Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
Jeff Wheeler <jsw@inconcepts.biz> Mon, 10 December 2012 19:54 UTC
Return-Path: <jsw@inconcepts.biz>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAE0621F861B for <idr@ietfa.amsl.com>; Mon, 10 Dec 2012 11:54:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.722
X-Spam-Level:
X-Spam-Status: No, score=-2.722 tagged_above=-999 required=5 tests=[AWL=0.255, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Clh25eABSYYU for <idr@ietfa.amsl.com>; Mon, 10 Dec 2012 11:54:40 -0800 (PST)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id E6FF721F860A for <idr@ietf.org>; Mon, 10 Dec 2012 11:54:39 -0800 (PST)
Received: by mail-ob0-f172.google.com with SMTP id za17so3035354obc.31 for <idr@ietf.org>; Mon, 10 Dec 2012 11:54:39 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=BqHAzORNNV4KqhVU/7+U1QnTGJzzFWe5JBJwGbcDDQw=; b=MJz/RNPMOdqjTlrV3do1KzluYkKHo18Oz2lGBInb360wyCYHvFbzk34gDQMcUowxxR DKEJ7xnPY4SrOGZ3NIEeDyfnhHPUh8DKRc66u0YgSamOLdIVYgYd5MikktP1YYDeFAN8 PsCnqS5tplo8ie+ki7imrTDJrdrKrh+Kb5542lPaPeF9gxtySJZuhZQI3gDBWWtYubcb tCTDwFvNQ7ZS9ICU5jvf3DLmQYmt7CpTamQbZ3HvNgOj2TvFCaduFbsjJb7g/UvP7t9B ArhjG6ZTBdmjAhG5QLCBD0dY6NYUolM8JkYyCZAzPfnqRdiHqqkT2GVDYRthXei2s7MT IN0Q==
MIME-Version: 1.0
Received: by 10.182.36.8 with SMTP id m8mr2432385obj.93.1355169279422; Mon, 10 Dec 2012 11:54:39 -0800 (PST)
Received: by 10.76.13.201 with HTTP; Mon, 10 Dec 2012 11:54:39 -0800 (PST)
X-Originating-IP: [74.134.22.105]
In-Reply-To: <009001cdd6ff$1c982530$55c86f90$@highwayman.com>
References: <20121121191321.6164.6887.idtracker@ietfa.amsl.com> <50AD2986.90705@cisco.com> <058b01cdd3b4$9f5193b0$ddf4bb10$@highwayman.com> <8ED5B0B0F5B4854A912480C1521F973A0F4940@xmb-rcd-x13.cisco.com> <94913EE5-2864-4EE2-B474-9631430B1E22@ericsson.com> <068701cdd478$2cf01cf0$86d056d0$@highwayman.com> <CAEGVVtBy-zdLz8hVajLnuAqgzfgQHrseK4r-N9=pOZGtqV7LbA@mail.gmail.com> <074d01cdd536$173f5830$45be0890$@highwayman.com> <9474D8DC-30FF-4C52-9504-15CBCC47E7D8@ericsson.com> <07df01cdd661$f28ef7c0$d7ace740$@highwayman.com> <36E98AE5-3EF8-4738-9982-42B9CA0BAAF5@rob.sh> <005001cdd6da$099f1e90$1cdd5bb0$@highwayman.com> <828AAFF5-0260-4AA6-BBDC-6C1F69919837@ericsson.com> <009001cdd6ff$1c982530$55c86f90$@highwayman.com>
Date: Mon, 10 Dec 2012 14:54:39 -0500
Message-ID: <CAPWAtb+JZaJejebL0qd8LzC+3zhGYcagnz9m7gqq=AMC9T=mhw@mail.gmail.com>
From: Jeff Wheeler <jsw@inconcepts.biz>
To: Chris Hall <chris.hall@highwayman.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-Gm-Message-State: ALoCoQlc+wdzk6Tjnz9qoptfUT+gZVqDaxusdBN3t9sBt8qc3dGPecWTGdMRTS1Vc1kW7V34PJ/H
Cc: idr@ietf.org
Subject: Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2012 19:54:40 -0000
On Mon, Dec 10, 2012 at 12:52 PM, Chris Hall <chris.hall@highwayman.com> wrote: >> . MP_REACH >> . MP_UNREACH > > If the sender is unchanged (which I recall you were keen on) how is it > certain that either or both these attributes will precede the first > broken one ? Actually RFC4271 Pg24 says: "The sender of an UPDATE message SHOULD order path attributes within the UPDATE message in ascending order of attribute type. The receiver of an UPDATE message MUST be prepared to handle path attributes within UPDATE messages that are out of order." The same text is also in RFC1771. So the MP_UN?REACH_NLRI Attribute type codes are 14 and 15 which is larger than most things like as_path, aggregator, and so on. I have not tried to collect any data on what implementations are actually doing. I could collect some by packet dumping my BGP sessions on an IXP in a few weeks when I have a chance to setup the necessary equipment to make the dump. It would be much more helpful if someone who runs a large IXP route-server could do this analysis, but if no such person volunteers and the data would be useful, I will do some work on this around the holiday or in early-January. On Mon, Dec 10, 2012 at 12:21 PM, Chris Hall <chris.hall@highwayman.com> wrote: > I haven't considered IGNORE because the draft appears to vote against > that pretty strongly. I think maybe some folks haven't imagined the failure modes of IGNORE vs WITHDRAW, and what is actually possible to do with WITHDRAW depending on the nature of the malformation. Really, the inconsistencies created by IGNORE are not too bad. You would hope Acme Router Co won't ship that as the default configuration of their products and that networks won't just turn that knob on a routine basis without understanding it. However, in a pinch, it will actually do only minimal damage to unrelated prefixes. Honestly, if Messages would not pack so much unrelated changes together, IGNORE would be fantastic. Simply separating nominal BGP withdraws from updates would make IGNORE quite safe. I think many people would argue that discouraging, or disallowing, a mixture of withdraws and updates in a single Message will be costly, but in fact it won't be. You wouldn't even need to discourage or forbid this though, vendors could choose to provide a knob to avoid mixing withdraws and updates together with no changes to the BGP specification. This would be ideal but it's hard to imagine customers actually requesting it as a feature, because vendors spent some years convincing customers that larger TCP MSS was going to improve converge performance, etc. Anyway, at least vendors have this choice if they wanted to do it. There are some consequences relating to the frequency of Message transmissions but I do not think anyone really obeys that text because it is stupid. > Well, that's an interesting idea :-) If the only important thing to > extract from a broken set of attributes is the NLRI, then why not scan > for it and assume that there is sufficient redundancy to effectively > rule out false positives. Interesting :-) I don't know what other way would be sensible. The other attribute information is not needed to effect a withdraw, only the NLRIs themselves. The troubling thing is that false positives could be created. For example, if you had a broken MP attribute toward the end of the Message (and the RFC effectively recommends that it be put toward the end, see above) then you can make a really big mistake and think that some MP NLRI are native NLRI. This means your Internet IPv4 RIB gets withdraws from prefixes that happened to be updated or withdrawn in a VRF within the same Message. That is why I mentioned that BGP is continually being extended to do new things that it is not good at. So you can see, the false positive problem is worth thinking about in-depth. I am sure that's why the draft wants to move the MP attribute to the beginning of the Message instead of the end. It is a smart idea if everyone would actually do it, but it isn't helpful if the peer doesn't. -- Jeff S Wheeler <jsw@inconcepts.biz> Sr Network Operator / Innovative Network Concepts
- [Idr] I-D Action: draft-ietf-idr-error-handling-0… internet-drafts
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Saikat Ray (sairay)
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Shyam Sethuram
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Robert Raszuk
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Rob Shakir
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… bruno.decraene
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… bruno.decraene
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… John Leslie