IETF Logo Mail Archive

Re: [Lsr] Benjamin Kaduk's Yes on draft-ietf-lsr-isis-invalid-tlv-02: (with COMMENT)

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Mon, 13 July 2020 23:05 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DCFE3A03FA; Mon, 13 Jul 2020 16:05:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.609
X-Spam-Level:
X-Spam-Status: No, score=-9.609 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=gfCN2d9u; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=i3RG8Lqo
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wMI5zP45f-ES; Mon, 13 Jul 2020 16:05:38 -0700 (PDT)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3190D3A00E4; Mon, 13 Jul 2020 16:05:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=27744; q=dns/txt; s=iport; t=1594681538; x=1595891138; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=+lLbHVrmLRhn2DU+KDKw9dK9qUqBxi7dKLfESVzw8yQ=; b=gfCN2d9uUThzB1V4J4PVKBsZg7dmFhBILhTBMS14YyHTHz4obgcvo71j LuubtxJubobcA8xiknEbm99ndZfKnBRgbMY68aKkYWpB35xyQkU/SafV8 Ag2UVGYDDeJn3q5LFpAmVFeFmcf0jSXq5HymYu8Hmbf2ZY91ozPyByw68 s=;
IronPort-PHdr: 9a23:6wlhwR8tgGI3UP9uRHGN82YQeigqvan1NQcJ650hzqhDabmn44+7ZRSN4PRxylLFQNaT5/FFjr/QtKbtESwF7I2auX8POJpLS1ceiMoQkgBhZazNCUDyIPPwKSBvGsNEWQxg/m39PERIS47yYlTIqSi06jgfUhz0KQtyILHzHYjfx8S63uy/4dvdeQJN0TG8erh1ah6xqFbc
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0APAAD25wxf/5FdJa1gDgsBAQEBAQEBAQEBAQEBAQEBAQESAQEBAQEBAQEBAQEBgXgCAQEBAQELAYEiLyMuB29YLyyEM4NGA41SigKOXIEuFIERA1UDCAEBAQwBASMKAgQBAYRMAheCAwIkNgcNAQIDAQELAQEFAQEBAgEGBG2FWwyFbwEBAQECARIRChMBATAHAQQHBAIBBgIRBAEBKwICAh8RHQgCBAENBQgagwWBfk0DDiABDo4KkGgCgTmIYXaBMoMBAQEFgUZBgy4NC4IOAwaBOAGCaYNVgi+EBBqBQT+BEUOCTT6CGkICAQIBgSYBEgEjK4JpM4Itjy8ngjABPIZIgxKIKo9dL00Kgl2IUYwXBIUNgnSJNpMAkWyBZYg9gluRdwIEAgQFAg4BAQWBWQEzZ1gRB3AVgyRQFwINjh4MF4NOhRSFBD50AjUCAwMBBwEBAwl8jQktghcBAQ
X-IronPort-AV: E=Sophos;i="5.75,349,1589241600"; d="scan'208,217";a="511963873"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 13 Jul 2020 23:05:36 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com [173.37.102.12]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 06DN5auu016454 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 13 Jul 2020 23:05:36 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-RCD-002.cisco.com (173.37.102.12) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 13 Jul 2020 18:05:36 -0500
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 13 Jul 2020 18:05:36 -0500
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Mon, 13 Jul 2020 18:05:35 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aUF4iZH38tczQgyEG+JYL9CPNKEumRXUA/IFbBuz4c+09puE6hnGYL32VXNTnjd+s8PuJZQHDr2U8QWAotoFit6TCemsm2PTCYMjlUeo/YlIdEYeb66A9LjEdwcjD/31tB02nPB519PBmFS9C0RSt13yZDjp8TgQ1vi20cVEu706dLL13hYNox2tOC2YtI5blh0pLIIpAITo1HZKya71dJCvx046YLVj/iTyj6aVbHb5BYCMsAtRvUTlmgzq5My1kjplcCstTwXCjQ+2CFOQA977Ie2DymQd723n299hV1hWRNYDypCh8GFrRBMc2i18bNMWONVTPme4PNpeHON0TQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+lLbHVrmLRhn2DU+KDKw9dK9qUqBxi7dKLfESVzw8yQ=; b=UZxbQc7I7dZi8DNVMBa/3FlMf3eJe2cooD/K9D4/9z7WAdUtcF7bYiczA6EanSjWmVULSzS4X2qHJkXoOuTsZR9XISx0sJ9TFqpjt9SYB5DXN66Md6ux8Z7xbsRZ4BlUczAwS5q8pSlaLGSVdN4a1FeeuVSpAIIuGi4+3WZdzQmQ2N/oRoxnmsEG8il0tXhhsAPnGOeTjLyPhzDHC42x7n6dRc3Kz/lvLSEbSUVoGa7cvKNQc8iPeyb/cJl2gG3a/zOwal+U7K0PVNH8w/xSIszNB3OY5o1pNNcpdNCX65mlj+LtBXIYdWEVcSwR1c5N3EU7Lv3aw+uhf/7oQR0Zhg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+lLbHVrmLRhn2DU+KDKw9dK9qUqBxi7dKLfESVzw8yQ=; b=i3RG8LqoeaL+fue7iBqzQAa9qdraavWXeRo8BMvGmP0eehJzmbQcY0S+1GKTMPm0D/jFWSCRfwyEqM2mvcOnVOY3e/HWqIB4LWUTXmeChiM4T3LkHXNFHJuNTExC+aQnaDdSJw5fK5y9+vXAuzvw/UmpMN3qZ/Wovic5VY+RxZs=
Received: from BY5PR11MB4337.namprd11.prod.outlook.com (2603:10b6:a03:1c1::14) by BY5PR11MB4134.namprd11.prod.outlook.com (2603:10b6:a03:18e::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.23; Mon, 13 Jul 2020 23:05:35 +0000
Received: from BY5PR11MB4337.namprd11.prod.outlook.com ([fe80::744b:761f:b385:f1e2]) by BY5PR11MB4337.namprd11.prod.outlook.com ([fe80::744b:761f:b385:f1e2%7]) with mapi id 15.20.3174.025; Mon, 13 Jul 2020 23:05:35 +0000
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>
CC: "draft-ietf-lsr-isis-invalid-tlv@ietf.org" <draft-ietf-lsr-isis-invalid-tlv@ietf.org>, "lsr-chairs@ietf.org" <lsr-chairs@ietf.org>, "lsr@ietf.org" <lsr@ietf.org>, Christian Hopps <chopps@chopps.org>, "aretana.ietf@gmail.com" <aretana.ietf@gmail.com>
Thread-Topic: Benjamin Kaduk's Yes on draft-ietf-lsr-isis-invalid-tlv-02: (with COMMENT)
Thread-Index: AQHWWVofPxbDSwk0B0+xDUxujILXsqkGF7LQ
Date: Mon, 13 Jul 2020 23:05:35 +0000
Message-ID: <BY5PR11MB4337C2A9F5A5BEC0476C76AAC1600@BY5PR11MB4337.namprd11.prod.outlook.com>
References: <159467464683.28759.13036994941928035125@ietfa.amsl.com>
In-Reply-To: <159467464683.28759.13036994941928035125@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2602:306:36ca:6640:5564:b1a9:c304:c47b]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 79aab34b-77ed-45a0-e84e-08d827814017
x-ms-traffictypediagnostic: BY5PR11MB4134:
x-microsoft-antispam-prvs: <BY5PR11MB4134E2BFC9C8F1591F3192ECC1600@BY5PR11MB4134.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: pIOrYKLsiZyuJARZ+j0a3yRbzcLCtr0wB3ImebXSoTyjmY/TKsla2whz7BEKBlQjWbGPeAr1PZctsRr9kl8FuGa7EUu8QTiPQFSk/FHeiRq/7Ru3qbli+nLS2ggQqY7OxHx6aYl6sBnUSdnIg9pk29Z5qURjvfVK4PaxP0Tolstt7HO5JPoDqMScCeFgmA8gNbGYIcRpfsWuhbx70cK5Ny38+96oBGRC23CAij+Pif+wVs58TyElSMg98ir2n7zj6XWShTRsSq5OmaHb3pL9nCyw+UEsGXiLQPfF/taVpeVlQra1ZbVU5N+mUwBP9sen1b6xj7J56keAJLIOJVzzhNImHje9hYvgrbykWenKzP6zvUsaHIOR/uR8lyQNv0khmUHsNImbhpKUtXbjodPq2A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4337.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(396003)(346002)(366004)(39860400002)(376002)(136003)(54906003)(2906002)(110136005)(52536014)(5660300002)(55016002)(9686003)(83380400001)(8676002)(166002)(8936002)(71200400001)(4326008)(66946007)(64756008)(66446008)(66556008)(478600001)(86362001)(76116006)(33656002)(7696005)(966005)(6506007)(316002)(53546011)(186003)(66476007)(21615005); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: b09xLk1SDUDdn26v4it1FAZz+gm9FxlayheYJAYSBcYT0betDIy7MG2h/2n+5WlHwJenVBJ9fRA6avm1x+9TFPcmY2VFF5LBCNKLLcgePAuoNMA0vwsb/gfIwc1KLBVsMlbLDlx6E9y/KTY++FDOesQ/5ezqvYsX7YuADEhM4s5aQa1mEIGbSBiNtBQ0jZU1pNHBWpuTRunDPldtW5WYcs4CmCd+reDh9a1a5urOkfmHQr4Gw2joW+9puLE5px/szkKWxLB+1cbXoI83tZrYoxJ280yMLqrEmr1Khq5o/k58yjEkgPkwmlUMgRKeZ4u6fny6CjOxD6LcCWTTV0cBoZL0pFR5JRNCSMycermWeSo4PFIem1qrbf9LFP/zVi1YuiFqzsOrbOIp8Tw7qTl9QYurPKwUcF1B/0DrdLXOpSp4xUB6q2CwTLIwmXhb7SpUDiDDnPtkphF5i2g/cU7qDpqTG1roZknD5okudwkCHJBWKqCsV0a3nVnfWR/ME4UYKaGqqo78IlI+2L4bGGGWpKadMAvyXsB7hPiS8mmbrqEZmaA/aj9IIX637roXXCrA
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BY5PR11MB4337C2A9F5A5BEC0476C76AAC1600BY5PR11MB4337namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4337.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 79aab34b-77ed-45a0-e84e-08d827814017
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jul 2020 23:05:35.1628 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wMByy2MI9EltPJidjAxUb9k1I6MjDjliZTscBpOxBmG9XeY3yL9bkLm117NXfSGhg6FacH3vaPuGXla+2tAv6A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4134
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.12, xch-rcd-002.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/4M0DRjXOvvKdteDYkA3WxbrZRDU>
Subject: Re: [Lsr] Benjamin Kaduk's Yes on draft-ietf-lsr-isis-invalid-tlv-02: (with COMMENT)
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2020 23:05:41 -0000

Ben -



Thanx for your review.

Responses inline.



> -----Original Message-----

> From: Benjamin Kaduk via Datatracker <noreply@ietf.org>

> Sent: Monday, July 13, 2020 2:11 PM

> To: The IESG <iesg@ietf.org>

> Cc: draft-ietf-lsr-isis-invalid-tlv@ietf.org; lsr-chairs@ietf.org; lsr@ietf.org;

> Christian Hopps <chopps@chopps.org>; aretana.ietf@gmail.com;

> chopps@chopps.org

> Subject: Benjamin Kaduk's Yes on draft-ietf-lsr-isis-invalid-tlv-02: (with

> COMMENT)

>

> Benjamin Kaduk has entered the following ballot position for

> draft-ietf-lsr-isis-invalid-tlv-02: Yes

>

> When responding, please keep the subject line intact and reply to all

> email addresses included in the To and CC lines. (Feel free to cut this

> introductory paragraph, however.)

>

>

> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html

> for more information about IESG DISCUSS and COMMENT positions.

>

>

> The document, along with other ballot positions, can be found here:

> https://datatracker.ietf.org/doc/draft-ietf-lsr-isis-invalid-tlv/

>

>

>

> ----------------------------------------------------------------------

> COMMENT:

> ----------------------------------------------------------------------

>

> The shepherd writeup is a bit unclear as to why Proposed Standard is the

> right document status (vs., e.g., Informational).  I guess it's desired

> to have the Updates: relationship to the indicated documents, which

> essentially forces it to be standards-track.  On the other hand, perhaps

> the sense that ignoring a TLV that is specifically disallowed (as

> opposed to "merely" unrecognized) is itself a newly specified

> requirement, in which case the status as Proposed Standard makes sense

> for that reason.  It might be worth a little more clarity on which (if

> either) of these scenarios are intended.

>

[Les:] What prompted the writing of this document was a real world interoperability scenario wherein one implementation generated a malformed TLV and a receiving implementation rejected the entire PDU because of it. This resulted in persistent LSPDB inconsistency in the network for a prolonged period with a significant impact on the proper functioning of the network. This failure was considered significant enough that Standards Track seemed appropriate.



As the document developed, the authors were encouraged to address some other issues, one of which was clarifying disallowed TLV handling as well.



I can understand why Informational track may seem appropriate to you. In early discussions with Alvaro I had suggested that there was no need to write the document - that existing specifications were sufficiently clear. But the fact that - despite existing standards - such an interoperability issue did occur was compelling. The WG also embraced this as useful.



> Section 1

>

>    A corollary to ignoring unknown TLVs is having the validation of PDUs

>    be independent from the validation of the TLVs contained in the PDU.

>

> nit: this doesn't exactly seem like a "corollary" specifically, but

> rather a choice that [ISO10589] made (and which keeps some overall sense

> of consistency between PDU and TLV handling).

>

[Les:] Rejecting a PDU because of some issue with a single TLV would mean that the full set of updates contained in that LSP would not be propagated. This has a significant impact on the correct operation of the protocol. So I think this really isn’t an option.





> Section 3.1

>

>    [ISO10589] defines the behavior required when a PDU is received

>    containing a TLV which is "not recognised".  It states (see Sections

>    9.3 - 9.13):

>

> This is Sections 9.5 (not 9.3) to 9.13 in the copy I have.

>

[Les:] Well spotted. I see you have put your newly acquired  copy of ISO 10589 to good use. Bravo!! 😊



> Section 3.2

>

>    Similarly, the extensions defined by [RFC6233] are not compatible

>    with the behavior defined in [RFC5304], therefore can only be safely

>    enabled when all nodes support the extensions.

>

> nit: I'd argue that technically the extensions are *defined* by 6232, even

> though 6233 is what makes their nature (as "allowed in purge") easily

> discoverable.

>

[Les:] Fair enough. I will change this to RFC6232 - which is one of documents updated by this draft.



>    It is RECOMMENDED that implementations provide controls for the

>    enablement of behaviors that are not backward compatible.

>

> We also specifically want the ability to generate but not

> process/require at least some of them, right?  Is that worth calling out

> in addition to just "controls for the enablement"?



[Les:] This sentence is serving as a guideline for new behaviors that have backwards compatibility issues. New information which could be safely sent in the presence of legacy routers does not fall into this category.



>

> Section 3.3

>

>    a given sub-TLV is allowed.  Section 2 of [RFC5305] is updated by the

>    following sentence:

>

>       "As with TLVs, it is required that sub-TLVs which

>        are disallowed MUST be ignored on receipt.".

>

> Do we want to say where this logical insertion occurs?

>

[Les:] As this is not modifying existing text in any way, I am not sure that it is necessary to do so.

I can envision adding this to the end of the first paragraph or creating a new paragraph.



Unless we are actually going to create a BIS draft, I am not sure that it matters.

??



> Section 3.4

>

>    The correct setting for "LSP" is "n".  This document updates

>    [RFC6232] by correcting that error.

>

> It's slightly interesting that there doesn't seem to be a corresponding

> Errata Report (but may not be worth doing anything about given that this

> update is about to be approved).



[Les:] The error was found during the writing of this draft.



>

> Section 8.1

>

> It's not entirely clear that RFC 7356 is referenced in a normative

> manner.

>

>



[Les:] I will move it to Informational.



   Les

v2.23.0 | Report a Bug | By Email