Re: [Idr] Benjamin Kaduk's No Objection on draft-ietf-idr-bgp-ls-segment-routing-ext-15: (with COMMENT)

"Ketan Talaulikar (ketant)" <ketant@cisco.com> Thu, 27 June 2019 17:38 UTC

Return-Path: <ketant@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C5B012035B; Thu, 27 Jun 2019 10:38:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=epyonC8O; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=jkZ6cHtD
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x9czDkDpU3dB; Thu, 27 Jun 2019 10:38:18 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED3101202E6; Thu, 27 Jun 2019 10:38:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=12152; q=dns/txt; s=iport; t=1561657098; x=1562866698; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=yob58vAd74WpUJdyCWg5piRqog68oyljfNSsk5vHFBI=; b=epyonC8OKWH7TXJSv+E/h3iU/CPkM0N+0v1Tz7mFOWSM74XH0PeSqf4X NiUrMWdL9sFul/wd1nhxM32+FuW1W8F7O+59+dzLNm++TBk0R4vsh+GT2 MTlXRNn/G4gGRaU096Dp2sg0GhmzKnnpWX5X4HxMf9U2efEyGvh+VqTO7 0=;
IronPort-PHdr: 9a23:Tr64PhMVsoMUDTJtlPcl6mtXPHoupqn0MwgJ65Eul7NJdOG58o//OFDEuKQ/l0fHCIPc7f8My/HbtaztQyQh2d6AqzhDFf4ETBoZkYMTlg0kDtSCDBj4IeLjaTASF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CrAACZ/hRd/5RdJa1lDgwBAQEBAQIBAQEBBwIBAQEBgWeBRCQsA2pVIAQLKIQZg0cDjluCW36ITY10gUKBEANUCQEBAQwBASUIAgEBhEACF4JpIzgTAQMBAQQBAQIBBW2KNwyFSgEBAQQSEREMAQE3AQsEAgEIEQEDAQEDAiYCAgIfERUCBggCBAEJBAUIGoMBgWoDHQEOmzACgTiIYHGBMoJ5AQEFgTYCDkGDAQ0LghEDBoEMKItfF4FAP4EQAUaCFzU+ghpHAQEBAQEBgSoBCwcBBxokgmQygiaLfRKCIC+FHpVJJj8JAoIXhlKEZ4RLBIE7gk2CK4cXjE+BTY0lBIc4gXCJTIQqAgQCBAUCDgEBBYFnIWdYEQhwFYMngkEJAxcUgzqFFIUEO3IBgSiLJg8XgiwBAQ
X-IronPort-AV: E=Sophos;i="5.63,424,1557187200"; d="scan'208";a="586956892"
Received: from rcdn-core-12.cisco.com ([173.37.93.148]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 Jun 2019 17:38:16 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by rcdn-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id x5RHcGxU031112 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 27 Jun 2019 17:38:16 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 27 Jun 2019 12:38:16 -0500
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 27 Jun 2019 13:38:15 -0400
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 27 Jun 2019 12:38:15 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yob58vAd74WpUJdyCWg5piRqog68oyljfNSsk5vHFBI=; b=jkZ6cHtDli1Uj58mhcpRcy8Vmf4+08SQHSbm7n9ZB4vqnwjzQYvBi2AGSPJUfPT952Al3ZESqjpgwee5kkkOxUarJBS8CfUUST+t8pbq+JxIjeXc/fEGIHA2pE6qhoT/IcdPE5fd3qYaHpo9Qu3BUw/OoqoEZvx6kRCToWnGBuM=
Received: from DM5PR11MB2027.namprd11.prod.outlook.com (10.168.103.22) by DM5PR11MB1466.namprd11.prod.outlook.com (10.172.36.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2008.16; Thu, 27 Jun 2019 17:38:13 +0000
Received: from DM5PR11MB2027.namprd11.prod.outlook.com ([fe80::a17c:926e:d76e:b6e5]) by DM5PR11MB2027.namprd11.prod.outlook.com ([fe80::a17c:926e:d76e:b6e5%7]) with mapi id 15.20.2008.018; Thu, 27 Jun 2019 17:38:13 +0000
From: "Ketan Talaulikar (ketant)" <ketant@cisco.com>
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>
CC: "draft-ietf-idr-bgp-ls-segment-routing-ext@ietf.org" <draft-ietf-idr-bgp-ls-segment-routing-ext@ietf.org>, Susan Hares <shares@ndzh.com>, "aretana.ietf@gmail.com" <aretana.ietf@gmail.com>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, "idr@ietf.org" <idr@ietf.org>
Thread-Topic: Benjamin Kaduk's No Objection on draft-ietf-idr-bgp-ls-segment-routing-ext-15: (with COMMENT)
Thread-Index: AQHVIVBVGok9NsyJF0ubsMFBNSYrN6avk+/A
Date: Thu, 27 Jun 2019 17:38:13 +0000
Message-ID: <DM5PR11MB20274930EC6BACA697DE3DD5C1FD0@DM5PR11MB2027.namprd11.prod.outlook.com>
References: <156036568060.13998.2374436950168046474.idtracker@ietfa.amsl.com>
In-Reply-To: <156036568060.13998.2374436950168046474.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ketant@cisco.com;
x-originating-ip: [2001:420:c0e0:1007::310]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: dad75047-c6c3-4ccd-f680-08d6fb263b1e
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:DM5PR11MB1466;
x-ms-traffictypediagnostic: DM5PR11MB1466:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <DM5PR11MB1466B53DCE8D88B4AA76B244C1FD0@DM5PR11MB1466.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 008184426E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(346002)(376002)(366004)(136003)(396003)(199004)(13464003)(189003)(316002)(71200400001)(25786009)(99286004)(71190400001)(476003)(81156014)(55016002)(81166006)(4326008)(256004)(7736002)(305945005)(8676002)(54906003)(6306002)(9686003)(110136005)(6436002)(14444005)(446003)(11346002)(46003)(186003)(229853002)(486006)(64756008)(102836004)(33656002)(6506007)(53546011)(73956011)(66446008)(66556008)(66476007)(66946007)(53936002)(76116006)(2171002)(74316002)(52536014)(7696005)(5660300002)(76176011)(6246003)(2906002)(14454004)(66574012)(68736007)(478600001)(86362001)(6116002)(966005)(8936002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR11MB1466; H:DM5PR11MB2027.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: nTuDyta2gO2w/2WN877Whdg9VCpJ3Lkqe11D+9iFVsqdbJ93WRSI4ZRfmjpi/S52CLs7vEqvE8juWxnTZTRZQ1XKdM9fGPl05sYaoFUEqSon+NjaTfkY8n46DI2navWOHFwCpTkN7FIIP/oOrvt7hQxhxIdq9ZJomc4a6+mzk8xYVPD7THn9ym2yM47FIM2WsKq90YNh7O1roCakdOZBcuPfQDvsXTbdBbjIN48Nua7kiXvHTELMU/flJAcy51e7ig8dKTTw1z1R26fm5Atms4EebAAzHavW0aXufZf6U70pacp0MffnCwxikvBL/7DCQq1Nt4JaWT+/23p7KM8c6ypp62L25NGa4u+8G4PvZelLT02Mg9A5+KWGdlyo6E4kbrJLNYw1P3PLvJ0roRstKhTGq1fKuBrKg0nylzcV944=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: dad75047-c6c3-4ccd-f680-08d6fb263b1e
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jun 2019 17:38:13.7336 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ketant@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1466
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.14, xch-rcd-004.cisco.com
X-Outbound-Node: rcdn-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/Fft1A2z0usUK9PLSWYhXyh5dGC8>
Subject: Re: [Idr] Benjamin Kaduk's No Objection on draft-ietf-idr-bgp-ls-segment-routing-ext-15: (with COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jun 2019 17:38:27 -0000

Hi Benjamin,

Thanks for your review. I've updated the draft to address your comments and please check inline below for responses.

The version 16 of the draft has been posted with changes to address your and other comments during the IESG review:
https://tools.ietf.org/html/draft-ietf-idr-bgp-ls-segment-routing-ext-16 

Thanks,
Ketan

-----Original Message-----
From: Benjamin Kaduk via Datatracker <noreply@ietf.org> 
Sent: 13 June 2019 00:25
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-idr-bgp-ls-segment-routing-ext@ietf.org; Susan Hares <shares@ndzh.com>; aretana.ietf@gmail.com; idr-chairs@ietf.org; shares@ndzh.com; idr@ietf.org
Subject: Benjamin Kaduk's No Objection on draft-ietf-idr-bgp-ls-segment-routing-ext-15: (with COMMENT)

Benjamin Kaduk has entered the following ballot position for
draft-ietf-idr-bgp-ls-segment-routing-ext-15: No Objection

When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-ls-segment-routing-ext/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

-15

I agree with Mirja that mentioning the scope earlier in the document would be helpful (but will follow the discussion in her ballot thread).
Basically, even though the SR Architecture is clear about the scope being limited to a trusted administrative domain, it's still helpful to remind the reader briefly at the start of the document that there is some expectation of trust to all participants receiving this information, and that it is not expected to leave into the broader Internet or generic BGP peers.

[KT] Ack. Please check the updated text and let know your views.

Section 1

   When Segment Routing is enabled in an IGP domain, segments are
   advertised in the form of Segment Identifiers (SIDs).  The IGP link-
   state routing protocols have been extended to advertise SIDs and
   other SR-related information.  IGP extensions are described in: IS-IS
   [I-D.ietf-isis-segment-routing-extensions], OSPFv2
   [I-D.ietf-ospf-segment-routing-extensions] and OSPFv3
   [I-D.ietf-ospf-ospfv3-segment-routing-extensions].  [...]

nit: I think "described for" is more appropriate than "described in", which might suggest to the reader that these are part of the core protocols.
[KT] Ack - fixed.

Section 2.1.1

      Length: Variable.  Either 3 or 4 depending whether the value is
      encoded as a label or as an index/SID.

nit: I think the secdir reviewer's concern might be alleviated by spelling these constants as 0x0003 and 0x0004.
[KT] I am not sure how specifying the value in decimal or hexadecimal changes security concerns for something that is not a bit/flag field.

Section 2.1.2

Are the "SID/Label sub-TLV N" fields actually variable length?  The description seems to be saying that we can only use the "label" variant encoding, which makes the overall length of the sub-TLV 7 bytes, always.
[KT] Agree and I've removed the "variable" from the figure for the TLVs in section 2.1.2 and 2.1.4 where this holds true.

      Flags: 1 octet of flags as defined in
      [I-D.ietf-isis-segment-routing-extensions] for IS-IS.  The flags
      are not currently defined for OSPFv2 and OSPFv3 and SHOULD be set
      to 0 and MUST be ignored on receipt.

I agree with the other reviewers that the SHOULD here is surprising.
Perhaps "Until the specification of flag value usage for OSPFv2 and/or
OSPFv3 is defined, the flags MUST be set to zero and ignored on receipt"?

The case for Reserved seems even more clear to mandate setting to zero.

[KT] Fixed for both the above.

Section 2.1.3

Do the algorithm values need to appear in any specific order?
[KT] No. 

The note about the maximum length being 256 seems to imply that duplicates are not expected, but I do not see any specific text forbidding them.
[KT] The values for these fields are picked from their corresponding IGP specifications. E.g. refer to https://tools.ietf.org/html/draft-ietf-isis-segment-routing-extensions-25#section-3.2. There is no processing that is needed when picking the value from underlying IGP and propagating them in BGP-LS.

Section 2.1.4

[Same comments as Section 2.1.2 about variable length sub-TLVs, and SHOULD/MUST]
[KT] Fixed.

Section 2.2.1

   The Adjacency SID TLV is used in order to advertise information
   related to an Adjacency SID.  This information is derived from Adj-
   SID sub-TLV of IS-IS [I-D.ietf-isis-segment-routing-extensions],
   OSPFv2 [I-D.ietf-ospf-segment-routing-extensions] and OSPFv3
   [I-D.ietf-ospf-ospfv3-segment-routing-extensions].

nit: I think this should be "Adj-SID sub-TLVs" plural.
[KT] We are talking about a specific TLV name here.

      Weight: 1 octet carrying the weight used for load-balancing
      purposes.

Maybe reference RFC 8402 for the weight semantics?  (Otherwise we have to guess whether a larger value means to send more traffic vs. less
traffic.)
[KT] Agreed. Fixed for similar comment also from Roman.

[Same comment about SHOULD/MUST for Reserved]
[KT] Fixed.

Section 2.2.2

[same comment about Weight and SHOULD/MUST for Reserved]
[KT] Fixed.

Do we want some IANA considerations and/or regisitry modifications to provide for any future BGP-LS Attribute TLVs that might be defined and be appropriate to include as sub-TLVs of the L2 Bundle Member Attribute TLV?
[KT] Not required since we don't maintain sub-TLV space registries for BGP-LS TLVs and they are all from a flat space.

Section 2.3.1

[same comment about SHOULD/MUST for Reserved]
[KT] Fixed.

Section 2.3.3

The figure says "4 or 6 octet Router-ID"; should that bt "4 or 16" to match the body text?
[KT] Fixed.

Section 2.3.4

[same comment about SHOULD/MUST for Reserved]
[KT] Fixed.

It's a little weird to blandly cite the OSPF document for the Range Size definition and expect that to plainly transfer over to the IS-IS case as well.  (Also, the linked document has three different usages for "Range Size"; I assume we mean the one in Section 4, "OSPF Extended  Prefix Range TLV", since it's the right width, but it might be worth stating
explicitly.)
[KT] Fixed with updated reference for each TLV section to be specific. Removed the specific reference to Range Size field since we've already identified the mapping TLVs for all 3 IGPs.

I didn't take the time to try to convince myself that the sub-TLV usage for prefix-to-SID mappings matches up with the statement that the length is "11 or 12 depending on Label or Index encoding of the SID", but I think the TLV overhead would push the length larger than 12.
[KT] I am not sure of what you mean by TLV overhead since there is no padding requirement in BGP for the TLVs/sub-TLVs.

Section 5

The links for "required security and authentication mechanisms" are a little surprising, as those documents are the segment-routing-extensions documents for IS-IS and OSPF, respectively, and do not define the mechamisms themselves, rather referring to other document for  the details of the security mechanisms.  Furthermore, there seem to only be SHOULD-level requirements for authentication mechanisms, and only in certain cases (and only in the OSPFv2 document).  So to say "the required mechanisms" here seems misleading, in that the set of *required* mechanisms seems to be the empty set.
[KT] This BGP-LS extension (on the same lines as base RFC7752) picks up information from underlying IGPs and propagating it via BGP-LS. The point of reference to the IGP specs for security considerations was to discuss the need to "secure" the source of the information via authentication and other security mechanisms of those underlying IGPs.

I always have a hard time accepting statements about "present no additional risk"; we are going from presenting "generic"
link-state/prefix/node information across the BGP-LS domain to additionally presenting information about the SR topology and segment location/identifiers.  So, one might concoct a scenario in which an attacker can learn about the internal SR configuration/topology based on the information conveyed by the mechanisms in  this document, which is in some sense an "additional risk".  That said, it is probably a minor one, given the expected scope of distribution.
[KT] In the next paragraph, we do discuss the "additional" aspects and so I've reworded this text to clarify this aspect.