[Idr] Re: FW: draft-ietf-idr-sr-policy-safi - RTG-DIR Review - Shepherd's review of Directorate reviews

Susan Hares <shares@ndzh.com> Thu, 25 July 2024 22:57 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 607D6C14F68D for <idr@ietfa.amsl.com>; Thu, 25 Jul 2024 15:57:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.561
X-Spam-Level:
X-Spam-Status: No, score=-0.561 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n0wY7kEBDCGb for <idr@ietfa.amsl.com>; Thu, 25 Jul 2024 15:57:12 -0700 (PDT)
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11hn2200.outbound.protection.outlook.com [52.100.171.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D000CC14F5E4 for <idr@ietf.org>; Thu, 25 Jul 2024 15:55:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=FNqJrsDj1xfWm7f6mkpx2moHl8KSeX0R97i1dUY9yoKYnBPyHSkXWdFEe6U8o1365pyFsHNpFpP6HuXMGFPjHL5Gctl+GFw/YYEJXRSXlVYenDgdDQfMhTWQvZD8V+vf2XrFCLh+Cm0Clc/MJ24v2csMWy1zRISepgviDBx3vdEIX3+ZyZCZp6QdZ5WEkkb1vb+gVuCDDzzfmnHByd8cQxq7011VFU7JEqzKoM3yg/4zXjeLGtUMZmOsnuxtr4nwtp8Tq0n++BFOwmZJnfpyl8uTaLt7Ne4wMlvKPuCE2klC00sdQcxRtt6pJdNP3uiiD2k0Fb/1yEMxo7b4foC/8Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LPi104JNYexes9mJ/f9xDaBEEW3/nZGxpUVGIM3roXE=; b=NmUvE8DonHzznkOOv/3HgAzGaccvLBvDWNFKbg8lISmXprJDzr6g2eFJB7GEbsiEsyfpFBJKg8CqOidQh/nIhFtTNolHpPp/w5qbN/+0SQIX77HuocOF7sZjqZEW2cOMLXoVOyai2T9CnNGEhy2OzBLz4YHI88HBkF9jXYbHBlvHDEuopegH6N8oe1+7Un2eq9GiEQqwhBvaAzhUtmE/vCfiqaDDDg4LzRYj6SCBCqFYWPSG9Ay0Ml4BN8TeTXCYisQCwi+E6P7jTyIQh5KHesJNzP+UZnxS0MY90zlHcWRNKBDUZM6Rv90Nrk5kleIECMS5Gd5IrFzPGUeQN7FWqw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 104.47.59.168) smtp.rcpttodomain=arrcus.com smtp.mailfrom=ndzh.com; dmarc=bestguesspass action=none header.from=ndzh.com; dkim=none (message not signed); arc=none (0)
Received: from SJ0PR13CA0025.namprd13.prod.outlook.com (2603:10b6:a03:2c0::30) by BY3PR08MB7011.namprd08.prod.outlook.com (2603:10b6:a03:369::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.29; Thu, 25 Jul 2024 22:55:50 +0000
Received: from SJ5PEPF00000204.namprd05.prod.outlook.com (2603:10b6:a03:2c0:cafe::3c) by SJ0PR13CA0025.outlook.office365.com (2603:10b6:a03:2c0::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.28 via Frontend Transport; Thu, 25 Jul 2024 22:55:50 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 104.47.59.168) smtp.mailfrom=ndzh.com; dkim=none (message not signed) header.d=none;dmarc=bestguesspass action=none header.from=ndzh.com;
Received-SPF: Pass (protection.outlook.com: domain of ndzh.com designates 104.47.59.168 as permitted sender) receiver=protection.outlook.com; client-ip=104.47.59.168; helo=NAM12-DM6-obe.outbound.protection.outlook.com; pr=C
Received: from obx-outbound.inkyphishfence.com (35.166.188.152) by SJ5PEPF00000204.mail.protection.outlook.com (10.167.244.37) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7784.11 via Frontend Transport; Thu, 25 Jul 2024 22:55:49 +0000
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2168.outbound.protection.outlook.com [104.47.59.168]) by obx-inbound.inkyphishfence.com (Postfix) with ESMTPS id BFFF61023E6; Thu, 25 Jul 2024 22:55:48 +0000 (UTC)
Received: from CO1PR08MB6611.namprd08.prod.outlook.com (2603:10b6:303:98::12) by CO1PR08MB6545.namprd08.prod.outlook.com (2603:10b6:303:92::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.29; Thu, 25 Jul 2024 22:55:37 +0000
Received: from CO1PR08MB6611.namprd08.prod.outlook.com ([fe80::7744:8abd:9769:c2bf]) by CO1PR08MB6611.namprd08.prod.outlook.com ([fe80::7744:8abd:9769:c2bf%4]) with mapi id 15.20.7784.020; Thu, 25 Jul 2024 22:55:36 +0000
From: Susan Hares <shares@ndzh.com>
To: Ketan Talaulikar <ketant.ietf@gmail.com>
Thread-Topic: [Idr] FW: draft-ietf-idr-sr-policy-safi - RTG-DIR Review - Shepherd's review of Directorate reviews
Thread-Index: Adqx9Y0kOZEPXtIKSqGPLZyP8POf4AD72nfgCYgSIwAAtQ7F0A==
Date: Thu, 25 Jul 2024 22:55:36 +0000
Message-ID: <CO1PR08MB661185EB10E981F569698A18B3AB2@CO1PR08MB6611.namprd08.prod.outlook.com>
References: <CO1PR08MB66115AA26BEEFB5850308DBAB3F22@CO1PR08MB6611.namprd08.prod.outlook.com> <CO1PR08MB6611D5F5B09829D2AF5FF1E1B3FF2@CO1PR08MB6611.namprd08.prod.outlook.com> <CAH6gdPyA=cpjR0KUheDakwag=HYW+a-ekqJHBPOvaPcuZQjLKQ@mail.gmail.com>
In-Reply-To: <CAH6gdPyA=cpjR0KUheDakwag=HYW+a-ekqJHBPOvaPcuZQjLKQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-traffictypediagnostic: CO1PR08MB6611:EE_|CO1PR08MB6545:EE_|SJ5PEPF00000204:EE_|BY3PR08MB7011:EE_
X-MS-Office365-Filtering-Correlation-Id: b41d10fb-2ab3-4775-b21e-08dcacfcedc1
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;ARA:13230040|4022899009|366016|376014|1800799024|38070700018;
X-Microsoft-Antispam-Message-Info-Original: EVky0eEyW7XGQq+fDFtbMzflpYTQ5ejUG5lfyUD53SXzc9QFNPBa+MNepMHluWUUNKJSlcpYj0wfdICMm9ATtW5Xg7RSKQ0ZIdrqtHgUBkelgbe3bDHSZ/1Ldzyy2Oi17De5lq85oJ5hK5NVBkKx7MY8qnQiIYZXY+BPFPuEuMXUOsOeF5KRXVDSIQAjsSIPr5+gfNcy/452VPC/416yKELgUJf/ynP9o3Ct/JHCAMM/+yX/dDu9+3YGXK5127riZnbdkkBL21ZdgrzvqLOM9LyvHFkhxoFkQWJgOqZGx6FNL3TUdKrtfT788tJ4b8pe5KinuOMWNyYgAzbpj5HhwhORNPZUphBhbZ+wgHYeKWbmNTechtpjN4itIcMZ2UDgMEgSUR0xrAOkmn4LGst5KV8WuhLa+ZWSSOhTTn3DGrR6Zllq02NrgHbfH6rIdQhRYTiC58HaxOgJ2gqTmRzvdXW9L0yaeuyfeK0/LNDpqWw/nVvP5ndhk/Zrl7WHX31nEuS1PU9S80RK5FL5C7t0u+poo9BuPjFT3sT1VYNp4I9fLfnSK0NCR33/7ZFvG7GpKw+/9m1IFnZFcq2vpwkuzXSGVHURG8WKxm8/PfRgrvOo77E5ha0akfjsw9/4gplucrOMoiYYy9a98a4g64pPjLV84y4KhJIeHogyeSzVO17he00fsJztc3mGPSW0ckCzJH6lwoPEO3ixlnqg9X7ZmfUW/MMXP2OhfEsqnr4Oy01M80JT0wAp/dC5iL9QKSJxTM7r+PMMeApS5aUr74m6CSAFJv2nLqTCHVaYS4faZsheHnRzcqm/pDAEmR6pUEi4CM5vCGHk8wC9azjJFCgqzwH0GPq/roFmjcL7zaFOUitS8wYBdDW6H3SxMSnvLkKdVgDgMKjNOVRWr2DZe7UNHx2jAN56SC8aufrAK8K+wIkRPlJVCXnJG4tqEkKzrCXWcYHSNzh2i6+/vBNR9Oq5wpOZKjTnf7LLGfRfb3M5ZL1fdvtemUYpvJvFBz+FvvYoembVNqym4Q/VaRz1x+o7OGsJR2S+ni31c8qFsWZZpPq/FSIlEo9wqPs3gc59zWoQY7CCsDJMzlSK8DN+iLfO6wDp9NLi/E1A4wv8ueTz9+FVxyh+LlfuC2FUEctVVRzYeZjmwoW/RyQY1N1ycUG1ZhPDCMm8dNu1aFbznK/mC4AC1ssDh2uGF/0y64JNtyi/YdUg5v1U6SxqH+rv9e/VfLUcc0+9c2aB171AXactdPnQL1KugI4X3K//BxIu8IcfI7N2f8HWjz3ZPINXGb3GsDAgYFsYCB4O6sY03P51wJxKGPl+W28ps4UJqytFls7juxU8XGNkHoAkrM2snnA07E4S43m7ki8F17651Y0trec=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CO1PR08MB6611.namprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(4022899009)(366016)(376014)(1800799024)(38070700018);DIR:OUT;SFP:1102;
Content-Type: multipart/alternative; boundary="_000_CO1PR08MB661185EB10E981F569698A18B3AB2CO1PR08MB6611namp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR08MB6545
X-Inky-Outbound-Processed: True
X-EOPAttributedMessage: 0
X-MS-Exchange-SkipListedInternetSender: ip=[104.47.59.168];domain=NAM12-DM6-obe.outbound.protection.outlook.com
X-MS-Exchange-ExternalOriginalInternetSender: ip=[104.47.59.168];domain=NAM12-DM6-obe.outbound.protection.outlook.com
X-MS-Exchange-Transport-CrossTenantHeadersStripped: SJ5PEPF00000204.namprd05.prod.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: b9ccb9c9-1eb0-4621-5321-08dcacfce5f3
X-IPW-GroupMember: False
X-Microsoft-Antispam: BCL:0;ARA:13230040|35042699022|1800799024|4022899009|376014|82310400026|36860700013|11100799051;
X-Microsoft-Antispam-Message-Info: BI4NtkU/ljB8QsH4zAPk4S5hkwBIre8nyDZrWGsf4LixrNzE7EiGHbCC3oVi969QBlspObAZGv6mn39f3NgaJ+LdLlCK31ZP3YfHQJHaZ61ESlk4yrZ+uPvu38O1whJF6mDxTTVyGVtHlNMiRMEMEbkBH3n8JGUvQS64YLkRsOv2r8SuavHGAp7qgm0Rrj8tc0aj/L7I84dUrFk4F36ilOeqcaUN2QzDMVQcjEvIoLfptk/POOReiQCta7nB4+chl8YCWBakvT1roT1mV6Q/mHgTs1lWEkYH3LKMgGaAyGCBtYn1j/NRDR5Ne0XFUgam4d/z3Wq6Bs0HA1Un2f8T/fqKeLHLAAr9hWT/cM03u+OZZyrV83uY077jKCfHsJNmJ/yrcbzANJJQ6EjdlCW0xfuH96S9Tr+3EqBlKNxtK5lU4J438XjB2QHmQLigC/s8m3GWxSo8+uFpWSlml0p9AH8senHzWfm9GNj+oXvabRLvmalRtVVKeb+80Tz22FWnuCI4QnbsmEHLpC9X68/762x3YmzAYms10Zc9NYQiHxFK+7QeTjTcTDKjeks+RIar8dFQb3TYsXKuJLyT6wQLTxoC3VXCRrHbU2rwX/4WyD0iLt223XAcFvkcsUJswn+XRMNeAaqAgWueY8GxTubEsd+jHCRiNBdzpZuQawm5a3zVP7L+p0Jpe7Vl/34Bx963vCCU4KeBs1SQH/z6qwQQtnhhBb+o072GG+iRHTYvf9wGBT0Qhf6mlwt+qUXc1+f8lwSm06njlJZ23ZsplbTHI0mYWSONbYKGGVvKqRfuPVOEOk1ukXl95WA5inE83kUn3yBRmLeTCvWopI9GUMBKbg==
X-Forefront-Antispam-Report: CIP:35.166.188.152;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:NAM12-DM6-obe.outbound.protection.outlook.com;PTR:mail-dm6nam12lp2168.outbound.protection.outlook.com;CAT:NONE;SFS:(13230040)(35042699022)(1800799024)(4022899009)(376014)(82310400026)(36860700013)(11100799051);DIR:OUT;SFP:1501;
X-OriginatorOrg: ndzh.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Jul 2024 22:55:49.9616 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: b41d10fb-2ab3-4775-b21e-08dcacfcedc1
X-MS-Exchange-CrossTenant-Id: d6c573f1-34ce-4e5a-8411-94cc752db3e5
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=d6c573f1-34ce-4e5a-8411-94cc752db3e5;Ip=[35.166.188.152];Helo=[obx-outbound.inkyphishfence.com]
X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF00000204.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY3PR08MB7011
Message-ID-Hash: ADU4C2S64EDA3TCJMLGBKIW3CBR6Q3EF
X-Message-ID-Hash: ADU4C2S64EDA3TCJMLGBKIW3CBR6Q3EF
X-MailFrom: shares@ndzh.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-idr.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "idr@ietf.org" <idr@ietf.org>, Keyur Patel <keyur@arrcus.com>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Idr] Re: FW: draft-ietf-idr-sr-policy-safi - RTG-DIR Review - Shepherd's review of Directorate reviews
List-Id: Inter-Domain Routing <idr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/tlYtJwbNZYNatqUUasbxusHwWeE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Owner: <mailto:idr-owner@ietf.org>
List-Post: <mailto:idr@ietf.org>
List-Subscribe: <mailto:idr-join@ietf.org>
List-Unsubscribe: <mailto:idr-leave@ietf.org>

Ketan:

I’ve pulled to the front the few issues remaining from the routing review.  Two issues had partial resolution of the text.
(S2-02 and S2-03).  We can talk about the text changes.

There are 3 questions, I need clarity on so I can write-up the rest of the shepherd’s report.  You can just answer those in your reply email.

Getting so… close.

Thank you, Sue


Section 2 – partial fixes
S2-02: Section 2.4.2, I-Flag – is partially implemented, how about we compromised on
Old text-05: / The flag
         indicates that the CP is to perform the "drop upon invalid"
         behavior when no valid CP is available for this SR Policy.  .
New-text:/ The flag indicates that the SR Candidate Policy (CP) is to perform
the "drop upon invalid" behavior when no valid SCP is available for this SR
Policy. /
 S2-03, Section 2.4.4, Validation of Segment list
Context of request in text:
The components of the explicit SR Candidate Policy path can be validated during the TEA processing for the following:
·         an empty Segment list for an explicit SR Candidate Policy,
·         a Weight SubTLV of zero, and
·         mixtures of SRv6 and SR-MPLS.

As stated, Section 5 of [RFC9256] does not provide a clear reason why the normal checks within BGP are being ignored for an explicit candidate path. If the "explicit path encoded by the Segment List SubTLV" is either an explicit SR candidate Policy path (tunnel), or a dynamic SR candidate Policy path (tunnel), or a composite SR Candidate Policy path, the text needs to state:
1.       what type of segment lists are being passed by BGP,
2.       why an empty segment list is not being checked, an
3.       why a weight SubTLV with a value of zero is accepted for a valid SR Candidate Policy.

My comment: You have only addressed the weight comment and the empty segment list (A+B)
a)       There are three types of segment lists: explicit, dynamic, and composite.

Just to be sure, there are no “BGP update packet” indicators that the paths are only explicit paths.
 This fact means that composite paths must use a different subTLV than the segment list.
(see draft-jiang-idr-sr-policy-composite-path-00 section – segment list is explicit path, and constitute SR-policy is composite path)

All this one needs is confirmation in response email.  (e.g. “Yes – segment list is only for explicit SR Candidate Paths)

b)      Why are you not checking that the Segment list does not mixed SRv6 and SR-MPLS segment types in the same segment list

Section 5 of RF9256 indicates you will not mix SR-MPLS and SR-v6 segment tyeps:
·         For draft-ietf-idr-sr-policy-safi:  It would be easy to check that Segment type A and Segment type B are not included in the same segment list.
·         For the combination of draft-ietf-idr-sr-policy-safi-05 and d draft-ietf-idr-bgp-sr-segtypes-ext-03, you simply could check indicate which category each segment belongs to.

Old-Text change:
   /The following sub-sections specify the sub-TLVs used for Segment
   Types A and B.  The other segment types are specified in
   [I-D.ietf-idr-bgp-sr-segtypes-ext]./

New text:
   /The following sub-sections specify the sub-TLVs used for Segment
   Types A and B.  The other segment types are specified in
   [I-D.ietf-idr-bgp-sr-segtypes-ext].

   Section 6 of [RFC9256] indicates that SRv6 and SR-MPLS segment types
   cannot be mixed in the same segment list. The following segment types
   are SRv6 segment types (A, C, E, F, I, J, and K). The following segment types
   are SR-MPLS segment types (B, D, G, and H). An implementation should
   check whether these types are mixed in the same segment list./


Answers needed for section 4.
Please answer the questions in issues.  I’ll add these to the shepherd’s review

SR04-01 - Section 4.2.1 - Lack of RT for IPv6
   Why is the RT target not needed fro IPv6 NLRI (2/73)?

SR04-02- Section 4.2.2 - Eligibility for Local Use of an SR Policy NLRI
How is -04 text different than Jeffrey’s assertion (a local RT matches one of the advertised RT)

SR04-03- Section 4.2.2 - - WG discussion Questioned
Restated: Are you using configured IBGP sessions rather than RT to reduce the flooding of information?





From: Ketan Talaulikar <ketant.ietf@gmail.com>
Sent: Monday, July 22, 2024 3:03 AM
To: Susan Hares <shares@ndzh.com>
Cc: idr@ietf.org; Keyur Patel <keyur@arrcus.com>
Subject: Re: [Idr] FW: draft-ietf-idr-sr-policy-safi - RTG-DIR Review - Shepherd's review of Directorate reviews

Hi Sue, The version 05 posted a short while ago includes the changes as discussed below: https://www.ietf.org/archive/id/draft-ietf-idr-sr-policy-safi-05.html I've incorporated all the suggestions pro
External (ketant.ietf@gmail.com<mailto:ketant.ietf@gmail.com>)
  Report This Email<https://protection.inkyphishfence.com/report?id=bmV0b3JnMTA1ODY5MTIvc2hhcmVzQG5kemguY29tL2ZkYzQ3M2FmMTE4MDU2MWUwNTUzZmI1YzMzZDYwZjU0LzE3MjE2MzE4MjUuMjc=#key=b904f5b56109ead401c8fa24f3503a7b>  FAQ<https://www.godaddy.com/help/report-email-with-advanced-email-security-40813>  GoDaddy Advanced Email Security, Powered by INKY<https://www.inky.com/protection-by-inky>

Hi Sue,

The version 05 posted a short while ago includes the changes as discussed below: https://www.ietf.org/archive/id/draft-ietf-idr-sr-policy-safi-05.html<https://shared.outlook.inky.com/link?domain=www.ietf.org&t=h.eJxFzskOwiAUheFXaVjLcKHQ2lVfBRkKsVMAbdT47oobt_fP_XJe6JZmNDQolLLngdLjOEh0xZMtTVQnE-Ld0WipTdoXXAuONuGc8L7N0Txw1j5iJkkoy4xODbpWbXXl-w9M9uoMnOagk8vjap-BmG2h3pq2E9oD9EwqcExK4S_SCGEV87Kl0HFQAnouCe-q6qp6dUWv5TdvnBYd54rVamv9X94fHGpCXA.MEUCIQCFt4fyeNdCrCV351_EO-FsMaJblALgvSKt5y1Qv1jpzgIgLWJMy7oysmSPps2vWFaSabxaFl6oXpWKC_uTIZEO_w8>

I've incorporated all the suggestions provided by you except for a few ones as discussed inline below.

Thanks,
Ketan


On Mon, Jun 3, 2024 at 11:43 AM Susan Hares <shares@ndzh.com<mailto:shares@ndzh.com>> wrote:
Ketan:

Below is my shepherd’s review of the RTG-DIR responses.   Responding on the mail list is fine.   One other option is that we can schedule a 7am PT/ 10am EDT call to work through the issues.  Keyur volunteered to sit on the call to give his perspective.

I’m open at 10am on Tuesday morning (6/4) at 10:00 am – 11:00am  EDT (7:00am PT),  Wednesday (6/5) from 10-11 am EDT (7-8 am PT), or Thursday 9:00 – 10:30am EDT (6-7:30am PT).

Cheers, Sue

=================

RTG-DIR email thread
https://datatracker.ietf.org/doc/review-ietf-idr-sr-policy-safi-01-opsdir-early-nainar-2024-03-04/<https://shared.outlook.inky.com/link?domain=datatracker.ietf.org&t=h.eJxFjstuwyAQRX8lYt0xL2M7WeVXpjDEyA5YA22UVP33lm66PUc6936JD97F5STW1o56kTJgw8boN-IhUYtD4ZsMxUumz0QP6AxSYKgMR9mTf0LFmEBpKEcNiYGQ9ydkTBkZjDIjKAtqlOLtJLY-lan9RrVyy3TWRtYVmeo1h9c6-HKXMfhxthi1XpSbNCnnbHx33towqehGqWejJ6sX4wYz9yr16kYNc_v7fL3dMe091m3o9p98_wCzQ0ti.MEQCIFwjsIWR76HxYDnJROLl_LLCvjmcCiyIAP4f14_6fbiIAiBKy6YRBuUw_CmYJvvWqAHAl5XCK1f2CCsT2F1HEEk2Cw>

Github
https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzksOgyAYBOCrGNZF_EHQuvIqyDs-A5imbXr3FjddzkzyZd7ojAsaKuRzPtJAiAvZn1Ot9pUEky1-OBx0JDpKm_HV_CJOER_7EtQTJ2kDCSmdJqFbheZibSbv0UHDe3EHSpKX0aRx0y9_uVartmPSAvQNF2AazpmduGJMi8bylkBHQTDoKa9pV1RT1NlkueW6fBjdKsNSsLLqsv6bzxfMJUIy.MEUCIQD-Fz46fJ2Kk8iLgIf2w5cx-tIaaR06_oYbTa8arSB30gIgHiMBqL067rn0MgtmNfUJv163ylB_6IpF0icJf8iR5vI>

Open issues from RTG-DIR: Issues 12, 17, 19, 20, 24-27,
Issue 12: https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/14<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzksOgyAYBOCrGNZF_EHQuvIqyDs-A5imbXr3FjddzkzyZd7ojAsaKuRzPtJAiAvZn1Ot9pUEky1-OBx0JDpKm_HV_CJOER_7EtQTJ2kDCSmdJhFo0a1Cc-E2k_fooOG9uAMlycto0rjpl79oq1XbMWkB-oYLMA3nzE5cMaZFY3lLoKMgGPSU17QrqinqbLLccl1ujG6VYSlYWXVZ_83nC26AQsY.MEUCIBb3uUfTm2-wfIenQ_ZR6tFj7wNJi5iygpfbfs4t8GE9AiEAzEY9KPEMMaxuZSmFpDwMIjtfzV8ovhIXQw6trwMjqgw>
Issue 17: https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/19<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzskOwiAYBOBXMZyl9IdCl1NfhbKna4DGqPHdlV48zkzyZd7ojAsabsjnfKSBEBeyP6dK7SsJJlv8cDjoSHSUNuOr-UWcIj72JagnTtIGElI6TSLQo_sNzYXbTN6jg5p3ogdKkpfRpHHTL3_RVqumZdICdDUXYGrOmZ24YkyL2vKGQEtBMOgor2hbVFPU2WS55arcGN0qw1Kwsuqy_pvPF3EtQss.MEQCIF8-i7qTd8egE-HCvjs_mcBl8C8gtwp3ZjlgatlfUhOmAiBwvWcyy_ZVuwBLLY3ClCR-CbFzROyAzdsBElOV1YR6DQ>
Issue 19: https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/21<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzksOgyAYBOCrGNZF_EHQuvIqyDs-A5imbXr3FjddzkzyZd7ojAsaKuRzPtJAiAvZn1Ot9pUEky1-OBx0JDpKm_HV_CJOER_7EtQTJ2kDCSmdJhEK6FahuXCbyXt00PBe3IGS5GU0adz0y1-01artmLQAfcMFmIZzZieuGNOisbwl0FEQDHrKa9oV1RR1NlluuS43RrfKsBSsrLqs_-bzBW1vQsQ.MEYCIQDPX9hQYXyTPw6Nkl9UmGsW2tw_Poffen2Jv7OFnAZj0AIhAJmE3fNMklDth62IMoxHSnU5AfCq7e_3VhTVRYXd1SAm>
Issue 20: https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/22<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzksOgyAYBOCrGNZF_EHQuvIqyDs-A5imbXr3FjddzkzyZd7ojAsaKuRzPtJAiAvZn1Ot9pUEky1-OBx0JDpKm_HV_CJOER_7EtQTJ2kDCSmdJhFK0a1Cc-E2k_fooOG9uAMlycto0rjpl79oq1XbMWkB-oYLMA3nzE5cMaZFY3lLoKMgGPSU17QrqinqbLLccl1ujG6VYSlYWXVZ_83nC234QsU.MEUCIQClfHA03-WHBaFT5fTiSrjxfMtoK2EN6Mo1Kp9Vob3nGwIgFk7T0_bPvOAystcnx4zA2YPyQl9jTjqbHy1VQA8x9Yg>
Issue 24: https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/26<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzksOgyAYBOCrGNZF_EHQuvIqyDs-A5imbXr3FjddzkzyZd7ojAsaKuRzPtJAiAvZn1Ot9pUEky1-OBx0JDpKm_HV_CJOER_7EtQTJ2kDCSmdJhEq0K1Cc-E2k_fooOG9uAMlycto0rjpl79oq1XbMWkB-oYLMA3nzE5cMaZFY3lLoKMgGPSU17QrqinqbLLccl1ujG6VYSlYWXVZ_83nC3AcQsk.MEYCIQDQ7184UCkob-An8Xli2mv5pr9aaTVXks04KyBb1Hh-UAIhAOz_Moiv4CIKMEbfUd-LWQSNz5dJ18Aig9saGY3rQNQ_>
Issue 25: https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/27<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzksOgyAYBOCrGNZFBAStK6-CvKNVA79p2qZ3b7GLLmcm-TIvdKQFDRUKAHseCPERwjHVeruRaMHhu8fRJGKScoDP5htxTnjflqgfOCsXScz5sJmwDl0qNBdutbAlTxvRyytlJAeVbB5X8wwn7YxuO64cpX0jJLWNENxNQnNuZONES2jHqOS0Z6L-qbaoswW1Ql1ujP6m4lKwspqy_pv3B3ClQso.MEQCIFBBV2h2gGneBlKceGmrWyoqOkv4wWkHUMW2DrNhRyN0AiBOwDiAi7mWHocOyGItowdSO7zdLlz9TCDY4ji7pc2JYw>
Issue 26: https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/28<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzksOwiAABNCrNKyl_ArFrnoVyj_9BmiMGu-udONyZpKXeYMzLWBoQCjlyANCPpZwTq3eVxRtcfDhYTQJmaRcgVfzizAneOxL1E-YlYso5nzajKgEtwbMldts2ZMnmEtxJxTloJLN42Ze4aKd0V3PlCNEYi6IxZwzN3HNmBHY8Q6RnhLBiKS8pX1VbVVnW9RW2npj9KuKS8Xqaur6bz5fcS5Cyw.MEQCIAIj9TbjBxEUqgq0bXkdLejGX3GotMdOSs7pd8O--ZxrAiBnfh8IjqWz_7xl2D-vkTklWfocoN6l8ZnDRDXWELeexg>
Issue 27: https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/29<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzskOwiAYBOBXMZylf4FCl1NfhbKna4DGqPHdlV48zkzyZd7ojAsabsjnfKQBwIXsz6lS-wrBZIsfDgcdQUdpM76aX8Qp4mNfgnriJG2AkNJpEtAe3W9oLtxm8h4dqXknekIheRlNGjf98hdttWpaJi0hXc0FMTXnzE5cMaZFbXkDpKVEMNJRXtG2qKaos8lyy1W5MbpVhqVgZdVl_TefL3G3Qsw.MEUCIHEByFbxQPJaj0l9tXIS-9iPKff6UbeFM6KIJ5WtKmguAiEA0FNgRIv-3nTdSIa9B87DvXZI-TIk_0diPekgrGy-mZ8>
Summary of issues:
https://github.com/ietf-wg-idr/draft-ietf-idr-sr-policy-safi/issues/32<https://shared.outlook.inky.com/link?domain=github.com&t=h.eJxFzksOgyAYBOCrGNZF_EHQuvIqyDs-A5imbXr3FjddzkzyZd7ojAsaKuRzPtJAiAvZn1Ot9pUEky1-OBx0JDpKm_HV_CJOER_7EtQTJ2kDCSmdJhFG0a1Cc-E2k_fooOG9uAMlycto0rjpl79oq1XbMWkB-oYLMA3nzE5cMaZFY3lLoKMgGPSU17QrqinqbLLccl1ujG6VYSlYWXVZ_83nC26CQsY.MEYCIQCJWzd-W0JEz6hFjVQ5iDyqxWQuIKCEZh4Pj1Cry-st6gIhAOdGu2AQoXt9_M9TmzKs7QtrR_9NMs8OMmpzYuhdq-me>

Shepherd's Comments on -04 Section 1 - Based on RTG-DIR
status: Editorial, open
Comments: Intro-1, Intro-2, Intro-3 https://datatracker.ietf.org/doc/review-ietf-idr-sr-policy-safi-01-opsdir-early-nainar-2024-03-04/<https://shared.outlook.inky.com/link?domain=datatracker.ietf.org&t=h.eJxFjstuwyAQRX8lYt0xL2M7WeVXpjDEyA5YA22UVP33lm66PUc6936JD97F5STW1o56kTJgw8boN-IhUYtD4ZsMxUumz0QP6AxSYKgMR9mTf0LFmEBpKEcNiYGQ9ydkTBkZjDIjKAtqlOLtJLY-lan9RrVyy3TWRtYVmeo1h9c6-HKXMfhxthi1XpSbNCnnbHx33towqehGqWejJ6sX4wYz9yr16kYNc_v7fL3dMe091m3o9p98_wCzQ0ti.MEQCIFwjsIWR76HxYDnJROLl_LLCvjmcCiyIAP4f14_6fbiIAiBKy6YRBuUw_CmYJvvWqAHAl5XCK1f2CCsT2F1HEEk2Cw>

SR04-Intro-1
Where: Introduction, paragraph 13
Github: RTG-DIR Issues 4 and 5
Shepherd's editorial preference is noted below but the -04 text is technically correct.

Suggested change: /
Old text:/
An SR Policy intended only for the receiver will, in most cases, not
traverse any Route Reflector (RR, [RFC4456]). /
New text:/
An SR Policy intended only for the receiver will, in most cases, not
traverse any Route Reflector (RR, [RFC4456]). (See Section 4.2.3). /

SR04-Intro-2
Section: Introduction, paragraph 14
original issue: RTG-DIR Issue 6
Status: Editorial, open
old text:/
One or more IPv4 address specific format route target extended
community ([RFC4360]) attached to the SR Policy advertisement and
that indicates the intended headend of such an SR Policy
advertisement./
New text: /
One or more IPv4 address-specific format route target extended
community ([RFC4360]) attached to the SR Candidate Policy advertisement and
that indicates the intended headend of the SR Policy
advertisement./

SR04-Intro-3
**-04 text ** /
The SR Policy SAFI route updates use the Tunnel Encapsulation
Attribute to signal an SR Policy - i.e., a tunnel itself./

**New-text:/
The SR Policy SAFI route updates use the Tunnel Encapsulation
Attribute to signal an SR Policy - which is a tunnel itself/

Shepherd's comments on -04.txt Section 2
S2-01: Section 2.4.2, paragraph 2

github issue: RTG-DIR-Issue-14, github 16
Status: Editorial, clarity of text

Original Text: /
It is RECOMMENDED that the SRv6 Binding
SID sub-TLV defined in Section 2.4.3, that enables the specification
of the SRv6 Endpoint Behavior, be used for signaling of an SRv6
Binding SID for an SR Policy candidate path./

New text:/
It is RECOMMENDED that the SRv6 Binding
SID sub-TLV (defined in Section 2.4.3) be used to signal an SRv6 Binding SID
for an SR Policy candidate path./
KT> Retaining the original text since it explains why the SRv6 BSID sub-TLV is recommended.
S2-02: Section 2.4.2, I-Flag

github issue: RTG-DIR Issue-19
Reasons: Technical, RFC9256, Section 8.2 is confusing, CP undefined

Text:/
- I-Flag: This flag encodes the "Drop Upon Invalid" behavior. It
is used by SRPM as described in section 8.2 in [RFC9256]. The
flag indicates that the CP is to perform the "drop upon
invalid" behavior when no valid CP is available for this SR
Policy. In this situation, the CP with the highest preference
amongst those with the "drop upon invalid" config is made
active to drop traffic steered over the SR Policy.

Text in RFC9256 section 8.2 states:

Specifically, the operator does not want the PW to be routed according to the IGP
shortest path to the PW endpoint.



Technical comment: BGP passes to the SRPM a valid SR Policy Candidate Route a specific behavior (I-Flag). Validation of the SR Policy Candidate Route is based on NLRI and TEA checks. The general concept of the I-Flag is given in RFC9256 in Section 8.2 is reasonable, but matching the BGP-SRPM actions is difficult. (See RTG-DIR comments)

Alternate text:/
- I-Flag: This flag encodes the "Drop Upon Invalid" behavior. It
is used by SRPM as described in section 8.2 in [RFC9256]
to define a specific SR Policy (tunnel) forwarding behavior. The
flag indicates that the SR Candidate Policy (SR-CP) is to perform
the "drop upon invalid" behavior when no valid SR-CP is available for this SR
Policy. In this situation, the SR-CP with the highest preference
amongst those with the "drop upon invalid" config is made
active to drop traffic steered over the SR Policy./

S2-03: Validated (Empty)Segment lists, Section 2.4.4 -

github issue: RTG-DIR Issue-19
status: Technical issue: Validating Segment lists
reason: RFC9256 in section 5.1 indicates that

  *   an empty explicit SR Candidate Policy is invalid if it is "empty", has a weight of zero (0), or mixes SRv6 and SR-MPLS types, and other constraints known in SRPM.
  *   a dynamic SR Candidate Policy is only invalid if the "constraints" AND the optimization object cannot be solved,
  *   a composite SR Candidate Path is a combination of explicit and dynamic.

Text-1:/ The Segment List sub-TLV contains zero or more Segment sub-TLVs and
MAY contain a Weight sub-TLV./

Text-2:/ Validation of an explicit path encoded by the Segment List sub-TLV is
beyond the scope of BGP and performed by the SRPM as described in
section 5 of [RFC9256]./

The components of the explicit SR Candidate Policy path can be validated during the TEA processing for the following:

  *   an empty Segment list for an explicit SR Candidate Policy,
  *   a Weight SubTLV of zero, and
  *   mixtures of SRv6 and SR-MPLS.

As stated, Section 5 of [RFC9256] does not provide a clear reason why the normal checks within BGP are being ignored for an explicit candidate path. If the "explicit path encoded by the Segment List SubTLV" is either an explicit SR candidate Policy path (tunnel), or a dynamic SR candidate Policy path (tunnel), or a composite SR Candidate Policy path, the text needs to state:

  1.  what type of segment lists are being passed by BGP,
  2.  why an empty segment list is not being checked, and
  3.  why a weight SubTLV with a value of zero is accepted for a valid SR Candidate Policy.

Suggested change for weight subTLV check:
Change: Technical, validation of explicit SR Candidate Policy.

Current text:/Weight: 4 octets value indicating the weight associated with a
segment list as described in section 2.11 of [RFC9256]. /

New text:/ Weight: 4 octets value indicating the weight associated with a
segment list as described in section 2.11 of [RFC9256].
A weight value of zero (0) is invalid./

S3-04: Section 2.4.4.2.2,

github issue: RTG-DIR-20, github-22
Why: Editorial, Clarity and grammar

-04-txt: /
The TLV 2 defined for the advertisement of Segment Type B in the
earlier versions of this document has been deprecated to avoid
backward compatibility issues./

new text:/
A Segment Type B subTLV with a SubTLV type value of 2 was defined for the
advertisement of Segment Type B in earlier versions of this document but it
was deprecated to avoid backward compatibility issues./
KT> Rephrased.
S2-05: Section 2.4.4.2.2-2.4.4.2.3, Significance of Flags, V Flag

github issue: RTG-DIR-19
status: Technical issue 1: Validity of SR Candidate Routes

Text:/ V-Flag: This flag, when set, is used by SRPM for "SID
verification" as described in Section 5.1 of [RFC9256]./

The "V-Flag" applies to all segment types. It is important to indicate what type of SR Candidate Policy this can be: explicit, dynamic, composite, or all three.

Again, repeating the comment from S2-03:
Validating an explicit SR Candidate route includes validation of the BGP Tunnel Encaps Attribute (TEA) information for the following things:

  *   Non-empty Segment list
  *   non-zero Weight SubTLV
  *   no mixture of SubTLVs between SR-MPLS and SRv6
(SR-MPLS subTLVs are A, D, G, and H. SRv6 subTLVs are: B, I, J, K, non-specified, C, E, F).

Shepherd's comment:
It seems odd to remove validation of the TEA portion of the BGP passed SR Candidate Policy if it is considered an "explicit" candidate route. If it is "dynamic", then how can interoperability be specified without specifying a base set of policy for creating "dynamic route". The only reference in RFC 9256 on those dynamic consideration is the
[draft-filsfils-spring-sr-policy-considerations-09], an expired Internet-Draft.

Shepherd's comments on Section 3 - No issues from RTG-DIR Mail thread

RTG-DIR Mail thread:
https://mailarchive.ietf.org/arch/msg/ops-dir/JFInEGfu1GpIgTuCTWsNMJbGwp0/<https://shared.outlook.inky.com/link?domain=mailarchive.ietf.org&t=h.eJxFjssOgjAUBX-FdK3cXmoBWZEYJZroysR1oS0QnmmLJhr_XevG7UzO5LzIYnqSBaRxbrYZwCDaXpiqae8qbJXT4WRq8AAGW8M027VsDZwOx3Ff6AWL-Vhfl931Zi_nU1k8ZgpkFZDOJ0flvmOkPI23GIFthFE2H-WzCatpAC2rTcKERkwpj1FRzpkuecWYjKnmG8AkwphhGvEwSnxV-WqnnBjd71te-7c-5q309k_eHz8cQ30.MEUCIB4wO5y_TIQW7TFNHTsxOCVbJy4pqi2LoklR9LdoQINqAiEAiVl4Mlj7GpEIzsf06oh_rSWVjCq1cXAo06TSr8z18zs>



RTG-DIR Review: Issues with Section 4
SR04-01 - Section 4.2.1 - Lack of RT for IPv6

github issue: RTG-DIR Issue-24,

Jeffrey Zhang's question: What about IPv6-address specific RT?
https://mailarchive.ietf.org/arch/msg/rtg-dir/E9qyJKHjRpMTNOAXnJo9jVi0nQg/<https://shared.outlook.inky.com/link?domain=mailarchive.ietf.org&t=h.eJxFjssOATEYRl9Fumb-dqpzW7GQCEGIiG1NL1Mz06FTEsS7Uxvbc_KdfC90cw0qBqjy_tIXAC03DXdlZe4yMtKrqHMaAoC21-C8HgnjYJZfH4vl_Ly7rPbrzfRoF11-PhhstxrQcIDqkLTSf8cEsyzJSQx9xZ3sJ1Y8q6jsWlCiHKeUK0IyzBIiMWNUnVhJqUiwYmMgaUwSSrKYRXEaqjJUa-m59b9vEx3ehliwItg_eX8ARttDig.MEUCIA7xO6CgwECbG7wSys6x2hQRyoTMVfozAzYibI9eYoBrAiEA_8_1hR-Bmx4AVzTUqngZgFFgqSsE_-Yq9Bow7Yl8L2Q>

Shepherd's question:
NLRI specified are: SR Policy IPv4 (1/73) and SR Policy IPv6 (2/73).
Why is the RT target not needed fro IPv6 NLRI (2/73)?

SR04-02 - Section 4.2.2 - Eligibility for Local Use of an SR Policy NLRI

github issue: RTG-DIR Issue-25:

text: / If one or more route targets are present and none matches the local
BGP Identifier, then, while the SR Policy NLRI is valid, it is not
usable on the receiver node./

Discussion:
Jeffrey: As long as the receiver is configured with a local RT that matches one
of the advertised RTs, it should be fine, right? That is how VPN RT
works and I suppose the same can be used here.
Ketan (KT): The semantics are different here.
Shepherd's question: How is the -04 text above different from Jeffrey's assertion?

SR04-03 - Section 4.2.2 - WG discussion Questioned

Status: Simply Reporting the RTG-DIR hit the WG Discussion on RTs
text:/  If one or more route targets are present and none matches the local
BGP Identifier, then, while the SR Policy NLRI is valid, it is not
usable on the receiver node./

Short Summary:
Jeffrey: I think it SHOULD remove the RT that matches its BGP identifier and stop propagating if there are no more RTs left, w/o relying on configuration.
(reference: https://mailarchive.ietf.org/arch/msg/rtg-dir/pzT0P9XId3qV3iCd-mgpZUvul7A/<https://shared.outlook.inky.com/link?domain=mailarchive.ietf.org&t=h.eJxFjrsOgjAYRl-FdBb-llJuE8bJzUGNcav0QsPVUhgwvrvWxfWcfCffCy22Q2WAGuemuQTouem4rRuzyshIp6LRavAA-lmDdToUxsK0nfGpuB0FfV6pOYiw19P9si5dtge0C1Drk4N03zHBLE8LEsPccCvnahBbE9VjD0rUSUa5IiTHLCUSM0bVg9WUihQrlgDJYpJSkscsijNflb7aSscH9_tWaf_Wx7wV3v7J-wNHJ0OL.MEUCIHv0BeJ2F8evycIVxTlJ7Gk2sf_bfM-x5886BlmBq93zAiEAk0f4lCwfPc1EEAOc9uib_KDdXj2n-kBLP2IDHeLFmH8>)

Ketan: I can understand where you are coming from and IIRC this option was
discussed at some point of time during the draft's life as a WG document.
The decision at that point was to keep it as an explicit policy option and
to not create an exception in the base BGP propagation mechanism. The way
it works today is that the BGP Identifier matching is done during "import"
into SRPM that is specific to the BGP SR Policy SAFI.


Shepherd:  Reporting that we hit this discussion in RTG-DIR review.

Shepherd's Review of RTG-DIR Comments on Section 5
S04-Section 5 - Issue-1

Status: Technical, open
Issue: Validation of the Tunnel, see RTG-DIR Issue-12 in github

Suggested text addition to section 5 in the following paragraph.
There are changes to the original paragraph (editorial) and an additional set of text.

Paragraph revised (changed text in bold):/
The validation of the TLVs/sub-TLVs introduced in this document and
defined in their respective sub-sections of Section 2.4 MUST be
performed to determine if they are malformed or invalid. The
validation of the Tunnel Encapsulation Attribute itself and the other
TLVs/sub-TLVs specified in Section 13 of [RFC9012] MUST be done as
described in that document. In case any error is detected, either at
the attribute or its TLV/sub-TLV level, the "treat-as-withdraw"
strategy MUST be applied. This is because an SR Policy update
without a valid Tunnel Encapsulation Attribute (comprised of all
valid TLVs/sub-TLVs) is not usable.

Section 6 of [RFC9012] referred to by section 13 of [RFC9012] does not
apply to a TLV associated with the SR Policy NRLI so the Tunnel
Egress Endpoint does not have to exist in the Tunnel Encapsulation
Attribute with the tunnel type SR Policy. As noted in section 2.3,
the Tunnel Egress Endpoint SubTLV is ignored for tunnel Type SR Policy.
Only the SRPM validates the viability of the tunnel signaled through BGP./

SR04 Section 5 - Issue 2

Status: Technical, Reporting concern, Section 5
github: RTG-DIR Issue 27,
text:/ The validation of the individual fields of the TLVs/sub-TLVs defined
in Section 2.4 are beyond the scope of BGP as they are handled by the
SRPM as described in the individual TLV/sub-TLV sub-sections. A BGP
implementation MUST NOT perform semantic verification of such fields
nor consider the SR Policy update to be invalid or not usable based
on such validation./

Comment from RTG-DIR:
Jeffrey: The above says the validation of those in Section 2.4 may lead to
"treat-as-withdraw" - I assume this is BGP handling. Does that not
conflict with the following paragraph?
Ketan: No, it does not. There is a line between what validation is done by BGP
and what is done by SRPM.

Shepherd: The SRPM doing all the checks – is been questions by RTG-DIR and

OPS-DIR.  The text below will go in my Shepherd’s report under the Directorate reviews:



“The RTG-DIR questions the wisdom of not doing minimal checks (like empty segment list or Weight = 0).

The Concept of MUST NOT goes against the normal sanity checks in SR Routing toward BGP-LS.”



The Shepherd again asks the WG to confirm that this behavior it wishes to approve.

_______________________________________________
Idr mailing list -- idr@ietf.org<mailto:idr@ietf.org>
To unsubscribe send an email to idr-leave@ietf.org<mailto:idr-leave@ietf.org>