IETF Logo Mail Archive

Re: [Lsr] bunch comments on https://datatracker.ietf.org/doc/draft-ietf-lsr-ospf-admin-tags

Tony Przygienda <tonysietf@gmail.com> Sat, 02 March 2024 07:56 UTC

Return-Path: <tonysietf@gmail.com>
X-Original-To: lsr@ietfa.amsl.com
Delivered-To: lsr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84223C14F690 for <lsr@ietfa.amsl.com>; Fri, 1 Mar 2024 23:56:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BgPAmjarkHhh for <lsr@ietfa.amsl.com>; Fri, 1 Mar 2024 23:56:18 -0800 (PST)
Received: from mail-ua1-x929.google.com (mail-ua1-x929.google.com [IPv6:2607:f8b0:4864:20::929]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 378E5C14F614 for <lsr@ietf.org>; Fri, 1 Mar 2024 23:56:18 -0800 (PST)
Received: by mail-ua1-x929.google.com with SMTP id a1e0cc1a2514c-7daf957595bso740610241.1 for <lsr@ietf.org>; Fri, 01 Mar 2024 23:56:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709366176; x=1709970976; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=s1cax6wv0V1abCq2QSKK7AgL0eO9vWTcjms8w332JxA=; b=WSJlvCn2aIEyu8bcy/MHdynhWFXJuw9PbrhOPXieLUn530njtDTVnaXNuwmLurfzn1 6FZZ+jBVqICBx3OrDVYaBtqX8Ci6UmD7kv237UZ36CCb6IDgcSLrmA9F7g3KVihvM8gH Y/urIIhmS6dw0w6HVQ62gFI8jN/v8iDf+SzmOHvMTZEJxvRwuvG4PJR/1GGFx+QXUhy0 G1JshP/pZxUO3Vln5s+45t71YRYyOljRrq5BchQVrejXyxRV5o2fEPrwoQOdwncUND3f ALkazOQnD6oVBUuEea1+85qp74iA46p0K8OW3xBzf1Um0exQoGUgR8Ybr6vK9rZEnrbt MwUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709366176; x=1709970976; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=s1cax6wv0V1abCq2QSKK7AgL0eO9vWTcjms8w332JxA=; b=QG1sb4FVPc2BzGUzPqkcyvhHr0FSZ4YLsG6gKoGbqwVBfk+XNlOt7cpgC2YpL1aYkx fzDGyhsOaFbyjPwk4Olzkc4YUZ2FI2r7wA5V3ekRTKKLP1Kj2Vy7un3LhGR/rCGhZnjm HSfxGIwMNPLToC1PHwIE4fK0r0HZW+pG2PWycAUSec9sHgfl7XdQu+Hs85KWoyP+aaRK bKopwH3Geh18Wu5T+7kJkkMFfVRhrSGMsk2X0nxGvI4ypmuDKz1dDz/6MXcVDT1q6JBl cjM8Lj4/EriMA3WlmIdmQboFiFT0jwWulMyuXoaK50wKsfldgFgzHf594jnzm6oI7lnk ujcg==
X-Forwarded-Encrypted: i=1; AJvYcCVLsMwIpz5wbxzgdkCtJws0nDELEe9MvqjwOi9AmTXftMQAunJKxR8C/8hpa0SHaypB/VVz4EKxQGe9poQ=
X-Gm-Message-State: AOJu0YzyiA2U8sY0XbHTf9bkBcZilCy7iDhFIeaQPIMSAGdGYSdMsxCB bFvdPlYSGEEHiH4Ff9h1fl7OHOFYVglqMblViqrdCUicytVIYfXFSNB5lNvBRjAeWCcvdwzfxzE RXpABu2mdpVdxZhb74L9UvwzGofC5GtNT
X-Google-Smtp-Source: AGHT+IG2rmFLWSefzdrfdt3rAEgH8m7iqbpK5gHvy755k5W2hj2CU3M6vO+Q6yksq9MrpOQNpJO4Z+sk/Jews5KYiYc=
X-Received: by 2002:a05:6102:6698:b0:471:fc79:bf0d with SMTP id gw24-20020a056102669800b00471fc79bf0dmr4518839vsb.2.1709366176626; Fri, 01 Mar 2024 23:56:16 -0800 (PST)
MIME-Version: 1.0
References: <CA+wi2hMYEN9D3E-BjzX8E8FtEPjgkbN0Yc9F95h42CqLz=u2Rw@mail.gmail.com> <AF6DD69E-AAF2-4CF0-A3B4-774FE72AC58C@gmail.com> <CA+wi2hP6iFWJGvq28O+tKV1fBJuT73hxLA3B=E9B8cKiYYkWtg@mail.gmail.com> <44AD407F-2E1E-4289-8E2A-61AA55C7D8D4@gmail.com> <CA+wi2hM7rCczoBo=PoOYHKMY5REXTj+=KnXDwdYUmAE+j8DQbw@mail.gmail.com> <BY5PR11MB4337FB8169721C96686C7A1FC15F2@BY5PR11MB4337.namprd11.prod.outlook.com> <CA+wi2hMF+m6J0hCUOviPi0U_ivY4pYvrhJoJ3cdc3n5pMm2vQw@mail.gmail.com> <9F0711F1-5713-4C9E-813F-42EFC4962A8B@gmail.com> <CA+wi2hMdWxeBKh1gkREc8SevjCXyTL8xvdYaCLe7UgYq8XxEmw@mail.gmail.com> <CABNhwV0RMr_SqXU85zEvGQOjKURyk9=VJ59uxDVmSW_VjfyLfQ@mail.gmail.com>
In-Reply-To: <CABNhwV0RMr_SqXU85zEvGQOjKURyk9=VJ59uxDVmSW_VjfyLfQ@mail.gmail.com>
From: Tony Przygienda <tonysietf@gmail.com>
Date: Sat, 02 Mar 2024 08:55:40 +0100
Message-ID: <CA+wi2hOXYZNuSRez77gasGsNYZYhSsbVFe-5GR9LMCDkNnge9g@mail.gmail.com>
To: Gyan Mishra <hayabusagsm@gmail.com>
Cc: Acee Lindem <acee.ietf@gmail.com>, Les Ginsberg <ginsberg@cisco.com>, lsr <lsr@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bfc0e40612a8d3ca"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/bBdAGcdWxfQ33g_Nclcf-O0FZfY>
Subject: Re: [Lsr] bunch comments on https://datatracker.ietf.org/doc/draft-ietf-lsr-ospf-admin-tags
X-BeenThere: lsr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Link State Routing Working Group <lsr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsr>, <mailto:lsr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr/>
List-Post: <mailto:lsr@ietf.org>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsr>, <mailto:lsr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Mar 2024 07:56:22 -0000

your premise holds only if you assume we can carry basically infinite
amount of tags like as-path or ext-comms. For practical reasons IGPs were,
are and will be likely limited to few tags only on a prefix and hence
without a precise ordering on borders, summarization etc (as the draft
mandates and it should) you will end up with non-determinism. I do not like
to think we get into MED with IGPs ;-)

We are talking here  of quite a border-line case of anycast with tags
exceeding the max. amount an implementation is willing to carry but one I
asked in real planning discussion and could not get an answer for.  The
basic case of having to clip the tags the draft was answering already
before.

Musing sidenote: Generally speaking, I do not consider the idea of pushing
IGPs heavily into direction of starting to carry tags on prefixes, run
policies in weird places and rely on complex tag configurations and such
machineries of complications a particularly good one.  Job of IGP is to
provide connectivity, to do it in a highly resilient, distributed and fast
fashion (unlike BGP which is not a connectivity protocol but a policy
distribution engine who can reach whom basically and hence needs such
mechanisms extensively). Introducing such tools start to make IGPs far more
prone to misconfiguration problems and unexplained brown-outs besides
forcing necessary computations/policy engines which at scale may start to
significantly slow convergence we rely on so heavily. Of course one can say
that sane designs will use that stuff only where it's unavoidable and
easily operationally tractable and I buy this argument, giving people
knives does not tell us what they will do with them ultimately ...

-- tony

On Sat, Mar 2, 2024 at 3:40 AM Gyan Mishra <hayabusagsm@gmail.com> wrote:

>
> Speaking from a operators POV, tags I agree can be very helpful.  However
> I think ordering that could influence SPF by router-id or other means am
> not sure is a good idea.  Have to think that through and any ramifications
> in doing so.
>
> My take is the goal of tags is very similar to BGP communities where you
> can mark the routes for filtering or redistributing of routes.
>
> I think the ability to have many tags on route is useful similar to BGP
> communities tagging.
>
> However adding more intelligence into the tagging  influencing routing and
> making it a standard I don’t think is a good idea.
>
> Kind Regards
>
> <http://www.verizon.com/>
>
> *Gyan Mishra*
>
> *Network Solutions A**rchitect *
>
> *Email gyan.s.mishra@verizon.com <gyan.s.mishra@verizon.com>*
>
>
>
> *M 301 502-1347*
>
>
>
> On Fri, Mar 1, 2024 at 2:39 PM Tony Przygienda <tonysietf@gmail.com>
> wrote:
>
>> appreciate the ordering, some people start to get wild ideas especially
>> now you can slap that stuff on internal prefixes as well ;-)
>>
>>
>>
>> On Fri, Mar 1, 2024 at 7:27 PM Acee Lindem <acee.ietf@gmail.com> wrote:
>>
>>> At the risk of complication, I've added text to clarify the ordering
>>> independence (from RFC 5130) and the usage when multiple LSAs contribute to
>>> a path in -14.
>>>
>>> I also specified the behavior for an invalid length - while I agree with
>>> Les this is a generic problem, it isn't necessary handled generically
>>> across IGPs, TLVs, and sub-TLVs. I'm used to addressing this class of
>>> comment,  Alvaroisms.😎
>>>
>>> Thanks and have a Great Weekend,
>>> Acee
>>>
>>> > On Feb 29, 2024, at 2:05 PM, Tony Przygienda <tonysietf@gmail.com>
>>> wrote:
>>> >
>>> > sure, on the tags given how some people start to abuse4 those in
>>> interesting ways now ;-) I'm piping in here since I'm obviously talking
>>> through some real OSPF designs where the issue of which ones will make it
>>> may matter given for practical reasons we have to limit how many we carry
>>> ... ;-)
>>> >
>>> > on the second point, don't write "this sub-TLV should carry at least
>>> one tag" if you don't specify what it means it doesn't carry one. No
>>> biggie, I just edged onto this when reading it ...
>>> >
>>> > if authors are not interested in making the spec tighter, closing
>>> possible holes then I just pipe out of course ...
>>> >
>>> > -- tony
>>> >
>>> > On Thu, Feb 29, 2024 at 8:01 PM Les Ginsberg (ginsberg) <
>>> ginsberg@cisco.com> wrote:
>>> > Tony –
>>> >  In the spirit of a friendly discussion…
>>> >   From: Lsr <lsr-bounces@ietf.org> On Behalf Of Tony Przygienda
>>> > Sent: Thursday, February 29, 2024 10:33 AM
>>> > To: Acee Lindem <acee.ietf@gmail.com>
>>> > Cc: lsr <lsr@ietf.org>
>>> > Subject: Re: [Lsr] bunch comments on
>>> https://datatracker.ietf.org/doc/draft-ietf-lsr-ospf-admin-tags
>>> >   1. you can easily rectify by saying, if you have  tags for same
>>> prefix from multiple nodes you prefere lowest router ID or maybe "sort on
>>> router id and then interleave" or something. depending how much of fully
>>> fledged specification you want here
>>> >  [LES:] As Acee has pointed out, the IS-IS RFC (written many years
>>> ago) explicitly stayed away from this sort of thing.
>>> > Are you saying that your experience with IS-IS has been
>>> unsatisfactory? If so, why aren’t you lobbying for changes to IS-IS? (Not
>>> that I am encouraging you to do so… 😊 )
>>> >   2. we miss each other. I just say this sub-TLV being empty is NOT
>>> specified (i.e. behavior is undefined) if anyone sends such a thing
>>> > [LES:] From the POV of parsing, if you send a TLV with 0 length, it
>>> does no harm. Your parsing logic will just move on to the next TLV. I don’t
>>> see the need to specify any behavior.
>>> > Of course, it is useless to send this TLV with no content – so if your
>>> implementation wants to report that as an encoding error that seems
>>> reasonable to me.
>>> > If you send a length of 0 but actually have content, that is a serious
>>> encoding error – but that is a generic issue that seems outside the scope
>>> of this draft.
>>> >     Les
>>> >     -- tony
>>> >   On Wed, Feb 28, 2024 at 7:13 PM Acee Lindem <acee.ietf@gmail.com>
>>> wrote:
>>> > Hi Tony,
>>> >
>>> > > On Feb 28, 2024, at 2:01 AM, Tony Przygienda <tonysietf@gmail.com>
>>> wrote:
>>> > >
>>> > > hey Acee, inline
>>> > >
>>> > >
>>> > > On Wed, Feb 28, 2024 at 3:30 AM Acee Lindem <acee.ietf@gmail.com>
>>> wrote:
>>> > > Hi Tony,
>>> > >
>>> > > Thanks for the review.
>>> > >
>>> > >> On Feb 27, 2024, at 04:51, Tony Przygienda <tonysietf@gmail.com>
>>> wrote:
>>> > >>
>>> > >> Reading the draft quickly, here's bunch of observations
>>> > >>
>>> > >> "
>>> > >>
>>> > >> An OSPF router supporting this specification MUST be able to
>>> > >> advertise and interpret at least one 32-bit tag for all type of
>>> > >> prefixes. An OSPF router supporting this specification MAY be able
>>> > >> to advertise and propagate multiple 32-bit tags. The maximum tags
>>> > >> that an implementation supports is a local matter depending upon
>>> > >> supported applications using prefix tags.
>>> > >> "
>>> > >>
>>> > >>
>>> > >> Since different implementations may support different amount of
>>> tags I see that the draft says
>>> > >>
>>> > >> "
>>> > >> When propagating multiple tags, the order
>>> > >> of the the tags SHOULD be preserved.
>>> > >>
>>> > >> "
>>> > >>
>>> > >>
>>> > >> this is IMO not good enough in case where two nodes advertise same
>>> prefix with multiple tags, possibly differing or in different order. Some
>>> kind of ordering is necessary then as well AFAIS.
>>> > >>
>>> > >
>>> > > I guess I don’t see the problem. A policy would look for a specific
>>> tag and take a specific action.
>>> > >
>>> > > Note that for IS-IS tags so require ordering, see section 4 of
>>> https://datatracker.ietf.org/doc/rfc5130/.
>>> > > I could possibly appropriate some of this text as it applies to
>>> OSPF.
>>> > >
>>> > >
>>> > > my point is that if you have multiple nodes advertising some prefix
>>> with different 3 tag combinations and you choose to only support 3 tags the
>>> result is undefined by this draft as to which tags propagate at the end, so
>>> the "order should be preserved" doesn't help
>>> >
>>> > I agree this could be a problem if you have this situation but I don’t
>>> see how advertising the tags in any particular order rectifies it. Also,
>>> since an OSPF domain is under a single administrative domain, I also don’t
>>> understand why anyone would configure such a situation. You could also have
>>> a problem if you have different nodes supporting different policies for the
>>> same prefix. Unless you can convince me, I’m going to stick with the IS-IS
>>> semantics for multiple tags. From RFC  5130.
>>> >
>>> >
>>> >       The semantics of the tag order are implementation-dependent. That
>>> >        is, there is no implied meaning to the ordering of the tags that
>>> >        indicates a certain operation or set of operations need be
>>> performed
>>> >        based on the order of the tags. Each tag SHOULD be treated as an
>>> >        autonomous identifier that MAY be used in policy to perform a
>>> policy
>>> >        action. Whether or not tag A precedes or succeeds tag B SHOULD
>>> not
>>> >        change the meaning of the tag set. However, when propagating
>>> TLVs
>>> >        that contain multiple tags between levels, an implementation
>>> SHOULD
>>> >        preserve the ordering such that the first tag remains the first
>>> tag,
>>> >        so that implementations that only recognize a single tag will
>>> have a
>>> >        consistent view across levels.
>>> >
>>> >
>>> >
>>> > >
>>> > >
>>> > >
>>> > >
>>> > >>
>>> > >>
>>> > >> "
>>> > >> This sub-TLV will carry one or more 32-bit unsigned integer values
>>> > >> that will be used as administrative tags.
>>> > >> "
>>> > >>
>>> > >>
>>> > >> IMO behavior when none are carried nees to be specified if this is
>>> mandated. is that a MUST in fact?
>>> > >>
>>> > >
>>> > >  The sub-TLV is optional so if it isn’t specified than there are no
>>> tags to match. What am I missing here?
>>> > >
>>> > > it says "one or more" so the sub=-tlv without anything has no
>>> semantics. is that an operational error, is that normal (then why does the
>>> draft say one or more). it's a nit but those nits can be ugly in interops
>>> >
>>> > I clearly state that the sub-TLV is optional.
>>> >
>>> > Thanks,
>>> > Acee
>>> >
>>> >
>>> > >
>>> > >
>>> > >>
>>> > >>
>>> > >>
>>> > >> Moreover we already have a tag in OSPFv2 on type-5 and type-7 and
>>> opaque can advertise more tags. How do those interact ?
>>> > >>
>>> > >
>>> > >
>>> > > I have this text in section 4 to provide backward compatibility:
>>> > >
>>> > >    When tags are advertised for AS External or NSSA LSA prefixes, the
>>> > > existing tag in the OSPFv2 and OSPFv3 AS-External-LSA and NSSA-LSA
>>> > > encodings SHOULD be utilized for the first tag. This will facilitate
>>> > > backward compatibility with implementations that do not support this
>>> > > specification.
>>> > >
>>> > > oh, I missed that. sorry.
>>> > >
>>> > >
>>> > > Thanks,
>>> > > Acee
>>> > >
>>> > >
>>> > >
>>> > >>
>>> > >>
>>> > >> that's it for the first
>>> > >>
>>> > >>
>>> > >> thanks
>>> > >>
>>> > >>
>>> > >> -- tony
>>> > >>
>>> > >>
>>> > >>
>>> > >> _______________________________________________
>>> > >> Lsr mailing list
>>> > >> Lsr@ietf.org
>>> > >> https://www.ietf.org/mailman/listinfo/lsr
>>> > >
>>>
>>> _______________________________________________
>> Lsr mailing list
>> Lsr@ietf.org
>> https://www.ietf.org/mailman/listinfo/lsr
>>
>

v2.23.0 | Report a Bug | By Email