AD review of draft-ietf-bfd-unsolicited-09
John Scudder <jgs@juniper.net> Tue, 23 August 2022 16:37 UTC
Return-Path: <jgs@juniper.net>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47099C1594B8; Tue, 23 Aug 2022 09:37:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.665
X-Spam-Level:
X-Spam-Status: No, score=-2.665 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_HTML_ATTACH=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=Pdqpkw2f; dkim=pass (1024-bit key) header.d=juniper.net header.b=Di7E5rgH
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y-mIHLsdkL76; Tue, 23 Aug 2022 09:37:19 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFEDFC14CE29; Tue, 23 Aug 2022 09:37:18 -0700 (PDT)
Received: from pps.filterd (m0108163.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 27NEpgqY019404; Tue, 23 Aug 2022 09:37:17 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : content-type : mime-version; s=PPS1017; bh=b1bma5iWXeNyN8OIMoznq59GBAwVneP5x9NFq80AHIE=; b=Pdqpkw2fK2HfsZafEGWI2oDqYbu7i85g86KruE+eloJCsiUjIWE+k992JubXy07PeN7m M8jXhVH07uO8BNYcy6x+5gd4LMP+wfyrUExnnkK25jgU5LnKMm1IgT9F0h9js5OdnJB7 cJ/+u5PR1Xuq9hCKEvgDNW5DyVUSJ9tw/GwreZxUzVJvh+uHb4SvJqosBG8XkraOwDrA HzgY714jOQCbntpzZaU24A1QYGdSzDo7GIC4ntFjo7+YXVJ7xdODorKqA6V8UQX9srvz AwJLHQNVGg4cD8xXb+PB0HEuOjz3oz/Ms9zsyVmxsoNJSqqmD/THz7FjRiw2Ao0/l3Qx 8g==
Received: from nam12-bn8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2173.outbound.protection.outlook.com [104.47.55.173]) by mx0b-00273201.pphosted.com (PPS) with ESMTPS id 3j511e08gs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 23 Aug 2022 09:37:17 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S+j2Tu8RF4mTYU/nyfhhHcTl8FZCnPy069vLV8phyxpbs9TmjtOevEQ/jSaNS8coeldSWNjR7RiOIv9yXhJ2nTJtrjYfUbDItYwo5XtzdVi196PKamVkR2XE4XGDYOcfnQuA4Z3eeHo8gRzI1m7lKSNXO37unStNOEGL2SgFwdNx3RHRc97hReAYyqXW5iCQ8misYkQnq42aZqiTQuynZxKLMB22CqG5QvKdobb7Co0nOv1WTalUjRL5BJmWkowQou8VhI9oRZaLnOr5/bN3kcKYOCfiVj+RTax+WHtPgKGD81PqGuj4Nh+LKazZZlbxfNRz57g6qu03qTzIvtdczg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=b1bma5iWXeNyN8OIMoznq59GBAwVneP5x9NFq80AHIE=; b=ecFcJG81GX01sOP1vjI9aBg62jM2CeKJLD8yhMgqUpAE8S9blY93Tjb9XYrF2x8tACFbK4VZ0/qLXvTjWw0vjWIvBnNbgHXyoUiTJfmgK+pP44tqOSZmsvCLbIFqkPyn6gRb85rCPzw1R0gKUbgIG7FqxoLjtxGPirpkTQFbCKxD2UMZWo/UT+jS5cFklGkVonPI8lUbIySsMz17QztLQWbe3BOuNUqPNxPVFs1y5o7mX6ivvtR0W5DqqQHSoH8mXObLycy1mUMKV0PVFwa7C7C9Dlgz0SPDjHbedrxdJRNFbhENXYIyP7oTAAYR8l/1RZ5tRfcZZAqh2xlAMRLoyg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=b1bma5iWXeNyN8OIMoznq59GBAwVneP5x9NFq80AHIE=; b=Di7E5rgHYHKvQLt10V+A8rvzUSVLHv1XOtT27RQ7JLaJ5yA9w2nAl9j26Hq5fiARSiWTkHIhxKekjUwbmdczc6i590ZlYaRgk2Wb5o75Rx8MrsozzayfHiAf7MD76UYBrA9iHkj5v+cDRxJpM62Jm/AQxobDrxuuG8o0eqaXJwc=
Received: from MN2PR05MB6109.namprd05.prod.outlook.com (2603:10b6:208:c4::20) by CY4PR0501MB3700.namprd05.prod.outlook.com (2603:10b6:910:91::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.14; Tue, 23 Aug 2022 16:37:13 +0000
Received: from MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::399f:38aa:b39c:1502]) by MN2PR05MB6109.namprd05.prod.outlook.com ([fe80::399f:38aa:b39c:1502%4]) with mapi id 15.20.5566.004; Tue, 23 Aug 2022 16:37:12 +0000
From: John Scudder <jgs@juniper.net>
To: "draft-ietf-bfd-unsolicited@ietf.org" <draft-ietf-bfd-unsolicited@ietf.org>, "rtg-bfd@ietf.org" <rtg-bfd@ietf.org>
Subject: AD review of draft-ietf-bfd-unsolicited-09
Thread-Topic: AD review of draft-ietf-bfd-unsolicited-09
Thread-Index: AQHYtw6YzP4b7TOBt0eP/OpawkEwJQ==
Date: Tue, 23 Aug 2022 16:37:12 +0000
Message-ID: <6307C269-DB07-4CA1-807E-8B26458DA240@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3696.120.41.1.1)
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 92cdc0dc-33d5-4c8e-5d9c-08da8525bb4a
x-ms-traffictypediagnostic: CY4PR0501MB3700:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: TQ18PsHDEME2e68NeF0b2VFzRVODKJtBLn99hG3tPFKMUWNYrcCkmfruae5UIG3C1i6HnMxiMEAzA94PtlXWVYZy7Kkcb0903hYV7PS+Gs0g2I5on5y9x8MoTTsmed61cTVt25X9wNuM8T1ih80SL6rlp9O79paH6vFQHiZ2LZC6viuJJOTZla6EIYfp5Lk4SdiwTnaHBeHgUBtCeFIXpdeFg3uyK2EKotbcJF9j0CtIZUC7SmVK/kBXzfmxt+whPFjQzCvrA0uYmKmyuIiRV9CvzEUN8VsI3COrjQUwLMdxUyvcRHcSbcv+r4S57bSAc5ov072uFIuDo8GAtcMkXnV2T0boGiVNRf+N9MJWMJOAnanB5s/vHa1qWANYaWaTxIjZJjlzlkCw2QjX8ssHRvn8AyZwSWBVWsqnb0w+GaVuHwQs3W6Wb0LD9q79f7iLF7zpge3ExB8O3quG1SqwTwyEyC0gNzRcSpBcGWWm2K4ZJ3l2hO8enD4IfRPpnjzL02sCuXMedmRoBimbJGxZWBOoscmm80N0LaAFVozij0No0eqKE5txUEbtAx13oL+8IWzaMeYjH01h33omL5I1awLsBw14+hJF+jN5Zinyg1KfyAW78QR8dZ4JYNoHJAMABtnpecd9IPWLJoQyaJHTjyJuoGDSZ1GfI0LCa+PH/iiA5u2Ll3+Jjl0726Dn8LeTCPG8YdXWAd+YOLXgJ1BJUGOZVyeYoO9MA2tnSTpddFxFHqPecngez33e0SBC/nUrIBZ1Jl1h+lEp4Xp4QES51B8sA6+VFfNfkFXUzBEC/oM=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR05MB6109.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(396003)(366004)(136003)(376002)(39860400002)(346002)(83380400001)(86362001)(38070700005)(33656002)(66476007)(38100700002)(122000001)(99936003)(71200400001)(66946007)(64756008)(6486002)(91956017)(8936002)(66556008)(76116006)(66446008)(8676002)(450100002)(478600001)(30864003)(5660300002)(110136005)(316002)(6506007)(2906002)(66574015)(186003)(2616005)(6512007)(26005)(36756003)(41300700001)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: gemGcr+am/5wXKTzMmzikszNUTUcHuK6+QbKzw406yPSRhx9iTccuRCCe8ax9vkay59O1rBsKne34FXrve+zeOy2JqeZtxmWL1bxcu5S9H5PcpDL4B+Y6CslypdDh6fpZiUHAcdhezwRySr6Ry7ClKrCQGLGEMQtHdxd8Q/e+iQrnUMPwK0PwykOq1BH7PntVRMlatfCUNovgDXMkWKuXlBx6P0naxW2UrSUwLAuPtWqZI1zhIycm+SJkWoh4FSUMJsia35iPti3ZmYLzIlwZFeheOzLr/vvRZ6sh/umTc3ty7M6Ph06dXYXzhTDGNSy8kuolL0TFEOoQtxGjJL8xoKIFgZXl7NHRr4cFJl9K01LIXPSTFKGsscHoq3XTP7a/91Y/w4uSnjSDWvMPSpcRPxuT2rRFpXPrBIdWMGCTWNvq6mq8jN6hf54O/S5d3nEpXNfKvMeP1WTjP/3ObJrTRuCBFX1G2y+0t3mUR6gaJXjmIV3+G4CIQRkJAYIa3w+n1cQEkzAyUMxSA5+EzawovgRxVEouZT00JLGg1kcD1Frz/o5tG0+JtnpsViEkB0t+usieEMSj2w7O3YeCOgjXoGAGsNljzDUZ95DF5q2cHpDWW8RIyoi/vpDSFcrq9qdWyggfvRHZUjC+CAEIgYbRClQHghfTI1kImCjZeq/+fEqDBVW/tXyq+E/WpbKc9koV7rBt26cu4V/l/5c7x4vaMMiLj4b72JhTEExyUfnbHEUIBMFdwGEqKRO+FOr+l8XP1X3j+NTMy3SfDl8Zb0NKtKZNEuKtwojZEu85gw4vVw47F4JaIMrq+0fRTU+kehH9nncVDBNhNeXirU3lSRjv8db+NrEQREH8NugKG3EHZ7H1BEKrgKDtSlaiCL3C6IlZsme4wzoUyE+5v7/9yrS0YbGtd578rRUNZZ741iT59FUip7jIVjP/6JNdCZZmgXrUR7ZW2+/h801b/2IN4OtDYSJCsMUzp0IxqDtqSA2jPMopYGVrHlHVy9Kj4xgYr+huILzlT6A3lg51+ZCCIQ/tcuv8nbp0CxBWTje1+HDsCoM+o0yfMpjA0FtzNx5ZZkPR7VvMnr3TAPlQi8/BZGmuIDaxeLIx+giPRo1GD3Q/fODkgAfH+59yxN3mnpLO+IGMsZ07fDuKbZXPa3b+VghkPMhk6zAVKsZA8uf2R56wbYnGzi20w2ntGflwt1q/LJMw6HyFEaSv6ZthLti2oaWg0y8nF9mn0JrB+d/qLXbLmonb29zMNdgH0DXg+2fkGo2/LMwJ/770gza9bEtuAiTHPDOZ79bDlJjJoSCNx5sG8YVEY2CUSuPWDBUdfJ5+0vP7GaKdty1X/RPdvkOXYIYi2JS/9KcL9xHibCzv5SF69yCZlwwLhR9axYJj2zxKbvE0ZREtN6WiNb7d4d2CNH521F+Z8/4lr1g9yRP4jYtQUXbOblv3IQmJ1uKrerlKkIHLhmlsw7p8ir8KblRPMqVhf/SNUBYU+7NRp+GC0Y1TMH5tt7j0oCttNYY+MihOrzLHdXvWDFEBNv9oiLYs9cqAM1zjAFu8L+ayApBThdqwPqVO58izvaEoV7mtIpDO5+j
Content-Type: multipart/mixed; boundary="_005_6307C269DB074CA1807E8B26458DA240junipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR05MB6109.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 92cdc0dc-33d5-4c8e-5d9c-08da8525bb4a
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Aug 2022 16:37:12.8374 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: u2SWQrDw9jvsN+ZPgQJmeWp5n3sjCwcwE7ocIpDgBiL+sG2kVlkSfNTAEIMWZ9ah
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR0501MB3700
X-Proofpoint-GUID: mxw7R7_ijaGIE_sOxQKRFGzWfTr_n9-9
X-Proofpoint-ORIG-GUID: mxw7R7_ijaGIE_sOxQKRFGzWfTr_n9-9
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-08-23_07,2022-08-22_02,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxlogscore=999 mlxscore=0 phishscore=0 priorityscore=1501 clxscore=1011 malwarescore=0 lowpriorityscore=0 spamscore=0 bulkscore=0 adultscore=0 suspectscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2207270000 definitions=main-2208230066
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/DKi_gZHjquy9bnQhIC-pZafw1VQ>
X-Mailman-Approved-At: Tue, 23 Aug 2022 09:40:38 -0700
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Aug 2022 16:37:24 -0000
Dear Authors,
Thanks for your patience. Here’s my review of your document. There are some questions I’ve raised that will need some discussion before I can be sure I’ve properly understood the doc.
I’ve supplied my questions and comments in the form of an edited copy of the draft. Minor editorial suggestions I’ve made in place without further comment, more substantive questions and comments are done in-line and prefixed with “jgs:”. You can use your favorite diff tool to review them; I’ve attached a PDF of the iddiff output for your convenience if you’d like to use it. I’ve also pasted a traditional diff below in case you want to use it for in-line reply. I’d appreciate feedback regarding whether you found this a useful way to receive my comments as compared to a more traditional numbered list of comments with selective quotation from the draft.
Thanks,
—John
--- draft-ietf-bfd-unsolicited-09.txt 2022-08-17 20:43:32.000000000 -0400
+++ draft-ietf-bfd-unsolicited-09-jgs-comments.txt 2022-08-23 12:27:35.000000000 -0400
@@ -19,7 +19,7 @@
For operational simplification of "sessionless" applications using
BFD, in this document we present procedures for "unsolicited BFD"
- that allow a BFD session to be initiated by only one side, and be
+ that allow a BFD session to be initiated by only one side, and
established without explicit per-session configuration or
registration by the other side (subject to certain per-interface or
per-router policies).
@@ -128,13 +128,17 @@
the Router Server), and the nexthop of each router must be present
at the same time. These issues are also discussed in
[I-D.ietf-idr-rs-bfd].
+
+jgs: I don't get what you're driving at with "and the nexthop of
+each router must be present at the same time", isn't that already
+covered by the previous clause?
Clearly it is beneficial and desirable to reduce or eliminate
unnecessary configurations and coordination in these "sessionless"
applications using BFD.
In this document we present procedures for "unsolicited BFD" that
- allow a BFD session to be initiated by only one side, and be
+ allow a BFD session to be initiated by only one side, and
established without explicit per-session configuration or
registration by the other side (subject to certain per-interface or
per-router policies).
@@ -149,11 +153,11 @@
Thus we believe that this proposal is inherently simpler in the
protocol itself and deployment. As an example, it does not require
the exchange of BFD discriminators over an out-of-band channel before
- the BFD session bring-up.
+ BFD session bring-up.
- When BGP Add-Path [RFC7911] is deployed at an IXP using the Route
- Server, multiple BGP paths (when exist) can be made available to the
- clients of the Router Server as described in [RFC7947]. The
+ When BGP Add-Path [RFC7911] is deployed at an IXP using a Route
+ Server, multiple BGP paths (when they exist) can be made available to the
+ clients of the Route Server as described in [RFC7947]. The
"unsolicited BFD" can be used in BGP route selection by these clients
to eliminate paths with "inaccessible nexthops".
@@ -177,6 +181,43 @@
its BFD Control packets. The "My Discriminator", however, MUST be
chosen to allow multiple unsolicited BFD sessions.
+---
+jgs: The intent of this paragraph isn't completely clear to me. Of
+lesser importance, the parenthetical is a bit awkward. Would the
+rewrite below accurately capture your intent? Note that I changed
+your SHOULD to a MUST -- if it does need to be SHOULD, I think we
+ought to have a conversation about what the exception cases are.
+
+ Passive unsolicited BFD support MUST be disabled by default, and
+ MUST require explicit configuration to enable.
+
+I think that may be sufficient! I'm not convinced it's necessary for
+the spec to talk about global vs per-interface configuration, isn't this
+a commonplace in most implementations, and done in an implementation-
+dependent way? It seems to me that if you DO feel it necessary to go
+into this level of detail, you've left out the idea of per-interface
+configuration overriding global configuration. So if you DO cover
+configuration here (again, I discourage this), I think you should add
+something about that point. Here is some text that might do it?
+
+ It MAY be enabled using a global configuration option (which applies
+ to all interfaces), or by per-interface configuration, or a choice of
+ either. If both global and per-interface configuration are in use,
+ the more-specific (that is, per-interface) configuration SHOULD
+ take precedence over the less-specific (that is, global).
+
+ Similarly, the BFD parameters to be applied can be either
+ per-interface or global. Alternately, the parameters to be used
+ MAY be chosen to be the parameters the active side uses in its BFD
+ Control packets. The "My Discriminator" value, however, MUST be
+ chosen to allow multiple unsolicited BFD sessions.
+
+One more question, does the spec need to be at all prescriptive about
+how the parameters are chosen? Or would it be perfectly fine for an
+implementation to (for example) always use the active side's params
+and not offer any configurability?
+---
+
The active side starts sending the BFD Control packets as specified
in [RFC5880]. The passive side does not send BFD Control packets.
@@ -190,7 +231,7 @@
BFD session. If the BFD session fails to get established within
certain specified time, or if an established BFD session goes down,
the passive side would stop sending BFD Control packets and MAY
- delete the BFD session created until the BFD Control packets is
+ delete the BFD session created until the BFD Control packets are
initiated by the active side again.
When an Unsolicited BFD session goes down, an implementation MAY
@@ -215,6 +256,58 @@
for unsolicited behaviour) MUST be set to NULL if present on the
interface.
+jgs: I think we need to discuss just what exactly UnsolicitedRole is
+for and how it's expected to be used. It's "a new state variable"
+that is "the operational mode". That is fairly vague. Per a side
+conversation I had with the shepherd (Jeff), I'm given to understand
+that this variable is supposed to be a read-only (from the user's
+perspective) value, and is present as essentially a debugging aid --
+to answer the question "where did this session come from?". I guess
+the values would then map to,
+
+PASSIVE: it came up because we were configured to accept unsolicited
+sessions, and one arrived.
+
+ACTIVE: it came up because we were configured to initiate sessions, and
+we did initiate one, and it came up.
+
+ Question: Do we set this state variable even if the other end isn't
+ actually passive? Presumably so, we have no way to know if the other
+ end even has unsolicited configured. If both ends are active, can
+ the session really be called "unsolicited" in any meaningful way?
+ (Surely not.) And if not, then does it really make sense to set a
+ variable called "bfdUnsolicitedRole" for it?
+
+NULL: I actually have no idea what this is supposed to indicate, since
+if I'm right that this is meant to tell me "here's why the session came
+up" it has to be one, or the other. So either NULL is not useful, or my
+understanding is wrong. The fact that in the YANG, unsolicited-role
+captures "active" and "passive" but has no consideration for this NULL
+thing, deepens my suspicion.
+
+First, let's get me to understand what bfd.UnsolicitedRole is for -- if
+my description above is more-or-less accurate, or not. After that, we
+can work on any changes that might be needed.
+
+
+
+jgs: As far as I can tell, all the new procedures in this document
+relate to the passive party -- the active party is configured per
+RFC 9127 (and its underlying specs). As such, I'm having a hard time
+understanding what use the ACTIVE value has -- you don't say what to
+do if UnsolicitedRole is set to ACTIVE, and indeed I think there's
+nothing TO do, ACTIVE is neither sufficient, nor necessary, in order
+to make a BFD speaker be the active side in an unsolicited session.
+
+If that's right, I think both the name, and values, of this state
+variable are a bit off. It seems to me it would be better off as a
+boolean named something like bfd.UnsolicitiedEnabled or maybe
+bfd.PermitUnsolicited, with default state FALSE, which substitutes
+for what you're calling NULL, and TRUE substitutes for what you've
+called PASSIVE.
+
+Indeed, that seems to be what the YANG module already represents --
+we have a boolean, "enabled", which corresponds to what I've described.
@@ -565,24 +658,48 @@
7.1. BFD Protocol Security Considerations
The same security considerations and protection measures as those
- described in [RFC5880] and [RFC5881] normatively apply to this
- document. With "unsolicited BFD" there is potential risk for
+ described in [RFC5880] and [RFC5881] apply to this
+ document. In addition, with "unsolicited BFD" there is potential risk for
excessive resource usage by BFD from "unexpected" remote systems. To
mitigate such risks, the following measures are mandatory:
- * Limit the feature to specific interfaces, and to a single-hop BFD
+ * Limit the feature to specific interfaces, and to single-hop BFD
with "TTL=255" [RFC5082]. For numbered interfaces, the source
address of an incoming BFD packet should belong to the subnet of
the interface on which the BFD packet is received. For unnumbered
interfaces the above check should be aligned with routing protocol
addresses running on such pair of interfaces.
+
+jgs: Is the above addressed to the coder writing the implementation, or to
+the operator configuring it? I think probably it's to the coder and is
+meant to constrain how the implementation operates. If so I think (a) it
+would be helpful to consider whether some of the "should" ought to be
+RFC 2119 SHOULD or MUST, and (b) it might be a good idea to move this out
+of Security Considerations and into Procedures, perhaps with some
+elaboration.
+
* Apply "policy" to allow BFD packets only from certain subnets or
hosts.
* Deploy the feature only in certain "trustworthy" environment,
e.g., at an IXP, or between a provider and its customers.
+
+jgs: I presume the two above are deployment guidance to the operator.
+
* Adjust BFD parameters as needed for the particular deployment and
scale.
+
+jgs: Doesn't that one go without saying? If there's something more
+actionable you have in mind, you should supply more detail. If there
+isn't, I'm not sure the above is helpful.
+
* Use BFD authentication.
+
+jgs: This could also use more detail. E.g., RFC 5880 specifies no
+fewer than three different authentication modes. Are you recommending
+one? Also, some of your motivating use cases (for example, IXP) have
+the underlying assumption that there is little or no coordination
+between operators of the two ends of the BFD session. When this is
+lacking (again, think IXP) how would BFD authentication be used?
7.2. YANG Module Security Considerations
- AD review of draft-ietf-bfd-unsolicited-09 John Scudder
- Re: AD review of draft-ietf-bfd-unsolicited-09 Reshad Rahman
- Re: AD review of draft-ietf-bfd-unsolicited-09 Reshad Rahman
- Re: AD review of draft-ietf-bfd-unsolicited-09 John Scudder
- Re: AD review of draft-ietf-bfd-unsolicited-09 Reshad Rahman
- Re: AD review of draft-ietf-bfd-unsolicited-09 John Scudder
- Re: AD review of draft-ietf-bfd-unsolicited-09 Rahman