IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-rfc5575bis-05.txt

Christoph Loibl <c@tix.at> Fri, 20 October 2017 07:26 UTC

Return-Path: <c@tix.at>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8256313334E; Fri, 20 Oct 2017 00:26:46 -0700 (PDT)
X-Quarantine-ID: <I_Ly6EQNmw3q>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char E2 hex): X-Spam-Report: ...ral minor edits after Job\342\200\231s review duri[...]
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I_Ly6EQNmw3q; Fri, 20 Oct 2017 00:26:43 -0700 (PDT)
Received: from mail.hated.at (mail.hated.at [IPv6:2001:858:2:8::235]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57FBB124F57; Fri, 20 Oct 2017 00:26:42 -0700 (PDT)
Received: from 80-110-97-151.cgn.dynamic.surfer.at ([80.110.97.151] helo=[192.168.66.220]) by mail.hated.at with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from <c@tix.at>) id 1e5RRZ-00080n-0E; Fri, 20 Oct 2017 09:10:09 +0200
From: Christoph Loibl <c@tix.at>
Message-Id: <AA076511-5B71-4504-9107-FF7BA4B2D8C5@tix.at>
Content-Type: multipart/signed; boundary="Apple-Mail=_E2D52D84-A3B7-41E3-B415-7239180D9BA5"; protocol="application/pgp-signature"; micalg="pgp-sha1"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Fri, 20 Oct 2017 09:26:35 +0200
In-Reply-To: <150848166915.26854.5045209931838403357@ietfa.amsl.com>
Cc: i-d-announce@ietf.org, idr@ietf.org
To: internet-drafts@ietf.org
References: <150848166915.26854.5045209931838403357@ietfa.amsl.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/_lwzPmFbAiuRpfxudvG4rD9J7Ys>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-rfc5575bis-05.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Oct 2017 07:26:46 -0000

Hi,

I just uploaded a new version of the Flow Specification draft draft-ietf-idr-rfc5575bis-05.

I want to point out that it contains several minor edits after Job’s review during WG-LC (see the recent mails on the mailinglist), but also one more *complex* change that I would ask to review:

5.1.  Ordering of Traffic Filtering Rules (changes to the paragraph and the pseudocode)

The pseudocode of the sorting algorithm has been replaced by an actual runnable and tested python3 implementation. While you should also read it in the draft, you may want to view it on github (since you get all the syntax highlighting there https://github.com/stoffi92/flowspec-cmp - or you can even download the repository, add test-cases to the unit-test that is included).

Even though the python source is slightly longer than the pseudocode, I think it is a good idea to actually have a runnable code sample as a reference for actual behaviour. During the on-list discussion there were no objections.


Other smaller changes:

4.2.3.  Type 3 - IP Protocol

*) Small change to the wording in the Bit-Operator

The bits do not produce a “value” but a “relational operator”:

OLD:

The bits lt, gt, and eq can be combined to produce "less or equal
"greater or equal", and inequality values.

NEW:

The bits lt, gt, and eq can be combined to produce common relational
operators such as "less or equal", "greater or equal", and "not equal
to".

13. Original authors

Removed the editorial note 'Note: Any original author...'

ENTIRE Document:

*) Consistent use of the name "Flow Specification”

*) Correction of some missing cross-references and typos (mainly in the Abstract, Introduction)

Thank you, Job for your review and the feedback!

Cheers
Christoph


--
Christoph Loibl
c@tix.at | CL8-RIPE | PGP-Key-ID: 0x4B2C0055 | http://www.nextlayer.at



> On 20 Oct 2017, at 08:41, internet-drafts@ietf.org wrote:
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Inter-Domain Routing WG of the IETF.
> 
>        Title           : Dissemination of Flow Specification Rules
>        Authors         : Susan Hares
>                          Christoph Loibl
>                          Robert Raszuk
>                          Danny McPherson
>                          Martin Bacher
> 	Filename        : draft-ietf-idr-rfc5575bis-05.txt
> 	Pages           : 33
> 	Date            : 2017-10-19
> 
> Abstract:
>   This document updates [RFC5575] which defines a Border Gateway
>   Protocol Network Layer Reachability Information (BGP NLRI) encoding
>   format that can be used to distribute traffic Flow Specifications.
>   This allows the routing system to propagate information regarding
>   more specific components of the traffic aggregate defined by an IP
>   destination prefix.
> 
>   It specifies IPv4 traffic Flow Specifications via a BGP NLRI which
>   carries traffic Flow Specification filter, and an Extended community
>   value which encodes actions a routing system can take if the packet
>   matches the traffic flow filters.  The flow filters and the actions
>   are processed in a fixed order.  Other drafts specify IPv6, MPLS
>   addresses, L2VPN addresses, and NV03 encapsulation of IP addresses.
> 
>   This document updates [RFC5575] to correct unclear specifications in
>   the flow filters and to provide rules for actions which interfere
>   (e.g. redirection of traffic and flow filtering).
> 
>   Applications which use the bgp Flow Specification are: 1) application
>   which automate inter-domain coordination of traffic filtering, such
>   as what is required in order to mitigate (distributed) denial-of-
>   service attacks; 2) applications which control traffic filtering in
>   the context of a BGP/MPLS VPN service, and 3) applications with
>   centralized control of traffic in a SDN or NFV context.  Some
>   deployments of these three applications can be handled by the strict
>   ordering of the BGP NLRI traffic flow filters, and the strict actions
>   encoded in the extended community Flow Specification actions.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-idr-rfc5575bis/
> 
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-idr-rfc5575bis-05
> https://datatracker.ietf.org/doc/html/draft-ietf-idr-rfc5575bis-05
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-idr-rfc5575bis-05
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr

v2.23.0 | Report a Bug | By Email