IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-chen-idr-asloop-aggr-00.txt

Enke Chen <enchen@paloaltonetworks.com> Mon, 18 October 2021 19:16 UTC

Return-Path: <enchen@paloaltonetworks.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D44F23A040D for <idr@ietfa.amsl.com>; Mon, 18 Oct 2021 12:16:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.994
X-Spam-Level:
X-Spam-Status: No, score=-1.994 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=paloaltonetworks.com header.b=MgI9GhH/; dkim=pass (2048-bit key) header.d=paloaltonetworks-com.20210112.gappssmtp.com header.b=qoRvdhMc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8jJOgU98XqAm for <idr@ietfa.amsl.com>; Mon, 18 Oct 2021 12:16:22 -0700 (PDT)
Received: from mx0a-00169c01.pphosted.com (mx0a-00169c01.pphosted.com [67.231.148.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C4BC3A047D for <idr@ietf.org>; Mon, 18 Oct 2021 12:16:22 -0700 (PDT)
Received: from pps.filterd (m0281123.ppops.net [127.0.0.1]) by mx0b-00169c01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 19IGFX6M020802 for <idr@ietf.org>; Mon, 18 Oct 2021 12:16:21 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paloaltonetworks.com; h=mime-version : references : in-reply-to : from : date : message-id : subject : to : cc : content-type; s=PPS12012017; bh=KKKfN/jwP2WZoJC5SPyo3luANXDCz+OIFnsY3Sk25xE=; b=MgI9GhH/X/Vf4B9CzwS2P9t2ZGr0vZsy3rUzoI2cAx5W4rTKQZ/Kf6dhkonrOlvk5I5E JCzI1z+HnznZ3BORKFj3xtKHl1SM8IuK6sl3hadW5HvvHZGLsKy9+icEhoiRjzoaVHDr pSvWJcHOItaNHPewB36s2ky9Y6O5yMBFO+s5t6KvJvAg5nAiAe0icriz2I26mMWnQoHZ pwDjzPGhqb3Gt4cSD3RBiyUf3uxPRsCUdAA5zx7Y6GpoQ3cjhgwN+dG49KfM8rBbvjni fikCoCkj0Bfc7Bkuy+ioOEsNpphGu9FNPNsYnsOCDpejbL0kQyVpWdzq34KuneqW+o+E xA==
Received: from mail-lj1-f200.google.com (mail-lj1-f200.google.com [209.85.208.200]) by mx0b-00169c01.pphosted.com with ESMTP id 3brtedkx6x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <idr@ietf.org>; Mon, 18 Oct 2021 12:16:21 -0700
Received: by mail-lj1-f200.google.com with SMTP id 136-20020a2e098e000000b002110b902242so218765ljj.20 for <idr@ietf.org>; Mon, 18 Oct 2021 12:16:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paloaltonetworks-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KKKfN/jwP2WZoJC5SPyo3luANXDCz+OIFnsY3Sk25xE=; b=qoRvdhMcc9DJ9iRJ7pc4fbYvb3jY+DKIqaKZEVjnbErg/qNedLZHyTu1RJxv+mhPjh /GLRZJ//KdmTsARqIjPU8kLK5PMrbkG4WZTq88ZKqM/rIqBh1xDVtifq5S/n8+JDQk6i Xj3LDuUi2jiLP2Qo85NoKavoE24wLFoqhsXojLnFjQlLCcQ8JfRdonLGE9f5RPESV1Cx QigqTPJJe1H0qpyQjyIXZMRt5h5AAe9gkCQYkKpo8pExh0/Qhvot150N7PbIFj2Z+8s6 Zhm87NqmOPhbM/L3vjtIKZ8Niy+PTTgDUZJUWqkRcbuEI3j3iICRv9MORMsQocekElRb PVcA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KKKfN/jwP2WZoJC5SPyo3luANXDCz+OIFnsY3Sk25xE=; b=vXKKAemmN+5TUHy9Z3RCSkjqatBugVoBzd5BRqQQyxoG2zHayu8wyFDCGEuaBrLpPP p8lrbxirblCR0wJga2Se8q6sbuDA6iu9n4qbbZ543DpTbERjNq3lluWGrRXXO0zTPwPJ hM1IZ5IxwmSopMavpOPgroDMJyQElPSPdf/wgplOkIGP6O+EI2FLgaJMNGgsXKF7Y9D/ //VsmPAVSIqoHrPfJ93FHdPG+gsOHH9oSe6rAZmlJbnGrkiDP753zHG9ahFvo+HgkjSm 90pYbAa/LteENmKbSGykTUn2YsNkMi1nnV3OeE3TPvnGyuMo0pyRrwpubVScwptRNt2Z 7N4g==
X-Gm-Message-State: AOAM532C8I3mnYnDkqFW4sLyyaO7c4mdeU+QFH8PLUq7v2xDGAvlgVkX BE1i18EljGj61j3At6gRMWJ5fS6Lh3Z++/gZ5ldHL5NZe7GRQ89QJsSkJeCsiJUeTohhXwDGv2z R8aDSzVYiXV4wjCVXCxM=
X-Received: by 2002:a05:6512:3502:: with SMTP id h2mr1545116lfs.314.1634584578987; Mon, 18 Oct 2021 12:16:18 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzWwWUgmEqjRHzxLS5z14hMraJIYkzhydp45/AD6xNZ0ExrUhSLRUeqJ27yPIwypF+VsyC1m3QMl2SoQ7UWKJI=
X-Received: by 2002:a05:6512:3502:: with SMTP id h2mr1545090lfs.314.1634584578717; Mon, 18 Oct 2021 12:16:18 -0700 (PDT)
MIME-Version: 1.0
References: <163458093219.3621.7765724720864471412@ietfa.amsl.com> <CAOj+MMHm0t4UfPQ88S6fGW=PkRK1H50ODQc1fbbQ3oqVcN6-xw@mail.gmail.com>
In-Reply-To: <CAOj+MMHm0t4UfPQ88S6fGW=PkRK1H50ODQc1fbbQ3oqVcN6-xw@mail.gmail.com>
From: Enke Chen <enchen@paloaltonetworks.com>
Date: Mon, 18 Oct 2021 12:16:07 -0700
Message-ID: <CANJ8pZ-eq=MHehH=B8nJnD=zT-=21YrG748r3+TCHWuzEisEMw@mail.gmail.com>
To: Robert Raszuk <robert@raszuk.net>
Cc: Stefan Olofsson <stefan@graphiant.com>, "idr@ietf. org" <idr@ietf.org>, Enke Chen <enchen@paloaltonetworks.com>
Content-Type: multipart/alternative; boundary="0000000000002bd4e205cea561e4"
X-Proofpoint-GUID: hHhKRbVGrXnbM-BTNH_tc_hrEWRZghbv
X-Proofpoint-ORIG-GUID: hHhKRbVGrXnbM-BTNH_tc_hrEWRZghbv
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475 definitions=2021-10-18_07,2021-10-18_01,2020-04-07_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 impostorscore=0 mlxscore=0 suspectscore=0 mlxlogscore=847 lowpriorityscore=0 adultscore=0 phishscore=0 clxscore=1011 bulkscore=0 malwarescore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2109230001 definitions=main-2110180107
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/G18kFYK8QjsFzltkljiN36MR3SM>
Subject: Re: [Idr] I-D Action: draft-chen-idr-asloop-aggr-00.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Oct 2021 19:16:28 -0000

Hi, Robert:

Thank you for your comments. Please see my replies below.

> Actually RFC6472 goes much further - it discourages use of aggregation
from atomic routes.

Regardless, BGP aggregation may continue to exist (Internet and/or
enterprise) for a long time, given how long it has existed and how much
training materials are there.

> Furthermore, isn't the problem you are actually facing very easy to
mitigate by use of different (even private) ASNs in customer's sites ?

Wouldn't it be better to mitigate from the source (i.e., protocol) so there
would be one less thing for people to worry about?

> The draft is silent on the use case for such essentially significant
and unconditional protocol change.
> I hope we are talking about multiple sites - not a single site trying to
learn the aggregate containing its own range.

Yes, multiple sites / networks.

> To me in the light of RFC6472 and all SIDR discussions around it this
draft is trying to move in quite the opposite direction.

IMO, RFC6472 ("not-to-use") is the eventual goal. This proposal is to
provide immediate/current simplification for network operation (Internet
and/or enterprise). I don't see any conflict.

-- Enke

On Mon, Oct 18, 2021 at 11:43 AM Robert Raszuk <robert@raszuk.net> wrote:

> Hi Enke & Stefan,
>
> I have few observations on this draft:
>
> You say:
>
>    Although BCP 172 [RFC6472] makes a recommendation for not using the
>    AS_SET path segment in BGP, the AS_SET path segment may remain in use
>    for a long time.
>
> Actually RFC6472 goes much further - it discourages use of aggregation
> from atomic routes.
>
> Furthermore, isn't the problem you are actually facing very easy to
> mitigate by use of different (even private) ASNs in customer's sites ?
>
> The draft is silent on the use case for such essentially significant
> and unconditional protocol change.
>
> I hope we are talking about multiple sites - not a single site trying to
> learn the aggregate containing its own range.
>
> To me in the light of RFC6472 and all SIDR discussions around it this
> draft is trying to move in quite the opposite direction.
>
> Cheers,
> Robert
>
> ---------- Forwarded message ---------
> From: <internet-drafts@ietf.org>
> Date: Mon, Oct 18, 2021 at 8:15 PM
> Subject: I-D Action: draft-chen-idr-asloop-aggr-00.txt
> To: <i-d-announce@ietf.org>
>
>
>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
>
>
>         Title           : Relax the AS Loop Detection for Aggregates in BGP
>         Authors         : Enke Chen
>                           Stefan Olofsson
>         Filename        : draft-chen-idr-asloop-aggr-00.txt
>         Pages           : 4
>         Date            : 2021-10-18
>
> Abstract:
>    Currently an BGP aggregate may be denied or excluded by the AS loop
>    detection mechanism when a more specific, contributing route contains
>    the local AS number.  To help enhance network robustness and simplify
>    network operations, in this document we propose that the AS loop
>    detection be relaxed for aggregates with an AS_SET path segment.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-chen-idr-asloop-aggr/
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dchen-2Didr-2Dasloop-2Daggr_&d=DwMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OPLTTSu-451-QhDoSINhI2xYdwiMmfF5A2l8luvN11E&m=T_xcng-oorVtQ15en_EiOfUtR57jJpXGD_eXZHBAP2w&s=54ussX6B8_-A3VyRuC_Gi08lw8HapbWwsRJdn7CxSBc&e=>
>
> There is also an htmlized version available at:
> https://datatracker.ietf.org/doc/html/draft-chen-idr-asloop-aggr-00
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_html_draft-2Dchen-2Didr-2Dasloop-2Daggr-2D00&d=DwMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OPLTTSu-451-QhDoSINhI2xYdwiMmfF5A2l8luvN11E&m=T_xcng-oorVtQ15en_EiOfUtR57jJpXGD_eXZHBAP2w&s=e4OTI8zgXCY0hTK7rnRn_8XLi6yoGun6f7UPIpmalZo&e=>
>
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> <https://urldefense.proofpoint.com/v2/url?u=ftp-3A__ftp.ietf.org_internet-2Ddrafts_&d=DwMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OPLTTSu-451-QhDoSINhI2xYdwiMmfF5A2l8luvN11E&m=T_xcng-oorVtQ15en_EiOfUtR57jJpXGD_eXZHBAP2w&s=dLm1FtWzLj6mE-5dm1rmsD044hrvUICba6Sz0fdAktQ&e=>
>
>
> _______________________________________________
> I-D-Announce mailing list
> I-D-Announce@ietf.org
> https://www.ietf.org/mailman/listinfo/i-d-announce
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_i-2Dd-2Dannounce&d=DwMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OPLTTSu-451-QhDoSINhI2xYdwiMmfF5A2l8luvN11E&m=T_xcng-oorVtQ15en_EiOfUtR57jJpXGD_eXZHBAP2w&s=tBx-YXWDZXWatwUAAkrZQ85LbX_A3qpX1PU7yQXpGUo&e=>
> Internet-Draft directories: http://www.ietf.org/shadow.html
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ietf.org_shadow.html&d=DwMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OPLTTSu-451-QhDoSINhI2xYdwiMmfF5A2l8luvN11E&m=T_xcng-oorVtQ15en_EiOfUtR57jJpXGD_eXZHBAP2w&s=guMJ7Wovvl8Cgvb1LTnQ4PeLMIRU2vnVCGp9xweGtVc&e=>
> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> <https://urldefense.proofpoint.com/v2/url?u=ftp-3A__ftp.ietf.org_ietf_1shadow-2Dsites.txt&d=DwMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=OPLTTSu-451-QhDoSINhI2xYdwiMmfF5A2l8luvN11E&m=T_xcng-oorVtQ15en_EiOfUtR57jJpXGD_eXZHBAP2w&s=829zSl7wTwqYbVvDWdce7358g3MlKKqTviDgJhOQl_I&e=>
>

v2.23.0 | Report a Bug | By Email