IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt

Brian Dickson <brian.peter.dickson@gmail.com> Fri, 07 December 2012 23:12 UTC

Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F7C621F8BC4 for <idr@ietfa.amsl.com>; Fri, 7 Dec 2012 15:12:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.181
X-Spam-Level:
X-Spam-Status: No, score=-3.181 tagged_above=-999 required=5 tests=[AWL=0.417, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uOfkBOw3Fmai for <idr@ietfa.amsl.com>; Fri, 7 Dec 2012 15:12:58 -0800 (PST)
Received: from mail-ee0-f44.google.com (mail-ee0-f44.google.com [74.125.83.44]) by ietfa.amsl.com (Postfix) with ESMTP id F1B0B21F8BBE for <idr@ietf.org>; Fri, 7 Dec 2012 15:12:57 -0800 (PST)
Received: by mail-ee0-f44.google.com with SMTP id b47so626377eek.31 for <idr@ietf.org>; Fri, 07 Dec 2012 15:12:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=eVl+oZ+aXucf8/fIjx1zGTiTq6UMF+ukTTZtL2Wa8ZA=; b=dGUqAefyW1e1PpznSKrGRb1tUc94xpYXHT/VGX24ChAaqmnrWXFqGjd96mIJlvyq+u 8J05JUaoDJSFjrDjHABhRclEu8hu7qXf44nbNLLlWFJluB8J38RcB9SROqckCupTbKCM fF2PbvJa8NX69rcA8gDnBxRHzP/nU0Eecxd0n/MCE+mQS/mzGYVOtAmPw1/qGy0PaHK1 TYrtSFa75FeONAOl/LZ7dK7yqhlE/H1WOEPmFdY8pPkrTSs6Fr5eJseILyq0ygIB2xqr YWJB7HeUukxQCNJsvCgIpyKO/1G7q3XUNzuGKK3jSncgwijLlgRrP738JxCacmvlhYix 0iyQ==
MIME-Version: 1.0
Received: by 10.14.206.197 with SMTP id l45mr22051415eeo.17.1354921977206; Fri, 07 Dec 2012 15:12:57 -0800 (PST)
Received: by 10.223.173.199 with HTTP; Fri, 7 Dec 2012 15:12:57 -0800 (PST)
In-Reply-To: <CAEGVVtBy-zdLz8hVajLnuAqgzfgQHrseK4r-N9=pOZGtqV7LbA@mail.gmail.com>
References: <20121121191321.6164.6887.idtracker@ietfa.amsl.com> <50AD2986.90705@cisco.com> <058b01cdd3b4$9f5193b0$ddf4bb10$@highwayman.com> <8ED5B0B0F5B4854A912480C1521F973A0F4940@xmb-rcd-x13.cisco.com> <94913EE5-2864-4EE2-B474-9631430B1E22@ericsson.com> <068701cdd478$2cf01cf0$86d056d0$@highwayman.com> <CAEGVVtBy-zdLz8hVajLnuAqgzfgQHrseK4r-N9=pOZGtqV7LbA@mail.gmail.com>
Date: Fri, 07 Dec 2012 18:12:57 -0500
Message-ID: <CAH1iCipfup-GEeJduBti_KHvX1pUZfmZLA3Zz5Y9Aw9xV3fQ9w@mail.gmail.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
To: Shyam Sethuram <shyam.ioml@gmail.com>
Content-Type: multipart/alternative; boundary="047d7b34413c26560504d04b5b8d"
Cc: idr@ietf.org
Subject: Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Dec 2012 23:12:59 -0000

I see the high-level problem Chris describes, and think maybe it requires
discussing possible ways of removing doubt/ambiguity over successful
parsing of such MP_REACH and MP_UNREACH attributes.

For instance, on a given BGP session, negotiation on a per-(AFI,SAFI) is
done to establish which MP things are to be sent.
Perhaps it would be a reasonable additional requirement to have every
UPDATE include 2*N attributes for N afi/safi classes, where the 2 is REACH
and UNREACH?
Also, if IPv4 is negotiated as an MP type, should it maybe be required to
be done via MP and _not_ via non-MP (vanilla) type?

That way, only if all the REACH/UNREACH decode successfully, and
appropriate additional types are present (based on 4470 rules), it is
possible to validate that sufficient detail is available for the error
handling.

Thoughts?

Brian

On Fri, Dec 7, 2012 at 4:55 PM, Shyam Sethuram <shyam.ioml@gmail.com> wrote:

> Hi Chris,
> On Fri, Dec 7, 2012 at 4:41 AM, Chris Hall <chris.hall@highwayman.com>wrote:
>
>> Jakob Heitz wrote (on Thu 06-Dec-2012 at 18:08 +0000):
>> > Some length errors will not be detected as length errors, but as
>> > misinterpretation of subsequent bytes.
>>
>> The draft appears to be relaxing everything in sight, so there are
>> indeed few (if any) length errors per se left; or many other errors
>> for that matter.  Also, the relaxation means that almost any pair of
>> octets are acceptable Attribute Flags and Type.
>
>
> One attribute follows another. There's really no way to tell
> what pairs of octets are really acceptable as Flags and Type.
>
>
>> And, as far as I can
>> see, a final attribute which overruns the end of the attributes part
>> of the message (as defined by the 'Total Attributes Length') is also
>> acceptable.
>>
>
> You can reset the session at this point if you haven't come
> across MP_REACH so far and know that IPv4 NLRI length is 0.
>
>
>>
>> By "error" I assume we mean something which would today trigger a
>> session-reset.  By "acceptable" I mean "does not trigger a
>> session-reset" -- the result may or may not appear to be "malformed".
>> Given that most Type values are unknown, a broken length in an
>> attribute is likely to result in the rest of the attributes part of
>> the message being interpreted as a number of unknown attributes, the
>> last of which will probably overrun the end... all of which is
>> "acceptable" and only the last "malformed".
>>
>> For almost all cases of broken attribute(s), the draft requires: "the
>> UPDATE message containing the attribute MUST be treated as if all
>> contained routes had been withdrawn".
>>
>> Except, the draft does: "observe that in order to use the approach of
>> 'treat-as-withdraw', the entire NLRI field and/or the MP_REACH_NLRI
>> and MP_UNREACH_NLRI attributes need to be successfully parsed".
>>
>> It seems to me that "successfully parsing" MP_REACH_NLRI and
>> MP_UNREACH_NLRI attributes must include knowing when they are NOT
>> there.
>>
>> Suppose the code has "parsed" a set of attributes, one or more of
>> which is "malformed", and has managed to extract a valid
>> MP_UNREACH_NLRI attribute.  Should it "treat-as-withdraw" ?  The smart
>> money would be on there being an MP_REACH_NLRI somewhere amongst the
>> broken attributes... unless there were some vanilla IPv4 Unicast NLRI.
>> Also ambiguous is the case where an MP_REACH_NLRI has been extracted:
>> is there an MP_UNREACH_NLRI buried under the malformed stuff ?
>>
>> In short, as far as I can see, the draft requires:
>>
>>   * "treat-as-withdraw" for almost every conceivable case
>>     of "malformed" attribute(s).
>>
>>   * PROVIDED that MP_REACH_NLRI and MP_UNREACH_NLRI are
>>     "successfully parsed".
>>
>> which appear to be mutually exclusive in many cases :-(  The only (not
>> session-reset) case where there is no ambiguity is when *both*
>> MP_REACH_NLRI and MP_UNREACH_NLRI are present and valid -- which,
>> unfortunately, is not a very useful case in practice.  (There is also
>> no ambiguity if either MP_REACH or MP_UNREACH_NLRI is present but
>> invalid.  And no ambiguity if one or both of them is repeated.  But
>> those are session-reset cases.)
>>
>
> IMO, MP_UNREACH_NLRI does not enter the picture here. The
> test for NLRI presence for the scenario you described is limited
> to plain IPv4 NLRI and/or MP_REACH_NLRI.
>
>
>>
>
>
>> ....
>> > If you get a message length too long error, the most likely result
>> > will be that you misinterpret the 0xFF's as NLRI and get an NLRI
>> > length error.
>>
>> Blimy.  That suggests reading beyond the various boundaries
>> established by the 'Message Length', 'Withdrawn Routes Length' and
>> 'Total Attribute Length'... surely not ?!
>>
>
> IMO there's no scenario where this is needed or implied
> by the draft.
>
> shyam
>
>
>>
>> Chris
>>
>> _______________________________________________
>> Idr mailing list
>> Idr@ietf.org
>> https://www.ietf.org/mailman/listinfo/idr
>>
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>

v2.23.0 | Report a Bug | By Email