IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-previdi-idr-segment-routing-te-policy-07.txt

Robert Raszuk <robert@raszuk.net> Mon, 09 October 2017 20:32 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04F79133049 for <idr@ietfa.amsl.com>; Mon, 9 Oct 2017 13:32:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.399
X-Spam-Level:
X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id avoODOvkDFy7 for <idr@ietfa.amsl.com>; Mon, 9 Oct 2017 13:32:40 -0700 (PDT)
Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DEB71332D4 for <idr@ietf.org>; Mon, 9 Oct 2017 13:32:40 -0700 (PDT)
Received: by mail-wm0-x22a.google.com with SMTP id b189so25550113wmd.4 for <idr@ietf.org>; Mon, 09 Oct 2017 13:32:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=L/gfF6dkOhnL91knnZ+2gkTutJcriaHt9YDyNEPo9g0=; b=EhwX437z78QpMt9DHHV+paiX5dfGnvNm+7139DlfHdT6pfGrXnvIVwcoJGSRDfOfQ6 8PQqtnOZOGVWRdnwwD9j1B8lsDXnvANmNAPkUNMkqp4kW2eYqq0PgYwY+hEI0L4jOLac i3SbMK+F+0Ifs+s/Vyl0biL3dk2djUCjt7gTqLPuD7gFRXOsCqOnTF7cwz7dQI20Zzv6 MC4baC5kFznVaXPhYcDhwV+qkCI6cWhJ2aSMhv6Hg0O9pSJps1tCHX3cb3H9Lt4OCXVi rujxE9G9YklniH/nUVapc4MSiTPUOyMNExNeLIkby2qEgwMBRmcK+dndbVhmoJS1llYs mCng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=L/gfF6dkOhnL91knnZ+2gkTutJcriaHt9YDyNEPo9g0=; b=haADXyu2Enm30Lu+XCZ/x7LvYGMlcsnRnkrnde2jtgC4CD5p7Lll6k1gzlj16OQRfY PyjrHUfye4AvgRQEjpbcs4Fy5PKLhpo0FCh6mZfhMCvvmkIUG7aspHRgvqfsMiztQIsm nCjLx2goTdwvZAyvXrNf/KZzWZ2Pu+/REjtFTpIFf0GZ0cjkCZRhlUmJEsHxKabe84dB IBSeORnasllJuvx8pZuKJle8de3M0oerlP1tKDuvyeOH5LPCvdMF7H5b3pSEKuhXIoUO wCcgOFh21WuMmlaYA+Nr2psrDignAKR8Vc+gzoRTAAbtLzSieLH8xwlXNPNZBQl6GM35 gLbw==
X-Gm-Message-State: AMCzsaXWiml9e0pGmMqK7jZqkRAHykpo2itisdM8QYsbl1T4li6ptklb U1Z2K8dnQJ5fG/P1BRFwzoKLNN0HZiyxOgHm8KOabg==
X-Google-Smtp-Source: AOwi7QD7m6xEK8kB89561NxtIb5TtV25iThrOO+ST7RCP/kgpB+Dc4n8TCXkSj5d2U8zh83HNNwI/Wl3dYAOc7fsqno=
X-Received: by 10.223.148.38 with SMTP id 35mr6251982wrq.49.1507581158763; Mon, 09 Oct 2017 13:32:38 -0700 (PDT)
MIME-Version: 1.0
Sender: rraszuk@gmail.com
Received: by 10.28.146.135 with HTTP; Mon, 9 Oct 2017 13:32:38 -0700 (PDT)
In-Reply-To: <65dbb5ba-9589-09a6-8093-f5f7e72fc5f7@juniper.net>
References: <149824800169.17379.9099679082498238196@ietfa.amsl.com> <CAE+itjf-1OPtKbADxAVft5+XufAWo3ebbXsamS+Mpt_2cTwzzg@mail.gmail.com> <CAB3683F-D029-4387-86A6-382E61A51ACD@previdi.net> <CAE+itjd1mE7_a+SA=dBhGrJNtcGWt1WTiRddTsEC4vp=COdOLQ@mail.gmail.com> <CAE+itjcuxbNHrwVq4wcgBC11rX=PwYUsvm3su5Axwko3X1beZw@mail.gmail.com> <CAE+itjcJK8TcszPyTto4ZfXz4LHr3Z9i9PbkuePHOWsuufPfzg@mail.gmail.com> <65dbb5ba-9589-09a6-8093-f5f7e72fc5f7@juniper.net>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 09 Oct 2017 22:32:38 +0200
X-Google-Sender-Auth: hm7yFzdPY81LaaOpXxAl_pU7sQQ
Message-ID: <CA+b+ERn50FH54ap9TnVT+uP1ewyyzN-7AFVp_g+agOWhgSqMxQ@mail.gmail.com>
To: Eric C Rosen <erosen@juniper.net>
Cc: Nandan Saha <nandan@arista.com>, stefano previdi <stefano@previdi.net>, idr wg <idr@ietf.org>
Content-Type: multipart/alternative; boundary="001a114cb4087033fe055b2317bf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/ie5AylOw6hDQxOPiDQbLsvaNp6c>
Subject: Re: [Idr] I-D Action: draft-previdi-idr-segment-routing-te-policy-07.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Oct 2017 20:32:43 -0000

Eric,

You can't withdraw something which you did not successfully parsed. So the
MP_REACH_NLRI must be parsed entirely to be able to apply the
"treat-as-withdraw" otherwise procedures 3j from RFC7606 apply.

Also I do not see any definition and levels of "mangled" in RFC7606 :)

Thx,
R.

On Mon, Oct 9, 2017 at 10:16 PM, Eric C Rosen <erosen@juniper.net> wrote:

> On 10/6/2017 10:38 AM, Nandan Saha wrote:
>
>> 5. Conflicting mandate for malformed NLRI handling.
>> In section 4.2.1 of this draft, the first bullet point's 2nd sentence is
>> <<<
>> If the NLRI is not one of the legal lengths, a router
>>       supporting this document and that imports the route MUST consider
>>       it to be malformed and MUST apply the "treat-as-withdraw" strategy
>>       of [RFC7606]
>> >>>
>> Where as the last sentence in section 4.2.1 is
>> <<<
>> A unacceptable SR Policy update that has an invalid NLRI portion MUST
>>    trigger a reset of the BGP session
>> >>>
>> Can the draft be updated to simply remove the reference to
>> treat-as-withdraw in the first statement since one cannot withdraw a NLRI
>> if one cannot parse it; and also because it conflicts with the 2nd mandate.
>>
>
> You do not want to trigger a reset of the BGP session unless the UPDATE is
> so mangled that you can't  continue to parse the TCP octet stream.
> If the UPDATE is well-formed, but the NLRI is not one of the two legal
> lengths (12 or 24), treat-as-withdraw is appropriate.
>
> Probably the sentence about triggering a reset of the BGP session can be
> omitted, since that is only necessary when the UPDATE is totally mangled,
> and in that case it is normal BGP behavior and nothing particular to do
> with the SAFI being discussed.
>
> 1. Behavior when only one of Color / Remote end point sub-tlv is present
>> in the Tunnel encap tlv.
>>   Should the match on either color or remote end point be done for
>> acceptance? For example the color sub-tlv is present, but the remote end
>> point isn't. So the color of the color sub-tlv must match the color in the
>> NLRI. Or should the condition for matching of color / remote end point be
>> done only if both color and remote end point are present.
>>
>> 2. What is the rationale for including remote end point / color sub tlvs
>> in the tunnel encap tlv.
>>   The NLRI already has the color and endpoint. Why is there an option to
>> also include a end point and color in the tunnel encap tlv and then have to
>> make sure it matches the NLRI?
>>
>
> I believe the Remote Endpoint is mandatory, according to the tunnel-encaps
> draft.  (There has been some controversy on this point though.)
> The color sub-tlv is not mandatory, but you can't really stop someone from
> including it.
>
> The purpose of these rules is to cause a policy to be rejected if it
> contains contradictory information.
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>

v2.23.0 | Report a Bug | By Email