Re: [Lsvr] Alvaro's Remaining Comments: New Version Notification for draft-ietf-lsvr-bgp-spf-27.txt
Alvaro Retana <aretana.ietf@gmail.com> Thu, 31 August 2023 15:36 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: lsvr@ietfa.amsl.com
Delivered-To: lsvr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12334C14CF15; Thu, 31 Aug 2023 08:36:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QTe4Od9c1FZV; Thu, 31 Aug 2023 08:36:36 -0700 (PDT)
Received: from mail-pf1-x433.google.com (mail-pf1-x433.google.com [IPv6:2607:f8b0:4864:20::433]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D775C151066; Thu, 31 Aug 2023 08:36:36 -0700 (PDT)
Received: by mail-pf1-x433.google.com with SMTP id d2e1a72fcca58-68a42d06d02so774237b3a.0; Thu, 31 Aug 2023 08:36:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1693496195; x=1694100995; darn=ietf.org; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:from:to:cc:subject:date:message-id:reply-to; bh=9mZsIe2KfL1GiUsZ9/mjxyMemy/KD4bUh/RLKqouRK4=; b=Q2Chd6XOAAQ/bSNkq9MfoQJKL81nqVVEGhxlSlhNIT6d3ejIwqRCAnqBVyNDX7JFzI CRwaKbjG32Mlt9f6WzfNsNmpoSzM/oyw87UruDToZ1W6wDstQOfV1dCi/3IaYlTZGS7p fSoaGgm8abiorbI/Rh444GG7M/F/B0FIJMCvI0iRxCx5f+kAC5ofR7E9v1jkCPqSL6Qw 3CaCrDkDjccG9giu2A1Oxw9AhrWL0oeWVTxV1m4+FTeJxYMB1QiYAx8wIUpGl76QlBP1 qAcRfziBV9+ufqhqM55zUXZ9nroCCt/0tz0X5MuotoIHEZ8yUfE+XDb0+wcCggA8x3Y7 n47g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1693496195; x=1694100995; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=9mZsIe2KfL1GiUsZ9/mjxyMemy/KD4bUh/RLKqouRK4=; b=Y5t+OV6thNlWljreunz2nDQSCSZLei5+7wQwMo8dIpa/3KXgfTZo3i9deu9fy+17bx vH/JK7Pi08/YvYYc7ED9X0iYQIIU3Q2wGwZgmTMw4F3t1LfBhdFQm8KWgDUXWqiYs99p a14nNcO7cVh7MkqUTlAvKmoqSf7Zx9O4KD1mAd0R/bZ23SOb6+YIOGi/QQQSRJXtq3YA M7KThr/m4h18g2VyC3pkt3mUv+0W172rlYZW7ufG9zD3fNzUlVKWlsyF1nfEXDG+CqLb ZnkijGtugPB0sqAl6l5th7vgryMkBDnDOKjuxUD2t98LuSSV2Wihn0NDtC2OijSRHnNt Hwhw==
X-Gm-Message-State: AOJu0Yye94sDlh/Hbf/dPoC1m/1dBswFxcuysWe4ThSAUJ1tEGOELz3m VZRHGcH/j6aSGlXVA+swfDZ+TJe9N8bg6WkAOHQ=
X-Google-Smtp-Source: AGHT+IFhUO8mOv9qVJxoxmYyZ20E9bxHYcu6DduuuiIuRLl1tvpdjwDnRljo6+G3Fu/0hSp+SJU+hFBS6+iWt7jmQDI=
X-Received: by 2002:a05:6a00:b83:b0:68a:69ba:6791 with SMTP id g3-20020a056a000b8300b0068a69ba6791mr48718pfj.8.1693496195591; Thu, 31 Aug 2023 08:36:35 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Thu, 31 Aug 2023 08:36:34 -0700
From: Alvaro Retana <aretana.ietf@gmail.com>
In-Reply-To: <CAMMESsyoa2ZVcX9k22x2ytgKT482DCOkDFGhHej2UOSz_MgUjQ@mail.gmail.com>
References: <169039355480.3375.9650340417091158442@ietfa.amsl.com> <EE87B1E7-38C3-4B15-BA6B-E82114735C6B@gmail.com> <CAMMESsyoa2ZVcX9k22x2ytgKT482DCOkDFGhHej2UOSz_MgUjQ@mail.gmail.com>
MIME-Version: 1.0
Date: Thu, 31 Aug 2023 08:36:34 -0700
Message-ID: <CAMMESswKxzxBKVZyMbyPEucZvTDG2Faoe8gYsJg5=EjbKiUHqQ@mail.gmail.com>
To: Acee Lindem <acee.ietf@gmail.com>
Cc: james.n.guichard@futurewei.com, "lsvr@ietf.org" <lsvr@ietf.org>, Keyur Patel <keyur@arrcus.com>, lsvr-chairs@ietf.org
Content-Type: multipart/alternative; boundary="0000000000002ab235060439cf26"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lsvr/i4DX1agSlmCCzASGtBNLHbEk2HY>
Subject: Re: [Lsvr] Alvaro's Remaining Comments: New Version Notification for draft-ietf-lsvr-bgp-spf-27.txt
X-BeenThere: lsvr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Link State Vector Routing <lsvr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lsvr>, <mailto:lsvr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lsvr/>
List-Post: <mailto:lsvr@ietf.org>
List-Help: <mailto:lsvr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lsvr>, <mailto:lsvr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Aug 2023 15:36:41 -0000
Hi!
I looked at the diffs from -27.
Thanks for addressing the issues with the next hop and the link identifiers
-- I have a nit with this last part:
§5.2.2:
...discovering the Link Remote Identifier is beyond the scope of this
document. ...it is RECOMMENDED that the Link Remote Identifiers be
known
(e.g., discovered using alternate mechanisms or configured) in the
presence of parallel unnumbered links.
Leaving the discovery out of scope is fine. However, making it normatively
RECOMMENDED is a contradiction (because it is out of scope).
s/RECOMMENDED/recommended
My only major issue left is the text from §7.4 that can result in endless
session resets and provide an easy vector to affect the network's
stability. See below.
Thanks!
Alvaro.
On August 2, 2023 at 2:53:35 PM, Alvaro Retana (aretana.ietf@gmail.com)
wrote:
...
The new section says this:
7.4. BGP-LS-SPF Link State NLRI Database Synchronization
While uncommon, there may be situations where the LSNDBs of two BGP-
LS-SPF speakers lose synchronization. In these situations, the BGP
session MUST be reset. The mechanisms to detect loss of
synchronization are beyond the scope of this document.
Resetting the session should result in a resync, so it is not a bad
recommendation. [A route refresh could also be used.]
All the cases of BGP-LS drop and treat-as-withdraw specified in §7.1 lead
to loss in synchronization and resetting the session won't necessarily fix
the problem. In the specific case of §5.1.2 (where the BGP-LS attribute is
discarded because of the message size) the action will result in the
session bouncing forever -- and all the other routes being lost,
potentially leaving a part of the network without any reachability.
A rogue node can then remove the BGP-LS attribute, or manipulate the TLVs
to cause any other error to affect the whole session -- not just a single
route. IOW, the impact is beyond that is mentioned in the Security
Considerations:
If an authorized BGP peer is compromised, that BGP peer could advertise
modified Node, Link, or Prefix NLRI which result in misrouting,
repeating
origination of NLRI, and/or excessive SPF calculations.
- Re: [Lsvr] Alvaro's Remaining Comments: New Versi… Alvaro Retana
- Re: [Lsvr] Alvaro's Remaining Comments: New Versi… Alvaro Retana
- Re: [Lsvr] Alvaro's Remaining Comments: New Versi… Acee Lindem