Re: [Idr] [OPS-DIR] Opsdir early review of draft-ietf-idr-sr-policy-safi-01 (valid -02)
Susan Hares <shares@ndzh.com> Tue, 16 April 2024 20:15 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAAF2C14F73F; Tue, 16 Apr 2024 13:15:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.898
X-Spam-Level:
X-Spam-Status: No, score=-6.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D3F6g8bjwunp; Tue, 16 Apr 2024 13:15:18 -0700 (PDT)
Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2133.outbound.protection.outlook.com [40.107.95.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B77E8C14F70D; Tue, 16 Apr 2024 13:15:17 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=N2LGbxd4TGy+lpM9ViCGP7ECQzlhOcBAXILPYD1mmIe2J6bklSs7XMX7gIBSZlYSXyl6Tx5mbxay6dTcWVsVybAc8NBggND4KDyupbbXrqPIyZASef5zKr1ko9M1qBdf8mCwcAz9cNTulWXwp5dqFK3hQfucY3l3CrIn3ush0wx52fzHSxac5hKavUtAFOphCsN8vDvLEcVKbzRmmDRX4QENtZW5+74wjrbus8yHZuIL6OKHdgZr/mkiEADuJ7bSWOGyJl5Ua7GQHGlImYJ9Uu50tQZO9oBdnds5zBbEt1zOwPM85+FSBiZZCrmWR0pBD6w0e43dPWDA7OhnvwhncA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=V3u0QfZFjYXblGEP0tSoSPV/00R6rIcFJJebvggxqJ0=; b=cxpGxVIfKvjf18OS7rdHaWnu0vBvXLkcKvCicokJin7/CHHLVrl0HmDrIGOd80zwG4N7ggx8YMag1FMOjRfKGETisVcuDq9TIMeCwXRZdY38JnPgX/Enf5YOgKQa605RRZRlHUZjifdFk6BtA+MWUzrMwsm9wLtPfqBRro3msHDbmwTpFSScVJA7JbH0l1IAgZZ6tDE3MJZReeGxof/8q26tKNHrI3fy1pOmo4Gho8hG+5YRLP0uiGsrCwXPpyOQsLVi8mhXAzPYOXtJHaZeexJVZTteIvcSf8fKNzhwFUh/udmJqGOOLzf9GJChY0ItJL79elaX7JliGDCBrkgGtg==
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 104.47.55.101) smtp.rcpttodomain=ietf.org smtp.mailfrom=ndzh.com; dmarc=bestguesspass action=none header.from=ndzh.com; dkim=none (message not signed); arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=ndzh.com] dkim=[1,1,header.d=ndzh.com] dmarc=[1,1,header.from=ndzh.com])
Received: from BYAPR07CA0097.namprd07.prod.outlook.com (2603:10b6:a03:12b::38) by LV3PR08MB9506.namprd08.prod.outlook.com (2603:10b6:408:21f::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.50; Tue, 16 Apr 2024 20:15:14 +0000
Received: from CO1PEPF000044F2.namprd05.prod.outlook.com (2603:10b6:a03:12b:cafe::28) by BYAPR07CA0097.outlook.office365.com (2603:10b6:a03:12b::38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.20 via Frontend Transport; Tue, 16 Apr 2024 20:15:13 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 104.47.55.101) smtp.mailfrom=ndzh.com; dkim=none (message not signed) header.d=none;dmarc=bestguesspass action=none header.from=ndzh.com;
Received-SPF: Pass (protection.outlook.com: domain of ndzh.com designates 104.47.55.101 as permitted sender) receiver=protection.outlook.com; client-ip=104.47.55.101; helo=NAM10-MW2-obe.outbound.protection.outlook.com; pr=C
Received: from obx-outbound.inkyphishfence.com (35.166.188.152) by CO1PEPF000044F2.mail.protection.outlook.com (10.167.241.72) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7452.22 via Frontend Transport; Tue, 16 Apr 2024 20:15:13 +0000
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2101.outbound.protection.outlook.com [104.47.55.101]) by obx-inbound.inkyphishfence.com (Postfix) with ESMTPS id 934A6C391C; Tue, 16 Apr 2024 20:15:12 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JhVCF4FbRPMKGq2Iz+0CGi0K28xyeO+GR+Q2XdWQCukcDgmgsMe/s1t2tp1p2RM1bXL77kKXWtbZ9qSQsMOKCGZTYxP5DvpY7obQArPRli1PvP1RjPAXdSghrwc95Lq6xFwCIGLpSFoJc2f9UKs3rLdz9B68+uE5o8t+4Q6X6wBVw6yz2wit45wGW7dHOCE9F44s9neqObmOq0WPeNJLwWxMPaU0Q6CLqm9+XGjJJNRYjKFeXuF2928NmnXnmqx1E0iu3nXUBWjwW8qPvGFfmRf72QAk9gzoTA6DXXCckjN1z5C0Rs3w/JGXYPljQ7eWZ0ZM2wv3IpuKA34X3jrm8w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=V3u0QfZFjYXblGEP0tSoSPV/00R6rIcFJJebvggxqJ0=; b=Vzpw67xvpBy33wiTPolFFIaTDEpgxl1ihmItdnR710uMkAZAvvJvDXIzRxCFgPPtPN6Iw5iWCC6+c/GBT4tIgS+6R65UZPgsBBAYz8dGD+NhAB9aBmX0kAFJoOi9mpRGXy9y2k20wAjBxqC03qdhK/XLCfmhcp+wEP7ph9bFf42GVR3HNSSqQaI8tQ4NaaMpiYgKP7njPOdXOD2aTODsshAaJGLGa1mpkTTw64PweAZx0iuTGBe+fiSBypvNXnXL69uNDu3mvM3AecaFMcd5UIVMsRPuef/hmDrdfot0F0h7iQVLg4Nq3JXXjgbZ9odLp5ooLyjVRDwuwG9tax658w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ndzh.com; dmarc=pass action=none header.from=ndzh.com; dkim=pass header.d=ndzh.com; arc=none
Received: from DM6PR08MB4857.namprd08.prod.outlook.com (2603:10b6:5:44::25) by CH0PR08MB6938.namprd08.prod.outlook.com (2603:10b6:610:c1::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.50; Tue, 16 Apr 2024 20:15:09 +0000
Received: from DM6PR08MB4857.namprd08.prod.outlook.com ([fe80::b6e6:add:92ce:6fa0]) by DM6PR08MB4857.namprd08.prod.outlook.com ([fe80::b6e6:add:92ce:6fa0%4]) with mapi id 15.20.7452.049; Tue, 16 Apr 2024 20:15:08 +0000
From: Susan Hares <shares@ndzh.com>
To: "idr@ietf.org" <idr@ietf.org>, "ops-dir@ietf.org" <ops-dir@ietf.org>
Thread-Topic: Re: [OPS-DIR] Opsdir early review of draft-ietf-idr-sr-policy-safi-01 (valid -02)
Thread-Index: AdqQIa/dZWNaLEbnQIilA+QSt0HNag==
Date: Tue, 16 Apr 2024 20:15:08 +0000
Message-ID: <DM6PR08MB48570714DD5E2664F826AE66B3082@DM6PR08MB4857.namprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ndzh.com;
x-ms-traffictypediagnostic: DM6PR08MB4857:EE_|CH0PR08MB6938:EE_|CO1PEPF000044F2:EE_|LV3PR08MB9506:EE_
X-MS-Office365-Filtering-Correlation-Id: 3e6c4831-924c-4a9f-aef8-08dc5e51ecb4
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: ugJw/9ElA+I0nSWV3bWo65OXV1QJHjdBSzEPcFXVDH/GyIoswGarLWrQ3ZTws0E0WEec2FfBWFrgZTdQKtbftx+wlQ/c17BxQnTwcBgCOmKaQND7ycBD9DQ+s30VzvWFLLnqU2ZREgRAqHQdTWh0eJ7ApdhuBGmPeXe3Px787XDlf3Vs9LgrcQ9j/P3nyhXJ8OSLsJMZ+hTFoOuI20irj+jlUqgJLGcHrdOGxaN5pgG+uW7jdQSmsAtHBaSip4dPox19XB8UgY5ZVJ/6ScM4HWVeaUKelXvZXKaNk8ljKC+W5DxSZO2ULFpjPUtxq+MmnrPZKRY6ZbNZDPJJnhm1A6axB6Z2U0Muf+TfnMUXNFAVJLUAyXtBlPi85JYgRTJyJ+tue9QU5022ak65o9fzC0jm7RFpjkMpNlWNPjn5KpCwIIEmUA35oNa2bBUIrGxz8xXw4Zt4jcjvZjncwyMYUZt87DbpCTDF1Wlh0H1UQDby4ne/WzPIjtgJLZT3qtIv2r0W54ZgI8DY1zgs/yunT0Ewhp8U9hX/+eB2CIrs7Ky3AFVDTKwgLafNY3rk0228brliMWzbsQ/WP/WjWcTiBYaOHYSsHFIxTZkxKqZ7ARo3I3MQrCKfnzcIfonFObsXQiFZeRmdi/M8lxDgNP5j5p/uXcANnw9NhuT0XHxWwqKVD45ejwqvygLq+X69tGwgHeq4of4KSozhiQAg5CYbeklWwBGhf+dBxejjSHP9S4g=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR08MB4857.namprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366007)(376005)(1800799015)(38070700009); DIR:OUT; SFP:1102;
Content-Type: multipart/alternative; boundary="_000_DM6PR08MB48570714DD5E2664F826AE66B3082DM6PR08MB4857namp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR08MB6938
X-Inky-Outbound-Processed: True
X-EOPAttributedMessage: 0
X-MS-Exchange-SkipListedInternetSender: ip=[104.47.55.101]; domain=NAM10-MW2-obe.outbound.protection.outlook.com
X-MS-Exchange-ExternalOriginalInternetSender: ip=[104.47.55.101]; domain=NAM10-MW2-obe.outbound.protection.outlook.com
X-MS-Exchange-Transport-CrossTenantHeadersStripped: CO1PEPF000044F2.namprd05.prod.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 653fc455-982a-42d0-ed58-08dc5e51e9d1
X-IPW-GroupMember: False
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: HjdtgcvmqqjssMAJlu/0FsaSK/EBoRVsH5xViu6qunvctlUrwDzhWuJcoFQQQvr2BgUkSwz9gKJdQy2T8IBWPgCa4/2N8IuqdF5WEYy8p1gXQSoTuJjuhvn9PS3DEMEfvy7alWyu1aado9MBvIxQ6Kq9KxL2Y6qQkhNgDDc7SpYRQVTtM22H9FtygNXfanQnskRnq0DSc6jd30/9p1IoaixzyJofhTAUtk8cKosPdDMkQW6Nu1Z2TyvOJT8e/tzTPyTsI2xR57HEJ08KDgI0ZadweG/VKnLdCoMeIm0d5idg7lb+Tc27V3FCzKV6ELyVev8Ve1Tmodo6rjoW+xikWle+ZFWrMqWcvVPxplWU8PnZ+V4OFb24tC+JU8N8cwk71TBRAVZmZmzflU3Ij3PP3yV0ZZUeEyryIt3/cynQbkbBUcJouNNFK+blHMxBB69AQLj9V7GGWcCKvA399S3PrGGvhuVGgtOZlIenbJ1dVg21GTnDK0SV1NGwPcd8lwQm5TnpBM/S5UFqTpgbwFzg3sSIkzOgxIW9IKHFO6hHrq/NIJGbEH6Hd3bEAcz9eRD0mC48be6UNq93pwIHB4UxBSkunbTV1dWwIKOweGkf8ldg7lyvyOo35VIPAZ2cxatXoXKUGOm9qOxDCd3JWCx3JtnQymg1GIN91Lm/5PZRSh1dlzQyB9orLda5C+SwhpE7IYiFR/kbL/j9D7Gzl8vWMvfDPASh2gerO3PfKPwYaSBTj7a412PJgQFaZ9FKhjwXI1OXWZPeaUUMthZzYOFXQij9a5mqJKYOvyng+hiCLy9acDGHDktSaHVbnLJ0VTOs8zELaIRi00qRrVaHel6+SA==
X-Forefront-Antispam-Report: CIP:35.166.188.152; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:NAM10-MW2-obe.outbound.protection.outlook.com; PTR:mail-mw2nam10lp2101.outbound.protection.outlook.com; CAT:NONE; SFS:(13230031)(82310400014)(36860700004)(376005)(1800799015); DIR:OUT; SFP:1102;
X-OriginatorOrg: ndzh.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Apr 2024 20:15:13.5768 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 3e6c4831-924c-4a9f-aef8-08dc5e51ecb4
X-MS-Exchange-CrossTenant-Id: d6c573f1-34ce-4e5a-8411-94cc752db3e5
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=d6c573f1-34ce-4e5a-8411-94cc752db3e5; Ip=[35.166.188.152]; Helo=[obx-outbound.inkyphishfence.com]
X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F2.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR08MB9506
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/OaPfIp9aAxvUjSr5wFaRf2pLUMM>
Subject: Re: [Idr] [OPS-DIR] Opsdir early review of draft-ietf-idr-sr-policy-safi-01 (valid -02)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Apr 2024 20:15:24 -0000
4 Issues that were brought up in the OPS-DIR review on draft-ietf-idr-sr-policy-safi-01need to be addressed: Link to OPS-DIR Review: https://mailarchive.ietf.org/arch/msg/ops-dir/JFInEGfu1GpIgTuCTWsNMJbGwp0/ Issue 1: Issue 1: SR Policy traversing RRs Comment from OPS-DIR: Nagendra Kumar: /An SR Policy intended only for the receiver will, in most cases, not traverse any Route Reflector (RR, [RFC4456])./ Ketan> That is for BGP VPN services. This is a different SAFI. Nagendra Kumar: Or is this statement only applicable for the PCE-PE scenario?. Can you clarify the same? Ketan: Yes, there is further text in the section that describes the same. Since this is a BGP spec, the term "controller" is used as opposed to PCE which is construed by many as a PCEP construct. Shepherd request: Would you send the section #? I've created a github repository for this draft. https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/ I'll add the answer to Issue 1 for this draft. Issue 2: Shepherd's comment on section 2.1 based on OPS-DIR Review: Change requested: Based on the question from Nagrenda, please add some link to section 2.9 in section 2.1 and 4.2.2. that indicates if two routes of the same (RD, E, C) from different peers choose the active Policy based on Text in section 2.1: Current text:/ If BGP has installed into the BGP table two advertisements whose respective NLRIs have the same color and endpoint, but different distinguishers, both advertisements are passed to the SRPM as different candidate paths along with their respective originator information (i.e., ASN and BGP Router-ID) as described in section 2.4 of [RFC9256]. The ASN would be the ASN of the origin and the BGP Router-ID is determined in the following order: * From the Route Origin Community [RFC4360] if present and carrying an IP Address, or * As the BGP Originator ID [RFC4456] if present, or * As the BGP Router-ID of the peer from which the update was received as a last resort./ Suggested addition after last line:/ Section 2.9 of [RFC9256] indicates how an Active SR Policy is selected based on the information passed to the SRPM. / Text in Section 4.2.2:/ The SRPM applies the rules defined in section 2 of [RFC9256] to determine whether the SR Policy candidate path is valid and to select the best candidate path among the valid ones for a given SR Policy./ Suggested addition after last line:/ The best candidate path is denoted as the "active candicate path" (see section 2.9 of [RFC9256]). / Issue #3: Error Handling of Binding SID - Shepherd's comment Nagendra Kumar: What happens if a node receives the SR Policy NLRI with the length field of the Binding SID Sub-TLV set to 6 and the label value from the reserved range (0-15 may be)? Ketan: (KT) That is handled by the SRPM and outside the scope of BGP. In this specific case, the specified BSID is not usable/available and the behavior is covered by section 6.2 of RFC9256. Shepherd's review: [RFC9252] in section 6.2 neither confirms nor denies whether the MPLS reserved labels are usable. 2.4.2 needs to be augmented to indicate this point in the paragraph on Binding SID:. **Addition after the last sentence, if it cannot contain reserved MPLS label values. / The Label field is validated by the SRPM, but MUST not contain the reserved MPLS label values (0-15). / If it can contain the reserved MPLS labels, then this needs to be clearly spelled out. / The Label field is validated by the SRPM, but SHOULD not contain the reserved MPLS label values (0-15). An implementation MAY have knobs that allow these labels./ Shepherd's comment: Issue 4: Why does Section 2.4.2 Use alternate way to SRv6 BSID - Shepherd's review Question: --> Section 2.4.3 describes the Sub-TLV for SRv6 BSID. Any reason why section 2.4.2 includes a length field and describes another way to represent SRv6 BSID? KT answer: KT> Section 2.4.2 specifies the SR BSID sub-TLV that was used for both SR-MPLS and SRv6. But it was defined during the early stages of SR evolution and did not cover the SRv6 aspects fully and hence the SRv6 BSID sub-TLV was introduced in section 2.4.3. For backward compatibility with existing implementations, the use of SR BSID sub-TLV for SRv6 was retained (with a reduced functionality). Shepherd review: This question will repeatedly arise from implementers or operators. Please put a short version of this explanation in the text. I suspect it might be best in the 2.4 section overview prior to 2.4.1.
- Re: [Idr] [OPS-DIR] Opsdir early review of draft-… Susan Hares
- Re: [Idr] [OPS-DIR] Opsdir early review of draft-… Ketan Talaulikar