Re: [Idr] WG Last Call on Extened Message Support
"Susan Hares" <shares@ndzh.com> Wed, 13 February 2019 19:03 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69E74126F72 for <idr@ietfa.amsl.com>; Wed, 13 Feb 2019 11:03:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.947
X-Spam-Level:
X-Spam-Status: No, score=0.947 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NxMPVy0q59Ss for <idr@ietfa.amsl.com>; Wed, 13 Feb 2019 11:02:58 -0800 (PST)
Received: from hickoryhill-consulting.com (50-245-122-100-static.hfc.comcastbusiness.net [50.245.122.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDE2C1200D7 for <idr@ietf.org>; Wed, 13 Feb 2019 11:02:57 -0800 (PST)
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=166.176.248.72;
From: Susan Hares <shares@ndzh.com>
To: bruno.decraene@orange.com
Cc: idr@ietf.org, "'Jakob Heitz (jheitz)'" <jheitz@cisco.com>
References: <007b01d4b7c6$5b002210$11006630$@ndzh.com> <16873_1548768802_5C505622_16873_491_9_53C29892C857584299CBF5D05346208A489AE8F1@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <024a01d4b7d8$f7925b90$e6b712b0$@olddog.co.uk> <4052_1548770128_5C505B50_4052_60_1_53C29892C857584299CBF5D05346208A489AEA6C@OPEXCAUBM43.corporate.adroot.infra.ftgroup>
In-Reply-To: <4052_1548770128_5C505B50_4052_60_1_53C29892C857584299CBF5D05346208A489AEA6C@OPEXCAUBM43.corporate.adroot.infra.ftgroup>
Date: Wed, 13 Feb 2019 14:02:49 -0500
Message-ID: <01a201d4c3ce$b6e6df10$24b49d30$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_01A3_01D4C3A4.CE132100"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJ3UJ5j1bTPsyO86K1JuAQ7q/LpfQIdyv9rAefZHwsB7dxHTqRpTUcw
Content-Language: en-us
X-Antivirus: AVG (VPS 190213-2, 02/13/2019), Outbound message
X-Antivirus-Status: Not-Tested
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/PNI1iB_mpVydvrp6IuPQO5z9PUs>
Subject: Re: [Idr] WG Last Call on Extened Message Support
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Feb 2019 19:03:03 -0000
Bruno: Id like to answer some of the questions you sent Randy based on comments (public and private) the chairs and I as the shepherd received on this draft in our last WG LCs. Several of the comments you questioned were put in to answer other questions. This gets into a catch-22 problem where you put changes in for one person/take out the changes out for another. In academic circles this is called the reviewer #2 problem (reviewer 1 insists changes go in, reviewer 2 insists changes go out) during publication. Therefore, Im I am going to answer most of your questions where this is the case. I believe that Randy has new version with the changes Ive indicated. Im hoping hell just post that version. AFAILK, we do have 2 compliant implementations. Sue <shepherd hat on> This drafts technology provides efficient processing for some application by allow a huge BGP message size. Whether chunking BGP to 4096 byte messages or packing large amounts of data into 65,000 byte message is more effective for a particular application is something only an implementer of a particular BGP implementation can decide. This draft simply gives freedom for applications to not be restrict to an artificially small message size. The market place will choose whether this technology is used or not. As Jakob pointed out, changing a highly tuned BGP implementation which chunks BGP data into 4096 byte messages may involve substantial rework of the implementation. (snip) From: Idr <idr-bounces@ietf.org> On Behalf Of bruno.decraene@orange.com Sent: 29 January 2019 13:33 To: Susan Hares <shares@ndzh.com> Cc: idr@ietf.org Subject: Re: [Idr] WG Last Call on Extened Message Support Hi WG, >Please find below some comments. >As of today, I dont believe this specification is ready to be progressed to IESG/RFC, especially for a document >updating RFC 4271 (core BGP spec). > The WG chairs intend to forward this draft to the IESG with the current level of implementation. >https://trac.ietf.org/trac/idr/wiki/draft-ietf-idr-bgp-extended- <https://trac.ietf.org/trac/idr/wiki/draft-ietf-idr-bgp-extended-%3eimplemen tations> >implementations says : 5a Does not send Extended Message capability Yes Yes Yes >I may be misunderstanding the implementation report, but my reading of the above is that none of the reported >implementations sends the capability hence no implementation supports draft-ietf-idr-bgp-extended-messages.. >Here this document is updating RFC 4271, so it is not a minor extension for a niche use case. So I dont see the >arguments for not requiring the IDRs usual two interoperable implementations. >In our mail thread, we discovered that the implementation report should have indicate >full support. Im waiting for Olivier to update based on the last point, but my understanding is that All implementations have full support. >---- >§ 1 > As BGP is extended to support newer AFI/SAFIs and > newer capabilities (e.g., [ <https://tools.ietf.org/html/draft-ietf-idr-bgp-extended-messages-27#ref-I-D .ietf-sidr-bgpsec-protocol> I-D.ietf-sidr-bgpsec-protocol]), there is > a need to extend the maximum message size beyond 4096 octets. > > https://tools.ietf.org/html/draft-ietf-idr-bgp-extended-messages-27#section- 1 >[ <https://tools.ietf.org/html/draft-ietf-idr-bgp-extended-messages-27#ref-I-D .ietf-sidr-bgpsec-protocol> I-D.ietf-sidr-bgpsec-protocol is now RFC 8205 (thanks for updating the reference). It has removed the normative/any >reference to draft-ietf-idr-bgp-extended-messages. So presumably BGP Sec does not need draft-ietf-idr-bgp->extended-messages. Can we have an update on this? Can the introduction of draft-ietf-idr-bgp-extended-messages >be updated to introduce on the real reasons/needs? SIDR gave up waiting on IDRs work and took a reduced size of encryption. The security people were very sad about the reduction. How is this working in practice? WG sidrops can answer this question. The real problem is there is finite message space. There are two ways to send lots of BGP routes and/or attributes to chunk these into small message sizes or place these into a large message. Some applications may always want to chunk into message sizes smaller than 4096. Some application make work more efficiently utilizing large message size. As the potential number of NLRI and BGP attributes grows, new applications may consider large message sizes to a more reasonable way to exchange amounts of BGP data. The decision on how to send BGP messages over the wire is a peer-by-peer decision in a network. Each BGP peer is in charge of reformatting the BGP message it sends to the remote BGP peer. The BGP capabilities in this draft represent an agreement between two BGP peers. These are facts of basic BGP implementations so I do not believe adding these facts to Randys draft is useful. In fact, in the previous rounds of review this point was made. Your question (and perhaps Jakobs) is whether we have reached a time/place where the chunking approach will fail on a peer-by-peer basis? This draft does not make this statement. The point of this draft is to enable more efficient processing by increasing the message size for BGP peers that send a lot of data (e.g. BGP-LS) . The choice to chunk or stream in large BGP message is an implementation choice for a particular BGP application. ---- §4 §3 says A peer which does not advertise this capability MUST NOT send BGP Extended Messages, and BGP Extended Messages MUST NOT be sent to it. [I believe randy accepted this change with the following text in version 4 [upcoming below]]/. -------------- Fine. Text in §4 should probably be aligned with the above .e.g. OLD: A BGP speaker MAY send Extended Messages to its peer only if it has received the Extended Message Capability from that peer. NEW: A BGP speaker MAY send Extended Messages to its peer only if it has sent and received the Extended Message Capability to and from that peer. ---- > Applications generating information which might be encapsulated > within BGP messages MUST limit the size of their payload to take the > maximum message size into account. > >I dont see what new behavior is been defined here. If there is none, I would suggest to remove this sentence Bruno people asked to put this text in as an operational warning. At this point, Im going to say unless there is harm it should remain. ---- > A BGP announcement will, in the normal case, propagate throughout the > BGP speaking Internet; and there will undoubtedly be BGP speakers > which do not have the Extended Message capability. Therefore, > putting an attribute which can not be decomposed to 4096 octets or > less in an Extended Message is a likely path to routing failure. > >The issue is not specific to attributes bigger than 4096 octets, but to BGP message whose length is bigger than >4096, irrespective of the size of each attribute. >Please elaborate on what you mean by > >an attribute which cannot be decomposed to 4096 octets An attribute which cannot be decomposed to 4096 is an attribute with length 6000 inside of a BGP message which requires the entire attribute to be included. No such attribute exists today. If a small BGP peers create a killer application that uses a 6000 byte attribute, the rest of the Internet does not have to use it. However, the person defining that attribute must carefully specify it must go with Extended BGP messages. This text was added during an earlier discussion where the error cases of a large BGP attribute was given. The originator of the common could not provide the exact description, but we agreed to put this warning label into the draft. This is one of the cases where adding/removing text gets to be problematic. >--- > It is RECOMMENDED that BGP protocol developers and implementers are > conservative in their application and use of Extended Messages. > >What does this mean exactly? That they dont use this extension? >That they dont use this extension unless XX_TO BE SPECIFIED_XX? This warning was text that other participants asked to be added. It is a common sense warning. Extended messages are enabled on a peer by peer basis as all BGP capabilities are. If you run into a Peer that does not support the larger sizes, the BGP messages will need to be reformatted to the smaller size. Running immediately to the Extended messages as the default could cause problems. --- Future protocol specifications will need to describe how to handle peers which can only accommodate 4096 octet messages. >Why is this limited to future specifications? A priori, using existing BGP mechanism (AFI/SAFI, attributes, * >communities) one could exceed the size of 4096 octets. How does the BGP speaker supposed to behave in this ?>case? This should be described in this specification. Note that this is not a case of error handling, as every BGP > speaker is behaving as specified. I fail to see your logic. At this point, all BGP data (AFI/SAFI and attributes) must fit within a 4096 message. Therefore, a BGP peer A which connects on link 1 to BGP peer B with 4096 message and on link to a BGP peer C with extended messages only has to worry about reformatting the data. In the future, the first group that defines attribute or an NLRI that does not fit within a 4096 BGP message and cannot be split, will need to define how that works in the specification. There is no need to refine the current set of specifications. >---- >Depending on the above specification, a section describing the operational consequences in a network (such as the >Internet, BGP Enabled ServiceS/VPN networks) is probably needed. Possible consequences could be BGP NLRI >being removed in the middle of such network, or (extended) community (such as Route Targets) been removed. >Both having significant consequences on the availability provided by the network. At this point, there are no attributes or NLRI groupings that do not fit within 4096. If you define one (as SIDR did), then you will need to have it reviewed by IDR, BESS, SPRING, and operational groups (GROW, etc). --- >§4 >OLD: The Extended Message Capability only applies to all messages except for the >OPEN message. >Probably >NEW: The Extended Message Capability applies to all message types except for the >OPEN message (type 1). >---- >§8 >This extension to BGP does not change BGP's underlying security issues » >Before evaluating this, I think this document should first specified how a BGP >messages bigger than 4096 octets is handled when it needs to be sent to a >received not supporting this extension. Nits: >OLD : to reduce compexity >NEW : to reduce complexity Thanks, --Bruno From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Susan Hares Sent: Tuesday, January 29, 2019 12:33 PM To: idr@ietf.org Subject: [Idr] WG Last Call on Extened Message Support This begins a 2 week WG LC on Extended Message Support for BGP (draft-ietf-idr-bgp-extended-messages-27). You can access the draft at: <https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-extended-messages/> https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-extended-messages/ The authors should indicate whether they know of any IPR. Implementers are encouraged to update the implementation data at: <https://trac.ietf.org/trac/idr/wiki/draft-ietf-idr-bgp-extended-implementat ions> https://trac.ietf.org/trac/idr/wiki/draft-ietf-idr-bgp-extended-implementati ons The draft provides a means for expanding the BGP message to 65535 octets for all messages except OPEN messages. BGP message space is running short for all of the potential attributes or additions proposed by BGP-LS features. The WG chairs intend to forward this draft to the IESG with the current level of implementation. As you comment on the draft, please consider if: a) the technology is mature, b) the additional space in a BGP message would be helpful for those deploying BGP-LS or SR, and c) if the specification is ready for publication. Sue Hares (WG Chair, Shepherd) ____________________________________________________________________________ _____________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. ____________________________________________________________________________ _____________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support Adrian Farrel
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support Randy Bush
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Borchert, Oliver (Fed)
- Re: [Idr] WG Last Call on Extened Message Support Borchert, Oliver (Fed)
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Dongjie (Jimmy)
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Dongjie (Jimmy)
- Re: [Idr] WG Last Call on Extened Message Support Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Randy Bush
- Re: [Idr] WG Last Call on Extened Message Support Robert Varga
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Robert Raszuk
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support Jakob Heitz (jheitz)
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support Randy Bush
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares
- Re: [Idr] WG Last Call on Extened Message Support Claudio Jeker
- Re: [Idr] WG Last Call on Extened Message Support bruno.decraene
- Re: [Idr] WG Last Call on Extened Message Support Claudio Jeker
- Re: [Idr] WG Last Call on Extened Message Support Susan Hares