IETF Logo Mail Archive

[Idr] Re: WG last call and IPR call for draft-ietf-idr-linklocal-capability (May 13, 2026 to May 27, 2026)

Donatas Abraitis <donatas.abraitis@gmail.com> Thu, 28 May 2026 11:41 UTC

Return-Path: <donatas.abraitis@gmail.com>
X-Original-To: idr@mail2.ietf.org
Delivered-To: idr@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7C717F695CFC for <idr@mail2.ietf.org>; Thu, 28 May 2026 04:41:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1779968504; bh=/8jEEUVCWBSnv6k8U+SqG27xE0f77fODZsN8TW8rBis=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=uSg2cnVnm6T/aUzvC52ILKH1mE9sYVlK+FDf6/+PfWG0hlLNGkEVBOCzkwRq25AY0 nYQDjFo+6VHe9tPmCQWwx96jUlTX3ndX8tL6MEJgoLK4bDzFmyhFau8ATgixkeKjht kdFz/dSArnymiRn9LoAE+Jtw/kI5Ayh/s8k4NF+E=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bUS5R1iVeZsb for <idr@mail2.ietf.org>; Thu, 28 May 2026 04:41:43 -0700 (PDT)
Received: from mail-yx1-xb136.google.com (mail-yx1-xb136.google.com [IPv6:2607:f8b0:4864:20::b136]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id D35C1F695CD4 for <idr@ietf.org>; Thu, 28 May 2026 04:41:41 -0700 (PDT)
Received: by mail-yx1-xb136.google.com with SMTP id 956f58d0204a3-651c5d525f6so12843465d50.3 for <idr@ietf.org>; Thu, 28 May 2026 04:41:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1779968495; cv=none; d=google.com; s=arc-20240605; b=jG/IJl59oR9HBLMf6HSlghbty0QK3dUkYwYziwGAB7K47rcvdyG4F8idpyn/oap5+0 6qpgPpAbgOTv57NV7sxrCWzSVSz1Wwfft4/ysYmDQZrLygymC4A2n15czJqNlnzr35QT X84mWr/feAloKCdTCYQ/k6ea8s/H+EF8IhU505xEj/fBDNINB2pysHYH15L4D6UBvtTe 3TjeeyWgjPRICyaH0mP7Wrx66GwPD6uQb/VzsnjAsjx+DDCd1LSugcLPcyoV2D1G2Xgq TMgWD6t/8f4RmZe8BzGXwnd75F7jm9LIQWI9rvoljj3d5VRBKVmFxZR+KiafL0LSnb4E w/6A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=PDswi6iTtoqcXnn6LVt/4j9EEyFYb6WRNbZwRAFf91s=; fh=JpJ1E9qAsTcnL/oIK9mQfh90itMCKldKPFHuRLNL7j0=; b=kDAWpOZZJQmnjuq34W6V/BXwmUv0ulh3Ll9N7xQ4SxroMuOPhlp579bkNuP3CWWWbG hIhRbKVSXUY7x3bvpewE8Ad7OfzXTYJynRZPQl/oow29RcrvAeMrnTfdGwBDUf6tu0By m83RbVmbX+HVcgriWuSqj3Vvq8d1j5OgwyCnIOEDA9uTieaynqNYjVR9LoNznnvvDzFP /+ADlpXlBcvELPzCWv6evS2l2UFxgEBY8dXITgbYVwD9pfxQs6xBiexltKSEEVFZ1bQh xKb9NioYw2LiGue3gsmyB6rMrJWSqIW3pyxkhBFmt0kiO+rU4tuD6tbX2qvXAp5Qw0h2 FdeQ==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1779968495; x=1780573295; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=PDswi6iTtoqcXnn6LVt/4j9EEyFYb6WRNbZwRAFf91s=; b=LYEhPxA3Vxos3uunIDhaWqZkcmMom17pHEC1Y0aLvLbdVMTdi27SIoQy3vrrZ1yrK8 +H/8TQOi2TiN6tgL3ediK6tGVd6NS4/OfScKQxQYjgBlHw79hXml2ffrupJ5cS12GsCH f924oE9LwwbZD9sWE4i4Fq+MgI9FchPrwsszKtEeJs5RpullHuTync641BaMiIYizcVl zhldHXm3IonhQHXd1UK8agFJ2RUMW2aA4CokEId8KmdxiWBfFoc1oy+dIBtpiywSLIlP O7MMXcT2yvSWAc5U0+SO95ydqJSYFtQuGBgOIIlrjoTRTpWyFCkofmfnot1QKhv7srLN VTwg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1779968495; x=1780573295; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=PDswi6iTtoqcXnn6LVt/4j9EEyFYb6WRNbZwRAFf91s=; b=cxG7NkZgDFPUMTRkApHg1J7jlxozUsoVzosOVhoCb9e8/lBPm+VpLv4Bc9Yr69MdcC 5ew8JMSd98448vktGw0qNMEBSVYQs24eVs/QfzSxpO9aAh29mg5B7V2dJDjZsXOkvu8X GjqZS/MCctckdcobc+Fpt5pNFTRiQBd5vAmFISRx9UdKPp2IKECnTHiFGbifJAFGL6QM hP/YH4Lp66dV/1kq2vN5SuSNAFVLZ9NMjDbVHhh8L8wr/QJ2gEgx8ahvK+78M4Zyuxv+ +kk4biaOvfhge4q8Fxy0prJ8++CDFOYxOdJLNRMdTEXJdxSE6CRCDHJuIzB4GCsIELrK kCFw==
X-Gm-Message-State: AOJu0YyuFYUCtYLVXnS88FIIIehBc12Zuk/MV0TcowB7GUYCcPOCIZmx XF2Jsw3TPmYBud53kOvGIfnib7rcAam2Z+ZPZ2Rm8SLHAtAISaL0vL1nLG3xjgC0S5OlqmEhqGI Gj8EGx/fjsWt3RjI0fA9QFZU0fR/y/nPufjuZ
X-Gm-Gg: Acq92OGyAciBYww3lKNWe5w+7yIAU861LfHuQIsxZvpIy2SWlkqtWMUdeS6eCeRlSt9 4YBg5Nv0LUHideU4VO1PqhDgYGFmpEdnI2Iwf4gKV+Vd+S/pZVnfWIbYxdZb6kpzdKV0reVJbtu mCh4T8KAmb/kJdAycSiQnIBMYrbuA78wPVncyxg6QsjZQhdpKb4huFaQ49Q0NCog7MxndIFKA2w dyzTKsG+5c1akoONvi6STflu+ehmcGoLBLbu5S1mOpfYs66S2Rub0DuZfneYf7tO7FmmeU+s8ex Iq7UKa0QJTfJfHbdp/v58QAEXdY=
X-Received: by 2002:a05:690e:1906:b0:651:b477:71cf with SMTP id 956f58d0204a3-65ec98e0562mr25445365d50.31.1779968494959; Thu, 28 May 2026 04:41:34 -0700 (PDT)
MIME-Version: 1.0
References: <bed8725b9d8845f5b5e3ccbcf26baf66@huawei.com> <CAPD5bNxC5okzk9wsv3HXTiHw=c4iRvPV3rmmyB3RsEYO_OBAfw@mail.gmail.com>
In-Reply-To: <CAPD5bNxC5okzk9wsv3HXTiHw=c4iRvPV3rmmyB3RsEYO_OBAfw@mail.gmail.com>
From: Donatas Abraitis <donatas.abraitis@gmail.com>
Date: Thu, 28 May 2026 14:41:23 +0300
X-Gm-Features: AVHnY4JlEcJaC4z7qFFyKcG4_Vzr6i6Z9VuZYkjk5oEyM-0rNPyWgvLzR_8HcOU
Message-ID: <CAPF+HwUB5TJsd2iHjCN9fj+RA34mVg+fis7t4bD1zdet4soAKw@mail.gmail.com>
To: satya praveen kumar pasalapudi <praveen.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000da81ea0652df3549"
Message-ID-Hash: CHMZFKJ53HBHSB74URMGFFZOT6MVBIYZ
X-Message-ID-Hash: CHMZFKJ53HBHSB74URMGFFZOT6MVBIYZ
X-MailFrom: donatas.abraitis@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-idr.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: idr@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Idr] Re: WG last call and IPR call for draft-ietf-idr-linklocal-capability (May 13, 2026 to May 27, 2026)
List-Id: Inter-Domain Routing <idr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/wOYyYgOFx5t6ASq0yqdRSoPPSeo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Owner: <mailto:idr-owner@ietf.org>
List-Post: <mailto:idr@ietf.org>
List-Subscribe: <mailto:idr-join@ietf.org>
List-Unsubscribe: <mailto:idr-leave@ietf.org>

Thank you for the feedback.

I doubt for "4. Section 9 missing ND security context". We already had a
discussion about kinda this sort of thing and decided to avoid
ND/reachability stuff inside this document (it's kinda related, but not
really to the problem we are trying to solve here).

I addressed all other comments here =>
https://github.com/ietf-wg-idr/draft-ietf-idr-linklocal-capability/pull/35,
does it look good to you?

On Wed, May 27, 2026 at 10:37 PM satya praveen kumar pasalapudi <
praveen.ietf@gmail.com> wrote:

> Hi Jie and Authors,
>
> I am not aware of any IPR related to this draft.
>
> Comments below from an implementation perspective.
> Support publication, with the following points I would like to see
> addressed:
>
> 1. Interaction with RFC 8950 (IPv4 NLRI with IPv6 Next Hop)
>
> -------------------------------------------------------------------------------
> RFC 8950 Section 3 requires the Next Hop field to be 32 octets -- a
> global-or-unspecified address followed by a link-local -- whenever
> IPv4 NLRI is carried with an IPv6 Next Hop.
> Section 3 of this draft introduces a 16-octet link-local-only encoding
> that directly contradicts that requirement.
>
> The draft does not address this interaction. Implementations will diverge.
> Would suggest adding an explicit subsection in Section 4 stating that
> when both this capability and RFC 8950 have been negotiated, a
> 16-octet link-local-only Next Hop is permitted for IPv4 NLRI to a
> directly attached peer.
> Otherwise RFC 8950 Section 3 rules apply unchanged.
>
>
> 2. Receiver-side classification of the 16-octet Next Hop field
>
> ----------------------------------------------------------------------------------
> A length=16 Next Hop may now carry either a Global (per RFC 2545) or a
> Link-Local Next Hop.
> Receivers must disambiguate by inspecting the address, but Section 3
> does not say so normatively.
> The behavior when capability 77 has not been negotiated and a 16-octet
> link-local Next Hop is received is undefined.
>
> Suggested text, after the second paragraph of Section 3:
>
>     A BGP speaker receiving an MP_REACH_NLRI with the Next Hop field
> length set to 16 SHALL classify the address as follows.
>     If the address is in fe80::/10, the Next Hop is a Link-Local-only
> Next Hop as defined in this document, and the Link-Local Next Hop
>     Capability MUST have been negotiated; if it has not, the
> implementation MUST handle the message using the approach of
>     "treat-as-withdraw" (Section 2 of [RFC7606]). Otherwise, the
> address is treated as a Global IPv6 Next Hop per [RFC2545].
>
> 3. Link-Local address lifecycle is not addressed
> --------------------------------------------------------------------
> The draft treats a Link-Local address as a stable property of an
> interface for the lifetime of a BGP session.
> >From an IPv6 stack perspective this is not generally true: operator
> reconfiguration can alter an interface's Link-Local while a session is
> up.
>
> The observable consequences include TCP socket invalidation, stale
> Neighbor Cache entries on peers, and stale third-party Link-Local
> Next Hops on peers that learned the route via re-advertisement.
> These should be acknowledged in the draft.
>
> I would suggest a sentence in Section 1 noting that Link-Local
> addresses are not required to be stable across interface bring-up or
> reconfiguration, and that a change triggers session reset and normal
> re-advertisement.
> Speakers SHOULD NOT advertise a Link-Local address in the IPv6
> tentative state (RFC 4862 Section 5.4).
>
> 4. Section 9 missing ND security context
> --------------------------------------------------------------------
> This capability increases reliance on ND for data-plane forwarding,
> since Link-Local Next Hops are resolved via ND on the bound
> interface rather than via recursive RIB resolution. ND spoofing on a
> shared layer-2 segment can therefore redirect data-plane traffic.
> Section 9 does not mention this or the associated mitigations (SEND
> [RFC3971] or infrastructure-layer ND inspection).
>
> Additionally, the security boundary moves from L3 (where Global Next
> Hops can be filtered at routed boundaries) to L2 (where protection
> depends on per-link controls). Section 9 should acknowledge both the
> ND exposure and this shift.
>
> 5. Graceful Restart interaction
> --------------------------------------------------------------------
> Graceful Restart (RFC 4724) is not addressed in -05. If a Restarting
> Speaker's Link-Local address changes during restart (configured vs.
> running Link-Local mismatch across restart), peers retaining its
> routes as stale will have those routes pointing to the previous
> Link-Local.
> ND resolution fails and forwarding is silently lost until the Restart
> Time expires or new advertisements propagate.
>
> Unlike global next hops, where routing may provide alternative
> reachability, link-local next hops are resolved purely via ND on the
> bound interface -- there is no routing fallback.
>
> A paragraph in Section 6 noting this interaction, or an explicit
> statement that this combination is out of scope, would close the gap.
>
>
> Rgds,
> Satya Praveen Kumar Pasalapudi,
> HPE
> satya-praveen-kumar.pasalapudi@hpe.com
>
>
>
>
> On Tue, May 12, 2026 at 11:31 PM Dongjie (Jimmy)
> <jie.dong=40huawei.com@dmarc.ietf.org> wrote:
> >
> > This begins a 2-week working group last call for
> draft-ietf-idr-linklocal-capability-04. This WG last call ends on May 27th,
> 2026.
> >
> >
> >
> > https://datatracker.ietf.org/doc/draft-ietf-idr-linklocal-capability
> >
> >
> >
> > Please review and provide feedbacks to this last call with an indication
> of “Support” or “Not Support”. For “Not support”, it is appreciated to also
> give explanations and suggestions to resolve them.
> >
> >
> >
> > For the purposes of the shepherd's report and according to IETF BCP
> 78/79, the authors are requested to declare whether they are aware of any
> undisclosed IPR covering this draft. Members of the working group are
> similarly obligated to report any IPR they are aware of as well.
> >
> >
> >
> > Best regards,
> >
> > Jie (as WG secretary & document shepherd)
> >
> >
> >
> > _______________________________________________
> > Idr mailing list -- idr@ietf.org
> > To unsubscribe send an email to idr-leave@ietf.org
>
> _______________________________________________
> Idr mailing list -- idr@ietf.org
> To unsubscribe send an email to idr-leave@ietf.org
>


-- 
Donatas

v2.46.0 | Report a Bug | By Email | System Status