Re: [Idr] AD Review of draft-ietf-idr-rfc5575bis-17 -> Updated Version -18 and Flowspec v6

Christoph Loibl <> Sat, 21 December 2019 10:04 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CE989120A3D; Sat, 21 Dec 2019 02:04:03 -0800 (PST)
X-Quarantine-ID: <wkb9KU9HQ7DN>
X-Virus-Scanned: amavisd-new at
X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char E2 hex): X-Spam-Report: ....\n\tIt is supposed to >>> \342\200\234ignore\342\200\235 the[...]
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wkb9KU9HQ7DN; Sat, 21 Dec 2019 02:04:01 -0800 (PST)
Received: from ( [IPv6:2001:858:2:8::235]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4B034120A3B; Sat, 21 Dec 2019 02:04:00 -0800 (PST)
Received: from ([] helo=[]) by with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from <>) id 1iibRv-0007Dq-CL; Sat, 21 Dec 2019 10:53:27 +0100
From: Christoph Loibl <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_3AB36DA8-194A-4B56-BCD9-1922B150B21C"
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.\))
Date: Sat, 21 Dec 2019 11:03:55 +0100
In-Reply-To: <>
Cc: Jeffrey Haas <>,, "idr@ietf. org" <>,
To: Alvaro Retana <>
References: <> <> <> <> <> <> <>
X-Mailer: Apple Mail (2.3608.
Archived-At: <>
Subject: Re: [Idr] AD Review of draft-ietf-idr-rfc5575bis-17 -> Updated Version -18 and Flowspec v6
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 21 Dec 2019 10:04:04 -0000


> On 18.12.2019, at 17:17, Alvaro Retana <> wrote:
>>> In case of an unknown flowspec component the parser can run until decoding
>>> the component type (always the first byte of the component). When it reads
>>> a unknown type-value it can easily jump over the remaining bytes of the
>>> entire NLRI (the length of the the complete NLRI is encoded in the first
>>> bytes of the NLRI) without needing to understand what is in there, because
>>> it should treat it as withdraw. I do not see the problem. It is supposed to
>>> “ignore” the entire NLRI not only a single component of it.
> Christoph: It seems to me that we're getting to the same behavior: I
> call it "discard", you call it "treat it as withdraw...“ignore”".
> While discarding, ignoring and treat-as-withdraw are different things,
> the effect seems to be the same: we won't use the NLRI.  We can find
> the right words...  Do you also think we're going in the same
> direction?

I agree. I will need to collect the comments and think that I can come up with something that is acceptable while still giving some certain degree of flexibility to protocol extensions. 

I already started working on all the the issues in the document you pointed out on github: <>

Expect a new -19 to be ready by the end of January, maybe a little earlier.


Christoph Loibl | CL8-RIPE | PGP-Key-ID: 0x4B2C0055 |