Re: [Idr] TCP & BGP: Some don't send terminate BGP when holdtimer expired, because TCP recv window is 0

Tony Li <tony1athome@gmail.com> Fri, 11 December 2020 20:00 UTC

Return-Path: <tony1athome@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BFD53A0E9E for <idr@ietfa.amsl.com>; Fri, 11 Dec 2020 12:00:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Hd33f8-yPob for <idr@ietfa.amsl.com>; Fri, 11 Dec 2020 11:59:59 -0800 (PST)
Received: from mail-pj1-x102a.google.com (mail-pj1-x102a.google.com [IPv6:2607:f8b0:4864:20::102a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E96C3A0E9D for <idr@ietf.org>; Fri, 11 Dec 2020 11:59:59 -0800 (PST)
Received: by mail-pj1-x102a.google.com with SMTP id b5so1401031pjk.2 for <idr@ietf.org>; Fri, 11 Dec 2020 11:59:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kqhn2ivbhiJmz2eBAQQBqOBfiXRbzhN0TvWu1lFKa5I=; b=DY08Rc5Cw2rX7V7OQwa2HtXTKQYGjol4m53gLFZeGT2NyQ64SHkg816VtzVLdrcAZD JeG3yaxytVAECznhCFL7bLk25z14GR+nFZGUqdOWruC9vh7J+vaRHD53bbvcnK8ekRjH 7/RaaQYb/OiWu6AyygSHGSpofQpqnsa7ZkQQ/qUjbN+udSYOTWZBkw59mhtbCZKM8vWk hJx+ITkDs5abv0D3LQ8h4hBJR4x3jLhBdHP3vXBFQeqWmf1GJg2E39+Hi/Bb0RXzP8J9 pV8MmUTKeQTMO2CCA6ietZ+c+Kxy+KaS7RWHpQfw92958uIKYwyFGVj/hTDbR75x/Z+l oBJw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kqhn2ivbhiJmz2eBAQQBqOBfiXRbzhN0TvWu1lFKa5I=; b=tVLTLDbueFACumPxGVcnSXgNx6avLpwuHcs0NZmq9o9iz3c7keglqbwN5B/GJ6Xmqn 73v2PxlHXfDjrSxbnTM4v7uaN22DGJkajaMWws/q9r7v1xrbnNlRYmdkweVnmtlLAPqO 92mfqpsSLBHQ5rQZkzVSdYS0IinvbXs5TMKd3Nv/FKZE2w3kD89AGHrUGRpOJvSWcGXL FvM6Hei7PoXts/nWzJ6wltWcFtfeQcfR4SazrSouAHU5PcIUEbW94Mb1nisA88VZS8RB Ehf6r/cPktbiUYfhVJTpxhFjzrvyuUOSvvTIkpElyzNLc0agWjLCGprd7dNJr7V7APuI ytcQ==
X-Gm-Message-State: AOAM533DLqZeiEr3wibgcVlaUJXniqQElu+2sOwkh46T17Yew9MXBHvG izvF2H+uga2cO1LAbZXbDvaCnRPvYrQ=
X-Google-Smtp-Source: ABdhPJzt0SPPDdggikv5GsfSYQesHVQxM/eZIKLsQp+3/buVYirHgrYiUtyRoG7LS0Ll1xa9W7hLjw==
X-Received: by 2002:a17:90a:658c:: with SMTP id k12mr14375517pjj.31.1607716798385; Fri, 11 Dec 2020 11:59:58 -0800 (PST)
Received: from [192.168.11.20] (c-67-169-103-239.hsd1.ca.comcast.net. [67.169.103.239]) by smtp.gmail.com with ESMTPSA id g33sm11479798pgm.74.2020.12.11.11.59.56 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 11 Dec 2020 11:59:57 -0800 (PST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Tony Li <tony1athome@gmail.com>
In-Reply-To: <X9PHRuGndvsFzQrG@bench.sobornost.net>
Date: Fri, 11 Dec 2020 11:59:54 -0800
Cc: idr@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <B4C63E35-5B42-45A6-92CC-F6704F7568F8@gmail.com>
References: <X9PHRuGndvsFzQrG@bench.sobornost.net>
To: Job Snijders <job@sobornost.net>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/CS7VOx42V76RfGLmXhQqM8DyNjk>
Subject: Re: [Idr] TCP & BGP: Some don't send terminate BGP when holdtimer expired, because TCP recv window is 0
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2020 20:00:01 -0000

Hi Job,


> Does everyone agree BGP-4 sessions MUST be terminated using a TCP RST
> (instead of a BGP-4 Cease NOTIFICATION) if the peer has indicated for
> the duration of the Hold Timer that the TCP receive window is zero?


Not quite.  I agree that the session should be terminated if the TCP receive window
is zero for the duration of the Hold Timer. Clearly the receiver is stuck and the
receiver should be terminating the connection. For robustness, it makes sense that
the transmitter also close the connection. 

I would prefer to see the transmitter do both: queue a NOTIFICATION and reset
the TCP connection. Yes, the NOTIFICATION will probably never make it out. The advantage
of doing it this way is that the code path for errors will be more consistent: always send
a NOTIFICATION before the RST. This code path is also likely to send appropriate signaling to
the management plane. This is also useful in debugging: if you go through the
message queue, the NOTIFICATION will be sitting there in the queue.


> Perhaps RFC 4271 Section 6.5 should be amended as following:
> 
> OLD:
>    If a system does not receive successive KEEPALIVE, UPDATE, and/or
>    NOTIFICATION messages within the period specified in the Hold Time
>    field of the OPEN message, then the NOTIFICATION message with the
>    Hold Timer Expired Error Code is sent and the BGP connection is
>    closed.
> 
> NEW:
>    If a system does not receive (or is unable to send) successive
>    KEEPALIVE, UPDATE, and/or NOTIFICATION messages within the period
>    specified in the Hold Time field of the OPEN message, then the
>    NOTIFICATION message with the Hold Timer Expired Error Code is sent
>    and the BGP connection is closed. If the NOTIFICATION message cannot
>    be send the BGP connection is closed.


Your proposed text does what I prefer, not what you suggested above. I would suggest
two edits: (1) remove then parentheses in the first sentence, they are unnecessary, and
(2) remove the last sentence.

Regards,
Tony