IETF Logo Mail Archive

Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-11.txt

Acee Lindem <acee.ietf@gmail.com> Wed, 15 February 2023 19:41 UTC

Return-Path: <acee.ietf@gmail.com>
X-Original-To: lsvr@ietfa.amsl.com
Delivered-To: lsvr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30EDAC14F749; Wed, 15 Feb 2023 11:41:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GI73vFt-jmQT; Wed, 15 Feb 2023 11:41:19 -0800 (PST)
Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E8F9C14F739; Wed, 15 Feb 2023 11:41:09 -0800 (PST)
Received: by mail-qt1-x82d.google.com with SMTP id z5so22979521qtn.8; Wed, 15 Feb 2023 11:41:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=rW3fX2k8VVai5yTG44RR0RtGQ0nQ1azCQKVae7wSzjU=; b=k0i8cZvUvyC+yOBCT1TcurNw+dHERXmYwttCfey4XQeFMWPs0QcahbYYJiAias8QNg VZHvc490uJJkK9LZw/g/2CAG0x2BlVSWdfSOSeRsv+OoR/axM8bybwulVV1q/yn0H6f+ s1Ti31EJPuVosysIlPSOrAm3brgWDCIIy0GJQhdGXyHkgTlo1uhkj4nzVyN4I9OBx3J6 X6DATTQ9d9/ru3Cp/uY50zKcUKfQzrWkJ5ldRWX4+wgOYcTRCIm2YzpEGHh3ogFx5eYD sDQzYTnS50cy6Ff70lWcNJzqg8BYWPSNUsCmEtJ/YGlQ++zlN1sRDECUv3zygbNguBwc XFFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rW3fX2k8VVai5yTG44RR0RtGQ0nQ1azCQKVae7wSzjU=; b=HLSIonNQNOuzcljQDWRMl5ldFDDYVqv1I5BmeB/XrWO2p3SeGHKejscMKyRgg4+/cS IJwDL8H0T4W7EcvhcjzZeW/3tmzYPjVrb3jIfn7/N+z9TBTZHhKVU2OdPVN3koUBFFa3 2ICP4TOF/DX7GJNBRveFkya+AiLaaEGtUZmpKv1KseN4KxSUFhd3NQlxnxsh6Q0v50Tp JmMaTHeAhgp3KXDKnJso+rAK4ipEbdFd3boAKMM97UdO5pujJUEKBzHzLF9EoZDcmXKy fvNNx7cMwYM6/l/2CGod8ZcagVeHv8vTWsxy74F+39EXdrCpgFzNq0bEQ3FRdbht/xCy Ts3A==
X-Gm-Message-State: AO0yUKVtn+j0vi2nXDAUPlVV0FxIcy6Ue3s7B45p5F7qTRY58NoG2waH blYVzyAc4SGYPf31cTGGP/Y=
X-Google-Smtp-Source: AK7set9xWT12HsVpN7PdJZqriLo8zLf9CEYg5cdZaib6x9jTCAiqpMMInKR+uLo/+8Q4PrfYyCsxFw==
X-Received: by 2002:ac8:5dd2:0:b0:3b8:8756:6de0 with SMTP id e18-20020ac85dd2000000b003b887566de0mr5721111qtx.48.1676490067735; Wed, 15 Feb 2023 11:41:07 -0800 (PST)
Received: from smtpclient.apple ([136.56.133.70]) by smtp.gmail.com with ESMTPSA id t13-20020ac86a0d000000b003b82a07c4d6sm13650094qtr.84.2023.02.15.11.41.06 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 15 Feb 2023 11:41:07 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
From: Acee Lindem <acee.ietf@gmail.com>
In-Reply-To: <CAMMESsxTfAnhEKsm63THP9e9+JxEsJ3j1qgUCE_AJKatddv6qg@mail.gmail.com>
Date: Wed, 15 Feb 2023 14:40:56 -0500
Cc: "draft-ietf-lsvr-bgp-spf@ietf.org" <draft-ietf-lsvr-bgp-spf@ietf.org>, "lsvr@ietf.org" <lsvr@ietf.org>, lsvr-chairs@ietf.org, Victor Kuarsingh <victor@jvknet.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <D8B4BE5D-AA66-4B83-92D0-5A425D7CF8DF@gmail.com>
References: <F1DFEA4B-600C-4989-AA84-F81AAF3BD19B@cisco.com> <CAMMESsxTfAnhEKsm63THP9e9+JxEsJ3j1qgUCE_AJKatddv6qg@mail.gmail.com>
To: Alvaro Retana <aretana.ietf@gmail.com>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsvr/FcUw0ZSY6JPPLXfMGE2raBjTcec>
Subject: Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-11.txt
X-BeenThere: lsvr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Link State Vector Routing <lsvr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsvr>, <mailto:lsvr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsvr/>
List-Post: <mailto:lsvr@ietf.org>
List-Help: <mailto:lsvr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsvr>, <mailto:lsvr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Feb 2023 19:41:22 -0000

Hi Alvaro, 

Keyur and I discussed your comments and most have been addressed in the -19 version. 

> On Feb 8, 2023, at 8:00 AM, Alvaro Retana <aretana.ietf@gmail.com> wrote:
> 
> On February 15, 2021 at 10:55:53 AM, Acee Lindem wrote:
> 
> Acee:
> 
> Hi!
> 
> I started looking at the latest version (-18).
> 
> Instead of going through this whole message and the diffs, I think it
> might be better for everyone to send out bite-size comments/answers.
> Here's the first one (it only covers the items you highlighted for WG
> discussion).
> 
> Thanks!
> 
> Alvaro.
> 
> 
> 
> 
>> Thank you for your extensive review and comments. Now that the document
>> is back in the WG, we have couple things to discuss in the WG:
> 
> I didn't see much discussion in the WG.  I'm making some comments here
> in case anyone looks...
> 
> 
> 
>> 1. NLRI packing - Well it is almost implied, I think we need to
>> limit a BGP Update to a single NLRI and BGP-LS Attribute.
> 
> From §5.1.1 (BGP-LS-SPF NLRI TLVs):
> 
>    Given that there is a single BGP-LS Attribute for all the BGP-LS-SPF
>    NLRI in a BGP Update, Section 3.3, [RFC7752], a BGP Update will
>    normally contain a single BGP-LS-SPF NLRI since advertising multiple
>    NLRI would imply identical attributes.
> 
> This is not a limit, as you suggested above.  FWIW, it seems to me
> that the reasoning implies that setting a limit is not necessary
> because it will happen naturally.

We changed the wording to indicate one NLRI per BGP Update.


    Given that there is a single BGP-LS Attribute for all the BGP-LS-SPF
    NLRI in a BGP Update, Section 3.3, [I-D.ietf-idr-rfc7752bis], a BGP
    Update for BGP-LS-SPF SAFI SHALL contain a single BGP-LS-SPF NLRI.
    It is unlikely that multiple NLRI would have identical attributes so,
    for simplicity, 
> 
> 
> 
>> 2. Initial synchronization - we need to discuss this in the draft
>> and potentially add an option to require this, such as the IS-IS
>> suppress adjacency option. I don't think we'd want to require
>> this as it would limit deployment.
> 
> I didn't find anything about this in -18.
> 
> Thinking out loud.  The End-of-RIB marker from rfc4724 could be used
> as a default behavior in BGP SPF (for this specific SAFI) without a
> Capability.  I know that Graceful Restart is not supported -- the
> suggestion is to only use the End-of-RIB marker part of rfc4724.


We added requiring EoR synchronization as an option. This change impacted
mainly section 4 but other sections were modified as well. 




> 
> 
> 
>> 3. NEXT_HOP requiremeent - We now say we are following RFC 4760.
>> However, we need to be sure we are consistent throughout.
> 
> I'll keep an eye out for that.
> 
> 
> 
>> 4. Single session requirement for BGP-LS. Right now we don't
>> prevent this.
> 
> As with BGP-LS, it would be nice if you (at least) RECOMMENDED it.
> Given the peering models and that they don't map to "normal" BGP
> deployments, it would be nice to have that separation.
> 
> This is the related text from rfc7752bis (especially the last sentence):
> 
>    Distribution of the BGP-LS NLRIs SHOULD be handled by dedicated route
>    reflectors in most deployments providing a level of isolation and
>    fault containment between different BGP address families.  In the
>    event of dedicated route reflectors not being available, other
>    alternate mechanisms like separation of BGP instances or separate BGP
>    sessions (e.g. using different addresses for peering) for Link-State
>    information distribution SHOULD be used.
> 
> As you mention, any peering configuration is ok, nothing is prevented.
> 
> BTW, I noticed that you borrowed the "AFI/SAFI disable" text from
> rfc7752bis; §7.2 now reads:
> 
>    ...
>    such malformed NLRIs as 'Treat-as-withdraw'. In other cases, where
>    the error in the NLRI encoding results in the inability to process
>    the BGP update message (e.g., length related encoding errors), then
>    the router SHOULD handle such malformed NLRIs as 'AFI/SAFI disable'
>    when other AFI/SAFI besides BGP-LS are being advertised over the same
>    session. Alternately, the router MUST perform 'session reset' when
>    the session is only being used for BGP-LS-SPF or when its 'AFI/SAFI
>    disable' action is not possible.
> 
> The recommendation above (for a separate BGP-LS-SPF session) would be
> a good follow up to this too.

Added this to section 4.2:

However, since there are BGP sessions between every directly-connected node
in the BGP SPF routing domain, there is only a reduction in BGP sessions when there
are parallel links between nodes. Hence, this peering model is RECOMMENDED over
the single-hop peering model Section 4.1.


Thanks,
Acee

v2.23.0 | Report a Bug | By Email