Re: [OPSAWG] [GROW] WG LC for draft-ietf-opsawg-ipfix-bgp-community

[<Thomas.Graf@swisscom.com>]

Hi Zhenqiang and the coauthors,

First of all I have to congratulate to this draft. I share the opinion that BGP communities are a very powerful information element. Correlated to the forwarding plane it gives a more detailed and granular view of the network usage then AS numbers or paths.

Looking from a MPLS VPN network provider perspective, which currently doing flow aggregation at the collector with BGP VPNv4/6 peerings to MPLS PE routers and encode inventory data into BGP communities, I have to agree with Paolo's opinion that this draft might not go far enough.

Looking just at the forwarding plane. We welcome the support of BGP standard and extended communities. To be useable for us, we would also need BGP route-distinguishers (IPFIX entity 90) and prefix/prefix length to be covered to be applicable in a MPLS VPN network. I agree with Jeffrey that the correlation from BGP local RIB to the RIB on the router is more accurate (lag, BGP local RIB vs. RIB), compared to the correlation between BGP local rib and IPFIX on a collector.

Looking at the big picture, IPFIX is just covering the forwarding plane. It is just a part of the puzzle to extract metrics from a router. The forwarding plane alone isn't enough to understand why the forwarding behavior changed in a network. BMP is covering well the routing control-plane, especially if BGP local RIB and adjacent RIB out will be covered. Streaming telemetry with yang config model covering the physical topology. From our point of view, where we want forwarding, control-plane and physical topology covered, I disagree that the BGP/BMP peering could be replaced by this draft. It will remain to cover the historical aspects of the BGP control-plane. It could be replaced if we only would care about the forwarding plane (for accounting as an example) though.

Kind regards
Thomas Graf
____________________________________________________________________________
Network Engineer
Tribe IT Clouds
Telefon +41-58-223 84 01
Mobile   +41-79-728 80 12
thomas.graf@swisscom.com<mailto:thomas.graf@swisscom.com>
____________________________________________________________________________
Swisscom (Schweiz) AG
IT, Network & Infrastructure
Tribe IT Clouds
Binzring 17
8045 Zürich
www.swisscom.com
Postadresse:
Binzring 17
8045 Zürich


From: GROW [mailto:grow-bounces@ietf.org] On Behalf Of li zhenqiang
Sent: Tuesday, February 27, 2018 5:06 PM
To: Jeffrey Haas <jhaas@pfrc.org>; Paolo Lucente <paolo@ntt.net>
Cc: grow <grow@ietf.org>; Zhoutianran <zhoutianran@huawei.com>; draft-ietf-opsawg-ipfix-bgp-community.all@ietf.org; opsawg <opsawg@ietf.org>
Subject: Re: [GROW] WG LC for draft-ietf-opsawg-ipfix-bgp-community

Hi Jeffrey Haas and Paolo Lucente,

Thank you very much for your comments and opinions. Sorry for the late response due to Chinese new year holiday.

For the first concern of Paolo, at present I have no need to know the full as path related to a traffic flow. What I want to collect is the communities related to a traffic flow, which represent the the geographical and topological related information in finer granularity than the ASes.


When the working group called adoption of this doc, IPFIX doctor, PJ Aitken's opinion answered your second concern.  He said " Per section 6 of RFC7012, new IPFIX Information Elements can be added by direct application to IANA; there's no need for a draft or RFC. However, the introduction and examples may be valuable, especially for BGP experts who are less familiar with IPFIX. I've no objection to adopting the draft."


And I totally agree with Mr. Jeffrey Haas, running BGP is not trivial for all the IPFIX collectors. BGP is heavy and it runs well in the exporters, i.e. routers. If the collector can get the needed BGP information, it can do statistics and analysis directly.


Best Regards,
Zhenqiang Li from China Mobile Research Institute
________________________________
li_zhenqiang@hotmail.com<mailto:li_zhenqiang@hotmail.com>

From: Jeffrey Haas<mailto:jhaas@pfrc.org>
Date: 2018-02-22 01:52
To: Paolo Lucente<mailto:paolo@ntt.net>
CC: Tianran Zhou<mailto:zhoutianran@huawei.com>; grow@ietf.org<mailto:grow@ietf.org>; draft-ietf-opsawg-ipfix-bgp-community.all@ietf.org<mailto:draft-ietf-opsawg-ipfix-bgp-community.all@ietf.org>; opsawg<mailto:opsawg@ietf.org>
Subject: Re: [GROW] WG LC for draft-ietf-opsawg-ipfix-bgp-community
Paolo,

I don't speak for the authors here, just my opinion.

On Wed, Feb 21, 2018 at 05:37:59PM +0100, Paolo Lucente wrote:
> One concern is that this looks a very isolated effort, ie. why communities
> and not as-path? I remember the story of this draft, it comes from field
> needs and that is in short the answer to the cherry-picking.

Partly, the usual information that people want from flow for AS information
(origin or peer AS) is already available.  The full path, no.  One certainly
could make the argument that the full path could be sent.

Since flow analyzers mostly want the active route's properties, having the
communities to go along with it is helpful.

> The second concern, the one going the opposite direction than the previous
> one, is that in future it could be tempting for somebody to repeat the
> story of this draft and add support for as-paths and/or other BGP
> attributes in IPFIX: here i see a mix-up among the original intent to
> report on data plane information with the reporting on control-plane (BGP)
> information: in other words, is (potentially) encapsulating (all) BGP
> attributes for every sampled packet/flow a valid idea? For example, is not
> BGP/BMP peering at the IPFIX collector itself much more efficient instead
> of moving control-plane info over and over again? At this propo, the
> motivation that roughly 20 years ago it was decided to make source and
> destination ASNs part of NetFlow v5 (and few years later BGP next-hop was
> added as part of NetFlow v9) is a bit weak, IMO; maybe there is more to
> it, and i’d be happy to hear about it.

Analyzers still find it handy to have source and destination AS.  This in
some cases avoids lag issues due to propagation of sniffed BGP (via iBGP
peering or BMP) for the sampling router.  Additionally, a lot of useful data
can be gathered without having BGP at all at the analyzer.

I do understand the concern, but personally find it unlikely that this is
the feared "slippery slope". [1]

-- Jeff

[1] https://en.wikipedia.org/wiki/Slippery_slope