Re: [Idr] Request to adopt draft-heitz-idr-large-community
Robert Raszuk <robert@raszuk.net> Wed, 07 September 2016 23:29 UTC
Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C1D912B20D for <idr@ietfa.amsl.com>; Wed, 7 Sep 2016 16:29:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dK3fe2vRc67j for <idr@ietfa.amsl.com>; Wed, 7 Sep 2016 16:29:30 -0700 (PDT)
Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EC3B12B23D for <idr@ietf.org>; Wed, 7 Sep 2016 16:29:30 -0700 (PDT)
Received: by mail-wm0-x22f.google.com with SMTP id 72so1339421wme.1 for <idr@ietf.org>; Wed, 07 Sep 2016 16:29:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=QVB2xc/5LZh8+D++Co5Ho7KuhNkpN2cXuM0yn8RtnPA=; b=q9OOdEN71kZAotecIPClaNIlMmv18tWz9B/+jgv8BtuSax1+kBIZnABQyEsAWnurn9 g99S/MmbKiVPaKTftT3/IP4q4nEmvWRurJXtXGsdhVRVHChYFwGyO3kH+dKHV5uflgOe SDkYqthgzhf+/r48cHnhBkY1Aak+4VvmzAu0MD0Mpl7Pb3LxLsexiKkeUSCMbY29WD06 3uRmnfeHcj7vX2T+XwOWrdaT3R3RhJE2somOuc5eiPnaNzvq8b0UIUm6Lx6TZ5DWV6p8 buqXFfjdrdEK4n8KWm15d6kYIxlts4HdNau0DcNdtHxBNJxx6uqztb9wMu1DWtQQYsR8 dUmQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=QVB2xc/5LZh8+D++Co5Ho7KuhNkpN2cXuM0yn8RtnPA=; b=fJkDtlvTND+k09xwo7Ng0cSEeJUb4L6p9DcvPtWwiZdTk9jRh58EBWkRwt6a2A+AyS wbJxjWgAGTy34ThxL0MREgIZf7q1A/s3oSNplp5I2On3dspgWG/n0xQhxN2aMnoO9wdL r1DCh+0PwidSkh/A3EmtO2BVEjSR+qWiJTx8gYnGiF+cfh4crOONe7rFR9Slq7O7bkbd DOsrBMVSvA9MWDuGcMJUI6EROoWoiJ+WsFd8fgFAqg/j54F0S9x3MWFO3U7GoEXyVe0I xskl4r/x/mVRxttlSlyTVwodL87WGp7fmLji0f5PxE8O5TL0QAFvHQhgubV+KxDxDflj NfmQ==
X-Gm-Message-State: AE9vXwOorr29UoEiVdT4WWr7KJ9cP0zg64CkFERVi+k6j0dXiFni2KfBWIc/e9DP0PNvHz6mS3werndKwI/3Ag==
X-Received: by 10.194.89.228 with SMTP id br4mr43048791wjb.187.1473290968431; Wed, 07 Sep 2016 16:29:28 -0700 (PDT)
MIME-Version: 1.0
Sender: rraszuk@gmail.com
Received: by 10.194.60.51 with HTTP; Wed, 7 Sep 2016 16:29:27 -0700 (PDT)
In-Reply-To: <D2565063-A1DE-4AB0-9903-65AA2805D0D3@cisco.com>
References: <20160906113919.GC17613@vurt.meerval.net> <F3BDAC77-FA01-4F90-9BC1-9F2F1B7B6029@ecix.net> <CAHxMReZxtHSHfavDaAm=JrBqQ+UHkbJoai52Zt3rFFSKgp=aLA@mail.gmail.com> <CA+b+ER=QOJXZoZaNhRhiHS2SgE88cBaxOb39eRshyA1TxnQXUg@mail.gmail.com> <20160907161113.GG5423@57.rev.meerval.net> <CA+b+ERmfPrjbsAx42aKH_OVdZnf0WzqS_B1mJ6eTVni7T2s6xg@mail.gmail.com> <D2565063-A1DE-4AB0-9903-65AA2805D0D3@cisco.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Thu, 08 Sep 2016 01:29:27 +0200
X-Google-Sender-Auth: wBPPI3hVU_paPugjFWSZvcQDLlA
Message-ID: <CA+b+ERmT17dvv93edN+O0XU=PmUMWNyyBuKyv-ShjT6g9xO9rg@mail.gmail.com>
To: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
Content-Type: multipart/alternative; boundary="047d7bf10adad309a4053bf3482a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/xMZOlrCTvm229opWpyFjZfeJwmQ>
Cc: idr wg <idr@ietf.org>
Subject: Re: [Idr] Request to adopt draft-heitz-idr-large-community
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2016 23:29:33 -0000
Hi Jakob, To me what you proposed here below is sufficient and covers second sentence: " The meaning of all octets in the large community is to be defined by mutual agreement between the originating and terminating ASes." - - - However while we do not talk about this often in IDR and just leave freedom of implementation let me risk a question what filtering capabilities should be or are expected to be implemented for large communities at the ASBRs ? Q1: In your current implementation can I selectively accept communities only with my AS listed in the first 4 octets and drop everything else ? Q2: If as you say large community is intended to "transit an AS" how do I know the destination/terminating AS will get what real sender sent or intended to sent in the remaining 4:4 ? Q3: Assume the terminating AS as agreed with with originating AS did the job. Should spec enforce (MUST) to strip such community before propagating the route any other EBGP speaker ? Why do we want to trash the Internet with something which by AS-PATH rules should never be needed again (leave alone allowas-in tricks or as-overwrite) ? Thx, R. On Thu, Sep 8, 2016 at 12:39 AM, Jakob Heitz (jheitz) <jheitz@cisco.com> wrote: > Here is how I would treat the first 4 octet so of the large community. > The community is normally used by an ISP to allow a directly connected > customer to express its wishes about how to process the route. In that > case, the first four octets and all octets are totally in control of the > ISP. The ISP has total control of the definition of the octets. If an ISP > is willing to carry communities that are destined to another AS, then it > makes sense for everyone to agree on the encoding of the target ASN in the > community. > I would phrase it like this: > > > The meaning of all octets in the large community is to be defined by > mutual agreement between the originating and terminating ASes. However, if > a large community is intended to transit an AS, then the ASN of the > terminating AS SHOULD be encoded in the first 4 octets of the large > community. > > For example, there is no reason that an invalid ASN (say 0 or 23456) > should be disallowed as long as the intended recipients of the community > understand the meaning. > > Thanks, > Jakob. > > > On Sep 7, 2016, at 1:57 PM, Robert Raszuk <robert@raszuk.net> wrote: > > Hi Job, > > Excellent. > > And my only point was to add that single sentence to the spec when next > rev comes out. > > Suggestion for the sentence to add into bottom of the section 3: > > "The Autonomous System number used within the community field is an Autonomous > System which understands the encoded meaning of the 8 octets which follow > and which is to act on it." > > ... or something along those lines. > > Cheers, > R. > > > On Wed, Sep 7, 2016 at 6:11 PM, Job Snijders <job@ntt.net> wrote: > >> Hi Robert, >> >> On Wed, Sep 07, 2016 at 05:47:27PM +0200, Robert Raszuk wrote: >> > I agree with all statements made by Rob S. >> > >> > Kay's email however triggered the clarification question to the >> > current -03 version. >> > >> > What is the meaning of explicit AS number listed in the first 4 octets >> > of the community. I was under impression that originally it was the AS >> > number in which given community needs to be executed however it seems >> > that this sentence is no longer in the current version of the draft. >> >> The first 4 bytes contain the ASN in which the last 8 bytes have a >> meaning. Its not about what is executed where. Consider the last 8 >> bytes, the 'local opaque data', a namespace of sorts, the first 4 bytes >> indicate who owns that namespace. The owner of the namespace can >> publicly or privately document what the meaning communities are within >> his/her namespace. >> >> I welcome suggestions to improve the text on this aspect. RFC 1997 had >> language like "Global Administrator" and "Local Administrator" - but I >> think that is a somewhat archaic to explain this concept. In -04 we're >> talking about "Autonomous System Number" and "Local Data". >> >> > So it may be unclear if this is AS number inserting this community, if >> > this is target AS to execute it or perhaps like in the case of Route >> > Server is it AS acting as proxy for other ASes it peers with ? >> > >> > The answer could be none of the above - it's all local significant - but >> > then shouldn't it rather use a 4:4:4 description. >> >> What Kay described is that they today with RFC 1997 communities they are >> using a horrible kludge because there is not enough space. >> >> With Large communities, ECIX (AS 9033) could say "Dear customers, if you >> attach 9033:XXX:YYY to your prefix, our routeserver will do A", where >> XXX and YYY are values decided by ECIX. This way, there will never be >> collisions. What XXX and YYY are is up to ECIX, XXX could be the ASN of >> a peer on the route server, YYY could be an identifier which triggers an >> action, such as no-export. >> >> Given the above context and what Kay sent to the list: >> >> > > As we use 65000:XXX, where XXX is the ASN which should >> >> not receive the route, this proposal would give us the option to also >> >> extend the control-mechanisms towards 32-bit ASNs and not just 16-bit >> >> ASNs anymore. >> >> With Large Communities, the above example could be turned into: >> 9033:65000:XXX, where XXX is the ASN which should not receive the route. >> Suddenly they aren't overloading a Global Administrator field with a >> private ASN! :-) >> >> ECIX (and other Route Server operators) gain two advantages: There won't >> be a risk of collision because its in their own namespace, (in ECIX's >> case '9033'), and XXX can be a 4-byte value, meaning they can target >> 4-byte ASNs, which is something they cannot do today but clearly want to >> do for consistency. >> >> It is important to recognise that it is up to ECIX to decide how they >> use the 8 bytes of data available to them. They can put ASNs in there >> directly, or use a mapping table, or throw a dice and just publish which >> value means what on their Route Server. It is entirely opaque. >> >> Kind regards, >> >> Job >> >> ps. Large Communities' expiry date will be the moment the IETF starts >> working on 8-byte ASNs. If that ever happens, we'll hopefully remember >> this thread. >> > > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr > >
- [Idr] Request to adopt draft-heitz-idr-large-comm… Job Snijders
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Nick Hilliard
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Jared Mauch
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Van De Velde, Gunter (Nokia - BE)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… marco
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Eduardo Ascenço Reis
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Mark Schouten
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Paul Hoogsteder
- Re: [Idr] Request to adopt draft-heitz-idr-large-… i3D.net - Martijn Schmidt
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Greg Hankins
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Acee Lindem (acee)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Bertrand Duvivier (bduvivie)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Barry O'Donovan
- Re: [Idr] Request to adopt draft-heitz-idr-large-… heasley
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Grzegorz Janoszka
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Linda Dunbar
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Marco Davids (IETF IMAP)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Gaurab Raj Upadhaya
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Teun Vink
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Jeff Tantsura
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Theodore Baschak
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Pier Carlo Chiodi
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Nabeel Cocker
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Dickinson, Ian
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Jan Baggen
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Dunc
- Re: [Idr] Request to adopt draft-heitz-idr-large-… David Farmer
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Job Snijders
- [Idr] Moderating "+1" messages John G. Scudder
- Re: [Idr] Request to adopt draft-heitz-idr-large-… David Farmer
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Randy Bush
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Jakob Heitz (jheitz)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Henderickx, Wim (Nokia - BE)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Kay Rechthien
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Stefan Plug
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Rob Shakir
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Robert Raszuk
- Re: [Idr] Request to adopt draft-heitz-idr-large-… heasley
- Re: [Idr] Request to adopt draft-heitz-idr-large-… David Farmer
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Job Snijders
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Adam Davenport
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Robert Raszuk
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Warren Kumari
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Gert Doering
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Thomas King
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Jakob Heitz (jheitz)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Robert Raszuk
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Jakob Heitz (jheitz)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… bruno.decraene
- Re: [Idr] Request to adopt draft-heitz-idr-large-… bruno.decraene
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Jakob Heitz (jheitz)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… bruno.decraene
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Jakob Heitz (jheitz)
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Mikael Abrahamsson
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Wesley Steehouwer
- Re: [Idr] Request to adopt draft-heitz-idr-large-… brad dreisbach
- Re: [Idr] Request to adopt draft-heitz-idr-large-… niels
- Re: [Idr] Request to adopt draft-heitz-idr-large-… John G. Scudder
- Re: [Idr] Request to adopt draft-heitz-idr-large-… Tom Daly