Re: [Idr] I-D Action: draft-ietf-idr-flowspec-l2vpn-09.txt

"Jakob Heitz (jheitz)" <> Mon, 07 January 2019 05:09 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E0A5F128D09 for <>; Sun, 6 Jan 2019 21:09:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id rgwvlGV5ptmx for <>; Sun, 6 Jan 2019 21:09:17 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 595C21274D0 for <>; Sun, 6 Jan 2019 21:09:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=20640; q=dns/txt; s=iport; t=1546837757; x=1548047357; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=Gj6NuoYvkhFi/5OJ5tsm/4Uh9JFlrArb3AbDsBdRtEc=; b=b0eP2veg75rXgnOjx/2hW9g2oqNCBZ+eKruq7VU1iGn7sT8rQGZlDeLp 4db5VIjWODJff5tAq4XHARJMUdZ9eBpaa6bWfSyUgM7uvNc65D1HCwCwy RxFU6bHdBSjo/mOl8tk4uh9//0r7Fa07iv10XvU7DJp46ePG9VpiJfyTH 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.56,449,1539648000"; d="scan'208,217";a="222674587"
Received: from ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Jan 2019 05:09:15 +0000
Received: from ( []) by (8.15.2/8.15.2) with ESMTPS id x0759FJu007279 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 7 Jan 2019 05:09:15 GMT
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1395.4; Sun, 6 Jan 2019 23:09:15 -0600
Received: from ([]) by ([]) with mapi id 15.00.1395.000; Sun, 6 Jan 2019 23:09:15 -0600
From: "Jakob Heitz (jheitz)" <>
To: Robert Raszuk <>, "idr@ietf. org" <>
Thread-Topic: [Idr] I-D Action: draft-ietf-idr-flowspec-l2vpn-09.txt
Thread-Index: AQHUo0eI5BFYwT06yEOMzlNOUKR2fqWdxeAAgAWBs5A=
Date: Mon, 7 Jan 2019 05:09:15 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_fce74b94529849f78fd5c29c14d2f6c8XCHALN014ciscocom_"
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-flowspec-l2vpn-09.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 07 Jan 2019 05:09:20 -0000

Both are good points.


From: Idr <> On Behalf Of Robert Raszuk
Sent: Thursday, January 3, 2019 3:03 AM
To: idr@ietf. org <>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-flowspec-l2vpn-09.txt


Two observations:


The current draft extends exisiting SAFI 134 with new NLRI types.

That means that now we have new giant NLRI in SAFI 134.

Have any consideration been made to just define a new flow spec

SAFI instead for L2 filtering ? I am quite skeptical from implementation,

operational and deployment points of view to extend the existing SAFI and it

makes a gradual deployment a nightmare if not mission impossible.

Any change to NLRI format without signalling it with new capability is

far from good practice.


The draft is pretty silent on adjusting validation procedures to make sure only

senders of the original L2 information may inject the L2 flow routes..

I would hope that this is basic omission and will be consider for addition into

next version of he draft.



On Thu, Jan 3, 2019 at 10:33 AM <<>> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Inter-Domain Routing WG of the IETF.

        Title           : BGP Dissemination of L2VPN Flow Specification Rules
        Authors         : Weiguo Hao
                          Donald E. Eastlake, 3rd
                          James Uttaro
                          Stephane Litkowski
                          Shunwan Zhuang
        Filename        : draft-ietf-idr-flowspec-l2vpn-09.txt
        Pages           : 13
        Date            : 2019-01-03

   This document defines a BGP flow-spec extension to disseminate L2 VPN
   Ethernet traffic filtering rules.  SAFI=134 in [RFC5575] is redefined
   for this purpose.  A new subset of component types and extended
   community also are defined.  A new subset of component types and new
   extended community also are defined.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at<>.

Internet-Drafts are also available by anonymous FTP at:

I-D-Announce mailing list<>
Internet-Draft directories: