IETF Logo Mail Archive

Re: [Idr] FW: New Version Notification for draft-wu-idr-flowspec-dip-community-filter-00.txt

Robert Raszuk <robert@raszuk.net> Mon, 04 March 2024 20:12 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00E87C180B6F for <idr@ietfa.amsl.com>; Mon, 4 Mar 2024 12:12:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LyyumZULWiCx for <idr@ietfa.amsl.com>; Mon, 4 Mar 2024 12:12:27 -0800 (PST)
Received: from mail-ed1-x529.google.com (mail-ed1-x529.google.com [IPv6:2a00:1450:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D03CC18DBA0 for <idr@ietf.org>; Mon, 4 Mar 2024 12:11:37 -0800 (PST)
Received: by mail-ed1-x529.google.com with SMTP id 4fb4d7f45d1cf-5649c25369aso6956693a12.2 for <idr@ietf.org>; Mon, 04 Mar 2024 12:11:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; t=1709583095; x=1710187895; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=EZPTZgYriTVB17WHuKilAPsq9MbYpge5nZDBWZNH1Wc=; b=BFkmGa1Q4xAul58npCJV2JDH0/U2xjTYmzW2G1L1IBhypfPSmiTxKxXlr8r1Ej9D5x NYHd+WUtwqpdGXHQrD+nxb+mx8QyAnoX+H4N8Y4s6PudXLTbKnriB+6eOifa0qd9o9+v AjGd5vbIq+f1l71lVv/fPurWhEsPT4XJMSCHrSRJ5USXCXwUBxCHEZezV5DW5YChKCId KK48SVxE3PXWGf0Gj2gGvczpmCFLg32ZgkhfAMZHFbSIA1MbHtrOgFpuuQquT67h7PHa LejL6cehUh7WEn4KVCSZgBTWukociumMYgldj7XRRUgv2t6zH4y5OHUmbixmW7at0NlE UWlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709583095; x=1710187895; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=EZPTZgYriTVB17WHuKilAPsq9MbYpge5nZDBWZNH1Wc=; b=mPGrBE23iElMjbh/uyEdGBAL39rQSF/4Z1CV4n2HxeIBV0jAYkXDDH2s97PFcXn/fd 6MQD9PleNF3KElvTjriQp11SNSxjT9Mu5ZD9lLlgHK/+rSHLZrmrgEC5AKMkiySm/SOI DCMCclSauzjYcpM49wLSfkhub7e3NffT7V8bHeBIQjGI/znQbfvoT7iOBKESZtdfuJUx nW0hPevO3jr3lcCYvHKnFN2vEmgGSyoY08VjALKSOGsddiCEeC5ZXihLgPt2uF9EK1mG BC1pPH34t45ndo3iuYCFBMwsZT+3ujINCiSREEFUNPMqkjAG6hBtJmYwnQFuC1E+monB SYeA==
X-Gm-Message-State: AOJu0Yzsms9RmkUxTkgMo5h6RsB6qh3dldOiNbJhW3/8fHeZRrvLn+p9 nc7kfK/YCO9kgsjYsWH+mUCqXKA9f585MwrLPeAL/OLQuPbrLoiQ2YG2Fsral6c8hmrcVGCjusv psWrgUG0Fl8Apo7HA5pC2E7KV5HX05YjNHe7PWQoOmI2Q/qB26is=
X-Google-Smtp-Source: AGHT+IHx2y6tIwKSeV69pnmxa/LVnLOvjKcA/tPIH911qTCDGPfU5i6DquqZmfK0yhNi7EGKA2Gq6jnSIk0Y6AOYgUc=
X-Received: by 2002:aa7:d7d5:0:b0:567:18b7:2dce with SMTP id e21-20020aa7d7d5000000b0056718b72dcemr4621028eds.35.1709583095016; Mon, 04 Mar 2024 12:11:35 -0800 (PST)
MIME-Version: 1.0
References: <1d8a9005350548acae681108370cb22d@huawei.com>
In-Reply-To: <1d8a9005350548acae681108370cb22d@huawei.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 04 Mar 2024 21:11:24 +0100
Message-ID: <CAOj+MMGZ7jSZPYSPj=dhw7PkkjjKdGH=cT4DqXLdbdeGLQ+oEg@mail.gmail.com>
To: wutianhao <wutianhao10=40huawei.com@dmarc.ietf.org>
Cc: "idr@ietf.org" <idr@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000017c88c0612db5533"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/5rhWxGjAXmnlL_3u9B9ejlwnvBI>
Subject: Re: [Idr] FW: New Version Notification for draft-wu-idr-flowspec-dip-community-filter-00.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2024 20:12:32 -0000

Hi,

I am not sure if this is targeting FlowSpec v2 ... but I would like to
observe that component types as defined in RFC8955 are about data plane.

You are proposing an addition of a control plane entity - namely BGP
Community Attribute.

I understand that you want to recursively result local installation into
the data plane all destinations which are advertised in BGP with such
community, but this is a significant departure from the definition of
FlowSpec v1.

It is about signalling dynamically a BGP policy which FlowSpec v1 is not
doing.  With that being said I recommend that if authors of FlowSpec v2 are
still working on it allowing it to carry BGP policy - then this would be
the right place to add the proposed encoding into.

As currently defined - stand alone extension - it does not seems to even
fit https://www.iana.org/assignments/flow-spec/flow-spec.xhtml.

Kind regards,
Robert


On Mon, Mar 4, 2024 at 11:55 AM wutianhao <wutianhao10=
40huawei.com@dmarc.ietf.org> wrote:

> Dear all,
>
> We've submitted a new draft: draft-wu-idr-flowspec-dip-community-filter.
>
> This draft specifies a new BGP Flowspec component type to support
> community-level filtering. Flowspec rules can be reduced by using the
> method defining in this draft. It saves a lot of entry spaces on the
> control plane and forwarding plane, and it would greatly simplify the
> operation of the control plane, and the more destination prefixes with the
> same community has, the more obvious the benefit.
>
> Review and comments are welcome.
>
> Best regards,
> Tianhao
>
> -----Original Message-----
> From: internet-drafts@ietf.org <internet-drafts@ietf.org>
> Sent: 2024年2月29日 17:26
> To: Wanghaibo (Rainsword) <rainsword.wang@huawei.com>; Gejun (Jack, BGP) <
> jack.gejun@huawei.com>; wutianhao <wutianhao10@huawei.com>; Dingxiangfeng
> <dingxiangfeng@huawei.com>
> Subject: New Version Notification for
> draft-wu-idr-flowspec-dip-community-filter-00.txt
>
> A new version of Internet-Draft
> draft-wu-idr-flowspec-dip-community-filter-00.txt has been successfully
> submitted by Tianhao Wu and posted to the IETF repository.
>
> Name:     draft-wu-idr-flowspec-dip-community-filter
> Revision: 00
> Title:    Destination-IP-Community Filter for BGP Flow Specification
> Date:     2024-02-28
> Group:    Individual Submission
> Pages:    7
> URL:
> https://www.ietf.org/archive/id/draft-wu-idr-flowspec-dip-community-filter-00.txt
> Status:
> https://datatracker.ietf.org/doc/draft-wu-idr-flowspec-dip-community-filter/
> HTMLized:
> https://datatracker.ietf.org/doc/html/draft-wu-idr-flowspec-dip-community-filter
>
>
> Abstract:
>
>    BGP Flowspec mechanism (BGP-FS) propagates both traffic Flow
>    Specifications and Traffic Filtering Actions by making use of the BGP
>    NLRI and the BGP Extended Community encoding formats.  This document
>    specifies a new BGP-FS component type to support community-level
>    filtering.  The match field is the community of the destination IP
>    address that is encoded in the Flowspec NLRI.  This function is
>    applied in a single administrative domain.
>
>
>
> The IETF Secretariat
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>

v2.23.0 | Report a Bug | By Email