IETF Logo Mail Archive

Re: [Idr] draft-ietf-idr-bgp-extended-messages-12 WG LC (5/24 to 6/7)

Robert Raszuk <robert@raszuk.net> Wed, 25 May 2016 20:28 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D06912DCFE for <idr@ietfa.amsl.com>; Wed, 25 May 2016 13:28:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.4
X-Spam-Level:
X-Spam-Status: No, score=-2.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.198, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gtmSma-ZUUvV for <idr@ietfa.amsl.com>; Wed, 25 May 2016 13:28:15 -0700 (PDT)
Received: from mail-lf0-x230.google.com (mail-lf0-x230.google.com [IPv6:2a00:1450:4010:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0D6C12DD0A for <idr@ietf.org>; Wed, 25 May 2016 13:28:13 -0700 (PDT)
Received: by mail-lf0-x230.google.com with SMTP id e131so23613907lfb.0 for <idr@ietf.org>; Wed, 25 May 2016 13:28:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc; bh=rc/IRLElhYRpcIllf6RDum8ytWiUC+aKGEtRnvW+nd4=; b=rJU+AR1X9QlWoPh7wIYtQNlZtwpSqNt9qFIYMkI0W9s7fM/HWrRTbRGTw9JCRTNYnM JSmNCM95FP5HBXBcjSnVxDa8HmVxbExc3672WU1EYc7zSUPGwdHfVxwBa2GKM1e16MMo AGvrj1hwPRBN4owN7aEl90NyJt8fjXQHWCcN44Wt1fpvRt8wLWuh7SHRmyrs9jKZLGmr dogJVkQrgPlN0SawylvPRale21s/VRuOIouCALE5oFPwyRZC9U8sBOBb1ZIiYTW5o73p PZ+RNzHZCvx99klTcsThwXTilXp4WTO81mEP1hGoD5453A5Ik2/kdji3SFSFRgAAJ0Ii Y4og==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc; bh=rc/IRLElhYRpcIllf6RDum8ytWiUC+aKGEtRnvW+nd4=; b=XtHZ9CmOC6q8YEq005ZjS1ei5JDgqTSUdUT3YodzD702cwGbVW6hptylKPOqNPBbVf 8MkVHiCZWU6N80yinaZCTiGqFhI3QRx8AcjU9ZTEnLCVO6554S+054jNZhzltjp4/QS4 reqgX4GUOu82iSpqkTaI6fmI7xDinbQsJ5WhD7zAYgkrtJcNUWZkCOBR3cKqLjcWMrv9 WIDRdO2P93KQmIAEmmRPi4FOi6A6qIXcZHtw2tt4k16au5LqVCQaeE+6EFgctWWb4CEO A5sq3JQVMEBHfBJhpgTE27JPsy2C/UR13c+kHb5VzzkeXYYUjb8EkUOaQDmc+baDIV9S rHxQ==
X-Gm-Message-State: ALyK8tLeWUmJOBTSFbbFVDyOhgeTaduIqPCTRidp72WUiOzxNP4EOVghKN9IIE/PmHhW+f8n/s9zCilS7pfMFw==
MIME-Version: 1.0
X-Received: by 10.25.87.65 with SMTP id l62mr1402998lfb.4.1464208090524; Wed, 25 May 2016 13:28:10 -0700 (PDT)
Sender: rraszuk@gmail.com
Received: by 10.25.134.196 with HTTP; Wed, 25 May 2016 13:28:10 -0700 (PDT)
In-Reply-To: <SN1PR09MB1134E093A4939317439A5E5C84400@SN1PR09MB1134.namprd09.prod.outlook.com>
References: <SN1PR09MB1134E093A4939317439A5E5C84400@SN1PR09MB1134.namprd09.prod.outlook.com>
Date: Wed, 25 May 2016 22:28:10 +0200
X-Google-Sender-Auth: _B5LNl9gKg2KAfBcFDss05eK-mY
Message-ID: <CA+b+ERmeQ54kpgtAnnkEGuBFZb6Nc4xNyO3OLHufv-gYdNkyKg@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
To: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
Content-Type: multipart/alternative; boundary="001a11418d401cf7180533b083aa"
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/SqSrPgnbRQptRWp6nm7IRKU95ng>
Cc: Keyur Patel <keyupate@cisco.com>, "idr@ietf.org" <idr@ietf.org>
Subject: Re: [Idr] draft-ietf-idr-bgp-extended-messages-12 WG LC (5/24 to 6/7)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2016 20:28:17 -0000

Hi Sriram,

Well there are other uses for larger BGP message size.

Some claim that very long AS_PATH prepend happens today.

Yet some other folks would like to use flow spec with a lot of policy to be
pushed around (for example some ACLs can be very very long today).

So once we open this road and let large tracks on it we can't have pieces
of it to remain narrow (unless those wide roads are under private walls)
and gateways out of those private ASes can handle it.

Best,
R.





On Wed, May 25, 2016 at 10:21 PM, Sriram, Kotikalapudi (Fed) <
kotikalapudi.sriram@nist.gov> wrote:

> Robert,
>
> >I listed 4 alternative solutions earlier in this thread already :).
> >Dropping NLRI no matter how rare it would be is not one of them.
>
> I don't know what other BGP protocol enhancements would
> ever need to use extended message;
> but so far we know that BGPsec "may" need to use it
> (though very rarely, if ever) -- see note below**.
> And it seems clear that BGPsec would never need to drop the NLRI
> (including when the peer has not negotiated extended message capability).
> This is because it is designed so that a BGPsec speaker can convert a
> BGPsec
> update with path signatures to an unsigned BGP message (for forwarding).
> BGPsec speaker can/will certainly do this conversion under these
> two circumstances that matter for this discussion:
> 1. The BGPsec message (that is being forwarded) has a size larger than
> 4096,
> and the peer has not negotiated extended message capability.
> 2.  The peer has negotiated BGP capability but not BGPsec capability.
>
>
> **Note about BGPsec update size: A BGPsec message size
> can exceed 4096 octets if there are 40 or more unique ASes
> in the AS path (given that each AS's signature size is no more than
> 72 octets with the ECDSA P-256 algorithm).
> The currently seen Maximum AS Path Length (eliminating prepends) is 15
> http://bgp.potaroo.net/as6447/
>
> Sriram
>

v2.23.0 | Report a Bug | By Email