Re: [Idr] Benjamin Kaduk's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS and COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Thu, 03 December 2020 14:04 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51C0A3A0BD9; Thu, 3 Dec 2020 06:04:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g5N2DpzZNoCJ; Thu, 3 Dec 2020 06:04:41 -0800 (PST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D678B3A0B95; Thu, 3 Dec 2020 06:04:40 -0800 (PST)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 0B3E4Vth021832 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 3 Dec 2020 09:04:36 -0500
Date: Thu, 3 Dec 2020 06:04:31 -0800
From: Benjamin Kaduk <kaduk@mit.edu>
To: Alvaro Retana <aretana.ietf@gmail.com>
Cc: The IESG <iesg@ietf.org>, Benjamin Kaduk via Datatracker <noreply@ietf.org>, Susan Hares <shares@ndzh.com>, idr-chairs@ietf.org, John Scudder <jgs@juniper.net>, idr@ietf.org, draft-ietf-idr-tunnel-encaps@ietf.org
Message-ID: <20201203140431.GL64351@kduck.mit.edu>
References: <160684669488.21585.5180075052177708759@ietfa.amsl.com> <CAMMESswgRDhtLuHcsh6CoZFuA7j=O4HuZtika6QfmY0pv4D7MA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAMMESswgRDhtLuHcsh6CoZFuA7j=O4HuZtika6QfmY0pv4D7MA@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/_9xeU_3u7_owRRf3Zj9Ew8bU4MI>
Subject: Re: [Idr] Benjamin Kaduk's Discuss on draft-ietf-idr-tunnel-encaps-20: (with DISCUSS and COMMENT)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 14:04:44 -0000

Hi Alvaro,

Thanks for this; it causes a lot of the pieces to fit together better and
make sense.

Regarding just one thing:

> related to rfc8365 there's nothing that has to be done.

The Appendix does mention that "a review of Section 8.3.1 of RFC 8365 is
called for" regarding the split horizon procedures.  Am I correct in
understanding that this review is only needed in the case that someone
decides to use RFC 8365 with the expanded functionality provided by the
Tunnel Encapsulation Attribute (rather than the preexisting extended
community)?  In some sense, that would just be saying that "the combination
of the two is out of scope for this document", which is something that we
see fairly often and does not seem problematic.

Anyway, I think we can consider this discuss point resolved.

Thanks again!

-Ben

On Thu, Dec 03, 2020 at 05:09:41AM -0800, Alvaro Retana wrote:
> On December 1, 2020 at 1:18:15 PM, Benjamin Kaduk wrote:
> 
> 
> Ben:
> 
> Hi!
> 
> I’m just addressing your second DISCUSS point.
> 
> Thanks!
> 
> Alvaro.
> 
> 
> 
> > ----------------------------------------------------------------------
> > DISCUSS:
> > ———————————————————————————————————
> …
> > I also would like to ensure that we have had adequate discussion of the
> > relationship between this document and RFC 8365. The IESG has received
> > comments recently (in the context of a different document) that it is
> > irresponsible to effectively obsolete or deprecate existing work without
> > identifying or explicitly updating such work, and without indicating
> > whose responsibility it is to find discrepancies. That seems like it
> > might apply to what's currently in Appendix A, which on first reading
> > suggests "there might be a problem here, but we aren't saying exactly
> > what or how to fix it, or even who is going to do that work”.
> 
> First of all, the part (in §1.5) about obsoleting rfc8365 is wrong.  I
> had pointed that out and expected it to be fixed, then lost track of
> the updates.  To be fair to the authors, I sent my note in the middle
> of the IETF week.
> 
> 
> On to Appendix A.
> 
> rfc8365 Normatively references rfc5512 (the main RFC we're
> Obsoleting).  This document includes the functionality (Encapsulation
> Extended Community) that rfc8365 uses from rfc5512, so no change
> there.
> 
> The functionality specified in this document (specifically carrying
> the Tunnel Encapsulation Attribute in other AFI/SAFIs) means that the
> attribute, and not just the Encapsulation Extended Community, could
> also be used to signal the same thing.  The appendix is then pointing
> out that if this "new" signaling mechanism is used then there might be
> some things to consider.  But we're not making any change to rfc8365.
> 
> IOW, there's no problem, rfc8365 implementations can continue to work
> as specified.
> 
> 
> To your point about indicating who/how/where any additional work
> should be done.  In general, I tend to agree with the point.  In this
> case, related to rfc8365 there's nothing that has to be done.  If at
> some point in the future a potential rfc8365bis wants to make use of
> the Tunnel Encapsulation Attribute then it may want to consider
> Appendix A.
> 
> 
> This document is Obsoleting 2 documents.  Yes, I know the header says
> 3, but -21 should have also pointed at an Update (not Obsolete) for
> rfc5640.
> 
> This document replaces rfc5512, so there's no work left unaddressed there.
> 
> As far as rfc5566, the WG had checked on implementations and/or
> interest in updating it along with this document, but the Chairs came
> up empty: no current interest or implementations.  There is however
> other work that is "replacing" the IPsec functionality described in
> rfc5566 (but independent of it):
> draft-dunbar-idr-sdwan-edge-discovery,
> draft-sajassi-besss-secure-evpn, and draft-hujun-idr-bgp-ipsec.