Re: [Idr] draft-ietf-idr-bgp-extended-messages-12 WG LC (5/24 to 6/7)

"Keyur Patel (keyupate)" <keyupate@cisco.com> Wed, 25 May 2016 15:57 UTC

Return-Path: <keyupate@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAAA912D803 for <idr@ietfa.amsl.com>; Wed, 25 May 2016 08:57:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.946
X-Spam-Level:
X-Spam-Status: No, score=-15.946 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dEwNQ1j9LHbL for <idr@ietfa.amsl.com>; Wed, 25 May 2016 08:57:35 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DB3912D7EE for <idr@ietf.org>; Wed, 25 May 2016 08:57:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=30506; q=dns/txt; s=iport; t=1464191855; x=1465401455; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=JdIF8bv1c53UKqeGmunL2zcqsSTBZy2ben+MYMdU0SE=; b=J+nQB1Q2TucRxyW44AxRQSJKTuqnFhCqV/ArcFdhjAMQBEuj62eHcCgP lP5reMiFVhlHuBp+wpcGxPiYPSTGKQg+BY0EYbOmvEIzrc3asTj2fMIdw WobQ/4cDu4EaF1Lqd4ufZ/mAQn6faxuh0dS/aD+rnW1t7cbtl7/rwoJcF 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AdAgDnykVX/4wNJK1cgmxLVn0GuXEBD?= =?us-ascii?q?YF3JIVtAoFBOBQBAQEBAQEBZSeEQwEBAQQtTBACAQgRAwEBASEBBgcyFAkIAgQ?= =?us-ascii?q?BDQWILw7EKAEBAQEBAQEBAQEBAQEBAQEBAQEBARcFhieETIQRAQkHATwWhSQBB?= =?us-ascii?q?Jg3AYV/iCCBaYRPiGSGM4kYAR4BAUKDbW4BiEgBCBcEG38BAQE?=
X-IronPort-AV: E=Sophos;i="5.26,364,1459814400"; d="scan'208,217";a="276962683"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 25 May 2016 15:57:34 +0000
Received: from XCH-RTP-020.cisco.com (xch-rtp-020.cisco.com [64.101.220.160]) by alln-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id u4PFvX6O003689 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 25 May 2016 15:57:33 GMT
Received: from xch-rtp-017.cisco.com (64.101.220.157) by XCH-RTP-020.cisco.com (64.101.220.160) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Wed, 25 May 2016 11:57:32 -0400
Received: from xch-rtp-017.cisco.com ([64.101.220.157]) by XCH-RTP-017.cisco.com ([64.101.220.157]) with mapi id 15.00.1104.009; Wed, 25 May 2016 11:57:32 -0400
From: "Keyur Patel (keyupate)" <keyupate@cisco.com>
To: Bruno Decraene <bruno.decraene@orange.com>, Susan Hares <shares@ndzh.com>
Thread-Topic: [Idr] draft-ietf-idr-bgp-extended-messages-12 WG LC (5/24 to 6/7)
Thread-Index: AQHRtp4logIJlNjLIEOwkM2fAGkn1w==
Date: Wed, 25 May 2016 15:57:32 +0000
Message-ID: <D36B14EC.40818%keyupate@cisco.com>
References: <037f01d1b5fc$bfb596f0$3f20c4d0$@ndzh.com> <13146_1464170675_574578B3_13146_4888_1_53C29892C857584299CBF5D05346208A0F8CD227@OPEXCLILM21.corporate.adroot.infra.ftgroup>
In-Reply-To: <13146_1464170675_574578B3_13146_4888_1_53C29892C857584299CBF5D05346208A0F8CD227@OPEXCLILM21.corporate.adroot.infra.ftgroup>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.9.150325
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.6.18]
Content-Type: multipart/alternative; boundary="_000_D36B14EC40818keyupateciscocom_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/Ugdm6XTnNp5JNLaiCUQwfOZNwyI>
Cc: "idr@ietf.org" <idr@ietf.org>
Subject: Re: [Idr] draft-ietf-idr-bgp-extended-messages-12 WG LC (5/24 to 6/7)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2016 15:57:38 -0000

Hi Bruno,

Many thanks for the review. Comments inlined #Keyur

From: Bruno Decraene <bruno.decraene@orange.com<mailto:bruno.decraene@orange.com>>
Date: Wednesday, May 25, 2016 at 3:04 AM
To: Susan Hares <shares@ndzh.com<mailto:shares@ndzh.com>>, Keyur Patel <keyupate@cisco.com<mailto:keyupate@cisco.com>>
Cc: "idr@ietf.org<mailto:idr@ietf.org>" <idr@ietf.org<mailto:idr@ietf.org>>
Subject: RE: [Idr] draft-ietf-idr-bgp-extended-messages-12 WG LC (5/24 to 6/7)

Hi,


1)      Support.


2)      Question, for my own information: why does the capability mean that the BGP speaker is capable of _both_  receiving _and sending_ extend message? (vs capable of receiving (only)). IOTW, what is the motivation to advertise the capacity to send extended message?


3)      Please find below some possible comments:


“4.  Operation”

Suppose that I receive an extended BGP message (e.g. update) that I can’t relay to some peers because they don’t support such extension, while I “should” have relayed it. Is there an expected behavior? Should it be standardized? Can this create issues (e.g. inconsistent routing with an AS)? Should this be considered in the security considerations? (e.g. I deliberately send an extended message, and benefit from its/the NLRI not being propagated as expected. e.g. to influence routing policy)


#Keyur: Clients would receive internal routes as long as a RR can announce prefixes using existing message length (of 4K). It would be using multiple messages limited to 4K length.  Alternatively, if the attribute size is such that the message length does get exceeded then the Prefix SHOULD not be announced and an error should be logged (existing case).


--

“A BGP speaker may send extended messages to its peer only if it has received the Extended Message Capability from its peer.”

May be :s/received/sent and received
---
#Keyur: A capability announcement indicates an ability to "receive and parse" extended messages. In that context “receive” is good enough?



“   A BGP speaker that has the ability to use extended messages but has

   not advertised the BGP Extended Messages capability, presumably due

   to configuration, SHOULD NOT accept an extended message.  A speaker

   MAY implement a more liberal policy and accept extended messages even

   from a peer that has not advertised the capability.”

I would a priori have assumed that both sentences be related. But in fact they are not since the first sentence only refers to the sending of the capability, while the second only refers to the reception of the capability. Shouldn’t both sentences be extended to cover both the sending and the receiving?
--
#Keyur: We wanted to be explicit in error handling section. :) Again, the capability meaning is to be able to “receive and parse”.



“A speaker that treats an improper extended message as a

   fatal error, as described in the preceding paragraph, MUST do

   likewise. »
I’m sorry but I don’t understand this sentence. What does that mean to “treat an improper extended message as a fatal error”? e.g. If I receive an extended message with a syntax error requiring to send an NOTIFICATION (e.g. more than one MP_REACH_NLRI)  is this considered an improper extended message with a fatal error? If so the text seems wrong as bgp speaker must not do “likewise” (seems to refer to “reset the session   with a Bad Message Length NOTIFICATION”)

Also “as described in the preceding paragraph, MUST do likewise” seems not precise enough to me (at least as a non-native English speaker). Which exactly is this preceding paragraph describing this “treats an improper extended message as a fatal error”

---

#Keyur:  The text is meant for a BGP speaker that doesn’t announce extended message capability AND doesn’t support extended messages implementation (old style peer). Such a peer would consider a receipt of an extended message as a malformed message.


7.  IANA Considerations

“The IANA is requested to register a new BGP Capability Code to be named BGP Extended Message Capability »

I’m not sure about the formulation since IANA has already registered this capability as TEMPORARY.



“TBD      BGP-Extended Message”

At least I would expect that the document ask for the _same_ value (6) rather than TBD.

#Keyur: Ack.

Regards,
Keyur




Thanks,

Regards,

Bruno


From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Susan Hares
Sent: Tuesday, May 24, 2016 10:42 PM
To: idr@ietf.org<mailto:idr@ietf.org>
Cc: 'Keyur Patel (keyupate)'; 'David Ward'
Subject: [Idr] draft-ietf-idr-bgp-extended-messages-12 WG LC (5/24 to 6/7)

This begins a 2 week WG LC on draft-ietf-idr-bgp-extended-messages (5/24 to 6/7). The draft can be found at:

https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-extended-messages/

In your comments please provide the following information:

1)      Support/”no-support” of this draft being ready for publication,

2)      You know of an implementation for this draft, please report the implementation to the IDR Wiki

https://trac.tools.ietf.org/wg/idr/trac/wiki/draft-ietf-idr-bgp-extended-implementations


3)      Do you have any concerns about extending the BGP messages.

Sue Hares and John Scudder

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.