Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis, worth fixing?
Robert Raszuk <robert@raszuk.net> Tue, 29 September 2020 06:57 UTC
Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02CE73A08C6 for <idr@ietfa.amsl.com>; Mon, 28 Sep 2020 23:57:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lxR-GcI4wl4c for <idr@ietfa.amsl.com>; Mon, 28 Sep 2020 23:57:44 -0700 (PDT)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE3613A08B9 for <idr@ietf.org>; Mon, 28 Sep 2020 23:57:43 -0700 (PDT)
Received: by mail-ed1-x52e.google.com with SMTP id t16so5149212edw.7 for <idr@ietf.org>; Mon, 28 Sep 2020 23:57:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/bCkaGZnVfqhANGNR1E6YR9hBmnCx9a7F0eSoa0L7Ps=; b=ET+S3LQ136gOp8HFPhwMewsTRfCfp9WPzACZz1y203XWmfBMsv0zWHcXBh1tms2uWv sj2RXfwvbhbMtO5OhmWAYruW95JJKNsjPfBIazJyhEWFX1S60OrGlNZUbr49xDkXAmVz kZwEKKxELtwj/RFKQsAhNe99KXRvZsJ2htdE/cwxGiQaAbalKf49Lfxd9J0a3hIK+9k7 Gry9hj8dfTurIIoOYH0gT975NZx8Qk5semF8JoKFTSP8QgsmKQleQgdpg8EgEM9jrzJx deUm6snvQdy3d+8Aj2q3e88HN8Ugj8MqfXXd4orPuD6Ztor7cqlZJ5Wk3bjNPXbhmX5F EQLA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/bCkaGZnVfqhANGNR1E6YR9hBmnCx9a7F0eSoa0L7Ps=; b=j9vuW8za5Qazi1/ndgr/OnMzS5k8jj88nhMvobTU5xASfdh/Tp3DKIc36PmFItHn2p UHfRTz/cYlIYPDLGIDI+qp4siNtAUmqkvNqmf7SnEL4HKk3XliNHJMV+w5OBM8DOLvmf jkACq+QuecL+Bq1FfmqSb8bPdjYQVgIpCxsr1LvBKeIt9aD9ERa/s0qdEy4Mp2buXcAQ rBb7oSoQpEKorwxk5/3gXVcn3Ap674z4ukP4m7Uza3NKj8qWx6Oyyaugmq3tH1xnJ3Fu caRlk6Ik2gbCWjlyxeOSxjVZjc7B8Lqm2qyYkSsTzKNnE397wHaQBd0PQKFOw/i4TLlm 1eFQ==
X-Gm-Message-State: AOAM533EXlewnX8i31iTLS6u/jLo6UYfKrIbEhQMXovLbSVdkF9GB7Jm f9orJnH/OCxLtI2omvDGDUZXuU9dy80z/8XIj0MI9g==
X-Google-Smtp-Source: ABdhPJzg6TjYuhbvpFVxIOFhD0K8uvlie0xKL7yWblAjKW25svauS9dJJxOgKF4SVeoQFbOK5J7d8jQtP3dwbqGu4Eo=
X-Received: by 2002:a05:6402:142c:: with SMTP id c12mr1737885edx.41.1601362662277; Mon, 28 Sep 2020 23:57:42 -0700 (PDT)
MIME-Version: 1.0
References: <303E54F6-833A-4458-B3E6-DE90E7CA121B@juniper.net> <22341_1601052988_5F6E213C_22341_268_1_53C29892C857584299CBF5D05346208A48F82C17@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <DEE76A95-339B-433C-BD46-AD0243F72FBE@juniper.net> <3366_1601300732_5F71E8FC_3366_6_3_53C29892C857584299CBF5D05346208A48F86028@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <21B4E52C-38F4-4C94-985C-8C1DF88F4A92@juniper.net> <CAMMESsxG+ASdax1USizop-1bzYELcSdvND-f3RNEJ78zDUPrng@mail.gmail.com> <A9128F3D-948E-4F22-B000-7B470AFAC219@tix.at> <CAOj+MMESP=1EtTcuptE9xdyb+g36kDiD4sH6wSLezeZX74v2vw@mail.gmail.com> <BYAPR11MB32079E5730B9B170C1ADF7E1C0350@BYAPR11MB3207.namprd11.prod.outlook.com>
In-Reply-To: <BYAPR11MB32079E5730B9B170C1ADF7E1C0350@BYAPR11MB3207.namprd11.prod.outlook.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Tue, 29 Sep 2020 08:57:33 +0200
Message-ID: <CAOj+MMFrFhwF1D=j1KS5wJXzc-ULEA6Ne-n296LYvit5fKUB+w@mail.gmail.com>
To: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
Cc: Christoph Loibl <c@tix.at>, "idr@ietf. org" <idr@ietf.org>, "draft-ietf-idr-rfc5575bis@ietf.org" <draft-ietf-idr-rfc5575bis@ietf.org>, John Scudder <jgs=40juniper.net@dmarc.ietf.org>, "bruno.decraene@orange.com" <bruno.decraene@orange.com>, Hares Susan <shares@ndzh.com>
Content-Type: multipart/alternative; boundary="000000000000a45a1505b06e4c2d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/9MycnFkECFRfoPPUGtniL5yBi8c>
Subject: Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis, worth fixing?
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Sep 2020 06:57:48 -0000
Hi Jakob, > Flowspec does not AFAIK have any such NLRI... yet. I am not quite sure what are you trying to say above. Today in RFC5575 NLRI is clearly defined as a numeric value with a given length. It was by design not parsable by BGP. The entire NLRI is a key. So updates and withdraws processing happens on the key as defined. Now if we start to parse that value (except maybe for validation which I am also now pretty sceptical about) and dissecting part of that calling some types to be a key and some not - at min IMHO we should use different SAFI not to create complete deployment issues. Many thx, R. On Tue, Sep 29, 2020 at 1:23 AM Jakob Heitz (jheitz) <jheitz@cisco.com> wrote: > Also to consider that in BGP, there are several examples of NLRI > > where the NLRI key is not the whole NLRI, starting with RFC 3107, > > where the label is not part of the key. > > > > A speaker that receives an update with an unknown NLRI does not > > know if that unknown NLRI servers to withdraw a (seemingly) > > different unknown NLRI, if the parts that are different are not > > key material. > > > > Therefore, a BGP speaker must always be able to completely > > parse and understand received NLRI. > > > > Flowspec does not AFAIK have any such NLRI... yet. > > > > Regards, > > Jakob. > > > > *From:* Idr <idr-bounces@ietf.org> *On Behalf Of * Robert Raszuk > *Sent:* Monday, September 28, 2020 1:44 PM > *To:* Christoph Loibl <c@tix.at> > *Cc:* idr@ietf. org <idr@ietf.org>; draft-ietf-idr-rfc5575bis@ietf.org; > John Scudder <jgs=40juniper.net@dmarc.ietf.org>; bruno.decraene@orange.com; > Hares Susan <shares@ndzh.com> > *Subject:* Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis, worth > fixing? > > > > All, > > > > To me the real question is if we really should validate the content of > NLRI or just make sure that NLRI boundaries meet BGP MP_REACH > definition and treat NLRI values completely opaque to BGP (as per original > RFC5575). > > > > If NLRI is really malformed resulting in MP_REACH attribute being > malformed I do not see that much harm in session reset. > > > > But if we dive into each atomic type parsing of the NLRI value itself at > each BGP speaker talking SAFI 133/134 I think this is going to be a mess. > > > > Best, > > R. > > > > > > > > On Mon, Sep 28, 2020 at 9:41 PM Christoph Loibl <c@tix.at> wrote: > > Hi, > > > > I do not really want to repeat the whole discussion here (seems that we > are going in circles) if not needed. I think that we agreed that if the > NLRI is malformed the only option is to reset (+send notification) the > session (even if we consider rfc7606). And from draft-rfc5575bis it is > clear that we are talking about a malformed NLRI: > > > > A NLRI value not encoded as specified specified here is considered > > malformed and error handling according to Section 10 is performed. > > > > -> I think that adding the small term that John suggested is sufficient. > > > > Cheers Christoph > > > > -- > Christoph Loibl > c@tix.at | CL8-RIPE | PGP-Key-ID: 0x4B2C0055 | http://www.nextlayer.at > > > > > > > > On 28.09.2020, at 21:16, Alvaro Retana <aretana.ietf@gmail.com> wrote: > > > > [Explicitly adding Jeff to the To list.] > > > > Hi! > > > > During my AD review there was a discussion on the list about this point, > and whether we could avoid resetting the session. Jeff presented some > examples and, I think, made a very convincing case of why we really can’t: > even if we can look at the length, we would still be guessing. > > > > I think this is one of the messages: > https://mailarchive.ietf.org/arch/msg/idr/FHC-Vz26LZfam-o5Y-9-WSrEm2g/ > > > > Jeff: if you get a chance, please chime in. > > > > Thanks! > > > > Alvaro. > > > > On September 28, 2020 at 2:16:38 PM, John Scudder ( > jgs=40juniper.net@dmarc.ietf.org) wrote: > > > > I think that is the right thing, too: FS uses T,V and not T,L,V for its > component types, the lengths are implicit. So, if my parser encounters an > unknown type code it is impossible for me to know how to skip over that > type code. At that point, parsing breaks down. > > [Bruno] I had in mind the higher level of hierarchy: > > > > The NLRI field of the MP_REACH_NLRI and MP_UNREACH_NLRI is encoded as > > one or more 2-tuples of the form <length, NLRI value>. It consists > > of a 1- or 2-octet length field followed by a variable-length NLRI > > value. The length is expressed in octets. > > > > +-------------------------------+ > > | length (0xnn or 0xfnnn) | > > +-------------------------------+ > > | NLRI value (variable) | > > +-------------------------------+ > > > > Figure 1: Flow Specification NLRI for IPv4 > > > > At this level, assuming that the NLRI value is found semantically > incorrect, it seems to me that one could: > > - Skip this NLRI (thanks to the ‘length’ field) and continue > with the next NLRI > > - Read the ‘NLRI value’ as an opaque data, and treat this NLRI > as withdraw. (In the context of the discussion, this NLRI would never had > been accepted, so ‘treat-as-withdraw’ could even be replaced with > ‘ignore’. But I’m _*not*_ calling for this). > > Hence it seems to me that treat-as-withdraw is technically possible. > > > > Fair enough. It’s a little unfortunate that the draft contains this > ambiguity; in retrospect it would have been better to be explicit about the > error-handling strategy chosen rather than simply referencing RFC 7606. > Whether or not we want to respin the draft in order to clarify it, is a > question for the WG. If we were to make a change, it could potentially be > the addition of this sentence, in Section 10: > > > > Error handling according to [RFC7606 <https://tools.ietf.org/html/rfc7606>] and [RFC4760 <https://tools.ietf.org/html/rfc4760>] applies to this > > specification. *Notably, an NLRI that is found to be semantically* > > *incorrect (for example due to an unknown component type) MUST be* > > *handled using the “treat-as-withdraw” strategy (which in this case,* > > *it** must be noted, works out to be the same as skipping over the NLRI).* > > > >
- [Idr] Bug in draft-ietf-idr-rfc5575bis, worth fix… John Scudder
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… Alvaro Retana
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… Robert Raszuk
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… Robert Raszuk
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… John Scudder
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… John Scudder
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Christoph Loibl
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… McPherson, Danny
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… Susan Hares
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… bruno.decraene
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… John Scudder
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… John Scudder
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… John Scudder
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… Robert Raszuk
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Christoph Loibl
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Susan Hares
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… Dongjie (Jimmy)
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… bruno.decraene
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… John Scudder
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… Alvaro Retana
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Christoph Loibl
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Robert Raszuk
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Jakob Heitz (jheitz)
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Robert Raszuk
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… bruno.decraene
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… bruno.decraene
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… John Scudder
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Robert Raszuk
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… John Scudder
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Jakob Heitz (jheitz)
- Re: [Idr] [BULK] [BULK] Bug in draft-ietf-idr-rfc… Christoph Loibl
- Re: [Idr] [BULK] [BULK] Bug in draft-ietf-idr-rfc… John Scudder
- Re: [Idr] [BULK] [BULK] Bug in draft-ietf-idr-rfc… Christoph Loibl
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Dongjie (Jimmy)
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Jakob Heitz (jheitz)
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Robert Raszuk
- Re: [Idr] [BULK] [BULK] Bug in draft-ietf-idr-rfc… Susan Hares
- Re: [Idr] [BULK] [BULK] Bug in draft-ietf-idr-rfc… John Scudder
- Re: [Idr] [BULK] [BULK] Bug in draft-ietf-idr-rfc… Susan Hares
- Re: [Idr] [BULK] [BULK] [BULK] Bug in draft-ietf-… Christoph Loibl
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… Alvaro Retana
- Re: [Idr] Bug in draft-ietf-idr-rfc5575bis, worth… John Scudder
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Jeffrey Haas
- Re: [Idr] [BULK] Bug in draft-ietf-idr-rfc5575bis… Jeffrey Haas