[Idr] AD Review of draft-ietf-idr-bgp-gr-notification-13
Alvaro Retana <aretana.ietf@gmail.com> Thu, 07 December 2017 21:12 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE1FC1241FC; Thu, 7 Dec 2017 13:12:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cfnVG-o98bHC; Thu, 7 Dec 2017 13:12:00 -0800 (PST)
Received: from mail-ot0-x242.google.com (mail-ot0-x242.google.com [IPv6:2607:f8b0:4003:c0f::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73727128DF3; Thu, 7 Dec 2017 13:12:00 -0800 (PST)
Received: by mail-ot0-x242.google.com with SMTP id h9so7571043oti.0; Thu, 07 Dec 2017 13:12:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:date:message-id:subject:to:cc; bh=h38kZHWL7EbPY1Ajy6WvrasFYCjp7We1nPmE+ccUy3k=; b=Xi1EOVd64bOB2TAYAk4zW1gHUP/n3FCc5st5jo8EhG1hBBPTZ3zhLb6yd3RF57CJed 6MSAiSPQb5OQ8ljM84G7zWz/NS+SPdicrKFJC3XSFPkrnUQiUbHyo3/wJgxdtVcB5QBs 6O1zSnkUGEfFplVLJKzMrNikwJWyRyjr+ssgZ3g46DKNO73gTERfE7W4cleeILXHwEqw sc8qoUoRL0ULJgfjXR2CIm41C8N295O0cMtg9hznXXrcgTpQJE5SvpuQb3xOylFUW7qs VEb4UX7ddc9ft6ExiWYTpWl/YNHUyFr1EPwm3PmXiHgi+ScntnXBI7jL9n2ybWZ8K1y4 yWHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:date:message-id:subject:to:cc; bh=h38kZHWL7EbPY1Ajy6WvrasFYCjp7We1nPmE+ccUy3k=; b=oIzucD77FlbpXqW+et4USKWGGNhJKuSfQ58IhOU1nRBkNksm0RpiyWhFsbUJGO01fY Kd+5N9twLW+Krvx1UTtbZKKSwsFyPm80yH1r+PVQ50l/ErVbWMxnsByZsF6q8kGszKyM DkE+ockjU6/hxKkKXoUbHRVcMI3Z+N6VNtds6h4mgCXax1F5/9TZ/HqkAcxn4rK/DXYY CDGJtRDdCWXg/ULzBqp0xmiK9tnIxakv/6zq6gasA00vTko6X9WWuOohKMIFn4aR3qhG adpWmyiNdC93i60eDEOquM4fcV8hT0LA+PIPQN2hRXfw7vTs7vaR2QlUgPxgy1vbQuv5 vlBw==
X-Gm-Message-State: AJaThX7qoazgWNfQ80sG8PJT2SMHlNg9k8HfH+uMYJ8aqKcnHXLQ+4kH tHJxDRS6FQpnwEK2gVP4ZXeT6crWyM4FD6Inldw=
X-Google-Smtp-Source: AGs4zMYqzbqHNxGNwlO6RFd3r9vUtBqrvbe0NQ616rfxHKZTK2fD1IHnpo+0pf9QNGx+NSs46j0TnIQcBRn1gDge+1Q=
X-Received: by 10.157.56.200 with SMTP id k8mr24660150ote.3.1512681119642; Thu, 07 Dec 2017 13:11:59 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Thu, 7 Dec 2017 13:11:59 -0800
From: Alvaro Retana <aretana.ietf@gmail.com>
X-Mailer: Airmail (461)
MIME-Version: 1.0
Date: Thu, 07 Dec 2017 13:11:59 -0800
Message-ID: <CAMMESszAe0avmcX0X95uOwRu29cTvbx_t7ewBwU-Hig20SD9pg@mail.gmail.com>
To: draft-ietf-idr-bgp-gr-notification@ietf.org
Cc: idr-chairs@ietf.org, idr@ietf.org, Jie Dong <jie.dong@huawei.com>
Content-Type: multipart/alternative; boundary="001a11c01f18cb79b6055fc6840c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/g-ie-ETLWDCFXLl8h6AYv2EdcsY>
Subject: [Idr] AD Review of draft-ietf-idr-bgp-gr-notification-13
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Dec 2017 21:12:03 -0000
Dear authors: I just finished reading this document — I have some comments, please see the list below. I understand the intent of this document: instead of resetting a BGP session when a NOTIFICATION is received, use Graceful Restart; if the session is going to *really* be reset, then use the new Hard Reset sub-code. That makes sense to me…but, is that the only code/sub-code for which it makes sense to do a hard reset? The NOTIFICATION has always had the “stigma” of being something bad, so much that we (idr/IETF) have even worked on ways to reduce its use (rfc7606, for example). I want to ask the WG to consider whether other code/sub-code NOTIFICATION combinations should also result in a hard reset. I think there are several cases, for example: (1) rfc4486 (Subcodes for BGP Cease Notification Message) defines “Administrative Shutdown” ("a BGP speaker decides to administratively shut down its peering with a neighbor”). It seems to me that the sender of this NOTIFICATION would not want to "follow the rules for the Receiving Speaker” (as specified in Section 4). (2) rfc4486 also defines "Administrative Reset” ("a BGP speaker decides to administratively reset the peering with a neighbor”); no more details are provided, but that sounds like a hard reset to me. (3) …there’s probably others... Having said all that, I note that Section 3.1. (Sending a Hard Reset) specifies the “encapsulation” (for lack of a better word) of the real reason for the Hard Reset. If the consensus is to go forward with that, and not call out other exceptions, then I think that the text in 3.1 should expand more on the encapsulation operation and the rationale for doing it this way, and the document should also address other recent work that recommends the use of Administrative Shutdown, for example draft-ietf-grow-bgp-session-culling (a BCP currently in the RFC Editor’s Queue). [After I wrote the text above…] I found that some of the points have been discussed on the list already — please include some of that discussion/analysis in the document. I’ll wait until the issue above and ones marked Major (below) are addressed before starting the IETF LC. Thanks! Alvaro. Major: M1. Unfortunately, rfc4724 failed to setup a registry for the Restat Flags (or the Flags for Address Family), which means that anyone is able to use the bits in there (assuming the receiver looks at them, of course). Given that there are only a few bits, and to prevent conflicts, I would really like to see a registry set up. This document is already tagged to Update rfc4724, so it seems like a good place to establish the registries. [If for some reason you rather not include that information here, then we can take care of it elsewhere. IOW, this request is not a requirement.] M2. Section 4.1. (Rules for the Receiving Speaker) has me a little confused. Are the proposed changes contingent to setting the N bit? The text starts by saying: "As part of this extension, routes from the peer previously marked as stale MUST NOT be deleted, until and unless the optional timer…expires…”…does that mean that the timer is no longer optional? Then you also say: “...if the Graceful Notification ("N") bit is not set in the newly received Graceful Restart Capability, no new actions are triggered on the Receiving Speaker -- in particular, a clear "N” bit does not trigger deletion of stale routes.” If I understand rfc4724 correctly, stale routes could be deleted — the text indicates changes in the behavior even if the N bit is not set, right? If you are Updating this section of rfc4724, what would make it crystal clear is an “OLD/NEW” notation of the text (as in, this is the OLD text…and this is the NEW text…). M3. Security Considerations: Maybe not a security issue, but something to think about. Section 4.1 says that “routes...previously marked as stale MUST NOT be deleted, until and unless the optional timer...expires, or unless a Hard Reset is performed. This supersedes the “consecutive restarts” requirement…”. Not deleting the stale routes and not making the timer mandatory could result in stale routes that live forever if an attacker manages to create consecutive restarts (by simply sending NOTIFICATIONS before EoR) — stale routes are ok in the short term, but may point in the wrong direction eventually. Is this an issue? I think that it would be mitigated if the timer was made mandatory (with a nice default). Minor: P1. Section 4: “...receive and send BGP NOTIFICATION messages in Graceful mode...” What is “Graceful mode”? Nits: N1. In Section 2, please indicate that the first figure corresponds to the GR Capability from rfc4724. N2. s/subcode is defined known as/subcode is defined as N3. s/Graceful Notification flag/Graceful Notification bit (For consistency) N4. The operation is obviously per-AF; maybe it’s worth saying that somewhere just for completeness.
- [Idr] AD Review of draft-ietf-idr-bgp-gr-notifica… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… John G. Scudder
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… John G. Scudder
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… John G. Scudder
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… John G. Scudder
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… John G. Scudder
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… Job Snijders
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… John G. Scudder
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… Jeffrey Haas
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… John G. Scudder
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… Jeffrey Haas
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… John G. Scudder
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-gr-noti… bruno.decraene