IETF Logo Mail Archive

Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)

"UTTARO, JAMES" <ju1738@att.com> Wed, 10 February 2021 15:02 UTC

Return-Path: <ju1738@att.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3172C3A0D00 for <idr@ietfa.amsl.com>; Wed, 10 Feb 2021 07:02:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.518
X-Spam-Level:
X-Spam-Status: No, score=-2.518 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=att.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3VyAJWjdhbJz for <idr@ietfa.amsl.com>; Wed, 10 Feb 2021 07:02:23 -0800 (PST)
Received: from mx0a-00191d01.pphosted.com (mx0a-00191d01.pphosted.com [67.231.149.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 133853A0CFC for <idr@ietf.org>; Wed, 10 Feb 2021 07:02:23 -0800 (PST)
Received: from pps.filterd (m0049297.ppops.net [127.0.0.1]) by m0049297.ppops.net-00191d01. (8.16.0.43/8.16.0.43) with SMTP id 11AEsOSH001835; Wed, 10 Feb 2021 10:02:16 -0500
Received: from alpi155.enaf.aldc.att.com (sbcsmtp7.sbc.com [144.160.229.24]) by m0049297.ppops.net-00191d01. with ESMTP id 36m2rmbecv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 10 Feb 2021 10:02:16 -0500
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id 11AF2EX3020696; Wed, 10 Feb 2021 10:02:15 -0500
Received: from zlp27128.vci.att.com (zlp27128.vci.att.com [135.66.87.50]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id 11AF26uv020515 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 10 Feb 2021 10:02:07 -0500
Received: from zlp27128.vci.att.com (zlp27128.vci.att.com [127.0.0.1]) by zlp27128.vci.att.com (Service) with ESMTP id A9EC54009E94; Wed, 10 Feb 2021 15:02:06 +0000 (GMT)
Received: from MISOUT7MSGED1DC.ITServices.sbc.com (unknown [135.66.184.191]) by zlp27128.vci.att.com (Service) with ESMTP id 8C5D44009E86; Wed, 10 Feb 2021 15:02:06 +0000 (GMT)
Received: from MISOUT7MSGEX2CC.ITServices.sbc.com (135.66.184.218) by MISOUT7MSGED1DC.ITServices.sbc.com (135.66.184.191) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Wed, 10 Feb 2021 10:02:05 -0500
Received: from MISOUT7MSGETA02.tmg.ad.att.com (144.160.12.220) by MISOUT7MSGEX2CC.ITServices.sbc.com (135.66.184.218) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2 via Frontend Transport; Wed, 10 Feb 2021 10:02:05 -0500
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.36.52) by edgeso2.exch.att.com (144.160.12.220) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2176.2; Wed, 10 Feb 2021 10:01:57 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zjt79wUBWvav6NRfKQpoquL73LyVsBCzSJqTvAJ7LIdEnpOQQZfp3aBcN6XjxfR+wAbtty3DCJ41BsAdvy1bXzL1+DMu8bYBsftbtAJD09B9cUzI6t6y1Uu5FWGtq679bn8sawXF2t8r2QB+LJgTOGX890Vx5esNe2YCXZuX/D9aGCyBGpwG6HzxlVTTJTMEZuky0fuqxqOiyDzjc/lcTnu9X5TMazipiDR9WJ/DiLOq1gDNi7lJokHIh71ZiEeq9FYJ8WOKr2WNBFnawqHQJRfB0IVzfiB4rdwEgcm3GAFPe8FajFE05tzOstO15Eiy4G7+J5e2PydzX5xCZAum9g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=73+8YJ8RHddPFoQ0y6oCb7z7U0w3yPF2n3nT/Fb2784=; b=RaPeH7Vn8JX2mBKcNhr9hl67jABt0T0okPME/2JlKTmS3hUEPKgZnlludq/6xJ9VZV8y76VisrJaJkZg5xs+pXDjQXief/wNBSY8MBgoVe14bStKadUc7KS5/353+1qPQvEUoReqDZQdJHCglGKvZP0cBezggzkNZA4fkysnmnnt2PBrw+xtVZvY4VUTLPa4DrzDlT6Jg83WSUIKGa1jeY2C7u4gMd6cUEd4zNY9ZXxIY5BxaZnC76BY9uEmdpu2FVF2DreTvtgi48azt6UKob7EjoWbbe0/jiaNK+xmVBPjvcBoTcFJ+xeBGpn8G661vbxkzIsxqVNaoOO5W6vCEg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=att.com; dmarc=pass action=none header.from=att.com; dkim=pass header.d=att.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.onmicrosoft.com; s=selector2-att-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=73+8YJ8RHddPFoQ0y6oCb7z7U0w3yPF2n3nT/Fb2784=; b=nFFdJbitE2BYI+j++AOEdn2EMyuCdMp+8JUSSPZsnNGLP3icUvcj5iTpYpB6YXfhbJA/FfBeRMbdNuUCaJEYUqXKnnCq0HOSW3w5nUNkpLmEzXof/iQoehMwLUcFRN0WYXF6DCxbn8KKvntcwvQ3QWRgrHcB7RbkLgK3V93rVHs=
Received: from MW4PR02MB7394.namprd02.prod.outlook.com (2603:10b6:303:7d::7) by MW4PR02MB7108.namprd02.prod.outlook.com (2603:10b6:303:73::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3825.23; Wed, 10 Feb 2021 15:01:56 +0000
Received: from MW4PR02MB7394.namprd02.prod.outlook.com ([fe80::d0e8:6c75:ecfa:9399]) by MW4PR02MB7394.namprd02.prod.outlook.com ([fe80::d0e8:6c75:ecfa:9399%7]) with mapi id 15.20.3825.030; Wed, 10 Feb 2021 15:01:56 +0000
From: "UTTARO, JAMES" <ju1738@att.com>
To: Aijun Wang <wangaijun@tsinghua.org.cn>
CC: Lizhenbin <lizhenbin@huawei.com>, Susan Hares <shares@ndzh.com>, "idr@ietf.org" <idr@ietf.org>
Thread-Topic: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)
Thread-Index: Adb7C8Tapzr6LUQXS7CFnBh8kC9NpgEcaC/gAAU+RkAABatBEAADlm8AAADPGWA=
Date: Wed, 10 Feb 2021 15:01:56 +0000
Message-ID: <MW4PR02MB7394E66ED9A0C7972B39CAC3C68D9@MW4PR02MB7394.namprd02.prod.outlook.com>
References: <MW4PR02MB7394D874710B5CD2909C3831C68D9@MW4PR02MB7394.namprd02.prod.outlook.com> <B9C93E59-D7CB-4437-BE6A-570A9ECF18B3@tsinghua.org.cn>
In-Reply-To: <B9C93E59-D7CB-4437-BE6A-570A9ECF18B3@tsinghua.org.cn>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: tsinghua.org.cn; dkim=none (message not signed) header.d=none;tsinghua.org.cn; dmarc=none action=none header.from=att.com;
x-originating-ip: [72.229.64.230]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3bb6509e-998c-4677-92df-08d8cdd4cf5e
x-ms-traffictypediagnostic: MW4PR02MB7108:
x-microsoft-antispam-prvs: <MW4PR02MB7108B94A69A29CC2EFCD3B4BC68D9@MW4PR02MB7108.namprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:1201;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: qWTVGR+gPL34eqINoVRnMjJTt2kpRqf1Etgsf+wF1lqb5HbvRswVPd/C+arFt2JovbsJGM4wA4X8I/EoAfdRNhBL85i9IRwLNYQ6zwcoMcK6d1EMD+T5pTuzAlZRlohMH+S3mUnxM0fhuo9/2ieZfu7gVbXtQaZVZyVDg4/FKVF6ovY8olzz/f+sycr1wJubWXSh49YLM4Z0U6QJahDViEXIeEbxLjCCliF/6+OiPUIpuwLA8ksjVO0YacarB1OUz9H3W8ZwyHQjl8YusXSJl5/fto8ArQs/1gBxWxgPnOUZp09vQeoR03tVeV5iTc9B8qzxTVUZRxsQ9wXrHCL/ztIXicxUZBMdkQqKM4Agku5BDN050FcWLDORCps4ledjr0+6b+lC5xG273j5LpuLOpxDcVBbT+wALUtgxlEBoPaE6AbHrENhFyowNfkYfrjVk6gwfnYE6bZK0Y5Tu53Q+lb3DQ0l78NEs8MwvEPuSjU96x5NdKIboCIW3Ex7klfraDi4dGuNTyccUFCbeaPv0sqLX4to98YzmeyoLxlzLoaZa6Inj41HJjIExpmlUWHXZIHmOMEW6Mu3bTR03oNBSCxuf6BG3DbxDa7KxeWmYBA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MW4PR02MB7394.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(366004)(136003)(39860400002)(76116006)(8936002)(66946007)(66446008)(64756008)(2906002)(66476007)(26005)(86362001)(66556008)(6506007)(4326008)(53546011)(186003)(55016002)(6916009)(9686003)(71200400001)(52536014)(5660300002)(54906003)(83380400001)(316002)(166002)(8676002)(82202003)(478600001)(966005)(7696005)(33656002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: a8tMS60y/1cE6tErBk9oY/TyXIK1wD+ba3iGLaFwMS511vSOl+F/ZSfStbYQXU0w2X45d7hz2NLZ+CR2v21lAyh1hK9Zu3LuTK3Ir6z6nR98bJliP5SiQkLlje6kk8l0kv3Ji3/WHKARFOhouYstvhooJNSxPAQMQn8Yl8oF05bw7U6nYq33pVVEYyHaFNEAFKr54oRrmJ8lhY53wU0WdAp1g9zbo0YKirbAJ1/NS4WzuTggGFYDBlHREDualCq+WHK6GU7Z4PNLejdtxDJb55OEUHOrTvGoOSycMXclh2EIKiXIon3VIIZuG7jd+n6LBV69AppVaE5ljVvQxqzwyjvbu2xATHDUnkstdnfql0feI6oo9Rbxt3DIwrLvOF5s03G42pubQZsBLKU04Cge5cous8t6RLKA0TtLr4GwPs87LhmFMCLSQIy8ZQdjAvJkGKGsai5Z/LM4DFJbu8lrnNzDdLr8vEKK9kn8ZU7YlCS8meWvwykpkNc1fjxCu2MaUozVwEh4TKPg8hxJlKfnOvXO6J7g39PvNSsDNPL77QFqX6CeMZ0QVC6rJNd3C+16fqqtmFnShUhUdMACyx7Q5soyy0dPD61ZaVOUslxpWQsvj6OtqTEdcGqvrENx4r/dquto18IvoMNdQ1tVbox9npu0+QigzvNbodmCd4rVHxYnaKRfWBG7yFrvV2Z2Cboqr9wt5DW+nOBxZRNn9qvgvc/sL7vPDAnoFK0bGQPtPtB2IuxVwsr45EVo9lSPG9jLKhBhicspY0atGU1qteAtKDJHa2mh7rOqDlSXHg2wogyl0BCEui+vbkcXTdn6gEstH7fIByKXvbXF3zDUQ5UIboMGplcIPZd44AdgoH4zROejlmVwdV0tyxj2sevdS2mg4DHHFnZlrDjSXWEYPXN34VoQ1W3cKxgbocGAecZcZsIn8chye+t3KejR74+WBpckpSMZiHcWoiipZUPHZevIzA3sLfr/+PWyg8uRu4rrpGcasm8cL6tleP65z04yZPMy7rH7p+kpNOcxz3Pn4DFOfuuCjXTZv8M5TaZbMJ6PZugIvzsfyL2q76YT9xaUDPnxKqw2FkD8m9KEPVlNZkIc1EAt0/knLedk43vmOhabw5GJGEtwMg4hEW2wqv1TQwBgeATIP1hoGQ5MVjGL1cmvl+M53dx0xn116Eh+9pfvY2Z/MCdXzRZP4Em70IrtEhBk987pdi8ZTC2Gyh1Zq8JENxonqAa/1forS/3nIjiZpJco8p+ys+0/IQGWmi7gfUHiaDtdFzRBOvmJe3Z0ZsFoTViQxHBRj34X+2DNNTfbYq0AlsSUx5GX/RnJMTi4iGQs
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MW4PR02MB7394E66ED9A0C7972B39CAC3C68D9MW4PR02MB7394namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MW4PR02MB7394.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3bb6509e-998c-4677-92df-08d8cdd4cf5e
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Feb 2021 15:01:56.7632 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: e741d71c-c6b6-47b0-803c-0f3b32b07556
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vJq9zAJHqBeG0/eTcoLjYZq8og/rm9ffLz9IWrrcIywchIL2wPWNDWKE7W2JeqRY
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR02MB7108
X-OriginatorOrg: att.com
X-TM-SNTS-SMTP: 38B5F018E15895C4E4887BA15B986DAC0A5176764DA86BFE33D907996F8C06CC2
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.737 definitions=2021-02-10_06:2021-02-10, 2021-02-10 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 adultscore=0 lowpriorityscore=0 mlxlogscore=999 clxscore=1011 priorityscore=1501 bulkscore=0 mlxscore=0 phishscore=0 malwarescore=0 spamscore=0 impostorscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2102100143
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/c_OmdqeNe0lNzX1CgCFB7yYy9eI>
Subject: Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Feb 2021 15:02:25 -0000

TBH looks like a solution in search of a problem.

The tools used for the last 20+ yrs. to prevent a mis-behaving CE or peer are proven.

An example:

“When the VRF of VPN1 in PE1 overflows, due to PE1 and other PEs are
   not iBGP neighbors, BGP Maximum Prefix Features cannot work, so the
   problem on PE2 cannot be known.”

My take on this very first premise is that a VRF ( VPN1 ) on PE1 is being overwhelmed with routes. These routes are not coming from the RR topology. So what is the scenario ? Is it a redistribution from VRF ( VPN2 )->VRF( VPN1 )? If so, you have a serious security issue.. Is it redistribute from another protocol, the GRT?

I disagree with your premise that the current suite of mitigations are not sufficient..  There are certain assertions which are subjective and not appropriate. AN example:

“4) Configure the Maximum Prefix for each VRF on edge nodes

   When a VRF overflows, it stops the import of routes and log the extra
   VPN routes into its RIB.  However, PEs should parse the BGP updates.
   These processes will cost CPU cycles and further burden the
   overflowing PE.”

What does this mean? There are networks that have been parsing millions of BGP Updates and routes. I have seen VRF overflows and they have been specific to said customer’s VRF. Where are you coming up with this and other broad assertions.

From a solution point of view I do not believe in overloading the object. IOW RD is meant to convey uniqueness of a given path through a topology, overloading it with this semantic means what to the existing semantic.. As an ex, some operators use unique RD so there is no path hiding, eibgp load balancing etc.. Generally speaking I do not want my RRs making a best path decision for a given path. Some do not use unique RD for there own reasons including scale, possible alignment of RR topology to underlying best path etc…

In order to use this technology what are the requirements in terms of assigning RDs?

Thanks,
              Jim Uttaro




From: Aijun Wang <wangaijun@tsinghua.org.cn>
Sent: Wednesday, February 10, 2021 9:17 AM
To: UTTARO, JAMES <ju1738@att.com>
Cc: Lizhenbin <lizhenbin@huawei.com>; Susan Hares <shares@ndzh.com>; idr@ietf.org
Subject: Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)

Hi, Jim:

Would you like to elaborate your considerations in detail?
We can try to address your concerns via the mail list or updating the draft if you have reasonable comments.

Thanks in advance.

Aijun Wang
China Telecom


On Feb 10, 2021, at 20:35, UTTARO, JAMES <ju1738@att.com<mailto:ju1738@att.com>> wrote:

Do Not Support.

Thanks,
              Jim Uttaro

From: Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>> On Behalf Of Lizhenbin
Sent: Wednesday, February 10, 2021 4:47 AM
To: Susan Hares <shares@ndzh.com<mailto:shares@ndzh.com>>; idr@ietf.org<mailto:idr@ietf.org>
Subject: Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)

Hi All,

I support the adoption.
1) Yes
2) Yes
3) Yes

Best Regards,
Zhenbin (Robin)




From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Susan Hares
Sent: Thursday, February 4, 2021 11:38 PM
To: idr@ietf.org<mailto:idr@ietf.org>
Subject: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)

This begins a 2 week WG adoption call for draft-wang-idr-rd-orf-05.txt (from 2/4/2021 to 2/18/2021)

This draft defines a new Outbound Route Filter (ORF) type, called the
Route Distinguisher ORF (RD-ORF).  RD-ORF is applicable when the
routers do not exchange VPN routing information directly (e.g.
routers in single-domain connect via Route Reflector, or routers in
Option B/Option AB/Option C cross-domain scenario).

Please be aware that this draft has one IPR statement attached.

https://datatracker.ietf.org/ipr/4579/<https://urldefense.com/v3/__https:/datatracker.ietf.org/ipr/4579/__;!!BhdT!3JFUDaX3WxfXuq0-jDevFeHNv4xKPBpOZ-cktrZ8Hg9b1Ipaj0PIHJh3ZFw$>..

Please consider the following questions in your review and comments:

1) Will this new ORF filter reduce routing information at key points?
2) Should the WG consider this draft given it has an IPR claim or
    Would the IDR WG prefer another approach?
3) Is this draft ready to be adopted and refined as WG draft?

Cheerily, Susan Hares


_______________________________________________
Idr mailing list
Idr@ietf.org<mailto:Idr@ietf.org>
https://www.ietf.org/mailman/listinfo/idr<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/idr__;!!BhdT!yysdkGCNAgoHWvY47NKedcAHI_Yf6MRpOT4zgCSp7HcB9m4Q73F8OU36k5sDVys$>

v2.23.0 | Report a Bug | By Email