IETF Logo Mail Archive

Re: [Idr] WG Adoption call for draft-spaghetti-idr-bgp-sendholdtimer-09 (2/28/2023 to 3/14/2023)

tom petch <ietfc@btconnect.com> Thu, 09 March 2023 12:16 UTC

Return-Path: <ietfc@btconnect.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0549C14CE4F for <idr@ietfa.amsl.com>; Thu, 9 Mar 2023 04:16:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kTAyI6SKM1NW for <idr@ietfa.amsl.com>; Thu, 9 Mar 2023 04:16:16 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on20723.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1a::723]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 027C1C14CE54 for <idr@ietf.org>; Thu, 9 Mar 2023 04:16:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EAwd9MmOdEzZjCQZTEO3cAOS7pVrFvQzdbde0qvHvxXsk/DF9EN5fF19z93EWr7uit0RqVoegbqBi7WGcB/TRLSRMTuF9GcLec8dpvbZ9YFDS49PP9gTjja886eTgsrRLoEOmohCRlleR8bJAKfRauJhxUdzB1vE8iDcuI4ZWPrGm+slba4DFfp2BN+HZ2fIzlPbpjv/uapwOoUlmNjiH8NzP/5oWKRZzReyAxleJbc5+zMC7uzGxNTNtQs+5CBBpz3axl3ZJmRrflQKB0hVF731Z1tzdu987Z4DF1PJZ7Xd3Sm9tzseQpUL64hOzS1CYvUdq1w7VFRfcna5CkWjDw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cDYOJlyvM6VJH7IZuNri5/TePM5zIeHIlBNto/fGIAI=; b=YAMVlSd/faoRqO4cYr+BqAhyJ5uuCdAazqj9K0zeYHBSHCy4H2hNhJLuUJyV6RSXqXkBn6eKB8TXlG30E3uEG2Ve4aXx0LuXQwsvAxyv4E8DN9YW6K+Sl4n8Y+Ts0IY2e0jfIqfQc5wUOQ7tm7jMfehcdEv2MAUzPePuuWl2D5YcEOeJHaVWQLZKypwNYArzOeqJHOChiaDCdv8wjlkluUGFWhTfsMRVNs82fh1l1EePYMXclvzUj1uCrEwum9/Fy8lzrTZPdQKylErp3X5yH0sQsnxHc8D15rV9LStcMDpPepf9S/HH1IsEJ6Xf8jAAP4RFRE6o2uIVqbiI9Uz+Sw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cDYOJlyvM6VJH7IZuNri5/TePM5zIeHIlBNto/fGIAI=; b=NAzxBAWR3u0gXaULWVm2xYMozXxnHUVBBGQRkeJIixJGga83f8tHkt16JO0m46WtEJTSRf/+BlbCGnHV362uIhYXcseRUTtxZzLMMklwGq1ehux6fozqzxTmsPxk/SccHyZcxK8TpwSC4ruqdOugQJGaWx4pzYHNmBlRntyM14I=
Received: from AM7PR07MB6248.eurprd07.prod.outlook.com (2603:10a6:20b:134::11) by VI1PR07MB9529.eurprd07.prod.outlook.com (2603:10a6:800:1c6::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6156.29; Thu, 9 Mar 2023 12:16:12 +0000
Received: from AM7PR07MB6248.eurprd07.prod.outlook.com ([fe80::34a0:cbda:4ac4:e2f0]) by AM7PR07MB6248.eurprd07.prod.outlook.com ([fe80::34a0:cbda:4ac4:e2f0%5]) with mapi id 15.20.6178.018; Thu, 9 Mar 2023 12:16:11 +0000
From: tom petch <ietfc@btconnect.com>
To: Job Snijders <job=40fastly.com@dmarc.ietf.org>, "idr@ietf.org" <idr@ietf.org>
Thread-Topic: [Idr] WG Adoption call for draft-spaghetti-idr-bgp-sendholdtimer-09 (2/28/2023 to 3/14/2023)
Thread-Index: AdlL53S35y0wFl7vSYqzgyNmdCGunwEYoa6aAAGmhAAABSyQgAACG2yAAISnJbo=
Date: Thu, 09 Mar 2023 12:16:11 +0000
Message-ID: <AM7PR07MB6248C6E424B7C21CC298F88AA0B59@AM7PR07MB6248.eurprd07.prod.outlook.com>
References: <BYAPR08MB4872FD426205CAC6F82D22BEB3AD9@BYAPR08MB4872.namprd08.prod.outlook.com> <AM7PR07MB6248673BB25E0C0BCDBEE480A0B69@AM7PR07MB6248.eurprd07.prod.outlook.com> <CAOj+MMHF9G5-CmGPJpWja=1kgBrV=EYtzyhQr9La1722=D+ugA@mail.gmail.com> <m2edq1ac7s.wl-randy@psg.com> <ZAZSyywxxg0HkaDw@snel>
In-Reply-To: <ZAZSyywxxg0HkaDw@snel>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=btconnect.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM7PR07MB6248:EE_|VI1PR07MB9529:EE_
x-ms-office365-filtering-correlation-id: c6af435e-12f1-4688-20a8-08db20981245
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 1rR0hDU9EAGc4igVv8vYlEJd46quDA4hXRHUiTMJMbQo1z4vb1I9IcKUSzIT9rmcHEgwMZbdPxliZSeKU3nnkyGjYvkSHcCnJdecge6nb+dGeGF2aHqYrY4NtN1Ky/ni1AjMxK5xXbNqYPVVvcRsgyZK6X3tawijMlWf6A5xXGm3iKDfdC1e3TGK82aYGPTa9RESfeEBaGUEJ1GQ9qUKzPGnociEoHz9wkKweKHpMj0hDN4YKQtQvxNmzF1AjGlu3+vTuMqZ6CmQyUewWvCdXNXCA6yndFwyNx43BXyq6Spwg5Y+LbGFKr9MCB/GUmBLtg9fWJvMi9allMrcyXBP8U1dyR/DH058UT+tnYBt/GDmC5NPseYFVm2+JV1rDW1zvHZt5wRNwzAm6HYcbU9ol3e6aqXleoUKyw2iaW3Re0DMHJjG4AK66rmEgUrXJS8DaxvmChn7a7aJCNC1g/83Sk3rp80Vl7ImimpPI86ciCidBZV8XHWue3c5WA/rZNW5O5Gt6Mxf1GacYdJAk/EAQhUK5866LqjEkcZbiEt7OpgZ+PafZUad1NEEpYr2C0qX5lDOt6kaVWR91FJOQDVjtaPG6YELSh/vcDcy5w/3NkCsatn6lLBsPUJg3+Q3C5zDXN5cqfBRvDrxJy7Tue6JH8fmkEp6pLeo5U4ZhC/n+xVueBj4/azSku2a9ytNtmsq
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR07MB6248.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230025)(376002)(346002)(39860400002)(366004)(136003)(396003)(451199018)(82960400001)(122000001)(38070700005)(38100700002)(66476007)(86362001)(33656002)(66556008)(66446008)(64756008)(5660300002)(52536014)(8676002)(2906002)(66946007)(41300700001)(6506007)(76116006)(8936002)(91956017)(71200400001)(186003)(9686003)(66574015)(83380400001)(110136005)(7696005)(966005)(316002)(55016003)(478600001)(26005)(66899018); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Q+1UVnPtV/lAD/s/pKCxFiKzcppjgVEnZD3zSZfSrh4UIkQbo3oSKlWFrSduaqeyBrSh40D4kPa4LLkS9IyrblSvbpMCSDYMYW3/zim3FWo4nvujC+uyjYHH1OLABz9d3O+mtFn5aT3UsuLRn1XOA7t8gCdsQtvzwi1ERRuq5OArlc2qbFH28QKAt7uL6Zf81arGvdOgbEM/Mkeautp82Gekl2ovm0gPRNzf4aMvUKg3RC5rb97Y48R4gQA3R1T76UtxOgWLbjq1d0mES4uAJZIjxV69fYwsauxVWETMU32ui4ye5ldRsy7BWffcwRRW6UukJ0V0w4QpzA2rCs3pIdiHTZcjZdUpbFO/uqcKcqGi6eVixqrVo9m2H41ATIcMG5GFl0YsfoT4LOgeUOGRFHOuCYvl5tu0wK3vHM1kXYKF1TOrwhdzzhWlsf3XnZEQBnN4b7UZE8ul6zJwk9/9Mwp3lzoop6odzVM3E5W+Z5EvECLNm6zEU/jI7ofLed/MqVCrINrBxsVKdhAluVK9fq+279syhVX4BktaKxHEeFVTMjFMQVuP7Etq97A+omYf7i7v5WBYH6ukOt9BKp9LcUm7nEzBcShNRFgfuovSoqAjcOCYCmL2w1o0ZUD/vtVEsCbKesl5R4tjYPhWVP/jm9XuDUttrl1zbrjNVvCUNqioxQ/6daEuNroCT5SH+J8sfsEYSKzk5gADKy50Qvyki30RF4urXNf+/YEjX35op5Ze4kwP3d9xJrnjb/U9VXvGjBS7YoVno3fmeEVD5WZ+nJvuTIeYnV0WsyfxjtGAtztxBMX2yq+aXrFAfHBuj67DO3snn8AUP1gDkCSDpJj3YTNqJDw7JQkO7RTXKIr+pK5qsU/oG3v4REMSqaRHG0CE2ykoVBTbiicTVnYSWBPbIcImmzuuXeSBssPZU7G/cJWKJyajvdNg68HFHcGy0NpiwHtNK5MJJHWZfT8jFWCzQAjRW5qpUALKbeHtB6Zpn5XYO9a/cmFT70PpirW5TYlhX9WzWwjAZdQu5JZHvVWU0OaGMkrzFFb66tiqJV0dBDBk8oedrBg+yzgYHQYpwHbffSnAvbq0n7JenOmO1MKq7NKj7TnShQwtlx+FMzExVUc94B+x1J1uw5kY8SA3YHLk5hIKCRCMB12pTfEkNzxyguGEPI3fT4aL0SlRse90RiFcmJk3COeWbBi9yQhXx5F7eZw2gu5e4zn3FQVjtBt+RAe9fZb7Cc3xkFwtI5HKptSiy8+CSTxtTRglwPrGrSj6Ja32EqhmT74SH5LResaE6zSw/WkkgoDS2MAhq8l99eF5siy2dlNiKI3+Kpx19ZlQdnJm4omWmo44NqSOEg1AH4rza7dlQOtPkCXS5I7JBNMifcZ84ln+uKgqV0RJNXbl86rvIwKLLuy/MS74d2t3GAbDyYPCaNnyPX7jitS6AyyuPWgp+TdPGvhs8QCB0XTfbD2ZpLGA9BN7lSvh5RUgoaFbR86HqBNGp/U07VpQSBSCXc/flmTe9Qx9x2RebTIdaBz3iV2YWw9VPIaYBJCTJkSV2wlVJ3+bsbPmT7fN64B/86nPcuzJyQUy3gqQGhtN
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM7PR07MB6248.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c6af435e-12f1-4688-20a8-08db20981245
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Mar 2023 12:16:11.6539 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: O9fZxoKgmnjN2GDVp1tNSuw77Bucqx/QH+B573pnmEjlOtUmloHW0+tQ6KR+ESs5IbeZVDSmwgABf37jv4PiEw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB9529
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/rZI3t-poY1VLH9zqiSf_LeRnPfQ>
Subject: Re: [Idr] WG Adoption call for draft-spaghetti-idr-bgp-sendholdtimer-09 (2/28/2023 to 3/14/2023)
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Mar 2023 12:16:19 -0000

From: Idr <idr-bounces@ietf.org> on behalf of Job Snijders <job=40fastly.com@dmarc.ietf.org>
Sent: 06 March 2023 20:53

On Mon, Mar 06, 2023 at 11:53:11AM -0800, Randy Bush wrote:
> > But technically what is in this draft and apparently prototyped in
> > one open source implementation has a very limited (read narrow)
> > applicability.

Worth pointing out: two widely used open-source implementations and one
closed-source implementation already exist. All three interopable and
independently authored, see Appendix A of the draft.

<tp>

Good to know but since this is BGP, then more significant is the absence of faulty implementations.  I reckon that there are at least  41 updates to the FSM implicit in this and if that leads to one defective implementation, then that is a hazard to the Internet.  That to me is the risk.  Will this approach produce a situation worse than we currently have?

Tom Petch

> adding complexity and significan new code to bgp when, as you and enke
> point out, the vendors can merely flush out their tcp implementation
> where the solution is already specified.

'adding complexity' is a highly subjective assessment.

The changeset to introduce sendholdtimer in OpenBGPD's FSM is very
readable and concise: https://marc.info/?l=openbsd-tech&m=160820754925261&w=2
The above changeset has been tested against exploit code we developed,
it works.

On the other hand, the solution Raszuk and Enke advocate was broken from
the 90s until Linux Kernel 5.11 arrived, requiring a bugfix [1] that
seems of similar 'complexity' as the OpenBGPD approach.

So yes, new code somewhere in the stack will need to be added to deal
with broken remote peers that are stuck in this particular problematic
state.

Using a recently fixed Linux-specific feature certainly is one way of
doing it, but certainly not the only way.

Kind regards,

Job

[1]: https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=9d9b1ee0b2d1c9e02b2338c4a4b0a062d2d3edac

_______________________________________________
Idr mailing list
Idr@ietf.org
https://www.ietf.org/mailman/listinfo/idr

v2.23.0 | Report a Bug | By Email