IETF Logo Mail Archive

Re: [Idr] draft-ietf-rtgwg-net2cloud-problem-statement description on BGP error valid? (was RE: WG adoption call for draft-abraitis-bgp-version-capability-08, to end September 25

Robert Raszuk <robert@raszuk.net> Mon, 16 January 2023 20:32 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66477C14CF0C for <idr@ietfa.amsl.com>; Mon, 16 Jan 2023 12:32:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12rKLAPsJ73P for <idr@ietfa.amsl.com>; Mon, 16 Jan 2023 12:32:10 -0800 (PST)
Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com [IPv6:2a00:1450:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40E4BC14CE33 for <idr@ietf.org>; Mon, 16 Jan 2023 12:32:10 -0800 (PST)
Received: by mail-wm1-x335.google.com with SMTP id m5-20020a05600c4f4500b003db03b2559eso964210wmq.5 for <idr@ietf.org>; Mon, 16 Jan 2023 12:32:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Ks0/7E7lgZDh/RbBdY2p+VlKsNR9HMkjieT+SaTQewo=; b=Ewx3STYri87Sm1XfbiyJjtk95OWY09h17YkmmaLHuX9bY2mp4L7bLCYCMElxaJW/Ay plUkOZ586uXU/hUjPCpRcUJCrSEIILsZRALEqSXdVuRth7XxcfWD9+8QA6q3EsWXlLmf 91SutGA1TcsfVcvlPccXwP+v7WBtgfqL2x3wtqB/1ae0kLw+eNZ6lQoaKUNjfIY9yfWx S+KyVlyuBcCHcGRJdObrOJX8HKR/2lbj2+/4uzUNjo4AA1RHwXm0ZfltBMtuXUfBfNaO lMEVQ0tbzcd4/fdktcakwa778NUwHK6ZCnVPFdOWMPs7Pnm+k9iyyUwUc5iPa5sMPqCA pEUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Ks0/7E7lgZDh/RbBdY2p+VlKsNR9HMkjieT+SaTQewo=; b=A1L3JLjjtbXxEApNARah53fqWZ06fZCpt8jGRrVP3wKDbeShNfuRfgxsT4HYbMgTm6 DeXd2IuFD57pUhhiUpV9ZCuJn/rkOPGwQKhwdR8ECwOvkha30twOH4wuczmCGLK4PH34 H+XjxgVigEKuruUZNg+kotAT7mhDLC3CIJRa1lW3pmV2fdSmowSL83GzcMDxIawiUsno e58trsT3quz1eq9iuTtTx5DTHAOKo0g8imPIptsEK2+JJ++CCk3wSEYuEzFjNGUU9Cdn /0FBSukz3Hrc0gggGLRFzT2W9DKtOr+E2q/ST3wjcVXMcs2RtqmUzmFrqS/5qOEbh2XL Wn7Q==
X-Gm-Message-State: AFqh2koAcGhcmB2rG+WLtnp7oVvmKTYOrhcmbr0rc6fc6bEgwN8M9EpO vZPnnsin+BTUvKDC9Q63elkyhzVhunlsXm/p16SbcA==
X-Google-Smtp-Source: AMrXdXvVygIatUzoT1GX8v2iJSSGeJjnPR/cd3kKK95LQSC5wEDXiAszN8B0H93T/YKLPRxr14CDQEhc+tVVuVX/xzk=
X-Received: by 2002:a05:600c:1d83:b0:3da:acb1:2ef6 with SMTP id p3-20020a05600c1d8300b003daacb12ef6mr50232wms.194.1673901128029; Mon, 16 Jan 2023 12:32:08 -0800 (PST)
MIME-Version: 1.0
References: <C3B4F29D-7C8D-4911-B140-286B7B8DA97B@pfrc.org> <CAOj+MMGmSBDwbxvSZ_x+j7NtCHRFFFvcCEKGJ0Wpis_OU26cLA@mail.gmail.com> <CABNhwV3qwCT8=8R+HTi1DFhbRN=FwHMF4XvQVowQwz=pb2U-nA@mail.gmail.com> <CAOj+MMG-5TT2sEnZVMabP1wA=gBNH0g9zkpoM9LWL7XFnh2aEQ@mail.gmail.com> <CABNhwV2H8Y7pthkWtJsDUN7ZscjGvc+v2XdpZ5CcG2ot9TBBog@mail.gmail.com> <CO1PR13MB492093DC7492BFD14A47C97B85C29@CO1PR13MB4920.namprd13.prod.outlook.com> <CABNhwV2UL0ruFeJwfwPnP7OWO9qCpHw3ubWNF7BoQQUEYEgZRw@mail.gmail.com> <CO1PR13MB4920CBF456034CE08D70691385C19@CO1PR13MB4920.namprd13.prod.outlook.com> <20230116192152.GA19126@pfrc.org> <CAOj+MMFAkworqATpiykEMKbntTt7z5kFMOiMNhvj1Z6EG9UAcQ@mail.gmail.com> <20230116194512.GA20268@pfrc.org> <CO1PR13MB4920BB58AF4420592AAD118785C19@CO1PR13MB4920.namprd13.prod.outlook.com>
In-Reply-To: <CO1PR13MB4920BB58AF4420592AAD118785C19@CO1PR13MB4920.namprd13.prod.outlook.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 16 Jan 2023 21:31:57 +0100
Message-ID: <CAOj+MMEGuECX3+d3GXr20GUjQoZoOoeiEn33J6Hf64dUN2pbMQ@mail.gmail.com>
To: Linda Dunbar <linda.dunbar@futurewei.com>
Cc: Jeffrey Haas <jhaas@pfrc.org>, Gyan Mishra <hayabusagsm@gmail.com>, "idr@ietf.org" <idr@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000020356705f2677abc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/9ZLEs14lgfkqvJgvX-TbBwfNADU>
Subject: Re: [Idr] draft-ietf-rtgwg-net2cloud-problem-statement description on BGP error valid? (was RE: WG adoption call for draft-abraitis-bgp-version-capability-08, to end September 25
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jan 2023 20:32:14 -0000

Hi Linda,

I see where you are going with this .. I was expecting so - thank you
for confirming.

So RFC7606 talks about BGP UPDATE Message error handling.

To the best of my knowledge we do not have revised Error Handling for BGP
OPEN Message. So I would propose you encourage folks to work on it
before you proceed with the below section 3.1.

Many thx,
Robert


On Mon, Jan 16, 2023 at 9:22 PM Linda Dunbar <linda.dunbar@futurewei.com>
wrote:

> Robert, Jeffrey, Gyan,
>
> The reason for my question is to validate the description of the Section
> 3.1 (Increased BGP error) in the
> *https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/*
> <https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/>
>
> Love to hear your comments to this description
> --------------------------------------------------
> 3.1. Increased BGP errors and Mitigation Methods
> Many network service providers have limited number of BGP peers and
> usually have prior negotiated peering policies with their BGP peers. Cloud
> GWs need to peer with many more parties, via private circuits or IPsec over
> public internet. Many of those peering parties may not be traditional
> network service providers. Their BGP configurations practices might not be
> consistent, and some are done by less experienced personnel. All those can
> contribute to increased BGP peering errors, such as capability mismatch,
> BGP ceasing notification, unwanted route leaks, missing Keepalives, etc.
> Capability mismatch can cause BGP sessions not established properly.
> If a BGP speaker receives a BGP OPEN message with the unrecognized
> Optional Parameters, an error message should be generated per RFC 4271,
> although the BGP session can be established. When receiving a BGP UPDATE
> with a malformed attribute, the revised BGP error handling procedure
> [RFC7606] should be followed instead of session resetting.
> Many Cloud DCs don’t support multi hop eBGP peering with external devices.
> To get around this limitation, it is necessary for enterprises GWs to
> establish IP tunnels to the Cloud GWs to form IP adjacency.
> Some Cloud DC eBGP peering only supports limited number of routes from
> external entities. To get around this limitation, on-premises DCs need to
> set up default routes to be exchanged with the Cloud DC eBGP peers.
> -----------
>
> Thank you very much
> Linda Dunbar
>
> -----Original Message-----
> From: Jeffrey Haas <jhaas@pfrc.org>
> Sent: Monday, January 16, 2023 1:45 PM
> To: Robert Raszuk <robert@raszuk.net>
> Cc: Linda Dunbar <linda.dunbar@futurewei.com>; Gyan Mishra <
> hayabusagsm@gmail.com>; idr@ietf.org
> Subject: Re: [Idr] WG adoption call for
> draft-abraitis-bgp-version-capability-08, to end September 25
>
> Robert,
>
> On Mon, Jan 16, 2023 at 08:28:27PM +0100, Robert Raszuk wrote:
> > I am afraid you are talking about BGP version while Linda is asking
> > about the subject draft bgp version ... Both are completely unrelated
> "versions".
>
> I'm answering Linda's literal question.  In the cited text, she is not
> asking about the new version capability.  If her intent was to ask about
> that, her text wasn't stating what she wanted to ask.
>
> > While we are here I did reread RFC4271 and I am not sure either if
> > there is text to mandate closing the session when new BGP OPEN
> > Optional Parameter is not recognized. Neither does FSM. Generating
> > NOTIFICATION and continue should be allowed by the spec unless I
> > missed some embedded mandate to close it.
>
> RFC 4271, §6.2:
>
> :    If one of the Optional Parameters in the OPEN message is not
> :    recognized, then the Error Subcode MUST be set to Unsupported
> :    Optional Parameters.
> :
> :    If one of the Optional Parameters in the OPEN message is recognized,
> :    but is malformed, then the Error Subcode MUST be set to 0
> :    (Unspecific).
>
> -- Jeff
>
>

v2.23.0 | Report a Bug | By Email