IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt

Enke Chen <enkechen@cisco.com> Sun, 09 December 2012 18:26 UTC

Return-Path: <enkechen@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF81921F8681 for <idr@ietfa.amsl.com>; Sun, 9 Dec 2012 10:26:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LnKoI9aoJZJk for <idr@ietfa.amsl.com>; Sun, 9 Dec 2012 10:26:53 -0800 (PST)
Received: from mtv-iport-4.cisco.com (mtv-iport-4.cisco.com [173.36.130.15]) by ietfa.amsl.com (Postfix) with ESMTP id 3D7E221F85C6 for <idr@ietf.org>; Sun, 9 Dec 2012 10:26:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3260; q=dns/txt; s=iport; t=1355077613; x=1356287213; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=lIwtTd6frMN/KpkuzJ0vAoONkScALERWAwCaQA7hLko=; b=T+U9+V9C6/Y0Y/eVdaDe3qe1C7nbCCwxr9s3LbsMH1jYGxcr0w/KGdMf kMqWxodll1MWurZQ65P1AKPQ/40gAvCP1tYRoDwle+Bc5VX668ay+Gr4w M7n7LvpQrugC1B8xvfGFeEyT+lFmuBQcfEYOZF1H+AsfMwjP0/x3ZWVgq g=;
X-IronPort-AV: E=McAfee;i="5400,1158,6921"; a="66045164"
Received: from mtv-core-3.cisco.com ([171.68.58.8]) by mtv-iport-4.cisco.com with ESMTP; 09 Dec 2012 18:26:53 +0000
Received: from [10.21.150.107] (sjc-vpn7-1643.cisco.com [10.21.150.107]) by mtv-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id qB9IQq0N031228; Sun, 9 Dec 2012 18:26:52 GMT
Message-ID: <50C4D7EC.4070309@cisco.com>
Date: Sun, 09 Dec 2012 10:26:52 -0800
From: Enke Chen <enkechen@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:15.0) Gecko/20120907 Thunderbird/15.0.1
MIME-Version: 1.0
To: Chris Hall <chris.hall@highwayman.com>
References: <20121121191321.6164.6887.idtracker@ietfa.amsl.com> <50AD2986.90705@cisco.com> <058b01cdd3b4$9f5193b0$ddf4bb10$@highwayman.com> <8ED5B0B0F5B4854A912480C1521F973A0F4940@xmb-rcd-x13.cisco.com> <94913EE5-2864-4EE2-B474-9631430B1E22@ericsson.com> <068701cdd478$2cf01cf0$86d056d0$@highwayman.com> <CAEGVVtBy-zdLz8hVajLnuAqgzfgQHrseK4r-N9=pOZGtqV7LbA@mail.gmail.com> <CAH1iCipfup-GEeJduBti_KHvX1pUZfmZLA3Zz5Y9Aw9xV3fQ9w@mail.gmail.com> <079901cdd601$9901b630$cb052290$@highwayman.com>
In-Reply-To: <079901cdd601$9901b630$cb052290$@highwayman.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: idr@ietf.org
Subject: Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Dec 2012 18:26:54 -0000

Hi, Chris:

As I replied before,  the receiver knows from parsing the path 
attributes whether the MP_REACH_NLRI and/or MP_UNREACH_NLRI is the first 
attribute in an UPDATE message.  It does not need a new capability to 
make that determination.

-- Enke

On 12/9/12 3:37 AM, Chris Hall wrote:
> Brian Dickson wrote (on Fri 07-Dec-2012 at 23:13 +0000):
>> I see the high-level problem Chris describes, and think maybe
>> it requires discussing possible ways of removing
>> doubt/ambiguity over successful parsing of such MP_REACH
>> and MP_UNREACH attributes.
> My suggestion, for minimal change to the protocol, would be a new
> capability which would carry the undertaking that:
>
>    * when sending MP_UNREACH_NLRI and/or MP_REACH_NLRI
>      they will be the first attribute(s), and will
>      appear in that order.
>
>    * the ORIGIN attribute will be the first attribute,
>      or will follow any NLRI attributes.
>
>      Which deals with the absence of one or both NLRI
>      attributes.
>
> A receiver in possession of this new capability knows that, once it
> has seen completely valid versions of these leading attributes, it can
> tolerate any malformation of the following attributes, or absence of
> essential attributes, etc. and "treat-as-withdraw".
>
> The ORIGIN attribute has the value 0x0X 0x01 0x01 0x0Y -- where X is
> supposed to be 0 and Y MUST be 0, 1 or 2.  This pattern is,
> effectively, and "end-of-NLRI-attributes" mark.
>
> If the new capability also meant that this attribute would always be
> output with extended length and guaranteed X = 0, then the receiver
> would expect to see 0x10 0x01 0x00 0x01 0x0Y -- which is a little more
> unique, and offer a little more assurance that the attributes so far
> are completely valid.  (But this is not essential)
>
> (The new capability could also mean that IPv4 Unicast will not appear
> both in the body of the message and in NLRI attributes -- but that is
> not essential, either.)
>
> If the sender misbehaves, and sends any NLRI attribute after the
> ORIGIN then:
>
>    a) if it is not a repeat attribute then...
>
>         ...accept, but turn off the capability ?
>
>         ...treat as a repeat ?
>
>    b) if it is a repeat attribute then...
>
>         ...session-reset, as per draft ?
>
>    c) if the extra attribute is hidden by a preceding
>       broken attribute then...
>
>         ...the change to the relevant NLRI is lost.
>
> The last case is BAD: the receiver will "treat-as-withdraw" the NLRI
> it can see, but not those it cannot.  The risk here may be deemed
> ignorable -- but needs to be assessed.
>
> For all code which deals with BGP updates -- BGP speakers or analysers
> of BGP streams etc -- the only change here is the new capability;
> UPDATE messages will have attributes in a particular order (and
> perhaps take a particular form) but are entirely RFC4271 compliant.
>
> That leaves the question of what the receiver does in the absence of
> the new capability... but that's another story, for another day.
>
> Chris
>     
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr

v2.23.0 | Report a Bug | By Email