Re: [Idr] Benjamin Kaduk's No Objection on draft-ietf-idr-bgp-optimal-route-reflection-25: (with COMMENT)

Nick Hilliard <nick@foobar.org> Thu, 17 June 2021 07:50 UTC

Return-Path: <nick@foobar.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C982B3A117A; Thu, 17 Jun 2021 00:50:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id buu41lkWPI0J; Thu, 17 Jun 2021 00:50:03 -0700 (PDT)
Received: from mail.netability.ie (mail.netability.ie [IPv6:2a03:8900:0:100::5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40E893A11A4; Thu, 17 Jun 2021 00:49:54 -0700 (PDT)
X-Envelope-To: iesg@ietf.org
Received: from crumpet.local (089-101-070074.ntlworld.ie [89.101.70.74] (may be forged)) (authenticated bits=0) by mail.netability.ie (8.16.1/8.16.1) with ESMTPSA id 15H7nmN2079027 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 17 Jun 2021 08:49:48 +0100 (IST) (envelope-from nick@foobar.org)
X-Authentication-Warning: cheesecake.ibn.ie: Host 089-101-070074.ntlworld.ie [89.101.70.74] (may be forged) claimed to be crumpet.local
To: Robert Raszuk <robert@raszuk.net>
Cc: Benjamin Kaduk <kaduk@mit.edu>, draft-ietf-idr-bgp-optimal-route-reflection@ietf.org, "idr@ietf. org" <idr@ietf.org>, idr-chairs <idr-chairs@ietf.org>, The IESG <iesg@ietf.org>, Susan Hares <shares@ndzh.com>
References: <162386038468.2054.10058025206181569780@ietfa.amsl.com> <CAOj+MMF+kZYv6Gp9s7xGUkcKR7SQCxZdfQtWnhvaZK1nzBCPGA@mail.gmail.com>
From: Nick Hilliard <nick@foobar.org>
Message-ID: <2802f70e-a5f7-aef3-8979-c0b68dfffe69@foobar.org>
Date: Thu, 17 Jun 2021 08:49:46 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:52.0) Gecko/20100101 PostboxApp/7.0.48
MIME-Version: 1.0
In-Reply-To: <CAOj+MMF+kZYv6Gp9s7xGUkcKR7SQCxZdfQtWnhvaZK1nzBCPGA@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/DPYvqZ04JKgYYPeeqPi4PCJk9aI>
Subject: Re: [Idr] Benjamin Kaduk's No Objection on draft-ietf-idr-bgp-optimal-route-reflection-25: (with COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jun 2021 07:50:08 -0000

Robert Raszuk wrote on 16/06/2021 19:38:
> Great catch on SHOULD vs MUST !  Changed.

there's no compelling need to change this - it's operational advice, not 
part of the protocol spec.  As it's operational advice, a) no-one will 
read the rfc, but if they do there are already enough warning signs in 
place and b) if it's ignored, the network won't work properly anyway. 
An operational guidelines RFC may be useful here.

Nick

> On the point regarding the Security Considerations  section 5 the 
> inconsistent policies would only be of a problem in those networks which 
> do not encapsulate packets in some way between ingress and egress. So to 
> restate this the significant portion of Deployment Considerations would 
> have to be repeated. Also while clearly a valid point in regards to 
> routing correctness it is debatable if this is a security risk as such 
> even if policy would be completely wrong between participating route 
> reflectors.
> 
> Regarding moving referencing of RFC7911 to normative let's observe that 
> it may be required only in one specific deployment scenario of using 
> multiple clusters in non encapsulating networks for IPv4/IPv6 AFs. It is 
> clearly not required for other deployment models of BGP ORR. Therefore I 
> am not sure if it deserves the elevated level of referencing in the 
> document. But if the above use is a sufficient reason to treat it as 
> normative reference I personally have no problem moving it.
> 
> All other NITS were fixed. Thank you so much for help in spotting those 
> unclear sentences.
> 
> I will be posting the next version shortly.
> 
> Kind regards,
> Robert,
> 
> 
> On Wed, Jun 16, 2021 at 6:19 PM Benjamin Kaduk via Datatracker 
> <noreply@ietf.org <mailto:noreply@ietf.org>> wrote:
> 
>     Benjamin Kaduk has entered the following ballot position for
>     draft-ietf-idr-bgp-optimal-route-reflection-25: No Objection
> 
>     When responding, please keep the subject line intact and reply to all
>     email addresses included in the To and CC lines. (Feel free to cut this
>     introductory paragraph, however.)
> 
> 
>     Please refer to
>     https://www.ietf.org/iesg/statement/discuss-criteria.html
>     for more information about DISCUSS and COMMENT positions.
> 
> 
>     The document, along with other ballot positions, can be found here:
>     https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-optimal-route-reflection/
> 
> 
> 
>     ----------------------------------------------------------------------
>     COMMENT:
>     ----------------------------------------------------------------------
> 
>     Thank you for this document; it gives a clear explanation of what is to
>     be done and why, and I basically only have nit-level comments, with the
>     exception of the first remark.
> 
>     Section 4
> 
>         This solution can be deployed in traditional hop-by-hop forwarding
>         networks as well as in end-to-end tunneled environments.  In
>     networks
>         where there are multiple route reflectors and hop-by-hop forwarding
>         without encapsulation, such optimizations SHOULD be consistently
>         enabled on all route reflectors.  Otherwise, clients may receive an
>         inconsistent view of the network, in turn leading to intra-domain
>         forwarding loops.
> 
>     The scope of "forwarding loops" as a potential problem makes me wonder
>     if the "SHOULD"-level requirement for this avoidance mechanism is the
>     right choice.
> 
>     Section 5
> 
>     Thank you for accepting the wording suggestion from Roman; it's a good
>     improvement.
> 
>     I might consider reiterating that there are risks if multiple route
>     reflectors are present but using different policy/procedures, though the
>     earlier discussion may suffice.
> 
>     Section 9.2
> 
>     Whether RFC 7911 should be normative or informative seems potentially
>     subject to debate, if deployment of add-path is required in order for
>     correct operation of optimal route reflectors.
> 
>     NITS
> 
>                                                          This ability
>     enables
>         the route reflector to send to a given set of clients routes with
>         shortest distance to the next hops from the position of the selected
>         IGP location.  [...]
> 
>     This feels a bit like a garden-path sentence that makes the reader
>     backtrack to fix their parse tree; commas around "to a given set of
>     clients" might help but a more substantive restructuring might be
>     preferred.
> 
>                        This provides for freedom of route reflector physical
>         location, and allows transient or permanent migration of this
>     network
>         control plane function to an arbitrary location.
> 
>     Pedantically, such a migration seems like it would always have been
>     possible, just with a potentially significant impact on performance and
>     route quality; I'd suggest appending a phrase such as "with negligible
>     impact on performance".
> 
>         The choice of specific granularity (route reflector, set of clients,
>         or client) is configured by the network operator.  An implementation
>         is considered compliant with this document if it supports at least
>         one listed grouping of IGP location.
> 
>     It's not entirely clear to me how a "listed grouping of IGP location"
>     maps to the previous text.
> 
>     Section 3.2
> 
>         If the required routing optimization is limited to the IGP cost to
>         the BGP Next-Hop, only step e) and below as defined [RFC4271]
>     section
>         9.1.2.2, needs to be run multiple times.
> 
>     I think maybe s/and below/and subsequent steps/, and s/as defined/as
>     defined in/.
> 
>     Section 4
> 
>         route reflectors.  More specifically, the choice of BGP path factors
>         in either the IGP cost between the client and the NEXT_HOP (rather
> 
>     I suggest s/factors in/takes into account/, since "factors in" is
>     something of a colloquialism.
> 
>         Modifying the IGP location of BGP ORR does not interfere with
>         policies enforced before IGP tie-breaking (step e) in the BGP
>         Decision Process Route.
> 
>     I think "step e" has to be scoped to §9.1.2.2 of RFC 4271.
> 
>                                                                Similarly, if
>         an IGP location is selected for the whole routing instance, the
>         lowest precision is achieved, but the performance impact is minimal
>         (both should be equal to the [RFC4456] ones).  [...]
> 
>     The phrasing in the parenthetical seems surpising to me -- what does
>     "both" refer to?  I can only see the one "performance of the
>     single-IGP-location-for-the-whole-routing-instance" situation, which of
>     course should have equivalent performance to the stock RFC 4456 case.
> 
>     Section 5
> 
>         This extension provides a new metric value using additional
>         information for computing routes for BGP router reflectors.  While
> 
>     s/router/route/
> 
> 
> 
> 
> 
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>