Re: [Idr] AD Review of draft-ietf-idr-tunnel-encaps-15

John Scudder <jgs@juniper.net> Mon, 04 May 2020 19:57 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5473C3A0FBD; Mon, 4 May 2020 12:57:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=ywyg7OyI; dkim=pass (1024-bit key) header.d=juniper.net header.b=YAssgyhD
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ipbn_ub_LANS; Mon, 4 May 2020 12:57:28 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F8F63A0FB6; Mon, 4 May 2020 12:57:11 -0700 (PDT)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 044Jr9t1023306; Mon, 4 May 2020 12:57:10 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=dfGHrnH32F67+L5bKOAroAC6NmAzgvmg0zLKU17DVdA=; b=ywyg7OyIlwB3K7g2yT2DGcx4OPsvJC9OWar+0KStgcL132tteZu615oitCsTxbwoDXRx fc7EckhbxWGNNx0rcReva7bTNZ+3HEpNi/ZKuBF7m5OdvXDe7LehFizZmZoyLJicls8i g8FFLX+BmtLE22tYzJlkKJpMfu+v24MZ2kbmlxSHQnX4tVs5Y50XsPK7zdAAFyhZLwyc Z/LdA85SevYC0UpB+AFPzLaAkBaeTjan+FmgwUVAvYrVYP6UWw9fhU6M2yA6F9xdfwdU +lPhd75YpI1Oh2ZSDPkdigEkNTnHPblLBicJfV74i9tjM3cT4heaH59H3JB6dtG5oBuV fw==
Received: from nam04-bn3-obe.outbound.protection.outlook.com (mail-bn3nam04lp2054.outbound.protection.outlook.com [104.47.46.54]) by mx0b-00273201.pphosted.com with ESMTP id 30s6shkgss-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 04 May 2020 12:57:09 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ymw9QQkUerdRPzYdGnky055Qb/AZKaEJVqhKKrhzccep02Y+Yhq+06ERvOtBc/2bIPjOklitODJvXgOAu1r5cQSRNtJ4Q7DsppecL6xetuN6ElisoKSdOkrdZKO5bM9NYaYpDFFbK5TALoMEXzP2gqNgekwscsykChEikb8G9Ge+95uvrOtUePPJ0ba/isRZzB1ovmEXY2D9UeRYJrFIjB5wpD5ipPRE40yy84inbQfpy4cpk2MxHkPfKFERJcl14EoKbC9qwxMHiBdYK0qsYYQZv8O415HcqavJ+bCC1TSNclb6k8Ih5JylJOrOW74HQa+/KTSB5fFXiRnk+SarIg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dfGHrnH32F67+L5bKOAroAC6NmAzgvmg0zLKU17DVdA=; b=jCIo2MjghM/xXrDcUNnOoiN9DCcFc0djNJOitkpJAf4UZR1A7zNX0DsnQKEZbnoo6jegRBKjg/+HVj5Y0r31w9u+IBR1JG9qrav1myHRZEEL5qdBXGwBuczjQ49JbHewVwRAeyy4NDPaHmWkhTBjPLEG4LUMGt260kA2bxLAp4gXAE+LZgEwnXwbbVVjlH8HWPzpYiPXdDykh+qsUZVoctd5HsD5X6vKMj1wIGsQOKkx04yQMoRAqaX+xZPb0w2ABkqUdFCF1Y7f1M/PoeMuXu/hzL7GMiZKji81OhZ7APhUWOvvAdqGjV+5GWFGuRGz+EqkBven0LNPfKxbWQCWFQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dfGHrnH32F67+L5bKOAroAC6NmAzgvmg0zLKU17DVdA=; b=YAssgyhDITHEqtxl73DD/PTzg/pBnXSHYpYyS6avrGgQGB1zVRoDWCRcxhVwAKziHwocPIL6zWgcsOcfoSu0flrtrYYG14IeTSoi3u0pb7+QaZxF5I12gbPclN/Xfhxhq0hKVwDmv5fV9HL2zZmEizGHkuWaZnIny/9/GBKbIZE=
Received: from BL0PR05MB5076.namprd05.prod.outlook.com (2603:10b6:208:83::12) by BL0PR05MB5361.namprd05.prod.outlook.com (2603:10b6:208:63::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.11; Mon, 4 May 2020 19:57:08 +0000
Received: from BL0PR05MB5076.namprd05.prod.outlook.com ([fe80::d450:6f4c:4c28:b45f]) by BL0PR05MB5076.namprd05.prod.outlook.com ([fe80::d450:6f4c:4c28:b45f%7]) with mapi id 15.20.2979.024; Mon, 4 May 2020 19:57:08 +0000
From: John Scudder <jgs@juniper.net>
To: Alvaro Retana <aretana.ietf@gmail.com>
CC: "draft-ietf-idr-tunnel-encaps@ietf.org" <draft-ietf-idr-tunnel-encaps@ietf.org>, idr-chairs <idr-chairs@ietf.org>, "idr@ietf. org" <idr@ietf.org>
Thread-Topic: AD Review of draft-ietf-idr-tunnel-encaps-15
Thread-Index: AQHV6LURgETtNTA88kySyYPq0YikO6iYyvaA
Date: Mon, 4 May 2020 19:57:08 +0000
Message-ID: <5CC8EAD7-FDC0-405C-B562-F8C7FB90FE3C@juniper.net>
References: <CAMMESsw09LGWWhqyJ_0=jRimUN+_UuCjaXHCdqF9zkpaxSQgVQ@mail.gmail.com>
In-Reply-To: <CAMMESsw09LGWWhqyJ_0=jRimUN+_UuCjaXHCdqF9zkpaxSQgVQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.80.23.2.2)
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.241.14]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: ca7ca073-d5ea-4a93-88a8-08d7f06553b8
x-ms-traffictypediagnostic: BL0PR05MB5361:
x-microsoft-antispam-prvs: <BL0PR05MB53618D4F37AE9131F9CEFD29AAA60@BL0PR05MB5361.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 03932714EB
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: dMkqN/NkVEgf+noXunBmlDL0oR5rD/2d0pWucPwTRDMk7wAmt4u1aP8zt0nqFzPdyKK99go+Nx0LIQYMBxLwghhLy7rpILRYXTKpkdHdJPtmB485923vd6H8BAnlS3wMp+WZZ8oDYN7d0Ud7XXrMs+UcOfgA3+DCfxd81HFIbed/O7Yp+zUTXLk/rC4lN9k1U23UwjVcqPZKkOAoFAr6RRCtFHIZba3TMC0GfARCp+3ePW6CJIzSYXiVe3UoJW462g2UpUC9URFS72ep2uUpjgPPWvyngpDt+YKwoUU8t81YlRzvit5QQA8h/saG6XjvTtdNsOyp7POXhWtq0dWOjFvIZpRA/HPe6jSu2tFh9UZ6ijDF0NPi2W+pBEWFsq+YeW29hTh10nD8sd2y791efEK+ffUlYKylDDcFuFLLZShUzwXXRXCiEyJq4jMCgp/8
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL0PR05MB5076.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(366004)(346002)(39860400002)(376002)(396003)(33656002)(6506007)(53546011)(26005)(2616005)(5660300002)(71200400001)(8676002)(54906003)(478600001)(6916009)(186003)(86362001)(316002)(8936002)(36756003)(66946007)(66446008)(6486002)(6512007)(66556008)(66476007)(76116006)(2906002)(64756008)(4326008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: YM0EW5bSDTtmSslgOzhuV4zxEiWI4aZ6QYk6Nnju44vwonL11gl++hcU755/KWDjF5Bc4iVCdJ+WhOHjCw4oPSGI4jgstHhVnzKcN+AploVneUBYXZuV5ep6lb9mTnBDYV4QNchD7o5rI1x77udB+xE6EEd2L/IxuUfszFQgTDjtx2WknKdUgVpFmK8exVU+veiPUbC7/moC9IQeo5rubjMIxX9V2r9HUPnzWbIvxoTqJNbuXYplSMANKvOqzO6dKkAmKK6+fycgNzE+i9+FPtrStqgaV0c3r70+2qqyMd5bCreLeHN5n+L8TvFCn3ENoA4GlqfyNp3Z+DW0Mz8xz/Egmh2uCp/2btnIA8FNYKd40ycFTpgd3WAOSfMfVPXrYKtWqG+bwDNX+MrMG4KO5CRaIeSVEjp8Qcy5RslW8oatQbMjjz269KJNfyywQXrjGdwvnnbn1QAIocpT2Pj6l2dUj4hldqNlEIcD0/dJBmr4k1E/8dLXts6KpXfDE+8Qi7RMhVy4oNxx3kfshzOOAFWU5QkeizuG2nwK6SkaL0sHIVB9hcVHRSjJgzxooXST4yWzmLpKvUX8Xd5DGd6lkLleWQbaPtXbeYwqsxwdDCi6ywh3V6wFrx8+u7PDpkVbBM45EcmO2k+UgkvU4+yYtt1p47AzEho+/Evo1dfUSyYoHuhvsyoxOIi9lRW6+WaTp9LOYXZw6aW42HcMsXq5Xg5stLs4e4U6c/mJc2sqaO4RxlXwvHE/G7v6T27gfxlYnXvUuHtlEBd3atvXgCK4BuVQce0rZ+qieFKlBr1txGA=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_5CC8EAD7FDC0405CB562F8C7FB90FE3Cjunipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: ca7ca073-d5ea-4a93-88a8-08d7f06553b8
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 May 2020 19:57:08.2020 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PrYfBDV5Z81XDJ8orP5vb706h/dF34L8IKMhPQGWUKvLanhUuvztQvy1B/07NDCZ
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR05MB5361
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-05-04_11:2020-05-04, 2020-05-04 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 impostorscore=0 malwarescore=0 bulkscore=0 adultscore=0 mlxlogscore=593 lowpriorityscore=0 priorityscore=1501 phishscore=0 clxscore=1015 spamscore=0 mlxscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005040156
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/rfTFGHBPQxyfHqGKyIpXDlS63bQ>
Subject: Re: [Idr] AD Review of draft-ietf-idr-tunnel-encaps-15
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 May 2020 19:57:31 -0000

Hi Alvaro,

On Feb 21, 2020, at 7:47 AM, Alvaro Retana <aretana.ietf@gmail.com<mailto:aretana.ietf@gmail.com>> wrote:

428    o  The IP address in the sub-TLV's address subfield is not a valid IP
429       address (e.g., it's an IPv4 broadcast address).

[major] What is a "valid IP address"?  The text above says that
link-local are not allowed...and that a host address is expected...and
that the address must "belong"...now you added broadcast addresses.
Anything else?  Is a multicast destination "valid"?  Is there a
reference that can be added here to avoid having to define it?

This problem has been around from time immemorial; for example RFC 4271 has a couple of places where it says things like


   Syntactic correctness means that the NEXT_HOP attribute represents a
   valid IP host address.


I remember wrestling with this in years past, but I’m not sure I ever came up with a good solution. The best reference I can find is RFC 6890, "Special-Purpose IP Address Registries”, which defines what we generally refer to as “martians”. Using that, perhaps the rule could be rewritten something like this?

"o The IP address in the sub-TLV’s address subfield is listed in the relevant Special-Purpose IP Address Registry [RFC6890] as either not a valid destination, or not forwardable.”

In practice this would probably be implemented by using the implementation-specific “martian” list, but this gives us a way to cite it normatively. By the way, this nominally makes the text about link-local redundant, since both the v4 and v6 special-purpose registries include link-local.

—John