Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)

["Jakob Heitz (jheitz)" <jheitz@cisco.com>]

There's an important difference between rd-orf and RT constraint.
RT-constraint is a POSITIVE filter.
Rd-orf is a NEGATIVE filter.
RT-constraint says :give me X.
Rd-orf says: withhold X.

What's the difference?
Suppose you are an RR and getting the same rd-orf from all your clients.
Then you can propagate the rd-orf back to the source of the routes.
Consider what happens when a new client comes up,
The new client has not (yet) sent the rd-orf.
Therefore you have to retract the rd-orf from the route source to which you propagated it.
The next router on the way to the source may be an ASBR.
It also has to retract the rd-orf it propagated.
And so on.
Then the new client sends the rd-orf.
Now you have to propagate it again.
and so on.
That's a lot of churn.
This churn does not happen with RT-constraint.

Regards,
Jakob.

From: Idr <idr-bounces@ietf.org> On Behalf Of Robert Raszuk
Sent: Sunday, February 14, 2021 3:38 PM
To: Aijun Wang <wangaijun@tsinghua.org.cn>
Cc: idr@ietf. org <idr@ietf.org>; Susan Hares <shares@ndzh.com>
Subject: Re: [Idr] WG Adoption call for draft-wang-idr-rd-orf-05.txt (2/4/2021 to 2/18/2021)

Hello Aijun,

I have been re-thinking over a weekend this entire discussion.

I think I have a suggestion for you which addresses my concerns and I believe also addresses yours (and your co-authors) requirements.

As I said number of times I still suggest we do not send RD to filter. Instead we send tuple RD+RTs and only filter VPN routes on logical AND of all (all as there can be more then one RT importing given route therefore we need to include intersection of local import RTs and RTs carried with "offending" routes).

And to make this easily transitive I recommend we just define a new SAFI for it. We can call it RTC+ or Enhanced RTC as examples. Syntax would be identical to RTC, semantics opposite. Today RTC defines RTs which PEs need. Here we would signal description of subset of those which are "excessive" to be dropped on the peer.

Sending it with ORF say RDRT-ORD (while works p2p)  I do not buy this implicit regeneration hack say at RRs, RRs doing option C or ASBRs performing option B. So sending it in new SAFI IMHO would be much cleaner.

Just a thought how we could perhaps move forward here.

Kind regards,
Robert


On Sat, Feb 13, 2021 at 3:32 AM Aijun Wang <wangaijun@tsinghua.org.cn<mailto:wangaijun@tsinghua.org.cn>> wrote:
Hi, Susan:

Thanks for your suggestions. More responses from the operators are welcome!
We think this mechanism can let the network cope with dynamically the extraordinary scenarios for VPN routes advertisement, especially the inter-AS Option B/C scenarios.
This can certainly encourage the widespread deployment of inter-AS option B/C solution(especially for EVPN/VXLAN, EVPN/SRv6) increase the VPN services coverage and revenue of the operators.

There may be some details procedures and device behaviors need to be clarified further, but this is not unsolvable, considering there are so many experts within IDR WG.

Thanks Robert, Jakob, Jim and Acee for the technical challenges to let us/IDRer understand the solution more clearly.

Aijun Wang
China Telecom