Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
Robert Raszuk <robert@raszuk.net> Sun, 09 December 2012 20:51 UTC
Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D62BD21F8D04 for <idr@ietfa.amsl.com>; Sun, 9 Dec 2012 12:51:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.956
X-Spam-Level:
X-Spam-Status: No, score=-2.956 tagged_above=-999 required=5 tests=[AWL=0.021, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YdsEL0KdYi-a for <idr@ietfa.amsl.com>; Sun, 9 Dec 2012 12:51:05 -0800 (PST)
Received: from mail-ia0-f175.google.com (mail-ia0-f175.google.com [209.85.210.175]) by ietfa.amsl.com (Postfix) with ESMTP id EA69A21F8CFF for <idr@ietf.org>; Sun, 9 Dec 2012 12:51:04 -0800 (PST)
Received: by mail-ia0-f175.google.com with SMTP id z3so3200971iad.34 for <idr@ietf.org>; Sun, 09 Dec 2012 12:51:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=QDwtBLPs2s4t2f9/6NRnnTgb+ssD7gUFKhYXK8p6u6s=; b=bI6mc9WWETGA9SYdoRFanRGS2kxyggZgsclknf7V+nqHEIYWXlSpAS/fKOe6WMDb8n tyHWkzQ45xnN7PIx6+zqrYCf4Vahdor7uB2BKK9Qd7VJQFNQ/tx5BYedoxikZB4OJe6j 90IBfccEh9blI0Xs6HkXEqNafyhgxOAaPUjYl8Zbmc03jPCrHwUqQGlXUuwXuQusYaHS 0fRsCP/kSLHo9idramltdH4a/RcbVihjLFppGyhh0tJptOqOxZVyl1Ya2jzpbeFOeHLm db9kjVoNbXDQYrTguI3njFDMl7HJHNMpmLhgBHrPGASm94qTgXAox45M14/bMqRTGvQm Ot9Q==
MIME-Version: 1.0
Received: by 10.50.40.137 with SMTP id x9mr7488212igk.1.1355086264392; Sun, 09 Dec 2012 12:51:04 -0800 (PST)
Sender: rraszuk@gmail.com
Received: by 10.64.135.100 with HTTP; Sun, 9 Dec 2012 12:51:04 -0800 (PST)
In-Reply-To: <50C4D7EC.4070309@cisco.com>
References: <20121121191321.6164.6887.idtracker@ietfa.amsl.com> <50AD2986.90705@cisco.com> <058b01cdd3b4$9f5193b0$ddf4bb10$@highwayman.com> <8ED5B0B0F5B4854A912480C1521F973A0F4940@xmb-rcd-x13.cisco.com> <94913EE5-2864-4EE2-B474-9631430B1E22@ericsson.com> <068701cdd478$2cf01cf0$86d056d0$@highwayman.com> <CAEGVVtBy-zdLz8hVajLnuAqgzfgQHrseK4r-N9=pOZGtqV7LbA@mail.gmail.com> <CAH1iCipfup-GEeJduBti_KHvX1pUZfmZLA3Zz5Y9Aw9xV3fQ9w@mail.gmail.com> <079901cdd601$9901b630$cb052290$@highwayman.com> <50C4D7EC.4070309@cisco.com>
Date: Sun, 09 Dec 2012 21:51:04 +0100
X-Google-Sender-Auth: 5xqHBq5Ja5etqV_ho39P-Y5_ikw
Message-ID: <CA+b+ER=AuKFo+v8O6Wk1FArQD9LfQ0gH7yqb4We722hKkeMczA@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
To: Enke Chen <enkechen@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: idr@ietf.org
Subject: Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Dec 2012 20:51:06 -0000
Hi Enke, I think the draft is pretty clear reg the MP_REACH_NLRI. However as indicated in this thread what is not clear are the following cases: - MP_UNREACH_NLRI is not mandatory so you never know if it was not sent after some malformed attribute -> possible solution would be to send empty UNREACH each time after MP_REACH. Otherwise if you are not sure sender did not include MP_UNREACH you really can not treat-as-withdraw so session will get reset. - Sending vanilla IPv4 reach/unreach unicast NLRI is still allowed and receiver has no way of knowing if sender did include those or not in addition to new SAFIs in MP_REACH - here again lack of such assurance will cause session reset even if first MP_REACH was parsed -> possible solution would be to depreciate vanilla IPv4 reach/unreach unicast NLRI if MP capabilities were negotiated. Thx, R. On Sun, Dec 9, 2012 at 7:26 PM, Enke Chen <enkechen@cisco.com> wrote: > Hi, Chris: > > As I replied before, the receiver knows from parsing the path attributes > whether the MP_REACH_NLRI and/or MP_UNREACH_NLRI is the first attribute in > an UPDATE message. It does not need a new capability to make that > determination. > > -- Enke > > > On 12/9/12 3:37 AM, Chris Hall wrote: >> >> Brian Dickson wrote (on Fri 07-Dec-2012 at 23:13 +0000): >>> >>> I see the high-level problem Chris describes, and think maybe >>> it requires discussing possible ways of removing >>> doubt/ambiguity over successful parsing of such MP_REACH >>> and MP_UNREACH attributes. >> >> My suggestion, for minimal change to the protocol, would be a new >> capability which would carry the undertaking that: >> >> * when sending MP_UNREACH_NLRI and/or MP_REACH_NLRI >> they will be the first attribute(s), and will >> appear in that order. >> >> * the ORIGIN attribute will be the first attribute, >> or will follow any NLRI attributes. >> >> Which deals with the absence of one or both NLRI >> attributes. >> >> A receiver in possession of this new capability knows that, once it >> has seen completely valid versions of these leading attributes, it can >> tolerate any malformation of the following attributes, or absence of >> essential attributes, etc. and "treat-as-withdraw". >> >> The ORIGIN attribute has the value 0x0X 0x01 0x01 0x0Y -- where X is >> supposed to be 0 and Y MUST be 0, 1 or 2. This pattern is, >> effectively, and "end-of-NLRI-attributes" mark. >> >> If the new capability also meant that this attribute would always be >> output with extended length and guaranteed X = 0, then the receiver >> would expect to see 0x10 0x01 0x00 0x01 0x0Y -- which is a little more >> unique, and offer a little more assurance that the attributes so far >> are completely valid. (But this is not essential) >> >> (The new capability could also mean that IPv4 Unicast will not appear >> both in the body of the message and in NLRI attributes -- but that is >> not essential, either.) >> >> If the sender misbehaves, and sends any NLRI attribute after the >> ORIGIN then: >> >> a) if it is not a repeat attribute then... >> >> ...accept, but turn off the capability ? >> >> ...treat as a repeat ? >> >> b) if it is a repeat attribute then... >> >> ...session-reset, as per draft ? >> >> c) if the extra attribute is hidden by a preceding >> broken attribute then... >> >> ...the change to the relevant NLRI is lost. >> >> The last case is BAD: the receiver will "treat-as-withdraw" the NLRI >> it can see, but not those it cannot. The risk here may be deemed >> ignorable -- but needs to be assessed. >> >> For all code which deals with BGP updates -- BGP speakers or analysers >> of BGP streams etc -- the only change here is the new capability; >> UPDATE messages will have attributes in a particular order (and >> perhaps take a particular form) but are entirely RFC4271 compliant. >> >> That leaves the question of what the receiver does in the absence of >> the new capability... but that's another story, for another day. >> >> Chris >> >> _______________________________________________ >> Idr mailing list >> Idr@ietf.org >> https://www.ietf.org/mailman/listinfo/idr > > > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr
- [Idr] I-D Action: draft-ietf-idr-error-handling-0… internet-drafts
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Saikat Ray (sairay)
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Shyam Sethuram
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Robert Raszuk
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Rob Shakir
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… bruno.decraene
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… bruno.decraene
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… John Leslie