[Idr] AD Review of draft-ietf-idr-bgpls-segment-routing-epe-17
Alvaro Retana <aretana.ietf@gmail.com> Fri, 01 March 2019 21:35 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 858E212F1AB; Fri, 1 Mar 2019 13:35:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ECxVyS19MDTF; Fri, 1 Mar 2019 13:35:02 -0800 (PST)
Received: from mail-ot1-x331.google.com (mail-ot1-x331.google.com [IPv6:2607:f8b0:4864:20::331]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60D36130F14; Fri, 1 Mar 2019 13:34:59 -0800 (PST)
Received: by mail-ot1-x331.google.com with SMTP id 98so22330954oty.1; Fri, 01 Mar 2019 13:34:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:date:message-id:subject:to:cc; bh=tRmjF4BAofHhL91anSwRLFw0pSWoC68JBn9Jf972KYc=; b=VQwuiCtBAR/IL9y8k2wMplRHlDsqFVOlr3nPpAo1T+L6M4ERj+mGi9WLQGtj+q9Duq fHtNu9VY17miuXBsE1iBIWxz5LfoDkRu7HtPA6SQ9rtSsOpozU+zX+w4JMtr57vNVqFL y/NpolntVOI3A6OUJ2FDReBZZzKn8beMfOcBCCNHRIuY8Qry0k27Bx8B8LfYgMWjToSK JKEL0g6H6X+UmCIo/oY9IDPnz/xo4wpAhCKMExXzCNUwFXRBJBiOSDFuTZymc/kGDV+m hujxCiSSnf7jUMq1VVOh+ou+lTOiCVgByEA+/08Vr+WrmCVgClJuWArAjsnUwsCwpq62 zyVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:date:message-id:subject:to:cc; bh=tRmjF4BAofHhL91anSwRLFw0pSWoC68JBn9Jf972KYc=; b=F/aiGnNSivdQrk3DT/+GFoeX1jangZusKrSKssL8KxIkzpYkLz3bhYdNNgzWXLpP7U X7ZYH2y42QGWVM+vKLlIp8Czz6l1QrtLQunzhfwX1EVjVZeov5dGeacNyZ8atTbVgSPO P785DfPVhgGfZoW+O4aJrRgyhY5GyUhr6/df1jqD33ToCVGImFtPskSG81sNXlpR3GNQ ijYHWxDYgLCUPOm9Y2s3ztTx8cvct64pS33l8ktjO0uPPhnJ1nL6Q31dxX3FOWmMtohp QAwxB+z8/snRZioN9tBXGA0hRnKyqN1dy8kkaj2Zd4x8BKwn0L9Wqrphu3Hx5mfctAoU d1Ag==
X-Gm-Message-State: APjAAAWhTcD/LUmzxBMHhAQOSLSn5l+JVNXnSnozZL68Swo7XuCE7D1k TCj9WzBl6imO/HHcG4fwZ6KvbGR0GaVzPGmJgeLeXg==
X-Google-Smtp-Source: APXvYqwadrDhdmbWEJvYviPC92P1uCillH9II6VAQnFa39J8+aoZ/4Ka3X03YtBBvefZLC5T6dj0wYfHFcHiQkZ0EGg=
X-Received: by 2002:a05:6830:1388:: with SMTP id d8mr4984119otq.44.1551476097689; Fri, 01 Mar 2019 13:34:57 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Fri, 1 Mar 2019 22:34:57 +0100
From: Alvaro Retana <aretana.ietf@gmail.com>
MIME-Version: 1.0
Date: Fri, 01 Mar 2019 22:34:57 +0100
Message-ID: <CAMMESsw-8R=+K7CH-rkZVWXXYTA_iNXLG2SVJexCUs7g795Jdw@mail.gmail.com>
To: draft-ietf-idr-bgpls-segment-routing-epe@ietf.org
Cc: Susan Hares <shares@ndzh.com>, idr-chairs@ietf.org, "idr@ietf. org" <idr@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ae2c8105830f2d63"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/gj8Pus9OHf0yAGr1m2-8Nb5WivE>
Subject: [Idr] AD Review of draft-ietf-idr-bgpls-segment-routing-epe-17
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2019 21:35:19 -0000
Dear authors: I just finished reviewing this document. Please take a look at in-line comments below. In general, I think that the document needs work in being consistent with terminology and its use. Also, more details are needed in the Management and Security sections. I have major concerns about the references to draft-ietf-spring-segment-routing-central-epe. In the current text, draft-ietf-spring-segment-routing-central-epe is not only referenced as an example of the use of the SIDs defined here, but in a Normative way to indicate how the TLVs should be treated. The obvious question is about the applicability of the extensions (see the text in §5 about "other use cases"). The importance given to I-D.ietf-spring-segment-routing-central-epe in this document, which should elevate it to a Normative reference, is probably more than it deserves since it just "illustrates the application of Segment Routing to solve the BGP Egress Peer Engineering (BGP-EPE) requirement" and it doesn’t contain a list of protocol requirements nor it mandates how the new TLVs should be used. Note also that draft-ietf-spring-segment-routing-central-epe refers normatively to this document to explain the use case, so pointing Normatively back to it creates a loop.... Please treat draft-ietf-spring-segment-routing-central-epe as what is should be: a good Informative reference — I put specific comments in Sections 3 and 5 below. I will wait for at least the major items to be addressed before starting the IETF Last Call. Thanks! Alvaro. [The line numbers come from idnits.] ... 32 Requirements Language 34 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 35 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 36 document are to be interpreted as described in RFC 2119 [RFC2119]. [major] Please use the rfc8174 template. ... 103 1. Introduction ... 113 The SR architecture [RFC8402] defines three types of BGP Peering 114 Segments that may be instantiated at a BGP node: 116 o Peer Node Segment (Peer-Node-SID) : instruction to steer to a 117 specific peer node 119 o Peer Adjacency Segment (Peer-Adj-SID) : instruction to steer over 120 a specific local interface towards a specific peer node 122 o Peer Set Segment (Peer-Set-SID) : instruction to load-balance to a 123 set of specific peer nodes [major] rfc8402 doesn't use the same names as above. Please be consistent with the language already defined there. Here, and across the rest of the document. ... 138 One use-case for these BGP Peering Segments is to enable computation 139 of SR paths that enable Central BGP-EPE as described in 140 [I-D.ietf-spring-segment-routing-central-epe]. This use-case 141 comprises of a centralized controller that learns the BGP Peering 142 SIDs via BGP-LS and then uses this information to program a SR policy 143 [I-D.ietf-spring-segment-routing-policy] at any node in the domain to 144 perform traffic steering via a specific BGP egress node to a specific 145 EBGP peer(s) optionally also over a specific interface. [minor] I-D.ietf-spring-segment-routing-central-epe doesn't mention I-D.ietf-spring-segment-routing-policy anywhere. 147 This document introduces a new BGP protocol type for BGP-LS NLRI and 148 defines new BGP-LS Node and Link description TLVs to facilitate 149 advertising BGP-LS Link NLRI that represent the BGP peering topology. 150 Further, it specifies the BGP-LS Attribute TLVs for advertisement of 151 the BGP Peering Segments (i.e. Peer Node SID, Peer Adjacency SID, 152 and Peer Set SID) to be advertised in the same BGP-LS Link NLRI. [major] s/introduces a new BGP protocol type for BGP-LS NLRI/introduces a new BGP-LS Protocol-ID [minor] s/Node and Link description TLVs/Node and Link Descriptor TLVs [minor] s/Link NLRI/Link-State NLRI/g 154 2. Segment Routing Documents 156 The main reference is the SR architecture defined in [RFC8402]. 158 The SR BGP-EPE architecture and use-case is described in 159 [I-D.ietf-spring-segment-routing-central-epe]. [nit] This section doesn't add anything that hasn't been already mentioned. Please consider removing it. 161 3. BGP Peering Segments 163 As described in [I-D.ietf-spring-segment-routing-central-epe], a BGP- 164 EPE enabled Egress PE node MAY advertise SIDs corresponding to its 165 attached peers. These SIDs are called BGP peering segments or BGP 166 Peering SIDs. In case of EBGP, they enable the expression of source- 167 routed inter-domain paths. [major] "As described in [I-D.ietf-spring-segment-routing-central-epe], a BGP-EPE enabled Egress PE node MAY advertise SIDs..." I-D.ietf-spring-segment-routing-central-epe is just an illustrative document; it uses Normative language just to describe the requirements for the solution, and not to specify behavior (as suggested above). In this case the "MAY" seems to be used to describe the use case: s/MAY/may 169 An ingress border router of an AS may compose a list of SIDs to steer 170 a flow along a selected path within the AS, towards a selected egress 171 border router C of the AS, and to a specific EBGP peer. At minimum, 172 a BGP-EPE policy applied at an ingress PE involves two SIDs: the Node 173 SID of the chosen egress PE and then the BGP Peering SID for the 174 chosen egress PE peer or peering interface. 176 Each BGP session MUST be described by a Peer Node SID. The 177 description of the BGP session MAY be augmented by additional Peer 178 Adjacency SIDs. Finally, multiple Peer Node SIDs or Peer Adjacency 179 SIDs MAY be part of the same group/set in order to group EPE 180 resources under a common Peer-Set SID. [minor] Please add forward references to the sections where more details are provided. 182 When the extensions defined in this document are applied to the EPE 183 use-case defined in [I-D.ietf-spring-segment-routing-central-epe], 184 then the following BGP Peering SIDs need to be instantiated on a BGP 185 router for each of its BGP peer sessions that are enabled for EPE [major] I-D.ietf-spring-segment-routing-central-epe is being used as Normative (below) justification for the definition of peering segments. If possible, please describe the specification in general terms... The text above and in §5 (where it talks about different behaviors for "other use cases") raises the question of whether this document applies in general to any (known) use of the segments defined here, or only to BGP-EPE. IOW, what are those "other use cases"? Where are they described to guarantee that the specification applies to them? 187 o One Peer-Node-SID MUST be instantiated to describe the BGP peer 188 session. 190 o One or more Peer-Adj-SID MAY be instantiated corresponding to the 191 underlying link(s) to the directly connected BGP peer session. 193 o A Peer-Set-SID MAY be instantiated and additionally associated and 194 shared between one or more Peer-Node-SIDs or Peer-Adj-SIDs. 196 While an egress point in a topology usually refers to EBGP sessions 197 between external peers, there's nothing in the extensions defined in 198 this document that would prevent the use of these extensions in the 199 context of IBGP sessions. However, unlike EBGP sessions which are 200 generally between directly connected BGP routers which are also along 201 the traffic forwarding path, IBGP peer sessions may be setup to BGP 202 routers which are not in the forwarding path. As such, when the IBGP 203 design includes sessions with route-reflectors, a BGP router SHOULD 204 NOT instantiate a BGP Peering SID for those sessions to peer nodes 205 which are not in the forwarding path since the purpose of BGP Peering 206 SID is to steer traffic to that specific peers. Thus, the 207 applicability for IBGP peering may be limited to only those 208 deployments where the IBGP peer is also along with forwarding data 209 path. Further details and the use-cases of BGP Peering SIDs and 210 their BGP-LS extensions to IBGP deployments are beyond the scope of 211 this document. [nit] s/along with forwarding data path/along the forwarding data path [major] "...details...of BGP Peering SIDs and their BGP-LS extensions to IBGP deployments are beyond the scope of this document." The text in the same paragraph says: "nothing...would prevent the use of these extensions in the context of IBGP sessions". I think that is a contradiction because there are already descriptions in this document. Solution: take out the last sentence. 213 The BGP Peering SIDs instantiated as described above are then 214 advertised via BGP-LS Link NLRI as described in the sections below. [minor] I think that what you meant is something like this: "Any instantiated BGP Peering SIDs are then advertised using BGP-LS, as described in the following sections." 216 4. BGP-LS NLRI for BGP [minor] Perhaps "BGP Protocol-ID", there's no new NLRI for BGP [minor] s/BGP-LS NLRI/BGP-LS Link-State NLRI/g The NLRI is called "Link-State", not "BGP-LS". 218 This section describes the BGP-LS NLRI encodings that describe the 219 BGP peering and link connectivity between BGP routers. 221 This document specifies the advertisement of BGP peering topology 222 information via BGP-LS NLRI which requires use of a new BGP protocol 223 identifier. [minor] s/BGP protocol identifier/BGP-LS Protocol-ID The new definition is for BGP-LS, not BGP. 225 Protocol-ID : BGP (codepoint 7 Early Allocation by IANA Section 8 226 from the registry "BGP-LS Protocol-IDs") [nit] Consider using a table. ... 271 Value: 4 octet unsigned non-zero integer representing the BGP 272 Identifier as defined in [RFC4271] and [RFC6286]. [minor] rfc6286 Updated rfc4271, so there's no need to include both. s/BGP Identifier as defined in [RFC4271] and [RFC6286]./BGP Identifier [RFC6286]. ... 282 Value: 4 octet unsigned non-zero integer representing the 283 Member ASN inside the Confederation [RFC5065]. [major] rfc5065 uses "Member-AS Number", please be consistent: s/Member ASN inside the Confederation [RFC5065]./Member-AS Number [RFC5065]. 285 4.2. Mandatory BGP Node Descriptors ... 293 o Autonomous System Number, which contains the ASN or confederation 294 identifier (ASN), if confederations are used, of the local BGP 295 node. [minor] Is this TLV new, or are you referring to TLV 512 [rfc7752]? Please include the TLV number (and a reference, if appropriate) to avoid confusion. 297 Note that [RFC6286] (section 2.1) requires the BGP identifier 298 (router-id) to be unique within an Autonomous System and non-zero. 299 Therefore, the <ASN, BGP Router-ID> tuple is globally unique. [nit] I'm not sure how this paragraph is relevant at this point...unless you're implying that the receiver should check...if so, how should the information be used? ... 311 4.3. Optional BGP Node Descriptors 313 The following Node Descriptors TLVs MAY be included in BGP-LS NLRI as 314 Local Node Descriptors when distributing BGP information: 316 o Member-ASN, which contains the ASN of the confederation member, if 317 BGP confederations are used, of the local BGP node. [major] This description matches the definition of the TLV (§4.1), but it also matches the description of the ASN descriptor in §4.2. What is the difference? What if the contents are different? [Same question applies below.] ... 327 o Node Descriptors as defined in defined in [RFC7752]. [nit] s/as defined in defined in/as defined in 329 5. BGP-LS Attributes for BGP Peering Segments ... 370 Figure 3: BGP-LS Peering SIDs TLV Format [minor] s/BGP-LS Peering SIDs/BGP Peering SIDs ... 376 o Length: variable. [major] According to the description below, the length is variable, but also known: it's either 7 or 8. Please indicate the specific valid values. What should the receiver do if the length is not valid? ... 393 * B-Flag: Backup Flag. If set, the SID refers to a path that is 394 eligible for protection. [major] There's no description of how this flag should be used. When should this flag be set? BGP-LS, in general, carries information that is stored in routing protocol databases, including BGP. Where is this flag derived from? 396 * P-Flag: Persistent Flag: If set, the SID is persistently 397 allocated, i.e., the SID value remains consistent across router 398 restart and session/interface flap. [minor] There's text below that says that SIDs "SHOULD be persistent". I then imagine that the setting of this flag reflects the ability of the node to persistently maintain the allocations...vs a SID-by-SID indication. IOW, I guess that a node either can persistently maintain the allocations or it can't (for all SIDs). Is that correct? If so, it seems to make more sense that this indication would be at a Node level. [No change needed, just wanting to better understand...] 400 * Rsvd bits: Reserved for future use and MUST be zero when 401 originated and ignored when received. [minor] Do you intend for the Reserved bits to be assigned by IANA (in later documents)? Should they be kept in sync? 403 o Weight: 1 octet. The value represents the weight of the SID for 404 the purpose of load balancing. An example use of the weight is 405 described in [RFC8402]. [major] Where does this value come from? 407 o SID/Index/Label. According to the TLV length and to the V and L 408 flags settings, it contains either: [minor] draft-ietf-idr-bgp-ls-segment-routing-ext defines an SID/Label Sub-TLV. Why wasn't that reused here? [Again, just trying to understand.] 410 * A 3 octet local label where the 20 rightmost bits are used for 411 encoding the label value. In this case, the V and L flags MUST 412 be SET. [major] What should the receiver do if the V-flag is not set, but the Length is 7? Or when the V-Flag is set, but the Length is not 7? It seems to me that the V-Flag is not needed because the Length by itself can determine the contents. [major] What if the Length is set to 7, the V-Flag is set, but the L-Flag isn't? There are more possible error combinations... 414 * A 4 octet index defining the offset in the SRGB (Segment 415 Routing Global Block as defined in [RFC8402] advertised by this 416 router. In this case, the SRGB MUST be advertised using the 417 extensions defined in 418 [I-D.ietf-idr-bgp-ls-segment-routing-ext]. [major] Does this text mean that the "SR-Capabilities TLV" MUST be included in the BGP-LS Attribute...OR...that I-D.ietf-idr-bgp-ls-segment-routing-ext MUST also be implemented (and the information defined there received by the consumer)? [minor] s/SRGB (Segment Routing Global Block as defined in [RFC8402]/Segment Routing Global Block (SRGB) [RFC8402] [minor] If an index is included, the V-Flag is unset, what about the L-Flag? 420 The values of the Peer-Node-SID, Peer-Adj-SID, and Peer-Set-SID Sub- 421 TLVs SHOULD be persistent across router restart. 423 The Peer-Node-SID TLV MUST be included in the BGP-LS Attribute for 424 the BGP-LS Link NLRI when advertising BGP peering information for the 425 use case described in [I-D.ietf-spring-segment-routing-central-epe] 426 and MAY be omitted for other use cases. 428 The Peer-Adj-SID and Peer-Set-SID TLVs MAY be included in the BGP-LS 429 Attribute for the BGP-LS Link NLRI when advertising BGP peering 430 information for the use case described in 431 [I-D.ietf-spring-segment-routing-central-epe] and MAY be omitted for 432 other use cases. [major] See my comments in §3 about the references to I-D.ietf-spring-segment-routing-central-epe. ... [minor] I think the explanation in the sub-sections below is useful. However, please consider changing their titles to "Advertisement of the Peer-Node-SID/Peer-Adj-SID/Peer-Set-SID". 438 5.1. Peer-Node-SID ... 444 The Peer-Node-SID, at the BGP node advertising it, has the following 445 semantics: 447 o SR header operation: NEXT (as defined in [RFC8402]). 449 o Next-Hop: the connected peering node to which the segment is 450 associated. [minor] Because the description above comes from rfc8402, maybe the reference should be at the start, and not just specific to NEXT. IOW, put the reference after "semantics". [nit] rfc8402 talks about "SR operation", not "SR header operation". [Comments apply to the other subsections below.] ... 485 5.2. Peer-Adj-SID ... 513 o Link Descriptors MUST include the following TLV, as defined in 514 [RFC7752]: 516 * Link Local/Remote Identifiers (TLV 258) contains the 4-octet 517 Link Local Identifier followed by the 4-octet Link Remote 518 Identifier [RFC5307]. The value 0 is used by default when the 519 link remote identifier is unknown. [minor] The reference to rfc5307 is not needed because that relationship is resolved in rfc7752. ... 561 6. Illustration [major] Isn't this the same example as in draft-ietf-spring-segment-routing-central-epe. Please point to that (maybe in the Introduction) instead of copying the text here. Otherwise, there doesn't seem to be value in draft-ietf-spring-segment-routing-central-epe. ... 751 7. Implementation Status [major] Unfortunately, this section says nothing. At least please put a link to the implementation report: https://trac.ietf.org/trac/idr/wiki/draft-ietf-idr-bgpls-segment-routing-epe%20 ... 860 9. Manageability Considerations ... 868 Specifically, the malformed NLRI attribute tests for syntactic checks 869 in the Fault Management section of [RFC7752] now apply to the TLVs 870 for the BGP-LS NLRI TLVs defined in this document. The semantic or 871 content checking for the TLVs specified in this document and their 872 association with the BGP-LS NLRI types or their associated BGP-LS 873 Attributes is left to the consumer of the BGP-LS information (e.g. an 874 application or a controller) and not the BGP protocol. [nit] s/the malformed NLRI attribute tests/the malformed attribute tests [minor] s/apply to the TLVs for the BGP-LS NLRI TLVs defined in this document/apply to the TLVs defined in this document 876 A consumer of the BGP-LS information is retrieving this information 877 from a BGP protocol component, that is doing the signaling over a 878 BGP-LS session, via some APIs or a data model (refer Section 1 and 2 879 of [RFC7752]). The handling of semantic or content errors by the 880 consumer would be dictated by the nature of its application usage and 881 hence is beyond the scope of this document. It may be expected that 882 an error detected in the NLRI descriptor TLVs would result in that 883 specific NLRI update being unusable and hence its update to be 884 discarded along with an error log. While an error in Attribute TLVs 885 would result in only that specific attribute being discarded with an 886 error log. [nit] s/is retrieving this/retrieves this [minor] "...retrieving this information...over a BGP-LS session, via some APIs or a data model (refer Section 1 and 2 of [RFC7752])." I think that even mentioning that an API or data model can be used instead of BGP-LS is a stretch -- that is not how I interpret the initial sections in rfc7752 (which are just background sections), and there are no formal API/data model definition. [major] "...an error detected in the NLRI descriptor TLVs would result in that specific NLRI update being unusable and hence its update to be discarded along with an error log." According to rfc7752, this statement is true only for syntactic errors, not semantic ones. Semantic errors ("left to the consumer", as mentioned above) means that the BGP-LS session can be used to transport trash (trash-in-trash-out). This issue is bigger than this document -- but (because we don't have a current solution) I would like to see it mentioned somewhere as a potential issue (maybe in the Management or Security Considerations sections, your choice). [major] "...an error detected in the NLRI descriptor TLVs would result in that specific NLRI update being unusable and hence its update to be discarded..." This text says that an error in a TLV results in the whole update (not just the TLV or the BGL-LS attribute) being discarded. This action goes beyond what is specified in rfc7752, which doesn't really specify what do to in those cases. If that is what is expected here, then please make this behavior more prominent...use Normative language, etc.. [major] rfc7752 does mandate the use of "attribute discard" (rfc7606). I would really like to see a discussion (or at least a mention) around the fact that discarding an attribute may result in the receiver not having complete information. In the case of SR, this implies that the controller may not have complete information to calculate the paths. I think this is an issue bigger than this document, so I am not asking you to solve it...I'm just asking for the document to acknowledge that it exists and to mention what the potential impact may be. ... 895 BGP Peering Segments are associated with the normal BGP routing 896 peering sessions. However, the BGP peering information along with 897 these Peering Segments themselves are advertised via a distinct BGP- 898 LS peering session. It is expected that this isolation as described 899 in [RFC7752] is followed when advertising BGP peering topology 900 information via BGP-LS. [major] rfc7752 doesn't talk about this type of isolation (it only talks about isolation through dedicated RRs). See also comment in the Security Considerations section related to isolation. ... 915 10. Security Considerations 917 [RFC7752] defines BGP-LS NLRI to which the extensions defined in this 918 document apply. The Security Considerations section of [RFC7752] 919 also applies to these extensions. [minor] Add something like this: "The procedures and new TLVs defined in this document, by themselves, do not affect the BGP-LS security model discussed in [RFC7752]." 921 BGP-EPE enables engineering of traffic when leaving the 922 administrative domain via an egress BGP router. Therefore precaution 923 is necessary to ensure that the BGP peering information collected via 924 BGP-LS is limited to specific controllers or applications in a secure 925 manner. By default, Segment Routing operates within a trusted domain 926 (refer Security Considerations section in [RFC8402] for more detail) 927 and its security considerations also apply to BGP Peering Segments. 928 The BGP-EPE policies are expected to be used entirely within this 929 trusted SR domain (e.g. between multiple AS/domains within a single 930 provider network). [nit] s/trusted domain (refer Security Considerations section in [RFC8402] for more detail)/trusted domain [RFC8402] [major] "...precaution is necessary to ensure that the BGP peering information collected via BGP-LS is limited to specific controllers or applications..." This sounds as if you're referring to information that (once collected) can be shared between controllers -- I think that case is out of scope. [minor] You talk about "controllers or applications" (here and in other places in the document). rfc8402 talks about "consumers" to refer to the same thing. Please be consistent. Suggestion: use "consumers" here as well. 932 The isolation of BGP-LS peering sessions is also required to ensure 933 that BGP-LS topology information (including the newly added BGP 934 peering topology) is not advertised to an external BGP peering 935 session outside an administrative domain. [major] What does "isolation of BGP-LS peering sessions" mean? Why is it not Normatively REQUIRED? [major] From prior experience (see draft-ietf-idr-te-pm-bgp), the SecDir/Sec ADs asked for text related to why it is ok to transport the new information in BGP. This is the text that resulted from that discussion: The TLVs introduced in this document are used to propagate IGP defined information ([I-D.ietf-lsr-isis-rfc7810bis] and [RFC7471].) These TLVs represent the state and resource availability of the IGP link. The IGP instances originating these TLVs are assumed to support all the required security and authentication mechanisms (as described in [I-D.ietf-lsr-isis-rfc7810bis] and [RFC7471]) in order to prevent any security issue when propagating the TLVs into BGP-LS. The advertisement of the link attribute information defined in this document presents no additional risk beyond that associated with the existing set of link attribute information already supported in [RFC7752]. Consider adding something similar here. ... 991 13.2. Informative References ... 1000 [I-D.ietf-idr-bgp-ls-segment-routing-ext] 1001 Previdi, S., Talaulikar, K., Filsfils, C., Gredler, H., 1002 and M. Chen, "BGP Link-State extensions for Segment 1003 Routing", draft-ietf-idr-bgp-ls-segment-routing-ext-09 1004 (work in progress), October 2018. [major] This reference must be Normative. ... 1018 [RFC7752] Gredler, H., Ed., Medved, J., Previdi, S., Farrel, A., and 1019 S. Ray, "North-Bound Distribution of Link-State and 1020 Traffic Engineering (TE) Information Using BGP", RFC 7752, 1021 DOI 10.17487/RFC7752, March 2016, 1022 <https://www.rfc-editor.org/info/rfc7752>. [major] This reference should be Normative.
- [Idr] AD Review of draft-ietf-idr-bgpls-segment-r… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgpls-segme… Ketan Talaulikar (ketant)
- Re: [Idr] AD Review of draft-ietf-idr-bgpls-segme… Ketan Talaulikar (ketant)
- Re: [Idr] AD Review of draft-ietf-idr-bgpls-segme… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgpls-segme… Ketan Talaulikar (ketant)
- Re: [Idr] AD Review of draft-ietf-idr-bgpls-segme… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgpls-segme… Ketan Talaulikar (ketant)