Re: [Idr] BGP Auto-Discovery Protocol State Requirements

"Fomin, Sergey (Nokia - US/Mountain View)" <sergey.fomin@nokia.com> Tue, 23 March 2021 04:28 UTC

Return-Path: <sergey.fomin@nokia.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 668873A1D05 for <idr@ietfa.amsl.com>; Mon, 22 Mar 2021 21:28:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.241
X-Spam-Level:
X-Spam-Status: No, score=-0.241 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.251, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4nKfhgp9BA17 for <idr@ietfa.amsl.com>; Mon, 22 Mar 2021 21:28:22 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-eopbgr760118.outbound.protection.outlook.com [40.107.76.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F7393A1D03 for <idr@ietf.org>; Mon, 22 Mar 2021 21:28:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dK59njPbvU68gYjmTRasYEi0rcC7dK+lCLibbxlJ1mLA2+Rkn8CznVlf8Kf1k33vn8cTqPsSx936D5r3W4h2jvUKpxHEqTQIeZxraX03zLxIclTjoGZI3QyNRATA8ZKgMcbRea0kMlXeENz8HArwVyyk+AN4saspzR7UBTw6W9XWoOPuiguJaSPp8E87xlar2r9un4oRujWHXdvUSD52JmGM5HfLzmT1pdaG91lkaIHsHdI0We6bBsLn89Hy92Cu4B2CtiMFk7C2OTnFJFC4DsQzLyhXUiB2HZLlVao8CFkmF4zodWn+1Nm3bsgCZyDdwCNLA9RKAujT60szcqB36Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+zdWMG3QIwyx4Ci9daw53BFJmazsbovrs7GI9rhcECI=; b=NtxQ1owleECXQU48WItcQPm1GGib3siU+b9KHTfGVa9MCR7eKCtSBIqYw2RxH434AfEjmqjsLgRkPo+xEb7WLqxVmbrtGL8Y9OAIMU+QeAMNvURNJUho29Tpe5YF2wAzE9vJ4ra8AyQGCYJkBf/iUMp174LCwKZxwB4nad20CI7e9ccqvECrr5x8QNqkWkF3g0/vOu/NMkiq/lkBonDNmZfJsMAiN7s0HoDXVHNWMBGZyQH2LRhTbo67v9h84rktb6H1Jc4GWTSBxUPvmyLtSynH5D1pQPh8meEpiEin0I7qKTM/7o8rjWf+EsXT3R8LYxiL5ga33T0z7puFTCIvIg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+zdWMG3QIwyx4Ci9daw53BFJmazsbovrs7GI9rhcECI=; b=D5zeyKVRtVkYcXJoiqGYonax4D9g4kcTw2G7ZG72r1sAf53CrCapf5XJ0RmTUvlEhqZ2RernVQKIzOzZL049g8o8VRtqaADcrTh2a1bpcFUrFfHApYkonmb/UQMoSfdjR1E/TYOHLlyygQHOh1rqHqk4amYOK025yaKbJNlSm7M=
Received: from BYAPR08MB5493.namprd08.prod.outlook.com (2603:10b6:a03:cc::31) by BYAPR08MB4053.namprd08.prod.outlook.com (2603:10b6:a02:87::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3955.25; Tue, 23 Mar 2021 04:28:18 +0000
Received: from BYAPR08MB5493.namprd08.prod.outlook.com ([fe80::c84c:baa3:d6ac:e27a]) by BYAPR08MB5493.namprd08.prod.outlook.com ([fe80::c84c:baa3:d6ac:e27a%6]) with mapi id 15.20.3955.027; Tue, 23 Mar 2021 04:28:17 +0000
From: "Fomin, Sergey (Nokia - US/Mountain View)" <sergey.fomin@nokia.com>
To: Jeffrey Haas <jhaas@pfrc.org>, Robert Raszuk <robert@raszuk.net>
CC: "idr@ietf.org" <idr@ietf.org>, "Acee Lindem (acee)" <acee=40cisco.com@dmarc.ietf.org>
Thread-Topic: [Idr] BGP Auto-Discovery Protocol State Requirements
Thread-Index: AQHXGqSs92ZVnPRbtkCdYzAg/eVxf6qKIfoAgAEblACAAAu0gIAADxUA////oICAAAzGAP///HKAgAAG84D///tSAAACCZIAALIbJjA=
Date: Tue, 23 Mar 2021 04:28:17 +0000
Message-ID: <BYAPR08MB549328E3379E94589DC3CE0885649@BYAPR08MB5493.namprd08.prod.outlook.com>
References: <20210316210203.GC29692@pfrc.org> <20210318191936.GF29692@pfrc.org> <A288921D-0DB5-413D-B3E9-4DAA9334C5D3@cisco.com> <CA+wi2hNUYkmruBSq4Up4e84H__d48Phxj5TuZXh7wii0QrS3dw@mail.gmail.com> <20210319135025.GK29692@pfrc.org> <CAOj+MMGndgwqLoV_Un_1Bu3F3xPkg9ZD6=4V5FmYJgQiPD_1yw@mail.gmail.com> <20210319143448.GM29692@pfrc.org> <CAOj+MMFKqpZCyzDbGr0JzZLu7sjEw9NBQ=J9rTqDOuP+Yf1mog@mail.gmail.com> <20210319144657.GO29692@pfrc.org> <CAOj+MME8GB4jo_q3kHm1jx6E60GCHeU-pz0eYy_96BJ+ak7_Bw@mail.gmail.com> <20210319152832.GP29692@pfrc.org>
In-Reply-To: <20210319152832.GP29692@pfrc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: pfrc.org; dkim=none (message not signed) header.d=none;pfrc.org; dmarc=none action=none header.from=nokia.com;
x-originating-ip: [73.252.153.127]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 29c4abf2-6e27-4255-6ea1-08d8edb41530
x-ms-traffictypediagnostic: BYAPR08MB4053:
x-microsoft-antispam-prvs: <BYAPR08MB4053D9B04D5B328B518713F785649@BYAPR08MB4053.namprd08.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /YJDEre4lH1KvHKcxkloWjeh6O7sNv8D0pxyY+jNmDWu9kgGotSF3mvJls85R2M/9hYCT1SeNJYHntH19WN8uchHwt4Ivg3Vkq0aHvfJI2D8f4oXCWR9M0Wd4TKDTeM4UAV3a/Y8sc98pELael4azsH9O8H0xrUxZITZ2sx+uxREOeWDuaniZc3pJh9QDX7orxwpVh6wVoyTmrv9k8qhOyL0WtnQDv+MHxjYaidHk8rwtc5Y7Iu5oeOJla3wDJf4iHDGq0tVcRqln07yOwHlyyLTPGLNULQWcWseriJ7bixixm899V0+fgpVHCQ83pTxKiTKxP7IM0dqUAQet6JIyiSiB0QbJmkLKg/gfLSpjXMLmrI65ofpFRwBER8sIhC5lo+Wkry+sRMgCtsrroLKeAt4Pds3M71+OgxkNl4oFfc4GKsRthGcAPTFIeZdY2SaVSnsZryJ4YMlemFmBQsljSxwZFSqj9EGkwMBROdsgnxo3wFb/tLys5D04MQFnVFlSkTLnQu+cotAZU6y0Vcu9JAXbEnEjCy0ImGg0UJhQepQU3FebmHDwXoDCb9RaWA3cJ9BWXnuWpYhFs5zaEvFKLoI5s0eZMNufk/tvuMhqUuBXBjOtyRoAeAjVvx5Va2xCHOqmv4nomKAxPr1B5cNcGCBeFpudrXZKz4laFVcfVHTrIXMt5kGQSgIjiXGGCTXZ+pjckUjUA2CFR1lLwHt2FT3dnhUtt9GTlpB/Vb2BuPggmzFWq7gjgAdDKeQEiH4
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR08MB5493.namprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(39860400002)(366004)(346002)(396003)(83380400001)(478600001)(6506007)(38100700001)(53546011)(2906002)(166002)(7696005)(71200400001)(86362001)(33656002)(4326008)(316002)(5660300002)(110136005)(26005)(54906003)(186003)(66446008)(8676002)(966005)(76116006)(66476007)(66556008)(9686003)(55016002)(8936002)(66946007)(9326002)(52536014)(64756008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?utf-8?B?aXJEZVk2clErMWhnSWtVVzdON091YTlMQlYrbUZWUUlqTmhrTFlObjhMSUt6?= =?utf-8?B?QmVKUzk0YWpiTFMyM1MxNVFFOVFkc01MaEtNU2RzM3FiVUY4L0xxWDFjNlR2?= =?utf-8?B?Q1VRN093NmdsZC8yV1Y4eFJoaUVuZHljRGErQy9PcXBtWnZNdlpxY3FQbzkw?= =?utf-8?B?UTNLOGYyRzJFUk5RU29SWHhoY1U3bEhkOExkTnNVaU5UdWlYdzNuYTFXOGJH?= =?utf-8?B?L0FnVnlnVmFmd2JNYVMxdDg5RXRwY2dCQ0ZrWVg4aWNVZGZ1N2R6YWdzTUQ4?= =?utf-8?B?ZlhkT1pvUFg0MU5aRmJvb09tZHVISmttVFdTY0k1cDBvS3F0RWxKYkEydExm?= =?utf-8?B?czVwZktNOVl1bm4vNGVadFEwTXMyUXFNRW1rMWZIT05yczlRclp6RFVJcFM1?= =?utf-8?B?LzBiUlA3YlJQOVpyVHIxZk5rSmtORGkvT0FFZy9ZOFBKd1NOUDYyaEVQR3ZX?= =?utf-8?B?dXByRExlVEVlSy9KbWNhdmp0MXBXbitWQkdpYjdhc1JydXZlTlRxYzZIQ3dt?= =?utf-8?B?MmxyMUdUdmVRYkp3cFFtSktrVWZ2aWE0RXJHMnhhSldrbGg2aEJiYy82Wk15?= =?utf-8?B?a01yWnV5RjN2VjZUSkhvcjdyTHVLNUxRWUFmdFlTZDBsRWQxNnprQ1ZudzFK?= =?utf-8?B?OXg3d1Q0c0pTR1dOQVhHVGdBWUtvRk84THcrY3FDT0szQWpiSDhZQ004Mllu?= =?utf-8?B?L0dQZ3VyeHI0eXpaTVM5bitDVUJWVHBmTEhXV2preFMwSXpqdWtFZkxnUEVs?= =?utf-8?B?OEZFVE43Z1VqOFpDZGNwajUvdXFSWmZpOW5pclovUzJveDFXQ2VVV2VWZ1JN?= =?utf-8?B?QXV4UWhoZVNzNXVXTHZFY282TWVFQ1Bmb2lpOXV4V29RMEJ5WmhXTWtYZXlP?= =?utf-8?B?QkdDVGtmLzNJM25yT0ZiZ2h3UkhkNGhoMjJ0YU5GREdYeHhLRHNobU92VW41?= =?utf-8?B?cTFuSmhkMkI5WlZHZHlFQ1kvZjZ0Nm1VY08xWlNKREVSci8rZWxMS2IrcUZJ?= =?utf-8?B?aUNJckcxU01CRHQxdytWRVpMdVhkMC9qQXd1dVJZdHhFeGxITXNJZzVkL09U?= =?utf-8?B?Q2czSWN2Ull0MTRaWk5YM1lWYU42L3g0ampaZ0h4MDlIZWg4bnZlZVU2UEdr?= =?utf-8?B?QitkZHhoUTdJMmJFeUlvUHArTFVjYUp5ZjNTZXNRQ1doYm10dE9QUk8rQVc0?= =?utf-8?B?ODhqZ2Y0NGplTkJ2QVl3QVVGY1F3dDQ2VDlFeG5Pb3U2ckNYZXppTjE5NklK?= =?utf-8?B?OE5UbEJibUlCRElQL2cvOXhLRzgwblJ1ejJVTmVRTEhoTlVMTVFMK3c5elZJ?= =?utf-8?B?RFIrMG14SjVicExOMGQxeDhoOUlZT3RrK2FaY21sZTZTZDhtQUdtWUpzQ3ZK?= =?utf-8?B?ZkFnNEYwWDJzTXp0YkRIa2xYSitCbm0vLzZsSlRkdXFZallvczg2cWtWTVQ1?= =?utf-8?B?YjFDRExXOFh2cUQ0alZBb0o0QUxONWJnUlJCMlN0UEVMNHl3MnpsNm16N1pP?= =?utf-8?B?bWk1dDN0OCtVNEo0bkRZMVN3L2VvZjMwWENsa29yRUFTdnNlaC95MjNTUGht?= =?utf-8?B?L0ZQblNQRUtCdUV2UGFTem5SR1BzK0JtS29yaVY4SWlZODVsZGczSStIK1J4?= =?utf-8?B?K1ZYR21nbVAxTjRVT2NIUHZzMGM1Q1BsNTNKWlA1clQyWnh5eDVjZlVRM3NB?= =?utf-8?B?dlVFeFdiazVNdDdLdXpGMXNQeUMxT2VIMW1mVDRseXhHNkdnT3o4ZExwOFkr?= =?utf-8?Q?iEQfNKjSzCr3sXCY3dG1JjzO6CLU2EEsIOgABZt?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR08MB549328E3379E94589DC3CE0885649BYAPR08MB5493namp_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR08MB5493.namprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 29c4abf2-6e27-4255-6ea1-08d8edb41530
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Mar 2021 04:28:17.6498 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PRRLhBWrMKeQHH3wxr1RhNmDNaCvKJ3JTkrXegi5LD71WKtbWEAJzobUrBH+d5PDvyThxiyoC2EDgv1U8QgQ6w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR08MB4053
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/5FaZM_2BJLWZ28B3bgNbI1GTmwk>
Subject: Re: [Idr] BGP Auto-Discovery Protocol State Requirements
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 04:28:27 -0000

Hi Jeff,



> The motivation for the broader analysis of auto configuration was to make sure we don't have to completely reinvent this stuff a second round. :-)

Maybe we should revisit the scope definition then?

I have to agree with Robert on this one.

Either we are trying to solve a DC underlay discovery use case, or something else.



> Having it in the discovery protocol doesn't impact that if your implementation doesn't want to use it.

It may bring unnecessary complexity (depending on protocol design). Especially given the “MUST” requirement.

"The auto-discovery mechanism is designed to be simple.", says section 2.2 of the draft..



> If your configuration template doesn't have security configured, but it is required by the auto-discovery advertiser, your implementation would try to open a bgp session and that would fail.

And that might be just fine? Again, if we talk about a DC under a single administrative entity; and expect that other ZTP/configuration provisioning mechanisms are already in-place.



--

Sergey



-----Original Message-----
From: Idr <idr-bounces@ietf.org> On Behalf Of Jeffrey Haas
Sent: Friday, March 19, 2021 8:29 AM
To: Robert Raszuk <robert@raszuk.net>
Cc: idr@ietf.org; Acee Lindem (acee) <acee=40cisco.com@dmarc.ietf.org>
Subject: Re: [Idr] BGP Auto-Discovery Protocol State Requirements



On Fri, Mar 19, 2021 at 03:30:12PM +0100, Robert Raszuk wrote:

> The MD5 was in context to auto PE-CE eBGP peering on the RFC4364 VRFs.

> Not DC under the same operations.



The motivation for the broader analysis of auto configuration was to make sure we don't have to completely reinvent this stuff a second round. :-)



> > The proposal must be able to support GTSM, or no GTSM.

>

> Respectfully I have a different opinion.  That should be part of

> provisioning the auto peer template. Nothing to do with auto discovery.



Having it in the discovery protocol doesn't impact that if your implementation doesn't want to use it.  It simply becomes another piece of conflicting configuration if it doesn't.



If your configuration template doesn't have security configured, but it is required by the auto-discovery advertiser, your implementation would try to open a bgp session and that would fail.  Your debugging would show that you received a discovery message, but that tcp fails to connect.  The same would be true for GTSM.  For BFD, the BGP session may come up, and then bounce, or not proceed into Established.



If the parameters are in the discovery message, you don't end up with such mismatches unless you want them to be forced to a particular setting.  And even if you have preferences about how the session comes up (e.g. require no authentication for NSR considerations), you still have information in the discovery that permits you to find out why the session may not be establishing.



-- Jeff



_______________________________________________

Idr mailing list

Idr@ietf.org<mailto:Idr@ietf.org>

https://www.ietf.org/mailman/listinfo/idr