IETF Logo Mail Archive

Re: [Idr] Request to adopt draft-heitz-idr-large-community - Working Group Adoption call (9/6 to 9/20)

Robert Raszuk <robert@raszuk.net> Wed, 14 September 2016 17:53 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 075DE12B3F0 for <idr@ietfa.amsl.com>; Wed, 14 Sep 2016 10:53:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oTIbDXo7RBUR for <idr@ietfa.amsl.com>; Wed, 14 Sep 2016 10:53:54 -0700 (PDT)
Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com [IPv6:2a00:1450:400c:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A278112B3D9 for <idr@ietf.org>; Wed, 14 Sep 2016 10:53:53 -0700 (PDT)
Received: by mail-wm0-x231.google.com with SMTP id i130so61151402wmf.0 for <idr@ietf.org>; Wed, 14 Sep 2016 10:53:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=671z49bhekJxfszAVl0pQH/mKzxL5ySmTTL52ZKlFVg=; b=Ij1AEcbyhNAj9AN7TyQ3CMrfS3ujuJ/il2jKKbyMrSxLcSIH1iowfyuyjtv9L0pmYH n7GWCOX9ivH8ACOzXnM76FjDy6hCNq4BvRsywl1SYN7nsBwBNJqRwzJgvYgYyQqU4OLc 37wgnkofs8G0T1UjaZxCO9WeEghV6K+dxjlo0dzzKH6FK+w8htBXzfcoR0bl0TEMijeu zcwIpG1ltD5hZ16CaDb5s/JLaNv3TMD+1p2hOaGyQweGgWN90gmoj4NgB65+emih/fgJ h0/zCDUWstES0gsWAg5Ql4sLhgI3qtq5CdhYcjyUJ3a8wHNb7oiwFc4dxpK6NAlOfJtO dcBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=671z49bhekJxfszAVl0pQH/mKzxL5ySmTTL52ZKlFVg=; b=Fw7CI7MalienX7kQchQYZjsVrnJc1RRfFGll8p1N05AGQz8yF/LeS9fPoRWqonOa61 /XYC9aLlp/wqGkQI0caa6iB6KDtk7Ih0UPODvD+gMlvMRV+SZ7ILRXgj7htICf6gdMlG 6dswPLYrC34jNrZ49bnzY9NEEWNxmXx2zaBDMnzHu12QTx1izK50i90BX5xrgUK15DlL ZJt1ZmwsSEnyyVok60cx/AMevCncWIkdQ3QIzlvwLIHQLMPMhrrHzX/fdTY1kBJ37X9J 2P2Sjf54YuG+R/EdBpWiHHEpRwvOH6rm1KvSPlAGHamJ629Tu1LMiTKLqxEKMcNqzj43 MiJQ==
X-Gm-Message-State: AE9vXwNkqIKb360iqZyQOnJRpqiYkTKYS5EmKR6iZWmWkRsOVBRBE4ozLTzdOVpNMJz6L6q9AFLXv5+JJiLRZA==
X-Received: by 10.194.148.225 with SMTP id tv1mr3891203wjb.121.1473875632112; Wed, 14 Sep 2016 10:53:52 -0700 (PDT)
MIME-Version: 1.0
Sender: rraszuk@gmail.com
Received: by 10.80.153.44 with HTTP; Wed, 14 Sep 2016 10:53:50 -0700 (PDT)
In-Reply-To: <20160914172058.GA28887@puck.nether.net>
References: <A0FF8539-2868-46A8-995D-7D57705D8AA3@alcatel-lucent.com> <CA+b+ERk9vOdzacXjjmhK2uWFM+Aad8gK3KLJQBeFVb2XwbW3fA@mail.gmail.com> <6190874E-0CC8-4437-9117-F7429242064B@puck.nether.net> <CA+b+ERm82jJPzHJGgmwKWY-T+q97D8tRUWW3rh6hYr3iV4BKag@mail.gmail.com> <D0E1DDA5-2C26-46A2-95BC-C7A7B19F2F8B@steffann.nl> <20160914161526.GA19429@puck.nether.net> <20160914162702.GC80448@shrubbery.net> <20160914162919.GD19429@puck.nether.net> <20160914163247.GD80448@shrubbery.net> <A529D36C-99EE-4958-9DF5-BDB056608606@steffann.nl> <20160914172058.GA28887@puck.nether.net>
From: Robert Raszuk <robert@raszuk.net>
Date: Wed, 14 Sep 2016 19:53:50 +0200
X-Google-Sender-Auth: ulWnbPH5EpWo6Qpq2X3XZIyneBw
Message-ID: <CA+b+ERk3Kk_qus2hts=0p05SoZBKTQFLukK1inB3WrzxQO2iAg@mail.gmail.com>
To: Jared Mauch <jared@puck.nether.net>
Content-Type: multipart/alternative; boundary="089e01184b327ed5c4053c7b694d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/ZO9LwSixB9LxNKsnJPTIz0APOd8>
Cc: heasley <heas@shrubbery.net>, "idr@ietf.org" <idr@ietf.org>, Susan Hares <shares@ndzh.com>
Subject: Re: [Idr] Request to adopt draft-heitz-idr-large-community - Working Group Adoption call (9/6 to 9/20)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Sep 2016 17:53:56 -0000

Folks,

But this is not what the T flags (Transitive or Filter) are to be all
about. You can have one attribute in BGP UPDATE message ... but since we
are converging on common header there is nothing that prevents you to have
more then one common header of the same type.

One can differ with T flags, the other can differ with Context-AS.

Otherwise of course it would be pointless, but the above is the intention.

And while you can't trust what your peer does with your flag - you can
filter yourself by that flag and never send him something which one ingress
added to the message and is not intended to be send outside.

You enable send-all, you may enable send-type. But I hope no one here is
eager to match by community content on 100s of ebgp egress points to filter
it.

That is why T or D (same domain) or R flags are intended to be used for.

Cheers,
R.


On Wed, Sep 14, 2016 at 7:20 PM, Jared Mauch <jared@puck.nether.net> wrote:

> On Wed, Sep 14, 2016 at 07:07:19PM +0200, Sander Steffann wrote:
> > Hi,
> >
> > >> Attempting to impose policy on a 3rd party in this way
> > >> is an interesting suspension of reality.  Once you send it, you have
> > >> no control over what they use it for, and pretending otherwise is
> > >> wishing for something that will not happen.
> > >
> > > Yes, you can use RPL to override such things, but you're indicating
> intention
> > > AND you can also have free RPL as a result
> >
> > The big problem here is that these "intention indicating" flags are
> global for all the communities in the container, and as BGP only allows one
> path attribute of each type all the wide communities have to share the same
> fate. The sender cannot indicate which wide communities should be
> transitive and which should be not. This "all or nothing" approach isn't
> useful and will only create confusion. Better to just drop the flags field.
>
>         Thanks for putting it that way, I think that's helpful.
>
>         - jared
>
>
>
> --
> Jared Mauch  | pgp key available via finger from jared@puck.nether.net
> clue++;      | http://puck.nether.net/~jared/  My statements are only
> mine.
>

v2.23.0 | Report a Bug | By Email