Re: [Idr] I-D Action: draft-dong-idr-node-target-ext-comm-01.txt

"Dongjie (Jimmy)" <jie.dong@huawei.com> Tue, 09 July 2019 11:53 UTC

Return-Path: <jie.dong@huawei.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9606712010F for <idr@ietfa.amsl.com>; Tue, 9 Jul 2019 04:53:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VzY_ixqxH8aD for <idr@ietfa.amsl.com>; Tue, 9 Jul 2019 04:53:02 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07ECF1200E9 for <idr@ietf.org>; Tue, 9 Jul 2019 04:53:02 -0700 (PDT)
Received: from lhreml705-cah.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id D661EFB249534D989662 for <idr@ietf.org>; Tue, 9 Jul 2019 12:52:59 +0100 (IST)
Received: from NKGEML413-HUB.china.huawei.com (10.98.56.74) by lhreml705-cah.china.huawei.com (10.201.108.46) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 9 Jul 2019 12:52:58 +0100
Received: from NKGEML515-MBS.china.huawei.com ([169.254.5.134]) by NKGEML413-HUB.china.huawei.com ([10.98.56.74]) with mapi id 14.03.0415.000; Tue, 9 Jul 2019 19:52:48 +0800
From: "Dongjie (Jimmy)" <jie.dong@huawei.com>
To: Robert Raszuk <robert@raszuk.net>, "Van De Velde, Gunter (Nokia - BE/Antwerp)" <gunter.van_de_velde@nokia.com>, Zhuangshunwan <zhuangshunwan@huawei.com>
CC: "idr@ietf. org" <idr@ietf.org>
Thread-Topic: I-D Action: draft-dong-idr-node-target-ext-comm-01.txt
Thread-Index: AQHVNYUNj8GDWtoJc0WHGSv68ZNtu6bB/dwA
Date: Tue, 9 Jul 2019 11:52:48 +0000
Message-ID: <76CD132C3ADEF848BD84D028D243C927CCEF5243@NKGEML515-MBS.china.huawei.com>
References: <156258437287.1059.3258045720075872864@ietfa.amsl.com> <CAOj+MMHZUJRUweYu+NgMREUCe-w=S08_-DN3WfVS8wRWZ_XXCg@mail.gmail.com>
In-Reply-To: <CAOj+MMHZUJRUweYu+NgMREUCe-w=S08_-DN3WfVS8wRWZ_XXCg@mail.gmail.com>
Accept-Language: en-US, zh-CN
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.130.151.75]
Content-Type: multipart/alternative; boundary="_000_76CD132C3ADEF848BD84D028D243C927CCEF5243NKGEML515MBSchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/SMq7tfBUa2MVlbvQGtOYHaRxdLs>
Subject: Re: [Idr] I-D Action: draft-dong-idr-node-target-ext-comm-01.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 11:53:08 -0000

Hi Robert,

Thanks a lot for your prompt comments. Please see some replies inline with [Jie].

From: Robert Raszuk [mailto:robert@raszuk.net]
Sent: Monday, July 08, 2019 8:02 PM
To: Van De Velde, Gunter (Nokia - BE/Antwerp) <gunter.van_de_velde@nokia.com>om>; Dongjie (Jimmy) <jie.dong@huawei.com>om>; Zhuangshunwan <zhuangshunwan@huawei.com>
Cc: idr@ietf. org <idr@ietf.org>
Subject: Re: I-D Action: draft-dong-idr-node-target-ext-comm-01.txt

Dear authors,

Let me start by restating that using a p2mp protocol to distribute information in a p2p fashion is a bad thing. Your proposal just further encourages folks to do continue use of BGP along those lines which is not a good thing.

[Jie] This document just provides a mechanism to solve some operator’s requirement in using existing tools. It does not encourage anything:)

Now few questions/observations:

* You are explicitly breaking RFC4456. The node which does your policy enforcement - let's call it - BGP Policy based Update Replicator (BGP PUR) - no longer follows RFC4456 recommendations of route propagation from client to non-client and from non-client to client. Sure you may define such new functional block in BGP but IMHO this is no longer a vanilla Route Reflector with "just a little bit more filtering" :)

[Jie] You are right this would require some update to vanilla RR functionality, RFC 4456 may be updated by this document. In the past, RTC has also made some changes to the RR behavior.

* Assume that in my 500 PEs IPv6 network I want to distribute some information to 100 of them. Very conservative case. So with the current draft I will need to send with each route BGP Extended Community Attribute of the 2K size. Well assume that BGP Extended Message is not there at least on one of the PEs the proposed scheme breaks. Did you ever consider to actually define new attribute for this and support wildcard match/extended community match length ?

[Jie] The initial problem space is to distribute some information to one or a small group of the BGP routers in the network. In the case you described, wildcard matching may be more efficient, while it requires to configure the 100 nodes with the same prefix for wildcard matching.

* Can you describe the rational for keeping the Node Targets ext communities still in the update when reflecting it to one of the targets on the list ?

[Jie] The Node Target extended communities are used by the receiving nodes to identify whether it should keep and use the received information or not. With this mechanism, RR only need to check the and remove the node target extended community which identifies itself, which is easier than checking the IDs of all its clients.

* Have you thought of using 4 octet BGP identifier instead of peering address ? First you no longer need to struggle with IPv6 length, you no longer worry about link-local peerings and you no longer need to touch all senders when interface addresses get renumbered.

[Jie] Good suggestion. This was discussed during the presentation of this document in last year. We considered two options: using BGP Identifier or the local (preferably the loopback IP address). As you mentioned, there are some advantages in using BGP Identifier. We could make this change in next version.

* RRs in general where designed and optimized to reflect all received updates. RTC came and applied some outbound filters. Now your proposal comes and applies new set of per peer dynamic filters. Putting implementation details aside at min your proposal must define which filter is more important RTC pushed from target or your Target RT pushed from sources.

[Jie] This is part of the reason of defining a new extended community which is independent from RT. RTC rules applie to the RT in the VPN routes, while the rules defined in this document apply to this Node Target Extended Community. If one Update carries both RT and Node Target, then both rules would be used separately to determine how to send and receive the Update.

* How does your proposal works with RR hierarchy ? It seems pretty clear that it only works with flat sender -- RR -- receiver architecture.

[Jie] Good question. In general RR hierarchy could be supported, while further study is needed to cover the corner cases, this is similar to the work we have been doing with RTC.

* How does your proposal work with confederations ?

[Jie] If there is requirement to support confederation, It could be covered in next version.

* What happens when session to a peer goes down ? Would you now need to remodify the list of Node Target Ext Comms and resend to other IBGP peers including that node which you have lost IBGP to ?

[Jie] I don’t quite get your question here. The list of Node Target extended communities is not be modified by a route reflector unless a local address matches one of the node target. As discussed above, the node target which identifies a peer node will not be removed by the RR.

Essentially what you are defining is to push dynamic filtering policy from the src to the RRs hoping that RRs will honor it and apply proper outbound filters. Moreover you are also adding new behaviour for RRs to modify content of BGP attributes upon reflection. I think you are assuming that all applicable implementations support dynamic update groups or are you assuming that whenever such Node Target Ext Community arrive on the RR it should switch for a given SAFI to per peer update generation ?

[Jie] IMO the changes to the RR’s behavior in this document is smaller than you thought, in current version it is hard to call it “RR with outbound filtering”, although it may be extended further in that direction. So far it does not require to support dynamic update groups.

Best regards,
Jie

Best,
R.


> On Mon, Jul 8, 2019 at 1:13 PM <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.


        Title           : BGP Extended Community for Identifying the Target Node
        Authors         : Jie Dong
                          Shunwan Zhuang
                          Gunter Van de Velde
        Filename        : draft-dong-idr-node-target-ext-comm-01.txt
        Pages           : 7
        Date            : 2019-07-08

Abstract:
   BGP has been used to distribute different types of routing and policy
   information in the network.  In some cases, the information
   distributed may be only intended for one or several particular
   receiving BGP nodes in the network.  However, BGP does not have a
   general mechanism for designating the receiving node of the routing
   information.  This document defines a new type of BGP extended
   community called "Node Target".  The mechanism of using the Node
   Target extended community to steer BGP route distribution to
   particular BGP nodes is specified.



The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-dong-idr-node-target-ext-comm/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-dong-idr-node-target-ext-comm-01
https://datatracker.ietf.org/doc/html/draft-dong-idr-node-target-ext-comm-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-dong-idr-node-target-ext-comm-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org<mailto:I-D-Announce@ietf.org>
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt