IETF Logo Mail Archive

Re: Robert Wilton's Discuss on draft-ietf-bfd-unsolicited-11: (with DISCUSS and COMMENT)

Jeffrey Haas <jhaas@pfrc.org> Tue, 20 December 2022 01:20 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5563C1524CC; Mon, 19 Dec 2022 17:20:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Em9FcLDz6-z; Mon, 19 Dec 2022 17:20:03 -0800 (PST)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 48481C14CE5D; Mon, 19 Dec 2022 17:20:03 -0800 (PST)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 474FA1E373; Mon, 19 Dec 2022 20:20:02 -0500 (EST)
Date: Mon, 19 Dec 2022 20:20:02 -0500
From: Jeffrey Haas <jhaas@pfrc.org>
To: "Rob Wilton (rwilton)" <rwilton@cisco.com>
Cc: The IESG <iesg@ietf.org>, "draft-ietf-bfd-unsolicited@ietf.org" <draft-ietf-bfd-unsolicited@ietf.org>, "bfd-chairs@ietf.org" <bfd-chairs@ietf.org>, "rtg-bfd@ietf.org" <rtg-bfd@ietf.org>
Subject: Re: Robert Wilton's Discuss on draft-ietf-bfd-unsolicited-11: (with DISCUSS and COMMENT)
Message-ID: <20221220012001.GA5534@pfrc.org>
References: <167086459809.47152.7191645317039213428@ietfa.amsl.com> <20221216173742.GF23286@pfrc.org> <BY5PR11MB419691B9736C86057F356C58B5E59@BY5PR11MB4196.namprd11.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <BY5PR11MB419691B9736C86057F356C58B5E59@BY5PR11MB4196.namprd11.prod.outlook.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/OTqGtbtB2EihByraanqRCO-a1UM>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Dec 2022 01:20:04 -0000

Rob,

On Mon, Dec 19, 2022 at 11:37:12AM +0000, Rob Wilton (rwilton) wrote:
> You are correct that in the case that the client has not configured an entry in  "... bfd:bfd/ip-sh/interfaces" then this list element does not exist, and hence it seems that the global value would take effect.
> 
> But if the client configured anything under that subtree tree (e.g., if they choose to configure "... bfd:bfd/ip-sh/interfaces[eth0]/authentication/key-chain" then those other defaults values would suddenly come in effect (even if not explicitly configured by the client) and logically override the global values for those interfaces.  Is this the intent?   I would think that it might be somewhat surprising.  Normally, for hierarchical configuration, I would only expect the per-interface settings to override a global setting if the per-interface setting has been explicitly configured.

In trying to filter this through the Principle of Least Astonishment, I'm of
mixed opinions which side a default on interface configuration that
overrides global configuration would be.  I've seen it both ways in various
configuration paradigms.

I'm insufficiently versed in such inheritance examples in other IETF models.
If the YANG doctors have any thoughts here, they'd be highly pertinent.

In the absence of a conflicting paradigm, the behavior covered by the
default false on more specific configuration is that it fails in a safe
fashion.  If global configuration is present, and is in this very permissive
mode, any per-interface override is probably being made for particular
reasons.  If you override global in some places, doing so in others somewhat
makes sense.

That said, let's see what the authors' collective intents are.

> I think that SHOULD is clearer than MAY, or another way of stating this could be:
> 
> ".., the passive side SHOULD* create a matching BFD session toward the active side, unless not permitted by local configuration or policy."

While more succinct, the implication is fail-open without policy.  (Shades
of the subtleties that got us RFC 8212.)

Perhaps instead:
"..., when permitted by local configuration or policy, the passive side
SHOULD create a matching BFD session toward the active side" ?


-- Jeff

v2.23.0 | Report a Bug | By Email