Re: [Idr] Benjamin Kaduk's No Objection on draft-ietf-idr-bgp-optimal-route-reflection-25: (with COMMENT)

Robert Raszuk <robert@raszuk.net> Thu, 17 June 2021 09:46 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 124163A15FF for <idr@ietfa.amsl.com>; Thu, 17 Jun 2021 02:46:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yeQl8VZrXnxX for <idr@ietfa.amsl.com>; Thu, 17 Jun 2021 02:46:29 -0700 (PDT)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86AFF3A15FA for <idr@ietf.org>; Thu, 17 Jun 2021 02:46:28 -0700 (PDT)
Received: by mail-lj1-x22e.google.com with SMTP id n17so8101159ljg.2 for <idr@ietf.org>; Thu, 17 Jun 2021 02:46:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TcwblhbgQCcFgO6z60m3+X1duZi/yg5HVefN/7TOVng=; b=T2scAXoAS4egqgeVo92v/eOTx8yGzWWweEQfkTFXn16MSZCBAK9XPULv9jqkcjfHwK mRuKOEEqU2tqL58q2Ov+1zQ0SE6/Ix0j8GpQtZnFoTcRl0FqrQIEqFyCvUT2kIuOmEHY +DDscJSHeSzWAtUm8B1wL1iJwzz1z8DPMjcDyK1jnMvABhzDwZop1SfksTGRH+kPf/yS QhuOEocwRrHkFbkzE4gecrcE06yeBhCWV3ouZZEEkOapixhzbLOlh9AQpH3F2QlIKtZI vyp1ojQs/YmpJ0PaxKkfaznVLatUUGxTEa7XSzVTQIDCjyxnoCCZ+f0iNt0SAXhG7ngi SjWw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TcwblhbgQCcFgO6z60m3+X1duZi/yg5HVefN/7TOVng=; b=AK9XLgdfPKsnJHeCKfPTEv0voQPz3T658wJWsbSbh/i5TFku9bl3BTOWybg2KOjI+a fp2HKPPUjvw8b9e6S/kaKL2uVfIgJ6i2Hz2kcpwVeVUKvmg6V7/oLf6NFzqipCK/X1Du knkFK85qziv0+crTbWIKyFwwbT8DaTlEbBBI42J5L81c/chPrvBr7WsjGdBfWdqJ2ZL/ Ly2hNQRRqZQE3cgalqSuIw0cm5kiR2pNmi0VjBiwKD2gDHhnbz2WVBEMPdRZ8dKylG0H ez7RzfgUWx6AZ6J9jqMxVID5sOBnSA/tbIEZ9flqh+3TIEfjwmm9JIGuFjrtSPH9iWb/ otug==
X-Gm-Message-State: AOAM533hhm+Ec/IKdfe3uP5zftaDv7KPLjPWXKRc4zab0W/u1zvz+3/z FDq9uDYADXR8Ey8DOwbJTH6WqqjRkYEUL+VFH8l48Q==
X-Google-Smtp-Source: ABdhPJyfr2dkh1dRof5Lsv2k/Gxi2D504FoJOEMKCnSdfmgQPhknsc0M9ShDkwl5JhcCOrly8CP1aLSH+yeIzjzhSio=
X-Received: by 2002:a2e:5c42:: with SMTP id q63mr3845382ljb.23.1623923186159; Thu, 17 Jun 2021 02:46:26 -0700 (PDT)
MIME-Version: 1.0
References: <162386038468.2054.10058025206181569780@ietfa.amsl.com> <CAOj+MMF+kZYv6Gp9s7xGUkcKR7SQCxZdfQtWnhvaZK1nzBCPGA@mail.gmail.com> <2802f70e-a5f7-aef3-8979-c0b68dfffe69@foobar.org>
In-Reply-To: <2802f70e-a5f7-aef3-8979-c0b68dfffe69@foobar.org>
From: Robert Raszuk <robert@raszuk.net>
Date: Thu, 17 Jun 2021 11:46:15 +0200
Message-ID: <CAOj+MMG==ErnFVa-hc8kkYHvMf0e69UYDyMvkpWmqx=m7cQj_Q@mail.gmail.com>
To: Nick Hilliard <nick@foobar.org>
Cc: Benjamin Kaduk <kaduk@mit.edu>, draft-ietf-idr-bgp-optimal-route-reflection@ietf.org, "idr@ietf. org" <idr@ietf.org>, idr-chairs <idr-chairs@ietf.org>, The IESG <iesg@ietf.org>, Susan Hares <shares@ndzh.com>
Content-Type: multipart/alternative; boundary="000000000000a765c705c4f314f6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/I0xT2ILvFNhexDUajZDQ0ZTbgVw>
Subject: Re: [Idr] Benjamin Kaduk's No Objection on draft-ietf-idr-bgp-optimal-route-reflection-25: (with COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jun 2021 09:46:34 -0000

Hi Nick,

I am not sure if use of special keywords applies to deployment
consideration sections or not. I was under impression that they do hence
original SHOULD changed to MUST, however if there is consensus that it does
not I am more then happy to change it to lower case must or for that matter
replace IETF keywords with some other wording to make it not controversial.

We are also discussing with authors if this sentence deserves a bit more
clarity to narrow down the applicability scope. The point being as
correctly pointed out by Bruno that network can be global and one region
may deploy ORR and other may not and nothing will break.

Many thx,
Robert


On Thu, Jun 17, 2021 at 9:50 AM Nick Hilliard <nick@foobar.org> wrote:

> Robert Raszuk wrote on 16/06/2021 19:38:
> > Great catch on SHOULD vs MUST !  Changed.
>
> there's no compelling need to change this - it's operational advice, not
> part of the protocol spec.  As it's operational advice, a) no-one will
> read the rfc, but if they do there are already enough warning signs in
> place and b) if it's ignored, the network won't work properly anyway.
> An operational guidelines RFC may be useful here.
>
> Nick
>
> > On the point regarding the Security Considerations  section 5 the
> > inconsistent policies would only be of a problem in those networks which
> > do not encapsulate packets in some way between ingress and egress. So to
> > restate this the significant portion of Deployment Considerations would
> > have to be repeated. Also while clearly a valid point in regards to
> > routing correctness it is debatable if this is a security risk as such
> > even if policy would be completely wrong between participating route
> > reflectors.
> >
> > Regarding moving referencing of RFC7911 to normative let's observe that
> > it may be required only in one specific deployment scenario of using
> > multiple clusters in non encapsulating networks for IPv4/IPv6 AFs. It is
> > clearly not required for other deployment models of BGP ORR. Therefore I
> > am not sure if it deserves the elevated level of referencing in the
> > document. But if the above use is a sufficient reason to treat it as
> > normative reference I personally have no problem moving it.
> >
> > All other NITS were fixed. Thank you so much for help in spotting those
> > unclear sentences.
> >
> > I will be posting the next version shortly.
> >
> > Kind regards,
> > Robert,
> >
> >
> > On Wed, Jun 16, 2021 at 6:19 PM Benjamin Kaduk via Datatracker
> > <noreply@ietf.org <mailto:noreply@ietf.org>> wrote:
> >
> >     Benjamin Kaduk has entered the following ballot position for
> >     draft-ietf-idr-bgp-optimal-route-reflection-25: No Objection
> >
> >     When responding, please keep the subject line intact and reply to all
> >     email addresses included in the To and CC lines. (Feel free to cut
> this
> >     introductory paragraph, however.)
> >
> >
> >     Please refer to
> >     https://www.ietf.org/iesg/statement/discuss-criteria.html
> >     for more information about DISCUSS and COMMENT positions.
> >
> >
> >     The document, along with other ballot positions, can be found here:
> >
> https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-optimal-route-reflection/
> >
> >
> >
> >
>  ----------------------------------------------------------------------
> >     COMMENT:
> >
>  ----------------------------------------------------------------------
> >
> >     Thank you for this document; it gives a clear explanation of what is
> to
> >     be done and why, and I basically only have nit-level comments, with
> the
> >     exception of the first remark.
> >
> >     Section 4
> >
> >         This solution can be deployed in traditional hop-by-hop
> forwarding
> >         networks as well as in end-to-end tunneled environments.  In
> >     networks
> >         where there are multiple route reflectors and hop-by-hop
> forwarding
> >         without encapsulation, such optimizations SHOULD be consistently
> >         enabled on all route reflectors.  Otherwise, clients may receive
> an
> >         inconsistent view of the network, in turn leading to intra-domain
> >         forwarding loops.
> >
> >     The scope of "forwarding loops" as a potential problem makes me
> wonder
> >     if the "SHOULD"-level requirement for this avoidance mechanism is the
> >     right choice.
> >
> >     Section 5
> >
> >     Thank you for accepting the wording suggestion from Roman; it's a
> good
> >     improvement.
> >
> >     I might consider reiterating that there are risks if multiple route
> >     reflectors are present but using different policy/procedures, though
> the
> >     earlier discussion may suffice.
> >
> >     Section 9.2
> >
> >     Whether RFC 7911 should be normative or informative seems potentially
> >     subject to debate, if deployment of add-path is required in order for
> >     correct operation of optimal route reflectors.
> >
> >     NITS
> >
> >                                                          This ability
> >     enables
> >         the route reflector to send to a given set of clients routes with
> >         shortest distance to the next hops from the position of the
> selected
> >         IGP location.  [...]
> >
> >     This feels a bit like a garden-path sentence that makes the reader
> >     backtrack to fix their parse tree; commas around "to a given set of
> >     clients" might help but a more substantive restructuring might be
> >     preferred.
> >
> >                        This provides for freedom of route reflector
> physical
> >         location, and allows transient or permanent migration of this
> >     network
> >         control plane function to an arbitrary location.
> >
> >     Pedantically, such a migration seems like it would always have been
> >     possible, just with a potentially significant impact on performance
> and
> >     route quality; I'd suggest appending a phrase such as "with
> negligible
> >     impact on performance".
> >
> >         The choice of specific granularity (route reflector, set of
> clients,
> >         or client) is configured by the network operator.  An
> implementation
> >         is considered compliant with this document if it supports at
> least
> >         one listed grouping of IGP location.
> >
> >     It's not entirely clear to me how a "listed grouping of IGP location"
> >     maps to the previous text.
> >
> >     Section 3.2
> >
> >         If the required routing optimization is limited to the IGP cost
> to
> >         the BGP Next-Hop, only step e) and below as defined [RFC4271]
> >     section
> >         9.1.2.2, needs to be run multiple times.
> >
> >     I think maybe s/and below/and subsequent steps/, and s/as defined/as
> >     defined in/.
> >
> >     Section 4
> >
> >         route reflectors.  More specifically, the choice of BGP path
> factors
> >         in either the IGP cost between the client and the NEXT_HOP
> (rather
> >
> >     I suggest s/factors in/takes into account/, since "factors in" is
> >     something of a colloquialism.
> >
> >         Modifying the IGP location of BGP ORR does not interfere with
> >         policies enforced before IGP tie-breaking (step e) in the BGP
> >         Decision Process Route.
> >
> >     I think "step e" has to be scoped to §9.1.2.2 of RFC 4271.
> >
> >
> Similarly, if
> >         an IGP location is selected for the whole routing instance, the
> >         lowest precision is achieved, but the performance impact is
> minimal
> >         (both should be equal to the [RFC4456] ones).  [...]
> >
> >     The phrasing in the parenthetical seems surpising to me -- what does
> >     "both" refer to?  I can only see the one "performance of the
> >     single-IGP-location-for-the-whole-routing-instance" situation, which
> of
> >     course should have equivalent performance to the stock RFC 4456 case.
> >
> >     Section 5
> >
> >         This extension provides a new metric value using additional
> >         information for computing routes for BGP router reflectors.
> While
> >
> >     s/router/route/
> >
> >
> >
> >
> >
> > _______________________________________________
> > Idr mailing list
> > Idr@ietf.org
> > https://www.ietf.org/mailman/listinfo/idr
> >
>