IETF Logo Mail Archive

[Lsr] draft-ietf-lsr-anycast-flag-08 ietf last call Secdir review

Wes Hardaker via Datatracker <noreply@ietf.org> Mon, 24 November 2025 15:38 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: lsr@ietf.org
Delivered-To: lsr@mail2.ietf.org
Received: from [10.244.8.105] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id B4B188F90B84; Mon, 24 Nov 2025 07:38:58 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Wes Hardaker via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.54.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <176399873865.2251791.14360691967532638446@dt-datatracker-5bd94c585b-wk4l4>
Date: Mon, 24 Nov 2025 07:38:58 -0800
Message-ID-Hash: JQO6FDTGEAIXM6T4W4GY2V6QUX22QZSC
X-Message-ID-Hash: JQO6FDTGEAIXM6T4W4GY2V6QUX22QZSC
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-lsr.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-lsr-anycast-flag.all@ietf.org, last-call@ietf.org, lsr@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Wes Hardaker <wjhns1@hardakers.net>
Subject: [Lsr] draft-ietf-lsr-anycast-flag-08 ietf last call Secdir review
List-Id: Link State Routing Working Group <lsr.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsr/ojpLU2h95PpT24DaCcN8MwmJM68>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsr>
List-Help: <mailto:lsr-request@ietf.org?subject=help>
List-Owner: <mailto:lsr-owner@ietf.org>
List-Post: <mailto:lsr@ietf.org>
List-Subscribe: <mailto:lsr-join@ietf.org>
List-Unsubscribe: <mailto:lsr-leave@ietf.org>

Document: draft-ietf-lsr-anycast-flag
Title: OSPFv2 Anycast Property Advertisement
Reviewer: Wes Hardaker
Review result: Has Nits

# Overall

Nice and consist document that is well written.

# Security considerations

- The newly introduced AC flag states that it MUST be set or MUST be clear. 
However, this setting is both dependent upon whether an OSPF router supports
the bit in the first place, and additional requires an operator to have
properly configured the route as anycast.  Thus, the value cannot actually be
completely trustable.  I would mention this in the security consideration
section at a minimum.

# Other considerations

- The document doesn't provide motivation for why this flag is needed -- IE,
how would a router receiving the flag act differently?  This
information/rational isn't needed, but may be helpful for the reader.  [One
possible motivation (based on my own experience) might be to ensure outgoing
routes beyond that had the same priority/etc to get load balancing and/or
alternate paths properly considered "equal" and that a router receiving
multiple anycast routes shouldn't drop one as they're all valid.]  Also note
that rfc8402 might be a slightly better or second reference for anycast
segments than 9085.

- The N-flag doesn't have a reference but probably should (RFC3101)

- There is no discussion about passing of the new AC-flag to other protocols. 
EG, section 3 talks about the BGP-LS prefix attribute flags but the document
doesn't provide guidance about how the two protocols should interact when one
carries the flag.  EG, if I have multiple OSPF backends advertising the
AC-flag, should that carry over to the outgoing (E)BGP announcement?

- It would be nice if 5.1 was modified by the RFC editor and IANA to include
the newly assigned bit value, rather than having the reader need to refer to
the IANA assignment.  IE, put in text saying that it's bit TBD and let IANA and
the editor fill it out when assignment is completed.

# Nits

- Last sentence of section 2:  "is considered node-specific prefix" -> "is
considered *a* node-specific prefix"

v2.43.4 | Report a Bug | By Email | System Status