Re: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt

"Ketan Talaulikar (ketant)" <ketant@cisco.com> Wed, 20 November 2019 23:27 UTC

Return-Path: <ketant@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 621A81200B7 for <idr@ietfa.amsl.com>; Wed, 20 Nov 2019 15:27:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.498
X-Spam-Level:
X-Spam-Status: No, score=-14.498 tagged_above=-999 required=5 tests=[AC_DIV_BONANZA=0.001, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=B+asdkHl; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=05R1lnaq
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hQe7QEwmmXG3 for <idr@ietfa.amsl.com>; Wed, 20 Nov 2019 15:27:26 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56BE912089D for <idr@ietf.org>; Wed, 20 Nov 2019 15:27:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=16552; q=dns/txt; s=iport; t=1574292446; x=1575502046; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=qQhKoMa5d8gUdxod2iFwrnK6pcDMkWZYSmX6MZ386iM=; b=B+asdkHloAMXnEJ2kin+BVuxhIGiBd+0FpDpDvV5ABh/oVLfKEIN4j5r ZafjySKq+36BnengOD+NA4sxxUM2dTuHzN0gfJf1ai1qCUprETZaUgBDu dvuYFettYwOyTinybY1Iyxmkio+r3YZudp/WQlKRV80L194kt0+sJSOer I=;
IronPort-PHdr: =?us-ascii?q?9a23=3AE0zZLREzR8jrSfJb5evPm51GYnJ96bzpIg4Y7I?= =?us-ascii?q?YmgLtSc6Oluo7vJ1Hb+e4w3Q3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNV?= =?us-ascii?q?cejNkO2QkpAcqLE0r+ef3ncyU8AOxJVURu+DewNk0GUMs=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0A3AAB3ytVd/51dJa1lGgEBAQEBAQE?= =?us-ascii?q?BAQMBAQEBEQEBAQICAQEBAYFtAgEBAQELAYEbL1AFbFggBAsqhCqDRgOKa4J?= =?us-ascii?q?ekx6EYoJSA1QJAQEBDAEBLQIBAYRAAheCECQ3Bg4CAw0BAQQBAQECAQUEbYU?= =?us-ascii?q?3DIVRAQEBAQMSEQoTAQE3AQ8CAQgOAwQBASgDAgICMBQJCAIEAQ0FCAwOgwG?= =?us-ascii?q?BeU0DLgGkNQKBOIhgdYEygn4BAQWFDxiCFwmBNgGMFRiBQD+BEUaCTD6ERzS?= =?us-ascii?q?CWjKCLJAVhUiYVQqCK4xAiSqCPpdWjkiBQZhLAgQCBAUCDgEBBYFoIzeBIXA?= =?us-ascii?q?VgydQERSGRoNzilN0gSiQDgEB?=
X-IronPort-AV: E=Sophos;i="5.69,223,1571702400"; d="scan'208,217";a="669366627"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 20 Nov 2019 23:27:25 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id xAKNROnc009215 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 20 Nov 2019 23:27:25 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 20 Nov 2019 17:27:24 -0600
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 20 Nov 2019 17:27:24 -0600
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 20 Nov 2019 17:27:23 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G1aZN1dMU0uDmze5ssvbtInS2xhLsenj7wEMOzV+IkK1xE4Sq6eN8oR1K/38Gsobz64aW+Up+iMMYU5QcsSsxYKR4akgKqd91zFN9Bbdy/4Z3rx/66H4+Fz0AZVUN3DuNxkyVU8bVxZUOyYyPteXzcwM2OOhCdzMHc6b/wkEdvnxfe8eaZXbjzrT0GIdTtkZ2bp4V3iUNUKqu9tb8v1FRob37Fm78yzmahy6VTrccaJGd4e6uKV1SHvs/CDAB7WNkDISVJLG5nQALbu5gzPMP8qNwUCdWCOEk2i4enFzcdDLmmPJSCaAdsXeRmj9Hqe4GP1+fKQQUFW1XxXkPg0ptA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qQhKoMa5d8gUdxod2iFwrnK6pcDMkWZYSmX6MZ386iM=; b=KjUSLDbREo1/FA2xqX/v9EDRklSYAqlInfvjdbGE948pAIw5wfzbr7izntToMkfYA92kmubv8tNlMgZXavw+w46Tb1nU5sGDLQ0uGVFeRSFHkwQDB0xz81HTGWYU3BgjVj7i9O2V7oqFjpdXNHUXukxWffy/T3BEpwqcjLaFW4EyVDqD5FMefLR1VkdhmCaBoOysXhPiECyjedfUrwOTMXxtofmKA+ZMEx9AiF9GH1G8pLUElwKIUazKjO5Wmy9RT92asTI/DEvwrtpWS5qtJKzs9KiQVwX89EHVcBW/BMOAcDb6an6JoXaBug5WmGN7h5Kn/FN0jt7Hw1bVvZF+ZA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qQhKoMa5d8gUdxod2iFwrnK6pcDMkWZYSmX6MZ386iM=; b=05R1lnaqC9S+SiEJZ2ZAHNzPjTDTJvH+id1k2dXuWI3UKHq3EwEp9aMrMC/0d5pzZRynG2wLGXO1I4m1oadGQWBpj4i3SlmMHwRP8jFAbRRl5bnEeKxaZIYGvGYdZqWMTDUZnqaWD963x3y8CmTJtxD6RAAkLiDDzub3ygrWFUw=
Received: from CY4PR11MB1541.namprd11.prod.outlook.com (10.172.68.150) by CY4PR11MB1991.namprd11.prod.outlook.com (10.173.17.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.30; Wed, 20 Nov 2019 23:27:23 +0000
Received: from CY4PR11MB1541.namprd11.prod.outlook.com ([fe80::d3a:84a6:be65:e33f]) by CY4PR11MB1541.namprd11.prod.outlook.com ([fe80::d3a:84a6:be65:e33f%11]) with mapi id 15.20.2451.031; Wed, 20 Nov 2019 23:27:23 +0000
From: "Ketan Talaulikar (ketant)" <ketant@cisco.com>
To: Przemyslaw Krol <pkrol@google.com>, Robert Raszuk <robert@raszuk.net>
CC: "idr@ietf.org" <idr@ietf.org>, Prakash Badrinarayanan <prakash@arista.com>, Manoharan Sundaramoorthy <manoharan@arista.com>
Thread-Topic: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt
Thread-Index: AQHVnqIyRXgT11tsQk2IdX+1xczyjKeSIKDggACT7gCAAHQ9cIAAH7yAgADU3YCAAHsfgIAAHclQ
Date: Wed, 20 Nov 2019 23:27:22 +0000
Message-ID: <CY4PR11MB154160CA1383D9E9B1023BC2C14F0@CY4PR11MB1541.namprd11.prod.outlook.com>
References: <157414471256.14003.6244444687150312939@ietfa.amsl.com> <CY4PR11MB1541D63781E529E2B2613F05C14C0@CY4PR11MB1541.namprd11.prod.outlook.com> <CAE+itjeJzygag3K4bA=KpDQgNie7shG8Z47YpMjfjMFF7aq=Tg@mail.gmail.com> <CY4PR11MB15414543EC96BB90BC1167D8C14C0@CY4PR11MB1541.namprd11.prod.outlook.com> <CACH2EkUjd6DDbD9m+rEsAzi+OL1+Q=Q0jEfhPej7d2N73wnL7Q@mail.gmail.com> <CAOj+MMF81zQbnb3vNBQfmEW6_wB4L3X9TV=NQNrhZCZya9+tJg@mail.gmail.com> <CACH2EkUfMgQK8rEtPKR_R1ubPz4yi_X=Cd4_8OFsz5hDhSjWxQ@mail.gmail.com>
In-Reply-To: <CACH2EkUfMgQK8rEtPKR_R1ubPz4yi_X=Cd4_8OFsz5hDhSjWxQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ketant@cisco.com;
x-originating-ip: [2001:420:c0d4:1002::1f]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7f817afd-36e3-4166-25d4-08d76e113220
x-ms-traffictypediagnostic: CY4PR11MB1991:
x-microsoft-antispam-prvs: <CY4PR11MB199137BD2BA4B098CC5BF63FC14F0@CY4PR11MB1991.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 02272225C5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(396003)(39860400002)(376002)(366004)(346002)(199004)(189003)(6506007)(54896002)(76176011)(53546011)(6116002)(25786009)(14454004)(54906003)(446003)(11346002)(476003)(110136005)(2906002)(4326008)(8676002)(7696005)(74316002)(86362001)(64756008)(186003)(102836004)(66476007)(66556008)(66446008)(14444005)(66946007)(99286004)(76116006)(52536014)(7736002)(81156014)(256004)(316002)(6246003)(236005)(81166006)(6436002)(55016002)(8936002)(33656002)(478600001)(46003)(486006)(71200400001)(5660300002)(790700001)(71190400001)(9686003)(229853002)(6306002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR11MB1991; H:CY4PR11MB1541.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: RUHAWQgPhuEOgOQYszTjYFSETVbs1DEHcFyASXRgDKo6UiPrJwBEbvw8F+SdzG5DSnJA5AgcfoaYuDgOL2kS5e0H8ySTmMDqj0adRY45Fp/LX3j3QtyNxWY0XVTwMI8XoMDnCm7IDkqqOMZBIbff1s+XMg4pP2EW+UEzhAHH7PMCcWb5sL6dY9CrwOmZGH7EMeklSPZLmsMvC6wc8pRMWISClnJYs+Zvna9jtYrRcZrnNrQiudYVfDnE5FuxScCkz6lYilvx+ej5FezShKGmgGKc7e+bGJWkMznEKlQvGKZxAnsPTN/26vlkC3LgPSVOvzj7LbdpLLw71Ini1MX0HnFnJsjIvZmhp5bX5WjLP9RB2yEaG+0NAolYoMqhFGC/fuqHHycpmxGU3wpoFCkFRhOd2rCloYicyLChzCabqLh1sJd30Nk4Iijk/rNuuLQM
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_CY4PR11MB154160CA1383D9E9B1023BC2C14F0CY4PR11MB1541namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 7f817afd-36e3-4166-25d4-08d76e113220
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Nov 2019 23:27:22.9652 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: WZnzqhl56xCtgAmmtmb2wCSln7xLUNLDa9Pdh7Cgy50NYkjwnjeiqc8W/geUQ0nnZS5GPs+PO5ZAHTqExqILMw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB1991
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/wLHx4_uXeGP8xc3J_Z3dFZq8b5Y>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 23:27:31 -0000

Hi PK,

I will make the text change for the community part as discussed below in the next update.

Thanks,
Ketan

From: Przemyslaw Krol <pkrol@google.com>
Sent: 21 November 2019 05:39
To: Robert Raszuk <robert@raszuk.net>
Cc: Ketan Talaulikar (ketant) <ketant@cisco.com>om>; idr@ietf.org; Prakash Badrinarayanan <prakash@arista.com>om>; Manoharan Sundaramoorthy <manoharan@arista.com>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-segment-routing-te-policy-08.txt

Hi Robert,

Why ? IMO when both present is a valid case as RT can be used locally for import as well. RT ext-community and NO_ADV community are pretty orthogonal and serve different purposes.

That's a good point, although in SRTE, NO_ADVERTISE community has a special meaning on top of the "normal" propagation limitation.  Draft says 'either OR' so, in my opinion, this implies 'AND' is not acceptable. If that's the case, then NLRI should be dropped. If, on the other hand, both are acceptable, then it should probably state 'either RT or NO_ADVERTISE ot both'.

Say when you are on RR suppressing IBGP would be a spec bug :).

Fair enough. I was reading the previous version as 'by default don't propagate but you may' and was only curious why IBGP vs EBGP distinction was made in this version. Security aspect does sound like a good justification for it.

thanks,


On Wed, Nov 20, 2019 at 10:18 PM Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>> wrote:
Przemek,

and clearly states the behavior when both are missing (policy not accepted).. Do you see a value in stating the behavior when both are present? Based on the above wording this would deem policy not acceptable and in consequence neither accepted locally not propagated down (must not accepted, not necessarily usable, in order to propagate as stated in the following section). Should it be clearly stated as erroneous condition?

Why ? IMO when both present is a valid case as RT can be used locally for import as well. RT ext-community and NO_ADV community are pretty orthogonal and serve different purposes.

4.2.4. Propagation of an SR Policy

It seems that the original wording was referring to just BGP when addressing the default propagation. In the current version, there is a distinction between EBGP (do not propagate) and IBGP (propagate). What is the reason for such distinction?

Say when you are on RR suppressing IBGP would be a spec bug :).

Thx,
R.




--
Przemyslaw Gniewomir "PK" Krol |
  Network Engineer
ing | pkrol@google.com<mailto:pkrol@google.com>