Re: [Sidrops] Robert Wilton's No Objection on draft-ietf-sidrops-rpkimaxlen-15: (with COMMENT)
Ben Maddison <benm@workonline.africa> Tue, 16 August 2022 16:30 UTC
Return-Path: <benm@workonline.africa>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9000BC1522A6; Tue, 16 Aug 2022 09:30:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=workonline.africa
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R5igIIf7l7Dr; Tue, 16 Aug 2022 09:30:12 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-eopbgr130085.outbound.protection.outlook.com [40.107.13.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2ED28C14F741; Tue, 16 Aug 2022 09:30:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oUXc7nFOe10YHGGNzkO1fEwcECgW9viKTDm7KfhQ/GpVmOgPsbarbjmnNwjfsFVg4iXoimhELgDPUhrty84UnvK/AgqnIazG1Qr42psN0tR1611kdJvl5mWJyT7I02XuSG1GohKpSmb/RWW3hIo0NSJyoTnWmYDPzKMEUJQsfXYJPRa+xlVl1VmzNIw4XvboQh39BYJD27hQl0I82na+aAeUpxSgqSZ6VubwyQ+9Ix+rD8OqSj23GZaPhyVQzObRb/UYIIRKTgaisVHumulqZXBoZfi78rR79XIjMauwlZtw1Er/wGjcCmVYxFVYcp4YN5amLYZ4mV/+N+hs7plxGg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2eiF75W49NzS6/sQZdgt5FBYIfDHnNmj7GohVILawhc=; b=Fq54GFAorjzb6rhi3a1naGmb8ghyXvx2zZ9yqo/SYovS0m5xHnbN+JLayFV1GvJrdj8FNl8NkMPcMtlxm4g5doQTlkzRARUB+wW5pNN/U3L21IJ3KK2dRiZR0Dg20qdg8ac1VLrbxpimFPBru39iWlt3I4bSbt1p0U+tL35yD/TmTqsTaajCz5Abmpu7BiO4OD3Z/tk8YuH35t/cCqnDCY0ceBd9bK+yw41gzlcS7C5LaWswWgSMUnNFAapXPJsFBF2svSfaQY/MkgmDv+Pc8FOooFf1A0Rqs4+BazfaBoiXZGQxjUPA2/3JIoNwTLjRBY7hLoMbqf26DtDXvPjBEQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=workonline.africa; dmarc=pass action=none header.from=workonline.africa; dkim=pass header.d=workonline.africa; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=workonline.africa; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2eiF75W49NzS6/sQZdgt5FBYIfDHnNmj7GohVILawhc=; b=pFo/FByK9nsl51JsaDUaYjKkTgaaY55OQml6GC0kiSAQdnG2JBPoPJD6ILYoeoUuXjLfj1nSRonstm3J1skfsuLWd3oG7FlTNu/d839SnZNXvyg3exW9QGQnBy3z0fZRBXZD8A1VFVslk8xKouO8ep6ZzeBzOFeIYykP02xRBLg=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=workonline.africa;
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13) by AS1P190MB1774.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:4a8::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.28; Tue, 16 Aug 2022 16:30:01 +0000
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::24e3:a696:db62:47e8]) by AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::24e3:a696:db62:47e8%9]) with mapi id 15.20.5504.028; Tue, 16 Aug 2022 16:30:01 +0000
Date: Tue, 16 Aug 2022 18:29:52 +0200
From: Ben Maddison <benm@workonline.africa>
To: Robert Wilton <rwilton@cisco.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-sidrops-rpkimaxlen@ietf.org, sidrops-chairs@ietf.org, sidrops@ietf.org, morrowc@ops-netman.net
Message-ID: <20220816162952.tsf74niudbdw7kbo@benm-laptop>
References: <166057499835.4940.16221131130819181598@ietfa.amsl.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="34d4pho2mgibv7ws"
Content-Disposition: inline
In-Reply-To: <166057499835.4940.16221131130819181598@ietfa.amsl.com>
X-ClientProxiedBy: CT2P275CA0039.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:a::27) To AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 628a3854-6a10-40b9-8f79-08da7fa490c1
X-MS-TrafficTypeDiagnostic: AS1P190MB1774:EE_
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 53pu6mTO6fpVembpEiHngshxjrts4ch20ZzxAVazZcnJ/oGxJMWr+RvB3V3KreyuL+LzOfkiqRDNLZV4gE7NIOYGeUix43dKl3IBvL779icMpcQzsfVwOdPZ842j7nTLOO3NRt2hkNCvYNjunKmhDAF3K+k0iiJjM884N4U2JpyhAbECe0f9wVw/6W1mqEshFGpKT8WAqRbzQQLzoqYmPlU/SjZ1CCCyHjgUtHFdH7Pw6klnHOHL9/6iuUuSIro+e2cokogqRA9tNI/cIOQaLg11BBdMxqHZBLEMALkLCTeckAkDi1C52ZiNCpU1OGBJtVxDW0YNzy4Y7fwz801tcUyddo2dX+No7EUgTB7UrRGOw/1aynJyV66TQDZgI1Ex+hHa8e17EsHQWZwazGqC6pRJULvlud3F7BkmorrYQR/3uX1kwGyVz4UNxS3XPZ99M51kC03DRKgugqZAg9F4Bivz7bNvxMmYE9j0pdVfOJukGqnbeB4yABHn6mSLkyZD26JOdHZppMHd+WdUY5FVIVjlce+vQR9f315TwTCiQZSpXz/8d7P3jyWTZzoPJ8ZC/V0wNl61A1yZS/zmLgvRs0cIMXBQu/oFVLmJgQCpegFkTsLBlENOQRCTUMhcyz5BThZGS3sVJfmaAlFrLv9FxV8wQn5GhYY63acNipt/2QoQaUdELI1SZTEl97+4iskGukDF7/P4M9As2P2waqOIlF1Fz3sRvBF6R6+DPnyl0hNNkLE/hIj09HSMOp+zsY5EPEyOEgJlWweaTyjwDtvgIj64uGRbTETirwlhO3uHeRHPbdRBkqt3Bmw13hS8GoOvGLCrgkvqbPrBnjQj/eVaVuDm/Cy+OoijKVgMWd4DdYw=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS8P190MB1078.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(7916004)(396003)(376002)(39840400004)(366004)(136003)(346002)(316002)(6916009)(33716001)(8676002)(4326008)(8936002)(5660300002)(86362001)(66556008)(9686003)(6512007)(26005)(44144004)(52116002)(6506007)(66946007)(66476007)(66574015)(21480400003)(186003)(1076003)(38100700002)(38350700002)(6666004)(6486002)(41300700001)(478600001)(2906002)(46492015)(2700100001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: QkrNMszUKNWDXSKP9t0jptkyzq4TaS7H/thFStVnlDAwxcOtJfVCrHCEsL9Jg7H5EomhA1ooNhcR9xeJdDoZ6Hljw8Q/Hvm+ZgzIZKxvZzxUzODONPpYqvT33cXn2RuZL8iEyaFuPl6CMCC5sidOA4BIXHkX6HhfI0ZFVbrtAbYDgA1/64T5ff5kS3cLjDGlEhkpPhYLDxb6iUuQMjcuSa6M5ES7r2IOtK1XaWPHCzk0RUHSxvKSXEsMXvnHD06+MDZLSfnAE9+s4DqJ2YqqFR2Jp5bCrwJh2aoZdpIYeQnl6NhCUMcM7mUMt0kpkmnvYpCcF8RinfR+4VGuFvr9GFYGvp0FD4WCAa1s+VHfqYqfq7fsXuOi7L0Ej8t3+nYDTAplb+o1x2Mq2bBhLr7L0BoVKmT5tAo6Cj0r8CwV503tkM+VXKJAOlA8n20+8On90NUFOYhQXXMLtfqlxgWks7blb0j/LAYqpC1zfbUSM1t7Ing9p4gKkkiHGa1I4nUR7hNOMJIBWGEGMOLsavb8WYY2rz25+Yn/dBklpf/uUjg5E2cFAu1ugjuPRVkoAqbWowCNxGitap3XycbeVnNQEPgfk6uVbucEpjMA7GEXZhuGXdzCNytkkuErsmIW4tVjlmEEfhHltwoUZrMSFPGNMXm3vaBUSXKKoYp3I1s3odwd3PAuG26Y5V6NV1atv4cUHkxE9tsO9lVtzbE5J3FMjF72nFvmtaJL0kWqNY9NycS4OBW8VbxGbVjdpLS+tTKLK248nxVs3Aze03lYj6oJIs+cqUcMHsnVLENg/1hGh0wMGFUgrHGHVfrq5foDSzLCsjBsWAfqHUUZX/LdbbeCNiA+FdnABCcAXTW8RYHKkBIsqNCc6Bb7GC4+YtKEfa0sYCyW7KvRtB4ObCNTErW6JmjrTjvKFW6INr42jK255AV74Ju4mEeSPfw3dNCfutdpLaI51HLvUTpGitTuIH8z3D/g00eqPyMhs+Gkhi8+KiWneDN07Wc9taVWL51y2q6K6061sSuHKewbdmw2KJhzsC9/SmKka/Rb3e5Ksxmh0Kd+JEPNBm+m7yMuFD1nrnccWdgucCpVxwknFdDdpQaED4Kr9SKIa0q4B66MFLGDVSfF8/lsr1LhcM+c7JGcIfdEPg738AxUGs4qxsYExC5efVJufL0XSlE9oMu+h5KFSQreVDT7B1UKQVhWJ7tpP6h3aZzN2zS3iUXmj1rL7OEMeAJUSrDyf4LeGATGwzrfg624XQGVhrg9fwtryHFTPEP4zXlchjhjGyIackfuLseHZz1ZQT+AoGx3beE7yb0lgdLtrRrINItOjh4eGPbQfOicCL0tTzkEK2up8NGA+hz5aOfiVZJKR4+fClG6ZNzPZFWli5OKacbcCLsO7CxYlikPWYC+wH1B5u59M6ZCJYJtU7jbTox0QOD8i/yEfK6IhnvCbzmD3vpgX2QJVuz8a5dti2ouM30xAQlDDSetHp9swJIHh1fFO/WGbNdrKnbHrKU/mvLTwgcIQKnbzmZX+5UCCev9en+QLHshWvEEoWDZ3i2zmZ1PH/9Ov3wsaNsEIU8TixrmBMO7q31Asb3k25hG
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: 628a3854-6a10-40b9-8f79-08da7fa490c1
X-MS-Exchange-CrossTenant-AuthSource: AS8P190MB1078.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Aug 2022 16:30:00.9606 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: Mb49IHqlMqSeCbSOEwnytbCGADbbldfS3o6+PNl0gFKHDjklFNTe7DefvhrRLWOwQFi27De/5p6Z/l5KCuuj8w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS1P190MB1774
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/AykVquw3cBac-Dl6Hnu6YLuPSyE>
Subject: Re: [Sidrops] Robert Wilton's No Objection on draft-ietf-sidrops-rpkimaxlen-15: (with COMMENT)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Aug 2022 16:30:17 -0000
Hi Robert, Thanks for making the time to review. Some thoughts below... On 08/15, Robert Wilton via Datatracker wrote: > I considered balloting this as a discuss (for a discussion), but this is > outside my area of knowledge expertise. > > Although the document indicates that the number of published ROAs should remain > the same, since each ROA can list multiple prefixes, was any consideration to > the potential increase in VRPs (if that is the right term) that this change > will cause and whether this may negatively affect routers that are consuming > the ROAs/VRPs? I don't recall this coming up in the wider WG, but it was discussed initially between the authors. The consensus from that conversation was that, whilst your observation is quite correct, the ability of the "global" VRP set to scale to DFZ-like size is necessary for ROV to be successful in the long term, and that this scaling requirement ought not to be met by sacrificing the effectiveness of its protections. I am not aware of any implementors having indicated that the recommendations in the draft would pose a scale challenge if fully implemented. If a scaling problem presents in future, my best guess is that it comes at the router-policy-evaluation layer (since bandwidth and cycles at the RP are ~cheap). All the "serious" BGP implementations that I am familiar with have solved the problem of efficiently applying large prefix-list policies - of which ROV-policy is really just a variant. All said: I am pretty sanguine about this! Let me know if you think any of this needs to be in the draft itself? It feels more like a topic for a different document to me. > Am I right in assuming that the number of valid ROAs that can be announced > should effectively be bound by the number of BGP prefixes advertised for an AS > and hence this shouldn't be a problem? That's true, but since de-aggregation continues a-pace, it's not a very firm bound; it's not what I am betting on to allow us to scale. > But other that the question above, I found this document to be very easy and > pleasant to read. Thanks, much appreciated. Cheers, Ben
- [Sidrops] Robert Wilton's No Objection on draft-i… Robert Wilton via Datatracker
- Re: [Sidrops] Robert Wilton's No Objection on dra… Ben Maddison
- Re: [Sidrops] Robert Wilton's No Objection on dra… Rob Wilton (rwilton)
- Re: [Sidrops] Robert Wilton's No Objection on dra… Ben Maddison