IETF Logo Mail Archive

Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)

Robert Raszuk <robert@raszuk.net> Wed, 22 November 2017 23:36 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BC7212947C; Wed, 22 Nov 2017 15:36:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.409
X-Spam-Level:
X-Spam-Status: No, score=-0.409 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xBUzOI0lhdlR; Wed, 22 Nov 2017 15:36:23 -0800 (PST)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63BA61293E4; Wed, 22 Nov 2017 15:36:22 -0800 (PST)
Received: by mail-wm0-x230.google.com with SMTP id 128so13268560wmo.3; Wed, 22 Nov 2017 15:36:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=5tKaoLl0qv0ggE2nnCxih/dn9FRMRIibcoRpCzqFjAA=; b=YrD2veyrDyQQpCCzYaQy5Ps5OCFWO4+WsSbFc+CM1/CiGHy/qkg6nLlXMOs1BSMsqT r05KGSHIIG2FTNnbS1KIE4fbrC5LMzhNRtxwBkKX41WJrMrYMxeIO7ZOgpF+Ay2sG9dL Pt0fIABx3vlbwmibmAK3mUgyHNdIxvfl//sQd4U2llpz9733pZ5HNrT0vlUFEyLehXkG fzE/dC203lpyocvrHboXPZ13Nyv/ZhxdNc0qCPKaDbnuNMAJajzv51uSOkK8ytZI3Lmv EeqbtzM8V3Pt/kn0Jt/u0DuSGtX27S4XMbHIJVqzegEVYlIuI2C6od8LHiLIMwZq27lx EgnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=5tKaoLl0qv0ggE2nnCxih/dn9FRMRIibcoRpCzqFjAA=; b=A3sOZX43d2TyRV/pNy2g4tmMRKLdZO69pS1gqSBIQyX3w41wQLq8HsXTqQlxSWkLoy Z3fesvIkeKcbKfM9gKgqMhJ4OCFrCUs83cNQS9V2UeupKJ7DviUL+KwALMMuArJ//To/ AArmHLQWXqvnVCiutKunHIz1sE1mxG8iJmLrKoyDh+yFHvllEO5UloXoTgOM4kxZDs0a hNYIRMx1QDe+la1Bn2TdgOfftc+y+w4u3DZD5++aJOWh3Zk5ih4NKbndBBXDIqR2+UZa RAZ1LzVFhVOeq9agprqDZrbYQpUjpr8Xba5dCfIyB+Hq05pk7M7qejVIPR+3Skz+ve5M AkUQ==
X-Gm-Message-State: AJaThX48fPj5M5ROXGx4vgewiuwN7IMeFfr2tH8QjmmJYVX5xOpu2x8P 7VDQshyFV9hoPk9uJckxOnChJQsCXyV5EiQEvEaeIQ==
X-Google-Smtp-Source: AGs4zMb7GW2t1nmVqQlOufaN5jNejPfsEt50lcYstUjm5NPdxm5YAJ5Ncw6dj1FL7UPO78bcXxMfahd1XzRxFdPGKk4=
X-Received: by 10.28.47.68 with SMTP id v65mr5907010wmv.11.1511393780664; Wed, 22 Nov 2017 15:36:20 -0800 (PST)
MIME-Version: 1.0
Sender: rraszuk@gmail.com
Received: by 10.28.54.217 with HTTP; Wed, 22 Nov 2017 15:36:19 -0800 (PST)
In-Reply-To: <2B92A151-5A78-46EE-8A46-C09603A37219@cisco.com>
References: <000901d35c08$3f12d950$bd388bf0$@ndzh.com> <B61C3B8F-1168-4EB1-8D8E-88C4BF28B3AA@exa.net.uk> <CA+b+ER=1sHhAqhOc2VipzZMB+Zsxk8n+8cNUshkjPw_A9k9E-A@mail.gmail.com> <39049A8C-6D47-4251-AF87-342F68DDE8AE@exa.net.uk> <CA+b+ER=ANs15BEmRKeqneVHNcTSCsGDMVDQgFV4OucwPSWcLgw@mail.gmail.com> <CACWOCC9Yde99EbhLrveCtoUVSZWiP=sL=k69zrGBeNj5AjCGFQ@mail.gmail.com> <CA+b+ERk_2XZ_Y3EqSjNAbSi1ZqKhD2oThrRR2EOJzckQ41GijA@mail.gmail.com> <CACWOCC-EfzOYdUrHAWQN10LBzofySrKRADc6Zq-dyca1o0DPvw@mail.gmail.com> <CA+b+ER=ppm1N2wnMrPxxS_Nug2EaETBkW5gASTVZ2UKKq0aZJA@mail.gmail.com> <976743ea96934039a85fa74415b45862@XCH-ALN-014.cisco.com> <CA+b+ERmpEghcndHKM+WKKxg1V8ufTwg=xqb0J5jNowZHj2OwAQ@mail.gmail.com> <88d5df779a344b588745108c771d3145@XCH-ALN-014.cisco.com> <deae6e85c3ff47a6bbcac176eb91bd3e@XCH-ALN-014.cisco.com> <F0EAF2D4-656D-48BD-830B-DC2E8B862813@nist.gov> <A0106E1A-272D-4E1D-A0F3-E3531D583AA3@cisco.com> <1D2FD437-0EEF-4FF6-9853-C09E7EEA2A15@nist.gov> <2B92A151-5A78-46EE-8A46-C09603A37219@cisco.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Thu, 23 Nov 2017 00:36:19 +0100
X-Google-Sender-Auth: I_hi6jlybPV0v3Jd9z5uU2HIbdw
Message-ID: <CA+b+ERkq2NWr5K7wDOafS52+pbKETpGH+5vMXUbGgCGCA0QBEw@mail.gmail.com>
To: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
Cc: "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>, idr wg <idr@ietf.org>, "idr-ads@ietf.org" <idr-ads@ietf.org>, Idr <idr-bounces@ietf.org>, Thomas Mangin <thomas.mangin@exa.net.uk>, Randy Bush <randy@psg.com>
Content-Type: multipart/alternative; boundary="001a114238606990c7055e9ac9f3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/f-HEuRHTUnnBncg7FZu4ZvAjQE4>
Subject: Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages (11/12 to 11/26)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Nov 2017 23:36:27 -0000

Hi Jakob,

You are very correct. But the way to address this point (and yes it would
be great to address it) is to include in this current draft (a WG document
after all) sections pertaining to each current BGP Attribute and its
maximum size in the extended message. I think this is what was also
Olivier's main point - not that your observations were wrong - they just
did not fit with the current way documents are progressed.

Or as I suggested add one line to the current spec stating that current
attributes MUST not be extended in size unless a new specific RFC will
allow for it as provide interop between 4k/65K boundary rules for each such
attribute.

Just placing those on implementation report wiki (while not being part of
the document) is not part of the IDR process I am afraid. Besides even if
someone reports it works today you have zero guarantees that it will work
the same way tomorrow unless it is clearly spelled out in the RFC given
implementation claims to support.

Thx,
R.

On Thu, Nov 23, 2017 at 12:26 AM, Jakob Heitz (jheitz) <jheitz@cisco.com>
wrote:

> If router A follows this draft, then it can quite legitimately send an
> update with 16000 communities. If router B cannot receive and process it,
> then it’s broken.
>
> If path attribute size is not addressed, then this draft will cause
> inoperable implementations. As such, it is not fit for standardization.
> Either we assume the maximum possible size for all attributes or specify
> shorter maximum sizes. Anything less leads to failure to interoperate.
>
> Oliver, what maximum sizes does your implementation support?
> You can put those sizes into the wiki.
>
> Thanks,
> Jakob.
>
>
> On Nov 22, 2017, at 11:58 AM, Borchert, Oliver (Fed) <
> oliver.borchert@nist.gov> wrote:
>
> To my understanding the wiki should state compliance with the draft in
> question and not particular BGP attributes.
>
>
>
> The draft is about the capability of sending and receiving updates larger
> than 4K and how to handle if the capability is not propagated, as well as
> the “5 mile view” on what to do if an update would exceed the newly
> proposed max length of 64K, it is not about performance issues etc.
>
>
>
> To me the added questions in the wiki are more about the capability to
> process individual attributes that might become large. This is outside the
> scope of the draft in question.
>
>
>
> It seems to me that what you try to solve is not compliance with the
> draft, it is more about the capability of particular implementations on how
> to deal with larger updates and this might change with memory, CPU, quality
> of implementation, etc. but has nothing to do with the draft in question.
>
>
>
> In case there are issues with attributes getting too large and therefore
> causing issues to BGP itself, then I believe the RFC’s dealing with these
> attributes should be updated.
>
>
>
> Again, I believe this is out of scope of this draft and I do not see any
> need to have these questions in the wiki.
>
>
>
> Oliver
>
>
>
> *From: *"Jakob Heitz (jheitz)" <jheitz@cisco.com>
> *Date: *Wednesday, November 22, 2017 at 12:16 PM
> *To: *Oliver Borchert <oliver.borchert@nist.gov>
> *Cc: *Robert Raszuk <robert@raszuk.net>, idr wg <idr@ietf.org>, "
> idr-ads@ietf.org" <idr-ads@ietf.org>, Idr <idr-bounces@ietf.org>, Thomas
> Mangin <thomas.mangin@exa.net.uk>, Randy Bush <randy@psg.com>
> *Subject: *Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages
> (11/12 to 11/26)
>
>
>
> Larger message implies larger path attributes. You may answer “no” for the
> parts with which you do not comply.
>
>
>
> If the implied path attribute sizes are too large, then we need to be
> explicit about the maximum sizes for each attribute in the draft. Please
> suggest reasonable maximum sizes.
>
> Thanks,
>
> Jakob.
>
>
> On Nov 22, 2017, at 7:10 AM, Borchert, Oliver (Fed) <
> oliver.borchert@nist.gov> wrote:
>
> Jakob,
>
>
>
> I looked into the added questions for the compliance report you added on
> the wiki.
>
> I am not quite sure that these added questions do apply for a compliance
> of the requested draft. These do more apply to features used within BGP
> that might result in larger BGP messages.
>
> And here the draft has a clear message in the last paragraph of section 3:
>
>
>
> “It is RECOMMENDED that BGP protocol developers and implementers are
>
>
>   conservative in their application and use of Extended Messages.”
>
>
>
> Therefore, they would more apply to proper functioning of implemented BGP
> features rather than the extended message itself. I do not believe that
> these new questions do apply here.
>
>
>
> Said that, BGPSEC-IO is a traffic generator that mainly focusses on BGPSEC
> updates. We did not add communities to the generated traffic and I do not
> intent to do so in the near future (though community contributions are
> welcome) – in this sense, for sending my answer is NA.
>
> On the receiving side, as long as the BGP update in itself is well formed
> and within its length boundaries (4K or < 64K) there is no issue. We just
> dump the update either on the “floor” or screen.
>
>
>
> With QuaggaSRx, as long as Quagga can process communities of that length,
> QuaggaSRx can as well. QuaggaSRx same as BGPSEC-IO do comply with the draft
> itself when it comes to accepting and generating > 4K updates as specified
> in the draft and we tested the processing and memory usage using BGPsec
> traffic of little less than 64 K.
>
>
>
> Oliver
>
>
>
> *From: *Idr <idr-bounces@ietf.org> on behalf of "Jakob Heitz (jheitz)" <
> jheitz@cisco.com>
> *Date: *Tuesday, November 21, 2017 at 6:13 PM
> *To: *Robert Raszuk <robert@raszuk.net>
> *Cc: *idr wg <idr@ietf.org>, "idr-ads@ietf.org" <idr-ads@ietf.org>, Idr <
> idr-bounces@ietf.org>, Thomas Mangin <thomas.mangin@exa.net.uk>
> *Subject: *Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages
> (11/12 to 11/26)
>
>
>
> 1 hour ??
>
> When I tested my large community code, I tested at the limit and over it.
>
> There was no perceptible time for the operations.
>
> 16 times imperceptible would be a blip at the most.
>
> The only operations that take a worrisome amount of time are regexp
> matches with nested wildcards.
>
> Hmm, I should add regexp matches explicitly, because that requires to
> expand the communities into ascii representation in the matching engine.
>
>
>
> Thanks,
>
> Jakob
>
>
>
> *From:* Idr [mailto:idr-bounces@ietf.org <idr-bounces@ietf.org>] *On
> Behalf Of *Jakob Heitz (jheitz)
> *Sent:* Tuesday, November 21, 2017 2:58 PM
> *To:* Robert Raszuk <robert@raszuk.net>
> *Cc:* idr wg <idr@ietf.org>; idr-ads@ietf.org; Thomas Mangin <
> thomas.mangin@exa.net.uk>; Idr <idr-bounces@ietf.org>
> *Subject:* Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages
> (11/12 to 11/26)
>
>
>
> Just that it does it without error.
>
> If the numbers are too large, we should discuss reasonable limits.
>
>
>
> Thanks,
>
> Jakob
>
>
>
> *From:* rraszuk@gmail.com [mailto:rraszuk@gmail.com <rraszuk@gmail.com>] *On
> Behalf Of *Robert Raszuk
> *Sent:* Tuesday, November 21, 2017 2:55 PM
> *To:* Jakob Heitz (jheitz) <jheitz@cisco.com>
> *Cc:* Job Snijders <job@ntt.net>; idr wg <idr@ietf.org>; idr-ads@ietf.org;
> Idr <idr-bounces@ietf.org>; Thomas Mangin <thomas.mangin@exa.net.uk>
> *Subject:* Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages
> (11/12 to 11/26)
>
>
>
> Hi Jakob,
>
>
>
> I think what you added is fine, but requires a time limit.
>
>
>
> Statement that implementation can receive, parse/validate, display in CLI
> or match in the policy 16K of communities all actions taking 1h each is
> rather not that interesting isn't it ?
>
>
>
> Or is the indicator of spec compliance a statement that it just does not
> crash regardless of time it takes for execution of each stated action :) ?
>
>
>
> Thx,
>
> //R.
>
>
>
>
>
>
>
>
>
>
>
> On Tue, Nov 21, 2017 at 11:38 PM, Jakob Heitz (jheitz) <jheitz@cisco.com>
> wrote:
>
> The new update message size requires support for:
>
> 16375 communities
>
> 8187 extended communities
>
> 5458 large communities
>
> I have not changed the as-path length, because it is already ridiculously
> high.
>
> If anyone wants to talk about a maximum as-path length, please speak up.
>
>
>
> I have added tests to the implementation report
>
> https://trac.ietf.org/trac/idr/wiki/draft-ietf-idr-bgp-
> extended-implementations
> <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftrac.ietf.org%2Ftrac%2Fidr%2Fwiki%2Fdraft-ietf-idr-bgp-extended-implementations&data=02%7C01%7Coliver.borchert%40nist.gov%7Cc29658d9c708468b0ccd08d5313576ee%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636469028063383089&sdata=zRFsa6v%2BqWcQo44fTcKtmbmqmFZicA495i%2BZfcA4ZSg%3D&reserved=0>
>
> to ensure full compliance with the consequences of the draft.
>
>
>
> Implementers, please update your compliance.
>
>
>
> Thanks,
>
> Jakob
>
>
>
> *From:* Idr [mailto:idr-bounces@ietf.org] *On Behalf Of *Robert Raszuk
> *Sent:* Tuesday, November 21, 2017 10:41 AM
> *To:* Job Snijders <job@ntt.net>
> *Cc:* idr wg <idr@ietf.org>; idr-ads@ietf.org; Idr <idr-bounces@ietf.org>;
> Thomas Mangin <thomas.mangin@exa.net.uk>
> *Subject:* Re: [Idr] WG Last Call foir draft-ietf-idr-bgp-extended-messages
> (11/12 to 11/26)
>
>
>
> Great !
>
>
>
> On Tue, Nov 21, 2017 at 6:35 PM, Job Snijders <job@ntt.net> wrote:
>
> Robert/Randy,
>
>
>
> About this being a default:
>
>
>
> Old (Section 4):
>
>
>
> A BGP speaker that is willing to send and receive BGP Extended Messages
> with a peer SHOULD advertise the BGP Extended Message Capability to the
> peer using BGP Capabilities Advertisement RFC5492].
>
>
>
> New (Section 4)
>
>
>
> A BGP speaker that is capable to send and receive BGP Extended Messages
> with a peer SHOULD advertise the BGP Extended Message Capability to the
> peer using BGP Capabilities Advertisement [RFC5492].
>
>
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
> <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fidr&data=02%7C01%7Coliver.borchert%40nist.gov%7Cc29658d9c708468b0ccd08d5313576ee%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636469028063383089&sdata=Bt6F5N6zA5v7GCXm7peFu06uK1TCD3sRHIVPffp%2F0O0%3D&reserved=0>
>
>
>
>

v2.23.0 | Report a Bug | By Email