Re: [Idr] Yangdoctors early review of draft-ietf-idr-bgp-model-09
"Acee Lindem (acee)" <acee@cisco.com> Tue, 03 November 2020 16:21 UTC
Return-Path: <acee@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C11183A0D94; Tue, 3 Nov 2020 08:21:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=mxlpeUpu; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=EmITZKOJ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KxCH0LWJ2dDz; Tue, 3 Nov 2020 08:21:25 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 374153A0D86; Tue, 3 Nov 2020 08:21:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=12144; q=dns/txt; s=iport; t=1604420485; x=1605630085; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=A9LWZkNtP9HYx93Y6Bv9zA7fOOny/kLo0KwyX09MUvU=; b=mxlpeUpuWGHAZkrFhTp0xICeVTLzLAbjITrC7qQ1RKiwPrG4ddqCMjpI xPokbDC9GqlwliUuMbBGcGv8Dn+jiDiX86xcD+YyLTD8sYZmkySW7C9sd MxFCXvXbCiLA3lRp/NcEWH+RpyQgkr1zeMfcTBhmnchH6DQbT3ouP6k33 k=;
IronPort-PHdr: 9a23:ZxwhZRcJeLexZmBJoPMAgoEFlGMj4e+mNxMJ6pchl7NFe7ii+JKnJkHE+PFxlwaQB9fD5ehPze3MvPOoVW8B5MOHt3YPONxJWgQegMob1wonHIaeCEL9IfKrCk5yHMlLWFJ/uX3uN09TFZXmaUfZ5Hqo4m1aFhD2LwEgIOPzF8bbhNi20Obn/ZrVbk1IiTOxbKk0Ig+xqFDat9Idhs1pLaNixw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CAAQDygqFf/5FdJa1iHAEBAQEBAQcBARIBAQQEAQFAgT4EAQELAYFRIy4HcFkvLgqEM4NJA40pJph/glMDVAsBAQENAQElCAIEAQGESgIXgXMCJTcGDgIDAQELAQEFAQEBAgEGBHGFYQyFcgEBAQECARIRBA0MAQElEgEPAgEIDgoCAiYCAgIwFRACBAENBRQOgwQBgksDDiABDqUSAoE7iGh2fzODBAEBBYUDGIIQAwaBDioBgnGDcYZXG4IAgREnDBCCTz6EPoMXM4IKIpNkh0GLZJEbCoJtmwkDH4MYihKUQpNNoEQCBAIEBQIOAQEFgWokgVdwFTsqAYI+UBcCDY4fDAUSg06FFIVDAXQCNgIGAQkBAQMJfIsILYEGAYEQAQE
X-IronPort-AV: E=Sophos;i="5.77,448,1596499200"; d="scan'208";a="579710552"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 03 Nov 2020 16:21:24 +0000
Received: from XCH-ALN-003.cisco.com (xch-aln-003.cisco.com [173.36.7.13]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 0A3GLNdU005109 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 3 Nov 2020 16:21:24 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-ALN-003.cisco.com (173.36.7.13) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 3 Nov 2020 10:21:23 -0600
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 3 Nov 2020 11:21:23 -0500
Received: from NAM04-BN8-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Tue, 3 Nov 2020 10:21:22 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SvTXAm8SlyX9PbQiBMiJ6edC+40KxHjjtP36Tdwqc1SUiMddGgxmxrDjHF/CZgjud5J11INnjDde3ShSQqivnqrMwCZ9Ru16Aa02JeEtVyR8fmgCX/7RhuS/P2xMDyYP66nE0nuD5IbettEIIg1iukr1hBIpS2NHLkF6ETcKE1o88XoREkaFOCpfX6tsztwDJX1S6ybyGdTrI//dlgBH6pJ8MeQsN9d2tSwvInv0ZQsGmhgi1rseF6bUe3YWkFO4X1yEsMkCBNSUPJhkUw4dIf1KQLKgFHY1UvFwwvDL3hk/thT6+rax9RjPvTLMNgJipSr2t6Gru54JlEy4HEse5A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=A9LWZkNtP9HYx93Y6Bv9zA7fOOny/kLo0KwyX09MUvU=; b=FPUogD9ankunycIEydae5A4Djoy0reGbc3lNyV6B+McxJA+mIoK9xqFenISjaJDQE+7DCp8KLQjGVapW6Rbfjxe5FHddQt7ciMjoth/tTF+foY+myqRRwvDhitlmdPzIf9n+ZZQcKI2ev1UYS2hIYq0RgqQb+XotXF623RHXTbWkNnY2/IKVLIEq+Z+JOA1nXRen5kpe0PPQ+JouzhYzfC41ZmWYWcirDXQKTgm1DBiQ+m5K1/IPTQmMf/LLMrbGiJleRyCcdJUNw5RTReqsNemL+tn+z0fcnfQDkSLHU5OpKtswL3cBeOX/ybQc1Pb/1oBShAkCvM/XuTX6ex1kWg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=A9LWZkNtP9HYx93Y6Bv9zA7fOOny/kLo0KwyX09MUvU=; b=EmITZKOJvrmP/FL8LieXZzYbkAGlyOT9kpMRFgWEHpDzop0aLqeWyQEtn78bT3eoc2o75UOdYjdFjDNi2BU37ILbvQ/xjXAvTHo/3RN2jHnNaI8JrvVRTMYyoV3cyuqMM+OEcTUDeEuB5tk1a7OFiynLLd2NCwCZDWl6RXumkWU=
Received: from BYAPR11MB2887.namprd11.prod.outlook.com (2603:10b6:a03:89::27) by BYAPR11MB2885.namprd11.prod.outlook.com (2603:10b6:a03:87::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.29; Tue, 3 Nov 2020 16:21:21 +0000
Received: from BYAPR11MB2887.namprd11.prod.outlook.com ([fe80::1ddc:cdb4:32cc:f078]) by BYAPR11MB2887.namprd11.prod.outlook.com ([fe80::1ddc:cdb4:32cc:f078%3]) with mapi id 15.20.3499.032; Tue, 3 Nov 2020 16:21:21 +0000
From: "Acee Lindem (acee)" <acee@cisco.com>
To: Jeffrey Haas <jhaas@pfrc.org>, Mahesh Jethanandani <mjethanandani@gmail.com>
CC: "yang-doctors@ietf.org" <yang-doctors@ietf.org>, "idr@ietf.org" <idr@ietf.org>, "draft-ietf-idr-bgp-model.all@ietf.org" <draft-ietf-idr-bgp-model.all@ietf.org>
Thread-Topic: Yangdoctors early review of draft-ietf-idr-bgp-model-09
Thread-Index: AQHWrK1HDq/43utkvkeS6SL+j9IYuam1m3cAgACyFYA=
Date: Tue, 03 Nov 2020 16:21:21 +0000
Message-ID: <87F808A5-C5E9-4E14-8426-432D24B2A3B3@cisco.com>
References: <159752099321.32075.3042069364754449151@ietfa.amsl.com> <CFC9CFFA-2933-4A59-A6BB-BBA90D65EC16@gmail.com> <20201103004356.GB28060@pfrc.org>
In-Reply-To: <20201103004356.GB28060@pfrc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.42.20101102
authentication-results: pfrc.org; dkim=none (message not signed) header.d=none;pfrc.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [136.56.133.70]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: df154a72-ac75-4fe3-c336-08d88014809e
x-ms-traffictypediagnostic: BYAPR11MB2885:
x-microsoft-antispam-prvs: <BYAPR11MB288587F80E062CB19612CC2AC2110@BYAPR11MB2885.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 8+xEh/Su52sbhUdToLC02QKArXEP7WHmfNAplyCcmGWzBrbA+N9Z/nsMs1yQr3PvaSvRIm0Mx1vVmru3vWSOyAq0UHuFJYoYzDwr2X38z/DL0CmTmA7et5z/R3KnXkX6FM6LRiRQcW05V2XxiKNXuvvDzlG8paSV4EpSeXmZEr8Xjwcv2A3i3Rwr+Dw2n4VPO5Bx5KfZ8+8R6EZdmCgi/YXYa2qZs6ivJ61cPKl9thfzxAh5GX0adOyhooTh9UKCBCer+HegfZ3oxKlHVMqgnw6W3/hsGZib9OyrdvpTD5c+68xBc3Ykke6ZjnEV5VFdTjD1AhokjIfMDQkdOw6MzxYDOrOsntlY2LBu7FdaVXLKztCjQ/+84Lb3f020xt17aCZtVGU/CQwlYYEq2lGisVydnYgQg3u2d1YQAgChYlL7TBMT3cCbG2y9GrqIwhWfsNGiygKQ94p/wZ2L5XOpmQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR11MB2887.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(39860400002)(136003)(376002)(396003)(346002)(64756008)(83380400001)(76116006)(66476007)(66446008)(66556008)(66946007)(6512007)(71200400001)(6486002)(4326008)(966005)(2616005)(86362001)(26005)(8676002)(110136005)(186003)(5660300002)(33656002)(2906002)(478600001)(316002)(6506007)(36756003)(8936002)(54906003)(359044002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ZdY3cZdlApa+crW5jyxdVnTJ657oryQupnYeYCPLdQ9gkwozAaUDbbcKsWwBLcULNLAVV+VpXwmeNL0XaTv0QYDE0h8kUSkwMIQm/svbbb1X2KrWWvHExpg3dm4Ubv4aVFMaJhGV7jWSjUFC0GxGJ9xNfNjfsC+fFGw3dSpPBhYBYAyNuQSumMBfgzFan0WJrz2mR4ljAiPzZzCb1CSflbH8rwYDWU8Y82Jd+mByvfrdXublFMo6N4o4lU1FGL8u8EB1jgJGtXiJ4pUJlpBoYFplDpQZwNQ0+yoTX6nScYsuFu7Kh8MqswnutxXuduoetOnIGXp4ipAb8VMx3H6rNeXjhltBEDefZP9cAWkmXBlSmI0+pWbDD8TqP6uTUoNIFnKoD42uiuHY50bWxiw0bfSRCfLQH0HXllGiP38EZNR1ucCbZM2s5q6QTszF7dBhO4WgUk45eGcDLHfBqsQehHRchClka6ZgU6PTGN2aX77gBZrQQEGDO8eZRc1j10SBBlzQCNR15MRRfQPenCh93ZLyCx6FT7JTQlSnPdNe/KZLC85Rf7mH1bObG71lA4L+HEz3WvqKZcbhjCS5yYGj3ohULAvY0HzazAcBJc+nt6CX2CpJqFdnpXfrlhFkYkGIbE1j24l2JtKF6FPIdgV+Qw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <DA4087A3F87F7E43B1484CD174A75A5D@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR11MB2887.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: df154a72-ac75-4fe3-c336-08d88014809e
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Nov 2020 16:21:21.7785 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: t6Q6BMDDPMvFzbOWB1BEYEsCYyoRXWaAof/V13tCvPpsDihWrd6dDke+bNfq71R5
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB2885
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.13, xch-aln-003.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/Jr9ms86I1ave7tvi0jSB3GfbW2c>
Subject: Re: [Idr] Yangdoctors early review of draft-ietf-idr-bgp-model-09
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2020 16:21:28 -0000
Hi Jeff, On 11/2/20, 7:28 PM, "Jeffrey Haas" <jhaas@pfrc.org> wrote: Acee, On Tue, Oct 27, 2020 at 03:05:06PM -0700, Mahesh Jethanandani wrote: > > 3. Page 25, "case ipsec": What is the reference for usage of transport > > mode IPsec with BGP? Please elaborate in description. > > I see release notes from vendors on IPsec for BGP, but no references that I can cite. Did you have something specific in mind? There is no reference here. Multiple BGP implentations support running BGP over an ipsec tunnel. A previous prod during a prior review suggested that if we had something to use from an IETF group doing yang work on ipsec for protecting routing transport sessions might be applicable here. If this is an IPsec tunnel then it would be provisioned like other IPsec tunnels as opposed to in the BGP YANG model. I'm assuming that if it is provisioned here, it is transport mode BGP for the TCP session associated with the BGP peer. In any case, the intended usage needs to be specified. > > 5. Page 29, "remote-helper": I'd support this to be renamed > > "graceful-restart-only" since "helper-only" is relative to the local > > peer. > > The enumeration definitions talk about the mode in terms of local and remote. Calling it ‘graceful-restart-only’ conveys a completely different meaning. There's actually a few issues here: - The restarting mode is per AFI-SAFI, while this container doesn't contain anything that contains per AFI-SAFI state. - The local peer can know whether it's acting as a helper and whether it can retain forwarding for a given AFI/SAFI. - We can know if the remote BGP speaker has advertised GR for a given AFI/SAFI, which tells us whether it supports GR and can help the local speaker with restarting. - We can know if, on the last restart, forwarding was preserved for that AFI/SAFI. Proposal: Replace leaf "mode" with: list afi-safi-supported { key "afi-safi-name" leaf afi-safi-name { type identityref { base bt:afi-safi-type; } } leaf local-supported { type boolean; } leaf remote-supported { config false; type boolean; } leaf remote-forweard-preserved { type boolean; config false; } } You need some good descriptions for the booleans as the names aren't enough. I'd replace "remote-forward-preserved" with "remote-forwarding-preserved" as in Forwarding Information Base (FIB). Note that you no longer have the granularity between support of local restart and local helper (based on only one config true leaf). Also, it seems that granularity is now wrong - you need the config false values on a per-peer basis so I don't think you can mix the local-configuration with the remote peer state in the same grouping. FWIW here is the OSPF config true container. container graceful-restart { if-feature graceful-restart; description "Graceful restart config state."; reference "RFC 3623: OSPF Graceful Restart RFC 5187: OSPFv3 Graceful Restart"; leaf enable { type boolean; description "Enable/Disable graceful restart as defined in RFC 3623 for OSPFv2 and RFC 5187 for OSPFv3."; } leaf helper-enable { type boolean; description "Enable graceful restart helper support for restarting routers (RFC 3623 Section 3)."; } leaf restart-interval { type uint16 { range "1..1800"; } units seconds; default "120"; description "Interval to attempt graceful restart prior to failing (RFC 3623 Section B.1) (seconds)"; } leaf helper-strict-lsa-checking { type boolean; description "Terminate graceful restart when an LSA topology change is detected (RFC 3623 Section B.2)."; } } > > > 6. Page 30, "fsm-established-transitions": What is the difference with > > "established-transitions"? Is the description a cut-n-paste error? > > I will rename “established-transitions” to “peer-fsm-established-transitions”. > > > 7. Page 33, "backward-transition": This implies any backward transition. > > I'd suggest renaming to "established-state-lost" > > or "established-backward-transition". > > But backward-transition is defined as when the BGP new status is lower than the last one, not just from established -> idle. Note from BGP MIB history: The original BGP MIB provided a trap on every backward transition. This meant a very noisy set of traps for sessions that were repeatedly trying to connect. Many vendors implemented knobs to restrict this solely to transitions out of established. I'd suggest the working group consider what it wants here. We don't have to repeat the mistakes of the past on this one. In OSPF we did not implement the ospfMaxAgeLsa or ospfOriginateLsa traps as YANG model notications for just this reason. > > 15. Page 72, "bgp-ext-community-type": Many of these string patterns are > > defined in RFC 8294. Also, it would be good to add the syntax of the > > pattern you are representing in the description. > > I will let my co-authors to comment on this. RFC 8294 is narrowly focused on supporting a small cluster of VPN extended communities. The extended communities feature carries a number of additional things. A recent example would include the RPKI origin validation community. Others would be communities defined for link-bandwidth and the BGP flowspec action communities. The complete registry is here: https://www.iana.org/assignments/bgp-extended-communities/bgp-extended-communities.xhtml The issue thus comes where the general purpose registry for communities that weren't defined in RFC 8294. A similar issue comes down to how do we maintain this list and add to it as we extend BGP by adding new extended communities? I agree that we should not repeat the items in RFC 8294. Won't we need the extended communities typedef to be maintained in an IANA registry to allow easy extension? I guess you want to publish this model at some point in the near future? I'd cover what is standardized now without replicating the communities types in RFC 8294. Error: the option to set-ext-community doesn't take this list. Error: We don't have a RIB ext-community oper list. > > 20. Page 78, "bgp-set-med-type": Please describe the syntax of the pattern > > in the description. > > I will defer this to my co-authors. Set med in implementations typically permits additive/subtractive MEDs. This permits operations such as "set med = med + 5". Syntax issue: the implementation is typically "set med", "set med additive <value>" or "set med-igp". Thus the syntax that's additive is only applicable in some of these cases. I believe we'll hae to restructure this. Sounds good. Thanks, Acee
- [Idr] Yangdoctors early review of draft-ietf-idr-… Acee Lindem via Datatracker
- Re: [Idr] [yang-doctors] Yangdoctors early review… Acee Lindem (acee)
- Re: [Idr] [yang-doctors] Yangdoctors early review… Susan Hares
- Re: [Idr] Yangdoctors early review of draft-ietf-… Mahesh Jethanandani
- Re: [Idr] Yangdoctors early review of draft-ietf-… Mahesh Jethanandani
- Re: [Idr] Yangdoctors early review of draft-ietf-… Acee Lindem (acee)
- Re: [Idr] Yangdoctors early review of draft-ietf-… Acee Lindem (acee)
- Re: [Idr] Yangdoctors early review of draft-ietf-… Jeffrey Haas
- Re: [Idr] Yangdoctors early review of draft-ietf-… Acee Lindem (acee)
- Re: [Idr] Yangdoctors early review of draft-ietf-… tom petch