[Idr] Validation for BGP Flow-Spec Redirect to IP Action
PVLR Pavana Murthy <pvlrpm@gmail.com> Fri, 13 April 2018 05:51 UTC
Return-Path: <pvlrpm@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45CF01270B4 for <idr@ietfa.amsl.com>; Thu, 12 Apr 2018 22:51:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.998
X-Spam-Level:
X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jRm-tohUbhP8 for <idr@ietfa.amsl.com>; Thu, 12 Apr 2018 22:51:30 -0700 (PDT)
Received: from mail-oi0-x244.google.com (mail-oi0-x244.google.com [IPv6:2607:f8b0:4003:c06::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5405126D45 for <idr@ietf.org>; Thu, 12 Apr 2018 22:51:30 -0700 (PDT)
Received: by mail-oi0-x244.google.com with SMTP id j143-v6so7370805oih.11 for <idr@ietf.org>; Thu, 12 Apr 2018 22:51:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=UEOY99Lp2UaGiJUmVIl8f9az7xIZYpJhLmRBsCWooBU=; b=Y4qs7hpdlBjFBuBIczKteZ2nT3ze4Di8+zwzqrm+GDpc3fEa6ppHYWrZOh0HICLp6i D6M2hMCMrBrFO6ND+/6buN4L4kKz1A9FvNA5vyI6fezFif1sBLfBFCccF6eVYuxMjo9W wJ4saisOy3pePuQtjSyr7iL4IuZsRZ8xdrWZ/YOBMA1G2hJZfeipEeuMc6p9kQ1U3+eG mbZ3jxMGjeus7nXS0YpwO/2TLnylKc8L6emqFQ7zoMNl39POnmWaDJNUCpTLXPelN3bT 6PSAEI107fHF/7ZdVjuqrCl+DTbomTTJpE2kKxkbwwBn1GLf1/xlI4Pl2gLS+w7XOp1f X/RQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=UEOY99Lp2UaGiJUmVIl8f9az7xIZYpJhLmRBsCWooBU=; b=O35py4uTrVqSJX7oHdEK8i3Nq1IdUnNswEAqEjzf66Dv2elvf6udk6Su06puOABfZO ehYwKrDKiNZCXfVKQWHsQvnVowSY5rGhnSaFLxJHi0H2sB1r+x7QwWgnqoyZOmB5j+cv gUlRsk4YNnaawUDzPl1q/bLH7GAj8ABNhG0j4mJP42+4VWCiJaA7YbwdFHdDOMvmMm5Y Gi/3c/KuyxDUIEApl8xfbC0QTQ4ESXIHh4/b39C6b8OsawwQ7CydGFw6qdKUUp0Afhjt /SJ043+j6eGyc5p1B+gSjyaL7oX9WxHfVE3ebRp0xSUOClNpOROjpuCRMbRYm2z0p629 3KDA==
X-Gm-Message-State: ALQs6tAYgiPiRL3cSoAAsFrnHv/6BSKJMy0wAX6/toaW5+pzM5aLAQSF pgz1lsEftwC8p1NMK/j7ZZx0EmN5PTTNdfT7D4PgOQ==
X-Google-Smtp-Source: AIpwx48l89tIx2J/8R/VEUVExJcEyYHiFekoWToUfF718h1AxpRTRX4A3KcJCV94gUZlgW/mEmz35V/iyk6a/NtmBzE=
X-Received: by 2002:aca:600a:: with SMTP id u10-v6mr7139309oib.96.1523598689741; Thu, 12 Apr 2018 22:51:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.201.92.68 with HTTP; Thu, 12 Apr 2018 22:51:29 -0700 (PDT)
From: PVLR Pavana Murthy <pvlrpm@gmail.com>
Date: Fri, 13 Apr 2018 11:21:29 +0530
Message-ID: <CAN-MQG6bDyzcyuVs1vmka-JZFrD9Ya1uOuU_AFxfu0GnYgdmbA@mail.gmail.com>
To: idr wg <idr@ietf.org>, pmohapat@cumulusnetworks.com, djsmith@cisco.com
Content-Type: multipart/alternative; boundary="000000000000aeb1db0569b476a2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/nIHQRpLF5cbqu5EWMkZlvgO7kks>
Subject: [Idr] Validation for BGP Flow-Spec Redirect to IP Action
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Apr 2018 05:51:32 -0000
Hello, In the draft draft-ietf-idr-flowspec-redirect-ip-02.txt, the following procedure is mentioned to validate the extended community of 'Flowspec redirect to IP'. BGP speakers that support the extended communities defined in this draft MUST also, by default, enforce the following check when receiving a flow-spec route from an EBGP peer: if the received flow- spec route has a 'redirect to IP' extended community with a 'target address' X (in the global administrator field) and the best matching route to X is not a BGP route with *origin AS* matching the peer AS then the extended community should be discarded and not propagated along with the flow-spec route to other peers. *I have 2 doubts related to this statement.* *What is 'origin AS' here? Is it the AS no. that is first added to the AS_PATH? * *In the previous version of the draft its mentioned as the last AS in the AS_PATH.* *Is it the last AS no. that has been added to the AS_PATH or the last AS no. from left in AS_PATH? * *What if the redirect target X is directly connected or reachable by a static route and its not advertised by EBGP?* *Do we need to consider that action invalid in that case?* Thanks, Pavana.
- [Idr] Validation for BGP Flow-Spec Redirect to IP… PVLR Pavana Murthy
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… David Smith (djsmith)
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… PVLR Pavana Murthy
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… PVLR Pavana Murthy
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… Simpson, Adam 1. (Nokia - CA/Ottawa)
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… PVLR Pavana Murthy
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… Simpson, Adam 1. (Nokia - CA/Ottawa)
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… PVLR Pavana Murthy
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… Simpson, Adam 1. (Nokia - CA/Ottawa)
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… David Smith (djsmith)
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… PVLR Pavana Murthy
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… David Smith (djsmith)
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… PVLR Pavana Murthy
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… David Smith (djsmith)
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… PVLR Pavana Murthy
- Re: [Idr] Validation for BGP Flow-Spec Redirect t… David Smith (djsmith)