Re: [Idr] draft-chen-bgp-redist - A Juniper Perspective
Enke Chen <enchen@paloaltonetworks.com> Fri, 20 August 2021 21:28 UTC
Return-Path: <enchen@paloaltonetworks.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FEEA3A154E for <idr@ietfa.amsl.com>; Fri, 20 Aug 2021 14:28:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=paloaltonetworks.com header.b=Z78sTso8; dkim=pass (2048-bit key) header.d=paloaltonetworks-com.20150623.gappssmtp.com header.b=OEi59pMo
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9NffCu_St8NO for <idr@ietfa.amsl.com>; Fri, 20 Aug 2021 14:27:54 -0700 (PDT)
Received: from mx0b-00169c01.pphosted.com (mx0b-00169c01.pphosted.com [67.231.156.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 822343A1547 for <idr@ietf.org>; Fri, 20 Aug 2021 14:27:54 -0700 (PDT)
Received: from pps.filterd (m0048189.ppops.net [127.0.0.1]) by mx0b-00169c01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17KLDbJS025861 for <idr@ietf.org>; Fri, 20 Aug 2021 14:27:53 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paloaltonetworks.com; h=mime-version : references : in-reply-to : from : date : message-id : subject : to : cc : content-type; s=PPS12012017; bh=fuIF6kl8XYaNbMjaSHaEw4rtoZYiL9WWXsVb2G0pFec=; b=Z78sTso8+0m2vWMW6oA2fzfKMeZ7N5Wmp80gX6q7fHAh902AxTZo+/2nvyPb9T9CGa2R wyO1y80HorplF+aqGADWmMhG57QjARI3AXvFCoOGHKd+wVjZ71lH4cpjIDq197RZHjni ZrEkITTFN4xvKLyKGxHi2fUwkK2BKd3st9KzZ6wtJI0OvBFAVPwr4l+U+RweLShuzPKP sydw0cFTbrzf5Gn1At7cm+23MXN3jI5DhOkyCiL9SibX/jaQMTbJ0Q03kJDhoGftuskD pN8rY1GYlkFSe2gHLpDMmqYU8YVKJK/w5gmCBtMzTEuO3tvUoyR+P9LbAh939L705A5n nA==
Received: from mail-lf1-f72.google.com (mail-lf1-f72.google.com [209.85.167.72]) by mx0b-00169c01.pphosted.com with ESMTP id 3ajj158ght-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <idr@ietf.org>; Fri, 20 Aug 2021 14:27:53 -0700
Received: by mail-lf1-f72.google.com with SMTP id b9-20020ac24109000000b003d54c5cc200so3605687lfi.17 for <idr@ietf.org>; Fri, 20 Aug 2021 14:27:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paloaltonetworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=fuIF6kl8XYaNbMjaSHaEw4rtoZYiL9WWXsVb2G0pFec=; b=OEi59pMoDOkyWFs69p60W8MDZGOe5mGF5zrmJumFSGqzSCLeUft4MGMPr5h9F6vI/+ krw+elb7nR9WBmXkkEJ6PizPxLrPTaieo61hu88FmH1E8wVMTYjfKP7h4qo5AdjGL2bZ 1tMZIa39xtkx0IU49qWhb2IvG3firZWKwBfljArz+Dnr7FZZz2ems9aFWhw5BdIS3cNb 3wAHgUdJULiFSIcB7G+mjNh8YC3ToDwe4ODQiPgq/BIN4Ts3uLbFnbEy/+2GOtVNVWMN EXs3Ebsb04ohAqE1uAV9VR4/uOIdA3/vDDYUjPuO8jm0YgpgWB6BgXbLugD7bUlZC/Op qcXg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=fuIF6kl8XYaNbMjaSHaEw4rtoZYiL9WWXsVb2G0pFec=; b=uFLFvoqVerdz5bGmRgXVR4hL3Oa9eNXVxrdQjRN2+W+sPiRgXxxUDa62+s1y8NfF+U or6T4xmUqUkaFLpo1GFXfDO4DFDfplqh+FOwNo8WW4kQQ/Cppy9y5gE1f/8eAAVDoKHh ZpB4SJHNKo8TKNaV0IV1hDfMNg6tEFyi6+/PCod1OVYrvPcjBiGDjQwqwme7ivA7lbFL hmFhBSXwCGAnk5opz3purHUhl9RGEkJ1Lbd/zm9r9ta7Vy6JqI+g+cACrmFOzzA0apQf 6lWTsRai4WFsSRg3WK85iZcMUzhNmxYbz3gSsxzJ0LPOmp9p29TsYD7SdclBDcfpmqyi 3QNA==
X-Gm-Message-State: AOAM532IdeWyE9xfIHxg87p1GefwlO0A11xG5JgBxhSGN4hICAI/bcrl D3SOehqIU6RkzPerUnSlTm9UWH+od9XgpW0iVIQ4EOcpv3RubWXPrr1Hb+LZDWdrH41pwXUPFIZ BlTh02WyAaxYmMTsTqZc=
X-Received: by 2002:ac2:5231:: with SMTP id i17mr16349285lfl.497.1629494871188; Fri, 20 Aug 2021 14:27:51 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwnIoIayKdpiT0+N038Rc4f1rhsHYnRXeE0yeELakZvx7zMf+A1Aa+Vwyj5reJyYR2ktRjrKKGiSwYmSSN2grQ=
X-Received: by 2002:ac2:5231:: with SMTP id i17mr16349273lfl.497.1629494870916; Fri, 20 Aug 2021 14:27:50 -0700 (PDT)
MIME-Version: 1.0
References: <20210820192201.GB19054@pfrc.org>
In-Reply-To: <20210820192201.GB19054@pfrc.org>
From: Enke Chen <enchen@paloaltonetworks.com>
Date: Fri, 20 Aug 2021 14:27:40 -0700
Message-ID: <CANJ8pZ-mz8KuWBkgYjuKSRwTW2ycq2VkQKYRqnnFquPQEQ=GNg@mail.gmail.com>
To: Jeffrey Haas <jhaas@pfrc.org>
Cc: draft-chen-bgp-redist@ietf.org, "idr@ietf. org" <idr@ietf.org>, Enke Chen <enchen@paloaltonetworks.com>
Content-Type: multipart/alternative; boundary="000000000000f243d505ca0456e7"
X-Proofpoint-ORIG-GUID: 3Uj9rOy0qE-QklAUdGYZpJiNAejBj5as
X-Proofpoint-GUID: 3Uj9rOy0qE-QklAUdGYZpJiNAejBj5as
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-08-20_08:2021-08-20, 2021-08-20 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 suspectscore=0 lowpriorityscore=0 mlxlogscore=999 bulkscore=0 phishscore=0 priorityscore=1501 mlxscore=0 spamscore=0 clxscore=1015 malwarescore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2107140000 definitions=main-2108200120
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/A10RGx7AoXJUvJgajMTapOXZLQM>
Subject: Re: [Idr] draft-chen-bgp-redist - A Juniper Perspective
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Aug 2021 21:28:01 -0000
Hi, Jeff:
Thanks for the pointer to JUNOS's BGP path selection. It's great that the
Gated/JUNOS already has some consideration of the "admin-distance" /
"preference" in BGP. That should take care of the case described in Sect.
2.1 ("On a single router"). It's not clear to me, though, whether and how
the cases described in Sec. 2.2 ("Network-wide behavior") are handled.
This is just a quick comment. I am still trying to digest your email.
-- Enke
On Fri, Aug 20, 2021 at 12:22 PM Jeffrey Haas <jhaas@pfrc.org> wrote:
> Enke & Jenny,
>
> While I'm inclined to say that the matters described in
> draft-chen-bgp-redist aren't a problem, it's probably more reasonable to
> say
> "this isn't a problem for everyone".
>
> I'm not going to debate what other implementations do. Instead, I'll spend
> the much of my message discussing what the implementation I work on does.
> This does leave us in an interesting headache as a working group whether
> there's more general work to do here that merits discussion as an RFC.
>
> ----
>
> One thing I will contribute toward some possible need for discussion is the
> sloppy ground that RFC 4271 had with regards to interactions with non-BGP
> protocols. We had quite a difficult time getting the text for this "right"
> and there was multiple pushes to try to NOT discuss non-BGP protocols at
> all. Such discussions got very deep in the internal details of various
> implementations. What we did end up with in RFC 4271 was the following:
>
> The BGP RIBs are a distinct entity from the "Routing Table".
>
> Section 9.1.2 places the best BGP route in the Loc-RIB.
> It also says, "Whether the new BGP route replaces an existing non-BGP route
> in the Routing Table depends on the policy configured on the BGP speaker."
>
> Section 9.1.3 for Route Dissemination then says the following:
> : The Phase 3 decision function is invoked on completion of Phase 2, or
> : when any of the following events occur:
> : [...]
> : b) when locally generated routes learned by means outside of BGP
> : have changed
> : [...]
> :
> : All routes in the Loc-RIB are processed into Adj-RIBs-Out according
> : to configured policy.
>
> So... there's not a lot of normative text there. The last sentence above,
> "configured policy", is the wiggle room the RFC has to say "I'm originating
> a route".
>
> The general call in the RFC to not advertise things you can't forward to
> also provides some level of wiggle room that the best route in the Routing
> Table is what should be redistributed:
> : A route SHALL NOT
> : be installed in the Adj-Rib-Out unless the destination, and NEXT_HOP
> : described by this route, may be forwarded appropriately by the
> : Routing Table.
>
> Anyway, the text is sloppy and discussions about how redistribution is done
> and whether that is shown in the Loc-Rib view or as an override to the
> rib-out manifests in discussions in things like BMP or the Yang modules.
> It's still not as cleanly settled as it should be.
>
> Offering my opinion on this abstract model, I've tended to think about a
> better route in the Routing Table (e.g. a static route with a better admin
> distance/preference) as being selected into the Loc-Rib by considering it a
> route injected via a virtual Adj-Rib-In. But that's just my personal
> justification.
>
> ----
>
> Juniper's implementation roughly works like the following. Since it's
> derived from GateD heritage, many similar implementations will behave in a
> similar fashion.
>
> In a single routing table, there is a total ordering on all contributors to
> a given destination.
>
> The highest level of ordering is "preference", which roughly corresponds to
> admin-distance.
>
> When routes are BGP routes, the BGP routes are ordered based largely on
> standard RFC rules. The deviations from those rules are the usual vendor
> deviations from standards based on when the later standards were published,
> and the mix of features the operator wants. Examples of deviations are
> whether RFC 5004 is used for temporal vs. router-id based deterministic
> tie-breaking.
>
> BGP routes vs. non-BGP routes are not directly comparable, even when they
> have the same preference, but we have criteria that permits them to be
> selected deterministically.
>
> For non-BGP routes vs. non-BGP routes of two different protocols, we
> similarly will select things deterministically, but may be willing to use
> particular properties of the routes that may be comparable; e.g. metric.
>
> Much of this process is documented here:
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.juniper.net_documentation_en-5FUS_junos_topics_reference_general_routing-2Dprotocols-2Daddress-2Drepresentation.html&d=DwIBAg&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OPLTTSu-451-QhDoSINhI2xYdwiMmfF5A2l8luvN11E&m=-dwyFCMbZS-tuTtu3oL1HNFBH-2mpqRlUm9F7wDkv6g&s=R7AEen-1wMEbbOC4rK4EjfOnMRVPTfQpMnYKMWKGmAA&e=
>
> For the described scenarios in draft-chen-bgp-redist, JUNOS doesn't have
> determinism issues.
>
> In our more recent multi-threaded BGP mode, we at one point in the design
> had an issue somewhat related to the one described in the draft. In our
> implementation, we address the issue by always making the Routing Table and
> the BGP thread always exchange the best route in the local total-ordering.
>
> -- Jeff
>
- [Idr] draft-chen-bgp-redist - A Juniper Perspecti… Jeffrey Haas
- Re: [Idr] draft-chen-bgp-redist - A Juniper Persp… Robert Raszuk
- Re: [Idr] draft-chen-bgp-redist - A Juniper Persp… Enke Chen
- Re: [Idr] draft-chen-bgp-redist - A Juniper Persp… Jeff Tantsura
- Re: [Idr] draft-chen-bgp-redist - A Juniper Persp… Jeffrey Haas
- Re: [Idr] draft-chen-bgp-redist - A Juniper Persp… Jeffrey Haas
- Re: [Idr] draft-chen-bgp-redist - A Juniper Persp… Jeff Tantsura