Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
Jakob Heitz <jakob.heitz@ericsson.com> Fri, 07 December 2012 23:23 UTC
Return-Path: <jakob.heitz@ericsson.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA06221F8784 for <idr@ietfa.amsl.com>; Fri, 7 Dec 2012 15:23:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 22FkHZYxetEK for <idr@ietfa.amsl.com>; Fri, 7 Dec 2012 15:23:31 -0800 (PST)
Received: from imr4.ericy.com (imr4.ericy.com [198.24.6.9]) by ietfa.amsl.com (Postfix) with ESMTP id 6D0DD21F8773 for <idr@ietf.org>; Fri, 7 Dec 2012 15:23:31 -0800 (PST)
Received: from eusaamw0712.eamcs.ericsson.se ([147.117.20.181]) by imr4.ericy.com (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id qB7NXDqn025070; Fri, 7 Dec 2012 17:33:15 -0600
Received: from EUSAAHC007.ericsson.se (147.117.188.93) by eusaamw0712.eamcs.ericsson.se (147.117.20.181) with Microsoft SMTP Server (TLS) id 8.3.279.1; Fri, 7 Dec 2012 18:23:24 -0500
Received: from EUSAAMB109.ericsson.se ([147.117.188.126]) by EUSAAHC007.ericsson.se ([147.117.188.93]) with mapi id 14.02.0318.001; Fri, 7 Dec 2012 18:23:24 -0500
From: Jakob Heitz <jakob.heitz@ericsson.com>
To: Brian Dickson <brian.peter.dickson@gmail.com>, Shyam Sethuram <shyam.ioml@gmail.com>
Thread-Topic: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
Thread-Index: AQHNyBxqy9fEwUYlVUSnx1DosT0Aspf0/iwAgBcupYCAADNcgP//yMCqgAGK/gCAAJrggIAAFZeA//+t8ZA=
Date: Fri, 07 Dec 2012 23:23:23 +0000
Message-ID: <2F3EBB88EC3A454AAB08915FBF0B8C7E10B7BA@eusaamb109.ericsson.se>
References: <20121121191321.6164.6887.idtracker@ietfa.amsl.com> <50AD2986.90705@cisco.com> <058b01cdd3b4$9f5193b0$ddf4bb10$@highwayman.com> <8ED5B0B0F5B4854A912480C1521F973A0F4940@xmb-rcd-x13.cisco.com> <94913EE5-2864-4EE2-B474-9631430B1E22@ericsson.com> <068701cdd478$2cf01cf0$86d056d0$@highwayman.com> <CAEGVVtBy-zdLz8hVajLnuAqgzfgQHrseK4r-N9=pOZGtqV7LbA@mail.gmail.com> <CAH1iCipfup-GEeJduBti_KHvX1pUZfmZLA3Zz5Y9Aw9xV3fQ9w@mail.gmail.com>
In-Reply-To: <CAH1iCipfup-GEeJduBti_KHvX1pUZfmZLA3Zz5Y9Aw9xV3fQ9w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.135]
Content-Type: multipart/alternative; boundary="_000_2F3EBB88EC3A454AAB08915FBF0B8C7E10B7BAeusaamb109ericsso_"
MIME-Version: 1.0
Cc: "idr@ietf.org" <idr@ietf.org>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Dec 2012 23:23:32 -0000
I had previously suggested an "end of attribute list" attribute. However, a goal of this draft is not to require any change to peers. Anything that requires changes on both sides of a connection is going to be radically different. -- Jakob Heitz. ________________________________ From: idr-bounces@ietf.org [mailto:idr-bounces@ietf.org] On Behalf Of Brian Dickson Sent: Friday, December 07, 2012 3:13 PM To: Shyam Sethuram Cc: idr@ietf.org Subject: Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt I see the high-level problem Chris describes, and think maybe it requires discussing possible ways of removing doubt/ambiguity over successful parsing of such MP_REACH and MP_UNREACH attributes. For instance, on a given BGP session, negotiation on a per-(AFI,SAFI) is done to establish which MP things are to be sent. Perhaps it would be a reasonable additional requirement to have every UPDATE include 2*N attributes for N afi/safi classes, where the 2 is REACH and UNREACH? Also, if IPv4 is negotiated as an MP type, should it maybe be required to be done via MP and _not_ via non-MP (vanilla) type? That way, only if all the REACH/UNREACH decode successfully, and appropriate additional types are present (based on 4470 rules), it is possible to validate that sufficient detail is available for the error handling. Thoughts? Brian On Fri, Dec 7, 2012 at 4:55 PM, Shyam Sethuram <shyam.ioml@gmail.com<mailto:shyam.ioml@gmail.com>> wrote: Hi Chris, On Fri, Dec 7, 2012 at 4:41 AM, Chris Hall <chris.hall@highwayman.com<mailto:chris.hall@highwayman.com>> wrote: Jakob Heitz wrote (on Thu 06-Dec-2012 at 18:08 +0000): > Some length errors will not be detected as length errors, but as > misinterpretation of subsequent bytes. The draft appears to be relaxing everything in sight, so there are indeed few (if any) length errors per se left; or many other errors for that matter. Also, the relaxation means that almost any pair of octets are acceptable Attribute Flags and Type. One attribute follows another. There's really no way to tell what pairs of octets are really acceptable as Flags and Type. And, as far as I can see, a final attribute which overruns the end of the attributes part of the message (as defined by the 'Total Attributes Length') is also acceptable. You can reset the session at this point if you haven't come across MP_REACH so far and know that IPv4 NLRI length is 0. By "error" I assume we mean something which would today trigger a session-reset. By "acceptable" I mean "does not trigger a session-reset" -- the result may or may not appear to be "malformed". Given that most Type values are unknown, a broken length in an attribute is likely to result in the rest of the attributes part of the message being interpreted as a number of unknown attributes, the last of which will probably overrun the end... all of which is "acceptable" and only the last "malformed". For almost all cases of broken attribute(s), the draft requires: "the UPDATE message containing the attribute MUST be treated as if all contained routes had been withdrawn". Except, the draft does: "observe that in order to use the approach of 'treat-as-withdraw', the entire NLRI field and/or the MP_REACH_NLRI and MP_UNREACH_NLRI attributes need to be successfully parsed". It seems to me that "successfully parsing" MP_REACH_NLRI and MP_UNREACH_NLRI attributes must include knowing when they are NOT there. Suppose the code has "parsed" a set of attributes, one or more of which is "malformed", and has managed to extract a valid MP_UNREACH_NLRI attribute. Should it "treat-as-withdraw" ? The smart money would be on there being an MP_REACH_NLRI somewhere amongst the broken attributes... unless there were some vanilla IPv4 Unicast NLRI. Also ambiguous is the case where an MP_REACH_NLRI has been extracted: is there an MP_UNREACH_NLRI buried under the malformed stuff ? In short, as far as I can see, the draft requires: * "treat-as-withdraw" for almost every conceivable case of "malformed" attribute(s). * PROVIDED that MP_REACH_NLRI and MP_UNREACH_NLRI are "successfully parsed". which appear to be mutually exclusive in many cases :-( The only (not session-reset) case where there is no ambiguity is when *both* MP_REACH_NLRI and MP_UNREACH_NLRI are present and valid -- which, unfortunately, is not a very useful case in practice. (There is also no ambiguity if either MP_REACH or MP_UNREACH_NLRI is present but invalid. And no ambiguity if one or both of them is repeated. But those are session-reset cases.) IMO, MP_UNREACH_NLRI does not enter the picture here. The test for NLRI presence for the scenario you described is limited to plain IPv4 NLRI and/or MP_REACH_NLRI. .... > If you get a message length too long error, the most likely result > will be that you misinterpret the 0xFF's as NLRI and get an NLRI > length error. Blimy. That suggests reading beyond the various boundaries established by the 'Message Length', 'Withdrawn Routes Length' and 'Total Attribute Length'... surely not ?! IMO there's no scenario where this is needed or implied by the draft. shyam Chris _______________________________________________ Idr mailing list Idr@ietf.org<mailto:Idr@ietf.org> https://www.ietf.org/mailman/listinfo/idr _______________________________________________ Idr mailing list Idr@ietf.org<mailto:Idr@ietf.org> https://www.ietf.org/mailman/listinfo/idr
- [Idr] I-D Action: draft-ietf-idr-error-handling-0… internet-drafts
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Saikat Ray (sairay)
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Shyam Sethuram
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Enke Chen
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Robert Raszuk
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Rob Shakir
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… bruno.decraene
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… bruno.decraene
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jakob Heitz
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Brian Dickson
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Chris Hall
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… Jeff Wheeler
- Re: [Idr] I-D Action: draft-ietf-idr-error-handli… John Leslie