IETF Logo Mail Archive

Re: [Idr] [EXTERNAL] Re: draft-ietf-rtgwg-net2cloud-problem-statement description on BGP error valid? (was RE: WG adoption call for draft-abraitis-bgp-version-capability-08, to end September 25

Robert Raszuk <robert@raszuk.net> Tue, 17 January 2023 00:14 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8628EC14CE25 for <idr@ietfa.amsl.com>; Mon, 16 Jan 2023 16:14:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F0ILKl41Q2jG for <idr@ietfa.amsl.com>; Mon, 16 Jan 2023 16:14:15 -0800 (PST)
Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com [IPv6:2a00:1450:4864:20::335]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52042C14CE27 for <idr@ietf.org>; Mon, 16 Jan 2023 16:14:15 -0800 (PST)
Received: by mail-wm1-x335.google.com with SMTP id c10-20020a05600c0a4a00b003db0636ff84so397417wmq.0 for <idr@ietf.org>; Mon, 16 Jan 2023 16:14:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=GJr/g4rDOYEOUT0F5uqjK8sTjPkYFEiX0zQ1+DytSvY=; b=SdGTFKBwJk+1jtjYvLnFm/5ttLPPFsaws2ngcdZ1G7Dgf3sMCBfjfD5W4wfdXhs7yL ZnTquRrC0i9wQYoHQxLdaCE4ncsl6hIcQUaPTbAV3armi0KxQbMrEU7hb4EDZFbjjusw RsxmwMigzdbRqlHvyJlsCv8ZvTybX+2misG+nIcCHoq4nhspykU4XAD4aYr0pn2WOzX5 QeNIG4F3N27p48ah88BIuL7pDCF8drW9DX1mJDNFk302rz3wQEhbwm8UfGHA4LyTfhD2 lrDjZkDpmme4LdrMuFacGB5GTEc+TiKsWk59xJfcfAWZyXdMSwfpKL/IU6nloVef7cVe eoLQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=GJr/g4rDOYEOUT0F5uqjK8sTjPkYFEiX0zQ1+DytSvY=; b=AwvthN0OdqLtNEbLimIWDNo2dEWAsRrOfs4KVfCI/GTPJBJozV3DpfDyn27z9Lgqar 2hEZy1Aja4jUZYcGEzB8Eq1nF49KBKaGp/Bs3VXpaAy7aI/A1HtuYOuw0qixcQNvesGZ 1I7ZBq8LYDvNE0fQZgzqa1gnyycnttucCwKrcNNqdvI+LcbdvwDfQDzOVRStlVgOMBVe Tf61QUES0a/UbIr5+hwnkyKkycGZ/4aw0tBPXQ05M9n6lyF3SBYJVtmQ3hPzcBWvdA/a XOXbdLJksA+Q6/OXZ+yWbvrjSIjhX5GWEXksxJ/cMjlWKatpi9kE5heA1otzcvM8ojVk VjfA==
X-Gm-Message-State: AFqh2krpVEj9HxIIIX8UlyPdO3/HArWH8P4FE/ART/vHwyAWY2cVnGmJ yPi0d57i5YHWz7jqawQG8gW12RuViY22zpGYMB0D4g==
X-Google-Smtp-Source: AMrXdXswLFEGK/DvRThlw9fhyPSHdwaeHNC2k7nhh8/BibtkrwqGcL3bMMjOkNajrNb/0hQZZ2jM85cu3SvGHNaZuyk=
X-Received: by 2002:a05:600c:3b86:b0:3d8:f22e:118f with SMTP id n6-20020a05600c3b8600b003d8f22e118fmr66378wms.144.1673914452932; Mon, 16 Jan 2023 16:14:12 -0800 (PST)
MIME-Version: 1.0
References: <C3B4F29D-7C8D-4911-B140-286B7B8DA97B@pfrc.org> <CAOj+MMGmSBDwbxvSZ_x+j7NtCHRFFFvcCEKGJ0Wpis_OU26cLA@mail.gmail.com> <CABNhwV3qwCT8=8R+HTi1DFhbRN=FwHMF4XvQVowQwz=pb2U-nA@mail.gmail.com> <CAOj+MMG-5TT2sEnZVMabP1wA=gBNH0g9zkpoM9LWL7XFnh2aEQ@mail.gmail.com> <CABNhwV2H8Y7pthkWtJsDUN7ZscjGvc+v2XdpZ5CcG2ot9TBBog@mail.gmail.com> <CO1PR13MB492093DC7492BFD14A47C97B85C29@CO1PR13MB4920.namprd13.prod.outlook.com> <CABNhwV2UL0ruFeJwfwPnP7OWO9qCpHw3ubWNF7BoQQUEYEgZRw@mail.gmail.com> <CO1PR13MB4920CBF456034CE08D70691385C19@CO1PR13MB4920.namprd13.prod.outlook.com> <20230116192152.GA19126@pfrc.org> <CAOj+MMFAkworqATpiykEMKbntTt7z5kFMOiMNhvj1Z6EG9UAcQ@mail.gmail.com> <20230116194512.GA20268@pfrc.org> <CO1PR13MB4920BB58AF4420592AAD118785C19@CO1PR13MB4920.namprd13.prod.outlook.com> <CAOj+MMEGuECX3+d3GXr20GUjQoZoOoeiEn33J6Hf64dUN2pbMQ@mail.gmail.com> <CO1PR13MB49203BFEC56F4F760E229BB985C19@CO1PR13MB4920.namprd13.prod.outlook.com> <CAOj+MMHtGWt7rTmsW753uCeem+ckaGN94qM_-yH44h_6abS+=A@mail.gmail.com> <DM4PR21MB3584C8D70DF92091C3BCCFEDA3C19@DM4PR21MB3584.namprd21.prod.outlook.com>
In-Reply-To: <DM4PR21MB3584C8D70DF92091C3BCCFEDA3C19@DM4PR21MB3584.namprd21.prod.outlook.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Tue, 17 Jan 2023 01:14:01 +0100
Message-ID: <CAOj+MMHPC8LVEK3OKk8r_oYbh7w00GQV_86wiLf_iq7=rQzW2w@mail.gmail.com>
To: Kausik Majumdar <kmajumdar@microsoft.com>
Cc: Linda Dunbar <linda.dunbar@futurewei.com>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, "idr@ietf.org" <idr@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005a149e05f26a94e7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/VnDK-ZvAFLuYvUUt7KHSHieYWKY>
Subject: Re: [Idr] [EXTERNAL] Re: draft-ietf-rtgwg-net2cloud-problem-statement description on BGP error valid? (was RE: WG adoption call for draft-abraitis-bgp-version-capability-08, to end September 25
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jan 2023 00:14:19 -0000

> Can we use our current Draft to update and describe the best practices
for the mitigation?

I don't think that the Informational draft in RTGWG can be used to make any
modifications to any BGP Message Error Handling.

> As the scope of the document is to characterize the network-related
problems that Enterprises
> face today when interconnecting their branch offices with dynamic
workloads in the Cloud DCs
> and the mitigation practices, it might be useful to recommend /capture
mitigation practices for the
> Section 3.1 BGP Errors Handling.

The problem is that we do not have a separate BGP "version/profile" for
interconnecting branch offices with Cloud DCs.

That means that we can not customize core BGP protocol operation to be
optimal to such deployment space.

- - -

I think that if we would go and define the notion of "BGP Profiles" - lot's
of useful customization could be made with
lowering the bar for each.

I could think of few obvious such profiles already:

* Internet BGP IPv4/IPv6 Profile
* Intradomain Routing Profile
* Data Center BGP Profile
* Private Overlay Transport BGP Profile

Now the obvious challenge is to maximize the code reuse while at the same
time achieve profile isolation/separation.

Regards,
Robert


On Tue, Jan 17, 2023 at 12:25 AM Kausik Majumdar <kmajumdar@microsoft.com>
wrote:

> Hi Robert, Sue, IDR Chairs, et. all,
>
>
>
> Can we use our current Draft to update and describe the best practices for
> the mitigation? As the scope of the document is to characterize the
> network-related problems that Enterprises face today when interconnecting
> their branch offices with dynamic workloads in the Cloud DCs and the
> mitigation practices, it might be useful to recommend /capture mitigation
> practices for the Section 3.1 BGP Errors Handling.
>
>
>
> *3.1 <https://datatracker.ietf.org/doc/html/draft-ietf-rtgwg-net2cloud-problem-statement-18#section-3.1>. Increased BGP errors and Mitigation Methods*
>
>
> -----------------------------------------------------------------------------------------------------
>
> Abstract
>
>
>
>    This document describes the network-related problems enterprises
>
>    face today when interconnecting their branch offices with dynamic
>
>    workloads in third-party data centers (a.k.a. Cloud DCs) and some
>
>    mitigation practices.
>
>
> ­-----------------------------------------------------------------------------------------------------
>
>
>
>
>
> Regards,
>
> Kausik
>
>
>
>
>
> *From:* Idr <idr-bounces@ietf.org> *On Behalf Of * Robert Raszuk
> *Sent:* Monday, January 16, 2023 2:03 PM
> *To:* Linda Dunbar <linda.dunbar@futurewei.com>
> *Cc:* idr@ietf.org; rtgwg@ietf.org
> *Subject:* [EXTERNAL] Re: [Idr]
> draft-ietf-rtgwg-net2cloud-problem-statement description on BGP error
> valid? (was RE: WG adoption call for
> draft-abraitis-bgp-version-capability-08, to end September 25
>
>
>
>
>
> Any IDR WG member ... :)
>
>
>
> On Mon, Jan 16, 2023 at 10:59 PM Linda Dunbar <linda.dunbar@futurewei.com>
> wrote:
>
> Robert,
>
> Who are the “folks” responsible for making the change?
>
>
>
> Linda
>
>
>
> *From:* Robert Raszuk <robert@raszuk.net>
> *Sent:* Monday, January 16, 2023 2:32 PM
> *To:* Linda Dunbar <linda.dunbar@futurewei.com>
> *Cc:* Jeffrey Haas <jhaas@pfrc.org>; Gyan Mishra <hayabusagsm@gmail.com>;
> idr@ietf.org; rtgwg@ietf.org
> *Subject:* Re: draft-ietf-rtgwg-net2cloud-problem-statement description
> on BGP error valid? (was RE: [Idr] WG adoption call for
> draft-abraitis-bgp-version-capability-08, to end September 25
>
>
>
> Hi Linda,
>
>
>
> I see where you are going with this .. I was expecting so - thank you
> for confirming.
>
>
>
> So RFC7606 talks about BGP UPDATE Message error handling.
>
>
>
> To the best of my knowledge we do not have revised Error Handling for BGP
> OPEN Message. So I would propose you encourage folks to work on it
> before you proceed with the below section 3.1.
>
>
>
> Many thx,
>
> Robert
>
>
>
>
>
> On Mon, Jan 16, 2023 at 9:22 PM Linda Dunbar <linda.dunbar@futurewei.com>
> wrote:
>
> Robert, Jeffrey, Gyan,
>
>
>
> The reason for my question is to validate the description of the Section
> 3.1 (Increased BGP error) in the
> https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-problem-statement/
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-rtgwg-net2cloud-problem-statement%2F&data=05%7C01%7Ckmajumdar%40microsoft.com%7C73aed04a767d45111eef08daf80d6f61%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638095033847536253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=wyUeXwdJn0QxqbLumCoRvOkDqgSKM1URvOmfE8h1H%2Bs%3D&reserved=0>
>
>
>
> Love to hear your comments to this description
>
> --------------------------------------------------
>
> 3.1. Increased BGP errors and Mitigation Methods
>
> Many network service providers have limited number of BGP peers and
> usually have prior negotiated peering policies with their BGP peers. Cloud
> GWs need to peer with many more parties, via private circuits or IPsec over
> public internet. Many of those peering parties may not be traditional
> network service providers. Their BGP configurations practices might not be
> consistent, and some are done by less experienced personnel. All those can
> contribute to increased BGP peering errors, such as capability mismatch,
> BGP ceasing notification, unwanted route leaks, missing Keepalives, etc.
> Capability mismatch can cause BGP sessions not established properly.
>
> If a BGP speaker receives a BGP OPEN message with the unrecognized
> Optional Parameters, an error message should be generated per RFC 4271,
> although the BGP session can be established. When receiving a BGP UPDATE
> with a malformed attribute, the revised BGP error handling procedure
> [RFC7606] should be followed instead of session resetting.
>
> Many Cloud DCs don’t support multi hop eBGP peering with external devices.
> To get around this limitation, it is necessary for enterprises GWs to
> establish IP tunnels to the Cloud GWs to form IP adjacency.
>
> Some Cloud DC eBGP peering only supports limited number of routes from
> external entities. To get around this limitation, on-premises DCs need to
> set up default routes to be exchanged with the Cloud DC eBGP peers.
>
> -----------
>
>
>
> Thank you very much
>
> Linda Dunbar
>
>
>
> -----Original Message-----
> From: Jeffrey Haas <jhaas@pfrc.org>
> Sent: Monday, January 16, 2023 1:45 PM
> To: Robert Raszuk <robert@raszuk.net>
> Cc: Linda Dunbar <linda.dunbar@futurewei.com>; Gyan Mishra <
> hayabusagsm@gmail.com>; idr@ietf.org
> Subject: Re: [Idr] WG adoption call for
> draft-abraitis-bgp-version-capability-08, to end September 25
>
>
>
> Robert,
>
>
>
> On Mon, Jan 16, 2023 at 08:28:27PM +0100, Robert Raszuk wrote:
>
> > I am afraid you are talking about BGP version while Linda is asking
>
> > about the subject draft bgp version ... Both are completely unrelated
> "versions".
>
>
>
> I'm answering Linda's literal question.  In the cited text, she is not
> asking about the new version capability.  If her intent was to ask about
> that, her text wasn't stating what she wanted to ask.
>
>
>
> > While we are here I did reread RFC4271 and I am not sure either if
>
> > there is text to mandate closing the session when new BGP OPEN
>
> > Optional Parameter is not recognized. Neither does FSM. Generating
>
> > NOTIFICATION and continue should be allowed by the spec unless I
>
> > missed some embedded mandate to close it.
>
>
>
> RFC 4271, §6.2:
>
>
>
> :    If one of the Optional Parameters in the OPEN message is not
>
> :    recognized, then the Error Subcode MUST be set to Unsupported
>
> :    Optional Parameters.
>
> :
>
> :    If one of the Optional Parameters in the OPEN message is recognized,
>
> :    but is malformed, then the Error Subcode MUST be set to 0
>
> :    (Unspecific).
>
>
>
> -- Jeff
>
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fidr&data=05%7C01%7Ckmajumdar%40microsoft.com%7C73aed04a767d45111eef08daf80d6f61%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638095033847536253%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=OSAuEnteo1Bs5Q2GLeCw6EPmU%2BPOVcJKMN46fGOyd%2Fo%3D&reserved=0>
>
>

v2.30.2 | Report a Bug | By Email | System Status