Re: [Idr] WG LC on draft-ietf-idr-large-community-03.txt (10/17/2016 to 10/31/2016)

Robert Raszuk <robert@raszuk.net> Fri, 21 October 2016 18:55 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73D821296F7 for <idr@ietfa.amsl.com>; Fri, 21 Oct 2016 11:55:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qiOqXkFy8SXH for <idr@ietfa.amsl.com>; Fri, 21 Oct 2016 11:55:19 -0700 (PDT)
Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com [IPv6:2a00:1450:400c:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C8971294C6 for <idr@ietf.org>; Fri, 21 Oct 2016 11:55:19 -0700 (PDT)
Received: by mail-wm0-x233.google.com with SMTP id f193so1328345wmg.0 for <idr@ietf.org>; Fri, 21 Oct 2016 11:55:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=dZFgyg+DsbJO9nVZaV1zIdTQYkoRdGWrKoJ3/gAwBtA=; b=a7JfeGEdZVZuN/KtXo0Y/cARy2Dcv46Q6vFoIw5G4ZeiVcx1s5rfjSy0hvcPuvQXR3 PEUJX+7vullujaqtnImZgKrgDSRVMJp9x56HswegXApmtO7agRusqYIXuAryXb+lkBJI 6r5LwYySMjjYzBro3elD3abr+D2D9Qxc7eCtjz+qOeALjGOc5IoiBieuHgX1kT4X04QH sd3CF5G4DJDx5ZwYdipLMdFc1lwi4UgZB8oStj2sCY5irmDXvQjCtXRKLHtGv2xTKp6s V4+3hVjvuBLayiCNqmijKrLz6Lt4JA9AzgMG+K86vam0M+2oov05LvhVXB2dIF98M4IA ai/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=dZFgyg+DsbJO9nVZaV1zIdTQYkoRdGWrKoJ3/gAwBtA=; b=ESrm3kkKiSyy2H/xvhJ/m34d9D21W+UlGss94/JqkwuNALW95SjTNt4coCQU/tVCcN cnpwzBdpFKk7Q1iWCYH0Gb5b6Tq6gfhhgZKLSNkHAUt9Sua5DNk3mAgkejmnlxNpFAEw SiPE8RERxDIzpxYRXnHH1sBDI9HPuyy/0LvbHaMcVVZNs5+SjTwG3jtF5W5x5rdDClMa 4If1ltqZ86JU85u+HKpm/dDkIqQLq8Ier2gUsxpoo7ivVa1ihuS8mvtGsXJUh1nZDhdh EaWZU+BmfN+NCq3e0fXUvFHH2YjaKDxyvmM7rFBDvySWTBL7F1QHgdLABpJQn7ckGqJa rKXg==
X-Gm-Message-State: ABUngvdfHuGn8uuR9yKqK/JsTicbuMRnt+GK7BFlFeh0xpFVRwWddz6pMAvVss5ZUkCq69cqFUM9NgWG98EN1g==
X-Received: by 10.194.94.232 with SMTP id df8mr1859176wjb.227.1477076117627; Fri, 21 Oct 2016 11:55:17 -0700 (PDT)
MIME-Version: 1.0
Sender: rraszuk@gmail.com
Received: by 10.80.182.155 with HTTP; Fri, 21 Oct 2016 11:55:15 -0700 (PDT)
In-Reply-To: <711ba725-7304-5122-cfb2-2a40c2d76ca9@i3d.net>
References: <20161018191521.GT95811@Vurt.local> <9EFC9BAA-F917-4C70-A139-1F69CAECF9C0@pfrc.org> <20161020215938.GE1074@Vurt.local> <adb00bcd7b8e45db857eae7019c646fc@XCH-ALN-014.cisco.com> <ae5da282-201c-f745-9f26-67ce73826bd5@i3d.net> <CA+b+ERkV2PBtzzx=uoygDzvTyJzunROCNX=0Y4phvGdn=oK5Xw@mail.gmail.com> <20161021154958.GR27221@gir.theapt.org> <CA+b+ERmrzCtFLP98D0YzRc-BJNbBWp3Ce6yKZr2cg1_QS0Oz5w@mail.gmail.com> <2ddbfbaf-7b99-53b9-365c-269fcc7746e7@i3d.net> <CA+b+ERn6dG+R8+UV-jaRXAV7eWQBygqEQp4VY4x1yKukpVKhTA@mail.gmail.com> <20161021164241.GC32387@Vurt.local> <CA+b+ERkAJDFPwmiNr7_UiaKfRQnt=8h9d9JM6B4oFgU_P1S1cQ@mail.gmail.com> <711ba725-7304-5122-cfb2-2a40c2d76ca9@i3d.net>
From: Robert Raszuk <robert@raszuk.net>
Date: Fri, 21 Oct 2016 20:55:15 +0200
X-Google-Sender-Auth: BnfdU7UjvkgBNGcJxYL_EFnPgX0
Message-ID: <CA+b+ERmrEtSYTc2PN8fu3VogbMPK7yQR_GM3yJwuFF-zeO0u0Q@mail.gmail.com>
To: "i3D.net - Martijn Schmidt" <martijnschmidt@i3d.net>
Content-Type: multipart/alternative; boundary="047d7bb03aae4c27fa053f649534"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/iJtbmgsVGuFPIy0BUZ7ButPAp_Y>
Cc: idr wg <idr@ietf.org>
Subject: Re: [Idr] WG LC on draft-ietf-idr-large-community-03.txt (10/17/2016 to 10/31/2016)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2016 18:55:23 -0000

Martijn,

First I think you need to know that all original authors of LC agreed that
the proposal does not solve the community values overload issue. If you and
others were sold on something different then perhaps there is some
disconnect. That is also why some time back I proposed for LCs to have
4x4octets such that today's necessity to overload 1997 can be relaxed.

For stub networks if they get only default route there is no issue as they
will not be getting any LCs.

For ASes which use private_ASes as I already mentioned it is trivial to
treat it in the same way as it is treated in the AS_PATH today. Basically
you would replace your customer private AS with your public AS both in the
AS_PATH and in the first 4 octets of LC.

To conclude ...

There is simply two ways

-A- your 3x4 octets are completely unstructured and you use them as it
seems fit

or

-B- It is structured and draft/rfc specifies what goes into first 4 octets
(say SRC_ASN) and what goes into second 4 octets (say TARGET-ASN) leaving
rest for ACTION+PARAMETERS

Rgs,
r.


On Fri, Oct 21, 2016 at 8:01 PM, i3D.net - Martijn Schmidt <
martijnschmidt@i3d.net> wrote:

> Hi Robert,
>
> Briefly continuing the earlier discussion for originating routers - stub
> networks which exclusively receive a default route from my full table
> router don't have complete AS_PATH information. That means the device won't
> be able to determine whether or not the configured GA field corresponds to
> an ASN in the DFZ.
>
> If we decide (on a protocol level) to filter the LC information on the
> receiving LC-speaking BGP router instead of the originating router you'd
> limit the transitivity and therefore the usefulness of the Large Community
> feature. Let's say that AS65500 wants to send a community via AS49544 to
> AS2914. Upon receipt of the BGP_UPDATE, the AS49544 router will check the
> Large Community attribute and notice that 2914:x:y is attached while AS2914
> is not in the AS_PATH. It would then have to strip the Large Community and
> AS2914 would never receive the Large Community attribute.
>
> Simply stating that "implementations MUST allow the operator to specify
> any value for the Global Administrator field" is the correct way forward,
> the suggested SHOULD wording either can't be enforced by vendor-side checks
> (and therefore belongs in a BCP/GROW document), or is - in the way you've
> suggested it - in direct conflict with the intended use of the Global
> Administrator field.
>
> Best regards,
> Martijn
>
> On 10/21/2016 06:49 PM, Robert Raszuk wrote:
>
> Hey Job,
>
> That's what I thought ... but if so I do not get why there are so many
> discussions of any MUSTs/SHOULDs/MAYs operators are expected to follow on
> in the fields LCs provides.
>
> If they are opaque that means there is zero structure in place and
> everyone is free to put whatever he/she likes in it .. even hex encoded
> Morse (https://goo.gl/rHcGeV)
>
> We either allow all opaque and free style or we structure fields such that
> for example they may be used in simple parametrized BGP in/out policy
> example I provided.
>
> And the excuses type "oh we can not structure it as there is no way to
> insert valid ASN" are wrong as there is a way as proven :)
>
> Cheers,
> R.
>
>
>
> On Fri, Oct 21, 2016 at 6:42 PM, Job Snijders <job@instituut.net> wrote:
>
>> On Fri, Oct 21, 2016 at 06:29:46PM +0200, Robert Raszuk wrote:
>> > The policy example was nothing to do with BGP table. If I am receiving
>> > BGP_UPDATE it comes with AS_PATH and may contain LC. So if I want very
>> > simple policy to filter trash of LCs I can set it to match first 4
>> > octets to any ASN present in the same UPDATE MSG AS_PATH attribute. If
>> > it there I do not drop LC.
>>
>> A clever trick, but not a good fit for Large BGP Communities. Large BGP
>> Communities are opaque, by definition and design.
>>
>> We want routing policy in which networks can send 2914:X:Y to us, and we
>> can send 2914:A:B to them - very much like RFC 1997 communities. The
>> Global Administator field does not necessarily contain the ASN of the
>> sending party.
>>
>> Kind regards,
>>
>> Job
>>
>> _______________________________________________
>> Idr mailing list
>> Idr@ietf.org
>> https://www.ietf.org/mailman/listinfo/idr
>>
>
>
>
> _______________________________________________
> Idr mailing listIdr@ietf.orghttps://www.ietf.org/mailman/listinfo/idr
>
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>