Re: [Idr] Bug in RFC 7911 (add-paths) and tie-breaking Fri, 25 June 2021 07:57 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 637CF3A045E for <>; Fri, 25 Jun 2021 00:57:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id a11duFcg9nTR for <>; Fri, 25 Jun 2021 00:57:14 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 460253A044F for <>; Fri, 25 Jun 2021 00:57:14 -0700 (PDT)
Received: from (unknown [xx.xx.xx.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by (ESMTP service) with ESMTPS id 4GB8VH2jzQzCrKc; Fri, 25 Jun 2021 09:57:11 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=ORANGE001; t=1624607831; bh=TP/WddBboQi1GrxyR0yRP4QHOVm1gAoqSwsXy4FtuQg=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=xhDYwozJooyL6A3Zp+gF+e0QIB3Lt9Vjn2Hr1l1hBg82Ua99tAuy/7DMcT+G+Yx+H hCBid0AtaX6Tw7mUxDB4dgt3afp2l+7S8A15QBrFEMMLHwdQy/IL/KcNr2q15aEFxY dQMlcce0JZpC/e+RhgbioN85SYqZ5Z/pwtynRkx68U5h2z4cueJkAvAemmZ+Z9ACPw TBheWnbspt2PpiJbTLmXpJVWIgqw/nQpM6+5GsTV63d6CTUT0QTO2Rj49CUipgnY+c TpM0P9Iv173QM3iCfDVaRbUP+OiQzfqDsiylobKU/a8C08y4gmKsi8XjUpc3sgPTFM ix5aM8JqmMEBA==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (ESMTP service) with ESMTPS id 4GB8VH14rgz1xqV; Fri, 25 Jun 2021 09:57:11 +0200 (CEST)
To: John Scudder <>, "idr@ietf. org" <>
CC: "" <>
Thread-Topic: Bug in RFC 7911 (add-paths) and tie-breaking
Thread-Index: AQHXaSTVEauHMW2CTEKGa0jgcKDmnKskUwug
Date: Fri, 25 Jun 2021 07:57:10 +0000
Message-ID: <20976_1624607831_60D58C57_20976_28_1_53C29892C857584299CBF5D05346208A4CDF9BB2@OPEXCAUBM43.corporate.adroot.infra.ftgroup>
References: <>
In-Reply-To: <>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [Idr] Bug in RFC 7911 (add-paths) and tie-breaking
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 25 Jun 2021 07:57:19 -0000

Hi John, all

Thanks for sharing.

TL;DR: I agree that there is no risk of loop. I can live with any of the proposed options.

For the pleasure of the technical discussion (although I'm likely to regret it latter ;-) ).

TBH, I'm not sure what the goal of those final tie-breakers is.
- If the goal is to avoid loops, IMHO the goal is achieved after step "e" (IGP cost) (assuming there is an IGP optimizing for a metric, and that each individual metric >0.)
- If the goal is for all nodes to select the same path (consistency), then it seems to me that the goal is missed at step "g" (peer address) [1] as "g" relies on an local information, hence I don't see how global consistency can be achieved. 
 - I guess that RFC 4271 had IBGP full mesh in mind, in which case "peer address" can reasonably be assumed to be global. But that's not the case with 4456 (BGP RR), not to mention with the extra tie-break rule added by 4456.

Coming back to RFC 7911, path-id is a local ID/choice of the upstream, hence does not seem like providing either global consistency or implementation-independence. However, as raised by John and Jakob, in the end/worst case, that's all we have. (well, "first received", "random" probably equally works given that from the node perspective, the path-id can be seen as a local random number (and technically, it could be a random number). "First received" may even save some churn)
A priori, I would have preferred 7911 to add the extra tie-breaker, however at this point, I'm not seeing a benefit for creating a bis.(but there is also no harm assuming chairs and IESG cycles are free and unlimited)



> -----Original Message-----
> From: Idr [] On Behalf Of John Scudder
> Sent: Thursday, June 24, 2021 8:15 PM
> To: idr@ietf. org <>
> Cc:
> Subject: [Idr] Bug in RFC 7911 (add-paths) and tie-breaking
> Hi Folks,
> Claudio recently pointed out a bug in RFC 7911 to the authors, and we thought we
> should let the WG know. The gist of the bug is that the tie-breaking process is
> underspecified, because it’s technically possible to receive two routes for the
> same destination, from the same peer, with different path-id, and with all tie-break
> metrics the same (all the way down to peer address). My guess — but it’s only a
> guess, I haven’t checked — is that implementations may mostly have chosen to
> prefer the first path received.[*] But the only thing we can say with confidence is
> “it’s underspecified and therefore implementation-dependent.”
> When I worked through this, my conclusion was that whatever option an
> implementation chooses should be safe, since by definition the paths are
> equivalent all the way down. I don’t see a way to form a loop even if every router in
> the network makes arbitrary — and conflicting — choices in this situation, since by
> definition of IGP distance, if a given router A makes an arbitrary choice, none of
> its neighbors when presented with the same set of routes will make a conflicting
> arbitrary choice, since the options are:
> - The peer is closer to both destinations, in which case it can make any choice it
> wants, the traffic will not loop back to A,
> - The peer is further from both destinations, in which case it can make any choice it
> wants, the traffic will not loop back from A,
> - The peer is closer to one and further from the other destination, in which case it
> isn’t faced with a dilemma, it will choose the closer (and the traffic won’t go back
> towards A).
> I guess if you’re in a network that doesn’t have IGP distances at all (maybe
> everything is static routed?) or if IGP distances don’t follow the usual rules of IGP
> “physics”, then you could create a problem. But those are pathological cases
> where we’d expect BGP not to work very well anyway.
> Claudio suggested that path-id would be a good final tie-break; that makes sense
> to me. We could do a quick update to 7911 to standardize this new tie-break, we
> could do a bis of 7911 to include the new tie-break, or we could just leave things
> as they are, relying on my argument above that says there is no strong need to
> standardize a tie-break since any choice is OK.
> For the moment, this is just an FYI for the WG. Thanks very much to Claudio for
> pointing out the bug!
> —John
> [*] You may notice that it’s possible to have two such paths packed into the same
> update in some circumstances, which makes the choice even more arbitrary since
> it’s pretty notional to say one has arrived before the other.
> _______________________________________________
> Idr mailing list


Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.