IETF Logo Mail Archive

Re: [Idr] update proposal to draft-ietf-idr-rfc5575bis-14

ERCIN TORUN <ercin.torun@turkcell.com.tr> Thu, 16 May 2019 08:06 UTC

Return-Path: <ercin.torun@turkcell.com.tr>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E0F41200E6 for <idr@ietfa.amsl.com>; Thu, 16 May 2019 01:06:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NO_DNS_FOR_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 277RBm64r6pp for <idr@ietfa.amsl.com>; Thu, 16 May 2019 01:05:41 -0700 (PDT)
Received: from smtp1.turkcell.com.tr (smtp1.turkcell.com.tr [212.252.168.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2079C1200D7 for <idr@ietf.org>; Thu, 16 May 2019 01:05:20 -0700 (PDT)
Received: from smtp1.turkcell.com.tr (unknown [10.218.130.46]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by Forcepoint Email with ESMTPS id 8B7FE65C8A2B5E8E0997; Thu, 16 May 2019 11:05:02 +0300 (+03)
Received: from GXMB4.turkcell.entp.tgc (10.218.130.33) by GXED3.turkcell.com.tr (10.218.130.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1713.5; Thu, 16 May 2019 11:05:03 +0300
Received: from GXMB13.turkcell.entp.tgc (10.218.130.42) by GXMB4.turkcell.entp.tgc (10.218.130.33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1713.5; Thu, 16 May 2019 11:05:01 +0300
Received: from GXMB13.turkcell.entp.tgc ([fe80::cc02:3f65:e073:e667]) by GXMB13.turkcell.entp.tgc ([fe80::cc02:3f65:e073:e667%28]) with mapi id 15.01.1713.004; Thu, 16 May 2019 11:05:01 +0300
From: ERCIN TORUN <ercin.torun@turkcell.com.tr>
To: Jeffrey Haas <jhaas@pfrc.org>
CC: "idr@ietf.org" <idr@ietf.org>
Thread-Topic: [Idr] update proposal to draft-ietf-idr-rfc5575bis-14
Thread-Index: AdUGXHTzplGDl0iZSU++Kkdbu+geogE7UeIAABdLwFA=
Date: Thu, 16 May 2019 08:05:01 +0000
Message-ID: <946466047b3648b4ab1b4f4fc7fc238f@turkcell.com.tr>
References: <d0255cf9976644d7a29b11f2fc68fa98@turkcell.com.tr> <20190515211220.GC2207@pfrc.org>
In-Reply-To: <20190515211220.GC2207@pfrc.org>
Accept-Language: tr-TR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.218.130.4]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/4_D8rR1YP_4B8ha2NBHOev3YGBc>
Subject: Re: [Idr] update proposal to draft-ietf-idr-rfc5575bis-14
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2019 08:06:09 -0000

Hello Jeffrey,

On a router a filter on all interfaces or on one interface consume the same amount of TCAM* that's why in the first place i think that a targeting mechanism would be useful.  An interface set is definitely useful also.

I know your draft, even i'm in touch with my vendor if (when) it will be applied to their software. I think https://tools.ietf.org/html/draft-ietf-idr-flowspec-interfaceset-04  and https://tools.ietf.org/html/draft-dong-idr-node-target-ext-comm-00   together solves "targeted advertisement with an interface set" problem.

* https://community.cisco.com/t5/xr-os-and-platforms/bgp-flowspec-scale-and-performance/td-p/2749018

Regards
Erçin TORUN
-----Original Message-----
From: Jeffrey Haas <jhaas@pfrc.org>
Sent: Thursday, May 16, 2019 12:12 AM
To: ERCIN TORUN <ercin.torun@turkcell.com.tr>
Cc: idr@ietf.org
Subject: Re: [Idr] update proposal to draft-ietf-idr-rfc5575bis-14

Erçin,

On Thu, May 09, 2019 at 12:02:42PM +0000, ERCIN TORUN wrote:
> Hello All,
>
> My name is Ercin TORUN<https://tr.linkedin.com/in/ercintorun> and I’m working in Turkcell Turkey (35M-mobile/2M-fixed customer, +digital services) as an IP/MPLS Network Planning Engineer.  I would like to propose an update to draft-ietf-idr-rfc5575bis-14<https://tools.ietf.org/html/draft-ietf-idr-rfc5575bis-14>.
>
> By default all flowspec entries (filters..) are applied to all routers, and unnecessary application of many filters can easily owerwhelm the capacity of routers resources (e.g. TCAM). We are pushing layer3 to the edges with solutions like seamless-mpls or leaf-spine next-generation DC topologies which widens the layer3 domain easily over thousands of devices. It is best to filter “dirty” traffic where it first enters a network. There are ways to accept BGP announcements only on the targeted router, like defining a community for each router and configuring policies, but an automated way would be much more easier and less error-prone. Our idea is using a route-taget to match with BGP Identifier so that only the targeted router might accept the announcement.

You may find the following draft (expired - sorry... we need to fix it) of
interest:

https://tools.ietf.org/html/draft-ietf-idr-flowspec-interfaceset-04

-- Jeff


[http://www.turkcell.com.tr/downloads/bireysel/img/Tcelldis.gif] <http://turkcell.li/iyaani>

Bu elektronik posta ve onunla iletilen butun dosyalar sadece gondericisi tarafindan almasi amaclanan yetkili gercek ya da tuzel kisinin kullanimi icindir. Eger soz konusu yetkili alici degilseniz bu elektronik postanin icerigini aciklamaniz, kopyalamaniz, yonlendirmeniz ve kullanmaniz kesinlikle yasaktir ve bu elektronik postayi derhal silmeniz gerekmektedir.

TURKCELL bu mesajin icerdigi bilgilerin doğruluğu veya eksiksiz oldugu konusunda herhangi bir garanti vermemektedir. Bu nedenle bu bilgilerin ne sekilde olursa olsun iceriginden, iletilmesinden, alinmasindan ve saklanmasindan sorumlu degildir. Bu mesajdaki gorusler yalnizca gonderen kisiye aittir ve TURKCELLin goruslerini yansitmayabilir

Bu e-posta bilinen butun bilgisayar viruslerine karsi taranmistir.

________________________________

This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient you are hereby notified that any dissemination, forwarding, copying or use of any of the information is strictly prohibited, and the e-mail should immediately be deleted.

TURKCELL makes no warranty as to the accuracy or completeness of any information contained in this message and hereby excludes any liability of any kind for the information contained therein or for the information transmission, reception, storage or use of such in any way whatsoever. The opinions expressed in this message belong to sender alone and may not necessarily reflect the opinions of TURKCELL.

This e-mail has been scanned for all known computer viruses.

v2.23.0 | Report a Bug | By Email