Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspec-oid-12
"Juan Alcaide (jalcaide)" <jalcaide@cisco.com> Tue, 16 March 2021 00:32 UTC
Return-Path: <jalcaide@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4307E3A1445; Mon, 15 Mar 2021 17:32:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.618
X-Spam-Level:
X-Spam-Status: No, score=-9.618 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=OU999N9Q; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=TiRcp8Ea
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TuwkNJZCjBuj; Mon, 15 Mar 2021 17:32:06 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2C2F3A1444; Mon, 15 Mar 2021 17:32:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=18314; q=dns/txt; s=iport; t=1615854726; x=1617064326; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=hr6n1+wecQT20n7e8IFLip1ydvPvVD+uhAWQIAE32L8=; b=OU999N9Q+3tAKeqrh9JnALfO+qlrPiNaOyjiGSBQ+gF9yPcpD/0RaUpn MJoF4u4JNZ5UemtnLEtiml1joOY65510yRLr1YaSMgImzqRTUYGfbHjC6 +xFRRsQ63LsmroHt1IpkBLBGpBIedwEdll5q7PxyC1WooJFzc8nSlbHPj 0=;
IronPort-PHdr: A9a23:9K4o1BBTynaWqyWdxr/kUyQVnBdPi93PFgcI9poqja5Pea2//pPkeVbS/uhpkEShdYre4vNAzeHRtvOoVW8B5MOHt3YPONxJWgQegMob1wonHIaeCEL9IfKrCk5yHMlLWFJ/uX3uN09TFZXxYlTTpju56jtBUhn6PBB+c+LyHIOahs+r1ue0rpvUZQgAhDe0bb5oahusqgCEvcgNiowkIaE0mXP0
IronPort-HdrOrdr: A9a23:unz99Ko8fcsGndaVCAANlpIaV5t5K9V00zAX/kB9WHVpW+SivYSHgOkb2RjoiDwYRXEnnpS6NLOdRG7HnKQV3aA4Bp3neAX9omOnIMVZ7YXkyyD9ACGWzIBg/I9aWexFBNX0ZGIUse/T6gO1Cstl5dGB/ryhi+u29QYTcShBQchbnmBEIyycFVB7QxQDIJI/GoaV6MYvnUvfRV08aMOnCn4ZG9XSvtGjruOpXTcqJT4CrDOPgzSh9aLgH3Gjvis2fjtTzd4ZgBP4uiPj4KHLiYDf9jb90Cvp441SiJ/dzLJ4dbCxo+w0DhmptQqyfoRmXNS5zXEIicWi8kwjntWJgzpIBbUI11rrcmu4oQTg1mDbuV5EgRKPuDzo40fLmsD3SCk3DMBMn+tiA2bkwnA9t9Jx2r8j5RP+i7NrDAjNlCm4x9/EWwACrDvNnVMekPUeh3EabI0GaLU5l/1nwGppFv47bUbHwbFiNNMrINDX5f5Qf1/fRWvepHNTzNulWWl2NguaQ2AZ0/blkwR+rTRc9Q811cYflnAP+NYWUJ9f/dnJNaxuifVnUtIWV6RgH+0MKPHHSVDlcFbpCia/MF7nHKYINzbmsJjs+og44+msZdguwIYtno/CFHdVr3Q7dU6rKcDm5uwIzjn9BEGGGRj9wMBX4JZ0/pfmQqDwDCGFQFcy18S6pfESBdDaRuazNJpaD+SLFxqrJa95mynFH7VCI3gXV8MY/vwhXUiVn87NIor28uzXGcyjY4bFIHIBYCfSE3EDVD/8KIFr9UawQEL1hxDXRjfockz79pRgDbjC84Eouc4wH7wJljJQpUWy58mNJzEHmLcxZlFCLLTulb7+o3K382bO52BgIQFcEU5R/bXlXxpx1Eo3GnKxVYxGl8SUeGhU0nfCDAR4VdnqHAlWoEky5bi6NIWKxScpC8uuN2WTi3d7ngPSc74s3om4oev1cJIxCZgrHJFrHQLQDhpvhEJBs2FYcjIJQUfZCxLjgaiol4YvGenabtVw6T3befJ8mDb6jwG8rdtqbmYHVzSuOPTn8DoGdn5xvBlN1IMxxJCHgi2iLGMjhv9QCiw9VE2nRJRcDAqEY41InKvMYw8YdxbQuRWqzzcuZ2Ht60IewkvmICH8Q4CXPnNt/lZFz63t7FR4Ml+4Qns1QHV7vYphfF624Epb2fOXZ6a1zmuaYkYDxOZYKz3efT4OOGpVtqOK/Q/QlzCYGXo8wJIyeuTbEbQ4arnWnmigMYuSiMg9brJp1YcgMNDlqekQV+2DPweTMTPjEusssjbl7UoNKW1xqHM+l+nv1wCg5G+k3GQnCf6XJFh9XbkUL5Wd6GfjLsz4mqlRnJYwveGqNH/2ZcPDwabLbyRbIheWuHWoVYgT2OZplLN3sKE2E4jQUDPO2n0C1BIiLN3snEdbRKhg+rjONoJmYsR6QVMUwnM50NCUaEc7uA3/BeEzOUsgiHLWJNuF6bvFo7hHODzImCLgfV2EtyFN9fbMWCWOkaMAA6UrOGJMdQwy7m9h8O7qTfyeNCy6M+VYuFy0PX+2fOUDFOyLGbAMog175N/NlemNbCb80B3Ruzw+Iq8myRfSfeqiRAaXXehP+JimPF7JhK2g6su6li32Rju2cF5wv/wNSWUAKsBYziA/h4g22DWoQqP5okg5g0JTiAsX42LFy8yj+iPHBklIPg3Sn4VOUTRSOnaOi97Z8eLw7gWL3BFVnZ/ZFElRedlSG98fCojvRh0eW/QtgA==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D+BQA+/E9g/5FdJa1aHAEBAQEBAQcBARIBAQQEAQGCD4EjMFEHdlo2MQqEN4NIA4U5iEADiieKD4R1gUKBEQNUCwEBAQ0BATICBAEBhE0CF4FgAiU4EwIDAQELAQEFAQEBAgEGBHGFYQ2GRAEBAQEDIwoTAQE3AQ8CAQgOAwQBASgDAgICHxEUCQgCBAENBQiCaYF+VwMvAQOiIwKKHneBMoMEAQEGhSENC4IUCYE5gnaEBwEBhkQmHIFKQoFUgiM1PoIegW4BEgEJGjSCYDWCK4JECBUbMgRLgUwkGw8MDQYBlDCHUYxpkHdbCoMClw+FUaQVlHSOXJN4AgQCBAUCDgEBBoFrI2dwcBU7gmlQFwINhD2JYgwWg02KWXM4AgYBCQEBAwl8iyotgQcBgQ4BAQ
X-IronPort-AV: E=Sophos;i="5.81,251,1610409600"; d="scan'208,217";a="876168971"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 16 Mar 2021 00:32:01 +0000
Received: from mail.cisco.com (xbe-rcd-005.cisco.com [173.37.102.20]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 12G0W13V024477 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Tue, 16 Mar 2021 00:32:01 GMT
Received: from xfe-aln-001.cisco.com (173.37.135.121) by xbe-rcd-005.cisco.com (173.37.102.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Mon, 15 Mar 2021 19:32:00 -0500
Received: from xfe-aln-004.cisco.com (173.37.135.124) by xfe-aln-001.cisco.com (173.37.135.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Mon, 15 Mar 2021 19:32:00 -0500
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (173.37.151.57) by xfe-aln-004.cisco.com (173.37.135.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3 via Frontend Transport; Mon, 15 Mar 2021 19:32:00 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZAFSDgxz0aGoBcb0HABC729q9Kfd5IRMecztzxKK6YN326xUkEfLhczft894+rOAe1H3JmhdD41hkBEFtoWeUVRnKQ9i9BSR9446YNygh3aGk26evG29kVld4p+2Lz+DpTSkiSKEiKOc6lY5bR9prLIfwjVkR4TuLLxBV5wD844nVppQmV+gApDItB5h1MfmZk/q2oYIzKkMpLbB/xIsEr1WRVugQCMPtLBfFSSATx4eXQsJs40WICFJGw3ORzOk/XPIsHRikd8D9FqnU7ma2JhjyBSzt/6IHSvu2//+aeYO2cZ6T1twJSBbh3tXPHP5d+yuOsbv2GDQx/ZilW4ebg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hr6n1+wecQT20n7e8IFLip1ydvPvVD+uhAWQIAE32L8=; b=RPh7dp+KEIx3wgFPYc1lSb9C1zMdmDReXZg5qJthbTZ3vyoxNUXa7+wHFQYl/1tEo+yX5m47xpuuUWRVcIvReEM614LBSB5lPU2l1QOV/RzecaUq/ri3HthPAidffkzAFBA4eS6UT6GLOoyJP4IemVj4ymaQIVhvMF3bIRE9VKz7klf3iHmOuhDHkZBEMFes4x4rhRfZpiiPEWHVr8eMLQhZFDcUAlgP0sPMyaCk88tLPBG0R8jdqRW/Rrx2Z5T21Pr3I538CbULVeNUX5AsCDCVsxVAIz6zZD0/TjUpnMvCCjC6xCpYS6PFrs+PxAEp8JAJGNt3vywkAQdBbg3tCw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hr6n1+wecQT20n7e8IFLip1ydvPvVD+uhAWQIAE32L8=; b=TiRcp8EaIqTjy2kNo5+OA/7QOqGviLeTB+LalOhURfglXHVtdr8hffLFrluWqRaXOjQxM1GlD6qXjXdb7omm2ftAsOZhAD8u87UtKn7lmx2t4UpGE9XvYpfEJ8TZ+4h4i2ptMXgunms7JgkKnm+/Gdh/1yRy+erHm5cx+AToXRg=
Received: from DM6PR11MB3194.namprd11.prod.outlook.com (2603:10b6:5:5c::25) by DM5PR1101MB2187.namprd11.prod.outlook.com (2603:10b6:4:51::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.32; Tue, 16 Mar 2021 00:31:59 +0000
Received: from DM6PR11MB3194.namprd11.prod.outlook.com ([fe80::749f:f98b:7d54:c223]) by DM6PR11MB3194.namprd11.prod.outlook.com ([fe80::749f:f98b:7d54:c223%3]) with mapi id 15.20.3933.032; Tue, 16 Mar 2021 00:31:59 +0000
From: "Juan Alcaide (jalcaide)" <jalcaide@cisco.com>
To: Alvaro Retana <aretana.ietf@gmail.com>, "draft-ietf-idr-bgp-flowspec-oid@ietf.org" <draft-ietf-idr-bgp-flowspec-oid@ietf.org>
CC: Susan Hares <shares@ndzh.com>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, IDR List <idr@ietf.org>
Thread-Topic: AD Review of draft-ietf-idr-bgp-flowspec-oid-12
Thread-Index: AQHW9QDI2xQHpdk2Z0uhqDf2mVgKOap9sTZAgAA2NYCACB0UUA==
Date: Tue, 16 Mar 2021 00:31:59 +0000
Message-ID: <DM6PR11MB3194D2E820E675E9C1D65639CD6B9@DM6PR11MB3194.namprd11.prod.outlook.com>
References: <CAMMESsxqRWK2vDPyj-0_ruYoW7pkautFc09MoFBUTKxG23=tyA@mail.gmail.com> <DM6PR11MB3194B28B0BD8A3AF913ECB0ECD919@DM6PR11MB3194.namprd11.prod.outlook.com> <CAMMESsyUtogXkjiQGfP=SDXzNdOu-FJ-e1-NbppD_mZcq+yGkQ@mail.gmail.com>
In-Reply-To: <CAMMESsyUtogXkjiQGfP=SDXzNdOu-FJ-e1-NbppD_mZcq+yGkQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [83.58.38.13]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: de893f44-4c30-4e4c-f49b-08d8e812e921
x-ms-traffictypediagnostic: DM5PR1101MB2187:
x-microsoft-antispam-prvs: <DM5PR1101MB218767E13092BB983964B89DCD6B9@DM5PR1101MB2187.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: o92ImVSPgmVtfPKn9TWjeT8cDlZY5x9d6MXT2Bn0GG5vQRgjVOuCcHTFJNHPO113U1h25R2Vh4qgrRedxwQPDmsB7XloISchOuJxK6FM3N7+20JNGpRUK81I1mI+EMwaBog9OZ8cdIrKkn4XYRzCntgfZu/IuCwCDyKDKVTLkgMX6E9dnCdXxnnApOpMSKGWyV1cchSRWpQPr7NJM5qEZkWPw5QDy7RP8RahyCU1ZIZ1EtH3ZAiCS2ZwSWxQVBkxmjqgmWQSKhggTgL4nz6mmdaXzM7EtKzQV3JMbR31t+/U1eoohidIu3jnhe2QPN4HDFjV6yTfcyu+McW5Aa3Esx0ykdDp2zNWpNucdGgKOoNE5vHN7dRUIwBIKZMaZzSonx8ScB88C7cejlfhBLt12W7RfBNDQuyC/+lFroRmbBKgbUV9KOpyO7w6rCwjpvJxgEsDb/lgmtalT0NHVeqE1ecfojCWYL0TdfvtKbin5v6pR+rzVEfT3x2raXjlUhwT2+9YqFvVnUjQpHFrNjrwgLcAFj9tlQOfM/zFYyDtnVMJnp7HLOqDxOIjTfxlmT8r
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR11MB3194.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(39860400002)(346002)(396003)(366004)(136003)(376002)(66446008)(66556008)(54906003)(64756008)(8936002)(66476007)(186003)(478600001)(26005)(66946007)(110136005)(86362001)(8676002)(316002)(76116006)(9686003)(53546011)(7696005)(6506007)(33656002)(71200400001)(2906002)(5660300002)(9326002)(83380400001)(55016002)(4326008)(52536014); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: bUd4kbi2N9OHIg6WyEw+htBcXuurfuKH0W9g27IOUzwue+oMrinI573PUpBBVvMlXhEA5vygTZPO+KDmgA0wueYuZF5fZqStVqVk0uJchmy8GoVllMRe3mbI7EIGaFvzmadaJyMPForIyZUXG/9t1zr+pPbdkOmgXgu3ICEogY9q50FwL4jp/T5O02rQw+Ap1vc3HyYABk3oVyPlnZ5jNIOATh7RJI9ahZvui56nXeg7sg3cc2LbXiOtYeEQQTqU7orlDoUAb+wHq8WsWWDsMi1F/hQsPD/1rQHM+wJbl0c2fLVUCqb02eJb0R5zrytRYZCYoEtBW32dITX13pCUfXzZs7FfNZ0v73Hx1zpERT4Ft9p8nY4jxkHWmHVNsEdO7lykB3jnJg377vy0hFrr99Nq6oLNNlIm6cNUWWg+dP2UqUHWfVjcZqsTaxJBwd/5piDU+ekYGpap3BGSLS0iPFFO8FWlYr5VTHazyEX1MiCXO+Jtuw0PH4VzFPElzrQM8oDAKIMPZKxkpT9lXPUK68VwPLW0g5qz7IIZR4+KUAn11lvCa4mV9VwXE8CXypmzeXIJkxgOC/SySOLDDtmZtCFSFaPuq2vLSTgTsAObmLWOnSARsbru6E0ftmE6LeRAN7mJjRKi+2eMK8JXLFt5EoDQ5SvihzacN1+rp8mbBcaB9A0VtcQXZkuLQwX1D7tRucilMcd4X+tv71e1+2t9GpCwWkw5u+mCyPCW3i4tqwh0CX8s0LoFcusVN5/DyCG+dJn9noIy0QFzUGjBTkXQnDXZoocxZ2BJa7IONeiM+HZc9RBYbpTADtsw2IV2eg5wRN/eXXlN9AdbA0JJVc6dMmD7Yew9h/UAk7IktFsLX9DV95I7LXn4yKTyZtQdYcK1GeQvt1DEzMbar6DaIdC4obv7bYEYudnx/9wLcBIfFJOj1m6CJvZvkOA8zMiv7rcH4wjVGIi3SbfOfcAaeJMzzZpWBjdesyFjM0xS6ptnFY4CUCXOu5+vUArhd6hx2xFR6Dg/Awhtf00r60wYV8oe3CO2Xb0lWX0WoMUw3QHSjKvpGvnU8x/eA809X/vM5DfDUquT+zAA+ebZMZ35+1k+Ym7IugtVSEcCIppQSp67Uyd1M3iSA1ajGPzNMkp48qQF/pAwKTDMNuE2UbrbtC6j4xrM6+4z0Y4xDoRaoKbcUEi+mN5lRvh3NEa6cfIJ44GrJyc+kpJSLhLejEobuog60tKcBKxOZ2jDXveogchlFBm6GF91zjYW97Ai44Rl+moDTfYVggtkx7mRHfoOs8wr1cltrNvpQ2TpW3dX4pNhdFw=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DM6PR11MB3194D2E820E675E9C1D65639CD6B9DM6PR11MB3194namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB3194.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: de893f44-4c30-4e4c-f49b-08d8e812e921
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Mar 2021 00:31:59.0357 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: k6IbMyfJA0xQtjxbgAGdLBN++/zg4fSB4FuM8tHyoxXEWmAVxVrgbzLaWOyJHFyIYstSD01nVttj6DCMpVNb1Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR1101MB2187
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.20, xbe-rcd-005.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/RFSOCneMg0XLy6Pv9vE41K71JPk>
Subject: Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspec-oid-12
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Mar 2021 00:32:08 -0000
Hi Alvaro, For my dismay, I realized I only had gotten part of your email (till review line 118). I think a weird problem with my email server. It was more in-deep review that I thought. My changes will reflect more or less your suggestions. Before, I have some contentious points I’d like to raise: * Any alternative naming to ‘ingress border routers’ ? They are just the routers receiving traffic and far away from FS peering * Around line 311, you mention a new security hole because of the new AS_PATH validation rule. You are referring to the case of a route-server, right? Let’s say AS1—(route-server)—AS2. AS1, instead of AS_PATH = 1, could send us AS_PATH = 100 for the -rogue - FS route. The best-match unicast route could be actually coming from another route-server client om AS 100 (that is sending -correctly -the unicast route with AS_PATH=100) * Around line 322, you mention we could use the new AS_PATH check for eBGP-confed routes as well. If we did, then we should also extend it for iBGP peers. But I don’t see much of a point to it, as long as we do the right check of the eBGP received routes any further check is redundant. Same concept that checking on AS_PATH loops only for eBGP received routes. * Around line 324, you mention we should suppress ‘Other RFC5575bis Considerations.’. This section had more points that were trimmed when rfc8995 included those points. Only references left are about 2byte AS old speakers. Not sure if those references were ever considered for rfc8995. I guess the meaning of AS_PATH could be inferred w/o these references. rfc8955 already seems to infer them (although it is basically a copy of the old rfc4271 rule). Is it assumed that the meaning of AS_PATH is also inferred for any rfc after rfc6793? * In the security section, you mention ‘ibgp are not trusted’. That’s strictly true, but in the sense of rfc8955 it would seem they are (rfc8955 is only concerned about trust for eBGP peerings). I can add a note, but is anything else is required? -J From: Alvaro Retana <aretana.ietf@gmail.com> Sent: Wednesday, March 10, 2021 9:05 PM To: draft-ietf-idr-bgp-flowspec-oid@ietf.org; Juan Alcaide (jalcaide) <jalcaide@cisco.com> Cc: Susan Hares <shares@ndzh.com>; idr-chairs@ietf.org; IDR List <idr@ietf.org> Subject: RE: AD Review of draft-ietf-idr-bgp-flowspec-oid-12 Hi! Not necessary, I can wait for -13 to be posted. Thanks!! Alvaro. On March 10, 2021 at 12:04:06 PM, Juan Alcaide (jalcaide) (jalcaide@cisco.com<mailto:jalcaide@cisco.com>) wrote: I can send you proposed complete document with extra changes if it helps.
- [Idr] AD Review of draft-ietf-idr-bgp-flowspec-oi… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Susan Hares
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Juan Alcaide (jalcaide)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Juan Alcaide (jalcaide)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… David Smith (djsmith)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Susan Hares
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Juan Alcaide (jalcaide)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Juan Alcaide (jalcaide)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Juan Alcaide (jalcaide)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Juan Alcaide (jalcaide)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-flowspe… Juan Alcaide (jalcaide)