IETF Logo Mail Archive

[Idr] RFC 4721 FSM - Clarification needed for optional attribute "PassiveTcpEstablishment"

Deniz Bahadir <deniz.bahadir@benocs.com> Mon, 19 October 2015 18:48 UTC

Return-Path: <deniz.bahadir@benocs.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEDB21A6FB6 for <idr@ietfa.amsl.com>; Mon, 19 Oct 2015 11:48:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b8XhkGsnpEbP for <idr@ietfa.amsl.com>; Mon, 19 Oct 2015 11:48:08 -0700 (PDT)
Received: from mail.benocs.com (mx-01.benocs.com [91.102.13.130]) by ietfa.amsl.com (Postfix) with ESMTP id 5AA401AD333 for <idr@ietf.org>; Mon, 19 Oct 2015 11:48:08 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.benocs.com (Postfix) with ESMTP id 852AC643239; Mon, 19 Oct 2015 20:48:07 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at benocs.com
Received: from mail.benocs.com ([127.0.0.1]) by localhost (mail.benocs.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l6IIEPnOihVo; Mon, 19 Oct 2015 20:48:05 +0200 (CEST)
Received: from [192.168.1.34] (unknown [192.168.1.34]) by mail.benocs.com (Postfix) with ESMTPSA id 9CA96643237 for <idr@ietf.org>; Mon, 19 Oct 2015 20:48:05 +0200 (CEST)
From: Deniz Bahadir <deniz.bahadir@benocs.com>
Organization: BENOCS GmbH
To: idr@ietf.org
Message-ID: <56253AE4.8020503@benocs.com>
Date: Mon, 19 Oct 2015 20:48:04 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/G1qPefqbCHlBPxaKjIoOiL3Lx9s>
Subject: [Idr] RFC 4721 FSM - Clarification needed for optional attribute "PassiveTcpEstablishment"
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: deniz.bahadir@benocs.com
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2015 18:48:11 -0000

Hello BGP-experts,

While re-reading the main BGP4 RFC (4271) and re-viewing my 
implementation (which I did some time ago) of the FSM described therein
I came across a question concerning the optional FSM-attribute 
"PassiveTcpEstablishment".

What is it really for?

My original interpretation of its meaning was, that it allows to 
configure the local BGP4-speaker to just listen for incoming connections 
from a BGP4-peer, instead of ever trying to actively initiate one.

I thought of this being a sensible interpretation as I could imagine 
some use-cases where it would be handy to just wait for incoming 
connections instead of trying to initiate one.

This would also comply with what was stated in its description. [1]

However, the description of the FSM-states made me rethink.

In state IDLE, if started with "PassiveTcpEstablishment enabled, via 
event 4 ("ManualStart_with_PassiveTcpEstablishment") or event 5 
("AutomaticStart_with_PassiveTcpEstablishment"), the FSM among other 
things starts the "ConnectRetryTimer" and transitions into state ACTIVE. [2]
Then, in state ACTIVE, the "ConnectRetryTimer" could run out and 
FSM-event 9 ("ConnectRetryTimer_Expires") would get triggered, which as 
a result _actively_ initiates a TCP-connection to the other BGP-peer and 
transitions into state CONNECT. [3]

So, if the FSM just has to wait long enough, it actively tries to 
initiate a TCP-connection whether "PassiveTcpEstablishment" was enabled 
or not.

So it seems, my original interpretation of the meaning of the optional 
FSM-attribute "PassiveTcpEstablishment" (as well as its description [1]) 
are not fully accurate.
Or the described handling of "ConnectRetryTimer_Expires" events in state 
ACTIVE [3] is missing some special behavior in case the 
"PassiveTcpEstablishment" is enabled.

Note: I wrote "special behavior" instead of "different behavior" because 
there might be some other ways to reach state ACTIVE and receive a 
"ConnectRetryTimer_Expires" event, even if started without 
"PassiveTcpEstablishment". E.g. by receiving event 18 
("TcpConnectionFails") in state CONNECT while the "DelayOpenTimer" was 
running, in which case the FSM would transition into state ACTIVE and 
could then receive the "ConnectRetryTimer_Expires" event. In that 
situation it would make sense to initiate a new TCP-connection to the 
peer and transition back to state CONNECT.

I hope, someone of you could clarify this situation and the meaning of 
"PassiveTcpEstablishment".

Thanks in advance,
Deniz Bahadir


References:

[1] Quote from pages 39 and 40, RFC 4271:

       Group 3: TCP processing

          Optional Session Attributes: PassiveTcpEstablishment,
                                       TrackTcpState

          Option 1:    PassiveTcpEstablishment

          Description: This option indicates that the BGP FSM will
                       passively wait for the remote BGP peer to
                       establish the BGP TCP connection.

          value:       TRUE or FALSE

          Option 2:    TrackTcpState
          [...]

[2] Quote from page 53, RFC 4271:

       In response to a ManualStart_with_PassiveTcpEstablishment event
       (Event 4) or AutomaticStart_with_PassiveTcpEstablishment event
       (Event 5), the local system:

         - initializes all BGP resources,

         - sets the ConnectRetryCounter to zero,

         - starts the ConnectRetryTimer with the initial value,

         - listens for a connection that may be initiated by the remote
           peer, and

         - changes its state to Active.

[3] Quote from page 59, RFC 4271:

       In response to a ConnectRetryTimer_Expires event (Event 9), the
       local system:

         - restarts the ConnectRetryTimer (with initial value),

         - initiates a TCP connection to the other BGP peer,

         - continues to listen for a TCP connection that may be initiated
           by a remote BGP peer, and

         - changes its state to Connect.

       The exact value of the ConnectRetryTimer is a local matter, but it
       SHOULD be sufficiently large to allow TCP initialization.


-- 
BENOCS GmbH
Dipl.-Inform. Deniz Bahadir
Winterfeldtstr. 21
10781 Berlin
Germany
Phone: +49 - 30 / 577 0004-22
Email: deniz.bahadir@benocs.com
www.benocs.com

Board of Management:
   Michael Wolz, Dr.-Ing. Oliver Holschke, Dr.-Ing. Ingmar Poese
Commercial Register: Amtsgericht Bonn HRB 19378

v2.23.0 | Report a Bug | By Email