IETF Logo Mail Archive

RE: The automatic policy exchange by draft-ietf-idr-rpd-05.txt can be used for draft-ietf-rtgwg-net2cloud-gap-analysis

Linda Dunbar <linda.dunbar@futurewei.com> Thu, 30 July 2020 15:09 UTC

Return-Path: <linda.dunbar@futurewei.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3582D3A07E6; Thu, 30 Jul 2020 08:09:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DC_PNG_UNO_LARGO=0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=-0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1OD8d6cbxNbC; Thu, 30 Jul 2020 08:09:33 -0700 (PDT)
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2101.outbound.protection.outlook.com [40.107.243.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 163923A07D1; Thu, 30 Jul 2020 08:09:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XrDaLjU/2ZwQaXHcu2BM/uhy94s4exFP/XZ4CJW9ZQzxiFRgJEHTYUR1UcXmzW3kNvA59/8CjuBFc5S1Lq6UMx7pt3ZVVszOeIUnborBX8qiJCadTWPNKLCoukLwFHsYyGarYW0Niyf87opXxfDzfz7+kbx0fTr3aSe2xX64bB4qzdBCusXOOwpiYHKRhif/yRjBEh/fzIzJdo1esMSUXCz4Vrgj18ToPDel+i1fRoZL/Mv2evaOnSUuIaZLRwmR/AdB2tGYXbW2ynn9vSpiyCu56TcEU6M+VW955kakSVGKKPHbsLb3e89dCU2rfFLXuIW80+Toa0johOt34/C68g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SZVdQMjsfdPFCi9iuX9MYTAbRiFsCQxFWcY0PLAQsJU=; b=ASIuOLMqjQ371HaKMtv+lM+hcQcoTcF7EwEqAXk+6mE+Af2x89zIpcYhZgw1JIXWeKRwGRC8cuhkQ+TNzIAV7hZkSFb5IZuv+PJKzlmaVxA2Q6Ogjo+XVaojjZWostSBD2ha5QNldx9f1ECbXKzAh4gkhUsMlctBOGB5It8u+RqX8Qqj85OrqeuhwzqpPa2WewGteryYGWiaH67PeuERJMCLnbDmDHWPHTg4SkuSxkOxAUQOIAJfGZDL52c99Gfto50eB4fEe4pNNdsnojG/ndZQ3TYLEa5QlK4uhkpePWUYeMgA6l2nPb2AcNVxig9wYxYNcVfqXAJYYLuU0Nq8Gw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=futurewei.com; dmarc=pass action=none header.from=futurewei.com; dkim=pass header.d=futurewei.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SZVdQMjsfdPFCi9iuX9MYTAbRiFsCQxFWcY0PLAQsJU=; b=WcNzMXE2i8xCjyzPF2nHMV1c1F0V9xiEJ4xHICtdJmqwYnjsdJQbm0iwPUVqrwR8iD44fPwdtLVwixwFvFyBhKqYKHZV+BRIScU3sTI4NDNUfjmaUy4QTL3wQ9szjieF8zN8UIWQt7hfZDD7Wg068YqcpuRiBydCT9nCnIJg3PI=
Received: from SN6PR13MB2334.namprd13.prod.outlook.com (2603:10b6:805:55::16) by SA0PR13MB3952.namprd13.prod.outlook.com (2603:10b6:806:72::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.12; Thu, 30 Jul 2020 15:09:29 +0000
Received: from SN6PR13MB2334.namprd13.prod.outlook.com ([fe80::783f:2d78:2f9f:3116]) by SN6PR13MB2334.namprd13.prod.outlook.com ([fe80::783f:2d78:2f9f:3116%7]) with mapi id 15.20.3239.017; Thu, 30 Jul 2020 15:09:29 +0000
From: Linda Dunbar <linda.dunbar@futurewei.com>
To: "Jakob Heitz (jheitz)" <jheitz@cisco.com>, "Jakob Heitz (jheitz)" <jheitz=40cisco.com@dmarc.ietf.org>, Robert Raszuk <robert@raszuk.net>, Lizhenbin <lizhenbin@huawei.com>
CC: "idr@ietf.org" <idr@ietf.org>, "grow@ietf.org grow@ietf.org" <grow@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: RE: The automatic policy exchange by draft-ietf-idr-rpd-05.txt can be used for draft-ietf-rtgwg-net2cloud-gap-analysis
Thread-Topic: The automatic policy exchange by draft-ietf-idr-rpd-05.txt can be used for draft-ietf-rtgwg-net2cloud-gap-analysis
Thread-Index: AdZjlzamZoUBzpwnQoWjtFtK0CpvFAAxmAKwAAOtpkAAXnR0sAAAN0jAACb5UrA=
Date: Thu, 30 Jul 2020 15:09:28 +0000
Message-ID: <SN6PR13MB2334A67242432EAF47F0716D85710@SN6PR13MB2334.namprd13.prod.outlook.com>
References: <SN6PR13MB23347FC0BC5212B52E62591385750@SN6PR13MB2334.namprd13.prod.outlook.com> <BYAPR11MB32073A8FD08FD3864751D6C6C0720@BYAPR11MB3207.namprd11.prod.outlook.com> <BYAPR11MB3207CE5CAFFF1AC8E0DDB9F3C0720@BYAPR11MB3207.namprd11.prod.outlook.com> <SN6PR13MB23349C1C9849DC4A46195CBC85700@SN6PR13MB2334.namprd13.prod.outlook.com> <BYAPR11MB3207F130C2011D77D8E7C627C0700@BYAPR11MB3207.namprd11.prod.outlook.com>
In-Reply-To: <BYAPR11MB3207F130C2011D77D8E7C627C0700@BYAPR11MB3207.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: cisco.com; dkim=none (message not signed) header.d=none;cisco.com; dmarc=none action=none header.from=futurewei.com;
x-originating-ip: [72.180.73.64]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 20445154-cefc-45f4-dad1-08d8349a8e63
x-ms-traffictypediagnostic: SA0PR13MB3952:
x-microsoft-antispam-prvs: <SA0PR13MB3952FB21617B6C929EBB8AB485710@SA0PR13MB3952.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: YDnnadEmX68uPeUUcEMnUHSkERqtUPthz/Yt9LxivPA1ptbYJbqHrDYUd/kUN2sVvksseRHQN+db55L/qi+9cQa/3oU3UnaDz6kMEGj26qUZ5Azh0h9WjM62GJ5pfyNEUUR3WQLJ9K0tHfVZTZ16/njm4IhPpm7RSx0cZ4QVwwXnFZ8PIQ+iOHoobmAPLiFcaFh7dRWMHhoBMSRV0C3PbDOxt77rIbyNDvwTNzH807g5Bus2PFtxu6yh/iWQuLr/w9HdU/sa7q7YLZIh41OrOR5bmSrugri3JN9gnXLT8aWKIO+wDonz7tg1PBQPZ9SKJchhQNbYHOkj81nd6WnDTWzmORR27Gug6ZnjEsRbAjyhzFQth0ooMFTaq7H4v9hD9+Bv47sgJDhFUfNC0BvRA8PlAeYptmYT2mx1xBplpZyEultWtgH9fdT091sCE2R2cBU/mcA0aqOhWrmlETNDOQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR13MB2334.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(366004)(39840400004)(136003)(346002)(376002)(396003)(66946007)(76116006)(66556008)(66446008)(30864003)(66576008)(64756008)(66476007)(186003)(5660300002)(44832011)(26005)(86362001)(8936002)(52536014)(71200400001)(8676002)(66574015)(6506007)(55016002)(478600001)(33656002)(966005)(9686003)(83380400001)(54906003)(110136005)(7696005)(2906002)(316002)(4326008)(99936003)(166002)(53546011)(359044002)(579004)(559001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: SC+T+MG/op89jDwkNU1IJ3Zx7ci1/sQWzITzaBjA4FOnJtCS6EbdJWIW6KVqFumceXr2r5XwqCw9JGnf58ZYjZWR5a/iNegFRjrcpSM8THIduDvhGRIOttDh26o9JYYDDwa04wfO8HoIuEV7+eoDkhnmAq6QOInpK6dyuSDIfgMfv3bmX12U+bLhtaGxt7S1TilRrtx1/Ee9ZlRnAGyp0BdoGOmhgDVwrOAUcodPd8VCwm4w+/ImLVuA2tjN/7xiUPjgkYYMN+l0eWI9bCFA8XfGm6yq9gXiVt+zNqx3rQhnZZnoNwPN3X9Feo9NZLbm8B+HsvqGjEaLq7mR188nSAuZulJGfTOUbwsPOfWk3PEq1Ikj3cQ1kobsGquJo1RYYa9Se6ocxgc7FWR9f371kyDlDyw9Ip6XQ9upP9qj669pCz5UbF5WZuTLLGjeFfzDJQD+JBRS/VJWBvOLC0eerMiMqKdKnKSv/VGkUp/CAByrdtpguXJFNCKC26vujkgF2Nrh/Xez7+xokaI0s3WVBzFpB6fUsHQHin4Og3wFQ5HXkk0hZXFTMIlRaRmV2FCt0z6qahcolDaN1zovMcBVxhPyLcrIOnmsQ1YuZsB6r3H1bFgnXdRQlyCScmCrt+bWw87nOVDH9zHAPX7myucRnw==
x-ms-exchange-transport-forked: True
Content-Type: multipart/related; boundary="_005_SN6PR13MB2334A67242432EAF47F0716D85710SN6PR13MB2334namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN6PR13MB2334.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 20445154-cefc-45f4-dad1-08d8349a8e63
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jul 2020 15:09:29.0392 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: O93GAx2MG0hfAYl4FYTZY2wMXQMRMeqFs6wkz4YUF6He3vhUjDaqyR+R64nUBow51JQh2TTWFMHr0YVkbpKMzA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR13MB3952
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/JSlJJkMtybaeAN0k1IzbVylwCvA>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2020 15:09:37 -0000

Jakob,

Don’t you think your described procedure is extremely configuration heavy and error prone?
If PE1 and PE2 is configured with FAT fingers causing the number not matching with the communities that CE10 is using, then this procedure won’t work.

Linda Dunbar

From: Jakob Heitz (jheitz) <jheitz@cisco.com>
Sent: Wednesday, July 29, 2020 3:43 PM
To: Linda Dunbar <linda.dunbar@futurewei.com>; Jakob Heitz (jheitz) <jheitz=40cisco.com@dmarc.ietf.org>; Robert Raszuk <robert@raszuk.net>; Lizhenbin <lizhenbin@huawei.com>
Cc: idr@ietf.org; grow@ietf.org grow@ietf.org <grow@ietf.org>; rtgwg@ietf.org
Subject: RE: The automatic policy exchange by draft-ietf-idr-rpd-05.txt can be used for draft-ietf-rtgwg-net2cloud-gap-analysis

By sending the appropriate community or communities with its route.

Suppose it wants CE1 to use PE1 and CE2 to use PE2, then it would
attach the communities 65000:1001, 65000:2002 to that route.
For another route, it might attach different communities.
If it wants to direct the traffic of CE4 and/or CE3,
it would attach communities for them as well.

No policies are ephemeral. They are set once and endure.
The traffic direction is done by attaching communities to routes.

(I fixed my earlier error of MED values)

Regards,
Jakob.

From: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>
Sent: Wednesday, July 29, 2020 1:27 PM
To: Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>>; Jakob Heitz (jheitz) <jheitz=40cisco.com@dmarc.ietf.org<mailto:jheitz=40cisco.com@dmarc.ietf.org>>; Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>; Lizhenbin <lizhenbin@huawei.com<mailto:lizhenbin@huawei.com>>
Cc: idr@ietf.org<mailto:idr@ietf.org>; grow@ietf.org<mailto:grow@ietf.org> grow@ietf.org<mailto:grow@ietf.org> <grow@ietf.org<mailto:grow@ietf.org>>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: RE: The automatic policy exchange by draft-ietf-idr-rpd-05.txt can be used for draft-ietf-rtgwg-net2cloud-gap-analysis

Jakob,

Thank you very much for writing down the detailed configuration.

Two questions on your suggested configuration:

  1.  How does “CE10 has full control over which CE it chooses at which site”? is it via changing the matching address in MED2 and MED1?



  1.  Are those changes via NETCON? Are you suggesting the NETCON configurations sent among PEs?



Thank you.

Linda

From: Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>>
Sent: Monday, July 27, 2020 6:20 PM
To: Jakob Heitz (jheitz) <jheitz=40cisco.com@dmarc.ietf.org<mailto:jheitz=40cisco.com@dmarc.ietf.org>>; Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>; Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>; Lizhenbin <lizhenbin@huawei.com<mailto:lizhenbin@huawei.com>>
Cc: idr@ietf.org<mailto:idr@ietf.org>; grow@ietf.org<mailto:grow@ietf.org> grow@ietf.org<mailto:grow@ietf.org> <grow@ietf.org<mailto:grow@ietf.org>>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: RE: The automatic policy exchange by draft-ietf-idr-rpd-05.txt can be used for draft-ietf-rtgwg-net2cloud-gap-analysis

Oops, I got the MEDs back-to-front. Thinking Local-pref.

Regards,
Jakob.

From: rtgwg <rtgwg-bounces@ietf.org<mailto:rtgwg-bounces@ietf.org>> On Behalf Of Jakob Heitz (jheitz)
Sent: Monday, July 27, 2020 3:46 PM
To: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>; Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>; Lizhenbin <lizhenbin@huawei.com<mailto:lizhenbin@huawei.com>>
Cc: idr@ietf.org<mailto:idr@ietf.org>; grow@ietf.org<mailto:grow@ietf.org> grow@ietf.org<mailto:grow@ietf.org> <grow@ietf.org<mailto:grow@ietf.org>>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: RE: The automatic policy exchange by draft-ietf-idr-rpd-05.txt can be used for draft-ietf-rtgwg-net2cloud-gap-analysis

RPD is not automation.
Automation is an application program that senses the state of the network and then
instructs various network nodes to direct traffic in different ways.
That part may be manual or have a degree of automation attached to it.
RPD or netconf is just a way to signal the intention from the app to the nodes.
If there is no application program, then the process is still manual,
even if you have RPD.

RPD might work in the simple diagram you have drawn.
However, a PE does not have just a single vCPE.
Using RPD, you would apply the same policy to every vCPE on that PE.

An alternative solution using enduring policies is to set MED based on communities.
For each CE session, the PE would set a high MED by default.
Then each CE session would set a lower MED based on a community match.
Each CE session would match a different community at the cloud side PE.
That way, the CE at the enterprise can send the community that matches its chosen
PE at the cloud end.
You could make several variations using as-prepend, origin, cost-community,
color-community paired with SR-policy.
[An Ink Drawing]
On PE1, we configure (pseudocode):
router BGP x
  neighbor CE1
    route policy out
      if community matches 65000:1001 then
         set MED 1
      else
         set MED 2
      endif
    end
  end
  neighbor CE2
    route policy out
      if community matches 65000:1002 then
         set MED 1
      else
         set MED 2
      endif
    end
  end
end

On PE2, we configure:
router BGP x
  neighbor CE1
    route policy out
      if community matches 65000:2001 then
         set MED 1
      else
         set MED 2
      endif
    end
  end
  neighbor CE2
    route policy out
      if community matches 65000:2002 then
         set MED 1
      else
         set MED 2
      endif
    end
  end
end

On PE3, we configure:
router BGP x
  neighbor CE3
    route policy out
      if community matches 65000:3003 then
         set MED 1
      else
         set MED 2
      endif
    end
  end
  neighbor CE4
    route policy out
      if community matches 65000:3004 then
         set MED 1
      else
         set MED 2
      endif
    end
  end
end

On PE4, we configure:
router BGP x
  neighbor CE3
    route policy out
      if community matches 65000:4003 then
         set MED 1
      else
         set MED 2
      endif
    end
  end
  neighbor CE4
    route policy out
      if community matches 65000:4004 then
         set MED 1
      else
         set MED 2
      endif
    end
  end
end

Now, CE10 has full control over which CE it chooses at which site.
It can choose a different PE as bestpath for each CE for each route
and for each site.

Much more flexibility than the RPD draft.

It requires no coordination between route distribution and
ephemeral policy distribution.

Much more simplicity than the RPD draft.

You might argue that with ephemeral policy distribution, you can make
a wholesale change by changing just one policy and not re-advertising
all the routes. However, remember that if you make a policy change,
all the routes need to be readvertised anyway.

Regards,
Jakob.

From: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>
Sent: Sunday, July 26, 2020 2:54 PM
To: Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>; Lizhenbin <lizhenbin@huawei.com<mailto:lizhenbin@huawei.com>>
Cc: Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>>; idr@ietf.org<mailto:idr@ietf.org>; grow@ietf.org<mailto:grow@ietf.org> grow@ietf.org<mailto:grow@ietf.org> <grow@ietf.org<mailto:grow@ietf.org>>; rtgwg@ietf.org<mailto:rtgwg@ietf.org>
Subject: The automatic policy exchange by draft-ietf-idr-rpd-05.txt can be used for draft-ietf-rtgwg-net2cloud-gap-analysis

Robert, Jakob, etc.

Thank you very much for detailed explanation of the issues.
One of the points you all raised is that p2p policies should be administrated by controller via NETCONF.

https://datatracker.ietf.org/doc/draft-ietf-rtgwg-net2cloud-gap-analysis/<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-rtgwg-net2cloud-gap-analysis%2F&data=02%7C01%7Clinda.dunbar%40futurewei.com%7C89333027acd2498c1fd008d833fff82d%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637316521774594105&sdata=INEOt%2F%2FstDbv7ooETdlbS6i%2FgKQnoUbrqH7ymSrNJ4E%3D&reserved=0> describes a scenario of one vCPE in cloud DC reachable by multiple PEs. Depending on the nature of the applications or/and network conditions, some applications may need to egress or ingress from PE1, others may need to egress or ingress from PE2.

Today’s Cloud DC configuration can use the AS Path metric to influence the preferred path to/from a specific PEs. But requires manual configuration.
After reading through the draft-ietf-idr-rpd-05, I think the automatic approach can make the change on demand. The policy change can be ephemeral.


Therefore, if one side doesn’t implement the feature, the “spray” doesn’t have any impact. The traffic egress or ingress to the peer network would just go with the configuration. If the “spray” is answered, then the performance can be improved.



[cid:image002.jpg@01D66659.819841D0]



If not using the automatic method proposed by draft-ietf-idr-rpd, do you have other suggestions?

Thank you very much.

Linda Dunbar
From: Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>
Sent: Friday, July 24, 2020 2:50 PM
To: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>; Lizhenbin <lizhenbin@huawei.com<mailto:lizhenbin@huawei.com>>
Cc: Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>>; idr@ietf.org<mailto:idr@ietf.org>; grow@ietf.org<mailto:grow@ietf.org> grow@ietf.org<mailto:grow@ietf.org> <grow@ietf.org<mailto:grow@ietf.org>>
Subject: Re: [Idr] WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)

Linda,

It seems that authors of this document are strongly pushing to pass the last call irrespective of observations made by WG.

As said before and as reiterated by Jakob and Ketan BGP is not the right tool for p2p config push. We must stop adding such extensions to BGP like this one or BGP-LS or SR Policies if we really want to keep routing at some proper stability levels.

But even if you would convince everyone in IDR that this is all great the draft itself is so immature that I can't imagine why are we discussing last call at this time.

* Please observe that BGP state is ephemeral. When BGP sessions resets all state previously distributed is gone (modulo GR ...) Is the expectation here that state distributed by this new SAFI will persists ? If so for how long ? If not have you even considered the initial churn ?

* We have hooks to make sure LDP and IGP play in concert with BGP reachability. Would we need to now add to also wait for BGP policy to be received from controllers ?

* We have spent fair amount of time to make sure GR works well. Do you expect to now GR to recognize all policy parameters and sync deltas locally upon BGP sessions restarts ?

* Do you expect BGP implementations to now get busy with understanding all BGP policies syntax and semantics not in current terms how they are send or received in BGP UPDATEs but how they are applied implementation by implementation ...

* What happens when some implementation does not allow some policy defined in the draft ... for example flexible AS_PATH creation as defined in AS-Path Change sub-TLV ? Note that this section alone is catastrophic for BGP protocol to allow insertion of more then your own ASN into AS-PATH. Just looking at this alone should be enough to reject this draft.

And there are many many more real issues with this proposal  ....

See when document has low adoption bar it does not mean that it will also have the same low bar to progress it :)

Kind regards,
R.

PS. Let me cc GROW WG here as I think more operational review and comments would be highly valuable at this point.



On Fri, Jul 24, 2020 at 6:28 PM Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>> wrote:
Jakob,

Comparing Netconf with BGP  is not apple to apple comparison.
I remember a few years ago that  Netconf advocators have claimed that Netconf can replace PCE, replace BGP, replace xx, …

After many years debate,  many of the Netconf  limitations have been acknowledged,  that is why PCE still exists, so does BGP.

Other comments are inserted below:

From: Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>>
Sent: Thursday, July 23, 2020 5:37 PM
To: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>; idr@ietf.org<mailto:idr@ietf.org>
Subject: RE: WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)

Netconf provides needed features that BGP does not have:
- Atomic Transactions:
  If one configuration item fails, they all fail.
  They all either succeed or all fail. There is no partial success.
  Multiple configurations in one transaction are applied at the same time.
   . This avoids non-deterministic transient behavior between application of the first policy and the last.
[Linda] Just like Routes Advertisement, receivers can improperly install the routes into their RIB/FIB.  BGP has been running for over 3 decades. Those who don’t implement correctly eventually fix their bugs.
 If the Policies sent to peers are not enforced  as the RPD is asking for,  traffic might be sent to non-preferred links, just like a BGP receiver incorrectly processes the BGP route updates.

- Feedback:
  BGP is "spray and pray".
  Netconf provides an acknowledgement that the config either failed or was applied,
  which then allows the controller to take the next steps with
  reliable information about what configuration exists in the network.

[Linda]  BGP UPDATE is over reliable TCP transport and BGP protocol itself can guarantee the proper distribution of the UDPATE. Therefore, its “spray and pray” nature has its advantage of optimized processing. BGP  Route Update doesn’t expect confirmation from  the receivers.

- Persistence:
  If the BGP session were to go down, all the configuration it sent will be implicitly withdrawn.

If another AS would not allow a foreign AS to configure it with netconf,
it would not allow it with RPD either.
[Linda] That is very true. The originator can only “Pray” as BGP is intended for.

There are already ways in BGP for an AS to signal preference across AS boundaries:
Med, AS-path length, communities.

[Linda] All those methods you have mentioned require heavy duty configurations, which is difficult to change on the fly. The proposed method is a flexible method which allows policies to be changed on the fly (depending on real time traffic conditions).


Ketan and Robert added other objections.
[Linda] I have been studying their reasons for the objections.

Thank you very much for the explanation.

Linda Dunbar


Regards,
Jakob.

From: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>
Sent: Thursday, July 23, 2020 3:24 PM
To: Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>>; idr@ietf.org<mailto:idr@ietf.org>
Subject: RE: WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)

Jakob,

Can you elaborate those automation configuration methods that are much better and less error prone than the proposed one?
It will take a long time to dig through so many IDR emails to find them.

Thank you very much,
Linda Dunbar

From: Jakob Heitz (jheitz) <jheitz@cisco.com<mailto:jheitz@cisco.com>>
Sent: Thursday, July 23, 2020 5:20 PM
To: Linda Dunbar <linda.dunbar@futurewei.com<mailto:linda.dunbar@futurewei.com>>; idr@ietf.org<mailto:idr@ietf.org>
Subject: RE: WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)

Of course it's better than manual configuration.
That's not much of an argument, because there are plenty of
automatic configuration methods that are much better and
less error prone than this draft as I and others have pointed
out in previous emails.

Regards,
Jakob.

From: Idr <idr-bounces@ietf.org<mailto:idr-bounces@ietf.org>> On Behalf Of Linda Dunbar
Sent: Thursday, July 23, 2020 2:57 PM
To: idr@ietf.org<mailto:idr@ietf.org>
Subject: Re: [Idr] WG LC on draft-ietf-idr-rpd-05.txt (7/15 to 7/29/2020)

I support the WGLC for the draft. I think the proposed distribution of policy can scale much better and less error prone than any manual configuration.
_______________________________________________
Idr mailing list
Idr@ietf.org<mailto:Idr@ietf.org>
https://www.ietf.org/mailman/listinfo/idr<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fidr&data=02%7C01%7Clinda.dunbar%40futurewei.com%7C89333027acd2498c1fd008d833fff82d%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637316521774604060&sdata=kEZ3AlyS8OBJWOJdxqgk3fcid9oCJmjGOgtCRv9jmvw%3D&reserved=0>

v2.23.0 | Report a Bug | By Email