Re: [Idr] draft-uttaro-idr-bgp-persistence-00

Robert Raszuk <robert@raszuk.net> Thu, 27 October 2011 21:49 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42E1B21F84AF for <idr@ietfa.amsl.com>; Thu, 27 Oct 2011 14:49:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bc1T+XOseZpc for <idr@ietfa.amsl.com>; Thu, 27 Oct 2011 14:49:29 -0700 (PDT)
Received: from mail37.opentransfer.com (mail37.opentransfer.com [76.162.254.37]) by ietfa.amsl.com (Postfix) with SMTP id 747B621F84AE for <idr@ietf.org>; Thu, 27 Oct 2011 14:49:29 -0700 (PDT)
Received: (qmail 28608 invoked by uid 399); 27 Oct 2011 21:49:28 -0000
Received: from unknown (HELO ?216.69.69.179?) (216.69.69.179) by mail37.opentransfer.com with SMTP; 27 Oct 2011 21:49:28 -0000
Message-ID: <4EA9D1EA.3020109@raszuk.net>
Date: Thu, 27 Oct 2011 23:49:30 +0200
From: Robert Raszuk <robert@raszuk.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1
MIME-Version: 1.0
To: "UTTARO, JAMES" <ju1738@att.com>
References: <4EA1F0FB.3090100@raszuk.net> <4EA487E4.2040201@raszuk.net> <B17A6910EEDD1F45980687268941550FA20750@MISOUT7MSGUSR9I.ITServices.sbc.com> <4EA84254.9000400@raszuk.net> <B17A6910EEDD1F45980687268941550FA20F79@MISOUT7MSGUSR9I.ITServices.sbc.com>
In-Reply-To: <B17A6910EEDD1F45980687268941550FA20F79@MISOUT7MSGUSR9I.ITServices.sbc.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "idr@ietf.org List" <idr@ietf.org>
Subject: Re: [Idr] draft-uttaro-idr-bgp-persistence-00
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: robert@raszuk.net
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Oct 2011 21:49:30 -0000

Hello Jim,

L3VPN RT assignment is how you define a VPN policy. Of course if you 
misconfigure policy the system will take it and execute accordingly. 
That is in fact a L3VPN drawback not something to be proud of. Customers 
subscribing to L3VPN service must trust provider how their routes are 
distributed by SP and to whom else are exported. I do know for a fact 
that some customers just do not trust SP to handle their route 
distribution. Those customers either ask for L2VPN service or purchase 
their transit links directly.

RT Constrain - I do not see how this can cause wrong construction of VPN 
distribution graph when deployed partially. Basically PEs which do not 
support RT-Constrain will get full set of VPNv4 routes and RRs which 
such PEs are connected to will need to keep all of them. I do not see 
any issue if you just enable RT constrain on one PE and push RT routes 
from such PE to RR(s). Please illustrate a scenario where partially 
deployed RT Constrain results in "VPN distribution graph will be 
incorrectly built". Maybe we have missed something ...

 > It is the responsibility of the network designers to determine how to
 > deploy powerful technology into their networks.

I could perhaps agree with that statement in general. However when you 
are injecting STALE routes to your EBGP peers you have zero control over 
their network.

Best regards,
R.

> Robert,
>
> To be honest I do not agree and am confused by your comments.. There
> are many specifications that demand correct deployment in a network
> to prevent unwanted behavior. Some immediate examples come to mind:
>
> L3VPN. If the operator mis-configures RTs or stitches incorrectly VPN
> pollution can easily occur. There is no protection that I know of in
> the draft to prevent this.
>
> RT Constrain. If incorrectly deployed in a network with devices that
> do and don't support the VPN distribution graph will be incorrectly
> built. This will result in customers VPN being compromised. The draft
> does not prevent this.
>
> It is the responsibility of the network designers to determine how to
> deploy powerful technology into their networks. Part of this is to
> ensure that we do not create a "real network issue if not done
> carefully ". We do not have the luxury of not being careful.
> Generally speaking when introducing technology with new capability
> the expectation is that the network architects/designers understand
> the technology and deploy it correctly.
>
> Thanks, Jim Uttaro
>
> -----Original Message----- From: Robert Raszuk
> [mailto:robert@raszuk.net] Sent: Wednesday, October 26, 2011 1:25 PM
> To: UTTARO, JAMES Cc: idr@ietf.org List Subject: Re: [Idr]
> draft-uttaro-idr-bgp-persistence-00
>
> Jim,
>
> When one during design phase of a routing protocol or routing
> protocol extension or modification to it already realizes that
> enabling such feature may cause real network issue if not done
> carefully - that should trigger the alarm to rethink the solution and
> explore alternative approaches to the problem space.
>
> We as operators have already hard time to relate enabling a feature
> within our intradomain boundaries to make sure such rollout is
> network wide. Here you are asking for the same level of awareness
> across ebgp boundaries. This is practically unrealistic IMHO.
>
> Back to the proposal ... I think that if anything needs to be done is
> to employ per prefix GR with longer and locally configurable timer.
> That would address information persistence across direct IBGP
> sessions.
>
> On the RRs use case of this draft we may perhaps agree to disagree,
> but I do not see large enough probability of correctly engineered RR
> plane to experience simultaneous multiple ibgp session drops. If that
> happens the RR placement, platforms or deployment model should be
> re-engineered.
>
> Summary .. I do not think that IDR WG should adopt this document.
> Just adding a warning to the deployment section is not sufficient.
>
> Best regards, R.