IETF Logo Mail Archive

Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)

Robert Raszuk <robert@raszuk.net> Thu, 11 February 2021 12:29 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CF2B3A1568 for <idr@ietfa.amsl.com>; Thu, 11 Feb 2021 04:29:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6EO_zwa5BK_t for <idr@ietfa.amsl.com>; Thu, 11 Feb 2021 04:29:20 -0800 (PST)
Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D1A93A1566 for <idr@ietf.org>; Thu, 11 Feb 2021 04:29:20 -0800 (PST)
Received: by mail-lj1-x230.google.com with SMTP id g21so577438ljl.3 for <idr@ietf.org>; Thu, 11 Feb 2021 04:29:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=07pl+Wbyw/Ei7XPtUBsKw9LdA56wqQjVbES1goR5omA=; b=D6VvETp8mZP6hbVgeIBdXyazU50mtMgMAB2h4+ceUYLEFrYiEvb+EStOLzdXA+f9qx s+qxse4gRByVcEzkCiUs2LHUnZNjKuVOxRz4EBCw97lx7rS3UgiYeK9JS7YbxmESgyEL 02I9lVbfpWVmAhPPOAomByBtAqlmSy1CQYdSiK7Wii3UOQNzubbNnFg9jP/g3sIHK7go 3JsVqjAmruhp/t4/PELXfIRP0K0s7AibdTRbMV9oZprvDqOQZoar4wBODPYPFy4ygVsh Pvri8HpRtJVvw5uP1PUC1QKAz69Rk98OUKAGvSE7fau4A3MaILcBUcAKwrONf4frMT/3 uOmQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=07pl+Wbyw/Ei7XPtUBsKw9LdA56wqQjVbES1goR5omA=; b=YjRjhcAIUrevsLAEieEo4gRtigcH4EyHi5DT9xsNvUN4xyOsikJflQfShwYxr50zHB c3MTTTpDC8snKnPDV7Aj185Crj5ObP0kvCc2daOzaDtn+AsZOCUC7LHp1mlIVr7yghBU LqJkMdymXiGWU20sRB9S2KXRFCuCA3Kp6xKeOKTCeyBzILwW0670w1dZY2Cu9Udw5Lbf MbUzvTQM3O/HAoTjf2V2IZust6QVlBZhUgQARmCFv/TK4vvgyZEeRxnX1FQV9ce4DUBK 4Eg8WewVRvm7nvfjcU5frGI951PDLAqMEyYHYsLhYqCJJiWt00FIswOsXmix1rpV+I04 FC+w==
X-Gm-Message-State: AOAM531UQcuw2yUjyGmrO1ntZAnYEFD5/Id0Fb0yN2MmMA0cMI+JDzVk c+ccH8JPEl9PpxUB+3P72r6xZ3ozJubz7rlTRDsynxGX0uOvUA==
X-Google-Smtp-Source: ABdhPJwn/MYZwS9C+11wzqs2rAw78tFWkB41yYvqxebmIaAsnNUqfb/c+YJi0lLDw497MNF/IeVheYm10wWr1xpQH+M=
X-Received: by 2002:a2e:145e:: with SMTP id 30mr1340025lju.199.1613046558499; Thu, 11 Feb 2021 04:29:18 -0800 (PST)
MIME-Version: 1.0
References: <CAOj+MME21d6q7X9GiSEedxKGyVZLhOa+VdYv3qPA1gqk=eQo+g@mail.gmail.com> <E6BE6366-12DD-44AB-AA5A-F1B69C1ABD84@tsinghua.org.cn>
In-Reply-To: <E6BE6366-12DD-44AB-AA5A-F1B69C1ABD84@tsinghua.org.cn>
From: Robert Raszuk <robert@raszuk.net>
Date: Thu, 11 Feb 2021 13:29:08 +0100
Message-ID: <CAOj+MMFVk_LMRiPgTAQV9w3BR6TFNPZXO_xq2uZ=vTHin=6ApA@mail.gmail.com>
To: Aijun Wang <wangaijun@tsinghua.org.cn>
Cc: "Jakob Heitz (jheitz)" <jheitz=40cisco.com@dmarc.ietf.org>, Susan Hares <shares@ndzh.com>, "idr@ietf. org" <idr@ietf.org>, "Acee Lindem (acee)" <acee=40cisco.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000203bbb05bb0eab85"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/6nGuJXiY3-Z0_rW2cI-RQkewZuE>
Subject: Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Feb 2021 12:29:22 -0000

> What will you do in the scenarios that described in this draft ?

As already stated the solution which is deployed in production networks to
prevent scenario described in the draft is not to allow "overwhelming"
amount of routes to enter your network from any VPN.

When you sell VPN service you agree with customers how many routes they
will be injecting into your network. In many cases you even ask for
specific routes which you apply ingress policy to make sure only those
prefixes as expected enter your network.

Same on PE-CE some on Inter-AS option A, B or C or mix of any of the above.

Now if all of the above is not done or done with mistakes and you indeed
experience to many routes to be handled by data plane you stop locally
importing those routes to local VRFs by VRF shutdown. The good thing here
is that this will be noticed by all attached customers as their dynamic
routing will propagate withdraws.

If you are concern that the control plane is not going to keep up you apply
locally inbound drop based on whatever criteria you like (RT, RD etc ...)
and raise alarms and again propagate withdraws to locally attached CEs or
peer's ASBR.

So I am pretty sure none of the suggested by WG tools which have been in
place are going to be sufficient for you. So at this point I will let IDR
chairs and AD to decide on the next steps fwd.

Many thx,
Robert

v2.23.0 | Report a Bug | By Email