Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redirect-10.txt [11/17/2019 to 12/2/2019]
Jeffrey Haas <jhaas@pfrc.org> Tue, 03 December 2019 20:43 UTC
Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DBC112003E for <idr@ietfa.amsl.com>; Tue, 3 Dec 2019 12:43:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.402
X-Spam-Level:
X-Spam-Status: No, score=-1.402 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, PDS_BTC_ID=0.499, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pLgzxXDvDgB7 for <idr@ietfa.amsl.com>; Tue, 3 Dec 2019 12:43:03 -0800 (PST)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 2C41412002F for <idr@ietf.org>; Tue, 3 Dec 2019 12:43:03 -0800 (PST)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 13A1C1E2F5; Tue, 3 Dec 2019 15:47:16 -0500 (EST)
Date: Tue, 03 Dec 2019 15:47:15 -0500
From: Jeffrey Haas <jhaas@pfrc.org>
To: "Van De Velde, Gunter (Nokia - BE/Antwerp)" <gunter.van_de_velde@nokia.com>
Cc: Sue Hares <shares@ndzh.com>, "idr@ietf.org" <idr@ietf.org>
Message-ID: <20191203204715.GA24816@pfrc.org>
References: <016501d59dd2$e5458850$afd098f0$@ndzh.com> <D0AA5E62-4AE5-43A5-BA23-E66D98AF657B@pfrc.org> <AM6PR07MB482356A327D714512EBAF2DBE0460@AM6PR07MB4823.eurprd07.prod.outlook.com> <20191202172621.GG18175@pfrc.org> <AM6PR07MB4823A2E541541E24526A362DE0420@AM6PR07MB4823.eurprd07.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AM6PR07MB4823A2E541541E24526A362DE0420@AM6PR07MB4823.eurprd07.prod.outlook.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/XPpgUjY82ev7i41S8_-eVCNpVfw>
Subject: Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redirect-10.txt [11/17/2019 to 12/2/2019]
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Dec 2019 20:43:05 -0000
Gunter, On Tue, Dec 03, 2019 at 10:09:19AM +0000, Van De Velde, Gunter (Nokia - BE/Antwerp) wrote: > > Redirect-ip isn't even mentioned in the draft. > > > > Part of the reason to raise this is whether intentional interactions could happen. As an example, redirect-ip is specced to be permitted in the context of a VRF redirection. > > > > I suspect in the majority of the cases that path-redirect is intended involving segment routing that following a segment path from a VRF context doesn't make much sense. However, some of the cases are left as much more abstract and perhaps they could? > > > > My point is that a bit more normative text on the various cases would be needed for interoperable code. > > *** > GV2> The original concept was to have an abstract steering correlation towards a 32bit tunnel-ID (This is an action, opaque to VRF, or any other associated contexts). If indeed a matter of context is added to the redirection id (for example the 32 bits represent a Segment path) then that few more normative text could be added on the cases. It makes sense to do that then. The redirect-ip case does specifically call out that you can do the redirect in the VRF table context. What you'll be doing is effectively highlighting whether the abstract indirection table is box-wide or scoped to specific tables. Ideally, this will let you think through the yang implications of the feature as well. > > Basically, try each sequence in turn. If you can do something with it, you're done. If you can't (the indirection can't be applied for numerous reasons), try next. S-ID zero is intended to be a "hard stop". > > *** > GV2> Thanks. let me think on how to integrate this best Thanks. I think that will add needed clarity. > > What's still not covered, since these are extended communities, is cases like there are two of a given S-ID present. Perhaps it was added via blind policy? What do you do? > > *** > GV2> ok, my personal understanding is that rule is invalid, and then the flowspec rule MUST be > processed as if the "Redirect to indirection-id" community was not attached to the flowspec route. That's one option. A similar one includes testing the usability of the rule, as I noted in the pseudocode. Let me drawn an analogy (perhaps a poor one) from redirect-ip: Consider a flowspec route with redirect-IP:A and redirect-ip:B. If A is resolvable (per BGP route resolution rules) and B is not, it's clearer that you want to use what can actually work. If both are resolvable, then an implementation may choose to use both for load balancing. Going back to indirection-id, if you have conflicting rules, but similar "can this work" tests, do you really want to reject it solely because the rules may appear conflicting? Perhaps. Unlike redirect-to-ip, I have no strong opinions about whether to permit load balancing or other similar behaviors rather than consider it invalid. What I will absolutely note is that troubleshooting this from extended community output on a BGP route is likely to be more than a little awkward at best. Consider that most implementations tend to simply display extended communities in their internal sort order (often effectively memcmp()) rather than something that's more lexicographically ordered for troubleshooting this feature. -- Jeff
- [Idr] WG LC draft-ietf-idr-flowspec-path-redirect… Susan Hares
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Zhuangshunwan
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Wanghaibo (Rainsword)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Van De Velde, Gunter (Nokia - BE/Antwerp)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Rabadan, Jorge (Nokia - US/Mountain View)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Lizhenbin
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Jeffrey Haas
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Aissaoui, Mustapha (Nokia - CA/Ottawa)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Bidgoli, Hooman (Nokia - CA/Ottawa)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Henderickx, Wim (Nokia - BE/Antwerp)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Van De Velde, Gunter (Nokia - BE/Antwerp)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Robert Raszuk
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Gunter Van De Velde
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Robert Raszuk
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Keyur Patel
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Chengli (Cheng Li)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Dongjie (Jimmy)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Jeffrey Haas
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Jeffrey Haas
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Robert Raszuk
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Van De Velde, Gunter (Nokia - BE/Antwerp)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Van De Velde, Gunter (Nokia - BE/Antwerp)
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Robert Raszuk
- Re: [Idr] WG LC draft-ietf-idr-flowspec-path-redi… Jeffrey Haas