IETF Logo Mail Archive

Re: [Isis-wg] I-D Action: draft-ietf-isis-l2bundles-06.txt

Eric Rescorla <ekr@rtfm.com> Thu, 25 May 2017 01:49 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3C0A129B30 for <isis-wg@ietfa.amsl.com>; Wed, 24 May 2017 18:49:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8_B4cDNf1NC7 for <isis-wg@ietfa.amsl.com>; Wed, 24 May 2017 18:49:24 -0700 (PDT)
Received: from mail-yw0-x22f.google.com (mail-yw0-x22f.google.com [IPv6:2607:f8b0:4002:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2749D12947C for <isis-wg@ietf.org>; Wed, 24 May 2017 18:49:24 -0700 (PDT)
Received: by mail-yw0-x22f.google.com with SMTP id p73so86412269ywp.0 for <isis-wg@ietf.org>; Wed, 24 May 2017 18:49:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8kQ5tSL3vOadPl9ENHu3/AX3GGdBPes+Wq9FmC931Bg=; b=Z478kXcClredZnkp1H4JIG6fTJ3/QIL64S3iDw10SpuYV4NtzGGdtF4CGU8UpzrYKe vwg/E0zihdwOvCzdFGB8sA0mkT5WM3BPdmQzMYAlQagPQWug5V4UeVAGugqjol2XNFZn uSVC9/a5w59aHP4alIOHraoMRmfx4vKKvEetcXdct1dQ9AgcUEchduqjOIaxSf83+xms 6pPfSOhvAsywt1nOM7P6Rm9l3TYCDIKbHT282lIba0OMfiE8yiEBIiX78N26srRgFlUX ymlxPNQ2rX774bfd6Z6Mutk9JVXfIxkDu6ae+lRk0uNa+k2Wle4IIq+diJCjNn0Y+kpB IcDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8kQ5tSL3vOadPl9ENHu3/AX3GGdBPes+Wq9FmC931Bg=; b=FDS61ufMqhWjhjLpOWWYJe4nOJ97sqQ/QP+5WLDFGtbxHNETyD40DV0LFkRmGWzYDb tAvtabJ5o9xm5M+wlDt0O7VhdTjksecfnztEGWwF3qWICvpNqNz/2COdb6dcUuDQGoHd uiFP9asu4hhbxe8olI085c7ZVRdtav5tSMgsYYbt+z/ZOGa+xfxUeoCQdiyks+DYY4J+ WC7Yab8yktcWFeR84egakZ8bJSv3zu6KWwTK9idhCzBjfBHdQsET6n3rckoVTN+zuGfk p0jZTN7kfe31LIAO0OLuyMoUS+Z9Y13UEpcT66iMHm/1zyFiPVyNqYNWjWDAK1eXlycy lGIQ==
X-Gm-Message-State: AODbwcBcoD7lTvth+0fHIgEvQHY1US/BO98O0iu2vXgX63/Eg6VzWdEb +dS457vB9sT8HM7L52m5g7BFOdziScpt
X-Received: by 10.13.212.1 with SMTP id w1mr28490575ywd.24.1495676963343; Wed, 24 May 2017 18:49:23 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.131.150 with HTTP; Wed, 24 May 2017 18:48:42 -0700 (PDT)
In-Reply-To: <f0893e23975b44228803df5510ad6198@XCH-ALN-001.cisco.com>
References: <149567309799.8624.16080269380002810311@ietfa.amsl.com> <9b951044ae6b4bc69012fffe393ceefc@XCH-ALN-001.cisco.com> <CAHbuEH6fNcTEvt6m5UOk+Qj_+HuzG_HfUpfD=A7zk75xoomtVg@mail.gmail.com> <f0893e23975b44228803df5510ad6198@XCH-ALN-001.cisco.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 25 May 2017 09:48:42 +0800
Message-ID: <CABcZeBNPHaLAOdv=KYnBzMp=XLjq6ifpFUu8Lnyq5Kt-EHatsA@mail.gmail.com>
To: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
Cc: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "isis-wg@ietf.org" <isis-wg@ietf.org>, Mirja Kühlewind <ietf@kuehlewind.net>, Adam Roach <adam@nostrum.com>, Suresh Krishnan <suresh.krishnan@gmail.com>, "Benoit Claise (bclaise)" <bclaise@cisco.com>, "mjethanandani@gmail.com" <mjethanandani@gmail.com>, Alissa Cooper <alissa@cooperw.in>, "Alvaro Retana (aretana)" <aretana@cisco.com>, Ben Campbell <ben@nostrum.com>
Content-Type: multipart/alternative; boundary="001a114fb0f619828905504f6e9d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/isis-wg/GfsoRMTYyU1Qt-kgYWKrdP-3xwQ>
Subject: Re: [Isis-wg] I-D Action: draft-ietf-isis-l2bundles-06.txt
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 May 2017 01:49:27 -0000

I agree with Kathleen here that it would be good to explain why this
document
doesn't introduce new security issues. The document, not this discussion,
serves as the archival record, and so should be sufficient to convince the
reader of this point.

-Ekr


On Thu, May 25, 2017 at 9:39 AM, Les Ginsberg (ginsberg) <ginsberg@cisco.com
> wrote:

> Kathleen -
>
> > -----Original Message-----
> > From: Kathleen Moriarty [mailto:kathleen.moriarty.ietf@gmail.com]
> > Sent: Wednesday, May 24, 2017 6:29 PM
> > To: Les Ginsberg (ginsberg)
> > Cc: isis-wg@ietf.org; Mirja Kühlewind; Adam Roach; Eric Rescorla; Suresh
> > Krishnan; Benoit Claise (bclaise); mjethanandani@gmail.com; Alissa
> Cooper;
> > Alvaro Retana (aretana); Ben Campbell
> > Subject: Re: [Isis-wg] I-D Action: draft-ietf-isis-l2bundles-06.txt
> >
> > Hi Les,
> >
> > On Wed, May 24, 2017 at 9:16 PM, Les Ginsberg (ginsberg)
> > <ginsberg@cisco.com> wrote:
> > > Folks -
> > >
> > > This revision addresses a number of review comments received during
> > IESG review.
> > >
> > > Here are some responses to some of the points raised by reviewers (all
> > reviewers have been copied on this email I hope).
> > >
> > > 1)Security section has been revised.
> > >
> > > 2)* Appendix A: The length value for "L2 Bundle Attribute Descriptors"
> > > under "TLV for Adjacency #2" is wrong. It says 29 but it needs to be
> > > 32
> > >
> > > This has been corrected - thank you Suresh.
> > > I also changed to using RFC5737 approved addresses in the examples.
> > >
> > > 3)Comments provided by Mahesh in his OPS DIR review and cited by
> > > Benoit have been addressed
> > >
> > > 4)Alvaro commented:
> > >
> > >     " I would like to see some discussion related to the "interface"
> with these
> > external entities."
> > >
> > > I have added explicit text indicating this is out of scope. To defend
> this here
> > are several examples:
> > >
> > >    RFC 5305 does not discuss how link attribute information is passed
> to TE
> > applications
> > >    Protocol documents do not define how information is passed to PCE -
> we
> > have PCE WG documents for that
> > >    Protocol documents do not define how link state info is passed to
> > > BGP-LS - we write separate BGP-LS drafts for that
> > >
> > > I hope my response suffices.
> > >
> > > 5)Kathleen Moriarty argued that advertisement of
> > >    o  IPv4 Interface Address (sub-TLV 6 defined in [RFC5305])
> > >    o  IPv6 Interface Address (sub-TLV 12 defined in [RFC6119])
> > >    o  Link Local/Remote Identifiers (sub-TLV 4 defined in [RFC5307])
> > >
> > > exposes new security issues.
> >
> > This was a question as opposed to an argument as I was trying to find all
> > possible security issues to assist with adding a security considerations
> > section.  I do see that path exposure is covered by the security
> > considerations in other is-is documents.
> >
> > >
> > > I disagree.
> > >
> > > Interface addresses are associated with the parent L3 link and are
> already
> > being advertised by IS-IS via existing TE extensions (e.g. RFC 5305, RFC
> 4205).
> > > Link IDs for the L2 Links which are advertised are readily available
> today via
> > network management tools.
> >
> > Will these be referenced then in the security consideration section for
> > completeness as it is still an issue?
> >
> [Les:] I did not do this. It is a difficult model to follow when writing a
> document if one is required to explain everything that is NOT an issue.
> The new statement in the draft says:
>
> "No new security issues are introduced by the protocol extensions
>    defined inn this document.  Security concerns for IS-IS are addressed
>    in [RFC5304] and [RFC5310]."
>
> I believe this is both accurate and complete - and my comments above
> explain why.
>
>    Les
>
> > Thank you,
> > Kathleen
> >
> > >
> > > 6)The shepherd's report and some reviewers have mentioned that there
> > currently is no OSPF equivalent document.
> > >
> > > This statement is true, but I fail to see how this is relevant to the
> progress
> > of this IS-IS draft.
> > > It is often the case that equivalent drafts are written for OSPF and
> IS-IS
> > because the same functionality may be required in deployments using
> either
> > protocol. However we have never linked the progress of the two documents
> > together - it is often the case that one document is written and proceeds
> > before the other.
> > >
> > > I think it would be quite reasonable for OSPF to support equivalent
> > functionality and it may be that someone - based on real deployment
> > requirements (which is what has driven the writing of the IS-IS draft) -
> will
> > write such a draft soon. But why this is deemed an issue for the
> progression
> > of the IS-IS draft is a mystery to me.
> > >
> > > I do want to thank all the reviewers for their time and their
> diligence. I think
> > the document is significantly improved based on your comments.
> > >
> > >    Les
> > >
> > >> -----Original Message-----
> > >> From: Isis-wg [mailto:isis-wg-bounces@ietf.org] On Behalf Of
> > >> internet- drafts@ietf.org
> > >> Sent: Wednesday, May 24, 2017 5:45 PM
> > >> To: i-d-announce@ietf.org
> > >> Cc: isis-wg@ietf.org
> > >> Subject: [Isis-wg] I-D Action: draft-ietf-isis-l2bundles-06.txt
> > >>
> > >>
> > >> A New Internet-Draft is available from the on-line Internet-Drafts
> > directories.
> > >> This draft is a work item of the IS-IS for IP Internets of the IETF.
> > >>
> > >>         Title           : Advertising L2 Bundle Member Link
> Attributes in IS-IS
> > >>         Authors         : Les Ginsberg
> > >>                           Ahmed Bashandy
> > >>                           Clarence Filsfils
> > >>                           Mohan Nanduri
> > >>                           Ebben Aries
> > >>       Filename        : draft-ietf-isis-l2bundles-06.txt
> > >>       Pages           : 17
> > >>       Date            : 2017-05-24
> > >>
> > >> Abstract:
> > >>    There are deployments where the Layer 3 interface on which IS-IS
> > >>    operates is a Layer 2 interface bundle.  Existing IS-IS
> > >>    advertisements only support advertising link attributes of the
> Layer
> > >>    3 interface.  If entities external to IS-IS wish to control traffic
> > >>    flows on the individual physical links which comprise the Layer 2
> > >>    interface bundle link attribute information about the bundle
> members
> > >>    is required.
> > >>
> > >>    This document introduces the ability for IS-IS to advertise the
> link
> > >>    attributes of layer 2 (L2) bundle members.
> > >>
> > >>
> > >>
> > >> The IETF datatracker status page for this draft is:
> > >> https://datatracker.ietf.org/doc/draft-ietf-isis-l2bundles/
> > >>
> > >> There are also htmlized versions available at:
> > >> https://tools.ietf.org/html/draft-ietf-isis-l2bundles-06
> > >> https://datatracker.ietf.org/doc/html/draft-ietf-isis-l2bundles-06
> > >>
> > >> A diff from the previous version is available at:
> > >> https://www.ietf.org/rfcdiff?url2=draft-ietf-isis-l2bundles-06
> > >>
> > >>
> > >> Please note that it may take a couple of minutes from the time of
> > >> submission until the htmlized version and diff are available at
> > tools.ietf.org.
> > >>
> > >> Internet-Drafts are also available by anonymous FTP at:
> > >> ftp://ftp.ietf.org/internet-drafts/
> > >>
> > >> _______________________________________________
> > >> Isis-wg mailing list
> > >> Isis-wg@ietf.org
> > >> https://www.ietf.org/mailman/listinfo/isis-wg
> >
> >
> >
> > --
> >
> > Best regards,
> > Kathleen
>

v2.23.0 | Report a Bug | By Email