Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-11.txt
Acee Lindem <acee.ietf@gmail.com> Fri, 17 February 2023 17:15 UTC
Return-Path: <acee.ietf@gmail.com>
X-Original-To: lsvr@ietfa.amsl.com
Delivered-To: lsvr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 750EAC14CE4F; Fri, 17 Feb 2023 09:15:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7i75z03xOEoh; Fri, 17 Feb 2023 09:14:56 -0800 (PST)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1AAC8C14F749; Fri, 17 Feb 2023 09:14:56 -0800 (PST)
Received: by mail-qt1-x832.google.com with SMTP id r6so1415626qtx.10; Fri, 17 Feb 2023 09:14:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=bTrC4Uyx2eNcxUhnU/NCS7D5vtci4Tc7kXN4QPv/oKo=; b=bQzs/gL+EEnAMro3peUYgOixkE9bVjOwU8PTDhQ36eUd43kZb3LLmklo53azjQcddQ 0enD5yZ3RoGKHekCTgZXCUaw2E5FwikqWSM9wqFjhpt5qCkFTPN0ilp0uXpAPetYrNxH bCwB9WoyRB+BNJM1tLbXyD+6S4RObWWhM5dt+inEl8Ukt1NQ53TnvWLic794W3mC77J7 fDTXrik1UiKUlPeuXbJBTAi2aQwZQGQMIQa6Gv4Hh0ddU9BMaSyzl+fe0v0h/aakiSZi oh2e3NopAb7kHV6+ulNGdmUMORWMHN++c3xtQwvSFNXFcKIihshcwUa5zziHFlHg66Gb 9NUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bTrC4Uyx2eNcxUhnU/NCS7D5vtci4Tc7kXN4QPv/oKo=; b=he2hAIbzCovNU/xfpbqRePoK0Mw3n7XOEslw8QcaEsYh7KS+u6d8OX10uziO6ldB0l WSwuMBVnJ+pb6ZRq9XF/PZ1puq2Ch56SVOKb2usTxZbQ2zBHJMJmy5EqCnFP/rz3NgfX R9xsgPdlivP+CLJlIILEx/5swlA0W08o1fYcTZBLqnItWuCYVebsWcrC8vP9u/9lufwk jKrtZrU3jCjTZS2zhh3zUoMvyVjBey3LVUsDuhSRUPnUEA+RBYN5kI07saLZD15XHafp 7h6+QN3BeyfOkwg2+h6+dN+k/K8stQJAbDEyqIMmTRZHxPp26wsRFZwZaWWpW5JZ89N5 LiWA==
X-Gm-Message-State: AO0yUKXcFgOchPNgdiOkuspgVlu8VKVBt04oU5MyJO0LWa09vQa/oQIb 05sPYz9Ox2eSfHt9LGT4eo1SUtzDcHg=
X-Google-Smtp-Source: AK7set/arpCFBxpW/h9H1xcLrECDnMOAT1WWwf/kczB6Tuyz+5dVzc9wQBmlFfR1Padyo3RKl7Q6ww==
X-Received: by 2002:a05:622a:1109:b0:3b9:bc8c:c1f6 with SMTP id e9-20020a05622a110900b003b9bc8cc1f6mr12523039qty.1.1676654094552; Fri, 17 Feb 2023 09:14:54 -0800 (PST)
Received: from smtpclient.apple ([136.56.133.70]) by smtp.gmail.com with ESMTPSA id u125-20020a379283000000b0073ba9d0d8b5sm1550403qkd.58.2023.02.17.09.14.54 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 17 Feb 2023 09:14:54 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
From: Acee Lindem <acee.ietf@gmail.com>
In-Reply-To: <CAMMESsxLZ3uEWxRE9Cs+Rp5Rym=LXJwwP1ML6Mn8-YqsZK5x9A@mail.gmail.com>
Date: Fri, 17 Feb 2023 12:14:42 -0500
Cc: "draft-ietf-lsvr-bgp-spf@ietf.org" <draft-ietf-lsvr-bgp-spf@ietf.org>, "lsvr@ietf.org" <lsvr@ietf.org>, Victor Kuarsingh <victor@jvknet.com>, lsvr-chairs@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <E531FA8F-65D1-4821-A233-D6284F690671@gmail.com>
References: <F1DFEA4B-600C-4989-AA84-F81AAF3BD19B@cisco.com> <CAMMESsxTfAnhEKsm63THP9e9+JxEsJ3j1qgUCE_AJKatddv6qg@mail.gmail.com> <D8B4BE5D-AA66-4B83-92D0-5A425D7CF8DF@gmail.com> <CAMMESsxLZ3uEWxRE9Cs+Rp5Rym=LXJwwP1ML6Mn8-YqsZK5x9A@mail.gmail.com>
To: Alvaro Retana <aretana.ietf@gmail.com>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsvr/avlEZX-5BP0525q99hCgwdtbP9o>
Subject: Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-11.txt
X-BeenThere: lsvr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Link State Vector Routing <lsvr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsvr>, <mailto:lsvr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsvr/>
List-Post: <mailto:lsvr@ietf.org>
List-Help: <mailto:lsvr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsvr>, <mailto:lsvr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Feb 2023 17:15:00 -0000
Hi Alvaro, > On Feb 17, 2023, at 8:00 AM, Alvaro Retana <aretana.ietf@gmail.com> wrote: > > On February 15, 2023 at 2:41:08 PM, Acee Lindem wrote: > > > Acee: > > Hi! > > > ... >>>> 2. Initial synchronization - we need to discuss this in the draft >>>> and potentially add an option to require this, such as the IS-IS >>>> suppress adjacency option. I don't think we'd want to require >>>> this as it would limit deployment. >>> >>> I didn't find anything about this in -18. >>> >>> Thinking out loud. The End-of-RIB marker from rfc4724 could be used >>> as a default behavior in BGP SPF (for this specific SAFI) without a >>> Capability. I know that Graceful Restart is not supported -- the >>> suggestion is to only use the End-of-RIB marker part of rfc4724. >> >> We added requiring EoR synchronization as an option. This change impacted >> mainly section 4 but other sections were modified as well. > > It seemed weird to me that the EoR was introduced there (BGP Peering > Models), in a mostly informative section and not as a general option. > It looks like using the EoR is an option in all cases -- and then > there's §10.1.2 which has general applicability (but still says > "depending on the peering model"). > > It would be better if you specified (Normative language) things only > one. The use of of "MAY be required" is confusing because a > requirement is a MUST... > > Here's a suggestion for text in §10.1.2: > > OLD> > 10.1.2. Adjacency End-of-RIB (EOR) Marker Requirement > > Depending of the peering model, topology, and convergence > requirements, an End-of-RIB (EoR) Marker marker [RFC4724] for the > BGP-LS-SPF SAFI MAY be required from the peer prior to advertising a > BGP-LS Link NLRI for the peer. If configuration is supported, this > SHOULD be configurable at the BGP SPF instance level and SHOULD be > configured consistently throughout the BGP SPF routing domain. > > > NEW> > 10.1.2. Adjacency End-of-RIB (EOR) Marker > > An End-of-RIB (EoR) Marker [RFC4724] for the BGP-LS-SPF SAFI MAY be > expected prior to advertising any BGP-LS NLRI received from the peer. > This option SHOULD be configurable at the BGP SPF instance level and > should be enabled consistently throughout the BGP SPF routing domain. > > A failure to consistently configure the use of the EoR marker can > result in transient micro-loops and dropped traffic due to incomplete > forwarding state. > > > You should be able to remove the related text from the other sections. We’re fine with the text you suggest. We realize that you would have liked EoR to be mandatory but we didn’t want to do that at this point. > > The new text in §4.3 (without the EoR-related example) is: > > The controller MAY use constraints to determine when to advertise > BGP-LS-SPF NLRI for BGP-LS peers. These constraints are outside the > scope of this document and, since they are internal to the controller, > need not be standardized. > > s/MAY/may : the constraints are out of scope, so we can't Normatively > point at them. Agreed. > > > > BTW, the title of §4 should be "BGP SPF Peering Models" (not "BGP > Peering Models"). Agreed. > > > > ... >>>> 4. Single session requirement for BGP-LS. Right now we don't >>>> prevent this. >>> >>> As with BGP-LS, it would be nice if you (at least) RECOMMENDED it. >>> Given the peering models and that they don't map to "normal" BGP >>> deployments, it would be nice to have that separation. >>> >>> This is the related text from rfc7752bis (especially the last sentence): >>> >>> Distribution of the BGP-LS NLRIs SHOULD be handled by dedicated route >>> reflectors in most deployments providing a level of isolation and >>> fault containment between different BGP address families. In the >>> event of dedicated route reflectors not being available, other >>> alternate mechanisms like separation of BGP instances or separate BGP >>> sessions (e.g. using different addresses for peering) for Link-State >>> information distribution SHOULD be used. >>> >>> As you mention, any peering configuration is ok, nothing is prevented. >>> >>> BTW, I noticed that you borrowed the "AFI/SAFI disable" text from >>> rfc7752bis; §7.2 now reads: >>> >>> ... >>> such malformed NLRIs as 'Treat-as-withdraw'. In other cases, where >>> the error in the NLRI encoding results in the inability to process >>> the BGP update message (e.g., length related encoding errors), then >>> the router SHOULD handle such malformed NLRIs as 'AFI/SAFI disable' >>> when other AFI/SAFI besides BGP-LS are being advertised over the same >>> session. Alternately, the router MUST perform 'session reset' when >>> the session is only being used for BGP-LS-SPF or when its 'AFI/SAFI >>> disable' action is not possible. >>> >>> The recommendation above (for a separate BGP-LS-SPF session) would be >>> a good follow up to this too. >> >> Added this to section 4.2: >> >> However, since there are BGP sessions between every directly-connected node >> in the BGP SPF routing domain, there is only a reduction in BGP sessions when >> there are parallel links between nodes. Hence, this peering model is >> RECOMMENDED over the single-hop peering model Section 4.1. > > This is fine, but we're talking about different things: > > - the new text in §4.2 talks about a single session between routers, > which is good. > > - I'm talking about a BGP session carrying ONLY BGP-LS-SPF routes. > Nothing else. This avoids an error in a different AFI/SAFI that may > result in a session reset affecting BGP SPF...and vice versa. That is > what the text above (from rfc7752bis) says Are you talking about this text from RFC 7752BIS? In the event of dedicated route reflectors not being available, other alternate mechanisms like separation of BGP instances or separate BGP sessions (e.g. using different addresses for peering) for Link-State information distribution SHOULD be used. Thanks, Acee > . > > > Thanks! > > Alvaro.
- [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-11.txt Acee Lindem (acee)
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Alvaro Retana
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Alvaro Retana
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Alvaro Retana
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Alvaro Retana
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Acee Lindem
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Acee Lindem
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Alvaro Retana
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Alvaro Retana
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Acee Lindem
- Re: [Lsvr] AD Review of draft-ietf-lsvr-bgp-spf-1… Acee Lindem