IETF Logo Mail Archive

Re: [Idr] New draft - Flowspec Path Redirect

Robert Raszuk <robert@raszuk.net> Wed, 23 September 2015 21:03 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E032D1B2D3C for <idr@ietfa.amsl.com>; Wed, 23 Sep 2015 14:03:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bsjx9MeHJq6Z for <idr@ietfa.amsl.com>; Wed, 23 Sep 2015 14:03:33 -0700 (PDT)
Received: from mail-wi0-x232.google.com (mail-wi0-x232.google.com [IPv6:2a00:1450:400c:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 094831B2D3F for <idr@ietf.org>; Wed, 23 Sep 2015 14:03:33 -0700 (PDT)
Received: by wicge5 with SMTP id ge5so225552806wic.0 for <idr@ietf.org>; Wed, 23 Sep 2015 14:03:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=V9GPi6QPh/5uiOeb0zBOVOtRxbYuJ4ZWVRcGGvfcYQY=; b=T6LStg26sQec4lDMmkTgWVlyCifXiPJh2sWcYaM+KxgppjCTk8qxj38MgfSYzbTLqD PhT+6Wx3DGAZncnPqmDW/C0dFglsN5j/fuuhu9MZk0VazOhhyoJcLt+Zkg7TX4+BK4Jw 68vRmL5r1Cu9uOIDiuUxr54redPXgBk7lZzLpLRKJTSn43gMwcBplS78Hqejn2j/IyJ3 8SpQddZILtN2YPEDpViUqmBCJfU6tCZijMwPVJ4fjwyZxgQnTmKIWHoaVm+dfk5hjG4e A18ZQq9YSXSn4Lu8w8iTnKyHsARJJ5tif0zBE8esyaFVtHYOGEjmz/fLAyeBhYkiXWSo eXDw==
MIME-Version: 1.0
X-Received: by 10.180.182.7 with SMTP id ea7mr6394704wic.58.1443042211536; Wed, 23 Sep 2015 14:03:31 -0700 (PDT)
Sender: rraszuk@gmail.com
Received: by 10.194.37.5 with HTTP; Wed, 23 Sep 2015 14:03:31 -0700 (PDT)
In-Reply-To: <1443012214100-ee262a98-e0b3d938-ce50dc4d@icloud.com>
References: <D0CC3567-AE4A-4770-B31A-0BFEB72CA577@alcatel-lucent.com> <CA+b+ERnumHNcnVChLdKtDGOYrNF=7pOdQYJjy7neZGjdgmRevA@mail.gmail.com> <1443012214100-ee262a98-e0b3d938-ce50dc4d@icloud.com>
Date: Wed, 23 Sep 2015 23:03:31 +0200
X-Google-Sender-Auth: 8V-mREkVz5EnQf-BO76jRze4IQ0
Message-ID: <CA+b+ERmXyi=H0jMAtuHADHtm4+h_Usee5pT_sgQFjpxesSh46A@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
To: Gunter Van De Velde <guntervandeveldecc@icloud.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/oKxdcS9zQx1U6cVJ8wMjser_4zw>
Cc: idr wg <idr@ietf.org>, "VAN DE VELDE, Gunter (Gunter)" <gunter.van_de_velde@alcatel-lucent.com>
Subject: Re: [Idr] New draft - Flowspec Path Redirect
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 21:03:35 -0000

Gunter,

> Meaning, that if the receiving router does't have a "valid" entry
> in the locallised path-id table it treats flowspec rule as withdraw.

I don't think "treat-as-withdraw" action is applicable or correct here.

Note that your redirect next hop or redirect path may be down on one
router but up on another.

IMHO there are better options to consider, but since as you indicate
authors already had ideas on that topic I will let authors to present
them in the update draft or by email :)

Cheers,
R.


On Wed, Sep 23, 2015 at 2:43 PM, Gunter Van De Velde
<guntervandeveldecc@icloud.com> wrote:
> Interresting question... I see few options to address this. (And fwiw, i
> left this currently intentionally out the text to see if some ideas pop-up
> to confirm or deny the ideas the authors had on this topic)
>
> The one which currently to me resonates most is to treat the path-id similar
> as a traditional bgp next-hop address... Meaning, that if the receiving
> router does't have a "valid" entry in the locallised path-id table it treats
> flowspec rule as withdraw.
>
> Decision on what is considered "valid" is at first glance a local router
> decision.
>
> If you have another proposal i would be happy to learn and see if it
> resonates.
>
> Ciao,
> G/
>
>
>
> Sent using CloudMagic Email
> On Wed, Sep 23, 2015 at 10:56 AM, Robert Raszuk <robert@raszuk.net> wrote:
>
> Hey Gunter,
>
> Let me ask you a question (which in fact also applies to redirect to
> next hop draft).
>
> What is the expected system action when the redirect path is down
> (assuming you have tools to detect it) or next hop you are redirecting
> it to is unreachable ?
>
> I read your draft but other then definition of the encoding I was not
> able to find answers for this.
>
> The original RFC5575 recommended redirect to local VRF which is just
> as loopback normally up and within that VRF your orchestration can
> redirect to next hop or path with whatever encapsulation you like.
>
> Here you (and redirect to next hop folks) are making a shortcut
> however in both works I have not seen a proper discussion nor
> definition of set of procedures which need to be executed upon your
> redirect entity failure.
>
> I suggest both documents are updated with that before we proceed
> further with both proposals.
>
> Cheers,
> R.
>
>
>
>
> On Wed, Sep 23, 2015 at 10:18 AM, VAN DE VELDE, Gunter (Gunter)
> <gunter.van_de_velde@alcatel-lucent.com> wrote:
>> Hi Folks,
>>
>> We have created a new draft to allow the capability to have Flowspec
>> signal
>> a redirect to tunnel/LSP.
>>
>> https://tools.ietf.org/html/draft-vandevelde-idr-flowspec-path-redirect-00
>>
>> The base principle is to use the indirection capability of BGP for path
>> redirection.
>>
>> This proposal defines a new flowspec community to signal a redirect
>> ‘path-id’. This path-id is is either a 128bit or 32bit value
>> Assumed is that recipient router supporting path-id redirect have a
>> localised path-id indexed table containing LSP/tunnel encapsulation
>> information.
>> Existing technology can be used to construct/create this table (LDP, SR,
>> RSVP, manual-config, etc…) on a recipient router. The LSP/tunnel encap
>> table
>> is indexed using 32 or 128 bit values.
>>
>> Flowspec path-id community is used to activate a redirect LSP/tunnel and
>> provide by indirection the LSP/tunnel information for the flowspec
>> identified traffic towards the LSP/tunnel.
>>
>> Benefits:
>>
>> no need for signalling labels or extra encap in BGP
>> Each path-id indexed LSP/tunnel table is a localised construct
>> existing technology is used to construct the path-id indexed localised
>> table
>> Compatibility with technologies already using 32 or 128 bit identifiers
>> for
>> paths and sessions
>> Easy for flow spec to signal as it introduces no need to signal labels
>> etc…
>> no conflicts with existing label exchange technologies
>>
>> Feedback welcome.
>>
>> G/
>>
>> _______________________________________________
>> Idr mailing list
>> Idr@ietf.org
>> https://www.ietf.org/mailman/listinfo/idr
>>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr

v2.23.0 | Report a Bug | By Email