Re: [Idr] Should BGP communities be restrictive (Issue #38)?
"Jakob Heitz (jheitz)" <jheitz@cisco.com> Sat, 31 August 2019 02:44 UTC
Return-Path: <jheitz@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2638120044 for <idr@ietfa.amsl.com>; Fri, 30 Aug 2019 19:44:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=VhLFEc6H; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=I/Zs0wwo
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8lAlqnztCfev for <idr@ietfa.amsl.com>; Fri, 30 Aug 2019 19:44:03 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 274E912004D for <idr@ietf.org>; Fri, 30 Aug 2019 19:44:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10309; q=dns/txt; s=iport; t=1567219442; x=1568429042; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=Y+zE8/z3FSIkTzfdlB1eh4xR8KX8L9xn0zuRWQInxA0=; b=VhLFEc6HTl7IWF3MBkYEZOqzZIjObhf3OzLYgRa46RZlW2acZyrnRt5O DFMHPAtNA+xDnePl8ZKFQODnQ3R1qbsXsxoyq3kcms9ePErsnngEVDn3a mVhDmHaSsP92khwK89B19oG8zcCFuSFJuy1bWiMHVWOo6AsS9t/9vegxg Y=;
IronPort-PHdr: 9a23:PWfSPhPfNe4e8c2BC14l6mtXPHoupqn0MwgJ65Eul7NJdOG58o//OFDEuKQ/l0fHCIPc7f8My/HbtaztQyQh2d6AqzhDFf4ETBoZkYMTlg0kDtSCDBj5LPPrcz4SF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BpAQBt3mld/5pdJa1mHAEBAQQBAQcEAQGBVgQBAQsBgRUvUANtViAECyqEIYNHA4p1gjeKBokvhFyCUgNUCQEBAQwBARgBDAgCAQGEPwIXgkkjNwYOAgMIAQEEAQEBAgEGBG2FLgyFSwIBAwEBEBEdAQEsCwEPAgEIDjEDAgICHwYLFBECBA4FFA6DAAGBHU0DHQECDKJfAoE4iGFzgTKCfAEBBYJHgksNC4IWAwaBNAGLdxiBQD+BOAwTgh4uPoIaRwEBAoE4VIJeMoImjyqFHYkPjVQtQAqCH4ZwiWuDfBuCMpYxjyiGPYICjk8CBAIEBQIOAQEFgWYigVhwFTsqAYJBgkKDcoUUhT9zgSmLQoJUAQE
X-IronPort-AV: E=Sophos;i="5.64,449,1559520000"; d="scan'208,217";a="618213540"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 31 Aug 2019 02:44:01 +0000
Received: from XCH-ALN-003.cisco.com (xch-aln-003.cisco.com [173.36.7.13]) by rcdn-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id x7V2i1Vf013130 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Sat, 31 Aug 2019 02:44:02 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-003.cisco.com (173.36.7.13) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 30 Aug 2019 21:44:01 -0500
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 30 Aug 2019 21:44:01 -0500
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 30 Aug 2019 21:44:00 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LkRobSG5RJvSq04IzL/AgNGTO8YYjLfaIR1kcJmj4DVIO5DA2suNbXfPlFpFHorY2HK74wQqnZIzC5lTbMUUOb17RqWRN6gytQjbBj/aWOxzqKutNvt7d14L+RbI7nX7eaS1tPeoOUrUez9Y8VMIiNpodw5zXYcqQD072E+KgrEiEU7ZVv8oamsKntABLBkZAW4lwesKmoTuuDFsHTu2OO0uc9Pf/14hJfwU0w6oMyHxek9QrHG+ysZKNGlCOzFD33bX292TMQ5f8Ul147X9tOIApGUQUTznzi9+vjdSH4FmPb33eonxJWddF125l8X2p6/QQSVTEiIPu6lYPwH2kA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Y+zE8/z3FSIkTzfdlB1eh4xR8KX8L9xn0zuRWQInxA0=; b=SDrhl3PId0sq1Fe7F3dfg+SKhcSFdDh0QPUNdPs8sL98tyhTL3tRT5KtaRTJeOsm66gsvI6Fmnyjarh2UaNmRNYjq3vNv5+SSAtPlZJRV5gc7/2SNA9MfNLhjBkAyFJhch2WVUIUpVE4vnzL4AB4DqyISmQHKM2tqzPS76ApTRmkK5/7BI/c4NtOBFK+39/Ne0Af+k9eO56AZZEEso/vQCWxXgMYUIE81q3+dj2fxbU6//tptHL5jf27gb+A7YeHL/6jd5p46rPZa2V+RDTehUXTbL3cGdmOxodrWKiCD5wdoyZs4yYn21Cv0b9WUjYA/eAQDD6UQszwrcYSR9xIHA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Y+zE8/z3FSIkTzfdlB1eh4xR8KX8L9xn0zuRWQInxA0=; b=I/Zs0wwope6m/K+skuvHtHnqVpwWgy3M5uaa/SJG5LoltAG3ZSENikGtAplz7THzxkskiyzeOdlVinHcMSNEzrWhVe7UwiLgnMQ2/FSLThL7YbD6s0XTPBmCobVePQkziPTwSPZhRTy6R0l3xXBp5naxN2A0cZRrR8Y7nh58Y7k=
Received: from BYAPR11MB3751.namprd11.prod.outlook.com (20.178.238.144) by BYAPR11MB3736.namprd11.prod.outlook.com (20.178.238.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2220.19; Sat, 31 Aug 2019 02:43:59 +0000
Received: from BYAPR11MB3751.namprd11.prod.outlook.com ([fe80::f19b:a29c:2227:69e4]) by BYAPR11MB3751.namprd11.prod.outlook.com ([fe80::f19b:a29c:2227:69e4%5]) with mapi id 15.20.2199.021; Sat, 31 Aug 2019 02:43:59 +0000
From: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
To: Mahesh Jethanandani <mjethanandani@gmail.com>
CC: "idr@ietf.org" <idr@ietf.org>
Thread-Topic: [Idr] Should BGP communities be restrictive (Issue #38)?
Thread-Index: AQHVX3JCVKLGFdB+SkW5Ag0liNlNN6cUjP0M
Date: Sat, 31 Aug 2019 02:43:59 +0000
Message-ID: <2B8324B5-0690-4A70-BF44-0FF47FD3CD7F@cisco.com>
References: <6355C6C6-121C-425E-8AB3-24B151222D15@gmail.com>
In-Reply-To: <6355C6C6-121C-425E-8AB3-24B151222D15@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jheitz@cisco.com;
x-originating-ip: [240e:878:3:85eb:c0e6:7e3a:f539:427a]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: dddae024-bc4a-413c-94f7-08d72dbd13b4
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BYAPR11MB3736;
x-ms-traffictypediagnostic: BYAPR11MB3736:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <BYAPR11MB3736A2B8462211BE513D7340C0BC0@BYAPR11MB3736.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 014617085B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(136003)(396003)(376002)(39860400002)(346002)(199004)(189003)(5383002)(446003)(71190400001)(316002)(53546011)(46003)(25786009)(81156014)(102836004)(6506007)(6436002)(256004)(14444005)(53936002)(66574012)(8676002)(66446008)(6916009)(5660300002)(33656002)(81166006)(8936002)(6306002)(1411001)(76116006)(66476007)(91956017)(54896002)(66556008)(236005)(66946007)(186003)(6512007)(71200400001)(6486002)(6246003)(64756008)(966005)(606006)(2906002)(14454004)(99286004)(478600001)(7736002)(229853002)(6116002)(76176011)(476003)(2616005)(36756003)(11346002)(86362001)(486006)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR11MB3736; H:BYAPR11MB3751.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: +gfotRK5BUp2JbFlnrNBcTIr6Co0vmgizau+5F+IVaotpVFz3wnkGd+PP8K/bVnCBLVfzgXWkuFHoIkLY+tiiw9ZlhUxBctq2DlgPcefaY/SDSA/GCECPle559S2zyMg/X8FyrmZ9L8EG/tqBaA+qNsYwIeKAzLIQ11d+zlPgg7i5bTFnM7GxTzvdeqTt22b1rMtcIpakD7TkDoR2ByG9xmVpFglS/scvTwtrAX+pfB3/ENcVtp+6QJECgDoUPkk0rjLkkFZGh4E1ZsxUwMtppXz0zGIgYXFPfiQ4K4MejaXTr5NLlNfRbdvT9G+SVO6ClfdosmIO9tk3cdTG/0qvFszRwnQdjRILcCJWfpIifWQEQUwCqQhcJ7pt4nNR+7H7tkn5o8E/D3rhxn1To3uy26p+AGoz36BrfHy63Oroso=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_2B8324B506904A70BF440FF47FD3CD7Fciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: dddae024-bc4a-413c-94f7-08d72dbd13b4
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Aug 2019 02:43:59.6666 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Kkpf584JKojhNWJX6FGzDEqbLNG7Z9DbrIvnf80QU5A4dg5oxtm1BhncQ26dZW0bCMFS8nyvuIBqVi430AQRHA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3736
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.13, xch-aln-003.cisco.com
X-Outbound-Node: rcdn-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/Eogygxpabd7tidIuB0tF7-1oyCU>
Subject: Re: [Idr] Should BGP communities be restrictive (Issue #38)?
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Aug 2019 02:44:06 -0000
A bgp speaker interprets a limited number of well known communities. Regardless of that, it must be possible to configure and show a community of any value. For example, 0 is an invalid ASN, but 0:0 is not an invalid community. It may be invalid in the context of a particular interpretation and valid in another interpretation. Either way, the router doesn’t care and should be able to process it in a bgp update message. All tools used on the router must accommodate communities of any value, including “invalid” ones. Thanks, Jakob. On Aug 31, 2019, at 4:34 AM, Mahesh Jethanandani <mjethanandani@gmail.com<mailto:mjethanandani@gmail.com>> wrote: The following issue (#38) is documented here<https://github.com/mjethanandani/ietf-bgp-yang/issues/38> for the BGP YANG module. It reads: The current community type is defined in a restrictive manner. An example of what that restriction looks like can be seen here<https://github.com/mjethanandani/ietf-bgp-yang/blob/master/src/yang/ietf-bgp-types.yang#L296>. At least one of the observations is that, experience has shown that restricting ranges of communities may have negative impact on things such as policy, which may need to refer to out-of-acceptable-range values. The suggestion is to not restrict these beyond limiting the range to uint32, or what in YANG terms is 0..max. The question therefore for the WG is, should the YANG model define the community-type in a restrictive manner that will then allow for checking of invalid values, or should it loosen restrictions on the types to allow for an unrestricted range of values to be accepted, knowing that it will fail somewhere deep in the bowels of the system. An alternative is to define two different types for *-community-type. One that is restrictive and the other that is not. The latter will be used in policy definition, while the former will be used for everything else. If no strong opinion is heard, the model will maintain the current restrictions on the ranges it has. Cheers. Mahesh Jethanandani mjethanandani@gmail.com<mailto:mjethanandani@gmail.com> _______________________________________________ Idr mailing list Idr@ietf.org<mailto:Idr@ietf.org> https://www.ietf.org/mailman/listinfo/idr
- [Idr] Should BGP communities be restrictive (Issu… Mahesh Jethanandani
- Re: [Idr] Should BGP communities be restrictive (… Jakob Heitz (jheitz)