Re: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt

"Ketan Talaulikar (ketant)" <ketant@cisco.com> Thu, 21 November 2019 04:06 UTC

Return-Path: <ketant@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 724AF120944 for <idr@ietfa.amsl.com>; Wed, 20 Nov 2019 20:06:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.498
X-Spam-Level:
X-Spam-Status: No, score=-14.498 tagged_above=-999 required=5 tests=[AC_DIV_BONANZA=0.001, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=gFNKBmck; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Vhuut0b3
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 147JyhDnmpby for <idr@ietfa.amsl.com>; Wed, 20 Nov 2019 20:06:35 -0800 (PST)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0F13120955 for <idr@ietf.org>; Wed, 20 Nov 2019 20:06:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=25580; q=dns/txt; s=iport; t=1574309195; x=1575518795; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=uSWC8ETV5DcMJH59yoNkLIzIkwnBcLv1gKH9Mndve1c=; b=gFNKBmckTkfK6lCcAwqtHwqWick27e56ugExer+giA3gsWg1rLc0U4Q2 NBShrWm64CI5VRAWvQ3P2rQDjoq8dPenTND0FTVMIdYlnEI8PrZ/uhbaj f0CHZQMLA9uygTsrOmt3NW5xuOvuH0Qtpc1UrzmKJTlh7j1nnk3qp/K6t k=;
IronPort-PHdr: =?us-ascii?q?9a23=3A+UA3bxJEEfwluS6FldmcpTVXNCE6p7X5OBIU4Z?= =?us-ascii?q?M7irVIN76u5InmIFeCtKd2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUg?= =?us-ascii?q?Mdz8AfngguGsmAXE72MPfscwQxHd9JUxlu+HToeUU=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0A3AACIDNZd/5NdJa1lGgEBAQEBAQE?= =?us-ascii?q?BAQMBAQEBEQEBAQICAQEBAYFtAgEBAQELAYEbL1AFbFggBAsqhCqDRgOKa4J?= =?us-ascii?q?emACCUgNUCQEBAQwBARgBCgoCAQGEQAIXghAkNwYOAgMNAQEEAQEBAgEFBG2?= =?us-ascii?q?FNwyFUQEBAQEDAQEQEQoTAQEsCwEPAgEIEQQBAR4KAwICAiULFAkIAgQOBQg?= =?us-ascii?q?MDoMBgXlNAy4BDqMrAoE4iGB1gTKCfgEBBYURGIIXAwaBNgGMFRiBQD+BEUa?= =?us-ascii?q?CTD6CYgEBgWMrCYJaMoIsj1w5hUiYVQqCK4xAiSqCPpdWkAmYSwIEAgQFAg4?= =?us-ascii?q?BAQWBaCM3gSFwFTuCbFARFIZGg3OFFIU/dIEokA4BAQ?=
X-IronPort-AV: E=Sophos;i="5.69,224,1571702400"; d="scan'208,217";a="667129614"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 21 Nov 2019 04:06:34 +0000
Received: from XCH-RCD-013.cisco.com (xch-rcd-013.cisco.com [173.37.102.23]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id xAL46YR7030337 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 21 Nov 2019 04:06:34 GMT
Received: from xhs-aln-003.cisco.com (173.37.135.120) by XCH-RCD-013.cisco.com (173.37.102.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 20 Nov 2019 22:06:33 -0600
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 20 Nov 2019 22:06:33 -0600
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 20 Nov 2019 22:06:33 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FgbEmwd/1VKiXXkU8oavrEMcA1PSyVfMIC2dvdxMwpQhHBQR3NmCGfcfZk3NkDZhk8ZVbBt5D4syjj0EegZJ9f5eIPvLDtV7UE0f8j99dvx0qmevCcERSuhphFZANQ7nKfs/Z6ISnqmJmkJGoV+6G2jAKccVjhKteNJ6Mi4zCtMbMBcf7PChb7U56I2QPiz1tLdO5fqjKsvzL2ZcEU8kmerIal9xYP+lypzfuCXl9BVdsyRs5ssXDzcOIDzD2rxKxRmpNurLYH8w2pnBxJXoiWb3zQBE8jITxNcKVvO34J6xrKpdZRcj4Vlx6e4E+fXuHwS7qwOPUxz4Rw8dCPSXfQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uSWC8ETV5DcMJH59yoNkLIzIkwnBcLv1gKH9Mndve1c=; b=eYDNQeRkd/M4Z92hagmxSQxIXMl6KelXUIYB7V4AfZHYyiPVPndEXEbXcqeABzGpCZNjuk4hyHeEJaZaKjTFvDziZZ7ewIlOZK9qtPo5VfLm3NPLxCSl8kLckXGI+fuXNnoySfgREisKd3YklrvzOlAZgLchkSpMaYXBmF7lAlsJ/up2PG45W0aXXlM4X1ZTWsWOlwoURlQPRwmY/g8Q5O+S95GGacYEHwB1IJEcLjhcmWuxPC7OCaECnYU0555lvAJnMZNWbxFsOEghJCuuLf2nGpsuBRG3dvZ/spRF7RKNCFXYdSaa8oPqMVwz2S0RqcsiS67AKbr2bL5FIbWI4g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uSWC8ETV5DcMJH59yoNkLIzIkwnBcLv1gKH9Mndve1c=; b=Vhuut0b3i6Hd2KR8cNgy3BHJTnDMvdIdkRflR+5gA1CCpL/994vj7TUPB0h5PpuvD57XS3XaJWxQT8eSIpIfkgTjUNsKgTibW7WUL3vtT/bOsbyt0T1DRZtouJx0Q+ZKN4ZMTq5aAvqFwPLrcqdtLIMR/0hdNfRdOBhAshhPOvo=
Received: from CY4PR11MB1541.namprd11.prod.outlook.com (10.172.68.150) by CY4PR11MB0022.namprd11.prod.outlook.com (10.171.254.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.17; Thu, 21 Nov 2019 04:06:31 +0000
Received: from CY4PR11MB1541.namprd11.prod.outlook.com ([fe80::d3a:84a6:be65:e33f]) by CY4PR11MB1541.namprd11.prod.outlook.com ([fe80::d3a:84a6:be65:e33f%11]) with mapi id 15.20.2451.032; Thu, 21 Nov 2019 04:06:31 +0000
From: "Ketan Talaulikar (ketant)" <ketant@cisco.com>
To: Nandan Saha <nandan@arista.com>
CC: Przemyslaw Krol <pkrol@google.com>, Robert Raszuk <robert@raszuk.net>, "idr@ietf.org" <idr@ietf.org>, Prakash Badrinarayanan <prakash@arista.com>, Manoharan Sundaramoorthy <manoharan@arista.com>
Thread-Topic: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt
Thread-Index: AQHVnqIyRXgT11tsQk2IdX+1xczyjKeSIKDggACT7gCAAHQ9cIAAH7yAgADU3YCAAHsfgIAAHclQgABMwoCAAAG4sA==
Date: Thu, 21 Nov 2019 04:06:30 +0000
Message-ID: <CY4PR11MB154127D96A0D27807D095199C14E0@CY4PR11MB1541.namprd11.prod.outlook.com>
References: <157414471256.14003.6244444687150312939@ietfa.amsl.com> <CY4PR11MB1541D63781E529E2B2613F05C14C0@CY4PR11MB1541.namprd11.prod.outlook.com> <CAE+itjeJzygag3K4bA=KpDQgNie7shG8Z47YpMjfjMFF7aq=Tg@mail.gmail.com> <CY4PR11MB15414543EC96BB90BC1167D8C14C0@CY4PR11MB1541.namprd11.prod.outlook.com> <CACH2EkUjd6DDbD9m+rEsAzi+OL1+Q=Q0jEfhPej7d2N73wnL7Q@mail.gmail.com> <CAOj+MMF81zQbnb3vNBQfmEW6_wB4L3X9TV=NQNrhZCZya9+tJg@mail.gmail.com> <CACH2EkUfMgQK8rEtPKR_R1ubPz4yi_X=Cd4_8OFsz5hDhSjWxQ@mail.gmail.com> <CY4PR11MB154160CA1383D9E9B1023BC2C14F0@CY4PR11MB1541.namprd11.prod.outlook.com> <CAE+itjeNFAYW1D8wy2cWjXt8C2bnE=9V1t4QHKVJnYTRaKfHUQ@mail.gmail.com>
In-Reply-To: <CAE+itjeNFAYW1D8wy2cWjXt8C2bnE=9V1t4QHKVJnYTRaKfHUQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ketant@cisco.com;
x-originating-ip: [2001:420:c0d4:1002::1f]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3bc1c491-d300-4bc1-a6fd-08d76e3830bc
x-ms-traffictypediagnostic: CY4PR11MB0022:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <CY4PR11MB0022ACC0F3E068C8E7B2971DC14E0@CY4PR11MB0022.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0228DDDDD7
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(39860400002)(136003)(376002)(396003)(366004)(189003)(199004)(186003)(71190400001)(9326002)(71200400001)(2906002)(4326008)(229853002)(6436002)(6246003)(86362001)(6116002)(64756008)(66946007)(99286004)(76116006)(81156014)(790700001)(66476007)(66556008)(66446008)(5660300002)(52536014)(478600001)(966005)(606006)(446003)(11346002)(486006)(8676002)(8936002)(46003)(6916009)(102836004)(53546011)(6306002)(6506007)(74316002)(476003)(236005)(9686003)(256004)(55016002)(14444005)(81166006)(54896002)(33656002)(14454004)(76176011)(25786009)(7736002)(7696005)(54906003)(316002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR11MB0022; H:CY4PR11MB1541.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: yb5CDOEUz15GUWTebs//VOgftFVQpPdGJLV/au2qNQnWgaSosCeDJ9WMUaAOnKZrMb/GYnC8l6YQhmdOz9mQukv+tjsG2RJByDUibXvFaTsaab8lF0G69XmyUgpGI9ZP9JIblZRM5njHRaCIJndnLfLT9PjIrdkua49L558ikDXQnn56N/KX9cf982eLl6uYtY6NAuK4Nc6XpczkGiU0V4zCiz0dBGZJzLsAm9akcBIodF4osqT9g2mjq5TWQV66oh1WSZ/S+Ze+smO9mBYcAhJXYUjmXBcTBYaME/PTvYC3bXnwsrZ2WbzLHbMUmeEhczISe/WDuDgXjmTVr8g6C9Ogdv8jIYCVUq1Wy+fWQDVkLmiV0G69C21sOBgiY7cJCtoRZt0dW9jC+ync5eHev8CTguYCJVlPVcNM4sfVpgAwhLY7V4OLXfyMHUIRUX+XLGiedGgSQbxEeMBnkdCULPUxIXekg2RjCovIPQUtVVM=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_CY4PR11MB154127D96A0D27807D095199C14E0CY4PR11MB1541namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 3bc1c491-d300-4bc1-a6fd-08d76e3830bc
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Nov 2019 04:06:30.9229 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vRfEexs5dsav4BGC4fQJN9ARuHfhFGzOJtxFXe06rwLQG48FYhRFdHpTv0l1eC01fKCKhhaQf+P4SLkvnM/RTw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB0022
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.23, xch-rcd-013.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/m3q0EfrcHyzMdN4U6giTuQ-0lYg>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Nov 2019 04:06:38 -0000

Hi Nandan,

Yes. That is correct.

Thanks,
Ketan

From: Nandan Saha <nandan@arista.com>;
Sent: 21 November 2019 12:00
To: Ketan Talaulikar (ketant) <ketant@cisco.com>;
Cc: Przemyslaw Krol <pkrol@google.com>;; Robert Raszuk <robert@raszuk.net>;; idr@ietf.org; Prakash Badrinarayanan <prakash@arista.com>;; Manoharan Sundaramoorthy <manoharan@arista.com>;
Subject: Re: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt

Hi Ketan/PK,

On Thu, Nov 21, 2019 at 4:57 AM Ketan Talaulikar (ketant) <ketant@cisco.com<mailto:ketant@cisco.com>> wrote:
Hi PK,

I will make the text change for the community part as discussed below in the next update.
Just to confirm, we're not treating both RT_TGT and NO_ADV  being present as an error, right? The update will only be to clarify that both are allowed together.

Thanks,
Ketan

From: Przemyslaw Krol <pkrol@google.com<mailto:pkrol@google.com>>
Sent: 21 November 2019 05:39
To: Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>
Cc: Ketan Talaulikar (ketant) <ketant@cisco.com<mailto:ketant@cisco.com>>; idr@ietf.org<mailto:idr@ietf.org>; Prakash Badrinarayanan <prakash@arista.com<mailto:prakash@arista.com>>; Manoharan Sundaramoorthy <manoharan@arista.com<mailto:manoharan@arista.com>>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt

Hi Robert,

Why ? IMO when both present is a valid case as RT can be used locally for import as well. RT ext-community and NO_ADV community are pretty orthogonal and serve different purposes.

That's a good point, although in SRTE, NO_ADVERTISE community has a special meaning on top of the "normal" propagation limitation.  Draft says 'either OR' so, in my opinion, this implies 'AND' is not acceptable. If that's the case, then NLRI should be dropped. If, on the other hand, both are acceptable, then it should probably state 'either RT or NO_ADVERTISE ot both'.

Say when you are on RR suppressing IBGP would be a spec bug :).

Fair enough. I was reading the previous version as 'by default don't propagate but you may' and was only curious why IBGP vs EBGP distinction was made in this version. Security aspect does sound like a good justification for it.

thanks,


On Wed, Nov 20, 2019 at 10:18 PM Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>> wrote:
Przemek,

and clearly states the behavior when both are missing (policy not accepted).. Do you see a value in stating the behavior when both are present? Based on the above wording this would deem policy not acceptable and in consequence neither accepted locally not propagated down (must not accepted, not necessarily usable, in order to propagate as stated in the following section). Should it be clearly stated as erroneous condition?

Why ? IMO when both present is a valid case as RT can be used locally for import as well. RT ext-community and NO_ADV community are pretty orthogonal and serve different purposes.

4.2.4. Propagation of an SR Policy

It seems that the original wording was referring to just BGP when addressing the default propagation. In the current version, there is a distinction between EBGP (do not propagate) and IBGP (propagate). What is the reason for such distinction?

Say when you are on RR suppressing IBGP would be a spec bug :).

Thx,
R.




--
Przemyslaw Gniewomir "PK" Krol |
  Network Engineer
ing | pkrol@google.com<mailto:pkrol@google.com>

_______________________________________________
Idr mailing list
Idr@ietf.org<mailto:Idr@ietf.org>
https://www.ietf.org/mailman/listinfo/idr