Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)

Aijun Wang <> Mon, 15 February 2021 23:42 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 57E283A1322 for <>; Mon, 15 Feb 2021 15:42:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id o_3zF5ytzSZ3 for <>; Mon, 15 Feb 2021 15:42:15 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0EAD23A1317 for <>; Mon, 15 Feb 2021 15:42:14 -0800 (PST)
Received: from [] (unknown []) by (Hmail) with ESMTPA id D2C151C00A1; Tue, 16 Feb 2021 07:42:09 +0800 (CST)
Content-Type: multipart/alternative; boundary="Apple-Mail-6A1735D8-73AF-461E-B958-6EBA1ACFAB33"
Content-Transfer-Encoding: 7bit
From: Aijun Wang <>
Mime-Version: 1.0 (1.0)
Date: Tue, 16 Feb 2021 07:42:08 +0800
Message-Id: <>
References: <>
Cc: Robert Raszuk <>,, Susan Hares <>
In-Reply-To: <>
To: "Jakob Heitz (jheitz)" <>
X-Mailer: iPhone Mail (18D52)
X-HM-Tid: 0a77a812a3cad993kuwsd2c151c00a1
Archived-At: <>
Subject: Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 15 Feb 2021 23:42:18 -0000

Hi, Jakob:
I think you have get the key difference between RD-ORF and RTC, but as described in, the removal of RD-ORF need the intervention of the operators.  It will not roll back automatically.

As said before, you can consider RD-ORF as the mechanism of “Spray System” to extinguish the fire. After their action, the house holder find the reason of fire and return normal by manual.

Using RT-Constraint, all of the “Spray Systems” will reaction but there maybe only the temperature of one house is high.

Aijun Wang
China Telecom

> On Feb 16, 2021, at 03:32, Jakob Heitz (jheitz) <> wrote:
> There's an important difference between rd-orf and RT constraint.
> RT-constraint is a POSITIVE filter.
> Rd-orf is a NEGATIVE filter.
> RT-constraint says :give me X.
> Rd-orf says: withhold X.
> What's the difference?
> Suppose you are an RR and getting the same rd-orf from all your clients.
> Then you can propagate the rd-orf back to the source of the routes.
> Consider what happens when a new client comes up,
> The new client has not (yet) sent the rd-orf.
> Therefore you have to retract the rd-orf from the route source to which you propagated it.
> The next router on the way to the source may be an ASBR.
> It also has to retract the rd-orf it propagated.
> And so on.
> Then the new client sends the rd-orf.
> Now you have to propagate it again.
> and so on.
> That's a lot of churn.
> This churn does not happen with RT-constraint.
> Regards,
> Jakob.
> From: Idr <> On Behalf Of Robert Raszuk
> Sent: Sunday, February 14, 2021 3:38 PM
> To: Aijun Wang <>
> Cc: idr@ietf. org <>; Susan Hares <>
> Subject: Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)
> Hello Aijun,
> I have been re-thinking over a weekend this entire discussion. 
> I think I have a suggestion for you which addresses my concerns and I believe also addresses yours (and your co-authors) requirements. 
> As I said number of times I still suggest we do not send RD to filter. Instead we send tuple RD+RTs and only filter VPN routes on logical AND of all (all as there can be more then one RT importing given route therefore we need to include intersection of local import RTs and RTs carried with "offending" routes). 
> And to make this easily transitive I recommend we just define a new SAFI for it. We can call it RTC+ or Enhanced RTC as examples. Syntax would be identical to RTC, semantics opposite. Today RTC defines RTs which PEs need. Here we would signal description of subset of those which are "excessive" to be dropped on the peer. 
> Sending it with ORF say RDRT-ORD (while works p2p)  I do not buy this implicit regeneration hack say at RRs, RRs doing option C or ASBRs performing option B. So sending it in new SAFI IMHO would be much cleaner. 
> Just a thought how we could perhaps move forward here. 
> Kind regards,
> Robert
> On Sat, Feb 13, 2021 at 3:32 AM Aijun Wang <> wrote:
> Hi, Susan:
> Thanks for your suggestions. More responses from the operators are welcome!
> We think this mechanism can let the network cope with dynamically the extraordinary scenarios for VPN routes advertisement, especially the inter-AS Option B/C scenarios. 
> This can certainly encourage the widespread deployment of inter-AS option B/C solution(especially for EVPN/VXLAN, EVPN/SRv6) increase the VPN services coverage and revenue of the operators.
> There may be some details procedures and device behaviors need to be clarified further, but this is not unsolvable, considering there are so many experts within IDR WG.
> Thanks Robert, Jakob, Jim and Acee for the technical challenges to let us/IDRer understand the solution more clearly.
> Aijun Wang
> China Telecom