Re: [Idr] AD Review of draft-ietf-idr-bgp-extended-messages-20

Jeffrey Haas <jhaas@pfrc.org> Tue, 14 March 2017 22:46 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95F6613161C; Tue, 14 Mar 2017 15:46:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.003
X-Spam-Level:
X-Spam-Status: No, score=-0.003 tagged_above=-999 required=5 tests=[RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TO2Zj0JMfmBs; Tue, 14 Mar 2017 15:46:32 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 941D013161B; Tue, 14 Mar 2017 15:46:32 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 3124A1E33B; Tue, 14 Mar 2017 18:52:43 -0400 (EDT)
Date: Tue, 14 Mar 2017 18:52:43 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: Susan Hares <shares@ndzh.com>
Cc: 'Enke Chen' <enkechen@cisco.com>, 'idr wg' <idr@ietf.org>, 'Robert Raszuk' <robert@raszuk.net>, idr-chairs@ietf.org, draft-ietf-idr-bgp-extended-messages@ietf.org
Message-ID: <20170314225242.GM12864@pfrc.org>
References: <CA+b+ER=r6tF3t-THjN_zz5hOLETRV5MjpcoEo+79exeafWBNfQ@mail.gmail.com> <01b301d29758$180458e0$480d0aa0$@ndzh.com> <e2fd2bc1-94fa-66fb-e2f0-668ee5a1f1a1@cisco.com> <CE23F9A0-DC7B-4AC1-A6E4-6BF5A287B71D@nist.gov> <7657b686-0685-9bdf-17ba-e7d618a237aa@cisco.com> <C83C3A72-5059-4345-B0E7-AB7F9FD48E53@nist.gov> <edf306511fd84fbe8bceb4b5801be8ea@XCH-ALN-014.cisco.com> <bc0e6deb-f07b-4234-0c19-85acd162f5b6@cisco.com> <E6D510E4-34A6-40D4-A63F-47DA22EDB81B@pfrc.org> <004001d29874$9ed03840$dc70a8c0$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <004001d29874$9ed03840$dc70a8c0$@ndzh.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/l6Hn8e9g48ma3Hs4XUqt8CDa_t0>
Subject: Re: [Idr] AD Review of draft-ietf-idr-bgp-extended-messages-20
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Mar 2017 22:46:34 -0000

Sue,


On Wed, Mar 08, 2017 at 08:29:37PM -0500, Susan Hares wrote:
> Caveat - I am not commenting on operational issues.  If your brief comment
> denotes some operational issues, I would appreciate a longer description
> on-list or off-list. 
> 
> If you are comment on the functionality within the RFC4271 FSM, I am not
> sure why the "wiggle room is reduced when the open message size is changed"?
> I have been specific on this list as to the functionality a message header
> length error enacts (Event 21) versus an Open Message Header enacts (Event
> 22).    Please be as specific in your response if it is a FSM issues. 

This is to some extent a simple issue with regard to extended and
non-extended speakers trying to interoperate.  However, the version case
with the changes under discussion complicate the matter slightly.

Presume old RFC 4271 speaker, O.
Presume new extended message speaker E.

If E sends an open message > 4096 octets to O, the generally expected
behavior is that O will send a notification message with a Bad Message
Length subcode.  O has no reason to change its behavior.

E may have course note this specific error and try to back-off, if possible
to a <= 4096 message size.  However, I tend to agree with other threads that
we're better off blocking the peering session from coming up without further
intervention.  I am *not* a supporter of deferring the larger Open
operations to another message; we'd be better off getting something like
Dynamic Capabilities working and we've had a number of discussions about why
some of that behavior is problematic.

(Alternatively, we simply have the extended open message, but that's a bit
of a change in the FSM.)

So... why did I bring up the version negotiation point?

Mostly because for version negotiation to work, once we leave -4 behind, we
need to be able to generate an Unsupported Version Number error.  We can't
do that if the receiver simply dumps the session due to hitting the message
length validation failure first.

As I mention too tersely in my response... oh well.  But it does mean that
if we go with > 4k open messages that old speakers will only get upset about
PDUs that are too big rather than giving us other useful information about
why session negotiation is failing.

I suspect this is fine, but it should be a choice that is clearly
understood.

-- Jeff