Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)
Jeffrey Haas <jhaas@pfrc.org> Tue, 28 November 2017 18:29 UTC
Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54027128954; Tue, 28 Nov 2017 10:29:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aTL4EObid1VY; Tue, 28 Nov 2017 10:29:44 -0800 (PST)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 011EE128CD5; Tue, 28 Nov 2017 10:29:43 -0800 (PST)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 4968E1E37B; Tue, 28 Nov 2017 13:33:13 -0500 (EST)
Date: Tue, 28 Nov 2017 13:33:13 -0500
From: Jeffrey Haas <jhaas@pfrc.org>
To: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
Cc: "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>, idr wg <idr@ietf.org>, "idr-ads@ietf.org" <idr-ads@ietf.org>, Robert Raszuk <robert@raszuk.net>, Idr <idr-bounces@ietf.org>, Thomas Mangin <thomas.mangin@exa.net.uk>
Message-ID: <20171128183312.GT16871@pfrc.org>
References: <CACWOCC-EfzOYdUrHAWQN10LBzofySrKRADc6Zq-dyca1o0DPvw@mail.gmail.com> <CA+b+ER=ppm1N2wnMrPxxS_Nug2EaETBkW5gASTVZ2UKKq0aZJA@mail.gmail.com> <976743ea96934039a85fa74415b45862@XCH-ALN-014.cisco.com> <CA+b+ERmpEghcndHKM+WKKxg1V8ufTwg=xqb0J5jNowZHj2OwAQ@mail.gmail.com> <88d5df779a344b588745108c771d3145@XCH-ALN-014.cisco.com> <deae6e85c3ff47a6bbcac176eb91bd3e@XCH-ALN-014.cisco.com> <F0EAF2D4-656D-48BD-830B-DC2E8B862813@nist.gov> <A0106E1A-272D-4E1D-A0F3-E3531D583AA3@cisco.com> <1D2FD437-0EEF-4FF6-9853-C09E7EEA2A15@nist.gov> <2B92A151-5A78-46EE-8A46-C09603A37219@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <2B92A151-5A78-46EE-8A46-C09603A37219@cisco.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/61GpBMmCvk_3lsNv2AnuxTRySA0>
Subject: Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Nov 2017 18:29:45 -0000
[I'm choosing this message as my response point, but not intending to suggest that other bits of the thread weren't relevant.] On Wed, Nov 22, 2017 at 11:26:32PM +0000, Jakob Heitz (jheitz) wrote: > If router A follows this draft, then it can quite legitimately send an update with 16000 communities. If router B cannot receive and process it, then it’s broken. > > If path attribute size is not addressed, then this draft will cause inoperable implementations. As such, it is not fit for standardization. Either we assume the maximum possible size for all attributes or specify shorter maximum sizes. Anything less leads to failure to interoperate. BGP has always had an issue with features that had the risk of overflowing the Path Attributes. I've seen this (as likely have others supporting implementations) with odd combinations of AS_PATH, communities, etc. Extended communities and new features simply make this more likely. My take on the issue is this: - If you've selected a route and are attempting to send it to a neighbor and you are unable to format a valid BGP PDU containing only a single NLRI, you MUST NOT try to send it. - If you previously sent reachability for that NLRI, and are unable to send it as above, you MUST withdraw it. Otherwise you run the risk of improper reachability or forwarding. Basically, "treat as withdraw" applies here. IMO, it's no different for extended messsages. If I receive a > 4k message and I can't format it for a subsequent peer, treat as withdraw for those peers. Where we've had good room for discussion has been what to do in order to avoid these sort of things: - Are there circumstances where we might be able to drop an optional attribute? Maybe. This seems messy to me. - Are there circumstances where we might be able to limit the size of large attributes? (E.g. communities.) Possibly. But this may be unsafe and would be highly circumstantial. Whose route-target do you drop from a VPN route as an example? - Is there wisdom in suggesting "old world" path attributes shouldn't be allowed to overflow the 4k limit? Possibly. Then you start getting into interesting mixes of combinatorics. For example, long AS_PATH and a long community list together. Implementations already do things like limit maximum AS_PATH length. My personal opinion on the mitigations is that we shouldn't try to be normative about them in the spec. As noted in the AS_PATH example, vendors already limit some attributes to be shorter than what the protocol might maximally allow. Leave it to the implementations to provide knobs appropriate to those implementations. There may be room in the spec suggesting that such things are possible. We *MUST* be normative about the treat as withdraw behavior. -- Jeff
- [Idr] WG Last Call foir draft-ietf-idr-bgp-extend… Susan Hares
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Nick Hilliard
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Job Snijders
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… heasley
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… bruno.decraene
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Acee Lindem (acee)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… bruno.decraene
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Randy Bush
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Susan Hares
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Randy Bush
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Job Snijders
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Job Snijders
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Job Snijders
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Job Snijders
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Randy Bush
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Randy Bush
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Thomas Mangin
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Thomas Mangin
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Thomas Mangin
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Thomas Mangin
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Thomas Mangin
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Thomas Mangin
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Job Snijders
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Job Snijders
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Randy Bush
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Borchert, Oliver (Fed)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Borchert, Oliver (Fed)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Borchert, Oliver (Fed)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jeffrey Haas
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jeffrey Haas
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Jeffrey Haas
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Robert Raszuk
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Sriram, Kotikalapudi (Fed)
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Randy Bush
- Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-ex… Susan Hares