IETF Logo Mail Archive

Re: [Idr] draft-ietf-idr-bgp-attribute-announcement dead on arrival?

Jeffrey Haas <jhaas@pfrc.org> Wed, 12 October 2016 14:15 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38D6B12944D for <idr@ietfa.amsl.com>; Wed, 12 Oct 2016 07:15:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.898
X-Spam-Level:
X-Spam-Status: No, score=-4.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.996, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kGKzNo1-Mrcq for <idr@ietfa.amsl.com>; Wed, 12 Oct 2016 07:15:08 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id D128412946E for <idr@ietf.org>; Wed, 12 Oct 2016 07:07:00 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 620E11E32B; Wed, 12 Oct 2016 10:08:59 -0400 (EDT)
Date: Wed, 12 Oct 2016 10:08:59 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: Job Snijders <job@ntt.net>
Message-ID: <20161012140859.GG22695@pfrc.org>
References: <0E9469C4-2B72-484A-9C93-BC13401F6889@pfrc.org> <003901d21f20$95ece2f0$c1c6a8d0$@ndzh.com> <CAHxMReZQ-t6dFY--CYw-NomyD=Z8uq2p=sjCj99J2Sa6wZDDCw@mail.gmail.com> <012401d22468$5e0bdc40$4001a8c0@gateway.2wire.net> <20161012111417.GN57491@Vurt.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20161012111417.GN57491@Vurt.local>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/uWzOWlnVogPKr4zhOsvF3UbWnPg>
Cc: idr@ietf.org
Subject: Re: [Idr] draft-ietf-idr-bgp-attribute-announcement dead on arrival?
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2016 14:15:09 -0000

Job,

On Wed, Oct 12, 2016 at 01:14:17PM +0200, Job Snijders wrote:
> Regarding draft-ietf-idr-bgp-attribute-announcement itself, I wonder if
> there actually is a need to be able to define an optional transitive
> extended path attribute. We already have a method to do optional
> transitive attributes today, maybe there is no need to provide a new way
> to perform that function.

The base BGP extension mechanism gives us two ways to add new path
attributes:
- Optional-non-transitive: If you don't understand it, you drop it; it
  doesn't get propagated.
- Optional-transitive: It gets propagated, even if you don't understand it.
  The partial bit gets set if you do.  That bit is unfortunately protocol
  noise.

Effectively for most features that need some domain-wide deployment,
optional-transitive is the only real game in town.  For example, your route
reflectors need not understand the attribute if it's only important to your
edges.  This is a generally good property.

What's been problematic is when attributes leave the scope of interest,
probably shouldn't but there's no way to halt them.  The usual example worth
bringing up is attr-128 (RFC 6368).  It's a useful feature in some
deployments, but it's unfortunately also a cautionary tale about the hazards of
deploying code for features that haven't fully gone through the standards
process.

We tend to see the need for attribute scoping more from providers that
provide other BGP enabled services, and also are starting to see some of
this conversation happening in the BGP as a data center control plane
protocol.  Where this conversation tends to hit core service providers the
most is in the perennial issues of "optional transitive nonsense" that takes
down some bit of the Internet.  The BGP error handling RFC significantly
mitigates such issues, but I don't think it totally eliminates it.

It's understood the current proposal is overly coarse, but it was the easy
least-common denominator to start the conversation:
- Scope at confederation boundaries.
- Scope at AS boundaries.

Two additional cases that are somewhat clear from recurring conversations
elsewhere are:
- Scope at AS domain boundary.  Effectively, a confederation of cooperating
  ASes, just not using the confederation feature.  See prior conversations
  about the impact of eBGP AS checks for RFC 4684 (rt-constrain).
- Scope at arbitrary "group" boundaries.  The
  draft-ietf-idr-flowspec-interfaceset work is effectively a form of this,
  but not an exact use-case match.

Arguably, many MPLS VPN control communities such as route-target, etc. also
should have similar scoping considerations since their cleanup when sending
routes from the PE context to the CE context is not automatic in some
implementations.

This conversation is certainly less clear when you restrict yourself to
features wherein an implementation understands the feature.  At that point,
it's a matter of filtering.  But once you change the conversation to "the
implementation doesn't know and thus can at best pass things on", I think
we're at the relevant discussion topics.

-- Jeff

v2.23.0 | Report a Bug | By Email