IETF Logo Mail Archive

Re: [Idr] draft-dong-idr-node-target-ext-comm-05.txt - WG Adoption and IPR call (9/27 to 10/11/2022)

Robert Raszuk <robert@raszuk.net> Fri, 21 October 2022 22:36 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69CCCC157B39 for <idr@ietfa.amsl.com>; Fri, 21 Oct 2022 15:36:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1k7YjuNrfGXm for <idr@ietfa.amsl.com>; Fri, 21 Oct 2022 15:36:23 -0700 (PDT)
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75051C14CE34 for <idr@ietf.org>; Fri, 21 Oct 2022 15:36:23 -0700 (PDT)
Received: by mail-ed1-x52b.google.com with SMTP id b12so11037817edd.6 for <idr@ietf.org>; Fri, 21 Oct 2022 15:36:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=yOt/6DszUn7hXo2z/9f5KCWq8ze+5RtTswM0L6xymk0=; b=OeqTKdtCiyTBc+31pTmAaDXFbcRgLcLZKHhL0CtX3LG/YsM+tWAQqAz+CP02rYiAB6 aeDG+v96zb7DDhnF6sSI42Ae8Fb0LZwioPwiZqqu3e76+o7vV9RhpDoCjPcQz9MSEbhv ZLLW6C5oaTNcAuqeA9Ij7aoU71pHdYQqtOFgeIluwK3qi0CJuVx6grtUNmhoJEuVD7MF 5PakDTwNDjGSQ7CIzF5wROPGLFK8PyGdsDAj00Rce2ybymPYezqnFyqEdArXYkEchvX+ 92Rufp4hl0u2s/0ZFkXPQ4pvqijGPvPVxDzB96GrnApoyrU6g5eWUtZTcIOijRMPM06r YG2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=yOt/6DszUn7hXo2z/9f5KCWq8ze+5RtTswM0L6xymk0=; b=Kin2j/LmXiOQeUOXXEU4yEMZz5lu78oFoymWGl4Vv7uThcecfOw3DAY1sALOGVMv5r rsNMECAMzEyuMGWdjMe/8WdVqkS9rHvF3kbNHRd7Qh+nZTBOH1ARZlW2gktYmugV+OgJ 8CuyDYjXDDsWIXq/3UsFaoopCQsiGSy0DUZRnTeHgpTuiriMt0EEdRxRFeoR36lOHL4+ EEdE3knhp4L3u2PHQONcXc3AZlDKoWL/1EK0XjQWIww+rNvr1Tlq5KGlIcTGOSeFYEQe dZ9pjH2D3Pw7NbOfZBC4OLGFj/Gi1/9GWo9Sh7MORMPisNedoPy+u9WUQ6GkeEb1KSOl JMug==
X-Gm-Message-State: ACrzQf37subnK/O9K7oGltCjFIM5hyasQlpSio8jguVd56YnCVwnlsd/ Xa7LWuBzNsEHtIvrXM3Id3DVR1HoHAMn1qw881CJoQ==
X-Google-Smtp-Source: AMsMyM5sYvZCDo4Lu4PWgoTGOu810BopLCQqT9Fo+dPlg/MrPbb28n8vrCuqrNXsg3/bBSl3Yy9DTOH5v4QkLEjBpjg=
X-Received: by 2002:a17:906:fe45:b0:788:15a5:7495 with SMTP id wz5-20020a170906fe4500b0078815a57495mr17771084ejb.633.1666391781241; Fri, 21 Oct 2022 15:36:21 -0700 (PDT)
MIME-Version: 1.0
References: <028ECC42-2021-4D00-9B31-B323F2480DAA@gmail.com> <Y0mJ2CJQbUbf6pzO@Space.Net> <20221014182353.GF2066@pfrc.org> <CAOj+MMGr3X58yCoR9uLXmoNUtk4b+=00o2JB9tEKpENTU6M6Yw@mail.gmail.com> <20221019214126.GB10497@pfrc.org> <CAOj+MMHafWNKaDBfcvdVKz7RoX4eFxkk2KjVvqN9vS=2+vNeGw@mail.gmail.com> <20221019222746.GD10497@pfrc.org> <CAOj+MMEstWKm+xoWBRFJjJW-vhX_4BKerWCt94GiQT+W5tELPA@mail.gmail.com> <20221020204232.GD19035@pfrc.org> <CAOj+MMFAkrq4bTyx-Gf4ivfBetnaH0bSJo34wmyXwXL5nQEWxg@mail.gmail.com> <20221020210047.GA25483@pfrc.org> <CAOj+MMHtk5hJ17K_7e5MjGLxKbTP2mCoAZ0z085PV+5VzmaPrw@mail.gmail.com> <m28rl9dvsn.wl-randy@psg.com> <0D810195-CFC6-43C6-84F7-609CAA4B3C7F@pfrc.org> <CAOj+MMFw+2uTs19jHTOF9kaQRog_m9nW4L+4gLkB0c7k9Mi1+A@mail.gmail.com> <9953B13E-DC91-4A10-92E0-317629571656@pfrc.org> <CAOj+MMHqsdvq2zFGkYsbN_vGo8ZE2aSJwfOPmhWD6Ef4ss7GsQ@mail.gmail.com> <7DFC7626-D838-44F7-9414-4DE5254CCA73@pfrc.org>
In-Reply-To: <7DFC7626-D838-44F7-9414-4DE5254CCA73@pfrc.org>
From: Robert Raszuk <robert@raszuk.net>
Date: Sat, 22 Oct 2022 00:37:14 +0200
Message-ID: <CAOj+MMFPrBx38UKNUZduDRo9oyZye+CNPBSwqhdRgji6ePSEug@mail.gmail.com>
To: Jeffrey Haas <jhaas@pfrc.org>
Cc: Randy Bush <randy@psg.com>, Gert Doering <gert@space.net>, idr <idr@ietf.org>, Sue Hares <shares@ndzh.com>, "Dongjie (Jimmy)" <jie.dong=40huawei.com@dmarc.ietf.org>, "Van De Velde, Gunter \\(Nokia - BE/Antwerp\\)" <gunter.van_de_velde@nokia.com>
Content-Type: multipart/alternative; boundary="0000000000002d8f6005eb9312d0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/kIjp7NpUWnnUKoaBAVs_oEhd3tI>
Subject: Re: [Idr] draft-dong-idr-node-target-ext-comm-05.txt - WG Adoption and IPR call (9/27 to 10/11/2022)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2022 22:36:27 -0000

Jeff,

Well even without RTC you have an issue if path changes on A and B keeps
the inbound filter set to 100:100.

Note that on any properties change to make it effective you need to clear
session out. In the old days that was hard reset so no issues. These days
this is soft reset.

So what you are essentially saying is that with RT filtering (or really
filtering of any sort on non immutable path attribute which removes a
parameter) you can not use the implicit withdrawal concept in iBGP.  Is
this the right conclusion ?

You always must withdraw the old path then advertise the new one.

Enhanced Route Refresh could help but honestly I don't think I have ever
tested how it works with RTC or even RT inbound filtering.

Thx,
R.

On Fri, Oct 21, 2022 at 10:57 PM Jeffrey Haas <jhaas@pfrc.org> wrote:

>
>
> On Oct 21, 2022, at 4:32 PM, Robert Raszuk <robert@raszuk.net> wrote:
>
> Hi,
>
> > A has a properties change for the route
>
> That is why I said in the same RD case (not recommended anyway) the change
> must be symmetric to all VRFs sourcing such route.
>
>
> In the example below, the prefix does not change.  This is a single route
> example.
>
> -- Jeff
>
>
> Kind regards,
> Robert.
>
>
> On Fri, Oct 21, 2022 at 10:13 PM Jeffrey Haas <jhaas@pfrc.org> wrote:
>
>>
>>
>> On Oct 21, 2022, at 12:27 PM, Robert Raszuk <robert@raszuk.net> wrote:
>>
>>
>>
>>> Perhaps Robert will share whose implementation is intentionally broken
>>> in this fashion to help shortcut that process.
>>
>>
>> I do not consider implementation to be broken the moment IDR decides to
>> use BGP as point to point configuration protocol and forces it to filter
>> BGP UPDATES from arbitrary AFI/SAFI when propagating towards IBGP peers.
>>
>> For current SAFIs with unique RDs and RT based filtering nothing is
>> broken.
>>
>>
>> A peers with B with RT-C and L3VPN.
>> B advertises to A an RT-C route that attracts route-target:100:100
>>
>> A theoretically filters L3VPN routes at the update-send portion of the
>> process by dropping updates containing no matching RT-C extended
>> communities of interest.
>>
>> A advertises L3VPN route RD:prefix to B with route-target:100:100 and
>> route-target:200:200.  This matches received RT-C for route-target:100:100
>> from B and is thus transmitted.
>>
>> A has a properties change for the route and needs to advertise L3VPN
>> route RD:prefix to B with only route-target:200:200.
>> There is no matching received RT-C route from B with this route-target.
>>
>> If the route is filtered, B now has stale state.
>>
>> If A doesn't generate a withdraw for this route, B now has stale state.
>>
>> Q.E.D.
>>
>> -- Jeff
>>
>>
>

v2.23.0 | Report a Bug | By Email