrDYhTV; Fri, 7 Jun 2019 09:01:23 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 87C5612010E; Fri, 7 Jun 2019 09:01:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VHBpYnX4+ScJiNjY5KD4A8xk7dmh6rUyWTGMMgdeClM=; b=H93IPhzcBzrP+bGs+4RGOXDdWIocM+6oHaF2G6mfWpnw0DrGUJCT38F1tCBPz/9eSifVjOrZR/u8uk2uxPjIX3XE+tCa3lmXZ/odwkPoLeZz+m0ER6ib60Y3lr8rueo5WtBFOGLV/6ZyCnRjjIAwG9rjJ45YK38FBwHTOjBkkps=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1965.4; Fri, 7 Jun 2019 16:01:20 +0000
Received: from ([fe80::b5e8:95cb:5d8e:9397]) by ([fe80::b5e8:95cb:5d8e:9397%7]) with mapi id 15.20.1987.004; Fri, 7 Jun 2019 16:01:20 +0000
From: Linda Dunbar <>
To: John Scudder <>, "" <>
CC: "" <>
Thread-Topic: [Idr] Additional comment period for draft-ietf-idr-tunnel-encaps-12.txt [was: Re: I-D Action: draft-ietf-idr-tunnel-encaps-12.txt]
Date: Fri, 07 Jun 2019 16:01:20 +0000
Message-ID: <>
References: <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2e0eed3a-3c52-4a45-b589-08d6eb6161f5
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(49563074)(7193020); SRVR:MN2PR13MB3357;
x-ms-traffictypediagnostic: MN2PR13MB3357:
x-ms-exchange-purlcount: 5
x-microsoft-antispam-prvs: <>
x-ms-oob-tlc-oobclassifiers: OLM:6108;
x-forefront-prvs: 0061C35778
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(396003)(366004)(376002)(346002)(39850400004)(13464003)(25584004)(53754006)(189003)(199004)(52536014)(476003)(6246003)(966005)(8936002)(486006)(6306002)(11346002)(2501003)(54556002)(81166006)(71190400001)(71200400001)(606006)(64756008)(4326008)(508600001)(33656002)(76176011)(81156014)(54896002)(9686003)(446003)(7696005)(2906002)(76116006)(110136005)(316002)(68736007)(73956011)(66946007)(45080400002)(66616009)(5024004)(14444005)(66574012)(66556008)(790700001)(66446008)(53546011)(66476007)(733005)(6116002)(6436002)(5660300002)(229853002)(53936002)(256004)(26005)(1941001)(66066001)(7736002)(99936001)(236005)(55016002)(25786009)(186003)(86362001)(74316002)(8676002)(99286004)(3846002)(102836004)(14454004)(6506007); DIR:OUT; SFP:1102; SCL:1; SRVR:MN2PR13MB3357;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: E1lI+oAbHBYI/cKYych3iZj3xHf9KYy43ebxGqagUTSLdS3D1E00YReJO3PHLlPHLvHHJ5+/MFrU+VtvGFzVPHuELjRfzuYR2EdxnkhXNcl2cfbEtuz6jss2RKVUC0UBw4RweVCe7A38UO/R0KpBveeHwKaZjokZOUHZwRkWpiKwmZ6u218iqKcCKMNsl4XsUqrJhoXxYxiPd6EGOhf0QMKpkaUyUMDWQ1q1iI32unZI365kzQxOFhBp+J9/1J6SI4RR3JvLWw+h+FNAqj+e18bJVmIFthN6laHcNgd14bdOrwRYszYJjeNsMPkZhhbBThksKsvxXPdarRQRLzNpGvGP6wQpOL798f85Wp2eXLKibt1UYG5Nbjc3WD6NJH09+k9qtJZXYXXhp7W0H7aiZApk6gI4EpNRqSMm3SVxbyw=
Content-Type: multipart/related; boundary="_004_MN2PR13MB358211EDD6DFBB5DA099F8E9A9100MN2PR13MB3582namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 2e0eed3a-3c52-4a45-b589-08d6eb6161f5
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jun 2019 16:01:20.6552 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR13MB3357
Archived-At: <>
Subject: Re: [Idr] Additional comment period for draft-ietf-idr-tunnel-encaps-12.txt [was: Re: I-D Action: draft-ietf-idr-tunnel-encaps-12.txt]
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 07 Jun 2019 16:01:28 -0000


Thank you very much for the explanation. Make sense. I didn’t know why need to have the statement there (without your explanation)

I will wait for the authors for the other questions I had in the email:

1.         When a client route can egress multiple egress ports (each with different IP addresses), does the Tunnel-Encap allow multiple "Remote-endpoint" SubTLV to be attached one UPDATE?

2.         In RFC5512, the BGP speaker indicates the originating Interface address in the NLRI (section 3):


draft-ietf-idr-tunnel-encaps-11  no longer has the BGP speaker originating the update. Is it intended? If Yes, does it mean that it allows a third party (which could be malicious entity) to inject routes on behalf of a legitimate router (but RFC5512 doesn’t)?  Why add this scenario? How to address the security threats introduced? If it is a conscious decision, should have some text to explain why and how to mitigate the security threats introduced.


Thanks, Linda

From: John Scudder <>
Sent: Friday, June 07, 2019 10:49 AM
To: Linda Dunbar <>;
Subject: Re: [Idr] Additional comment period for draft-ietf-idr-tunnel-encaps-12.txt [was: Re: I-D Action: draft-ietf-idr-tunnel-encaps-12.txt]

Shifting hats to a plain old working group member, I think I know the answer to this one, though:

"2.      Section 3.1 Page 10: The last paragraph states that if "Remote-Endpoint sub-TLV contains address is valid but not reachable, and the containing TLV is NOT be malformed ..". Why a address not reachable is considered as "Not Malformed”?”

Normally what we mean by “malformed” is that there’s something syntactically wrong. But of course in any default-free network, an address can be unreachable even though it’s syntactically correct — it just means that address isn’t covered by a route in the routing table. Furthermore an address can change statuses from unreachable to reachable and back again over time. It would be quite odd for a message that was considered well-formed (because the address it contained was reachable) were to later change to being considered malformed, some time after it was already received and propagated (because the route to the address it contained was withdrawn from the IGP for example).

In going back and re-reading the last paragraph of section 3.1, I find it easy to understand, I can’t think of any changes that would improve its clarity. I do note that the paragraph got simplified a little in version -12, possibly as a result of shepherd review, though it still has the “not malformed” text. The revised paragraph:

   If the Remote Endpoint sub-TLV contains an IPv4 or IPv6 address that
   is valid but not reachable, the sub-TLV is NOT considered to be



On Jun 7, 2019, at 11:46 AM, John G. Scudder <<>> wrote:

Thanks for your followup, Linda. I will wait on advancing the document until the authors have addressed your questions. I’ve added them to the to: line.


On Jun 7, 2019, at 11:35 AM, Linda Dunbar <<>> wrote:


I don't think anyone has addressed my questions and comments to this draft:<>

I am still waiting.

Linda Dunbar

-----Original Message-----
From: Idr <<>> On Behalf Of John Scudder
Sent: Friday, June 07, 2019 10:29 AM
Subject: Re: [Idr] Additional comment period for draft-ietf-idr-tunnel-encaps-12.txt [was: Re: I-D Action: draft-ietf-idr-tunnel-encaps-12.txt]

The additional comment period has concluded with no further discussion. We’ll continue with sending the spec to the IESG for advancement to RFC.



On May 31, 2019, at 5:33 AM, John Scudder <<>> wrote:

As a reminder, this additional comment period has one more week to go. I haven’t seen any comments yet, which is fine since the document already passed WGLC so in this case, “silence gives consent”.



On May 23, 2019, at 3:17 PM, John Scudder <<>> wrote:

Hi All,

This is an update for a draft that has passed WGLC. I have been acting as document shepherd. As I understand and recall, the changes can be summed up as:

- Added an author.
- Many SHOULD changed to MUST, as a result of document shepherd feedback.
- New section 3.2.7 on IP-in-IP.
- Change to section 6.1 (was "No Impact on BGP Decision Process” changed to "Impact on BGP Decision Process”) as a result of implementation feedback.
- Change to section 8.1, regarding implicit VRFs in some contexts.

Authors, if I’ve missed or misrepresented anything, please follow up.

Since some of the changes are normative I think we should give the WG a chance to review and comment. Please provide any comments by Friday, June 7. Please try to restrict your comments to substantive changes subsequent to WGLC.



On May 21, 2019, at 12:00 AM,<> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Inter-Domain Routing WG of the IETF.

    Title           : The BGP Tunnel Encapsulation Attribute
    Authors         : Keyur Patel
                      Gunter Van de Velde
                      Srihari R. Sangli
                      Eric C. Rosen
Filename        : draft-ietf-idr-tunnel-encaps-12.txt
Pages           : 42
Date            : 2019-05-20
Idr mailing list<><>

Idr mailing list<><>

Idr mailing list<><>