[Idr] draft-ietf-idr-rfc5575bis - duplicate types, improper lengths?
Jeffrey Haas <jhaas@pfrc.org> Thu, 03 May 2018 14:15 UTC
Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BBD812E854 for <idr@ietfa.amsl.com>; Thu, 3 May 2018 07:15:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OOyA324bNp2o for <idr@ietfa.amsl.com>; Thu, 3 May 2018 07:15:18 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id CF3F6126CE8 for <idr@ietf.org>; Thu, 3 May 2018 07:15:18 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 2DF681E409; Thu, 3 May 2018 10:16:39 -0400 (EDT)
Date: Thu, 03 May 2018 10:16:38 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: idr@ietf.org
Message-ID: <20180503141638.GG24256@pfrc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/64vJbrGfa7MpntZXFtIRs6h5UrQ>
Subject: [Idr] draft-ietf-idr-rfc5575bis - duplicate types, improper lengths?
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 May 2018 14:15:20 -0000
IDR, I'm having trouble getting a good search on the IETF site for these matters, so please forgive me if this should have been answered in the archives. Flowspec specifies a series of subcomponents for filtering. I don't recall seeing any advice regarding dealing with duplicates. At best, the following is present: : All combinations of component types within a single NLRI are allowed, : even if the combination makes no sense from a semantical perspective. A somewhat more minor point, some components use a common header with a defined length. Using Type 3 (IP Protocol) as an example: : len - length of the value field for this operand encodes 1 (00) - : 4 (11) bytes. Type 3 flow component values are always encoded as : single byte (len = 00). The question being the semantic validity when the length is incorrect. There are two cases here: 1. The value is still within the correct range. E.g. 1-4 byte representations of the protocol nummber as long as the value is <= 255. 2. The value exceeds the correct range. Syntactically correct, semantically incorrect. Ignore filter, or treat as NLRI formatting issue with resultant treat-as-withdraw or session bounce depending on error-handling? A final comment on future extensions: The flowspec feature relies on implicit lengths in the sub-types. A negative consequence of this is that implementations that do not understand a future sub-type cannot validate the correctness of the NLRI. However, it should still be propagated: : receiver. Since a Flow Specification has the semantics of a logical : AND of all components, if a component is FALSE, by definition it : cannot be applied. However, for the purposes of BGP route : propagation, this prefix should still be transmitted since BGP route : distribution is independent on NLRI semantics. This means that failures will be detected potentially "far away". -- Jeff
- [Idr] draft-ietf-idr-rfc5575bis - duplicate types… Jeffrey Haas
- Re: [Idr] draft-ietf-idr-rfc5575bis - duplicate t… Sandra Murphy
- Re: [Idr] draft-ietf-idr-rfc5575bis - duplicate t… Christoph Loibl
- Re: [Idr] draft-ietf-idr-rfc5575bis - duplicate t… Jeffrey Haas
- Re: [Idr] draft-ietf-idr-rfc5575bis - duplicate t… Robert Raszuk
- Re: [Idr] draft-ietf-idr-rfc5575bis - duplicate t… Jeffrey Haas
- Re: [Idr] draft-ietf-idr-rfc5575bis - duplicate t… Robert Raszuk