IETF Logo Mail Archive

[Sidrops] draft-ymbk-sidrops-ov-signal-02

John Scudder <jgs@juniper.net> Tue, 23 July 2019 20:48 UTC

Return-Path: <jgs@juniper.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 480C212098D for <sidrops@ietfa.amsl.com>; Tue, 23 Jul 2019 13:48:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id URuHAYjkWyCz for <sidrops@ietfa.amsl.com>; Tue, 23 Jul 2019 13:48:04 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DD42120986 for <sidrops@ietf.org>; Tue, 23 Jul 2019 13:48:04 -0700 (PDT)
Received: from pps.filterd (m0108162.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x6NKipV3006042 for <sidrops@ietf.org>; Tue, 23 Jul 2019 13:48:03 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=hqF7pulenUuBqpXAuTrwOB2X4Srb+Ap46Zj6RS8EiiU=; b=JSvvuhoNL/tAytPd3z952UitThtvllu0Ud97cxZpeNzKIhty4iuOYxkWk4oUHo4Lgh7U XdQWZAPndbJE4nEEzrxG7E+nL6qSJCcT4GVLWwrWqsn6VFKZoa52gfi3In6Tw0Wq0638 3Fiehr3O0GmL/0EoIfLPAmkUZxsHIngIGdBIIX+wkQEQy8zFSDi/jVjSYO0lf5LBBHR0 NBLS2OQu6NRTeisKA/DTEasMxwmEOqXFX9ofwb8qH0MOVfIvtBUakih5gdUT4alqLXra n/v8hDpZ9xVR7O60pQROYsGEGLf2WeShywZpuuiKrt5Qjz246VH0FQE3Bh6BycdToKda LQ==
Received: from nam03-dm3-obe.outbound.protection.outlook.com (mail-dm3nam03lp2055.outbound.protection.outlook.com [104.47.41.55]) by mx0b-00273201.pphosted.com with ESMTP id 2tx61k0dc3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <sidrops@ietf.org>; Tue, 23 Jul 2019 13:48:03 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fSd+Xj19UH4o25DcVepWKU8JhtUF+e9fnS136MFMyNQQBPS3VOWK5BcviG6U0UrxpT4i37QMzfXaEgDG/LTiwzIavyRtoChlH2f285vMpAk6XQ9+2YKgrnn6EYIWnSYA9HGoaEwPgrUOO4oYHLoZXH4YuAMqkkzxtlz2JsdA8/lTp3cXeSF69XKNGo97+s69Z4beBcKiInguztRmSZg0iRv5anvBlmQDLnqrYs1goNpslrHzQiDMj4lPYMCFkfjZg5eMVVMxooGQV4x+vdignHR6co3466p3k1cj0SGY2+t2EZiaff9WX1rJ7S7edVEcs1bVGopJx8tlpR/sN+O5dA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hqF7pulenUuBqpXAuTrwOB2X4Srb+Ap46Zj6RS8EiiU=; b=k0Z4qcomngCq1AC8qbIJWiHH+xQfu2JclBFtUxneLVk4UBLsevzGAffMI0wek3YhGf0nlv8np/vYeZUHxD0nuEcqT4Fnh9OOOW3H7ED4rCd66JnhuAH6+AJvrob2ttUIJ5FRz4ESiN5QIx32f+Sh6moHpHCFjMyEldK3Q98QG30f4N1ujF5Kz/J9MQkHuXuNBYG88s8AjxLFdi7sA88Quc3dh21w6q5G9dMr/anZrWEOsJHYZHnE5Hs8fnQ1zd2hFtL5F0PYKGJwmaLcH9TKJSMFy6CHeIfwrZ+K2vhnAe6kY+d+SxPtS/xXUIoM0O9wom0eubZs/9b0WvgI4eZhPw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=juniper.net;dmarc=pass action=none header.from=juniper.net;dkim=pass header.d=juniper.net;arc=none
Received: from DM6PR05MB4714.namprd05.prod.outlook.com (20.176.110.82) by DM6PR05MB5737.namprd05.prod.outlook.com (20.178.24.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2115.10; Tue, 23 Jul 2019 20:48:01 +0000
Received: from DM6PR05MB4714.namprd05.prod.outlook.com ([fe80::64b6:144d:5560:9148]) by DM6PR05MB4714.namprd05.prod.outlook.com ([fe80::64b6:144d:5560:9148%5]) with mapi id 15.20.2115.005; Tue, 23 Jul 2019 20:48:01 +0000
From: John Scudder <jgs@juniper.net>
To: "sidrops@ietf.org" <sidrops@ietf.org>
Thread-Topic: draft-ymbk-sidrops-ov-signal-02
Thread-Index: AQHVQZfqdZEC8Ka1Vk6EHyhMX0ZkLw==
Date: Tue, 23 Jul 2019 20:48:01 +0000
Message-ID: <77600356-557E-43F6-82AB-5AFFB830B984@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [66.129.241.10]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f4fe7e6d-0b18-4989-9529-08d70faf0d46
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:DM6PR05MB5737;
x-ms-traffictypediagnostic: DM6PR05MB5737:
x-microsoft-antispam-prvs: <DM6PR05MB573708FA6A2365C3C2974138AAC70@DM6PR05MB5737.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0107098B6C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(4636009)(346002)(136003)(396003)(366004)(39860400002)(376002)(199004)(189003)(33656002)(76116006)(64756008)(14444005)(91956017)(256004)(66556008)(99286004)(71190400001)(561944003)(66476007)(6116002)(316002)(1730700003)(2351001)(486006)(2906002)(66946007)(66446008)(3846002)(71200400001)(6486002)(81166006)(81156014)(8936002)(6506007)(186003)(478600001)(7736002)(6512007)(26005)(5660300002)(36756003)(2616005)(305945005)(25786009)(66066001)(8676002)(2501003)(476003)(53936002)(68736007)(6916009)(6436002)(86362001)(102836004)(5640700003)(14454004)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR05MB5737; H:DM6PR05MB4714.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: dEdMrhetwQzKKf/4pYLmUMS5NAcLp6E00QhAx2SJVCZaIPKH97ivPxq0zQth0ekSxnlu6rLLpyPoXImiIWHdvv5Anm6uyl6quiPcBscB8yjgw1bABY1PrdzeTqYZ1ypauDQfalSsS/wuBtCpebpnhn8cjaTQraGD9g5ieX0y0cFgouiBFA3zMkhx5awZ3qA+OOAkKHrxjxUnxVLfHUYAn+ESKCfiT6Bw+Vc656nIBf2ICiGb9dinvsHQJ9oSFT3yUx2+fMVtp4EHN8PkSQWA91QAHe4zyz5HNlmKh/1s1vjS/hEXUqWCF6AcQGNGXOVZKOuAZIRYj4vmyXsdrMVQ9KYCA+/ZVnoXSLFui86KRKsi1bK4apGhb8asiqpd6rgOn5ZlL9DhfoqiDgCZx0oxg0Ecbhd9nbplK3liv4NoeC4=
Content-Type: text/plain; charset="utf-8"
Content-ID: <B7F7EC768E197E429B86D772C40CB9F6@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: f4fe7e6d-0b18-4989-9529-08d70faf0d46
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jul 2019 20:48:01.1358 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: jgs@juniper.net
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB5737
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-07-23_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=2 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=2 clxscore=1015 lowpriorityscore=0 mlxscore=2 impostorscore=0 mlxlogscore=164 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1906280000 definitions=main-1907230209
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/3viYGlC2lBrZwwhhh2zYv1J8WWk>
Subject: [Sidrops] draft-ymbk-sidrops-ov-signal-02
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jul 2019 20:48:16 -0000

Things I would have said at the mic had time allowed:

1. For what it’s worth, RFC 4271 section 9.1 says you aren’t allowed to have this feature:

   The function that calculates the degree of preference for a given
   route SHALL NOT use any of the following as its inputs: the existence
   of other routes, the non-existence of other routes, or the path
   attributes of other routes.  Route selection then consists of the
   individual application of the degree of preference function to each
   feasible route, followed by the choice of the one with the highest
   degree of preference.

As I understand section 5 of the draft (as informed by Randy’s description), it is exactly mandating that we use the path attributes of other routes for the computation of the degree of preference.

2. Assuming we overcome that problem, there appears to be a stability and/or freshness issue:

- RR client C advertises route A to RR
- RR checks A, decides it is invalid 
- RR advertises A, marked invalid, back to C. Call this A’. 
- C obeys section 5 and withdraws A from everyone (including RR)
- Following the normal operation of BGP, RR withdraws A' from everyone (including C)
- Now A’ is not in C’s Adj-RIB-In, but A is. I believe what Keyur said on the mic was that C is supposed to have persistently marked A as invalid in the earlier step, patching the obvious stability problem.
- Now suppose the content of the RPKI changes such that A is now valid.
… how does A ever find this out and un-suppress A? As far as I can tell, the answer is, “it doesn’t”. RR never sees a re-announcement of A, so it can’t re-validate and announce it to be valid. So it’s just wedged.

3. Finally, someone commented at the mic that the work to turn validation on at C is less than the work to debug, implement, and deploy this proposal. I agree.

Given the above, I’m not in favor of adoption (though I’m always willing to be convinced).

Thanks,

—John

v2.23.0 | Report a Bug | By Email