IETF Logo Mail Archive

[Idr] Re: WG last call and IPR call for draft-ietf-idr-linklocal-capability (May 13, 2026 to May 27, 2026)

satya praveen kumar pasalapudi <praveen.ietf@gmail.com> Thu, 28 May 2026 21:48 UTC

Return-Path: <praveen.ietf@gmail.com>
X-Original-To: idr@mail2.ietf.org
Delivered-To: idr@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id AE153F6F839F for <idr@mail2.ietf.org>; Thu, 28 May 2026 14:48:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1780004895; bh=nVluifB6FrcxleZBb86QbvvpmOfoccvrOIJxDSR7Oak=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=VEmg+XvVcjmAQjUoZ5T8N37zdY5Hbl2UDqVDPt9Zyq0/paunRJXo60rgOfiyxLGli K/Ctibz58HPHEbo9P1KJadzTKI7GmmDvDcWBv2s8lt/mR/j9l+1WIzvN9vk6A+j6sK ioTlnqkBN1uoXyz+y2rUk+sTz5JkoobZD/+2sqDw=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cPdtmWJXWL2P for <idr@mail2.ietf.org>; Thu, 28 May 2026 14:48:13 -0700 (PDT)
Received: from mail-oa1-x2e.google.com (mail-oa1-x2e.google.com [IPv6:2001:4860:4864:20::2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id EEBA9F6F8344 for <idr@ietf.org>; Thu, 28 May 2026 14:48:13 -0700 (PDT)
Received: by mail-oa1-x2e.google.com with SMTP id 586e51a60fabf-43587e63a8eso8230627fac.0 for <idr@ietf.org>; Thu, 28 May 2026 14:48:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1780004893; cv=none; d=google.com; s=arc-20240605; b=RByjaqUEVOEUN74W6Y7kBMLE6hnqvUGSFiKk6MOI+NONEjA28gToACWJVea4Yw/tPJ s0A5TPDm8fgaunSnclcx8zM5KnPGOlorH4LYoqGpqT1NPC772LD+b/pHfbpm7ak9/WfA 5LNtYP/QoHV2pniPzBTGk5PYyR6ToGnYJHexHRizXd6b8QS7aNUacUEaRZpFzuBDKYuf gV7oC0G4wPcwaBvtUpvqOnmDXIK6PKjJll2RGB4tfCzgOyes25hhfBdvTzru7QuV+Jy8 xT9A1bhxo7Z4tTkMY+Ef3HunuorAQHUFFvnf2OuSG4Wa1JKNVOYWeUjAqjmCgyxlKYpS bGhQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=pRaBaku+M7+GeOe3WlvEsXquz31IM/NL8M+V9n+IoHg=; fh=Ufah1zM1eiANWG5Vme3W8X/PQ+rO9UPrjvpjsqrd1/I=; b=LQuHhVkcbrD5YEwq/t9iveu7VG2a21dj83AaSju28cFpT8QRmOZbs55ZICzKmufbvp UF9d3kTEZ0SnTQgrd/tCf2KXUytcuueLxn+xjfpxy70vbSsv02NrZ+ebfMYmJb9us2Vm j69uDnag+Jz7r2EpuCPseW1jfE9T3+CVV9sRSPVvGchgA4Wabiz411EPEqBSHfygNOAO KG1LZdUgPyEcidIFYDJgqaJQ/3mXR55D1QvbggdupJysmeIsN84u0NsAVnbp7BRJ36bK Ftu7TYh3GMF5CkZKklEmcwbd/2u+imRh8WLMn6ZWrXUVWoNoHJqSacXgJLvX/gDt/Z56 Takw==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1780004893; x=1780609693; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=pRaBaku+M7+GeOe3WlvEsXquz31IM/NL8M+V9n+IoHg=; b=QWotCbYcGEHLCSADlVt+6NpXJhSMGe+YTTv5Lzr3ONIaN7XjfDoB1Y2awnl6Rnutjp Jj9czbtdKDsQOZ2mCqnQLpXiyalSc4L8WGbLiLVBDaWkEF7Pv9oYguIIgwJLsZ4arYyZ oqOzaedWszvoM9gWwG6GV6tRDE2KoTv6Fmu9fxlu4pcTobCkb/PRQNMXi7udJMcaMV5s Jqh9p5SQX2uGFG9+t+yWLNDcOQwM2+DMysqrdterhLE+hBDS8qwG3kxl8QkKJtFfa3WQ RGokelVmdPAIBmdRI0Ni9QuQ7B23lMRpnTgN85/GHQ4kJlefEb4r6KaE5Dll/QS1VxTQ I9Cg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1780004893; x=1780609693; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=pRaBaku+M7+GeOe3WlvEsXquz31IM/NL8M+V9n+IoHg=; b=Fc4JsiGX0uMgznvSDW/UO0nqQ8MGcvTwnPSBk0K+s4BHCy0nk2XGoYow+k5BjKai4d ApNxQN1zYO4dQg4Wdm4CaJzyP48ogPPoQ17uFMKX4DPIoLlVbG1h6psY19RmaUuW92Pn C+/mCPXVNwt9L2APb4OC36p4ujDpY/6ZXByJuTgMkFNvBGHZqlzQ0f+bM7sJaH6lUCWe bsiAU15XB7RhqQuXLtR/tPC0Wx3EI1Fx7ATf0VUl/V2+4SE1znymlfH5OAqWAx+HNwKg Xs+pe3snoCj8/o+UWxX2PfmTWPdl3WriZH15zpSmBGLmbb4VqmEQNsn3q9R3j6vJ+sN1 oFwA==
X-Gm-Message-State: AOJu0Yw4pxw0J4VhQdljJdTIt5USGsEQ+i/PKYgPnQXXoYPgLaVxJfvw kBia7Mdk4AQr9Cy8+f2cujCUWIDOmvN88SmUtOHZU7pVdi0ZuXVqIyfrBBKyu8uiwNmbiYnzYdC a+Enjzesj5+mDeWzCNAfm0jZkDqJfmg4=
X-Gm-Gg: Acq92OHrOfhdLp+UdpXy+XjUJjaRxMq3afIVSl4/6WenDCNSGmUhsbvZ2Qpp8lom+Tt zGWzeabNDiTV1YrCY8/SijU2wK4chvVECn1w99COiUOKUtQYP9xZmyp8zrYlJpf6WIan6KZ70fG pgvPy44YlEapG4WYuMqa0mdk3hrBKAJvSFQSwsYjW0v5Izh418EcSJndA4cppacjGBCpdcdZyuf RwHpG3ugvFrb4CqITqheHKsjqwm3gOSHiWo/T4X7DdRQYLdQxJXCCf/xhYReabgLVkqOo5G90yC rXm/tEcVGVyhX+aOtw==
X-Received: by 2002:a05:6870:9629:b0:430:b01:1f79 with SMTP id 586e51a60fabf-43c85e3426emr345313fac.2.1780004892976; Thu, 28 May 2026 14:48:12 -0700 (PDT)
MIME-Version: 1.0
References: <bed8725b9d8845f5b5e3ccbcf26baf66@huawei.com> <CAPD5bNxC5okzk9wsv3HXTiHw=c4iRvPV3rmmyB3RsEYO_OBAfw@mail.gmail.com> <CAPF+HwUB5TJsd2iHjCN9fj+RA34mVg+fis7t4bD1zdet4soAKw@mail.gmail.com>
In-Reply-To: <CAPF+HwUB5TJsd2iHjCN9fj+RA34mVg+fis7t4bD1zdet4soAKw@mail.gmail.com>
From: satya praveen kumar pasalapudi <praveen.ietf@gmail.com>
Date: Thu, 28 May 2026 14:48:01 -0700
X-Gm-Features: AVHnY4IX16pG_44EKFCSmPLhp5YYO3A9JCOYl4BSp25llR3fFj4B67fOWPD4uUI
Message-ID: <CAPD5bNyALp4dF7KNK18YN1TMOxomH2mU0TRLcbt6sOZW-xZ8KA@mail.gmail.com>
To: Donatas Abraitis <donatas.abraitis@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: IFI466G37O7RKHQRG7R7RT5SFWTCLM4L
X-Message-ID-Hash: IFI466G37O7RKHQRG7R7RT5SFWTCLM4L
X-MailFrom: praveen.ietf@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-idr.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: idr@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Idr] Re: WG last call and IPR call for draft-ietf-idr-linklocal-capability (May 13, 2026 to May 27, 2026)
List-Id: Inter-Domain Routing <idr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/kZ-O4T0rM-lsVNFjT4y9zDOKJ6o>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Owner: <mailto:idr-owner@ietf.org>
List-Post: <mailto:idr@ietf.org>
List-Subscribe: <mailto:idr-join@ietf.org>
List-Unsubscribe: <mailto:idr-leave@ietf.org>

Looks good. Thanks for taking care of the comments.

Rgds,
Praveen.


On Thu, May 28, 2026 at 4:41 AM Donatas Abraitis
<donatas.abraitis@gmail.com> wrote:
>
> Thank you for the feedback.
>
> I doubt for "4. Section 9 missing ND security context". We already had a discussion about kinda this sort of thing and decided to avoid ND/reachability stuff inside this document (it's kinda related, but not really to the problem we are trying to solve here).
>
> I addressed all other comments here => https://github.com/ietf-wg-idr/draft-ietf-idr-linklocal-capability/pull/35, does it look good to you?
>
> On Wed, May 27, 2026 at 10:37 PM satya praveen kumar pasalapudi <praveen.ietf@gmail.com> wrote:
>>
>> Hi Jie and Authors,
>>
>> I am not aware of any IPR related to this draft.
>>
>> Comments below from an implementation perspective.
>> Support publication, with the following points I would like to see addressed:
>>
>> 1. Interaction with RFC 8950 (IPv4 NLRI with IPv6 Next Hop)
>> -------------------------------------------------------------------------------
>> RFC 8950 Section 3 requires the Next Hop field to be 32 octets -- a
>> global-or-unspecified address followed by a link-local -- whenever
>> IPv4 NLRI is carried with an IPv6 Next Hop.
>> Section 3 of this draft introduces a 16-octet link-local-only encoding
>> that directly contradicts that requirement.
>>
>> The draft does not address this interaction. Implementations will diverge.
>> Would suggest adding an explicit subsection in Section 4 stating that
>> when both this capability and RFC 8950 have been negotiated, a
>> 16-octet link-local-only Next Hop is permitted for IPv4 NLRI to a
>> directly attached peer.
>> Otherwise RFC 8950 Section 3 rules apply unchanged.
>>
>>
>> 2. Receiver-side classification of the 16-octet Next Hop field
>> ----------------------------------------------------------------------------------
>> A length=16 Next Hop may now carry either a Global (per RFC 2545) or a
>> Link-Local Next Hop.
>> Receivers must disambiguate by inspecting the address, but Section 3
>> does not say so normatively.
>> The behavior when capability 77 has not been negotiated and a 16-octet
>> link-local Next Hop is received is undefined.
>>
>> Suggested text, after the second paragraph of Section 3:
>>
>>     A BGP speaker receiving an MP_REACH_NLRI with the Next Hop field
>> length set to 16 SHALL classify the address as follows.
>>     If the address is in fe80::/10, the Next Hop is a Link-Local-only
>> Next Hop as defined in this document, and the Link-Local Next Hop
>>     Capability MUST have been negotiated; if it has not, the
>> implementation MUST handle the message using the approach of
>>     "treat-as-withdraw" (Section 2 of [RFC7606]). Otherwise, the
>> address is treated as a Global IPv6 Next Hop per [RFC2545].
>>
>> 3. Link-Local address lifecycle is not addressed
>> --------------------------------------------------------------------
>> The draft treats a Link-Local address as a stable property of an
>> interface for the lifetime of a BGP session.
>> >From an IPv6 stack perspective this is not generally true: operator
>> reconfiguration can alter an interface's Link-Local while a session is
>> up.
>>
>> The observable consequences include TCP socket invalidation, stale
>> Neighbor Cache entries on peers, and stale third-party Link-Local
>> Next Hops on peers that learned the route via re-advertisement.
>> These should be acknowledged in the draft.
>>
>> I would suggest a sentence in Section 1 noting that Link-Local
>> addresses are not required to be stable across interface bring-up or
>> reconfiguration, and that a change triggers session reset and normal
>> re-advertisement.
>> Speakers SHOULD NOT advertise a Link-Local address in the IPv6
>> tentative state (RFC 4862 Section 5.4).
>>
>> 4. Section 9 missing ND security context
>> --------------------------------------------------------------------
>> This capability increases reliance on ND for data-plane forwarding,
>> since Link-Local Next Hops are resolved via ND on the bound
>> interface rather than via recursive RIB resolution. ND spoofing on a
>> shared layer-2 segment can therefore redirect data-plane traffic.
>> Section 9 does not mention this or the associated mitigations (SEND
>> [RFC3971] or infrastructure-layer ND inspection).
>>
>> Additionally, the security boundary moves from L3 (where Global Next
>> Hops can be filtered at routed boundaries) to L2 (where protection
>> depends on per-link controls). Section 9 should acknowledge both the
>> ND exposure and this shift.
>>
>> 5. Graceful Restart interaction
>> --------------------------------------------------------------------
>> Graceful Restart (RFC 4724) is not addressed in -05. If a Restarting
>> Speaker's Link-Local address changes during restart (configured vs.
>> running Link-Local mismatch across restart), peers retaining its
>> routes as stale will have those routes pointing to the previous
>> Link-Local.
>> ND resolution fails and forwarding is silently lost until the Restart
>> Time expires or new advertisements propagate.
>>
>> Unlike global next hops, where routing may provide alternative
>> reachability, link-local next hops are resolved purely via ND on the
>> bound interface -- there is no routing fallback.
>>
>> A paragraph in Section 6 noting this interaction, or an explicit
>> statement that this combination is out of scope, would close the gap.
>>
>>
>> Rgds,
>> Satya Praveen Kumar Pasalapudi,
>> HPE
>> satya-praveen-kumar.pasalapudi@hpe.com
>>
>>
>>
>>
>> On Tue, May 12, 2026 at 11:31 PM Dongjie (Jimmy)
>> <jie.dong=40huawei.com@dmarc.ietf.org> wrote:
>> >
>> > This begins a 2-week working group last call for draft-ietf-idr-linklocal-capability-04. This WG last call ends on May 27th, 2026.
>> >
>> >
>> >
>> > https://datatracker.ietf.org/doc/draft-ietf-idr-linklocal-capability
>> >
>> >
>> >
>> > Please review and provide feedbacks to this last call with an indication of “Support” or “Not Support”. For “Not support”, it is appreciated to also give explanations and suggestions to resolve them.
>> >
>> >
>> >
>> > For the purposes of the shepherd's report and according to IETF BCP 78/79, the authors are requested to declare whether they are aware of any undisclosed IPR covering this draft. Members of the working group are similarly obligated to report any IPR they are aware of as well.
>> >
>> >
>> >
>> > Best regards,
>> >
>> > Jie (as WG secretary & document shepherd)
>> >
>> >
>> >
>> > _______________________________________________
>> > Idr mailing list -- idr@ietf.org
>> > To unsubscribe send an email to idr-leave@ietf.org
>>
>> _______________________________________________
>> Idr mailing list -- idr@ietf.org
>> To unsubscribe send an email to idr-leave@ietf.org
>
>
>
> --
> Donatas

v2.46.0 | Report a Bug | By Email | System Status